-
Notifications
You must be signed in to change notification settings - Fork 4.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Backport/docs/proxy defaults reformat other improvements/quietly joint monitor #18699
Backport/docs/proxy defaults reformat other improvements/quietly joint monitor #18699
Commits on Jun 28, 2023
-
tlsutil: Fix check TLS configuration (#17481)
* tlsutil: Fix check TLS configuration * Rewording docs. * Update website/content/docs/services/configuration/checks-configuration-reference.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> * Fix typos and add changelog entry. --------- Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f019457 - Browse repository at this point
Copy the full SHA f019457View commit details -
docs: Deprecations for connect-native SDK and specific connect native…
… APIs (#17937) * Update v1_16_x.mdx * Update connect native golang page --------- Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6f660e5 - Browse repository at this point
Copy the full SHA 6f660e5View commit details -
Revert "Add workflow to verify linux release packages (#17904)" (#17942)
This reverts commit 3368f14.
Configuration menu - View commit details
-
Copy full SHA for bdf4fad - Browse repository at this point
Copy the full SHA bdf4fadView commit details
Commits on Jun 29, 2023
-
Fixes Secondary ConnectCA update (#17846)
This fixes a bug that was identified which resulted in subsequent ConnectCA configuration update not to persist in the cluster.
Configuration menu - View commit details
-
Copy full SHA for 1b1f33f - Browse repository at this point
Copy the full SHA 1b1f33fView commit details -
Configuration menu - View commit details
-
Copy full SHA for a60b363 - Browse repository at this point
Copy the full SHA a60b363View commit details -
Fix streaming backend link (#17958)
* Fix streaming backend link * Update health.mdx
David Yu authoredJun 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 85b78fe - Browse repository at this point
Copy the full SHA 85b78feView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1512ea3 - Browse repository at this point
Copy the full SHA 1512ea3View commit details -
Configuration menu - View commit details
-
Copy full SHA for f7305b2 - Browse repository at this point
Copy the full SHA f7305b2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2736e64 - Browse repository at this point
Copy the full SHA 2736e64View commit details
Commits on Jun 30, 2023
-
feature - [NET - 4005] - [Supportability] Reloadable Configuration - …
…enable_debug (#17565) * # This is a combination of 9 commits. # This is the 1st commit message: init without tests # This is the commit message #2: change log # This is the commit message #3: fix tests # This is the commit message #4: fix tests # This is the commit message #5: added tests # This is the commit message #6: change log breaking change # This is the commit message #7: removed breaking change # This is the commit message #8: fix test # This is the commit message #9: keeping the test behaviour same * # This is a combination of 12 commits. # This is the 1st commit message: init without tests # This is the commit message #2: change log # This is the commit message #3: fix tests # This is the commit message #4: fix tests # This is the commit message #5: added tests # This is the commit message #6: change log breaking change # This is the commit message #7: removed breaking change # This is the commit message #8: fix test # This is the commit message #9: keeping the test behaviour same # This is the commit message #10: made enable debug atomic bool # This is the commit message #11: fix lint # This is the commit message #12: fix test true enable debug * parent 10f500e author absolutelightning <ashesh.vidyut@hashicorp.com> 1687352587 +0530 committer absolutelightning <ashesh.vidyut@hashicorp.com> 1687352592 +0530 init without tests change log fix tests fix tests added tests change log breaking change removed breaking change fix test keeping the test behaviour same made enable debug atomic bool fix lint fix test true enable debug using enable debug in agent as atomic bool test fixes fix tests fix tests added update on correct locaiton fix tests fix reloadable config enable debug fix tests fix init and acl 403 * revert commit
Configuration menu - View commit details
-
Copy full SHA for 2af6bc4 - Browse repository at this point
Copy the full SHA 2af6bc4View commit details -
Fix formatting codeblocks on APIgw docs (#17970)
* fix formatting codeblocks * remove unnecessary indents
Configuration menu - View commit details
-
Copy full SHA for 5b7f360 - Browse repository at this point
Copy the full SHA 5b7f360View commit details -
Chris S. Kim authored
Jun 30, 2023 Configuration menu - View commit details
-
Copy full SHA for 50a9d1b - Browse repository at this point
Copy the full SHA 50a9d1bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9ce89c4 - Browse repository at this point
Copy the full SHA 9ce89c4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0b1299c - Browse repository at this point
Copy the full SHA 0b1299cView commit details -
docs: samenessGroup YAML examples (#17984)
* configuration entry syntax * Example config
Configuration menu - View commit details
-
Copy full SHA for f096fc5 - Browse repository at this point
Copy the full SHA f096fc5View commit details -
Configuration menu - View commit details
-
Copy full SHA for df85dd8 - Browse repository at this point
Copy the full SHA df85dd8View commit details
Commits on Jul 1, 2023
-
Configuration menu - View commit details
-
Copy full SHA for dc6ea1b - Browse repository at this point
Copy the full SHA dc6ea1bView commit details
Commits on Jul 4, 2023
-
Expose JWKS cluster config through JWTProviderConfigEntry (#17978)
* Expose JWKS cluster config through JWTProviderConfigEntry * fix typos, rename trustedCa to trustedCA
Configuration menu - View commit details
-
Copy full SHA for 8039427 - Browse repository at this point
Copy the full SHA 8039427View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4f0bdd3 - Browse repository at this point
Copy the full SHA 4f0bdd3View commit details
Commits on Jul 5, 2023
-
Fix incorrect protocol for transparent proxy upstreams. (#17894)
This PR fixes a bug that was introduced in: #16021 A user setting a protocol in proxy-defaults would cause tproxy implicit upstreams to not honor the upstream service's protocol set in its `ServiceDefaults.Protocol` field, and would instead always use the proxy-defaults value. Due to the fact that upstreams configured with "tcp" can successfully contact upstream "http" services, this issue was not recognized until recently (a proxy-defaults with "tcp" and a listening service with "http" would make successful requests, but not the opposite). As a temporary work-around, users experiencing this issue can explicitly set the protocol on the `ServiceDefaults.UpstreamConfig.Overrides`, which should take precedence. The fix in this PR removes the proxy-defaults protocol from the wildcard upstream that tproxy uses to configure implicit upstreams. When the protocol was included, it would always overwrite the value during discovery chain compilation, which was not correct. The discovery chain compiler also consumes proxy defaults to determine the protocol, so simply excluding it from the wildcard upstream config map resolves the issue.
Configuration menu - View commit details
-
Copy full SHA for 0094dbf - Browse repository at this point
Copy the full SHA 0094dbfView commit details -
feat: include nodes count in operator usage endpoint and cli command (#…
…17939) * feat: update operator usage api endpoint to include nodes count * feat: update operator usange cli command to includes nodes count
Configuration menu - View commit details
-
Copy full SHA for 8af4ad1 - Browse repository at this point
Copy the full SHA 8af4ad1View commit details -
[OSS] Improve Gateway Test Coverage of Catalog Health (#18011)
* fix(cli): remove failing check from 'connect envoy' registration for api gateway * test(integration): add tests to check catalog statsus of gateways on startup * remove extra sleep comment * Update test/integration/consul-container/libs/assert/service.go * changelog
Configuration menu - View commit details
-
Copy full SHA for b94095d - Browse repository at this point
Copy the full SHA b94095dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7f3446e - Browse repository at this point
Copy the full SHA 7f3446eView commit details -
Fix removed service-to-service peering links (#17221)
* docs: fix removed service-to-service peering links * docs: extend peering-via-mesh-gateways intro (thanks @trujillo-adam) --------- Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2c2e628 - Browse repository at this point
Copy the full SHA 2c2e628View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7ef807d - Browse repository at this point
Copy the full SHA 7ef807dView commit details -
updated typo in tab heading (#18022)
* updated typo in tab heading * updated tab group typo, too
Configuration menu - View commit details
-
Copy full SHA for 548829a - Browse repository at this point
Copy the full SHA 548829aView commit details -
Document that DNS lookups can target cluster peers (#17990)
Static DNS lookups, in addition to explicitly targeting a datacenter, can target a cluster peer. This was added in 95dc0c7 but didn't make the documentation. The driving function for the change is `parseLocality` here: https://github.com/hashicorp/consul/blob/0b1299c28d8127129d61310ee4280055298438e0/agent/dns_oss.go#L25 The biggest change in this is to adjust the standard lookup syntax to tie `.<datacenter>` to `.dc` as required-together, and to append in the similar `.<cluster-peer>.peer` optional argument, both to A record and SRV record lookups. Co-authored-by: David Yu <dyu@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 7689a5e - Browse repository at this point
Copy the full SHA 7689a5eView commit details
Commits on Jul 6, 2023
-
Configuration menu - View commit details
-
Copy full SHA for ada3938 - Browse repository at this point
Copy the full SHA ada3938View commit details -
Configuration menu - View commit details
-
Copy full SHA for f7d399f - Browse repository at this point
Copy the full SHA f7d399fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 820cdbb - Browse repository at this point
Copy the full SHA 820cdbbView commit details -
docs - add service sync annotations and k8s service weight annotation (…
…#18032) * Docs for hashicorp/consul-k8s#2293 * remove versions for enterprise features since they are old --------- Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 85f2ae0 - Browse repository at this point
Copy the full SHA 85f2ae0View commit details
Commits on Jul 7, 2023
-
docs - add jobs use case for service mesh k8s (#18037)
* docs - add jobs use case for service mesh k8s * add code blocks
David Yu authoredJul 7, 2023 Configuration menu - View commit details
-
Copy full SHA for b9a6a74 - Browse repository at this point
Copy the full SHA b9a6a74View commit details -
David Yu authored
Jul 7, 2023 Configuration menu - View commit details
-
Copy full SHA for b0a2e33 - Browse repository at this point
Copy the full SHA b0a2e33View commit details
Commits on Jul 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for f4b0804 - Browse repository at this point
Copy the full SHA f4b0804View commit details -
[OSS] Fix initial_fetch_timeout to wait for all xDS resources (#18024)
* fix(connect): set initial_fetch_time to wait indefinitely * changelog * PR feedback 1
Configuration menu - View commit details
-
Copy full SHA for 1b08626 - Browse repository at this point
Copy the full SHA 1b08626View commit details
Commits on Jul 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7decc30 - Browse repository at this point
Copy the full SHA 7decc30View commit details -
Configuration menu - View commit details
-
Copy full SHA for da79997 - Browse repository at this point
Copy the full SHA da79997View commit details -
Fix a couple typos in Agent Telemetry Metrics docs (#18080)
* Fix metrics docs * Add changelog Signed-off-by: josh <josh.timmons@hashicorp.com> --------- Signed-off-by: josh <josh.timmons@hashicorp.com>
Joshua Timmons authoredJul 11, 2023 Configuration menu - View commit details
-
Copy full SHA for a30ba33 - Browse repository at this point
Copy the full SHA a30ba33View commit details -
docs updates - cluster peering and virtual services (#18069)
* Update route-to-virtual-services.mdx * Update establish-peering.mdx
David Yu authoredJul 11, 2023 Configuration menu - View commit details
-
Copy full SHA for bfb9212 - Browse repository at this point
Copy the full SHA bfb9212View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0e58c89 - Browse repository at this point
Copy the full SHA 0e58c89View commit details -
Configuration menu - View commit details
-
Copy full SHA for bd5af7f - Browse repository at this point
Copy the full SHA bd5af7fView commit details
Commits on Jul 12, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3dc6f8f - Browse repository at this point
Copy the full SHA 3dc6f8fView commit details -
Docs: Update proxy lifecycle annotations and consul-dataplane flags (#…
…18075) * Update proxy lifecycle annotations and consul-dataplane flags
Configuration menu - View commit details
-
Copy full SHA for 51d8eb8 - Browse repository at this point
Copy the full SHA 51d8eb8View commit details -
Configuration menu - View commit details
-
Copy full SHA for f472164 - Browse repository at this point
Copy the full SHA f472164View commit details -
Docs for dataplane upgrade on k8s (#18051)
* Docs for dataplane upgrade on k8s --------- Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ebfed56 - Browse repository at this point
Copy the full SHA ebfed56View commit details -
Configuration menu - View commit details
-
Copy full SHA for f51a9d2 - Browse repository at this point
Copy the full SHA f51a9d2View commit details -
Displays Consul version of each nodes in UI nodes section (#17754)
* update UINodes and UINodeInfo response with consul-version info added as NodeMeta, fetched from serf members * update test cases TestUINodes, TestUINodeInfo * added nil check for map * add consul-version in local agent node metadata * get consul version from serf member and add this as node meta in catalog register request * updated ui mock response to include consul versions as node meta * updated ui trans and added version as query param to node list route * updates in ui templates to display consul version with filter and sorts * updates in ui - model class, serializers,comparators,predicates for consul version feature * added change log for Consul Version Feature * updated to get version from consul service, if for some reason not available from serf * updated changelog text * updated dependent testcases * multiselection version filter * Update agent/consul/state/catalog.go comments updated Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> --------- Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2f20c77 - Browse repository at this point
Copy the full SHA 2f20c77View commit details -
* api gw 1.16 updates * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * update CodeBlockConfig filename * Apply suggestions from code review Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * remove non-standard intentions page * Update website/content/docs/api-gateway/configuration/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --------- Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d1f5d9b - Browse repository at this point
Copy the full SHA d1f5d9bView commit details -
[NET-4103] ci: build s390x (#18067)
* ci: build s390x * ci: test s390x * ci: dev build s390x * no GOOS * ent only * build: publish s390x * fix syntax error * fix syntax error again * fix syntax error again x2 * test branch * Move s390x conditionals to step level * remove test branch --------- Co-authored-by: emilymianeil <eneil@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 3b3aa1f - Browse repository at this point
Copy the full SHA 3b3aa1fView commit details
Commits on Jul 13, 2023
-
:ermahgerd "Sevice Mesh" -> "Service Mesh" (#18116)
Just a typo in the docs.
