open-consul/.changelog
John Cowen 599e8a05d3
ui: Ensure we check intention service prefix permissions for per service (#11409)
Port of: Ensure we check intention service prefix permissions for per service (#11270)

Previously, when showing some action buttons for 'per service intentions' we used a global 'can I do something with any intention' permission to decide whether to show a certain button or not. If a user has a token that does not have 'global' intention permissions, but does have intention permissions on one or more specific services (for example via service / service_prefix), this meant that we did not show them certain buttons required to create/edit the intentions for this specific service.

This PR adds that extra permissions check so we now check the intentions permissions per service instead of using the 'global' "can I edit intentions" question/request.

**Notes:**

- If a HTML button is `disabled` this means tippy.js doesn't adopt the
popover properly and subsequently hide it from the user, so aswell as
just disabling the button so you can't active the popover, we also don't
even put the popover on the page
- If `ability.item` or `ability.item.Resources` are empty then assume no access

**We don't try to disable service > right hand side intention actions here**

Whether you can create intentions for a service depends on the
_destination_ of the intention you would like to create. For the
topology view going from the LHS to the center, this is straightforwards
as we only need to know the permissions for the central service, as when
you are going from the LHS to the center, the center is the
_destination_.

When going from the center to the RHS the _destination[s]_ are on the
RHS. This means we need to know the permissions for potentially 1000s of
services all in one go in order to know when to show a button or not.

We can't realistically discover the permissions for service > RHS
services as we'd have either make a HTTP request per right hand service,
or potentially make an incredibly large POST request for all the
potentially 1000s of services on the right hand side (more preferable to
1000s of HTTP requests).

Therefore for the moment at least we keep the old functionality (thin client)
for the middle to RHS here. If you do go to click on the button and you
don't have permissions to update the intention you will still not be
able to update it, only you won't know this until you click the button
(at which point you'll get a UI visible 403 error)

Note: We reversed the conditional here between 1.10 and 1.11

So this make 100% sense that the port is different here to 1.11
2021-11-04 12:10:28 +00:00
..
7628.txt
7899.txt
7970.txt
8158.txt
8190.txt
8194.txt
8211.txt
8216.txt
8218.txt
8221.txt fix 1.9.0-beta1 changelog formatting (#8941) 2020-10-14 09:35:59 -05:00
8222.txt
8268.txt
8311.txt
8343.txt
8371.txt
8431.txt make h2ping changelog entry conform with changelog template (#10111) 2021-04-29 14:48:16 -04:00
8458.txt Add http2 and grpc support to ingress gateways (#8458) 2020-08-27 15:34:08 -06:00
8470.txt update changelog snippet 2020-08-12 11:21:54 -05:00
8522.txt add primary keys to list keyring (#8522) 2020-08-18 09:50:24 +02:00
8537.txt Retroactively add changelog for PR 8537 2020-08-27 11:53:49 -04:00
8545.txt agent: expose the list of supported envoy versions on /v1/agent/self (#8545) 2020-08-26 10:04:11 -05:00
8547.txt agent: ensure that we normalize bootstrapped config entries (#8547) 2020-08-27 11:37:25 -05:00
8552.txt Added changelog for #8552 2020-08-28 23:01:04 +02:00
8560.txt Update vault CA for latest api client 2020-09-15 13:33:55 -07:00
8564.txt changelog: fixup release-note formatting (#9966) 2021-04-02 14:59:47 -05:00
8569.txt xds: use envoy's rbac filter to handle intentions entirely within envoy (#8569) 2020-08-27 12:20:58 -05:00
8575.txt Add helpers to the API client to help with getting information from `AgentMember` tags (#8575) 2020-08-27 11:00:48 -04:00
8585.txt Create 8585.txt 2020-09-14 14:16:47 -06:00
8588.txt add entry for 8588 (#8650) 2020-09-10 18:53:36 +02:00
8596.txt connect: all config entries pick up a meta field (#8596) 2020-09-02 14:10:25 -05:00
8599.txt AutopilotServerHealth now handles the 429 status code (#8599) 2021-03-12 09:40:49 -05:00
8601.txt connect: fix bug in preventing some namespaced config entry modifications (#8601) 2020-09-02 10:47:19 -05:00
8602.txt api: create fresh http client for unix sockets (#8602) 2020-09-06 12:27:39 -04:00
8603.txt Changelog entry for usage metrics 2020-09-02 10:48:11 -05:00
8606.txt Add support for -ca-path option in the connect envoy command (#8606) 2020-09-08 12:16:16 +02:00
8646.txt Create 8646.txt 2020-09-15 10:05:23 -07:00
8685.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
