luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul
History
Hans Hasselberg 02de4c8b76
add primary keys to list keyring (#8522) 
During gossip encryption key rotation it would be nice to be able to see if all nodes are using the same key. This PR adds another field to the json response from `GET v1/operator/keyring` which lists the primary keys in use per dc. That way an operator can tell when a key was successfully setup as primary key.

Based on https://github.com/hashicorp/serf/pull/611 to add primary key to list keyring output:

```json
[
  {
    "WAN": true,
    "Datacenter": "dc2",
    "Segment": "",
    "Keys": {
      "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 6,
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 6
    },
    "PrimaryKeys": {
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 6
    },
    "NumNodes": 6
  },
  {
    "WAN": false,
    "Datacenter": "dc2",
    "Segment": "",
    "Keys": {
      "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 8,
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "PrimaryKeys": {
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "NumNodes": 8
  },
  {
    "WAN": false,
    "Datacenter": "dc1",
    "Segment": "",
    "Keys": {
      "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 3,
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "PrimaryKeys": {
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "NumNodes": 8
  }
]
```

I intentionally did not change the CLI output because I didn't find a good way of displaying this information. There are a couple of options that we could implement later:
* add a flag to show the primary keys
* add a flag to show json output

Fixes #3393.
 		2020-08-18 09:50:24 +02:00
..
authmethod Fix a bunch of unparam lint issues 2020-06-24 13:00:14 -04:00
autopilot Replace goe/verify.Values with testify/require.Equal (#7993) 2020-06-02 12:41:25 -04:00
discoverychain Enable gofmt simplify 2020-06-16 13:21:11 -04:00
fsm fsm: Fix snapshot bug with restoring node/service/check indexes 2020-08-11 11:49:52 -07:00
prepared_query Enable gofmt simplify 2020-06-16 13:21:11 -04:00
state state: remove unused Store method receiver 2020-08-13 11:25:22 -04:00
stream stream: close all subs when EventProcessor is shutdown. 2020-07-22 19:04:10 -04:00
testdata
wanfed wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
acl.go Remove ACLsEnabled from delegate interface 2020-07-03 17:00:20 -04:00
acl_authmethod.go ACL Node Identities (#7970) 2020-06-16 12:54:27 -04:00
acl_authmethod_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_authmethod_test.go acl: refactor the authmethod.Validator interface (#7760) 2020-05-01 17:35:28 -05:00
acl_client.go Remove ACLsEnabled from delegate interface 2020-07-03 17:00:20 -04:00
acl_endpoint.go Merge pull request #8237 from hashicorp/dnephin/remove-acls-enabled-from-delegate 2020-07-09 16:35:43 -04:00
acl_endpoint_legacy.go Merge pull request #8237 from hashicorp/dnephin/remove-acls-enabled-from-delegate 2020-07-09 16:35:43 -04:00
acl_endpoint_oss.go acl: add auth method for JWTs (#7846) 2020-05-11 20:59:29 -05:00
acl_endpoint_test.go ci: Add ineffsign linter 2020-06-16 17:32:50 -04:00
acl_oss.go Allow the PolicyResolve and RoleResolve endpoints to process na… (#7296) 2020-02-13 14:55:27 -05:00
acl_oss_test.go
acl_replication.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
acl_replication_legacy.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
acl_replication_legacy_test.go AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
acl_replication_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
acl_replication_types.go AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
acl_server.go auto_config implies connect (#8433) 2020-08-07 12:02:02 +02:00
acl_server_oss.go Allow the bootstrap endpoint to be disabled in enterprise. (#7614) 2020-04-14 11:45:39 -04:00
acl_test.go testutil: NewLogBuffer - buffer logs until a test fails 2020-07-21 12:50:40 -04:00
acl_token_exp.go Remove ACLsEnabled from delegate interface 2020-07-03 17:00:20 -04:00
acl_token_exp_test.go
auto_config_endpoint.go Agent Auto Config: Implement Certificate Generation (#8360) 2020-07-28 15:31:48 -04:00
auto_config_endpoint_test.go testing: Remove all the defer os.Removeall 2020-08-14 19:58:53 -04:00
auto_encrypt.go Fix issue with changing the agent token causing failure to renew the auto-encrypt certificate 2020-07-21 12:19:25 -04:00
auto_encrypt_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
auto_encrypt_endpoint_test.go Allow setting verify_incoming* when using auto_encrypt or auto_config (#8394) 2020-07-30 10:15:12 -04:00
auto_encrypt_test.go Fix issue with changing the agent token causing failure to renew the auto-encrypt certificate 2020-07-21 12:19:25 -04:00
autopilot.go
autopilot_oss.go
autopilot_test.go testing: Remove NotifyShutdown 2020-08-07 17:14:44 -04:00
catalog_endpoint.go Set enterprise metadata after resolving the token (#8302) 2020-07-13 13:39:57 -05:00
catalog_endpoint_test.go agent/consul: Add support for NotModified to two endpoints 2020-07-02 17:05:46 -04:00
client.go Rename NewClient/NewServer 2020-08-05 14:00:55 -04:00
client_serf.go agent: differentiate wan vs lan loggers in memberlist and serf (#7205) 2020-02-05 09:52:43 -06:00
client_test.go testing: Remove all the defer os.Removeall 2020-08-14 19:58:53 -04:00
cluster_test.go A couple testing helper updates (#7694) 2020-04-27 12:17:38 -04:00
config.go testing: Remove NotifyShutdown 2020-08-07 17:14:44 -04:00
config_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
config_endpoint_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
config_replication.go various tweaks on top of the hclog work (#7165) 2020-01-29 11:16:08 -06:00
config_replication_test.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
connect_ca_endpoint.go Move connect root retrieval and cert signing logic out of the RPC endpoints (#8364) 2020-07-24 10:00:51 -04:00
connect_ca_endpoint_test.go
consul_ca_delegate.go connect: derive connect certificate serial numbers from a memdb index instead of the provider table max index (#7011) 2020-01-09 16:32:19 +01:00
coordinate_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