Configuration menu - View commit details
-
Copy full SHA for efe9816 - Browse repository at this point
Copy the full SHA efe9816View commit details -
Split pbmesh.UpstreamsConfiguration as a resource out of pbmesh.Upstr…
…eams (#17991) Configuration that previously was inlined into the Upstreams resource applies to both explicit and implicit upstreams and so it makes sense to split it out into its own resource. It also has other minor changes: - Renames `proxy.proto` proxy_configuration.proto` - Changes the type of `Upstream.destination_ref` from `pbresource.ID` to `pbresource.Reference` - Adds comments to fields that didn't have them
Configuration menu - View commit details
-
Copy full SHA for c328ba8 - Browse repository at this point
Copy the full SHA c328ba8View commit details -
[NET-4895] ci - api tests and consul container tests error because of…
… dependency bugs with go 1.20.6. Pin go to 1.20.5. (#18124) ### Description The following jobs started failing when go 1.20.6 was released: - `go-test-api-1-19` - `go-test-api-1-20` - `compatibility-integration-tests` - `upgrade-integration-tests` `compatibility-integration-tests` and `compatibility-integration-tests` to this testcontainers issue: testcontainers/testcontainers-go#1359. This issue calls for testcontainers to release a new version when one of their dependencies is fixed. When that is done, we will unpin the go versions in `compatibility-integration-tests` and `compatibility-integration-tests`. ### Testing & Reproduction steps See these jobs broken in CI and then see them work with this PR. --------- Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for a2c6953 - Browse repository at this point
Copy the full SHA a2c6953View commit details -
Add ingress gateway deprecation notices to docs (#18102)
### Description This adds notices, that ingress gateway is deprecated, to several places in the product docs where ingress gateway is the topic. ### Testing & Reproduction steps Tested with a local copy of the website. ### Links Deprecation of ingress gateway was announced in the Release Notes for Consul 1.16 and Consul-K8s 1.2. See: [https://developer.hashicorp.com/consul/docs/release-notes/consul/v1_16_x#what-s-deprecated](https://developer.hashicorp.com/consul/docs/release-notes/consul/v1_16_x#what-s-deprecated ) [https://developer.hashicorp.com/consul/docs/release-notes/consul-k8s/v1_2_x#what-s-deprecated](https://developer.hashicorp.com/consul/docs/release-notes/consul-k8s/v1_2_x#what-s-deprecated) ### PR Checklist * [N/A] updated test coverage * [X] external facing docs updated * [X] appropriate backport labels added * [X] not a security concern --------- Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 68863b4 - Browse repository at this point
Copy the full SHA 68863b4View commit details
Commits on Jul 14, 2023
-
Add docs for jwt cluster configuration (#18004)
### Description <!-- Please describe why you're making this change, in plain English. --> - Add jwt-provider docs for jwks cluster configuration. The configuration was added here: #17978
Configuration menu - View commit details
-
Copy full SHA for 2229206 - Browse repository at this point
Copy the full SHA 2229206View commit details -
Configuration menu - View commit details
-
Copy full SHA for ad6364a - Browse repository at this point
Copy the full SHA ad6364aView commit details -
NET-4657/add resource service client (#18053)
### Description <!-- Please describe why you're making this change, in plain English. --> Dan had already started on this [task](#17849) which is needed to start building the HTTP APIs. This just needed some cleanup to get it ready for review. Overview: - Rename `internalResourceServiceClient` to `insecureResourceServiceClient` for name consistency - Configure a `secureResourceServiceClient` with auth enabled ### PR Checklist * [ ] ~updated test coverage~ * [ ] ~external facing docs updated~ * [x] appropriate backport labels added * [ ] ~not a security concern~
Configuration menu - View commit details
-
Copy full SHA for 5208ea9 - Browse repository at this point
Copy the full SHA 5208ea9View commit details -
Fix bug with Vault CA provider (#18112)
Updating RootPKIPath but not IntermediatePKIPath would not update leaf signing certs with the new root. Unsure if this happens in practice but manual testing showed it is a bug that would break mesh and agent connections once the old root is pruned.
Chris S. Kim authoredJul 14, 2023 Configuration menu - View commit details
-
Copy full SHA for 747a4c7 - Browse repository at this point
Copy the full SHA 747a4c7View commit details -
[NET-4897] net/http host header is now verified and request.host that…
… contains socked now error (#18129) ### Description This is related to #18124 where we pinned the go versions in CI to 1.20.5 and 1.19.10. go 1.20.6 and 1.19.11 now validate request host headers for validity, including the hostname cannot be prefixed with slashes. For local communications (npipe://, unix://), the hostname is not used, but we need valid and meaningful hostname. Prior versions go Go would clean the host header, and strip slashes in the process, but go1.20.6 and go1.19.11 no longer do, and reject the host header. Around the community we are seeing that others are intercepting the req.host and if it starts with a slash or ends with .sock, they changing the host to localhost or another dummy value. [client: define a "dummy" hostname to use for local connections by thaJeztah · Pull Request #45942 · moby/moby](moby/moby#45942) ### Testing & Reproduction steps Check CI tests. ### Links * [ ] updated test coverage * [ ] external facing docs updated * [ ] appropriate backport labels added * [ ] not a security concern
Configuration menu - View commit details
-
Copy full SHA for 5af7390 - Browse repository at this point
Copy the full SHA 5af7390View commit details -
add a conditional around setting LANFilter.AllSegments to make sure i…
…t is valid (#18139) ### Description This is to correct a code problem because this assumes all segments, but when you get to Enterprise, you can be in partition that is not the default partition, in which case specifying all segments does not validate and fails. This is to correct the setting of this filter with `AllSegments` to `true` to only occur when in the the `default` partition. ### Testing & Reproduction steps <!-- * In the case of bugs, describe how to replicate * If any manual tests were done, document the steps and the conditions to replicate * Call out any important/ relevant unit tests, e2e tests or integration tests you have added or are adding --> ### Links <!-- Include any links here that might be helpful for people reviewing your PR (Tickets, GH issues, API docs, external benchmarks, tools docs, etc). If there are none, feel free to delete this section. Please be mindful not to leak any customer or confidential information. HashiCorp employees may want to use our internal URL shortener to obfuscate links. --> ### PR Checklist * [ ] updated test coverage * [ ] external facing docs updated * [ ] appropriate backport labels added * [ ] not a security concern
Configuration menu - View commit details
-
Copy full SHA for 691bc96 - Browse repository at this point
Copy the full SHA 691bc96View commit details -
Configuration menu - View commit details
-
Copy full SHA for 05b665e - Browse repository at this point
Copy the full SHA 05b665eView commit details
Commits on Jul 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for e719478 - Browse repository at this point
Copy the full SHA e719478View commit details
Commits on Jul 17, 2023
-
fix: update delegateMock used in ENT (#18149)
### Description <!-- Please describe why you're making this change, in plain English. --> The mock is used in `http_ent_test` file which caused lint failures. For OSS->ENT parity adding the same change here. ### Links <!-- Include any links here that might be helpful for people reviewing your PR (Tickets, GH issues, API docs, external benchmarks, tools docs, etc). If there are none, feel free to delete this section. Please be mindful not to leak any customer or confidential information. HashiCorp employees may want to use our internal URL shortener to obfuscate links. --> Identified in OSS->ENT [merge PR](hashicorp/consul-enterprise#6328) ### PR Checklist * [ ] ~updated test coverage~ * [ ] ~external facing docs updated~ * [x] appropriate backport labels added * [ ] ~not a security concern~
Configuration menu - View commit details
-
Copy full SHA for 5930518 - Browse repository at this point
Copy the full SHA 5930518View commit details -
Use JWT-auth filter in metadata mode & Delegate validation to RBAC fi…
