open-consul/agent
Matt Keeler cdc4b20afa
ACL Node Identities (#7970)
A Node Identity is very similar to a service identity. Its main targeted use is to allow creating tokens for use by Consul agents that will grant the necessary permissions for all the typical agent operations (node registration, coordinate updates, anti-entropy).

Half of this commit is for golden file based tests of the acl token and role cli output. Another big updates was to refactor many of the tests in agent/consul/acl_endpoint_test.go to use the same style of tests and the same helpers. Besides being less boiler plate in the tests it also uses a common way of starting a test server with ACLs that should operate without any warnings regarding deprecated non-uuid master tokens etc.
2020-06-16 12:54:27 -04:00
..
ae agent: ensure node info sync and full sync. (#7189) 2020-02-06 15:30:58 +01:00
agentpb server: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#7419) 2020-03-10 11:15:22 -05:00
cache Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
cache-types Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
checks tests: use constructor instead init (#8024) 2020-06-04 22:59:06 +02:00
config Update comments that reference PatchSliceOfMaps 2020-06-09 17:43:05 -04:00
connect Setup intermediate_pki_path on secondary when using vault (#8001) 2020-06-05 21:36:22 +02:00
consul ACL Node Identities (#7970) 2020-06-16 12:54:27 -04:00
debug fix comment typos (#4890) 2018-11-02 12:00:39 -05:00
exec fix go vet issue 2017-10-25 19:30:35 +02:00
local tests: ensure that the ServiceExists helper function normalizes entmeta (#8025) 2020-06-05 10:41:39 +02:00
metadata Replace goe/verify.Values with testify/require.Equal (#7993) 2020-06-02 12:41:25 -04:00
mock checks: when a service does not exists in an alias, consider it failing (#7384) 2020-06-04 14:50:52 +02:00
pool pool: remove timeout parameter 2020-05-29 08:21:28 +02:00
proxycfg Move compound service names to use ServiceName type 2020-06-12 13:47:43 -06:00
router Merge pull request #7966 from hashicorp/pool_improvements 2020-06-04 08:56:26 +02:00
structs ACL Node Identities (#7970) 2020-06-16 12:54:27 -04:00
systemd agent: notify systemd after JoinLAN (#2121) 2017-06-21 06:43:55 +02:00
token Updates to allow for using an enterprise specific token as the agents token 2020-04-28 09:44:26 -04:00
xds Merge pull request #8074 from hashicorp/dnephin/remove-references-to-PatchSliceOfMaps 2020-06-15 14:33:10 -04:00
acl.go acl: remove the deprecated `acl_enforce_version_8` option (#7991) 2020-05-29 16:16:03 -05:00
acl_endpoint.go test: move some test helpers over from enterprise (#7754) 2020-05-01 14:52:15 -05:00
acl_endpoint_legacy.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
acl_endpoint_legacy_test.go ci: Add staticcheck and fix most errors 2020-05-28 11:59:58 -04:00
acl_endpoint_test.go ACL Node Identities (#7970) 2020-06-16 12:54:27 -04:00
acl_test.go acl: remove the deprecated `acl_enforce_version_8` option (#7991) 2020-05-29 16:16:03 -05:00
agent.go acl: remove the deprecated `acl_enforce_version_8` option (#7991) 2020-05-29 16:16:03 -05:00
agent_endpoint.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
agent_endpoint_test.go http: use default minsize for gzip handler. (#7354) 2020-06-08 10:10:08 +02:00
agent_oss.go Some boilerplate to allow for ACL Bootstrap disabling configurability 2020-04-28 09:42:46 -04:00
agent_test.go tests: use constructor instead init (#8024) 2020-06-04 22:59:06 +02:00
bindata_assetfs.go update bindata_assetfs.go 2020-05-28 14:39:37 -04:00
catalog_endpoint.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
catalog_endpoint_test.go Move compound service names to use ServiceName type 2020-06-12 13:47:43 -06:00
check.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
config_endpoint.go Add connect expose CLI command 2020-06-05 14:54:29 -07:00
config_endpoint_test.go Expect default enterprise metadata in gateway tests (#7664) 2020-04-20 09:02:35 -05:00
connect_auth.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
connect_ca_endpoint.go connect: Add AWS PCA provider (#6795) 2019-11-21 17:40:29 +00:00
connect_ca_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
coordinate_endpoint.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
coordinate_endpoint_test.go Fix a number of problems found by staticcheck 2020-05-19 16:50:14 -04:00
denylist.go Replace whitelist/blacklist terminology with allowlist/denylist (#7971) 2020-05-29 14:19:16 -04:00
denylist_test.go Replace whitelist/blacklist terminology with allowlist/denylist (#7971) 2020-05-29 14:19:16 -04:00
discovery_chain_endpoint.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
discovery_chain_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
dns.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