8694.txt changelog: add entries for ui_config and service metrics config (#8919) 2020-10-09 17:31:00 -04:00
8696.txt agent/consuk: Rename RPCRate -> RPCRateLimit 2021-01-14 17:26:00 -05:00
8703.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
8704.txt use service datacenter for dns name (#8704) 2020-09-22 20:34:09 +02:00
8726.txt Add changelog file 2020-09-25 12:03:49 -04:00
8731.txt Consul Service meta wrongly computes and exposes non_voter meta (#8731) 2020-10-09 17:18:24 -04:00
8741.txt agent: make the json/hcl decoding of ConnectProxyConfig fully work with CamelCase and snake_case (#8741) 2020-09-24 13:58:52 -05:00
8745.txt server: make sure that the various replication loggers use consistent logging (#8745) 2020-09-24 15:49:38 -05:00
8746.txt agent: enable enable_central_service_config by default (#8746) 2020-10-01 09:19:14 -05:00
8747.txt agent: when enable_central_service_config is enabled ensure agent reload doesn't revert check state to critical (#8747) 2020-09-24 16:24:04 -05:00
8764.txt api: support GetMeta() and GetNamespace() on all config entry kinds (#8764) 2020-09-29 09:11:57 -05:00
8771.txt Add changelog entry 2020-10-20 16:42:06 -04:00
8774.txt Merge pull request #9027 from hashicorp/release/1.8.5 2020-10-26 10:59:48 -04:00
8781.txt Add per-agent reconnect timeouts (#8781) 2020-10-08 15:02:19 -04:00
8784.txt Add changelog note 2020-10-09 08:01:55 -07:00
8786.txt server: ensure that we also shutdown network segment serf instances on server shutdown (#8786) 2020-09-30 16:23:43 -05:00
8787.txt Enhance the output of consul snapshot inspect (#8787) 2020-10-09 14:57:29 -05:00
8788.txt changelog: add entries for UI topology viz (#8918) 2020-10-09 17:29:14 -04:00
8812.txt add changelog 2021-05-18 15:04:12 -04:00
8822.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
8834.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
8839.txt add missing changelog entry for #8839 2020-10-07 10:22:40 -05:00
8846.txt changelog: add entries for UI topology viz (#8918) 2020-10-09 17:29:14 -04:00
8855.txt command: remove conditional envoy bootstrap generation for versions <=1.10.0 since those are not supported (#8855) 2020-10-07 10:53:23 -05:00
8858.txt changelog: add entries for UI topology viz (#8918) 2020-10-09 17:29:14 -04:00
8875.txt agent: allow the /v1/connect/intentions/match endpoint to use the agent cache (#8875) 2020-10-08 14:51:53 -05:00
8877.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
8924.txt Fix: service LocallyRegisteredAsSidecar property is not persisted 2020-10-13 19:38:58 +02:00
9002.txt changelog: add entries for 1.9.0-beta2 (#9129) 2020-11-06 17:18:47 -05:00
9006.txt cli: Add JSON and Pretty Print formatting for `consul snapshot inspect` (#9006) 2020-10-29 11:31:14 -05:00
9007.txt server: break up Intention.Apply monolithic method (#9007) 2020-11-13 09:15:39 -06:00
9008.txt changelog: add entries for 1.9.0-beta2 (#9129) 2020-11-06 17:18:47 -05:00
9009.txt changelog: add entry for fixing active CA root unset (#9323) 2020-12-03 13:45:07 -05:00
9024.txt Merge pull request #9027 from hashicorp/release/1.8.5 2020-10-26 10:59:48 -04:00
9036.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
9042.txt Changelog 2021-04-06 17:12:10 +08:00
9059.txt changelog: add entries for 1.9.0-beta2 (#9129) 2020-11-06 17:18:47 -05:00
9067.txt Fixed failing tests 2020-12-30 14:09:50 -06:00
9081.txt changelog: add entries for 1.9.0-beta2 (#9129) 2020-11-06 17:18:47 -05:00
9088.txt changelog: add entries for 1.9.0-beta2 (#9129) 2020-11-06 17:18:47 -05:00
9098.txt Fix some minor wording issues 2020-11-11 11:33:38 -06:00
9099.txt changelog: add entries for 1.9.0-beta2 (#9129) 2020-11-06 17:18:47 -05:00
9101.txt agent: return the default ACL policy to callers as a header (#9101) 2020-11-12 10:38:32 -06:00
9103.txt Fixup the autopilot changelog (#9145) 2020-11-09 17:29:06 -05:00
9113.txt connect: switch the default gateway port from 443 to 8443 (#9116) 2020-11-06 20:47:29 -05:00
9119.txt Merge pull request #9155 from hashicorp/release/1.9.0-beta3 2020-11-13 16:45:50 -05:00
9141.txt ui: Changelog changes (#9209) 2020-11-17 10:35:56 -05:00
9142.txt Add changelog entry for autopilot state CLI (#9161) 2020-11-11 14:55:12 -05:00
9151.txt server: remove config entry CAS in legacy intention API bridge code (#9151) 2020-11-13 14:42:21 -06:00
9156.txt Add a paramter in state store methods to indicate whether a resource insertion is from a snapshot restoration (#9156) 2020-11-11 11:21:42 -05:00
9181.txt Trim to one deprecation entry 2020-11-13 14:31:14 -08:00
9186.txt server: skip deleted and deleting namespaces when migrating intentions to config entries (#9186) 2020-11-13 13:56:41 -06:00
9191.txt Refactor to call non-voting servers read replicas (#9191) 2020-11-17 10:53:57 -05:00
