Michael Schurter
01816af088
Node.List ACL enforcement
2017-09-14 22:01:18 -07:00
Michael Schurter
aca9e337aa
Node.GetAllocs ACL enforcement
2017-09-14 21:42:19 -07:00
Michael Schurter
369ab10405
Fix comments for Node ACL tests
2017-09-14 21:41:26 -07:00
Michael Schurter
4fc44c686c
Node.GetNode ACL enforcement
2017-09-14 20:59:18 -07:00
Michael Schurter
21ee5f4720
Node.Evaluate ACL enforcement
2017-09-14 20:41:44 -07:00
Michael Schurter
0cfaaa0a4d
Node.UpdateDrain ACL enforcement
2017-09-14 20:33:31 -07:00
Michael Schurter
41c05782b3
Add NodePolicy test helper
2017-09-14 20:33:12 -07:00
Michael Schurter
aca3bebb0a
Alloc.GetAlloc ACL enforcement
2017-09-14 17:44:57 -07:00
Michael Schurter
f5faf97650
Alloc.List ACL enforcement
2017-09-14 17:43:17 -07:00
Michael Schurter
573a0df03d
Watched -> TriggersRestart
...
Watched was a silly name
2017-09-14 16:48:39 -07:00
Michael Schurter
d299d42089
Canonicalize and Merge CheckRestart in api
2017-09-14 16:48:39 -07:00
Michael Schurter
ade29ecbed
Improve check watcher logging and add tests
...
Also expose a mock Consul Agent to allow testing ServiceClient and
checkWatcher from TaskRunner without actually talking to a real Consul.
2017-09-14 16:47:41 -07:00
Michael Schurter
a180c00fc3
on_warning=false -> ignore_warnings=false
...
Treat warnings as unhealthy by default
2017-09-14 16:46:54 -07:00
Michael Schurter
22690c5f4c
Add check watcher for restarting unhealthy tasks
2017-09-14 16:46:54 -07:00
Michael Schurter
b35d208428
Nest restart fields in CheckRestart
2017-09-14 16:46:54 -07:00
Michael Schurter
bf34505509
Add restart fields
2017-09-14 16:46:54 -07:00
Chelsea Komlo
3b857c5e8f
Merge pull request #3213 from hashicorp/f-acl-job-summary
...
Add job endpoint ACL
2017-09-14 18:21:19 -04:00
Alex Dadgar
3904bde9a3
Fix batch handling of complete allocs/node drains
...
This PR fixes:
* An issue in which a node-drain that contains a complete batch alloc
would cause a replacement
* An issue in which allocations with the same name during a scale
down/stop event wouldn't be properly stopped.
* An issue in which batch allocations from previous job versions may not
have been stopped properly.
Fixes https://github.com/hashicorp/nomad/issues/3210
2017-09-14 15:08:57 -07:00
Alex Dadgar
567eef50a8
Address feedback
2017-09-14 14:28:43 -07:00
Alex Dadgar
6911bd7676
Worker waits til max ModifyIndex across EvalsByJob
...
This PR fixes a scheduling race condition in which the plan results from
one invocation of the scheduler were not being considered by the next
since the Worker was not waiting for the correct index.
Fixes https://github.com/hashicorp/nomad/issues/3198
2017-09-14 14:28:43 -07:00
Chelsea Holland Komlo
be7efd71d4
fixups from code review
2017-09-14 20:14:38 +00:00
Chelsea Holland Komlo
0d28c95b6b
use separate response object
2017-09-14 19:17:05 +00:00
Chelsea Holland Komlo
79abb9810b
update to use ACL test helpers
2017-09-14 19:08:25 +00:00
Chelsea Holland Komlo
3eff2a06c5
add job endpoint ACL
2017-09-14 18:17:35 +00:00
Alex Dadgar
fa2dd57071
Merge pull request #3205 from hashicorp/f-deployment-acl
...
Deployment.GetDeployment ACL enforcement
2017-09-14 10:50:17 -07:00
Alex Dadgar
1e644393aa
review feeback
2017-09-14 10:50:04 -07:00
Alex Dadgar
9b997d2670
fix multierror merge
2017-09-13 21:48:52 -07:00
Alex Dadgar
0de4df881f
Merge pull request #3203 from hashicorp/b-search-hyphens
...
Fix UUID search with hyphens
2017-09-13 15:45:22 -07:00
Alex Dadgar
4b947222a8
Deployment.GetDeployment ACL enforcement
2017-09-13 11:44:23 -07:00
Alex Dadgar
54e04b5c0e
Merge pull request #3201 from hashicorp/b-periodic-restore
...
