-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Backport of NET-3908: allow configuration of SecurityContextConstraints when running on OpenShift into release/1.2.x #2738
Commits on Jun 8, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 57fef1f - Browse repository at this point
Copy the full SHA 57fef1fView commit details -
Configuration menu - View commit details
-
Copy full SHA for e35eaa3 - Browse repository at this point
Copy the full SHA e35eaa3View commit details -
* Add FIPS builds for linux amd64 * add version check * fix CI labels and add local dev commands * fix ci version tagging * switch to ubuntu 20.04 * add CLI version tag * add gcompat for alpine glibc cgo compatibility * remove FIPS version check from connect-init * address comments
Configuration menu - View commit details
-
Copy full SHA for f4435ac - Browse repository at this point
Copy the full SHA f4435acView commit details -
activated weekly acceptance tests for 1-2-x (#2315)
- making this trigger nightly until after 1.2.0 GA - leaving 0.49.x active until after 1.2.0 GA
Configuration menu - View commit details
-
Copy full SHA for 097f945 - Browse repository at this point
Copy the full SHA 097f945View commit details
Commits on Jun 9, 2023
-
Net 4230/add tcp to basic acceptance test (#2297)
* first run through, needs help * still need to make secure pass * left something uncommented * it works and also cleanup * fix acceptance tests
Configuration menu - View commit details
-
Copy full SHA for 61c7280 - Browse repository at this point
Copy the full SHA 61c7280View commit details -
[API Gateway] Add acceptance test for cluster peering (#2306)
* [API Gateway] Add acceptance test for cluster peering * Fix linter * Fix random unrelated linter errors to get CI to run: revert later? * one more linter fix to later probably revert * more linter fixes * Revert "more linter fixes" This reverts commit 6210dff. * Revert "one more linter fix to later probably revert" This reverts commit 030c563. * Revert "Fix random unrelated linter errors to get CI to run: revert later?" This reverts commit fdeccab.
Andrew Stucki authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for 555d4a6 - Browse repository at this point
Copy the full SHA 555d4a6View commit details -
Mw/net 3598 update kind for consul k8s acceptance tests with latest v…
…ersion of kind and k8s 1.27 (#2304) * update cloud tests to use 1.24, 1.25 and 1.26 version of kubernetes for more coverage * updated readme for supported kubernetes versions * added changelog
Configuration menu - View commit details
-
Copy full SHA for b56b7dd - Browse repository at this point
Copy the full SHA b56b7ddView commit details -
[API Gateway] WAN Federation test and fixes (#2295)
* [API Gateway] WAN Federation test and fixes * Fix unit tests
Andrew Stucki authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for 203c9d1 - Browse repository at this point
Copy the full SHA 203c9d1View commit details -
[API Gateway] fix dangling service registrations (#2321)
* Fix when gateways are deleted before we get services populated into cache * a bit of cleanup
Andrew Stucki authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for da147c1 - Browse repository at this point
Copy the full SHA da147c1View commit details -
api-gateway: add unit tests verifying scaling parameters on GatewayCl…
…assConfig are obeyed (#2272) * Add unit tests verifying that scaling parameters on GatewayClassConfig are obeyed * Add test case for scaling w/ no min or max configured
Configuration menu - View commit details
-
Copy full SHA for 198c443 - Browse repository at this point
Copy the full SHA 198c443View commit details -
Rename GatewayClassController to prevent name collision (#2317)
* Rename GatewayClassController to prevent name collision * Use gateway instead of gatewayclass in name * Use the constant in ownership checks * Change GatewayClass name to "consul" * Change GatewayClass name in cases * Change ApiGatewayClass back
Thomas Eckert authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for 8245efc - Browse repository at this point
Copy the full SHA 8245efcView commit details -
[API Gateway] Conformance Test Fixes (#2326)
* Fix SupportedKinds array to be what Conformance test expects * Fix cert validation status condition for listeners * Add programmed condition for listeners * Fix unit test --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for f07736b - Browse repository at this point
Copy the full SHA f07736bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6933efe - Browse repository at this point
Copy the full SHA 6933efeView commit details -
Ensure Reconciliation Stops (#2305)
* first pass at halting: got httproute and api-gateway done * clean up test * Handle all set for infinite reconcile check * Add table tests for minimal setup * Added some odd field names to test normalization is handled correctly * Use funky casing http routes
Configuration menu - View commit details
-
Copy full SHA for 7f6e1cb - Browse repository at this point
Copy the full SHA 7f6e1cbView commit details
Commits on Jun 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7e076bb - Browse repository at this point
Copy the full SHA 7e076bbView commit details
Commits on Jun 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 4976215 - Browse repository at this point
Copy the full SHA 4976215View commit details
Commits on Jun 12, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 60b214e - Browse repository at this point
Copy the full SHA 60b214eView commit details -
