Armon Dadgar
|
d49bc49274
|
api: full CRUD for ACL token API
|
2017-09-04 13:09:34 -07:00 |
|
Armon Dadgar
|
4512094058
|
api: support token listing
|
2017-09-04 13:09:34 -07:00 |
|
Armon Dadgar
|
1e9f19ef40
|
api: support querying policies
|
2017-09-04 13:09:34 -07:00 |
|
Armon Dadgar
|
41249d9b6a
|
api: support policy delete
|
2017-09-04 13:09:34 -07:00 |
|
Armon Dadgar
|
147471ffbf
|
api: Adding support for ACL tokens
|
2017-09-04 13:09:34 -07:00 |
|
Armon Dadgar
|
1062637abd
|
testutil: Allow enabling ACLs
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
32d0df2a36
|
Address @dadgar feedback
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
99c1001b2c
|
nomad: avoid replication consistency issues by setting MinQueryIndex
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
b8bf35f087
|
ACL RPCs allow stale reads for scalability
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
31b39f8a71
|
website: add missing space
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
0dabcb8659
|
agent: fix routing for token-specific request
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
dac5ebcc94
|
website: complete ACL guide
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
f744366f07
|
website: filling in ACL guide
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
8956f665a7
|
website: pointing to ACL guide
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
a712a83f1b
|
website: Document ACL APIs and configuration
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
568ccf0485
|
vendoring blake2b
|
2017-09-04 13:07:44 -07:00 |
|
Armon Dadgar
|
af9caef4b9
|
Adding a comment to address @dadgar
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
f1c4143a62
|
agent: thread ACLs for Job Register
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
ac6283c31f
|
nomad: enforce ACLs on job submit
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
6f5150a227
|
nomad: allow getting policies which are subset of token, fixes client resolution
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
387a8a923b
|
nomad: adding policy subset check
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
f31cd6a618
|
client: fixing policy resolution after ACL endpoint enforcement
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
18ddb910fa
|
nomad: forward DeleteToken requests for global tokens
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
b807f5df6f
|
nomad: forward UpsertToken requests for global tokens
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
5c94e7e99f
|
agent: thread through token for ACL endpoint tests
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
3e46094cee
|
Passthrough replication token for token/policy replication
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
855240b1b5
|
nomad: ACL endpoints enforce permissions
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
ddcc5f89bc
|
Add ErrPermissionDenied, rename TokenNotFound
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
4107335cb2
|
agent: Adding X-Nomad-Token header parsing
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
304a02d93b
|
nomad: Add SecretID to QueryOptions and WriteMeta
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
4bda2fa9e9
|
nomad: ACL endpoints check support enabled and redirect to authority
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
866fe5e216
|
nomad: adding ACL bootstrapping endpoint
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
e24a4abf2c
|
nomad: adding ACL bootstrap endpoints
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
1ace912341
|
nomad: adding bootstrapping checks
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
06a7f12fad
|
nomad: adding bootstrap state store method
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
76a03f2d8e
|
Address @dadgar feedback
|
2017-09-04 13:05:53 -07:00 |
|
Armon Dadgar
|
e7586a80df
|
nomad: Switch from SHA1 to Blake2 @chelseakomlo
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
fc23a4e7e5
|
structs: sort policies to avoid order dependence for caching
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
e3f32ca6f1
|
client: adding token resolution logic
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
459c2b6fa7
|
nomad: switch policy/token replication to use batch endpoints
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
edc38185cc
|
noamd: Adding batch fetch endpoints for ACL tokens and policies
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
6a9d4e2dc3
|
nomad: Adding token resolution endpoint
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
688897561b
|
client: adding token cache for ACL resolution
|
2017-09-04 13:05:36 -07:00 |
|
Armon Dadgar
|
d9c56725d0
|
nomad: refactor to use CompileACLObject and handle anonymous token
|
2017-09-04 13:05:35 -07:00 |
|
Armon Dadgar
|
98e0f98f7e
|
structs: Adding ACL compilation helper
|
2017-09-04 13:05:35 -07:00 |
|
Armon Dadgar
|
583e654246
|
structs: cache key helper for policy list
|
2017-09-04 13:05:35 -07:00 |
|
Armon Dadgar
|
c2e72e8a9c
|
client: create ACL and Policy cache
|
2017-09-04 13:05:35 -07:00 |
|
Armon Dadgar
|
792f176a44
|
agent: thread ACL config to client
|
2017-09-04 13:04:45 -07:00 |
|
Armon Dadgar
|
3efdf1f7d9
|
Address @chelseakomlo comments
|
2017-09-04 13:04:45 -07:00 |
|
Armon Dadgar
|
99cea1ac23
|
Moving shared ACL objects
|
2017-09-04 13:04:45 -07:00 |
|