…lter (#18062) ### Description <!-- Please describe why you're making this change, in plain English. --> - Currently the jwt-auth filter doesn't take into account the service identity when validating jwt-auth, it only takes into account the path and jwt provider during validation. This causes issues when multiple source intentions restrict access to an endpoint with different JWT providers. - To fix these issues, rather than use the JWT auth filter for validation, we use it in metadata mode and allow it to forward the successful validated JWT token payload to the RBAC filter which will make the decisions. This PR ensures requests with and without JWT tokens successfully go through the jwt-authn filter. The filter however only forwards the data for successful/valid tokens. On the RBAC filter level, we check the payload for claims and token issuer + existing rbac rules. ### Testing & Reproduction steps <!-- * In the case of bugs, describe how to replicate * If any manual tests were done, document the steps and the conditions to replicate * Call out any important/ relevant unit tests, e2e tests or integration tests you have added or are adding --> - This test covers a multi level jwt requirements (requirements at top level and permissions level). It also assumes you have envoy running, you have a redis and a sidecar proxy service registered, and have a way to generate jwks with jwt. I mostly use: https://www.scottbrady91.com/tools/jwt for this. - first write your proxy defaults ``` Kind = "proxy-defaults" name = "global" config { protocol = "http" } ``` - Create two providers ``` Kind = "jwt-provider" Name = "auth0" Issuer = "https://ronald.local" JSONWebKeySet = { Local = { JWKS = "eyJrZXlzIjog....." } } ``` ``` Kind = "jwt-provider" Name = "okta" Issuer = "https://ronald.local" JSONWebKeySet = { Local = { JWKS = "eyJrZXlzIjogW3...." } } ``` - add a service intention ``` Kind = "service-intentions" Name = "redis" JWT = { Providers = [ { Name = "okta" }, ] } Sources = [ { Name = "*" Permissions = [{ Action = "allow" HTTP = { PathPrefix = "/workspace" } JWT = { Providers = [ { Name = "okta" VerifyClaims = [ { Path = ["aud"] Value = "my_client_app" }, { Path = ["sub"] Value = "5be86359073c434bad2da3932222dabe" } ] }, ] } }, { Action = "allow" HTTP = { PathPrefix = "/" } JWT = { Providers = [ { Name = "auth0" }, ] } }] } ] ``` - generate 3 jwt tokens: 1 from auth0 jwks, 1 from okta jwks with different claims than `/workspace` expects and 1 with correct claims - connect to your envoy (change service and address as needed) to view logs and potential errors. You can add: `-- --log-level debug` to see what data is being forwarded ``` consul connect envoy -sidecar-for redis1 -grpc-addr 127.0.0.1:8502 ``` - Make the following requests: ``` curl -s -H "Authorization: Bearer $Auth0_TOKEN" --insecure --cert leaf.cert --key leaf.key --cacert connect-ca.pem https://localhost:20000/workspace -v RBAC filter denied curl -s -H "Authorization: Bearer $Okta_TOKEN_with_wrong_claims" --insecure --cert leaf.cert --key leaf.key --cacert connect-ca.pem https://localhost:20000/workspace -v RBAC filter denied curl -s -H "Authorization: Bearer $Okta_TOKEN_with_correct_claims" --insecure --cert leaf.cert --key leaf.key --cacert connect-ca.pem https://localhost:20000/workspace -v Successful request ``` ### TODO * [x] Update test coverage * [ ] update integration tests (follow-up PR) * [x] appropriate backport labels added
Configuration menu - View commit details
-
Copy full SHA for bcc6a9d - Browse repository at this point
Copy the full SHA bcc6a9dView commit details -
Support Consul Connect Envoy Command on Windows (#17694)
### Description Add support for consul connect envoy command on windows. This PR fixes the comments of PR - #15114 ### Testing * Built consul.exe from this branch on windows and hosted here - [AWS S3](https://asheshvidyut-bucket.s3.ap-southeast-2.amazonaws.com/consul.zip) * Updated the [tutorial](https://developer.hashicorp.com/consul/tutorials/developer-mesh/consul-windows-workloads) and changed the `consul_url.default` value to [AWS S3](https://asheshvidyut-bucket.s3.ap-southeast-2.amazonaws.com/consul.zip) * Followed the steps in the tutorial and verified that everything is working as described. ### PR Checklist * [x] updated test coverage * [ ] external facing docs updated * [x] appropriate backport labels added * [x] not a security concern --------- Co-authored-by: Franco Bruno Lavayen <cocolavayen@gmail.com> Co-authored-by: Jose Ignacio Lorenzo <74208929+joselo85@users.noreply.github.com> Co-authored-by: Jose Ignacio Lorenzo <joseignaciolorenzo85@gmail.com> Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for f7c5ba5 - Browse repository at this point
Copy the full SHA f7c5ba5View commit details -
Change docs to say 168h instead of 7d for server_rejoin_age_max (#18154)
### Description Addresses #17171 (comment)
David Yu authoredJul 17, 2023 Configuration menu - View commit details
-
Copy full SHA for e52ea0e - Browse repository at this point
Copy the full SHA e52ea0eView commit details -
[OSS] test: improve xDS listener code coverage (#18138)
test: improve xDS listener code coverage
Configuration menu - View commit details
-
Copy full SHA for 33d898b - Browse repository at this point
Copy the full SHA 33d898bView commit details -
Re-order expected/actual for assertContainerState in consul container…
… tests (#18157) Re-order expected/actual, consul container tests
Configuration menu - View commit details
-
Copy full SHA for 03cf37e - Browse repository at this point
Copy the full SHA 03cf37eView commit details -
group and document make file (#17943)
* group and document make file
Configuration menu - View commit details
-
Copy full SHA for 07fce86 - Browse repository at this point
Copy the full SHA 07fce86View commit details -
Add
testing/deployer
(neéconsul-topology
) [NET-4610] (#17823)Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com> Co-authored-by: R.B. Boyer <rb@hashicorp.com> Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6200536 - Browse repository at this point
Copy the full SHA 6200536View commit details
Commits on Jul 18, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 9214457 - Browse repository at this point
Copy the full SHA 9214457View commit details -
Add FIPS reference to consul enterprise docs (#18028)
* Add FIPS reference to consul enterprise docs * Update website/content/docs/enterprise/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * remove support for ecs client (fips) --------- Co-authored-by: David Yu <dyu@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 548a5ca - Browse repository at this point
Copy the full SHA 548a5caView commit details -
add peering_commontopo tests [NET-3700] (#17951)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com> Co-authored-by: R.B. Boyer <rb@hashicorp.com> Co-authored-by: Freddy <freddygv@users.noreply.github.com> Co-authored-by: NiniOak <anita.akaeze@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for cd3fc9e - Browse repository at this point
Copy the full SHA cd3fc9eView commit details
Commits on Jul 19, 2023
-
docs - remove Sentinel from enterprise features list (#18176)
* Update index.mdx * Update kv.mdx * Update docs-nav-data.json * delete sentinel.mdx * Update redirects.js --------- Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2e326e2 - Browse repository at this point
Copy the full SHA 2e326e2View commit details -
[NET-4865] Bump golang.org/x/net to 0.12.0 (#18186)
Bump golang.org/x/net to 0.12.0 While not necessary to directly address CVE-2023-29406 (which should be handled by using a patched version of Go when building), an accompanying change to HTTP/2 error handling does impact agent code. See https://go-review.googlesource.com/c/net/+/506995 for the HTTP/2 change. Bump this dependency across our submodules as well for the sake of potential indirect consumers of `x/net/http`.
Configuration menu - View commit details
-
Copy full SHA for 29cdb75 - Browse repository at this point
Copy the full SHA 29cdb75View commit details -
Configuration menu - View commit details
-
Copy full SHA for 003370d - Browse repository at this point
Copy the full SHA 003370dView commit details -
[NET-4865] security: Update Go version to 1.20.6 (#18190)
Update Go version to 1.20.6 This resolves [CVE-2023-29406] (https://nvd.nist.gov/vuln/detail/CVE-2023-29406) for uses of the `net/http` standard library. Note that until the follow-up to #18124 is done, the version of Go used in those impacted tests will need to remain on 1.20.5.
Configuration menu - View commit details
-
Copy full SHA for e8dd04d - Browse repository at this point
Copy the full SHA e8dd04dView commit details -
Improve XDS test coverage: JWT auth edition (#18183)
* Improve XDS test coverage: JWT auth edition more tests * test: xds coverage for jwt listeners --------- Co-authored-by: DanStough <dan.stough@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 18bc041 - Browse repository at this point
Copy the full SHA 18bc041View commit details -
Configuration menu - View commit details
-
Copy full SHA for 271e5af - Browse repository at this point
Copy the full SHA 271e5afView commit details -
Update submodules to latest following 1.16.0 (#18197)
Align all our internal use of submodules on the latest versions.
Configuration menu - View commit details
-
Copy full SHA for 72999bb - Browse repository at this point
Copy the full SHA 72999bbView commit details -
SEC-090: Automated trusted workflow pinning (2023-07-18) (#18174)
Result of tsccr-helper -log-level=info -pin-all-workflows . Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 1ef5dfc - Browse repository at this point
Copy the full SHA 1ef5dfcView commit details
Commits on Jul 20, 2023
-
Fix Backport Assistant PR commenting (#18200)
* Fix Backport Assistant failure PR commenting For general comments on a PR, it looks like you have to use the `/issue` endpoint rather than `/pulls`, which requires commit/other review-specific target details. This matches the endpoint used in `backport-reminder.yml`. * Remove Backport Reminder workflow This is noisy (even when adding multiple labels, individual comments per label are generated), and likely no longer needed: we haven't had this work in a long time due to an expired GH token, and we now have better automation for backport PR assignment.