Improvement- [NET-189] Added helm inputs for managing audit logs (#2265)
* Added helm inputs for managing audit logs * Remove unwanted changes from values
Configuration menu - View commit details
-
Copy full SHA for 8f47485 - Browse repository at this point
Copy the full SHA 8f47485View commit details
Commits on Jun 13, 2023
-
Configuration menu - View commit details
-
Copy full SHA for fc40d5e - Browse repository at this point
Copy the full SHA fc40d5eView commit details -
fix: use correct flag when translating namespaces (#2353)
* fix: use correct flag when translating namespaces * Use non-normalized namespace when deregistering services * Guard against namespace queries when namespaces not enabled in cache
Configuration menu - View commit details
-
Copy full SHA for 345f62c - Browse repository at this point
Copy the full SHA 345f62cView commit details -
added imagePullPolicy for images in values.yaml (#2310)
* added imagePullPolicy for images in values.yaml * fix: renamed pullPolicy key according to image * fixed dafault always in tmpl * changed structure of image in yaml * revert changes * added global imagePullPolicy * fixed typo * added changelog file
Configuration menu - View commit details
-
Copy full SHA for 2850962 - Browse repository at this point
Copy the full SHA 2850962View commit details -
Configuration menu - View commit details
-
Copy full SHA for f2c166f - Browse repository at this point
Copy the full SHA f2c166fView commit details -
ci: update backport assistant to 0.3.4 (#2365)
This brings consul-k8s in line with consul. Most importantly, the backport assistant was updated to automatically assign created PRs to the author of the PR that is being backported.
Configuration menu - View commit details
-
Copy full SHA for 80b1f52 - Browse repository at this point
Copy the full SHA 80b1f52View commit details -
update changelog based on changes made to 1.2.x (#2348)
* update changelog based on changes made to 1.2.x * fixed test cases - enterprise cases were in the OSS test cases
Configuration menu - View commit details
-
Copy full SHA for e691f46 - Browse repository at this point
Copy the full SHA e691f46View commit details
Commits on Jun 14, 2023
-
api-gateway: nightly conformance test action (#2257)
* trigger conformance tests nightly, squash * remove extra line * Update nightly-api-gateway-conformance.yml
Configuration menu - View commit details
-
Copy full SHA for 9121afc - Browse repository at this point
Copy the full SHA 9121afcView commit details
Commits on Jun 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3ce3302 - Browse repository at this point
Copy the full SHA 3ce3302View commit details -
set everything to correct version (#2342)
making scripts more robust and removing changing helm chart
Configuration menu - View commit details
-
Copy full SHA for 19d2fb5 - Browse repository at this point
Copy the full SHA 19d2fb5View commit details -
api-gateway: fix cache and service deletion issue (#2377)
* Fix cache and service deletion issue * Add comments * add in acceptance test * Fix indentation * Fix unit test for deleting gateway w/ consul services * Remove redundant service deregistration code * Exit loop early once registration is found for service * Fix import blocking * Set status on pods added to test * Apply suggestions from code review * Reduce count of test gateways to 10 from 100 --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for c4617fc - Browse repository at this point
Copy the full SHA c4617fcView commit details
Commits on Jun 19, 2023
-
Adding support for weighted k8s service (#2293)
* Adding support for weighted k8s service * Adding changelog * if per-app weight is 0 then pull the weight to 1 * Addressing review comments * Addressing review comments * Addressing review comments * Comment update * Comment update * Parameterized table test * Parameterized table test * fixing linting issue * fixing linting issue --------- Co-authored-by: srahul3 <rahulsharma@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 47d4063 - Browse repository at this point
Copy the full SHA 47d4063View commit details -
Bumping go-discover to the lastest version (#2390)
* Bumping go-discover to the lastest version
Configuration menu - View commit details
-
Copy full SHA for fe4857e - Browse repository at this point
Copy the full SHA fe4857eView commit details -
Pin Kind versions on release branches (#2384)
* pinned kind configuration for CI tests - created a yaml file with the desired pinned versions - created a script to read the yaml - added a make target which can be used in CI to get the desired kind inputs/config --------- Co-authored-by: Curt Bushko <cbushko@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for a3c8771 - Browse repository at this point
Copy the full SHA a3c8771View commit details
Commits on Jun 20, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2400)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for aaa54c2 - Browse repository at this point
Copy the full SHA aaa54c2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 63c7682 - Browse repository at this point
Copy the full SHA 63c7682View commit details -
Acceptance test for permissive mTLS (#2378)
Paul Glass authoredJun 20, 2023 Configuration menu - View commit details
-
Copy full SHA for 4141f6f - Browse repository at this point
Copy the full SHA 4141f6fView commit details
Commits on Jun 21, 2023
-
Revert "added imagePullPolicy for images in values.yaml (#2310)" (#2415)
This reverts commit 2850962.