9198.txt Merge pull request #9270 from hashicorp/release/1.9.0 2020-11-24 17:36:47 -05:00
9204.txt Prevent panic if autopilot health is requested prior to leader establishment finishing. (#9204) 2020-11-16 17:08:17 -05:00
9207.txt Add DC and NS support for Envoy metrics (#9207) 2020-11-16 16:37:19 -07:00
9229.txt command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint (#9229) 2020-11-19 15:27:31 -06:00
9240.txt Require operator:write to get Connect CA config (#9240) 2020-11-19 10:14:48 -07:00
9247.txt Added changelog entry for 9247 2020-11-20 18:23:01 +01:00
9254.txt server: fix panic when deleting a non existent intention (#9254) 2020-11-24 13:44:20 -05:00
9262.txt docs: deprecate some old filter parameters 2020-11-23 18:23:58 -05:00
9271.txt Add changelog for fixing the namespace replication bug from #9271 (#9347) 2020-12-08 12:04:51 -05:00
9278.txt server: deletions of intentions by name using the intention API is now idempotent (#9278) 2021-01-04 11:27:00 -06:00
9284.txt local: mark service and checks as InSync when added 2020-11-27 15:31:12 -05:00
9296.txt Changelog 2020-11-30 17:27:39 +00:00
9318.txt changelog: add entry for fixing active CA root unset (#9323) 2020-12-03 13:45:07 -05:00
9320.txt Log replication warnings when no error suppression is defined (#9320) 2021-01-08 14:03:06 -06:00
9351.txt acl: global tokens created by auth methods now correctly replicate to secondary datacenters (#9351) 2020-12-09 15:22:29 -06:00
9366.txt server: when wan federating via mesh gateways only do heuristic primary DC bypass on the leader (#9366) 2021-01-22 10:03:24 -06:00
9410.txt ui: [BUGFIX] Ensure namespace is used for node API requests (#9410) 2021-01-04 16:42:44 +00:00
9428.txt connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 2021-02-08 13:18:51 -06:00
9432.txt ui: [BUGFIX] Request intention listing with ns parameter (#9432) 2021-01-04 17:22:10 +00:00
9436.txt structs: fix caching of ServiceSpecificRequest when ingress=true 2021-01-14 17:01:40 -05:00
9440.txt Fix bug in usage metrics when multiple service instances are changed in a single transaction (#9440) 2021-01-12 15:31:47 -06:00
9442.txt ui: Search/filtering 'Filtered by:' search status (#9442) 2021-01-25 18:13:54 +00:00
9468.txt cli: Add consul intention list command (based on PR #6825) (#9468) 2021-01-12 21:14:31 +01:00
9475.txt Add changelog for 9475 2021-03-16 18:22:25 -04:00
9485.txt chore: Adds changelog entry for accessibility improvements (#9509) 2021-01-08 18:17:01 +00:00
9487.txt Add changelog for #9487 (#9491) 2021-01-05 13:05:42 -05:00
9498.txt Ensure that CA initialization does not block leader election. 2021-01-19 15:27:48 -05:00
9505.txt acl: use the presence of a management policy in the state store as a sign that we already migrated to v2 acls (#9505) 2021-01-05 17:04:27 -06:00
9510.txt [bugfix] Prometheus metrics without warnings 2021-01-06 13:54:05 +01:00
9512.txt [Streaming][bugfix] handle TLS signalisation when TLS is disabled on client side 2021-01-06 17:24:58 +01:00
9513.txt ui: Topology intention saving improvements (#9513) 2021-01-19 15:40:39 +00:00
9519.txt server: use the presense of stored federation state data as a sign that we already activated the federation state feature flag (#9519) 2021-01-25 13:24:32 -06:00
9524.txt chore: Changelog entry for #9524 (#9595) 2021-01-20 15:44:41 +00:00
9527.txt server: add OSS stubs supporting validation of source namespaces in service-intentions config entries (#9527) 2021-01-25 11:27:38 -06:00
9528.txt server: initialize mgw-wanfed to use local gateways more on startup (#9528) 2021-01-25 17:30:38 -06:00
9530.txt Display a warning when rpc.enable_streaming = true is set on a client (#9530) 2021-01-08 15:23:23 -05:00
9553.txt ui: Sidebar navigation / redesign (#9553) 2021-01-26 17:40:33 +00:00
9554.txt connect: add local_request_timeout_ms to configure local_app http timeouts (#9554) 2021-01-25 13:50:00 -06:00
9569.txt Fix -ui-content-path without regex (#9569) 2021-01-20 18:40:46 +00:00
9585.txt Add flags to support CA generation for Connect (#9585) 2021-01-27 08:52:15 +01:00
9589.txt Update topology mapping Refs on all proxy instance deletions (#9589) 2021-01-20 15:17:26 +00:00
9593.txt ui: Changelog for #9593 (#9598) 2021-01-20 18:18:46 +00:00
9594.txt ui: Removing formatting to display LockDelay in nanoseconds (#9594) 2021-01-20 12:03:08 -05:00
9602.txt xds: remove deprecated usages of xDS (#9602) 2021-02-22 15:00:15 -06:00
9617.txt changelog: Auth Method feature release (#9963) 2021-04-01 11:00:43 -04:00
9626.txt Upgrade raft-autopilot and wait for autopilot it to stop when revoking leadership (#9644) 2021-01-27 11:14:52 -05:00
9650.txt xds: deduplicate mesh gateway listeners in a stable way (#9650) 2021-02-05 16:28:07 -06:00