Configuration menu - View commit details
-
Copy full SHA for 1c7fcdf - Browse repository at this point
Copy the full SHA 1c7fcdfView commit details -
Configuration menu - View commit details
-
Copy full SHA for ada767f - Browse repository at this point
Copy the full SHA ada767fView commit details -
Explicitly enable WebSocket upgrades (#18150)
This PR explicitly enables WebSocket upgrades in Envoy's UpgradeConfig for all proxy types. (API Gateway, Ingress, and Sidecar.) Fixes #8283
Configuration menu - View commit details
-
Copy full SHA for 2c5a09b - Browse repository at this point
Copy the full SHA 2c5a09bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5cd2876 - Browse repository at this point
Copy the full SHA 5cd2876View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e6ce76 - Browse repository at this point
Copy the full SHA 7e6ce76View commit details -
[OSS] Improve xDS Code Coverage - Clusters (#18165)
test: improve xDS cluster code coverage
Configuration menu - View commit details
-
Copy full SHA for 2793761 - Browse repository at this point
Copy the full SHA 2793761View commit details
Commits on Jul 21, 2023
-
NET-4222 take config file consul container (#18218)
Net 4222 take config file consul container
Configuration menu - View commit details
-
Copy full SHA for c2066b9 - Browse repository at this point
Copy the full SHA c2066b9View commit details -
Envoy Integration Test Windows (#18007)
* [CONSUL-395] Update check_hostport and Usage (#40) * [CONSUL-397] Copy envoy binary from Image (#41) * [CONSUL-382] Support openssl in unique test dockerfile (#43) * [CONSUL-405] Add bats to single container (#44) * [CONSUL-414] Run Prometheus Test Cases and Validate Changes (#46) * [CONSUL-410] Run Jaeger in Single container (#45) * [CONSUL-412] Run test-sds-server in single container (#48) * [CONSUL-408] Clean containers (#47) * [CONSUL-384] Rebase and sync fork (#50) * [CONSUL-415] Create Scenarios Troubleshooting Docs (#49) * [CONSUL-417] Update Docs Single Container (#51) * [CONSUL-428] Add Socat to single container (#54) * [CONSUL-424] Replace pkill in kill_envoy function (#52) * [CONSUL-434] Modify Docker run functions in Helper script (#53) * [CONSUL-435] Replace docker run in set_ttl_check_state & wait_for_agent_service_register functions (#55) * [CONSUL-438] Add netcat (nc) in the Single container Dockerfile (#56) * [CONSUL-429] Replace Docker run with Docker exec (#57) * [CONSUL-436] Curl timeout and run tests (#58) * [CONSUL-443] Create dogstatsd Function (#59) * [CONSUL-431] Update Docs Netcat (#60) * [CONSUL-439] Parse nc Command in function (#61) * [CONSUL-463] Review curl Exec and get_ca_root Func (#63) * [CONSUL-453] Docker hostname in Helper functions (#64) * [CONSUL-461] Test wipe volumes without extra cont (#66) * [CONSUL-454] Check ports in the Server and Agent containers (#65) * [CONSUL-441] Update windows dockerfile with version (#62) * [CONSUL-466] Review case-grpc Failing Test (#67) * [CONSUL-494] Review case-cfg-resolver-svc-failover (#68) * [CONSUL-496] Replace docker_wget & docker_curl (#69) * [CONSUL-499] Cleanup Scripts - Remove nanoserver (#70) * [CONSUL-500] Update Troubleshooting Docs (#72) * [CONSUL-502] Pull & Tag Envoy Windows Image (#73) * [CONSUL-504] Replace docker run in docker_consul (#76) * [CONSUL-505] Change admin_bind * [CONSUL-399] Update envoy to 1.23.1 (#78) * [CONSUL-510] Support case-wanfed-gw on Windows (#79) * [CONSUL-506] Update troubleshooting Documentation (#80) * [CONSUL-512] Review debug_dump_volumes Function (#81) * [CONSUL-514] Add zipkin to Docker Image (#82) * [CONSUL-515] Update Documentation (#83) * [CONSUL-529] Support case-consul-exec (#86) * [CONSUL-530] Update Documentation (#87) * [CONSUL-530] Update default consul version 1.13.3 * [CONSUL-539] Cleanup (#91) * [CONSUL-546] Scripts Clean-up (#92) * [CONSUL-491] Support admin_access_log_path value for Windows (#71) * [CONSUL-519] Implement mkfifo Alternative (#84) * [CONSUL-542] Create OS Specific Files for Envoy Package (#88) * [CONSUL-543] Create exec_supported.go (#89) * [CONSUL-544] Test and Build Changes (#90) * Implement os.DevNull * using mmap instead of disk files * fix import in exec-unix * fix nmap open too many arguemtn * go fmt on file * changelog file * fix go mod * Update .changelog/17694.txt Co-authored-by: Dhia Ayachi <dhia@hashicorp.com> * different mmap library * fix bootstrap json * some fixes * chocolatey version fix and image fix * using different library * fix Map funciton call * fix mmap call * fix tcp dump * fix tcp dump * windows tcp dump * Fix docker run * fix tests * fix go mod * fix version 16.0 * fix version * fix version dev * sleep to debug * fix sleep * fix permission issue * fix permission issue * fix permission issue * fix command * fix command * fix funciton * fix assert config entry status command not found * fix command not found assert_cert_has_cn * fix command not found assert_upstream_missing * fix command not found assert_upstream_missing_once * fix command not found get_upstream_endpoint * fix command not found get_envoy_public_listener_once * fix command not found * fix test cases * windows integration test workflow github * made code similar to unix using npipe * fix go.mod * fix dialing of npipe * dont wait * check size of written json * fix undefined n * running * fix dep * fix syntax error * fix workflow file * windows runner * fix runner * fix from json * fix runs on * merge connect envoy * fix cin path * build * fix file name * fix file name * fix dev build * remove unwanted code * fix upload * fix bin name * fix path * checkout current branch * fix path * fix tests * fix shell bash for windows sh files * fix permission of run-test.sh * removed docker dev * added shell bash for tests * fix tag * fix win=true * fix cd * added dev * fix variable undefined * removed failing tests * fix tcp dump image * fix curl * fix curl * tcp dump path * fix tcpdump path * fix curl * fix curl install * stop removing intermediate containers * fix tcpdump docker image * revert -rm * --rm=false * makeing docker image before * fix tcpdump * removed case consul exec * removed terminating gateway simple * comment case wasm * removed data dog * comment out upload coverage * uncomment case-consul-exec * comment case consul exec * if always * logs * using consul 1.17.0 * fix quotes * revert quotes * redirect to dev null * Revert version * revert consul connect * fix version * removed envoy connect * not using function * change log * docker logs * fix logs * restructure bad authz * rmeoved dev null * output * fix file descriptor * fix cacert * fix cacert * fix ca cert * cacert does not work in windows curl * fix func * removed docker logs * added sleep * fix tls * commented case-consul-exec * removed echo * retry docker consul * fix upload bin * uncomment consul exec * copying consul.exe to docker image * copy fix * fix paths * fix path * github workspace path * latest version * Revert "latest version" This reverts commit 5a7d7b8. * commented consul exec * added ssl revoke best effort * revert best effort * removed unused files * rename var name and change dir * windows runner * permission * needs setup fix * swtich to github runner * fix file path * fix path * fix path * fix path * fix path * fix path * fix build paths * fix tag * nightly runs * added matrix in github workflow, renamed files * fix job * fix matrix * removed brackes * from json * without using job matrix * fix quotes * revert job matrix * fix workflow * fix comment * added comment * nightly runs * removed datadog ci as it is already measured in linux one * running test * Revert "running test" This reverts commit 7013d15. * pr comment fixes * running test now * running subset of test * running subset of test * job matrix * shell bash * removed bash shell * linux machine for job matrix * fix output * added cat to debug * using ubuntu latest * fix job matrix * fix win true * fix go test * revert job matrix --------- Co-authored-by: Jose Ignacio Lorenzo <74208929+joselo85@users.noreply.github.com> Co-authored-by: Franco Bruno Lavayen <cocolavayen@gmail.com> Co-authored-by: Ivan K Berlot <ivanberlot@gmail.com> Co-authored-by: Ezequiel Fernández Ponce <20102608+ezfepo@users.noreply.github.com> Co-authored-by: joselo85 <joseignaciolorenzo85@gmail.com> Co-authored-by: Ezequiel Fernández Ponce <ezequiel.fernandez@southworks.com> Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 47d445d - Browse repository at this point
Copy the full SHA 47d445dView commit details -
fix typos and update ecs compat table (#18215)
* fix typos and update ecs compat table * real info for the ecs compat matrix table * Update website/content/docs/ecs/compatibility.mdx Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com> --------- Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 926db9c - Browse repository at this point
Copy the full SHA 926db9cView commit details -
[OSS] proxystate: add proxystate protos (#18216)
* proxystate: add proxystate protos to pbmesh and resolve imports and conflicts between message names
Configuration menu - View commit details
-
Copy full SHA for c932d79 - Browse repository at this point
Copy the full SHA c932d79View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e01fcf - Browse repository at this point
Copy the full SHA 7e01fcfView commit details -
[CC-5718] Remove HCP token requirement during bootstrap (#18140)
* [CC-5718] Remove HCP token requirement during bootstrap * Re-add error for loading HCP management token * Remove old comment * Add changelog entry * Remove extra validation line * Apply suggestions from code review Co-authored-by: lornasong <lornasong@users.noreply.github.com> --------- Co-authored-by: lornasong <lornasong@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6671d7e - Browse repository at this point
Copy the full SHA 6671d7eView commit details -
[NET-4122] Doc guidance for federation with externalServers (#18207)
Doc guidance for federation with externalServers Add guidance for proper configuration when joining to a secondary cluster using WAN fed with external servers also enabled. Also clarify federation requirements and fix formatting for an unrelated value. Update both the Helm chart reference (synced from `consul-k8s`, see hashicorp/consul-k8s#2583) and the docs on using `externalServers`.