Configuration menu - View commit details
-
Copy full SHA for 08534e3 - Browse repository at this point
Copy the full SHA 08534e3View commit details
Commits on Jun 22, 2023
-
update with new make targets (#2411)
- allow configuration of acceptance testing matrices
Configuration menu - View commit details
-
Copy full SHA for 883fbdc - Browse repository at this point
Copy the full SHA 883fbdcView commit details
Commits on Jun 23, 2023
-
feat(helm): add configurable server-acl-init and cleanup resource lim…
…its (#2416) * feat(helm): add configurable server-acl-init and cleanup resource limits * Apply suggestions from code review Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com> * bugfix yaml path * fix bats test --------- Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 5b1856e - Browse repository at this point
Copy the full SHA 5b1856eView commit details -
Configuration menu - View commit details
-
Copy full SHA for c6c5d52 - Browse repository at this point
Copy the full SHA c6c5d52View commit details -
Thomas Eckert authored
Jun 23, 2023 Configuration menu - View commit details
-
Copy full SHA for f783f7e - Browse repository at this point
Copy the full SHA f783f7eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 79db263 - Browse repository at this point
Copy the full SHA 79db263View commit details
Commits on Jun 26, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2456)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for c2a149b - Browse repository at this point
Copy the full SHA c2a149bView commit details -
Fix GatewayClassConfig Test Timing Issue (#2409)
* Add retryCheckWithWait func * Fix retry timing on GatewayClassConfig test * remove redundant scale, make scale up number max + 1 * NET-4627, fix acceptance tests flake --------- Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for c83ce0c - Browse repository at this point
Copy the full SHA c83ce0cView commit details
Commits on Jun 27, 2023
-
always update acl policy if it exists (#2392)
* always update acl policy if it exists * added changelog * added unit test * fix typo * added some additional assertions to test * refactored create_or_update unit test
Configuration menu - View commit details
-
Copy full SHA for 95af4c7 - Browse repository at this point
Copy the full SHA 95af4c7View commit details -
Proxy Lifecycle helm, connect-inject and acceptance tests (#2233)
Proxy Lifecycle helm, connect-inject and acceptance tests (#2233) Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for e176846 - Browse repository at this point
Copy the full SHA e176846View commit details
Commits on Jun 28, 2023
-
PR breaking change release note change (#2469)
* Add breaking change to release notes
David Yu authoredJun 28, 2023 Configuration menu - View commit details
-
Copy full SHA for d3f9b67 - Browse repository at this point
Copy the full SHA d3f9b67View commit details -
Adds back gateway controller halting integration test (#2412)
Co-authored-by: John Maguire <john.maguire@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 920ee32 - Browse repository at this point
Copy the full SHA 920ee32View commit details
Commits on Jun 29, 2023
-
api-gateway: Fix nil pointer exception panic (#2487)
* fix nil pointer exception * add unit test * added changelog * delete changelog
Configuration menu - View commit details
-
Copy full SHA for e976b88 - Browse repository at this point
Copy the full SHA e976b88View commit details -
Use correct length for certificate RSA key for tests (#2490)
* Use correct length for certificate RSA key * api-gateway: Fix nil pointer exception panic (#2487) * fix nil pointer exception * add unit test * added changelog * delete changelog * Remove skip for fixed test --------- Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 83f050b - Browse repository at this point
Copy the full SHA 83f050bView commit details -
APIGW: Validate length of RSA Keys (#2478)
* Validate length of RSA key for inline certs * Bring key length check functions over from consul * move validation of key length from certificate parsing into validation of cert * Update to use sentinel errors * Add changelog * Addressing PR comments: fixing text in changelog, fixing import blocks, slight refactor of cert validation for readability * Ensure cert is removed from consul if an invalid one is presented * Fix linting issues, added tests for validating keys
Configuration menu - View commit details
-
Copy full SHA for 8fe4fb6 - Browse repository at this point
Copy the full SHA 8fe4fb6View commit details -
add changelog for 1.2.0 dataplane and consul 1.16.0 (#2496)
* add changelog for Consul 1.16.0 * add changelog for dataplane 1.2.0
Configuration menu - View commit details
-
Copy full SHA for ced0ae8 - Browse repository at this point
Copy the full SHA ced0ae8View commit details
Commits on Jun 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 736649d - Browse repository at this point
Copy the full SHA 736649dView commit details
Commits on Jul 3, 2023
-
ci: fix eks terraform quota error by cleaning up oidc providers (#2470)
cleans up oidc providers older than 8 hours.