9651.txt xds: prevent LDS flaps in mesh gateways due to unstable datacenter lists (#9651) 2021-02-08 10:19:57 -06:00
9658.txt fix typo in changelog 2021-02-26 17:08:33 -06:00
9660.txt chore: changelog for 9660 (#9668) 2021-01-29 16:08:39 +00:00
9672.txt Add a changelog note 2021-03-11 11:47:35 -08:00
9683.txt changelog: fixup release-note formatting (#9960) 2021-04-01 10:31:48 -04:00
9687.txt ui: Restrict the viewing/editing of certain UI elements based on the users ACLs (#9687) 2021-02-19 16:42:16 +00:00
9689.txt Add changelog entry 2021-02-08 09:45:58 -07:00
9703.txt Updated changelog 2021-02-08 18:16:07 +01:00
9715.txt ui: [BUGFIX] Replace all replaceAll with split.join for older browsers without replaceAll (#9715) 2021-02-11 09:49:39 +00:00
9729.txt ui: Update browser targets to ~2016 browsers (#9729) 2021-02-11 10:03:13 +00:00
9737.txt connect: update supported envoy point releases to 1.16.2, 1.15.3, 1.14.6, 1.13.7 (#9737) 2021-02-10 13:11:15 -06:00
9738.txt Stop background refresh of cached data for requests that result in ACL not found errors (#9738) 2021-02-09 10:15:53 -05:00
9741.txt Add fields to the /acl/auth-methods endpoint. (#9741) 2021-02-17 08:16:57 -08:00
9749.txt ui: [BUGFIX] Ensure we show the correct count of instances for each node (#9749) 2021-02-11 11:36:36 +00:00
9752.txt ui: Remove any trailing fullstop/period DNS characters from Gateways UI API (#9752) 2021-02-25 09:34:47 +00:00
9765.txt xds: only try to create an ipv6 expose checks listener if ipv6 is supported by the kernel (#9765) 2021-02-19 14:38:43 -06:00
9768.txt Add flags to consul connect envoy for metrics merging. (#9768) 2021-03-04 16:15:47 -06:00
9772.txt stream: fix a snapshot cache bug 2021-02-16 12:52:23 -05:00
9792.txt Add a changelog entry 2021-03-11 09:46:53 -08:00
9806.txt connect: if the token given to the vault provider returns no data avoid a panic (#9806) 2021-02-22 14:08:49 -06:00
9819.txt ui: a11y modals (#9819) 2021-03-09 09:30:01 +00:00
9847.txt ui: CSP Improvements (#9847) 2021-03-17 10:46:21 +00:00
9851.txt Fix advertise_addr_wan_ipv6 configuration key 2021-03-09 14:56:44 +01:00
9855.txt Support Incremental xDS mode (#9855) 2021-04-29 13:54:05 -05:00
9864.txt ui: Adds warning icon to side menu when ACLs are disabled (#9864) 2021-03-17 11:23:00 +00:00
9872.txt Add changelog and cleanup todo for beta 2021-03-17 16:45:13 -06:00
9894.txt Add changelog entry 2021-03-17 22:09:02 -06:00
9901.txt ui: Ensure intention form cancel button works (#9901) 2021-03-19 15:14:46 +00:00
9903.txt api: enable query options on agent endpoints 2021-03-19 13:08:26 -05:00
9910.txt cli: Add new `consul connect redirect-traffic` command for applying traffic redirection rules when Transparent Proxy is enabled. (#9910) 2021-04-09 11:48:10 -07:00
9920.txt Allow passing ALPN next protocols down to connect services. Fixes #4466. (#9920) 2021-03-26 11:34:47 +00:00
9923.txt changelog: fixup release-note formatting (#9960) 2021-04-01 10:31:48 -04:00
9924.txt Update metric name 2021-06-14 17:01:16 -04:00
9967.txt api: ensure v1/health/ingress/:service endpoint works properly when streaming is enabled (#9967) 2021-04-05 13:23:00 -05:00
9973.txt connect: add toggle to globally disable wildcard outbound network access when transparent proxy is enabled (#9973) 2021-04-06 13:19:59 -05:00
9978.txt cache: fix bug where TTLs were ignored leading to leaked memory in client agents (#9978) 2021-04-08 11:08:56 +01:00
9979.txt cache: Fix bug where connection errors can cause early cache expiry (#9979) 2021-04-08 11:11:15 +01:00
9980.txt command: when generating envoy bootstrap configs to stdout do not mix informational logs into the json (#9980) 2021-04-07 14:22:52 -05:00
9981.txt Add changelog entry 2021-05-04 12:41:43 -07:00
10002.txt Fix up changelog for 10002 (#10130) 2021-04-27 14:29:48 -04:00
10009.txt add changelog entry 2021-07-14 17:50:00 -04:00
10013.txt Move static token resolution into the ACLResolver (#10013) 2021-04-14 12:39:35 -04:00
10016.txt Add changelog entry 2021-04-15 13:58:28 -06:00
10023.txt Add security release-note changelog entry 2021-04-14 16:40:47 -04:00
10025.txt snapshot: fix saving of auth methods 2021-04-14 16:51:21 -04:00
10039.txt ui: remove old nspace argument from the proxy instance repository (#10039) 2021-04-15 19:18:07 +01:00
10062.txt ui: Adds human formatting to nanosecond based session durations (#10062) 2021-04-28 12:12:56 +01:00
10069.txt Disallow * as service-defaults name (#10069) 2021-04-19 14:23:01 -06:00
10073.txt Update changelog and add telemetry docs (#10107) 2021-04-23 16:05:00 -04:00
10081.txt Update brand assets (#10081) 2021-05-03 16:19:09 +01:00
10089.txt CLI: Allow snapshot inspect to work on internal raft snapshots directly. (#10089) 2021-04-23 16:17:08 +01:00