dns_oss.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
dns_test.go Replace goe/verify.Values with testify/require.Equal (#7993) 2020-06-02 12:41:25 -04:00
enterprise_delegate_oss.go Update to use a consulent build tag instead of just ent (#5759) 2019-05-01 11:11:27 -04:00
event_endpoint.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
event_endpoint_test.go ci: Enabled SA2002 staticcheck check 2020-06-05 17:50:11 -04:00
federation_state_endpoint.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
health_endpoint.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
health_endpoint_test.go Move ingress param to a new endpoint (#8081) 2020-06-10 13:07:15 -05:00
http.go http: use default minsize for gzip handler. (#7354) 2020-06-08 10:10:08 +02:00
http_decode_test.go intentions: fix a bug in Intention.SetHash 2020-06-05 14:51:43 -04:00
http_oss.go http: migrate from instrumentation in s.wrap() to an s.enterpriseHandler() 2020-05-13 15:47:05 -07:00
http_oss_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
http_register.go Create HTTP endpoint 2020-06-12 13:46:47 -06:00
http_test.go http: use default minsize for gzip handler. (#7354) 2020-06-08 10:10:08 +02:00
intentions_endpoint.go Fix a couple bugs regarding intentions with namespaces (#7169) 2020-01-29 17:30:38 -05:00
intentions_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
keyring.go agent: sensible keyring error (#7272) 2020-02-13 20:35:09 +01:00
keyring_test.go Rename NewTestAgentWithFields to StartTestAgent 2020-03-31 17:14:55 -04:00
kvs_endpoint.go docs: add docs for kv_max_value_size (#7405) 2020-03-09 11:13:40 +01:00
kvs_endpoint_test.go Fix a number of problems found by staticcheck 2020-05-19 16:50:14 -04:00
notify.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
notify_test.go Fixes memory leak when blocking on /event/list (#4482) 2018-08-02 14:54:48 +01:00
operator_endpoint.go Use encoding/json as JSON decoder instead of mapstructure (#6680) 2019-10-29 11:13:36 -07:00
operator_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
prepared_query_endpoint.go Make the Agent Cache more Context aware (#8092) 2020-06-15 11:01:25 -04:00
prepared_query_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
remote_exec.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
remote_exec_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
retry_join.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
retry_join_test.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
service_checks_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
service_manager.go agent/service_manager: remove 'updateCh' field from serviceConfigWatch 2020-06-16 12:15:57 -04:00
service_manager_test.go Rename NewTestAgentWithFields to StartTestAgent 2020-03-31 17:14:55 -04:00
session_endpoint.go Fix session backwards incompatibility with 1.6.x and earlier. 2020-03-05 15:34:55 -05:00
session_endpoint_test.go ci: Add staticcheck and fix most errors 2020-05-28 11:59:58 -04:00
sidecar_service.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
sidecar_service_test.go Rename NewTestAgentWithFields to StartTestAgent 2020-03-31 17:14:55 -04:00
signal_unix.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
signal_windows.go cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737) 2018-10-02 15:57:21 -05:00
snapshot_endpoint.go Remove SnapshotRPC passthrough 2020-04-13 12:32:57 -04:00
snapshot_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
status_endpoint.go Allow forwarding of some status RPCs (#6198) 2019-07-25 14:26:22 -04:00
status_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
testagent.go acl: remove the deprecated `acl_enforce_version_8` option (#7991) 2020-05-29 16:16:03 -05:00
testagent_test.go New config parser, HCL support, multiple bind addrs (#3480) 2017-09-25 11:40:42 -07:00
translate_addr.go Add the v1/catalog/node-services/:node endpoint (#7115) 2020-01-24 09:27:25 -05:00
txn_endpoint.go docs: add docs for kv_max_value_size (#7405) 2020-03-09 11:13:40 +01:00
txn_endpoint_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
ui_endpoint.go Move compound service names to use ServiceName type 2020-06-12 13:47:43 -06:00
ui_endpoint_test.go Fix a number of problems found by staticcheck 2020-05-19 16:50:14 -04:00
user_event.go agent: ensure that we always use the same settings for msgpack (#7245) 2020-02-07 15:50:24 -06:00
user_event_test.go Remove name from NewTestAgent 2020-03-31 16:13:44 -04:00
util.go agent: ensure that we always use the same settings for msgpack (#7245) 2020-02-07 15:50:24 -06:00
util_test.go Replace goe/verify.Values with testify/require.Equal (#7993) 2020-06-02 12:41:25 -04:00
watch_handler.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
watch_handler_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00