Configuration menu - View commit details
-
Copy full SHA for 30e9f55 - Browse repository at this point
Copy the full SHA 30e9f55View commit details
Commits on Jul 6, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 1161322 - Browse repository at this point
Copy the full SHA 1161322View commit details
Commits on Jul 7, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2507)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for cbcbdc5 - Browse repository at this point
Copy the full SHA cbcbdc5View commit details
Commits on Jul 10, 2023
-
values.yaml - replace connect with service mesh for some instances (#…
…2516) * fix connect/service mesh * Update values.yaml
David Yu authoredJul 10, 2023 Configuration menu - View commit details
-
Copy full SHA for 0cb24d7 - Browse repository at this point
Copy the full SHA 0cb24d7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6624d34 - Browse repository at this point
Copy the full SHA 6624d34View commit details -
feat: adding security context and annotations to tls and acl init/cle…
…anup jobs (#2525) * feat: adding security context and annotations to tls and acl init/cleanup jobs * changelog --------- Co-authored-by: Chinikins <Chinikins@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 11a1851 - Browse repository at this point
Copy the full SHA 11a1851View commit details -
NET-4813: Fix issue where virtual IP saving had insufficient ACLs. (#…
…2520) Fix issue where virtual IP saving had insufficient ACLs.
Configuration menu - View commit details
-
Copy full SHA for fb02159 - Browse repository at this point
Copy the full SHA fb02159View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6adb9a2 - Browse repository at this point
Copy the full SHA 6adb9a2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4676652 - Browse repository at this point
Copy the full SHA 4676652View commit details
Commits on Jul 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 486061a - Browse repository at this point
Copy the full SHA 486061aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6b45156 - Browse repository at this point
Copy the full SHA 6b45156View commit details -
Configuration menu - View commit details
-
Copy full SHA for fd201c5 - Browse repository at this point
Copy the full SHA fd201c5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 592e457 - Browse repository at this point
Copy the full SHA 592e457View commit details -
HCP bootstrap preset to always downcase datacenter (#2551)
* Lowercase datacenter name from HCP bootstrap response * Add test cases to cloud bootstrap
Configuration menu - View commit details
-
Copy full SHA for 8582286 - Browse repository at this point
Copy the full SHA 8582286View commit details -
api-gateway: when multiple listeners have the same port, only add to …
…K8s Service once (#2413) * Modify unit tests to include multiple listeners w/ same port Running the tests on this commit will demonstrate the bug * When multiple listeners have the same port, only add to K8s Service once * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for 4f06479 - Browse repository at this point
Copy the full SHA 4f06479View commit details -
NET-4482: set route condition appropriately when parent ref includes …
…non-existent section (#2420) * Set route accepted condition appropriately when no listener with section name matching parent * Adjust error message for bind errors that aren't specific to one listener * Include section name in message for NoMatchingParent when available * Add unit test coverage for conditions derived from binding results * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for b8be6a0 - Browse repository at this point
Copy the full SHA b8be6a0View commit details
Commits on Jul 12, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 73959e7 - Browse repository at this point
Copy the full SHA 73959e7View commit details -
Update Release Scripts (#2558)
* update environment variables with CONSUL_K8s prefix - This will let us check that we have all the environment variables set more easily with `printenv | grep "CONSUL_K8S"` * update imageConsulDataplane without quotes - this makes it consistent with the other images - allows scripting to work similarly to other images * updated utils script - handle replace case where consul-enterprise is in the values.yaml file and charts.yaml file - handle adding pre-release tag in changelog - handle updating consul-dataplane
Configuration menu - View commit details
-
Copy full SHA for 65c4e74 - Browse repository at this point
Copy the full SHA 65c4e74View commit details -
added missing changelogs (#2565)
* added missing changelogs * Update CHANGELOG.md for 0.49.8 --------- Co-authored-by: Curt Bushko <cbushko@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for df0e649 - Browse repository at this point
Copy the full SHA df0e649View commit details
Commits on Jul 14, 2023
-
Refactor test framework to allow for more than two kube contexts (#2534)
* updated contributing example with new configuration lists add new make target "kind" to makefile * This lets us setup our standard kind environment for testing refactor framework to take config list flags * removed primary/secondary kube flags as this limited us to only two clusters * added flags for kube configs, contexts and namespaces. This way we can support n clusters where n is the length of the longest list. The flags are then combined into a list of objects for use in testing added tests for new helper methods refactored tests * now TestMain for multicluster check that the test arguments contain the expected number of clusters * use helper method `env.GetSecondaryContextKey(t)` which grabs the second context in the list instead of using the defunct environment.SecondaryContextName refactored flag test to use new config lists refactored cli cluster to use get primary helper added multicluster check for vault acceptance * vault tests are multi-cluster but we weren't performing the necessary checks
