Commit graph

8529 commits

Author SHA1 Message Date
Armon Dadgar a712a83f1b website: Document ACL APIs and configuration 2017-09-04 13:07:44 -07:00
Armon Dadgar 568ccf0485 vendoring blake2b 2017-09-04 13:07:44 -07:00
Armon Dadgar af9caef4b9 Adding a comment to address @dadgar 2017-09-04 13:05:53 -07:00
Armon Dadgar f1c4143a62 agent: thread ACLs for Job Register 2017-09-04 13:05:53 -07:00
Armon Dadgar ac6283c31f nomad: enforce ACLs on job submit 2017-09-04 13:05:53 -07:00
Armon Dadgar 6f5150a227 nomad: allow getting policies which are subset of token, fixes client resolution 2017-09-04 13:05:53 -07:00
Armon Dadgar 387a8a923b nomad: adding policy subset check 2017-09-04 13:05:53 -07:00
Armon Dadgar f31cd6a618 client: fixing policy resolution after ACL endpoint enforcement 2017-09-04 13:05:53 -07:00
Armon Dadgar 18ddb910fa nomad: forward DeleteToken requests for global tokens 2017-09-04 13:05:53 -07:00
Armon Dadgar b807f5df6f nomad: forward UpsertToken requests for global tokens 2017-09-04 13:05:53 -07:00
Armon Dadgar 5c94e7e99f agent: thread through token for ACL endpoint tests 2017-09-04 13:05:53 -07:00
Armon Dadgar 3e46094cee Passthrough replication token for token/policy replication 2017-09-04 13:05:53 -07:00
Armon Dadgar 855240b1b5 nomad: ACL endpoints enforce permissions 2017-09-04 13:05:53 -07:00
Armon Dadgar ddcc5f89bc Add ErrPermissionDenied, rename TokenNotFound 2017-09-04 13:05:53 -07:00
Armon Dadgar 4107335cb2 agent: Adding X-Nomad-Token header parsing 2017-09-04 13:05:53 -07:00
Armon Dadgar 304a02d93b nomad: Add SecretID to QueryOptions and WriteMeta 2017-09-04 13:05:53 -07:00
Armon Dadgar 4bda2fa9e9 nomad: ACL endpoints check support enabled and redirect to authority 2017-09-04 13:05:53 -07:00
Armon Dadgar 866fe5e216 nomad: adding ACL bootstrapping endpoint 2017-09-04 13:05:53 -07:00
Armon Dadgar e24a4abf2c nomad: adding ACL bootstrap endpoints 2017-09-04 13:05:53 -07:00
Armon Dadgar 1ace912341 nomad: adding bootstrapping checks 2017-09-04 13:05:53 -07:00
Armon Dadgar 06a7f12fad nomad: adding bootstrap state store method 2017-09-04 13:05:53 -07:00
Armon Dadgar 76a03f2d8e Address @dadgar feedback 2017-09-04 13:05:53 -07:00
Armon Dadgar e7586a80df nomad: Switch from SHA1 to Blake2 @chelseakomlo 2017-09-04 13:05:36 -07:00
Armon Dadgar fc23a4e7e5 structs: sort policies to avoid order dependence for caching 2017-09-04 13:05:36 -07:00
Armon Dadgar e3f32ca6f1 client: adding token resolution logic 2017-09-04 13:05:36 -07:00
Armon Dadgar 459c2b6fa7 nomad: switch policy/token replication to use batch endpoints 2017-09-04 13:05:36 -07:00
Armon Dadgar edc38185cc noamd: Adding batch fetch endpoints for ACL tokens and policies 2017-09-04 13:05:36 -07:00
Armon Dadgar 6a9d4e2dc3 nomad: Adding token resolution endpoint 2017-09-04 13:05:36 -07:00
Armon Dadgar 688897561b client: adding token cache for ACL resolution 2017-09-04 13:05:36 -07:00
Armon Dadgar d9c56725d0 nomad: refactor to use CompileACLObject and handle anonymous token 2017-09-04 13:05:35 -07:00
Armon Dadgar 98e0f98f7e structs: Adding ACL compilation helper 2017-09-04 13:05:35 -07:00
Armon Dadgar 583e654246 structs: cache key helper for policy list 2017-09-04 13:05:35 -07:00
Armon Dadgar c2e72e8a9c client: create ACL and Policy cache 2017-09-04 13:05:35 -07:00
Armon Dadgar 792f176a44 agent: thread ACL config to client 2017-09-04 13:04:45 -07:00
Armon Dadgar 3efdf1f7d9 Address @chelseakomlo comments 2017-09-04 13:04:45 -07:00
Armon Dadgar 99cea1ac23 Moving shared ACL objects 2017-09-04 13:04:45 -07:00
Armon Dadgar dc1904b57a nomad: adding ACL token resolution logic 2017-09-04 13:04:45 -07:00
Armon Dadgar e5154d4499 acl: Adding IsManagement check 2017-09-04 13:04:45 -07:00
Armon Dadgar 018973aea8 Address @dadgar feedback 2017-09-04 13:04:45 -07:00
Armon Dadgar 5b3d6c0a52 Fixing intent 2017-09-04 13:04:45 -07:00
Armon Dadgar 5a3a931ec5 nomad: adding global token replication 2017-09-04 13:04:45 -07:00
Armon Dadgar 583a11cebd nomad: Adding ability to filter list of tokens to global only 2017-09-04 13:04:45 -07:00
Armon Dadgar cb827b6696 nomad: adding policy replication support 2017-09-04 13:04:45 -07:00
Armon Dadgar 7d4aa1975f agent: thread through ACL config to Server 2017-09-04 13:04:45 -07:00
Armon Dadgar 9cd8ac832f agent: Adding ACL block configuration 2017-09-04 13:04:45 -07:00
Armon Dadgar bc697dc50e Address @dadgar feedback 2017-09-04 13:04:45 -07:00
Armon Dadgar a45bd0d2a2 agent: fixing ACL endpoint, return updated tokens 2017-09-04 13:04:45 -07:00
Armon Dadgar 30b607987e nomad: generate accessor/secret ID server side 2017-09-04 13:04:45 -07:00
Armon Dadgar bd2db18c80 agent: Adding HTTP endpoints for ACL tokens 2017-09-04 13:04:45 -07:00
Armon Dadgar f91d2608cb nomad: renambe PublicID to AccessorID for consistency 2017-09-04 13:04:45 -07:00