Configuration menu - View commit details
-
Copy full SHA for c138f24 - Browse repository at this point
Copy the full SHA c138f24View commit details -
[OSS] Improve xDS Code Coverage - Endpoints and Misc (#18222)
test: improve xDS endpoints code coverage
Configuration menu - View commit details
-
Copy full SHA for 8e3a1dd - Browse repository at this point
Copy the full SHA 8e3a1ddView commit details -
Clarify license reporting timing and GDPR compliance (#18237)
Add Alicia's edits to clarify log timing and other details
Configuration menu - View commit details
-
Copy full SHA for 7ce539e - Browse repository at this point
Copy the full SHA 7ce539eView commit details
Commits on Jul 22, 2023
-
Fix Github Workflow File (#18241)
* [CONSUL-382] Support openssl in unique test dockerfile (#43) * [CONSUL-405] Add bats to single container (#44) * [CONSUL-414] Run Prometheus Test Cases and Validate Changes (#46) * [CONSUL-410] Run Jaeger in Single container (#45) * [CONSUL-412] Run test-sds-server in single container (#48) * [CONSUL-408] Clean containers (#47) * [CONSUL-384] Rebase and sync fork (#50) * [CONSUL-415] Create Scenarios Troubleshooting Docs (#49) * [CONSUL-417] Update Docs Single Container (#51) * [CONSUL-428] Add Socat to single container (#54) * [CONSUL-424] Replace pkill in kill_envoy function (#52) * [CONSUL-434] Modify Docker run functions in Helper script (#53) * [CONSUL-435] Replace docker run in set_ttl_check_state & wait_for_agent_service_register functions (#55) * [CONSUL-438] Add netcat (nc) in the Single container Dockerfile (#56) * [CONSUL-429] Replace Docker run with Docker exec (#57) * [CONSUL-436] Curl timeout and run tests (#58) * [CONSUL-443] Create dogstatsd Function (#59) * [CONSUL-431] Update Docs Netcat (#60) * [CONSUL-439] Parse nc Command in function (#61) * [CONSUL-463] Review curl Exec and get_ca_root Func (#63) * [CONSUL-453] Docker hostname in Helper functions (#64) * [CONSUL-461] Test wipe volumes without extra cont (#66) * [CONSUL-454] Check ports in the Server and Agent containers (#65) * [CONSUL-441] Update windows dockerfile with version (#62) * [CONSUL-466] Review case-grpc Failing Test (#67) * [CONSUL-494] Review case-cfg-resolver-svc-failover (#68) * [CONSUL-496] Replace docker_wget & docker_curl (#69) * [CONSUL-499] Cleanup Scripts - Remove nanoserver (#70) * [CONSUL-500] Update Troubleshooting Docs (#72) * [CONSUL-502] Pull & Tag Envoy Windows Image (#73) * [CONSUL-504] Replace docker run in docker_consul (#76) * [CONSUL-505] Change admin_bind * [CONSUL-399] Update envoy to 1.23.1 (#78) * [CONSUL-510] Support case-wanfed-gw on Windows (#79) * [CONSUL-506] Update troubleshooting Documentation (#80) * [CONSUL-512] Review debug_dump_volumes Function (#81) * [CONSUL-514] Add zipkin to Docker Image (#82) * [CONSUL-515] Update Documentation (#83) * [CONSUL-529] Support case-consul-exec (#86) * [CONSUL-530] Update Documentation (#87) * [CONSUL-530] Update default consul version 1.13.3 * [CONSUL-539] Cleanup (#91) * [CONSUL-546] Scripts Clean-up (#92) * [CONSUL-491] Support admin_access_log_path value for Windows (#71) * [CONSUL-519] Implement mkfifo Alternative (#84) * [CONSUL-542] Create OS Specific Files for Envoy Package (#88) * [CONSUL-543] Create exec_supported.go (#89) * [CONSUL-544] Test and Build Changes (#90) * Implement os.DevNull * using mmap instead of disk files * fix import in exec-unix * fix nmap open too many arguemtn * go fmt on file * changelog file * fix go mod * Update .changelog/17694.txt Co-authored-by: Dhia Ayachi <dhia@hashicorp.com> * different mmap library * fix bootstrap json * some fixes * chocolatey version fix and image fix * using different library * fix Map funciton call * fix mmap call * fix tcp dump * fix tcp dump * windows tcp dump * Fix docker run * fix tests * fix go mod * fix version 16.0 * fix version * fix version dev * sleep to debug * fix sleep * fix permission issue * fix permission issue * fix permission issue * fix command * fix command * fix funciton * fix assert config entry status command not found * fix command not found assert_cert_has_cn * fix command not found assert_upstream_missing * fix command not found assert_upstream_missing_once * fix command not found get_upstream_endpoint * fix command not found get_envoy_public_listener_once * fix command not found * fix test cases * windows integration test workflow github * made code similar to unix using npipe * fix go.mod * fix dialing of npipe * dont wait * check size of written json * fix undefined n * running * fix dep * fix syntax error * fix workflow file * windows runner * fix runner * fix from json * fix runs on * merge connect envoy * fix cin path * build * fix file name * fix file name * fix dev build * remove unwanted code * fix upload * fix bin name * fix path * checkout current branch * fix path * fix tests * fix shell bash for windows sh files * fix permission of run-test.sh * removed docker dev * added shell bash for tests * fix tag * fix win=true * fix cd * added dev * fix variable undefined * removed failing tests * fix tcp dump image * fix curl * fix curl * tcp dump path * fix tcpdump path * fix curl * fix curl install * stop removing intermediate containers * fix tcpdump docker image * revert -rm * --rm=false * makeing docker image before * fix tcpdump * removed case consul exec * removed terminating gateway simple * comment case wasm * removed data dog * comment out upload coverage * uncomment case-consul-exec * comment case consul exec * if always * logs * using consul 1.17.0 * fix quotes * revert quotes * redirect to dev null * Revert version * revert consul connect * fix version * removed envoy connect * not using function * change log * docker logs * fix logs * restructure bad authz * rmeoved dev null * output * fix file descriptor * fix cacert * fix cacert * fix ca cert * cacert does not work in windows curl * fix func * removed docker logs * added sleep * fix tls * commented case-consul-exec * removed echo * retry docker consul * fix upload bin * uncomment consul exec * copying consul.exe to docker image * copy fix * fix paths * fix path * github workspace path * latest version * Revert "latest version" This reverts commit 5a7d7b8. * commented consul exec * added ssl revoke best effort * revert best effort * removed unused files * rename var name and change dir * windows runner * permission * needs setup fix * swtich to github runner * fix file path * fix path * fix path * fix path * fix path * fix path * fix build paths * fix tag * nightly runs * added matrix in github workflow, renamed files * fix job * fix matrix * removed brackes * from json * without using job matrix * fix quotes * revert job matrix * fix workflow * fix comment * added comment * nightly runs * removed datadog ci as it is already measured in linux one * running test * Revert "running test" This reverts commit 7013d15. * pr comment fixes * running test now * running subset of test * running subset of test * job matrix * shell bash * removed bash shell * linux machine for job matrix * fix output * added cat to debug * using ubuntu latest * fix job matrix * fix win true * fix go test * revert job matrix * Fix tests --------- Co-authored-by: Ivan K Berlot <ivanberlot@gmail.com> Co-authored-by: Jose Ignacio Lorenzo <74208929+joselo85@users.noreply.github.com> Co-authored-by: Franco Bruno Lavayen <cocolavayen@gmail.com> Co-authored-by: Ezequiel Fernández Ponce <20102608+ezfepo@users.noreply.github.com> Co-authored-by: joselo85 <joseignaciolorenzo85@gmail.com> Co-authored-by: Ezequiel Fernández Ponce <ezequiel.fernandez@southworks.com> Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 2b0d64e - Browse repository at this point
Copy the full SHA 2b0d64eView commit details
Commits on Jul 23, 2023
-
NET-4996 - filter go-tests and test-integration workflows from runnin…
…g on docs only and ui only changes (#18236)
Configuration menu - View commit details
-
Copy full SHA for a11dba7 - Browse repository at this point
Copy the full SHA a11dba7View commit details
Commits on Jul 24, 2023
-
Align build arch matrix with enterprise (#18235)
Ensure that OSS remains in sync w/ Enterprise by aligning the format of arch matrix args for various build jobs.
Configuration menu - View commit details
-
Copy full SHA for 8b46bac - Browse repository at this point
Copy the full SHA 8b46bacView commit details -
Revert "NET-4996 - filter go-tests and test-integration workflows fro…
Configuration menu - View commit details
-
Copy full SHA for 639210e - Browse repository at this point
Copy the full SHA 639210eView commit details -
resource: Add scope to resource type registration [NET-4976] (#18214)
Enables querying a resource type's registration to determine if a resource is cluster, partition, or partition and namespace scoped.
Configuration menu - View commit details
-
Copy full SHA for efb45fe - Browse repository at this point
Copy the full SHA efb45feView commit details -
Configuration menu - View commit details
-
Copy full SHA for b162c51 - Browse repository at this point
Copy the full SHA b162c51View commit details -
NET-1825: More new ACL token creation docs (#18063)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for b7cdd18 - Browse repository at this point
Copy the full SHA b7cdd18View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4d3f9a1 - Browse repository at this point
Copy the full SHA 4d3f9a1View commit details -
[NET-3700] Backfill changelog entry for c2bbe67 and 7402d06 (#18259)
Configuration menu - View commit details
-
Copy full SHA for 9a82df2 - Browse repository at this point
Copy the full SHA 9a82df2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 319a223 - Browse repository at this point
Copy the full SHA 319a223View commit details -
Configuration menu - View commit details
-
Copy full SHA for 090e869 - Browse repository at this point
Copy the full SHA 090e869View commit details
Commits on Jul 25, 2023
-
member cli: add -filter expression to flags (#18223)
* member cli: add -filter expression to flags * changelog * update doc * Add test cases * use quote
Configuration menu - View commit details
-
Copy full SHA for 31d2813 - Browse repository at this point
Copy the full SHA 31d2813View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9b540e2 - Browse repository at this point
Copy the full SHA 9b540e2View commit details
Commits on Jul 26, 2023
-
docs: Update ext-authz documentation for kubernetes (#18281)
Update ext-authz documentation for kubernetes
Configuration menu - View commit details
-
Copy full SHA for 02cf177 - Browse repository at this point
Copy the full SHA 02cf177View commit details -
docs: Consul on Kubernetes specific upgrade info (#18230)
* Compatibility page - dataplanes mention * Upgrading higher-level dataplane mention * `exec=` string callout * More visible for upgrade page * Apply suggestions from code review Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com> --------- Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com> Co-authored-by: John Murret <john.murret@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for d147c3e - Browse repository at this point
Copy the full SHA d147c3eView commit details -
Configuration menu - View commit details
-
Copy full SHA for e37f702 - Browse repository at this point
Copy the full SHA e37f702View commit details -
docs: K8s secondary DC requirements (#18280)
* Requested edit * Apply suggestions from code review Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --------- Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for e29ceab - Browse repository at this point
Copy the full SHA e29ceabView commit details -
api-gateway: subscribe to bound-api-gateway only after receiving api-…
…gateway (#18291) * api-gateway: subscribe to bound-api-gateway only after receiving api-gateway This fixes a race condition due to our dependency on having the listener(s) from the api-gateway config entry in order to fully and properly process the resources on the bound-api-gateway config entry. * Apply suggestions from code review * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for 5caa0ae - Browse repository at this point
Copy the full SHA 5caa0aeView commit details -
Update K8s changelog to address cloud auto-join change in 1.0.0 (#18293)
Paul Glass authoredJul 26, 2023 Configuration menu - View commit details
-
Copy full SHA for 09b251f - Browse repository at this point
Copy the full SHA 09b251fView commit details -
Update list of Envoy versions (#18300)
Update supported envoy versions to 1.24.10, 1.25.9, 1.26.4, 1.27.0.
Configuration menu - View commit details
-
Copy full SHA for cf4deeb - Browse repository at this point
Copy the full SHA cf4deebView commit details
Commits on Jul 27, 2023
-
[NET-4904] Update list of Envoy versions in docs (#18306)
Update list of Envoy versions in docs Update supported Envoy versions across Consul release versions.
Configuration menu - View commit details
-
Copy full SHA for cbfeb6c - Browse repository at this point
Copy the full SHA cbfeb6cView commit details
Commits on Jul 28, 2023
-
Update actions for TSCCR (#18317)
Update action versions before deadline
Configuration menu - View commit details
-
Copy full SHA for 449e050 - Browse repository at this point
Copy the full SHA 449e050View commit details
Commits on Jul 31, 2023
-
Fix topology view when displaying mixed connect-native/normal service…
…s. (#13023) * Fix topoloy intention with mixed connect-native/normal services. If a service is registered twice, once with connect-native and once without, the topology views would prune the existing intentions. This change brings the code more in line with the transparent proxy behavior. * Dedupe nodes in the ServiceTopology ui endpoint (like done with tags). * Consider a service connect-native as soon as one instance is.
Configuration menu - View commit details
-
Copy full SHA for 6ada2e0 - Browse repository at this point
Copy the full SHA 6ada2e0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 356b29b - Browse repository at this point
Copy the full SHA 356b29bView commit details -
docs: Fix some comments (#17118)
Signed-off-by: cui fliter <imcusg@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 18a5edd - Browse repository at this point
Copy the full SHA 18a5eddView commit details -
[NET-4703] Prevent partial application of Envoy extensions (#18068)
Prevent partial application of Envoy extensions Ensure that non-required extensions do not change xDS resources before exiting on failure by cloning proto messages prior to applying each extension. To support this change, also move `CanApply` checks up a layer and make them prior to attempting extension application, s.t. we avoid unnecessary copies where extensions can't be applied. Last, ensure that we do not allow panics from `CanApply` or `Extend` checks to escape the attempted extension application.