Configuration menu - View commit details
-
Copy full SHA for 29b6ed3 - Browse repository at this point
Copy the full SHA 29b6ed3View commit details
Commits on Jul 17, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2577)
Add copyright and license headers
Configuration menu - View commit details
-
Copy full SHA for 59228dd - Browse repository at this point
Copy the full SHA 59228ddView commit details
Commits on Jul 18, 2023
-
Consume gateway-api v0.7.1 for acceptance testing (#2578)
Changes proposed in this PR: - Consume the same version of gateway-api for acceptance testing that we're consuming in the control plane: https://github.com/hashicorp/consul-k8s/blob/29b6ed36923498afc8f377455d4275653960230f/control-plane/go.mod#L42 How I've tested this PR: - 👀 - 🤖 tests pass How I expect reviewers to test this PR: - See above Checklist: - [ ] Tests added - [ ] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for ab462d0 - Browse repository at this point
Copy the full SHA ab462d0View commit details -
Update to handle validation endpoints (#2580)
Changes proposed in this PR: - add in new validation call in endpoint How I've tested this PR: Ran it locally and tested the changes How I expect reviewers to test this PR: Read the code and run the command themselves to verify: ``` ./consul-k8s/acceptance/tests/cloud && go test -run TestBasicCloud -v -p 1 -timeout 20m \ -use-kind \ -kubecontext="kind-dc1" \ -consul-image hashicorppreview/consul-enterprise:1.17-dev -consul-k8s-image hashicorppreview/consul-k8s-control-plane:1.3.0-dev -consul-collector-image hashicorp/consul-telemetry-collector:0.0.1 \ -enable-enterprise ``` Checklist: - [X] Tests added - [n/a] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for c790951 - Browse repository at this point
Copy the full SHA c790951View commit details
Commits on Jul 19, 2023
-
test(eks): fix deprecated CSI driver terraform (#2584)
Changes proposed in this PR: - Replacing the deprecated [`resolve_conflicts`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon#resolve_conflicts) with the new attributes. I don't know if we really need this setting since it is optional and the addon has no user-defined config, but I'm keeping this to keep the behavior consistent. How I've tested this PR: I did not. How I expect reviewers to test this PR: 👀 Checklist: - [ ] ~Tests added~ - [ ] ~[CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)~
Configuration menu - View commit details
-
Copy full SHA for 07cc5cd - Browse repository at this point
Copy the full SHA 07cc5cdView commit details -
Configuration menu - View commit details
-
Copy full SHA for f0530d9 - Browse repository at this point
Copy the full SHA f0530d9View commit details -
test: remove unused workflow inputs (#2589)
Changes proposed in this PR: - Removed unused workflow inputs.
Configuration menu - View commit details
-
Copy full SHA for b3769b1 - Browse repository at this point
Copy the full SHA b3769b1View commit details
Commits on Jul 20, 2023
-
chore: Update actions for security (#2601)
Changes proposed in this PR: - Update actions that are out of date How I've tested this PR: 👀 How I expect reviewers to test this PR: 👀 Checklist: - [ ] Tests added - [ ] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for 4d4c35a - Browse repository at this point
Copy the full SHA 4d4c35aView commit details -
[NET-4122] Doc guidance for federation with externalServers (#2583)
Add guidance for proper configuration when joining to a secondary cluster using WAN fed with external servers also enabled. Also clarify federation requirements and fix formatting for an unrelated value. Changes proposed in this PR: - Update base content for generating Helm chart docs to clarify the use case encountered in #2138 - Minor additional fixes - _Follow-up: propagate generated doc changes to `consul` and additionally update https://developer.hashicorp.com/consul/docs/k8s/deployment-configurations/servers-outside-kubernetes there_ How I've tested this PR: N/A (docs only) How I expect reviewers to test this PR: 👀 Checklist: - [ ] Tests added - [ ] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for a4d9487 - Browse repository at this point
Copy the full SHA a4d9487View commit details -
Handle errors properly when services are de-registered from the catal…
…og (#2571) - In the past, kubernetes nodes were used as the source of truth to determine the list of services that should exist in Consul. - In most cases this was ok but becomes a problem when nodes are quickly deleted from kubernetes such as the case when using spot instances. - Instead, use consul synthetic-nodes to get the list of services and deregister the services that do not have endpoint addresses. --------- Co-authored-by: mr-miles <miles.waller@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 414554c - Browse repository at this point
Copy the full SHA 414554cView commit details -
Adding support for Enterprise and other improvement on the Customizin…