Fix restoration of stopped periodic jobs
2017-09-13 11:42:29 -07:00
Alex Dadgar
a2363e7583
sync acls
2017-09-13 11:38:29 -07:00
Alex Dadgar
fb67f76b7b
Fix UUID search with hyphens
...
This PR fixes:
* UUID lookup with hyphens and odd length. The math was wrong. There is
now a test that ranges over all possible values.
* Fixes an unreported issue that could be hit when a job has more than 4
hyphens in it as UUID lookup doesn't allow that.
Fixes https://github.com/hashicorp/nomad/issues/3141
2017-09-13 10:28:42 -07:00
Alex Dadgar
e3dbcdcb44
Fix restoration of stopped periodic jobs
...
This PR fixes an issue in which we would add a stopped periodic job to
the periodic launcher.
2017-09-12 14:25:40 -07:00
Alex Dadgar
5aa8f1a82e
pass in uid to codecgen
2017-09-11 15:40:27 -07:00
Armon Dadgar
3d5ecaafff
Address @dadgar feedback
2017-09-11 10:30:59 -07:00
Armon Dadgar
20a8e590a0
nomad: support ACL bootstrap reset
2017-09-10 16:03:30 -07:00
Alex Dadgar
d329fbe54d
Fix search contexts
2017-09-07 17:13:18 -07:00
Alex Dadgar
84d06f6abe
Sync namespace changes
2017-09-07 17:04:21 -07:00
Alex Dadgar
abfc56a871
WatchCtx propogates context error
2017-09-06 17:37:40 -07:00
Armon Dadgar
1c7fb1bfbb
Remove generated structs
2017-09-04 13:33:37 -07:00
Armon Dadgar
10500c39e5
nomad: fixing test
2017-09-04 13:21:01 -07:00
Armon Dadgar
e74ea8a152
nomad: use hashes for efficient token/policy diffing
2017-09-04 13:09:34 -07:00
Armon Dadgar
97404e3f8c
nomad: compute hash for ACL policies and tokens
2017-09-04 13:09:34 -07:00
Armon Dadgar
99c1001b2c
nomad: avoid replication consistency issues by setting MinQueryIndex
2017-09-04 13:07:44 -07:00
Armon Dadgar
b8bf35f087
ACL RPCs allow stale reads for scalability
2017-09-04 13:07:44 -07:00
Armon Dadgar
ac6283c31f
nomad: enforce ACLs on job submit
2017-09-04 13:05:53 -07:00
Armon Dadgar
6f5150a227
nomad: allow getting policies which are subset of token, fixes client resolution
2017-09-04 13:05:53 -07:00
Armon Dadgar
387a8a923b
nomad: adding policy subset check
2017-09-04 13:05:53 -07:00
Armon Dadgar
18ddb910fa
nomad: forward DeleteToken requests for global tokens
2017-09-04 13:05:53 -07:00
Armon Dadgar
b807f5df6f
nomad: forward UpsertToken requests for global tokens
2017-09-04 13:05:53 -07:00
Armon Dadgar
3e46094cee
Passthrough replication token for token/policy replication
2017-09-04 13:05:53 -07:00
Armon Dadgar
855240b1b5
nomad: ACL endpoints enforce permissions
2017-09-04 13:05:53 -07:00
Armon Dadgar
ddcc5f89bc
Add ErrPermissionDenied, rename TokenNotFound
2017-09-04 13:05:53 -07:00
Armon Dadgar
304a02d93b
nomad: Add SecretID to QueryOptions and WriteMeta
2017-09-04 13:05:53 -07:00
Armon Dadgar
4bda2fa9e9
nomad: ACL endpoints check support enabled and redirect to authority
2017-09-04 13:05:53 -07:00
Armon Dadgar
e24a4abf2c
nomad: adding ACL bootstrap endpoints
2017-09-04 13:05:53 -07:00
Armon Dadgar
1ace912341
nomad: adding bootstrapping checks
2017-09-04 13:05:53 -07:00
Armon Dadgar
06a7f12fad
nomad: adding bootstrap state store method
2017-09-04 13:05:53 -07:00
Armon Dadgar
76a03f2d8e
Address @dadgar feedback
2017-09-04 13:05:53 -07:00
Armon Dadgar
e7586a80df
nomad: Switch from SHA1 to Blake2 @chelseakomlo
2017-09-04 13:05:36 -07:00
Armon Dadgar
fc23a4e7e5
structs: sort policies to avoid order dependence for caching
2017-09-04 13:05:36 -07:00
Armon Dadgar
459c2b6fa7
nomad: switch policy/token replication to use batch endpoints
2017-09-04 13:05:36 -07:00
Armon Dadgar
edc38185cc