10091.txt Fix panic bug in snapshot inspect (#10091) 2021-04-23 20:48:10 +01:00
10100.txt ui: Adds CRD popover 'informed action' for intentions managed by CRDs (#10100) 2021-05-04 17:21:54 +01:00
10101.txt connect: update supported envoy versions to 1.18.2, 1.17.2, 1.16.3, and 1.15.4 (#10101) 2021-04-29 15:22:03 -05:00
10112.txt Add changelog 2021-04-27 19:03:17 -04:00
10121.txt ui: Add conditionals to Lock Session list items (#10121) 2021-05-11 11:35:15 -04:00
10122.txt ui: Fix empty SVG height to prevent service mesh from breaking when there are no upstreams (#10122) 2021-04-28 09:22:18 -04:00
10124.txt ui: Update conditional for topology empty state (#10124) 2021-04-28 09:23:02 -04:00
10127.txt Rename "cluster" config entry to "mesh" (#10127) 2021-04-28 16:13:29 -06:00
10129.txt Make Raft trailing logs and snapshot timing reloadable (#10129) 2021-05-04 15:36:53 +01:00
10131.txt xds: ensure that all envoyproxy/go-control-plane protobuf symbols are linked into the final binary (#10131) 2021-04-29 14:58:26 -05:00
10133.txt ui: Update not-defined intention popover and banner (#10133) 2021-04-28 10:31:14 -04:00
10134.txt Implement traffic redirection exclusion based on proxy config and user-provided values (#10134) 2021-04-29 09:21:15 -07:00
10136.txt ui: Add TProxy Mode notice banner to service instance Upstreams tab (#10136) 2021-04-28 14:06:18 -04:00
10149.txt Add changelog 2021-04-29 12:08:03 -04:00
10151.txt ui: Fix text search for upstream instances (#10151) 2021-05-04 17:25:57 +01:00
10152.txt ui: Remove extra nspace value from service upstreams (#10152) 2021-05-04 17:42:13 +01:00
10157.txt ui: Fix nspace spacing issue (#10157) 2021-05-10 11:19:11 +01:00
10161.txt Add changelog 2021-05-04 14:09:14 -04:00
10162.txt Only consider virtual IPs for transparent proxies (#10162) 2021-05-03 14:15:22 -06:00
10163.txt Give descriptive error if auth method not found (#10163) 2021-05-03 13:39:13 -07:00
10173.txt Save exposed ports in agent's store and expose them via API (#10173) 2021-05-12 13:51:39 -07:00
10174.txt ui: Adds ability to show a 'partial' list in list-collections (#10174) 2021-05-07 16:54:45 +01:00
10181.txt ui: Loader amends/improvements (#10181) 2021-05-07 12:23:29 +01:00
10186.txt ui: [BUGFIX] De-duplicate Tag rendering (#10186) 2021-05-07 12:07:11 +01:00
10188.txt Add changelog 2021-05-06 18:35:52 -04:00
10189.txt http: set consistency header properly 2021-05-06 13:19:45 -04:00
10194.txt ui: Serf Health Check warning notice (#10194) 2021-05-13 11:36:51 +01:00
10204.txt Always set the Content-Type header when a body is present (#10204) 2021-05-25 16:03:48 +01:00
10210.txt Add OSS bits for supporting specifying the enterprise license via config 2021-05-20 16:11:33 -04:00
10211.txt Deprecate API driven licensing. 2021-05-21 11:08:50 -04:00
10212.txt ui: Support Route optional parameters/segments (#10212) 2021-05-26 17:43:46 +01:00
10225.txt ui: Miscellaneous Lock Session fixes (#10225) 2021-05-19 11:05:54 +01:00
10231.txt connect: update supported envoy versions to 1.18.3, 1.17.3, 1.16.4, and 1.15.5 (#10231) 2021-05-12 14:06:06 -05:00
10239.txt server: ensure that central service config flattening properly resets the state each time (#10239) 2021-05-14 10:21:44 -05:00
10240.txt agent: ensure we hash the non-deprecated upstream fields on ServiceConfigRequest (#10240) 2021-05-14 10:15:48 -05:00
10243.txt xds: emit a labeled gauge of connected xDS streams by version (#10243) 2021-05-14 13:59:13 -05:00
10248.txt hcs-1936: Prepare for adding license auto-retrieval to auto-config in enterprise 2021-05-24 13:20:30 -04:00
10267.txt Add license inspect command documentation and changelog (#10351) 2021-06-04 14:33:13 -04:00
10270.txt ui: Create and use collapsible notices component (#10270) 2021-05-25 11:02:38 -04:00
10273.txt debug: remove the CLI check for debug_enabled (#10273) 2021-05-27 09:41:53 -04:00
10279.txt generate a single debug file for a long duration capture (#10279) 2021-06-07 13:00:51 -04:00
10287.txt ui: Unix Domain Socket support (#10287) 2021-05-26 17:52:25 +01:00
10298.txt ui: Move all our icons to use CSS custom properties instead of SASS vars (#10298) 2021-06-21 11:54:58 +01:00
10299.txt RPC Timeout/Retries account for blocking requests (#8978) 2021-05-27 17:29:43 -04:00
10301.txt Ensure passthrough clusters can be created (#10301) 2021-05-26 15:05:14 -06:00
10306.txt Bump raft-autopilot version to the latest. (#10306) 2021-05-27 12:59:14 -04:00
10324.txt envoy: fix bootstrap deadlock caused by a full named pipe 2021-05-31 18:53:17 -04:00
10329.txt Add flag for transparent proxies to dial individual instances (#10329) 2021-06-09 14:34:17 -06:00
10330.txt connect/ca: ensure edits to the key type/bits for the connect builtin CA will regenerate the roots (#10330) 2021-07-13 11:12:07 -05:00
