Commit graph

10096 commits

Author SHA1 Message Date
Michael Schurter 97bae65b7f
Merge pull request #3735 from hashicorp/docs-tls-demo
Add demo TLS certificates and configs
2018-01-10 15:29:45 -08:00
Alex Dadgar 021114f6ef changelog 2018-01-10 11:48:11 -08:00
Alex Dadgar 9e1e04c6f1
Merge pull request #3727 from filipochnik/fix-gh-2832
Recognize renewing non-renewable Vault lease as fatal
2018-01-10 11:47:10 -08:00
Alex Dadgar c1c975b59e
Merge pull request #3733 from hashicorp/d-merge-community-and-resources
Merge Community and Resources pages
2018-01-10 11:42:02 -08:00
Alex Dadgar 1bb7d47111
Merge pull request #3734 from hashicorp/f-update-terraform-to-0.7.1
Update Terraform configs to use latest versions of Consul, Vault and Nomad
2018-01-10 11:40:40 -08:00
Michael Schurter c6e317f705
Merge pull request #3736 from ronalexssen/master
remove duplicate typo
2018-01-09 16:00:15 -08:00
Michael Schurter 831c6b4e24 Update Consul/rkt/Vault in Vagrant
Needed to update Vault for #3334
2018-01-09 15:57:42 -08:00
Michael Schurter 23d4705f1c
Merge pull request #3722 from hashicorp/b-3697
Fix HTTP code for permission denied errors
2018-01-09 15:49:37 -08:00
Michael Schurter 9f179e9fab Fix HTTP code for permission denied errors
Fixes #3697

The existing code and test case only covered the leader behavior. When
querying against non-leaders the error has an "rpc error: " prefix.

To provide consistency in HTTP error response I also strip the "rpc
error: " prefix for 403 responses as they offer no beneficial additional
information (and in theory disclose a tiny bit of data to unauthorized
users, but it would be a pretty weird bit of data to use in a malicious
way).
2018-01-09 15:25:53 -08:00
Ron Alexssen 19430ba3ad remove duplicate typo 2018-01-09 15:21:30 -08:00
Michael Schurter 3ef1de4c63 Revert "Remove mention of check_restart on service"
This reverts commit 758b98685be4a2997bd0bc54f55b73ac3d0365cc.
2018-01-09 15:18:34 -08:00
Michael Schurter 6b6a14cf7e Revert "Missed header mention of server.check_restart"
This reverts commit 8295f81dddf8b53c0b78707be6fddc6e30f95640.
2018-01-09 15:18:22 -08:00
Michael Schurter 224046ece8 Invert and test CheckRestart merge logic 2018-01-09 15:17:07 -08:00
Michael Schurter 1f6b568322 Move changelog entry from bug fix to feature
It was never really implemented to begin with
2018-01-09 15:17:07 -08:00
Michael Schurter 7c282f174b Fix service.check_restart stanza propagation
There was a bug in jobspec parsing, a bug in CheckRestart merging, and a
bug in CheckRestart canonicalization. All are now tested.
2018-01-09 15:15:36 -08:00
Rob Genova 5d4327baeb Update AWS scripts and README to reflect latest, pre-built AMI 2018-01-09 22:35:58 +00:00
Michael Schurter d316ac70af
Merge pull request #3715 from hashicorp/docs-3685-changelog
Add #3685 to changelog
2018-01-09 14:02:37 -08:00
Michael Schurter 1cc4759025 Add demo TLS certificates and configs
As well as a brief readme and makefile for generating the certificates.
2018-01-09 10:14:42 -08:00
Michael Schurter 189ce7f991
Merge pull request #3723 from hashicorp/b-3702-chown-dirs
chown dirs when migrating ephemeral_disk data
2018-01-09 09:27:26 -08:00
Chelsea Holland Komlo 21ceb0a46b add documentation 2018-01-09 06:34:46 -05:00
Michael Schurter ab56b07101
Merge pull request #3730 from hashicorp/cv-typo-privilege
Fix typo
2018-01-08 17:32:02 -08:00
Michael Schurter e6c27256b7 Test streamed directory ownership 2018-01-08 16:00:07 -08:00
Michael Schurter 2c79ffb213 chown dirs when migrating ephemeral_disk data
Fixes #3702