Configuration menu - View commit details
-
Copy full SHA for b1b05f0 - Browse repository at this point
Copy the full SHA b1b05f0View commit details -
docs: Simplify example jq commands by removing pipes (#18327)
Simplify jq command examples by removing pipes to other commands.
Configuration menu - View commit details
-
Copy full SHA for 3894940 - Browse repository at this point
Copy the full SHA 3894940View commit details
Commits on Aug 1, 2023
-
Configuration menu - View commit details
-
Copy full SHA for bb6fc63 - Browse repository at this point
Copy the full SHA bb6fc63View commit details -
[CC-5719] Add support for builtin global-read-only policy (#18319)
* [CC-5719] Add support for builtin global-read-only policy * Add changelog * Add read-only to docs * Fix some minor issues. * Change from ReplaceAll to Sprintf * Change IsValidPolicy name to return an error instead of bool * Fix PolicyList test * Fix other tests * Apply suggestions from code review Co-authored-by: Paul Glass <pglass@hashicorp.com> * Fix state store test for policy list. * Fix naming issues * Update acl/validation.go Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com> * Update agent/consul/acl_endpoint.go --------- Co-authored-by: Paul Glass <pglass@hashicorp.com> Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6424ef6 - Browse repository at this point
Copy the full SHA 6424ef6View commit details -
[NET-5121] proxystate: move protos to subdirectory to avoid conflicts (…
…#18335) * also makes a few protos updates
Configuration menu - View commit details
-
Copy full SHA for e459399 - Browse repository at this point
Copy the full SHA e459399View commit details -
resource: adding various helpers for working with resources (#18342)
This is a bit of a grab bag of helpers that I found useful for working with them when authoring substantial Controllers. Subsequent PRs will make use of them.
Configuration menu - View commit details
-
Copy full SHA for 13ce787 - Browse repository at this point
Copy the full SHA 13ce787View commit details -
Wasm integration tests for local and remote wasm files (#17756)
* wasm integration tests for local and remote wasm files refactoring and cleanup for wasm testing remove wasm debug logging PR feedback, wasm build lock correct path pattern for wasm build files Add new helper function to minimize changes to existing test code Remove extra param mod tidy add custom service setup to test lib add wait until static server sidecar can reach nginx sidecar Doc comments PR feedback Update workflows to compile wasm for integration tests Fix docker build path Fix package name for linter Update makefile, fix redeclared function Update expected wasm filename Debug test ls in workflow remove pwd in favor of relative path more debugging Build wasm in compatability tests as well Build wasm directly in ci rather than in container Debug tinygo and llvm version Change wasm file extension Remove tinygo debugging Remove extra comments * Add compiled wasm and build instructions
Configuration menu - View commit details
-
Copy full SHA for 2a8bf5d - Browse repository at this point
Copy the full SHA 2a8bf5dView commit details -
[HCP Telemetry] Periodic Refresh for Dynamic Telemetry Configuration (#…
…18168) * OTElExporter now uses an EndpointProvider to discover the endpoint * OTELSink uses a ConfigProvider to obtain filters and labels configuration * improve tests for otel_sink * Regex logic is moved into client for a method on the TelemetryConfig object * Create a telemetry_config_provider and update deps to use it * Fix conversion * fix import newline * Add logger to hcp client and move telemetry_config out of the client.go file * Add a telemetry_config.go to refactor client.go * Update deps * update hcp deps test * Modify telemetry_config_providers * Check for nil filters * PR review updates * Fix comments and move around pieces * Fix comments * Remove context from client struct * Moved ctx out of sink struct and fixed filters, added a test * Remove named imports, use errors.New if not fformatting * Remove HCP dependencies in telemetry package * Add success metric and move lock only to grab the t.cfgHahs * Update hash * fix nits * Create an equals method and add tests * Improve telemetry_config_provider.go tests * Add race test * Add missing godoc * Remove mock for MetricsClient * Avoid goroutine test panics * trying to kick CI lint issues by upgrading mod * imprve test code and add hasher for testing * Use structure logging for filters, fix error constants, and default to allow all regex * removed hashin and modify logic to simplify * Improve race test and fix PR feedback by removing hash equals and avoid testing the timer.Ticker logic, and instead unit test * Ran make go-mod-tidy * Use errtypes in the test * Add changelog * add safety check for exporter endpoint * remove require.Contains by using error types, fix structure logging, and fix success metric typo in exporter * Fixed race test to have changing config values * Send success metric before modifying config * Avoid the defer and move the success metric under
Configuration menu - View commit details
-
Copy full SHA for 828567c - Browse repository at this point
Copy the full SHA 828567cView commit details
Commits on Aug 2, 2023
-
NET-4240 - Snapshots are failing on Windows (#18302)
* fix go mod * fix go sum * added change log * ran make go mod tidy
Configuration menu - View commit details
-
Copy full SHA for 67fc93e - Browse repository at this point
Copy the full SHA 67fc93eView commit details -
Register ProxyStateTemplate Resource (#18316)
Also, change the ProxyState.id to identity. This is because we already have the id of this proxy from the resource, and this id should be name-aligned with the workload it represents. It should also have the owner ref set to the workload ID if we need that. And so the id field seems unnecessary. We do, however, need a reference to workload identity so that we can authorize the proxy when it initially connects to the xDS server.
Configuration menu - View commit details
-
Copy full SHA for a33001f - Browse repository at this point
Copy the full SHA a33001fView commit details -
[NET-5146] security: Update Go version to 1.20.7 and
x/net
to 0.13.0 (#18358) * Update Go version to 1.20.7 This resolves [CVE-2023-29409] (https://nvd.nist.gov/vuln/detail/CVE-2023-29409)(`crypto/tls`). * Bump golang.org/x/net to 0.13.0 Addresses [CVE-2023-3978](https://nvd.nist.gov/vuln/detail/CVE-2023-3978) for security scans (non-impacting).
Configuration menu - View commit details
-
Copy full SHA for 905e371 - Browse repository at this point
Copy the full SHA 905e371View commit details
Commits on Aug 3, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 9c227e2 - Browse repository at this point
Copy the full SHA 9c227e2View commit details -
[OSS] test: xds coverage for routes (#18369)
test: xds coverage for routes
Configuration menu - View commit details
-
Copy full SHA for 284e3bd - Browse repository at this point
Copy the full SHA 284e3bdView commit details -
Fix policy lookup to allow for slashes (#18347)
* Fix policy lookup to allow for slashes * Fix suggestions * Fix other test * Revert some lines
Configuration menu - View commit details
-
Copy full SHA for 8e5e16d - Browse repository at this point
Copy the full SHA 8e5e16dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 89aac4b - Browse repository at this point
Copy the full SHA 89aac4bView commit details
Commits on Aug 4, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 0a48a24 - Browse repository at this point
Copy the full SHA 0a48a24View commit details -
expose grpc as http endpoint (#18221)
expose resource grpc endpoints as http endpoints
Configuration menu - View commit details
-
Copy full SHA for 1f28ac2 - Browse repository at this point
Copy the full SHA 1f28ac2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1ebd001 - Browse repository at this point
Copy the full SHA 1ebd001View commit details -
[docs] Fix ServiceDefaults example in distributed tracing (#17212)
Fix ServiceDefaults example in distributed tracing.
Configuration menu - View commit details
-
Copy full SHA for 38c356c - Browse repository at this point
Copy the full SHA 38c356cView commit details
Commits on Aug 5, 2023
-
Fix #17730 - Dev mode has new line (#18367)
* adding new line only in case of pretty in url not in dev mode * change log added
Configuration menu - View commit details
-
Copy full SHA for 417ae9f - Browse repository at this point
Copy the full SHA 417ae9fView commit details
Commits on Aug 7, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 48effe5 - Browse repository at this point
Copy the full SHA 48effe5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 63cc037 - Browse repository at this point
Copy the full SHA 63cc037View commit details
Commits on Aug 8, 2023
-
Not using chmod - fixed integration test for Enterprise (#18401)
* Not using chmod * checking icacls * Removed push
Configuration menu - View commit details
-
Copy full SHA for 96ce4da - Browse repository at this point
Copy the full SHA 96ce4daView commit details -
replaced ordered list of rate limit ops with flow diagram (#18398)
* replaced ordered list of rate limit ops with flow diagram * made diagram font bigger * updated colors for dark mode img * fixed typo * recentered dark mode image * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> --------- Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2096f23 - Browse repository at this point
Copy the full SHA 2096f23View commit details -
Upgrade test: remove outdated test and disable log due to verbosity (#…
…18403) * remove outdated test * disable log since we have too many parallel tests
Configuration menu - View commit details
-
Copy full SHA for 7902ae2 - Browse repository at this point
Copy the full SHA 7902ae2View commit details -
bump testcontainers-go from 0.22.0 and remove pinned go version in in… (
#18395) * bump testcontainers-go from 0.22.0 and remove pinned go version in integ test * go mod tidy * Replace deprecated target.Authority with target.URL.Host
Configuration menu - View commit details
-
Copy full SHA for 43d8898 - Browse repository at this point
Copy the full SHA 43d8898View commit details -
Add ServiceEndpoints Mutation hook tests (#18404)
* Add ServiceEndpoints Mutation hook tests * Move endpoint owner validation into the validation hook Also there were some minor changes to error validation to account for go-cmp not liking to peer through an errors.errorstring type that get created by errors.New
Configuration menu - View commit details
-
Copy full SHA for 91d331b - Browse repository at this point
Copy the full SHA 91d331bView commit details -
catalog: add FailoverPolicy mutation and validation hooks (#18390)
Add most of the validation and mutation hooks for the FailoverPolicy resource.
Configuration menu - View commit details
-
Copy full SHA for bfc519f - Browse repository at this point
Copy the full SHA bfc519fView commit details -
NET-5115 Add retry + timeout filters for api-gateway (#18324)
* squash, implement retry/timeout in consul core * update tests
Configuration menu - View commit details
-
Copy full SHA for e235c8b - Browse repository at this point
Copy the full SHA e235c8bView commit details
Commits on Aug 9, 2023
-
catalog: adding a controller to reconcile FailoverPolicy resources (#…
…18399) Add most of the semantic cross-resource validation for FailoverPolicy resources using a new controller.
Configuration menu - View commit details
-
Copy full SHA for 42efc11 - Browse repository at this point
Copy the full SHA 42efc11View commit details -
Configuration menu - View commit details
-
Copy full SHA for facd5b0 - Browse repository at this point
Copy the full SHA facd5b0View commit details -
build: updates for 1.16.1 release (#18415)
* build: updates for 1.16.1 release * build: fix missing replace directive for envoyextensions * build: go mod tidy testing/deployer
Configuration menu - View commit details
-
Copy full SHA for 948ce8b - Browse repository at this point
Copy the full SHA 948ce8bView commit details -
Configuration menu - View commit details
-
Copy full SHA for bb1a288 - Browse repository at this point
Copy the full SHA bb1a288View commit details
Commits on Aug 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 10f69d8 - Browse repository at this point
Copy the full SHA 10f69d8View commit details -
Configuration menu - View commit details
-
Copy full SHA for bee12c6 - Browse repository at this point
Copy the full SHA bee12c6View commit details -
[NET-5217] [OSS] Derive sidecar proxy locality from parent service (#…
…18437) * Add logging to locality policy application In OSS, this is currently a no-op. * Inherit locality when registering sidecars When sidecar locality is not explicitly configured, inherit locality from the proxied service.