10331.txt connect/ca: require new vault mount points when updating the key type/bits for the vault connect CA provider (#10331) 2021-07-13 11:11:46 -05:00
10338.txt Add changelog 2021-06-02 17:39:30 -04:00
10340.txt usagemetrics: add cluster members to metrics API (#10340) 2021-06-03 08:25:53 -07:00
10358.txt fix monitor to only start the monitor in json format when requested (#10358) 2021-06-07 12:08:48 -04:00
10365.txt Revert "Avoid adding original_dst filter when not needed" (#10365) 2021-06-08 13:18:41 -06:00
10368.txt improve monitor performance (#10368) 2021-06-15 12:05:52 -04:00
10381.txt xds: ensure that dependent xDS resources are reconfigured during primary type warming (#10381) 2021-06-14 17:20:27 -05:00
10391.txt proxycfg: Ensure that endpoints for explicit upstreams in other datacenters are watched in transparent mode (#10391) 2021-06-15 11:00:26 -07:00
10394.txt Relax validation for expose.paths config (#10394) 2021-06-14 14:04:11 -06:00
10395.txt grpc: move gRPC INFO logs to be emitted as TRACE logs from Consul (#10395) 2021-06-14 15:13:58 -05:00
10399.txt Add changelog 2021-07-26 17:53:32 -04:00
10401.txt return an empty record when asked for an addr dns with type other then A, AAAA and ANY (#10401) 2021-06-24 20:44:44 -04:00
10404.txt Add changelog entry 2021-06-15 14:15:30 -06:00
10411.txt Format certificates properly (rfc7468) with a trailing new line (#10411) 2021-06-30 20:48:29 -04:00
10423.txt Update .changelog/10423.txt 2021-06-17 12:06:26 -07:00
10424.txt connect/ca: cease including the common name field in generated certs (#10424) 2021-06-25 13:00:00 -05:00
10475.txt structs: prevent service-defaults upstream configs from using wildcard names or namespaces (#10475) 2021-06-23 15:48:54 -05:00
10478.txt structs: prohibit config entries from referencing more than one partition at a time (#10478) 2021-06-23 16:44:10 -05:00
10486.txt connect/proxy: fixes logic bug preventing builtin/native proxy from starting upstream listeners (#10486) 2021-06-24 15:02:34 -05:00
10490.txt tlsutil: fix default server name for health checks 2021-06-24 13:49:58 -04:00
10500.txt check expiry date of the root/intermediate before using it to sign a leaf (#10500) 2021-07-13 12:15:06 -04:00
10503.txt ui: Don't default to the default namespace, use the token default namespace instead (#10503) 2021-07-07 11:46:41 +01:00
10504.txt Add ca certificate metrics (#10504) 2021-07-07 09:41:01 -04:00
10507.txt connect: include optional partition prefixes in SPIFFE identifiers (#10507) 2021-06-25 16:47:47 -05:00
10514.txt streaming: fix enable of streaming in the client 2021-06-28 17:23:14 -04:00
10515.txt fix 64-bit aligment for 32-bit platforms 2021-06-29 16:10:21 -04:00
10535.txt Add changelog to backported bug fix for Topology Metrics (#10538) 2021-06-30 16:51:29 -04:00
10546.txt Add support for returning ACL secret IDs for accessors with acl:write (#10546) 2021-07-08 15:13:08 -07:00
10552.txt Add changelog 2021-07-06 17:57:36 -04:00
10559.txt Add changelog for PR 10559 2021-07-06 18:39:40 -04:00
10564.txt cli/sdk: Allow applying redirect-traffic rules in a provided Linux namespace (#10564) 2021-07-13 10:05:48 -06:00
10566.txt Allow configuring graceful stop in testutil (#10566) 2021-09-08 11:12:54 -04:00
10569.txt ui: [BUGFIX] Ensure in-folder KVs are created in the correct folder (#10569) 2021-07-14 18:49:01 +01:00
10572.txt config: add agent config flag for enterprise clients to indicate they wish to join a particular partition (#10572) 2021-07-08 10:03:38 -05:00
10581.txt ui: Split up the socket mode from the socket path (#10581) 2021-08-11 13:00:32 -04:00
10598.txt acls: Show `AuthMethodNamespace` when reading/listing ACL token meta (#10598) 2021-07-15 10:38:52 -07:00
10604.txt ui: Show the correct 'ACLs Disabled' page when ACLs are disabled (#10604) 2021-07-14 18:52:13 +01:00
10605.txt ui: [BUGFIX] Fix KV Code Editor syntax loading (#10605) 2021-07-14 18:55:35 +01:00
10608.txt ui: [BUGFIX] Ensure we use the ns query param name when requesting permissions (#10608) 2021-07-15 12:19:07 +01:00
10611.txt Add DNS recursor strategy option (#10611) 2021-07-19 15:22:51 -07:00
10612.txt String type instead of error type and changelog. 2021-08-06 22:35:27 +01:00
10613.txt Add Changelog entry and api package support for HTTP Header manip 2021-09-10 21:09:24 +01:00
10619.txt xds: ensure single L7 deny intention with default deny policy does not result in allow action (CVE-2021-36213) (#10619) 2021-07-15 10:09:00 -05:00
10621.txt Add changelog entry 2021-07-15 09:27:46 -06:00
10630.txt defer setting the state before returning to avoid stuck in `INITIALIZING` state (#10630) 2021-08-05 14:51:19 -04:00
10647.txt Avoid panic on concurrent writes to cached service config map (#10647) 2021-07-20 10:09:29 -06:00