…g Vault Version for WanFed Test (#2481) * Adding support for Enterprise and other improvement on the Customizing Vault Version for WanFed Test This is the extension of the PR - #2043 In this PR, the followings were addressed - 1. Now the vault enterprise version can be provided in the cli command. The previous PR only addressed Vault OSS. 2. Two flags “-no-cleanup-wan-fed” and “test-duration” were introduced to not to cleanup the test environment after successful setup to give it time to do manual testing for features/to reproduce customer issues. Default is 1 hour. 3. This was tested in Kind environment and it works fine. The following was taken out to use the “use-kind” option for WanFed test. //if cfg.UseKind { // t.Skipf("Skipping this test because it's currently flaky on kind") //} * Fix indentation * Fix unit test for deleting gateway w/ consul services * Remove redundant service deregistration code * Exit loop early once registration is found for service * Fix import blocking * Set status on pods added to test * Apply suggestions from code review * Reduce count of test gateways to 10 from 100 --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Changes proposed in this PR: - - How I've tested this PR: How I expect reviewers to test this PR: Checklist: - [ ] Tests added - [ ] CHANGELOG entry added > HashiCorp engineers only, community PRs should not add a changelog entry. > Entries should use present tense (e.g. Add support for...) * Removing the changes in vault_namespaces_test.go * Introducing new flag no-cleanup * Removed "go 1.20" from go.work file * cfg.USEKind check is added back * Removed previousy added "Test Duration" flag * Some changes * Some changes
Configuration menu - View commit details
-
Copy full SHA for ff24495 - Browse repository at this point
Copy the full SHA ff24495View commit details
Commits on Jul 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 8b45de8 - Browse repository at this point
Copy the full SHA 8b45de8View commit details -
added make target for checking for hashicorppreview (#2603)
* added make target for checking for hashicorppreview * added check to prepare-release make target
Configuration menu - View commit details
-
Copy full SHA for efa2be8 - Browse repository at this point
Copy the full SHA efa2be8View commit details -
Increase golangci-lint timeout to 10m (#2621)
This is meant to solve for recurrent timeouts in several steps, particularly `golangci-lint-control-plane` and `golang-ci-lint-cli`. An accompanying change in `consul-k8s-workflows` should disable caching until the (unclear) root of the issue can be resolved, or we can disable or clear cache in a more targeted way that solves for these cases.
Configuration menu - View commit details
-
Copy full SHA for e2adf6f - Browse repository at this point
Copy the full SHA e2adf6fView commit details
Commits on Jul 24, 2023
-
Fix TestAPIGateway_GatewayClassConfig (#2631)
* Fix TestAPIGateway_GatewayClassConfig * Remove stray files from bad merge
Paul Glass authoredJul 24, 2023 Configuration menu - View commit details
-
Copy full SHA for 1690fe2 - Browse repository at this point
Copy the full SHA 1690fe2View commit details -
Support running with restricted PSA enforcement enabled (part 1) (#2572)
Support restricted PSA enforcement in a basic setup. This is enough to get a basic setup with ACLs and TLS working and an acceptance test passing (but does not update every component). On OpenShift, we have the option to set the security context or not. If the security context is unset, then it is set automatically by OpenShift SCCs. However, we prefer to set the security context to avoid useless warnings on OpenShift and to reduce the config difference between OpenShift and plain Kube. By default, OpenShift namespaces have the audit and warn PSA labels set to restricted, so we receive pod security warnings when deploying Consul to OpenShift even though the pods will be able to run. Helm chart changes: * Add a helper to the helm chart to define a "restricted" container security context (when pod security policies are not enabled) * Update the following container securityContexts to use the "restricted" settings (not exhaustive) - gateway-cleanup-job.yaml - gateway-resources-job.yaml - gossip-encryption-autogenerate-job.yaml - server-acl-init-cleanup-job.yaml - only if `.Values.server.containerSecurityContext.server.acl-init` is unset - server-acl-init-job.yaml - only if `.Values.server.containerSecurityContext.server.acl-init` is unset - server-statefulset.yaml: - the locality-init container receives the restricted context - the consul container receives the restricted context only if `.Values.server.containerSecurityContext.server` is unset - tls-init-cleanup-job.yaml - only if `.Values.server.containerSecurityContext.server.tls-init` is unset - tls-init-job.yaml - only if `.Values.server.containerSecurityContext.server.tls-init` is unset - webhook-cert-manager-deployment.yaml Acceptance test changes: * When `-enable-openshift` and `-enable-cni` are set, configure the CNI settings correctly for OpenShift. * Add the `-enable-restricted-psa-enforcement` test flag. When this is set, the tests assume the Consul namespace has restricted PSA enforcement enabled. The tests will deploy the CNI (if enabled) into the `kube-system` namespace. Compatible test cases will deploy applications outside of the Consul namespace. * Update the ConnectHelper to configure the NetworkAttachmentDefinition required to be compatible with the CNI on OpenShift. * Add fixtures for static-client and static-server for OpenShift. This is necessary because the deployment configs must reference the network attachment definition when using the CNI on OpenShift. * Update tests in the `acceptance/tests/connect` directory to either run or skip based on -enable-cni and -enable-openshift
Paul Glass authoredJul 24, 2023 Configuration menu - View commit details
-
Copy full SHA for 3932e28 - Browse repository at this point
Copy the full SHA 3932e28View commit details -
Configuration menu - View commit details
-
Copy full SHA for a924e88 - Browse repository at this point
Copy the full SHA a924e88View commit details -
[NET-4865] security: Upgrade Go and net/http CVE-2023-29406 (#2642)
security: Upgrade Go and net/http Upgrade to Go 1.20.6 and `net/http` 1.12.0 to resolve CVE-2023-29406.