coordinate_endpoint_test.go Replace goe/verify.Values with testify/require.Equal (#7993) 2020-06-02 12:41:25 -04:00
discovery_chain_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
discovery_chain_endpoint_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
enterprise_client_oss.go Sync some feature flag support from enterprise (#7167) 2020-01-29 13:21:38 -05:00
enterprise_config_oss.go
enterprise_server_oss.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
federation_state_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
federation_state_endpoint_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
federation_state_replication.go server: don't activate federation state replication or anti-entropy until all servers are running 1.8.0+ (#8014) 2020-06-04 16:05:27 -05:00
federation_state_replication_test.go fix flaky TestReplication_FederationStates test due to race conditions (#7612) 2020-04-09 15:42:41 -05:00
filter.go Updates to the Txn API for namespaces (#7172) 2020-01-30 13:12:26 -05:00
filter_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
flood.go agent: refactor to use a single addrFn 2020-05-05 21:08:10 +02:00
gateway_locator.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
gateway_locator_test.go agent: handle re-bootstrapping in a secondary datacenter when WAN federation via mesh gateways is configured (#7931) 2020-05-27 11:31:10 -05:00
health_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
health_endpoint_test.go acl: remove the deprecated `acl_enforce_version_8` option (#7991) 2020-05-29 16:16:03 -05:00
helper_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
intention_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
intention_endpoint_test.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
internal_endpoint.go add primary keys to list keyring (#8522) 2020-08-18 09:50:24 +02:00
internal_endpoint_test.go Internal endpoint to query intentions associated with a gateway (#8400) 2020-08-11 17:20:41 -06:00
issue_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
kvs_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
kvs_endpoint_test.go ci: Enabled SA2002 staticcheck check 2020-06-05 17:50:11 -04:00
leader.go Remove ACLsEnabled from delegate interface 2020-07-03 17:00:20 -04:00
leader_connect.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
leader_connect_oss.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
leader_connect_oss_test.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
leader_connect_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
leader_federation_state_ae.go Ensure that retryLoopBackoff can be cancelled 2020-06-24 12:41:08 -04:00
leader_federation_state_ae_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
leader_routine_manager.go Fix a number of problems found by staticcheck 2020-05-19 16:50:14 -04:00
leader_routine_manager_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
leader_test.go testing: remove unnecessary defers in tests 2020-08-07 17:28:16 -04:00
logging.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
logging_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
merge.go agent: don't let left nodes hold onto their node-id (#7747) 2020-05-04 18:39:08 +02:00
merge_test.go
operator_autopilot_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
operator_autopilot_endpoint_test.go
operator_endpoint.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
operator_raft_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
operator_raft_endpoint_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
options.go Implement Client Agent Auto Config 2020-06-17 16:49:46 -04:00
prepared_query_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
prepared_query_endpoint_test.go DNS: add IsErrQueryNotFound function for easier error evaluation 2020-07-01 03:41:44 +01:00
raft_rpc.go
replication.go server: don't activate federation state replication or anti-entropy until all servers are running 1.8.0+ (#8014) 2020-06-04 16:05:27 -05:00
replication_test.go Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
rpc.go Refactor keyring ops: 2020-08-11 13:42:03 +02:00
rpc_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
rtt.go
rtt_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
segment_oss.go Fix spelling of deregister (#7804) 2020-05-08 10:03:45 -04:00
serf_test.go
server.go testing: Remove NotifyShutdown 2020-08-07 17:14:44 -04:00
server_connect.go Move connect root retrieval and cert signing logic out of the RPC endpoints (#8364) 2020-07-24 10:00:51 -04:00
server_lookup.go Fix ACL mode advertisement and detection (#7451) 2020-03-16 12:54:45 -04:00
server_lookup_test.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
server_oss.go Move GatewayServices out of Internal 2020-06-12 13:46:47 -06:00
server_serf.go server: don't activate federation state replication or anti-entropy until all servers are running 1.8.0+ (#8014) 2020-06-04 16:05:27 -05:00
server_test.go testing: Remove all the defer os.Removeall 2020-08-14 19:58:53 -04:00
session_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
session_endpoint_test.go acl: remove the deprecated `acl_enforce_version_8` option (#7991) 2020-05-29 16:16:03 -05:00
session_timers.go
session_timers_test.go
session_ttl.go agent: add server raft.{last,applied}_index gauges (#6694) 2020-02-11 10:50:18 +01:00
session_ttl_test.go OSS Modifications necessary for sessions namespacing 2019-11-25 12:07:04 -05:00
snapshot_endpoint.go pool: remove timeout parameter 2020-05-29 08:21:28 +02:00
snapshot_endpoint_test.go pool: remove useTLS and ForceTLS 2020-05-29 08:21:24 +02:00
stats_fetcher.go pool: remove version 2020-05-28 23:06:01 +02:00
stats_fetcher_test.go ci: Add staticcheck and fix most errors 2020-05-28 11:59:58 -04:00
status_endpoint.go
status_endpoint_test.go pool: remove useTLS and ForceTLS 2020-05-29 08:21:24 +02:00
txn_endpoint.go Rename (*Server).forward to (*Server).ForwardRPC 2020-07-08 11:05:44 -04:00
txn_endpoint_test.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
util.go Remove bytesToUint64 from agent/consul 2020-06-18 12:45:43 -04:00
util_test.go Remove bytesToUint64 from agent/consul 2020-06-18 12:45:43 -04:00