10657.txt config raft apply silent error (#10657) 2021-07-22 10:32:27 -04:00
10688.txt agent: update proxy upstreams to inherit namespace from service (#10688) 2021-07-26 17:12:29 -04:00
10689.txt Log the correlation ID when blocking queries fire (#10689) 2021-07-23 16:36:17 -06:00
10690.txt add support for h2c in h2 ping health checks 2021-10-04 22:51:08 -04:00
10691.txt api: Support QueryOptions on additional agent endpoints (#10691) 2021-07-30 10:07:13 -07:00
10706.txt ui: Fix dropdown option duplications (#10706) 2021-07-27 17:34:11 -04:00
10707.txt add changelog 2021-07-28 17:50:01 -04:00
10717.txt checks: Add Interval and Timeout to API response (#10717) 2021-08-03 15:26:49 -07:00
10732.txt Add changelog 2021-07-30 09:58:11 -07:00
10735.txt ui: Add copy button for Secret ID in Tokens list page (#10735) 2021-07-30 13:52:37 -04:00
10757.txt cli: Use admin bind address in self_admin cluster (#10757) 2021-08-09 17:10:32 -07:00
10758.txt Fixup to support unix domain socket via command line (#10758) 2021-08-12 10:05:22 -07:00
10767.txt ui: Fix Health Checks in K/V form Lock Sessions Info section (#10767) 2021-08-04 12:41:41 -04:00
10768.txt telemetry: add a metric for agent TLS cert expiry 2021-08-04 13:51:44 -04:00
10769.txt ui: Add Vault as a Service External Source (#10769) 2021-08-04 18:22:43 -04:00
10795.txt cli: Test API access using /status/leader in consul watch (#10795) 2021-08-09 09:00:33 -07:00
10804.txt add changelog 2021-08-18 12:54:11 -04:00
10813.txt deps: upgrade gogo-protobuf to v1.3.2 (#10813) 2021-08-12 14:05:46 -04:00
10820.txt cli: Fix broken KV import on Windows (#10820) 2021-08-10 14:42:05 -07:00
10824.txt proxycfg: Lookup the agent token as a default 2021-08-12 15:51:34 -04:00
10835.txt ui: Create Routing Configurations route and page (#10835) 2021-08-16 12:04:04 -04:00
10838.txt grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
10844.txt ci: make changelog-checker only validate PR number against main base (#10844) 2021-08-16 15:40:51 -04:00
10856.txt ci: upgrade to use Go 1.16.7 (#10856) 2021-08-16 12:21:16 -05:00
10858.txt ui: Hide all metrics for ingress gateway services (#10858) 2021-08-26 14:08:31 -04:00
10872.txt ui: Add support in Topology view for Routing Configurations (#10872) 2021-08-26 13:58:06 -04:00
10873.txt Add changelog entry 2021-08-20 17:40:33 -06:00
10901.txt ui: [BUGFIX] Properly encode non-URL safe characters in OIDC responses (#10901) 2021-08-24 16:58:45 +01:00
10902.txt ui: Disabling policy form fields from users with 'read' permissions (#10902) 2021-08-25 09:42:05 -04:00
10903.txt Add changelog; Add API package support for new fields. 2021-09-23 10:12:37 +01:00
10913.txt ui: [BUGFIX] Add missing `@` to fix missing non-subset Failovers (#10913) 2021-08-26 17:01:26 +01:00
10914.txt ui: Hide create buttons for policies/roles/namespaces with readonly access (#10914) 2021-09-27 17:20:44 +01:00
10916.txt ui: Always show main navigation Key/Value link (#10916) 2021-09-22 18:23:59 +01:00
10925.txt rpc: authorize raft requests (#10925) 2021-08-26 15:04:32 -07:00
10952.txt Revert early out errors in license API (#10952) 2021-08-31 10:36:35 -06:00
10961.txt connect: update envoy supported versions to latest patch release 2021-08-31 10:39:18 -06:00
10964.txt tls: consider presented intermediates during server connection tls handshake. (#10964) 2021-09-09 21:48:54 +02:00
10969.txt Add failures_before_warning to checks (#10969) 2021-09-14 12:47:52 -04:00
10987.txt xds: fix representation of incremental xDS subscriptions (#10987) 2021-09-21 09:58:56 -05:00
11026.txt sso/oidc: add support for acr_values request parameter (#11026) 2021-09-17 09:10:05 -07:00
11077.txt ui: Gracefully recover from non-existent DC errors (#11077) 2021-09-22 18:26:36 +01:00
11080.txt api: add partition field to acl structs (#11080) 2021-09-17 11:53:03 -05:00
11085.txt xds: ensure the active streams counters are 64 bit aligned on 32 bit systems (#11085) 2021-09-20 11:07:11 -05:00
11090.txt Add changelog entry 2021-09-20 12:52:19 -05:00
11095.txt ui: [BUGFIX] Re-enable namespace menus whilst editing intentions (#11095) 2021-09-22 10:21:20 +01:00
11099.txt grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
11107.txt Add changelog entry for audit logging header extraction improvement 2021-09-22 10:23:01 -04:00
11109.txt connect: Allow upstream listener escape hatch for prepared queries (#11109) 2021-09-22 15:27:10 -04:00
11115.txt add changelog entry 2021-09-22 10:57:36 -07:00
11117.txt ui: Make it hard to not URLEncode DataSource srcs/URIs (#11117) 2021-09-30 15:54:46 +01:00
11129.txt ui: Add initial partition support to intentions (#11129) 2021-09-24 17:31:58 +01:00
11130.txt ui: Remove info panel from the nspace menu when editing nspaces (#11130) 2021-09-24 18:05:22 +01:00
