Commit graph

16173 commits

Author SHA1 Message Date
Mahmood Ali d8ce90dde6 circleci: fix test reports and some refactoring 2019-08-12 20:30:20 -04:00
Preetha Appan 72e45dd01e
More code review feedback 2019-08-12 17:41:40 -05:00
Preetha 76c8a11b31
Apply suggestions from code review
Co-Authored-By: Michael Schurter <mschurter@hashicorp.com>
2019-08-12 17:03:30 -05:00
Michael Schurter 83dbac65b2 docker: reword FromSlash(hostPath) comment 2019-08-12 14:38:31 -07:00
Ryan Lewkowicz c407db6ade bumped hadoop version 2019-08-12 16:40:04 -04:00
Tim Gross 03433f35d4 client/template: configuration for function blacklist and sandboxing
When rendering a task template, the `plugin` function is no longer
permitted by default and will raise an error. An operator can opt-in
to permitting this function with the new `template.function_blacklist`
field in the client configuration.

When rendering a task template, path parameters for the `file`
function will be treated as relative to the task directory by
default. Relative paths or symlinks that point outside the task
directory will raise an error. An operator can opt-out of this
protection with the new `template.disable_file_sandbox` field in the
client configuration.
2019-08-12 16:34:48 -04:00
Tim Gross bf8b27c4c7 update consul-template to latest version
pulls in configuration option for blacklisting template functions from:
https://github.com/hashicorp/consul-template/pull/1243
https://github.com/hashicorp/consul-template/pull/1246

pulls in configuration option for file sandboxing from:
https://github.com/hashicorp/consul-template/pull/1249
https://github.com/hashicorp/consul-template/pull/1254

pulls in vault KVv2 read fixes from:
https://github.com/hashicorp/consul-template/pull/1253
2019-08-12 16:34:48 -04:00
Preetha Appan 219dc05541
Fix type for kind 2019-08-12 14:39:50 -05:00
Preetha Appan 35506c516d
Improve validation logic and add table driven tests 2019-08-12 14:39:50 -05:00
Preetha Appan d324a9864e
Add validation for kind field if it is a consul connect proxy 2019-08-12 14:39:50 -05:00
Danielle d94244716c
Merge pull request #5681 from hashicorp/dani/circleci
Add CircleCI Configuration
2019-08-12 20:35:13 +02:00
Danielle Lancashire 80b8913745
api requires mount 2019-08-12 18:48:25 +02:00
Danielle Lancashire a5bac88aff
Add maketask for manual image builds 2019-08-12 18:42:12 +02:00
Danielle Lancashire f64b26fc3b
fix paths 2019-08-12 18:41:37 +02:00
Danielle Lancashire 083e9b1276
update docker file and switch to go 1.12.7 2019-08-12 18:41:37 +02:00
Danielle Lancashire c87ef42a3e
ci: Generate structs when testing 2019-08-12 18:41:37 +02:00
Danielle Lancashire e209bc3ac3
Use script to install protoc 2019-08-12 18:41:36 +02:00
Danielle Lancashire 892c322299
DRY up config 2019-08-12 18:41:36 +02:00
Danielle Lancashire f90c9f5214
makefile: Recover verbose handling 2019-08-12 18:41:36 +02:00
Danielle Lancashire c4bd6b45f3
Don't log env 2019-08-12 18:41:36 +02:00
Danielle Lancashire 27e72bbadd
Test Rocket 2019-08-12 18:41:36 +02:00
Danielle Tomlinson 886486e694
ci: Migrate to CircleCI
This commit provides an initial migration of general testing CI
infrastructure to CircleCI.

It uses CircleCI 2.1 paramereterised jobs to provide two base
configurations: a vm based `test-machine`, and docker based
`test-container`.