Configuration menu - View commit details
-
Copy full SHA for 5b57e63 - Browse repository at this point
Copy the full SHA 5b57e63View commit details
Commits on Jul 25, 2023
-
Consul client always logs into the local datacenter (#2652)
The consul client always logs into the local datacenter
Configuration menu - View commit details
-
Copy full SHA for 6b26d91 - Browse repository at this point
Copy the full SHA 6b26d91View commit details -
Add support for requestTimeout in Service Resolver spec (#2641)
* Add support for requestTimeout in Service Resolver spec * preserve serviceresolvers.yaml Preserving yaml from main, only adding requesttimeout property. * update generated.deepcopy.go * Use latest controller-gen to generate CRDs --------- Co-authored-by: Ashwin Venkatesh <ashwin.what@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 89a1c6d - Browse repository at this point
Copy the full SHA 89a1c6dView commit details
Commits on Jul 26, 2023
-
Increase timeout for acl replication to 60 seconds and poll every 500…
… ms (#2656) increase timeout for acl replication to 60 seconds and poll every 500 ms
Configuration menu - View commit details
-
Copy full SHA for 94414a7 - Browse repository at this point
Copy the full SHA 94414a7View commit details -
Update changelog to address cloud auto-join change in 1.0.0 (#2667)
Paul Glass authoredJul 26, 2023 Configuration menu - View commit details
-
Copy full SHA for 596a2a7 - Browse repository at this point
Copy the full SHA 596a2a7View commit details -
NET-4967: Fix helm install when setting copyAnnotations or nodeSelect…
…or for apiGateway (#2597) * Support multiline nodeSelector arg * Support multiline service annotations arg * Update test assertions * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for f026d43 - Browse repository at this point
Copy the full SHA f026d43View commit details
Commits on Jul 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7bb0a57 - Browse repository at this point
Copy the full SHA 7bb0a57View commit details -
Mw/net 4260 phase 2 automate the k8s sameness tests (#2579)
* add kustomize files - These reflect the different test cases - sameness.yaml defines the ordered list of failovers - static-server responds with a unique name so we can track failover order - static-client includes both DNS and CURL in the image used so we can exec in for testing * add sameness tests - We do a bunch of infra setup for peering and partitions, but after the initial setup only partitions are tested - We test service failover, dns failover and PQ failover scenarios * add 4 kind clusters to make target - The sameness tests require 4 kind clusters, so the make target will now spin up 4 kind clusters - not all tests need 4 kind clusters, but the entire suite of tests can be run with 4 * increase kubectl timeout to 90s - add variable for configuring timeout - timeout was triggering locally on intel mac machine, so this timeout should cover our devs lowest performing machines * add sameness test to test packages * Fix comments on partition connect test
Configuration menu - View commit details
-
Copy full SHA for b6d3e61 - Browse repository at this point
Copy the full SHA b6d3e61View commit details
Commits on Jul 28, 2023
-
Added logLevel field for components (#2302)
* Added logLevel field for components * Add changelog * Fix tests * Rename 2298.txt to 2302.txt * Address comments * Fix tests * Fix helm tests * Address comments * Add client and server loglevels * Fix bats * Update changelog * Fix bats tests
Configuration menu - View commit details
-
Copy full SHA for 89ee905 - Browse repository at this point
Copy the full SHA 89ee905View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3e1f799 - Browse repository at this point
Copy the full SHA 3e1f799View commit details -
Use controller-gen 0.8.0 for CRDs (#2684)
- Add missing license headers.