11136.txt Add changelog 2021-09-29 12:45:42 -04:00
11149.txt ui: Don't show the CRD menu for read-only intentions (#11149) 2021-09-27 17:19:32 +01:00
11163.txt Add Changelog 2021-10-19 20:58:28 +01:00
11188.txt ui: Adds initial CRUD for partitions (#11188) 2021-10-08 16:29:30 +01:00
11200.txt ui: Replaces almost all remaining instances of SASS variables with CSS (#11200) 2021-10-07 19:21:11 +01:00
11216.txt ui: Topology - Fix up Default Allow and Permissive Intentions notices (#11216) 2021-10-12 09:27:06 -04:00
11222.txt Add changelog, website and metric docs 2021-10-05 13:34:24 -05:00
11231.txt fix consul_autopilot_healthy metric emission (#11231) 2021-10-08 10:31:50 -07:00
11232.txt docs: add notice that legacy ACLs have been removed. 2021-10-05 18:30:22 -04:00
11237.txt ui: Fix up blocking reconciliation for multiple models (#11237) 2021-10-07 12:38:04 +01:00
11241.txt fix: only add prom autopilot gauges to servers (#11241) 2021-10-13 09:25:30 -07:00
11255.txt tlsutil: only AuthorizerServerConn when VerifyIncomingRPC is true 2021-10-27 13:43:25 -04:00
11263.txt acl: fix bug in 'consul members' filtering with partitions (#11263) 2021-10-13 09:18:16 -05:00
11277.txt connect: Add support for Envoy 1.20 (#11277) 2021-10-27 18:38:10 -07:00
11293.txt added changelog 2021-10-20 16:02:14 +05:30
11298.txt ui: Move the Role remove dialog to use InformedAction (#11298) 2021-10-14 13:54:27 +01:00
11311.txt ui: Ensure we provide an id for filtering policy-tokens (#11311) 2021-10-26 19:00:32 +01:00
11318.txt Fix back compat issues with UDS config (#11318) 2021-10-28 13:31:10 -07:00
11323.txt acl: small OSS refactors to help ensure that auth methods with namespace rules work with partitions (#11323) 2021-10-14 15:38:05 -05:00
11328.txt Add changelog note and amend docs 2021-10-19 01:08:44 +05:30
11348.txt added changelog 2021-10-27 02:33:36 +03:00
11364.txt ci: test against go1.17 2021-10-21 16:18:32 -04:00
11375.txt update raft to v1.3.2 (#11375) 2021-10-21 13:21:22 -04:00
11376.txt fix leadership transfer on leave suggestions (#11387) 2021-10-21 14:02:26 -04:00
11380.txt ui: Ensure dc selector correctly shows the currently selected dc (#11380) 2021-10-26 19:26:04 +01:00
11399.txt fix autopilot_failure_tolerance, add autopilot metrics test case (#11399) 2021-10-25 10:55:59 -07:00
11409.txt ui: Ensure we check intention service prefix permissions for per service (#11409) 2021-11-04 12:10:28 +00:00
11419.txt Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
11428.txt add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
11429.txt agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
11431.txt Add changelog entry 2021-10-27 09:02:10 -06:00
11433.txt Add changelog entry 2021-10-27 09:06:34 -06:00
11444.txt agent: for various /v1/agent endpoints parse the partition parameter on the request (#11444) 2021-10-28 16:44:38 -05:00
11446.txt cli: update consul members output to display partitions and sort the results usefully (#11446) 2021-10-28 17:27:31 -05:00
_619.txt Create _619.txt 2020-10-09 10:51:37 -04:00
_666.txt Add a paramter in state store methods to indicate whether a resource insertion is from a snapshot restoration (#9156) 2020-11-11 11:21:42 -05:00
_683.txt Add changelog entry for namespace licensing fix (#9203) 2020-11-16 15:45:55 -05:00
_745.txt Add changelog entry for change to the temporary client license duration (#9642) 2021-01-26 16:15:05 -05:00
_795.txt Add component name to entry 2021-04-14 19:41:04 -04:00
_855.txt Add changelog for enterprise change 2021-04-14 11:50:15 -04:00
_907.txt Add changelog entry for network area timeout updates (#10241) 2021-05-13 15:05:38 -06:00
_917.txt Add changelog 2021-05-20 12:57:15 -04:00
_923.txt changelog: add entry for network areas WAN config fix 2021-05-26 17:49:19 -04:00
_938.txt Add license inspect command documentation and changelog (#10351) 2021-06-04 14:33:13 -04:00
_987.md Create _987.md 2021-09-16 18:21:39 -04:00
_1085.txt Add changelog entry 2021-08-25 19:46:21 -06:00
_1093.txt Add changelog entry 2021-08-25 19:46:21 -06:00
_1200.txt add changelog entry for enterprise fix (#11226) 2021-10-05 14:44:53 -05:00
_1203.txt update changelog (#11262) 2021-10-12 16:31:56 -05:00
_8621.txt Adds changelog entry for snapshot agent improvement (#8622) 2020-09-04 14:07:57 -06:00
_8825.txt Add streaming changelog file 2020-10-13 18:16:33 -04:00
_8984.txt changelog: update to hashicorp/sentinel@v0.16.0 in Enterprise (#8984) 2020-10-26 12:32:44 -04:00
_releases-111.txt changelog: add note about packaging EULA and ToE alongside Enterprise binaries 2021-06-16 16:58:08 -04:00
changelog.tmpl changelog: add notes section to changelog template 2021-06-16 16:58:11 -04:00
note.tmpl changelog: fixup note.tmpl syntax 2020-10-09 22:44:51 -04:00