Jobs that require root, docker, or other similar features require the
machine based jobs, but others should be ran using the `test-container` package
as they are both cheaper and faster to run.
2019-08-12 18:41:36 +02:00
ilya guterman 92ce8a0a49 Update utils.go 2019-08-12 19:31:34 +03:00
Ilya Guterman c4b4d7fa43 add comment 2019-08-12 19:31:33 +03:00
Ilya Guterman 52aab40fb3 driver/docker: convert host bind path to os native
relative mounting can be specified using backslashes or forward slashes.
so no prior knowledge of host OS is needed for relative volumes mounting
2019-08-12 19:31:33 +03:00
Mahmood Ali 20c44b4214
Merge pull request #6068 from hashicorp/r-always-honor-gotags
make: always honor GO_TAGS in dev
2019-08-12 11:22:48 -04:00
Tim Gross 58c395aa9c
tests: partial revert of splitting-out command pkg tests (#6101)
GOTEST_PKG_EXCLUDE overrides GOTEST_PKG entirely, so having both in
the same test run isn't supported and results in a whole lot of extra
tests being run.
2019-08-12 11:03:04 -04:00
Danielle 1fd9ef61f0
Merge pull request #6100 from hashicorp/f-host-volumes
Host Volumes Support: Rollup Edition
2019-08-12 16:58:37 +02:00
Danielle Lancashire 7e6c8e5ac1
Copy documentation to api/tasks 2019-08-12 16:22:27 +02:00
Danielle Lancashire dec1a58b47
fixup rebase 2019-08-12 15:41:14 +02:00
Danielle Lancashire b38c1d810e
job_endpoint: Validate volume permissions 2019-08-12 15:39:09 +02:00
Danielle Lancashire 5f734652f2
acl: Add HostVolume ACLs
This adds an initial implementation of ACLs for HostVolumes.

Because HostVolumes are a cluster-wide resource, they cannot be tied to
a namespace, thus here we allow similar wildcard definitions based on
their names, tied to a set of capabilities.

Initially, the only available capabilities are deny, or mount. These
may be extended in the future to allow read-fs, mount-readonly and
similar capabilities.
2019-08-12 15:39:09 +02:00
Danielle Lancashire 7208a7ab88
command: Cleanup node-status 2019-08-12 15:39:09 +02:00
Danielle Lancashire 333fdd723b
cli: Display host volume info in nomad node status 2019-08-12 15:39:09 +02:00
Danielle Lancashire 6caac09743
api: Add HostVolumeInfo to response parsing 2019-08-12 15:39:09 +02:00
Danielle Lancashire 33db40d4e6
structs: Document VolumeMount 2019-08-12 15:39:08 +02:00
Danielle Lancashire 861caa9564
HostVolumeConfig: Source -> Path 2019-08-12 15:39:08 +02:00
Danielle Lancashire e132a30899
structs: Unify Volume and VolumeRequest 2019-08-12 15:39:08 +02:00
Danielle fc53283489
Update scheduler/feasible.go
Co-Authored-By: Mahmood Ali <mahmood@hashicorp.com>
2019-08-12 15:39:08 +02:00
Danielle Lancashire 6ef8d5233e
client: Add volume_hook for mounting volumes 2019-08-12 15:39:08 +02:00
Danielle Lancashire 073836ec67
scheduler: Add a feasability checker for Host Vols 2019-08-12 15:39:08 +02:00
Danielle Lancashire 01f3fe13fb
api: Allow submission of jobs with volumes 2019-08-12 15:39:08 +02:00
Danielle Lancashire 063e4240c1
client: Add parsing and registration of HostVolume configuration 2019-08-12 15:39:08 +02:00
Danielle Lancashire 6d7b417e54
structs: Add declarations of basic structs for volume support 2019-08-12 15:39:08 +02:00
Danielle Lancashire b45bd36230
jobspec: Add Volume and VolumeMount declarations 2019-08-12 15:39:07 +02:00
lchayoun ca892163b2 allow dash in non generated environment variable names 2019-08-11 12:51:42 +03:00
Nick Ethier 1871c1edbc
Add sidecar_task stanza parsing (#6104)
* jobspec: breakup parse.go into smaller files

* add sidecar_task parsing to jobspec and api

* jobspec: combine service parsing logic for task and group service stanzas

* api: use slice of ConsulUpstream values instead of pointers
2019-08-09 15:18:53 -04:00
David Cohen e69865264b syntax fix; add example for alloc exec -task 2019-08-09 10:16:45 -04:00
Tim Gross 8e9d01ade8
tests: break out command, command/agent on Travis (#6094)
The command and command/agent packages are taking 5+ minutes on Travis
and this contributes to build timeouts. While this doesn't address
underlying issues, breaking these out can reduce re-runs until that
work is done.
2019-08-09 08:25:11 -04:00
Michael Lange 38fce53936 Prevent a change in height when switching from a dir to a file 2019-08-08 15:41:47 -07:00