Configuration menu - View commit details
-
Copy full SHA for 05604ee - Browse repository at this point
Copy the full SHA 05604eeView commit details -
NET-4984: Update APIGW Config Entries for JWT Auth (#18366)
* Added oss config entries for Policy and JWT on APIGW * Updated structs for config entry * Updated comments, ran deep-copy * Move JWT configuration into OSS file * Add in the config entry OSS file for jwts * Added changelog * fixing proto spacing * Moved to using manually written deep copy method * Use pointers for override/default fields in apigw config entries * Run gen scripts for changed types
Configuration menu - View commit details
-
Copy full SHA for 6c8ca0f - Browse repository at this point
Copy the full SHA 6c8ca0fView commit details -
k8s compat - Openshift versions (#18307)
* Update compatibility.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6981658 - Browse repository at this point
Copy the full SHA 6981658View commit details -
APIGW: Update HTTPRouteConfigEntry for JWT Auth (#18422)
* Updated httproute config entry for JWT Filters * Added manual deepcopy method for httproute jwt filter * Fix test * Update JWTFilter to be in oss file * Add changelog * Add build tags for deepcopy oss file
Configuration menu - View commit details
-
Copy full SHA for df11e4e - Browse repository at this point
Copy the full SHA df11e4eView commit details
Commits on Aug 11, 2023
-
[COMPLIANCE] License changes (#18443)
* Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 5fb9df1 - Browse repository at this point
Copy the full SHA 5fb9df1View commit details -
Net-2708/delete resource endpoint (#18420)
* feat: add http delete endpoint for resource service * refactor: clean up
Configuration menu - View commit details
-
Copy full SHA for 5717cbd - Browse repository at this point
Copy the full SHA 5717cbdView commit details -
Disable deep-copy codegen verification for now. (#18446)
Once we figure out what to do with license headers for these files we should re-enable this check.
Configuration menu - View commit details
-
Copy full SHA for b4cdfbb - Browse repository at this point
Copy the full SHA b4cdfbbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 66bcaa3 - Browse repository at this point
Copy the full SHA 66bcaa3View commit details -
NET-4952 Add docs for export command (#18425)
* Init file for services export command docs * Add link for export command to nav * Add export to list of subcommands for services * Add usage and basic command options * Add API options using includes * Add section for enterprise options * Include argument value in flag format * Add examples * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> --------- Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 4a0afb5 - Browse repository at this point
Copy the full SHA 4a0afb5View commit details -
Net-2712/resource hcl parsing (#18250)
* Initial protohcl implementation Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Daniel Upton <daniel@floppy.co> * resourcehcl: implement resource decoding on top of protohcl Co-authored-by: Daniel Upton <daniel@floppy.co> * fix: resolve ci failures * test: add additional unmarshalling tests * refactor: update function test to clean protohcl package imports --------- Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Daniel Upton <daniel@floppy.co>
Configuration menu - View commit details
-
Copy full SHA for 559c61e - Browse repository at this point
Copy the full SHA 559c61eView commit details -
implement http read endpoint to expose resource grpc service read method
Configuration menu - View commit details
-
Copy full SHA for cda884a - Browse repository at this point
Copy the full SHA cda884aView commit details
Commits on Aug 15, 2023
-
Net-2707/list resource endpoint (#18444)
feat: list resources endpoint
Configuration menu - View commit details
-
Copy full SHA for f88d4fe - Browse repository at this point
Copy the full SHA f88d4feView commit details -
Configuration menu - View commit details
-
Copy full SHA for d565056 - Browse repository at this point
Copy the full SHA d565056View commit details -
NET-5187: Upgrade test timeout due to log producer errors (#18461)
Stop log producer before restarting container
Configuration menu - View commit details
-
Copy full SHA for 0e94f48 - Browse repository at this point
Copy the full SHA 0e94f48View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6b7ccd0 - Browse repository at this point
Copy the full SHA 6b7ccd0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 217107f - Browse repository at this point
Copy the full SHA 217107fView commit details
Commits on Aug 16, 2023
-
[COMPLIANCE] License update (#18479)
Update BUSL LICENSE to include licensed product and version. Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for adf8ddb - Browse repository at this point
Copy the full SHA adf8ddbView commit details -
Configuration menu - View commit details
-
Copy full SHA for b8acd78 - Browse repository at this point
Copy the full SHA b8acd78View commit details -
docs: Update OpenShift compatibility (#18478)
Update compatibility.mdx
David Yu authoredAug 16, 2023 Configuration menu - View commit details
-
Copy full SHA for 5ca8cd6 - Browse repository at this point
Copy the full SHA 5ca8cd6View commit details -
resource: Make resource delete tenancy aware (#18476)
resource: Make resource delete tenancy awarae
Configuration menu - View commit details
-
Copy full SHA for e6c1c47 - Browse repository at this point
Copy the full SHA e6c1c47View commit details -
Add license-checker action that fails when any backported file contai…
…ns BUSL header (#18485) * Add license-checker action that fails when any backported file contains BUSL header * Quote echoed variable to retain line breaks * Add ticket to reference for more details
Configuration menu - View commit details
-
Copy full SHA for 9e9800e - Browse repository at this point
Copy the full SHA 9e9800eView commit details -
docs: Update K8s TGW tutorial to reliably obtain role ID (#18474)
The `grep` command used to obtain the ID for the terminating gateway role is not reliable in all scenarios. For example, if there is a similarly named role, the command may return the wrong role ID for the active terminating gateway instance. This commit updates the command to use jq to obtain the role ID. If multiple roles are found, jq will raise an error informing the user that it cannot reliably determine the role ID.
Configuration menu - View commit details
-
Copy full SHA for aa21b12 - Browse repository at this point
Copy the full SHA aa21b12View commit details -
NET-5371 License checker pt2 (#18491)
* Update grep command to work on ubuntu * Run license checker when new commits are pushed to PR
Configuration menu - View commit details
-
Copy full SHA for d488fc7 - Browse repository at this point
Copy the full SHA d488fc7View commit details -
README - Update KV use case to Dynamic App Configuration (#18301)
* Update README.md * Update kv.mdx * Add BUSL badge
David Yu authoredAug 16, 2023 Configuration menu - View commit details
-
Copy full SHA for ea7b419 - Browse repository at this point
Copy the full SHA ea7b419View commit details
Commits on Aug 17, 2023
-
README - re-order badges and update hub link (#18498)
Update README.md
David Yu authoredAug 17, 2023 Configuration menu - View commit details
-
Copy full SHA for cbedbc0 - Browse repository at this point
Copy the full SHA cbedbc0View commit details -
[NET-5163] Support locality testing in consul-container (#18484)
* Support locality testing in consul-container Support including locality in client sidecar config. Also align test config structs with Ent to avoid future conflicts. * Refactor consul-container fortio helpers Refactor fortio test helpers to separate HTTP retries from waiting on fortio result changes due to e.g. service startup and failovers.
Configuration menu - View commit details
-
Copy full SHA for 61b7c0d - Browse repository at this point
Copy the full SHA 61b7c0dView commit details -
Configuration menu - View commit details
-
Copy full SHA for b80c525 - Browse repository at this point
Copy the full SHA b80c525View commit details -
Configuration menu - View commit details
-
Copy full SHA for c533a51 - Browse repository at this point
Copy the full SHA c533a51View commit details -
NET-4932 - xds v2 - implement base connect proxy functionality for en…
…dpoints (#18500) * NET-4853 - xds v2 - implement base connect proxy functionality for clusters * NET-4853 - xds v2 - implement base connect proxy functionality for clusters * NET-4932 - xds v2 - implement base connect proxy functionality for endpoints * Update endpoints_test.go * gofmt * Update naming.go
Configuration menu - View commit details
-
Copy full SHA for 92cfb4a - Browse repository at this point
Copy the full SHA 92cfb4aView commit details -
Support custom watches on controller (#18439)
* Support custom watches on controller * refactor mapper methods
Configuration menu - View commit details
-
Copy full SHA for 97b41d9 - Browse repository at this point
Copy the full SHA 97b41d9View commit details -
NET-4858 - xds v2 - implement base connect proxy functionality for ro…
…utes (#18501) * NET-4853 - xds v2 - implement base connect proxy functionality for clusters * NET-4853 - xds v2 - implement base connect proxy functionality for clusters * NET-4932 - xds v2 - implement base connect proxy functionality for endpoints * Update endpoints_test.go * gofmt * NET-4858 - Make connect proxy route tests pass using xds v2 * Update endpoints_test.go * Update naming.go * use alsoRunTestForV2 * remove unused makeAddress * gofmt * fixing clusters
Configuration menu - View commit details
-
Copy full SHA for 9ea182f - Browse repository at this point
Copy the full SHA 9ea182fView commit details
Commits on Aug 18, 2023
-
Configuration menu - View commit details
-
Copy full SHA for cc596ce - Browse repository at this point
Copy the full SHA cc596ceView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0b580ff - Browse repository at this point
Copy the full SHA 0b580ffView commit details -
CI Split integration tests to run nightly and every PR (#18518)
* CI Split integration tests to run nightly and every PR * Checkout release branch for nightly test
Configuration menu - View commit details
-
Copy full SHA for d3837e3 - Browse repository at this point
Copy the full SHA d3837e3View commit details -
Fix broken links caught in weekly report (#18522)
* fix broken link caught in weekly report * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> --------- Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 5af4bbb - Browse repository at this point
Copy the full SHA 5af4bbbView commit details
Commits on Aug 21, 2023
-
Create nightly test-integration for consul release branch (#18530)
* Create nightly test-integration for consul release branch * test * fix
Configuration menu - View commit details
-
Copy full SHA for 587663d - Browse repository at this point
Copy the full SHA 587663dView commit details -
docs: Fix spelling errors across various pages on the site (#18533)
This commit fixes numerous spelling errors across the site and also removes unnecessary whitespace that was present in the edited files.
Configuration menu - View commit details
-
Copy full SHA for eab88bf - Browse repository at this point
Copy the full SHA eab88bfView commit details -
Make proto-public license MPL (#18531)
* Make proto-public license MPL * Add proto-public dir to exclusion list in .copywrite.hcl
Configuration menu - View commit details
-
Copy full SHA for e5842cd - Browse repository at this point
Copy the full SHA e5842cdView commit details -
Configuration menu - View commit details
-
Copy full SHA for 217d305 - Browse repository at this point
Copy the full SHA 217d305View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6d22179 - Browse repository at this point
Copy the full SHA 6d22179View commit details
Commits on Aug 22, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 547f4f8 - Browse repository at this point
Copy the full SHA 547f4f8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 53e28a4 - Browse repository at this point
Copy the full SHA 53e28a4View commit details -
CI: fix envoy versions in CI of release branch (#18538)
* CI: fix envoy versions in CI of release branch * - remove steps sds for 1.15 nightly run - checkout the release branch * add default name * fix * Update go-tests.yml * fix checkout code * add comments and revert schedule
Configuration menu - View commit details
-
Copy full SHA for c4b3234 - Browse repository at this point
Copy the full SHA c4b3234View commit details -
Configuration menu - View commit details
-
Copy full SHA for 570c84d - Browse repository at this point
Copy the full SHA 570c84dView commit details -
mesh: add validation for the new pbmesh resources (#18410)
Adds validation for HTTPRoute, GRPCRoute, TCPRoute, DestinationPolicy, and ComputedRoutes.
