Armon Dadgar
|
a712a83f1b
|
website: Document ACL APIs and configuration
|
2017-09-04 13:07:44 -07:00 |
Armon Dadgar
|
568ccf0485
|
vendoring blake2b
|
2017-09-04 13:07:44 -07:00 |
Armon Dadgar
|
af9caef4b9
|
Adding a comment to address @dadgar
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
f1c4143a62
|
agent: thread ACLs for Job Register
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
ac6283c31f
|
nomad: enforce ACLs on job submit
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
6f5150a227
|
nomad: allow getting policies which are subset of token, fixes client resolution
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
387a8a923b
|
nomad: adding policy subset check
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
f31cd6a618
|
client: fixing policy resolution after ACL endpoint enforcement
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
18ddb910fa
|
nomad: forward DeleteToken requests for global tokens
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
b807f5df6f
|
nomad: forward UpsertToken requests for global tokens
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
5c94e7e99f
|
agent: thread through token for ACL endpoint tests
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
3e46094cee
|
Passthrough replication token for token/policy replication
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
855240b1b5
|
nomad: ACL endpoints enforce permissions
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
ddcc5f89bc
|
Add ErrPermissionDenied, rename TokenNotFound
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
4107335cb2
|
agent: Adding X-Nomad-Token header parsing
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
304a02d93b
|
nomad: Add SecretID to QueryOptions and WriteMeta
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
4bda2fa9e9
|
nomad: ACL endpoints check support enabled and redirect to authority
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
866fe5e216
|
nomad: adding ACL bootstrapping endpoint
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
e24a4abf2c
|
nomad: adding ACL bootstrap endpoints
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
1ace912341
|
nomad: adding bootstrapping checks
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
06a7f12fad
|
nomad: adding bootstrap state store method
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
76a03f2d8e
|
Address @dadgar feedback
|
2017-09-04 13:05:53 -07:00 |
Armon Dadgar
|
e7586a80df
|
nomad: Switch from SHA1 to Blake2 @chelseakomlo
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
fc23a4e7e5
|
structs: sort policies to avoid order dependence for caching
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
e3f32ca6f1
|
client: adding token resolution logic
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
459c2b6fa7
|
nomad: switch policy/token replication to use batch endpoints
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
edc38185cc
|
noamd: Adding batch fetch endpoints for ACL tokens and policies
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
6a9d4e2dc3
|
nomad: Adding token resolution endpoint
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
688897561b
|
client: adding token cache for ACL resolution
|
2017-09-04 13:05:36 -07:00 |
Armon Dadgar
|
d9c56725d0
|
nomad: refactor to use CompileACLObject and handle anonymous token
|
2017-09-04 13:05:35 -07:00 |
Armon Dadgar
|
98e0f98f7e
|
structs: Adding ACL compilation helper
|
2017-09-04 13:05:35 -07:00 |
Armon Dadgar
|
583e654246
|
structs: cache key helper for policy list
|
2017-09-04 13:05:35 -07:00 |
Armon Dadgar
|
c2e72e8a9c
|
client: create ACL and Policy cache
|
2017-09-04 13:05:35 -07:00 |
Armon Dadgar
|
792f176a44
|
agent: thread ACL config to client
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
3efdf1f7d9
|
Address @chelseakomlo comments
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
99cea1ac23
|
Moving shared ACL objects
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
dc1904b57a
|
nomad: adding ACL token resolution logic
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
e5154d4499
|
acl: Adding IsManagement check
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
018973aea8
|
Address @dadgar feedback
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
5b3d6c0a52
|
Fixing intent
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
5a3a931ec5
|
nomad: adding global token replication
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
583a11cebd
|
nomad: Adding ability to filter list of tokens to global only
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
cb827b6696
|
nomad: adding policy replication support
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
7d4aa1975f
|
agent: thread through ACL config to Server
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
9cd8ac832f
|
agent: Adding ACL block configuration
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
bc697dc50e
|
Address @dadgar feedback
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
a45bd0d2a2
|
agent: fixing ACL endpoint, return updated tokens
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
30b607987e
|
nomad: generate accessor/secret ID server side
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
bd2db18c80
|
agent: Adding HTTP endpoints for ACL tokens
|
2017-09-04 13:04:45 -07:00 |
Armon Dadgar
|
f91d2608cb
|
nomad: renambe PublicID to AccessorID for consistency
|
2017-09-04 13:04:45 -07:00 |