Added missing chown call and made it conditional on running as root and
not on Windows as we do with files.
2018-01-08 15:31:12 -08:00
Rob Genova 70a0e81af5 Use latest versions of Consul, Vault and Nomad 2018-01-08 22:44:02 +00:00
Michael Schurter 4a8a893f56
Merge pull request #3728 from hashicorp/b-3701-fetch-tls
Include credentials in fetch requests
2018-01-08 14:00:53 -08:00
Rob Genova 9c2ec21daf Add new blog post 2018-01-08 21:42:47 +00:00
Alex Dadgar 332b407d28
Merge pull request #3729 from hashicorp/f-test-log-2
Logger backed by *testing.T
2018-01-08 13:41:58 -08:00
Michael Schurter 0baf168ed0 Improve naming and docs 2018-01-08 13:36:07 -08:00
Rob Genova e5656e6b3c Add redirect from Community page to Resources page 2018-01-08 21:34:26 +00:00
Rob Genova 45d5799830 Remove Community links from header and footer 2018-01-08 21:33:55 +00:00
Rob Genova 149d175996 Merge Community page content into Resources page 2018-01-08 21:33:26 +00:00
Charlie Voiselle 1bb1ab5069 fix typo
Priviledge -> privilege
2018-01-08 15:56:07 -05:00
Michael Schurter bc10061aa2 Logger backed by *testing.T
For capturing log output in tests and only displaying them on failure.

Pulled out of #3241
2018-01-08 12:53:58 -08:00
Michael Schurter 7a77fc69ce Include credentials in fetch requests
Fixes #3701

Relevant spec section:
https://fetch.spec.whatwg.org/#concept-request-credentials-mode
2018-01-08 12:18:03 -08:00
Chelsea Holland Komlo 214d128eb9 reload raft transport layer
fix up linting
2018-01-08 14:52:28 -05:00
Filip Ochnik d265e11c36 Recognize renewing non-renewable Vault lease as fatal 2018-01-08 20:32:31 +01:00
Michael Schurter de62c3e933
Merge pull request #3716 from hashicorp/docs-3713-remove
Remove mention of check_restart on service
2018-01-08 10:53:27 -08:00
Preetha c0166489ab
Merge pull request #3725 from Wintermute1/master
fix(minor typo)
2018-01-08 09:39:17 -06:00
Chelsea Holland Komlo 0708d34135 call reload on agent, client, and server separately 2018-01-08 09:56:31 -05:00
Chelsea Holland Komlo 3f34b59ee6 remove unnecessary nil checks; default case
add tests for TLSConfig object
2018-01-08 09:24:28 -05:00
Chelsea Holland Komlo d9ec538d6a don't ignore error in http reloading
code review feedback
2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo 909bb0af07 refactor rpc listener methods, wait for proper shutdown 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo 6a2432659a code review fixups 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo 9741097406 reloading tls config should be atomic for clients/servers 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo e7bd156ef2 check error on generating tls context 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo 9b0a7a7f7c remove code duplication 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo 4e0dbd23cf prevent races when reloading, fully shut down raft 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo ae7fc4695e fixups from code review
Revert "close raft long-lived connections"

This reverts commit 3ffda28206fcb3d63ad117fd1d27ae6f832b6625.

reload raft connections on changing tls
2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo dfb6a3d9a8 close raft long-lived connections 2018-01-08 09:21:06 -05:00
Chelsea Holland Komlo acd3d1b162 fix up downgrading client to plaintext
add locks around changing server configuration
2018-01-08 09:21:06 -05:00