Configuration menu - View commit details
-
Copy full SHA for 55723c5 - Browse repository at this point
Copy the full SHA 55723c5View commit details -
xds controller: resolve ServiceEndpoints references in ProxyStateTemp… (
#18544) xds controller: resolve ServiceEndpoints references in ProxyStateTemplate
Configuration menu - View commit details
-
Copy full SHA for 0d60380 - Browse repository at this point
Copy the full SHA 0d60380View commit details -
mesh: adding type aliases for mesh resource usage (#18448)
Introduces some simple type aliases for DecodedResource[*X] wrappers for each type which cut down on the verbosity
Configuration menu - View commit details
-
Copy full SHA for 17667a1 - Browse repository at this point
Copy the full SHA 17667a1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4f9955d - Browse repository at this point
Copy the full SHA 4f9955dView commit details -
catalog: validating Protocol and Health enums on Service, Workload, a…
…nd ServiceEndpoints (#18554)
Configuration menu - View commit details
-
Copy full SHA for 5b88aae - Browse repository at this point
Copy the full SHA 5b88aaeView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8a93124 - Browse repository at this point
Copy the full SHA 8a93124View commit details -
fix for , non presence of consul-version meta (#18464)
* fix for #18406 , non presence of consul-version meta * removed redundant checks * updated mock-api to mimic api response for synthetic nodes * added test to test getDistinctConsulVersions method with synthetic-node case * updated typo in comments * added change log
Configuration menu - View commit details
-
Copy full SHA for a1755d1 - Browse repository at this point
Copy the full SHA a1755d1View commit details
Commits on Aug 23, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a1cd3f8 - Browse repository at this point
Copy the full SHA a1cd3f8View commit details -
bug: prevent go routine leakage due to existing DeferCheck (#18558)
* bug: prevent go routine leakage due to existing DeferCheck * add changelog
Configuration menu - View commit details
-
Copy full SHA for b37587b - Browse repository at this point
Copy the full SHA b37587bView commit details -
NET-5382 & PLAT-1159: Do not trigger workflow if only doc files are i…
…n commit history (#18528) NET-5382: Do not run workflow runs if at least one path matches
Configuration menu - View commit details
-
Copy full SHA for 63fa78a - Browse repository at this point
Copy the full SHA 63fa78aView commit details -
UI: community verbiage (#18560)
* chore: update community verbiage * chore: add changelog entry
Configuration menu - View commit details
-
Copy full SHA for 34eb700 - Browse repository at this point
Copy the full SHA 34eb700View commit details
Commits on Aug 24, 2023
-
Fix Windows FIPS Build (#18357)
* Fix Windows FIPS Build * create new file for windows arm * removed build tag * fix buidl tags * fix multiple go build
Configuration menu - View commit details
-
Copy full SHA for 2cc2c6b - Browse repository at this point
Copy the full SHA 2cc2c6bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 82993fc - Browse repository at this point
Copy the full SHA 82993fcView commit details -
Configuration menu - View commit details
-
Copy full SHA for 067a011 - Browse repository at this point
Copy the full SHA 067a011View commit details -
NET-5147: Added placeholder structs for JWT functionality (#18575)
* Added placeholder structs for JWT functionality * Added watches for CE vs ENT * Add license header * Undo plumbing work * Add context arg
Configuration menu - View commit details
-
Copy full SHA for 59ab57f - Browse repository at this point
Copy the full SHA 59ab57fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2225bf0 - Browse repository at this point
Copy the full SHA 2225bf0View commit details -
NET-5338 - NET-5338 - Run a v2 mode xds server (#18579)
* NET-5338 - NET-5338 - Run a v2 mode xds server * fix linting
Configuration menu - View commit details
-
Copy full SHA for 051f250 - Browse repository at this point
Copy the full SHA 051f250View commit details
Commits on Aug 25, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c8ef063 - Browse repository at this point
Copy the full SHA c8ef063View commit details -
Chris S. Kim authored
Aug 25, 2023 Configuration menu - View commit details
-
Copy full SHA for ecdcde4 - Browse repository at this point
Copy the full SHA ecdcde4View commit details
Commits on Aug 28, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 2f58e05 - Browse repository at this point
Copy the full SHA 2f58e05View commit details -
Fix typo in permissive mTLS docs (#18551)
Update onboarding-tproxy-mode.mdx
Configuration menu - View commit details
-
Copy full SHA for 0e17e98 - Browse repository at this point
Copy the full SHA 0e17e98View commit details -
Set concurrency for workflows (#18567)
* Set concurrency for workflows
Configuration menu - View commit details
-
Copy full SHA for 7bc30e9 - Browse repository at this point
Copy the full SHA 7bc30e9View commit details -
test: run automated tests against Vault 1.11 - 1.14 (#18590)
Begin to test against Vault 1.14. Drop tests against Vault 1.10.
Configuration menu - View commit details
-
Copy full SHA for 180c1e2 - Browse repository at this point
Copy the full SHA 180c1e2View commit details -
Reduce the frequency of metric exports to minutely (#18584)
Joshua Timmons authoredAug 28, 2023 Configuration menu - View commit details
-
Copy full SHA for 48c8a83 - Browse repository at this point
Copy the full SHA 48c8a83View commit details
Commits on Aug 29, 2023
-
NET-4944 - wire up controllers with proxy tracker (#18603)
Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 0e60650 - Browse repository at this point
Copy the full SHA 0e60650View commit details -
Configuration menu - View commit details
-
Copy full SHA for 797e42d - Browse repository at this point
Copy the full SHA 797e42dView commit details -
Distinguish v2 catalog Protocol unset from default (#18612)
Even though we intend to default to TCP when this field is not explicitly provided, uncluding an `UNSPECIFIED` default enum value allows us to create inheritance chains, e.g. service to workload.
Configuration menu - View commit details
-
Copy full SHA for f8812ed - Browse repository at this point
Copy the full SHA f8812edView commit details
Commits on Aug 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 58e5658 - Browse repository at this point
Copy the full SHA 58e5658View commit details -
[HCP Telemetry] Move first TelemetryConfig Fetch into the TelemetryCo…
…nfigProvider (#18318) * Add Enabler interface to turn sink on/off * Use h for hcpProviderImpl vars, fix PR feeback and fix errors * Keep nil check in exporter and fix tests * Clarify comment and fix function name * Use disable instead of enable * Fix errors nit in otlp_transform * Add test for refreshInterval of updateConfig * Add disabled field in MetricsConfig struct * Fix PR feedback: improve comment and remove double colons * Fix deps test which requires a maybe * Update hcp-sdk-go to v0.61.0 * use disabled flag in telemetry_config.go * Handle 4XX errors in telemetry_provider * Fix deps test * Check 4XX instead * Run make go-mod-tidy
Configuration menu - View commit details
-
Copy full SHA for 0f48b7a - Browse repository at this point
Copy the full SHA 0f48b7aView commit details -
update comments and docs about running envoy integration tests with t…
…he ENVOY_VERSION set. (#18614) update ENVOY_VERSION and documentation of it used in the bats envoy tests. Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 255aa15 - Browse repository at this point
Copy the full SHA 255aa15View commit details
Commits on Aug 31, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 65e3904 - Browse repository at this point
Copy the full SHA 65e3904View commit details -
Configuration menu - View commit details
-
Copy full SHA for c790d92 - Browse repository at this point
Copy the full SHA c790d92View commit details -
Configuration menu - View commit details
-
Copy full SHA for a4ebb03 - Browse repository at this point
Copy the full SHA a4ebb03View commit details -
Configuration menu - View commit details
-
Copy full SHA for 56733fb - Browse repository at this point
Copy the full SHA 56733fbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1ab22a7 - Browse repository at this point
Copy the full SHA 1ab22a7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7f7ea98 - Browse repository at this point
Copy the full SHA 7f7ea98View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2ae727f - Browse repository at this point
Copy the full SHA 2ae727fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1e2557f - Browse repository at this point
Copy the full SHA 1e2557fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1ec5d8d - Browse repository at this point
Copy the full SHA 1ec5d8dView commit details -
Configuration menu - View commit details
-
Copy full SHA for fddaa25 - Browse repository at this point
Copy the full SHA fddaa25View commit details -
Configuration menu - View commit details
-
Copy full SHA for c5510a1 - Browse repository at this point
Copy the full SHA c5510a1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7ea0d74 - Browse repository at this point
Copy the full SHA 7ea0d74View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0243d78 - Browse repository at this point
Copy the full SHA 0243d78View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2a69150 - Browse repository at this point
Copy the full SHA 2a69150View commit details
Commits on Sep 6, 2023
-
Merge 1ab22a7 into backport/docs/proxy-defaults-reformat-other-improv…
…ements/quietly-joint-monitor
Configuration menu - View commit details
-
Copy full SHA for 276a858 - Browse repository at this point
Copy the full SHA 276a858View commit details
Commits on Sep 7, 2023
-
Merge branch 'release/1.16.x' into backport/docs/proxy-defaults-refor…
…mat-other-improvements/quietly-joint-monitor
Configuration menu - View commit details
-
Copy full SHA for e9a01a2 - Browse repository at this point
Copy the full SHA e9a01a2View commit details -
Reformat proxy docs refresh (#18623)
* first commit; reformat PD conf entry * updated proxies overview page * added Deploy SM proxy usage and removed reg index * moved sidecar proxy usage to main proxy folder * recast sidecar reg page as Deploy sidecar services * fix typos * recast SM reg as conf reference- set the sidebar * add redirects * fix links * add PD conf entry usage to appropro pages * edits to proxy conf ref * fix links on index page * example command to write PD conf entry * updated links to old SM proxy reg page * updated links to sidecar service reg page * tryna fix front matter issues * Apply suggestions from code review Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com> * added paragraph about SM proxies to overivew * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> --------- Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ebb2d63 - Browse repository at this point
Copy the full SHA ebb2d63View commit details -
Merge branch 'release/1.16.x' into backport/docs/proxy-defaults-refor…
…mat-other-improvements/quietly-joint-monitor
Configuration menu - View commit details
-
Copy full SHA for 22f4f27 - Browse repository at this point
Copy the full SHA 22f4f27View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5de914f - Browse repository at this point
Copy the full SHA 5de914fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5fc3c8b - Browse repository at this point
Copy the full SHA 5fc3c8bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 85dae4a - Browse repository at this point
Copy the full SHA 85dae4aView commit details