luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent
History
Matt Keeler 31d9d2e557
Store primaries root in secondary after intermediate signature (#6333) 
* Store primaries root in secondary after intermediate signature

This ensures that the intermediate exists within the CA root stored in raft and not just in the CA provider state. This has the very nice benefit of actually outputting the intermediate cert within the ca roots HTTP/RPC endpoints.

This change means that if signing the intermediate fails it will not set the root within raft. So far I have not come up with a reason why that is bad. The secondary CA roots watch will pull the root again and go through all the motions. So as soon as getting an intermediate CA works the root will get set.

* Make TestAgentAntiEntropy_Check_DeferSync less flaky

I am not sure this is the full fix but it seems to help for me.
 		2019-08-30 11:38:46 -04:00
..
ae
cache Simplified code in various places (#6176) 2019-07-20 09:37:19 -04:00
cache-types revert commits on master (#6413) 2019-08-27 17:45:58 -04:00
checks Merge Consul OSS branch 'master' at commit ef257b084d2e2a474889518440515e360d0cd990 2019-07-20 02:00:29 +00:00
config auto_encrypt: verify_incoming_rpc is good enough for auto_encrypt.allow_tls (#6376) 2019-08-27 14:36:36 +02:00
connect revert commits on master (#6413) 2019-08-27 17:45:58 -04:00
consul Store primaries root in secondary after intermediate signature (#6333) 2019-08-30 11:38:46 -04:00
debug
exec
local Store primaries root in secondary after intermediate signature (#6333) 2019-08-30 11:38:46 -04:00
metadata
mock
pool snapshot: add TLS support to HalfCloser interface (#6216) 2019-08-12 12:47:02 -04:00
proxycfg connect: allow 'envoy_cluster_json' escape hatch to continue to function (#6378) 2019-08-22 15:11:56 -05:00
router Simplified code in various places (#6176) 2019-07-20 09:37:19 -04:00
structs connect: ensure time.Duration fields retain their human readable forms in the API (#6348) 2019-08-19 15:31:05 -05:00
systemd
token
xds connect: allow 'envoy_cluster_json' escape hatch to continue to function (#6378) 2019-08-22 15:11:56 -05:00
acl.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
acl_endpoint.go
acl_endpoint_legacy.go
acl_endpoint_legacy_test.go
acl_endpoint_test.go
acl_test.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
agent.go revert commits on master (#6413) 2019-08-27 17:45:58 -04:00
agent_endpoint.go revert commits on master (#6413) 2019-08-27 17:45:58 -04:00
agent_endpoint_test.go Update the v1/agent/service/:service endpoint to output tagged… (#6304) 2019-08-10 09:15:19 -04:00
agent_test.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
bindata_assetfs.go update bindata_assetfs.go 2019-08-23 22:10:50 +00:00
blacklist.go
blacklist_test.go
catalog_endpoint.go resolve circleci config conflicts 2019-07-23 20:18:36 -04:00
catalog_endpoint_test.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
check.go
config.go
config_endpoint.go Centralized Config CLI (#5731) 2019-04-30 16:27:16 -07:00
config_endpoint_test.go handle structs.ConfigEntry decoding similarly to api.ConfigEntry decoding (#6106) 2019-07-12 12:20:30 -05:00
connect_auth.go
connect_ca_endpoint.go
connect_ca_endpoint_test.go connect: Support RSA keys in addition to ECDSA (#6055) 2019-07-30 17:47:39 -04:00
coordinate_endpoint.go
coordinate_endpoint_test.go test: add additional http status code assertions in coordinate HTTP API tests (#6410) 2019-08-29 09:55:05 -05:00
discovery_chain_endpoint.go connect: expose an API endpoint to compile the discovery chain (#6248) 2019-08-02 15:34:54 -05:00
discovery_chain_endpoint_test.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
dns.go Merge Consul OSS branch 'master' at commit e91f73f59249f5756896b10890e9298e7c1fbacc 2019-06-30 02:00:31 +00:00
dns_test.go Merge Consul OSS branch 'master' at commit e91f73f59249f5756896b10890e9298e7c1fbacc 2019-06-30 02:00:31 +00:00
enterprise_delegate_oss.go Update to use a consulent build tag instead of just ent (#5759) 2019-05-01 11:11:27 -04:00
event_endpoint.go
event_endpoint_test.go
health_endpoint.go
health_endpoint_test.go Merge branch 'master' into release/1-6 2019-07-12 14:51:25 -07:00
http.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
http_oss.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
http_oss_test.go
http_test.go test: explicitly run the pprof tests for 1s instead of the 30s default (#6421) 2019-08-29 12:06:50 -05:00
intentions_endpoint.go Implement Mesh Gateways 2019-07-01 16:28:30 -04:00
intentions_endpoint_test.go
keyring.go add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
keyring_test.go add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
kvs_endpoint.go Chunking support (#6172) 2019-07-24 17:06:39 -04:00
kvs_endpoint_test.go
notify.go
notify_test.go
operator_endpoint.go add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
operator_endpoint_test.go add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
prepared_query_endpoint.go
prepared_query_endpoint_test.go Add tagged addresses for services (#5965) 2019-06-17 10:51:50 -04:00
remote_exec.go
remote_exec_test.go Update retries that weren't using retry.R (#6146) 2019-07-16 14:47:45 -06:00
retry_join.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
retry_join_test.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
service_manager.go connect: allow mesh gateways to use central config (#6302) 2019-08-09 15:07:01 -05:00
service_manager_test.go connect: allow mesh gateways to use central config (#6302) 2019-08-09 15:07:01 -05:00
session_endpoint.go
session_endpoint_test.go
sidecar_service.go Ensure Consul is IPv6 compliant (#5468) 2019-06-04 10:02:38 -04:00
sidecar_service_test.go test: don't leak agent goroutines in TestAgent_sidecarServiceFromNodeService (#6396) 2019-08-26 15:19:59 -05:00
signal_unix.go
signal_windows.go
snapshot_endpoint.go
snapshot_endpoint_test.go
status_endpoint.go Allow forwarding of some status RPCs (#6198) 2019-07-25 14:26:22 -04:00
status_endpoint_test.go Fix flaky tests (#6229) 2019-07-29 15:07:25 -04:00
testagent.go test: ensure the node name is a valid dns name (#6424) 2019-08-29 16:52:13 -05:00
testagent_test.go
translate_addr.go Add tagged addresses for services (#5965) 2019-06-17 10:51:50 -04:00
txn_endpoint.go Chunking support (#6172) 2019-07-24 17:06:39 -04:00
txn_endpoint_test.go Chunking support (#6172) 2019-07-24 17:06:39 -04:00
ui_endpoint.go Implement Kind based ServiceDump and caching of the ServiceDump RPC 2019-07-01 16:28:30 -04:00
ui_endpoint_test.go Simplified code in various places (#6176) 2019-07-20 09:37:19 -04:00
user_event.go
user_event_test.go
util.go
util_test.go
watch_handler.go
watch_handler_test.go