noamd: Adding batch fetch endpoints for ACL tokens and policies
2017-09-04 13:05:36 -07:00
Armon Dadgar
6a9d4e2dc3
nomad: Adding token resolution endpoint
2017-09-04 13:05:36 -07:00
Armon Dadgar
d9c56725d0
nomad: refactor to use CompileACLObject and handle anonymous token
2017-09-04 13:05:35 -07:00
Armon Dadgar
98e0f98f7e
structs: Adding ACL compilation helper
2017-09-04 13:05:35 -07:00
Armon Dadgar
583e654246
structs: cache key helper for policy list
2017-09-04 13:05:35 -07:00
Armon Dadgar
3efdf1f7d9
Address @chelseakomlo comments
2017-09-04 13:04:45 -07:00
Armon Dadgar
99cea1ac23
Moving shared ACL objects
2017-09-04 13:04:45 -07:00
Armon Dadgar
dc1904b57a
nomad: adding ACL token resolution logic
2017-09-04 13:04:45 -07:00
Armon Dadgar
018973aea8
Address @dadgar feedback
2017-09-04 13:04:45 -07:00
Armon Dadgar
5a3a931ec5
nomad: adding global token replication
2017-09-04 13:04:45 -07:00
Armon Dadgar
583a11cebd
nomad: Adding ability to filter list of tokens to global only
2017-09-04 13:04:45 -07:00
Armon Dadgar
cb827b6696
nomad: adding policy replication support
2017-09-04 13:04:45 -07:00
Armon Dadgar
7d4aa1975f
agent: thread through ACL config to Server
2017-09-04 13:04:45 -07:00
Armon Dadgar
bc697dc50e
Address @dadgar feedback
2017-09-04 13:04:45 -07:00
Armon Dadgar
30b607987e
nomad: generate accessor/secret ID server side
2017-09-04 13:04:45 -07:00
Armon Dadgar
bd2db18c80
agent: Adding HTTP endpoints for ACL tokens
2017-09-04 13:04:45 -07:00
Armon Dadgar
f91d2608cb
nomad: renambe PublicID to AccessorID for consistency
2017-09-04 13:04:45 -07:00
Armon Dadgar
e5c69f162c
nomad: implement ACL token endpoints
2017-09-04 13:04:45 -07:00
Armon Dadgar
e9bad0bf37
nomad: Add ACL Token snapshot/restore to FSM
2017-09-04 13:04:45 -07:00
Armon Dadgar
a17991e907
nomad: CRUD methods for ACLTokens
2017-09-04 13:04:45 -07:00
Armon Dadgar
8623bf9a5b
nomad: adding ACLToken table
2017-09-04 13:04:45 -07:00
Armon Dadgar
e9c583807a
nomad: adding ACLToken struct
2017-09-04 13:04:45 -07:00
Armon Dadgar
cde8e9301b
nomad: fixing state store tests due to signature mismatch
2017-09-04 13:04:44 -07:00
Armon Dadgar
3702587667
nomad: Adding Validate for ACLPolicy
2017-09-04 13:04:44 -07:00
Armon Dadgar
11672e4e01
nomad: adding validation of policy name and rules
2017-09-04 13:03:15 -07:00
Armon Dadgar
18e6053b58
agent: Adding ACL Policy endpoints
2017-09-04 13:03:15 -07:00
Armon Dadgar
d52e099fc2
Addressing @dadgar feedback
2017-09-04 13:03:15 -07:00
Armon Dadgar
afdde24799
nomad: adding upsert policy endpoint
2017-09-04 13:03:15 -07:00
Armon Dadgar
e3e243f433
nomad: implement policy delete endpoint
2017-09-04 13:03:15 -07:00
Armon Dadgar
e4f5f305ea
nomad: adding Get/List endpoints for ACL policies
2017-09-04 13:03:15 -07:00
Armon Dadgar
8a4dda8577
nomad: update method signature for tests
2017-09-04 13:03:15 -07:00
Armon Dadgar
f147f25fe5
Addressing @dadgar review feedback
2017-09-04 13:03:15 -07:00
Armon Dadgar
351afa0069
nomad: Upsert and Delete ACL policies can take a list
2017-09-04 13:03:14 -07:00
Armon Dadgar
10b583ea38
nomad: adding FSM snapshot/restore of ACL policies
2017-09-04 13:03:14 -07:00
Armon Dadgar
4cb544e8f3
nomad: Adding CRUD to state store for ACL Policies
2017-09-04 13:03:14 -07:00
Armon Dadgar
85cad11885
nomad: adding policy table to state store
2017-09-04 13:03:14 -07:00
Alex Dadgar
ad87c6fba5
Include google compare library
2017-09-01 16:42:09 -07:00
Alex Dadgar
26e66ed1c5
fix checking of context error
2017-09-01 09:53:09 -07:00