Configuration menu - View commit details
-
Copy full SHA for 63567cb - Browse repository at this point
Copy the full SHA 63567cbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3cb0cce - Browse repository at this point
Copy the full SHA 3cb0cceView commit details -
[NET-4865] Bump golang.org/x/net to 0.12.0 in cni (#2668)
* Bump golang.org/x/net to 0.12.0 in cni This was missed in 5b57e63 as part of a general upgrade of that dependency. * Bump server-connection-manager to v0.1.3 Tidying up following CVE dependency bumps, leading to a new release of this library.
Configuration menu - View commit details
-
Copy full SHA for 6835b1e - Browse repository at this point
Copy the full SHA 6835b1eView commit details
Commits on Jul 31, 2023
-
Fix default Ent image tag in acceptance tests (#2683)
* Fix default Ent image tag in acceptance tests Rather than hard-coding the Docker repository and parsing the non-Ent image tag for a version, simply replace the image name and retain other coordinates. This is consistent with our tagging scheme introduced in hashicorp/consul#13541 and will allow for using `hashicorppreview` images seamlessly regardless of whether OSS or Ent is being tested. * Add make target for loading images in kind Complement other multi-cluster make targets by supporting image loading across kind clusters.
Configuration menu - View commit details
-
Copy full SHA for da99ce4 - Browse repository at this point
Copy the full SHA da99ce4View commit details
Commits on Aug 2, 2023
-
[NET-5146] security: Upgrade Go and
x/net
(#2710)security: Upgrade Go and x/net Upgrade to Go 1.20.7 and `x/net` 1.13.0 to resolve [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) and [CVE-2023-3978](https://nvd.nist.gov/vuln/detail/CVE-2023-3978).
Configuration menu - View commit details
-
Copy full SHA for 8379be9 - Browse repository at this point
Copy the full SHA 8379be9View commit details -
Increase timeout while waiting for vault server to be ready (#2709)
increase timeout while waiting for server to be ready and fix require.Equal check
Configuration menu - View commit details
-
Copy full SHA for 61c7761 - Browse repository at this point
Copy the full SHA 61c7761View commit details
Commits on Aug 3, 2023
-
Acceptance tests: increase api-gateway retries (#2716)
* Increase the retries and add config entry retries
Configuration menu - View commit details
-
Copy full SHA for 939e7c3 - Browse repository at this point
Copy the full SHA 939e7c3View commit details
Commits on Aug 7, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 4f5437d - Browse repository at this point
Copy the full SHA 4f5437dView commit details -
Configuration menu - View commit details
-
Copy full SHA for a529f27 - Browse repository at this point
Copy the full SHA a529f27View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3d5e980 - Browse repository at this point
Copy the full SHA 3d5e980View commit details -
Configuration menu - View commit details
-
Copy full SHA for b176b78 - Browse repository at this point
Copy the full SHA b176b78View commit details -
Adds missing closing ``` to existing changelog entry as well
Configuration menu - View commit details
-
Copy full SHA for e67f2df - Browse repository at this point
Copy the full SHA e67f2dfView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0bc616a - Browse repository at this point
Copy the full SHA 0bc616aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1bd97f9 - Browse repository at this point
Copy the full SHA 1bd97f9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 11cc9e9 - Browse repository at this point
Copy the full SHA 11cc9e9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2c4bbee - Browse repository at this point
Copy the full SHA 2c4bbeeView commit details -
Configuration menu - View commit details
-
Copy full SHA for c6c9a0b - Browse repository at this point
Copy the full SHA c6c9a0bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 31773b6 - Browse repository at this point
Copy the full SHA 31773b6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 52acedd - Browse repository at this point
Copy the full SHA 52aceddView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3f847e6 - Browse repository at this point
Copy the full SHA 3f847e6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 283cf75 - Browse repository at this point
Copy the full SHA 283cf75View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5247f0a - Browse repository at this point
Copy the full SHA 5247f0aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0c93777 - Browse repository at this point
Copy the full SHA 0c93777View commit details -
Configuration menu - View commit details
-
Copy full SHA for cfd9984 - Browse repository at this point
Copy the full SHA cfd9984View commit details -
Configuration menu - View commit details
-
Copy full SHA for c25cb65 - Browse repository at this point
Copy the full SHA c25cb65View commit details -
some cleanup plus added an openshift test, need to understand owner r…
…eferences in test
Configuration menu - View commit details
-
Copy full SHA for 6152c62 - Browse repository at this point
Copy the full SHA 6152c62View commit details -
Configuration menu - View commit details
-
Copy full SHA for 451a3f7 - Browse repository at this point
Copy the full SHA 451a3f7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 67ba54d - Browse repository at this point
Copy the full SHA 67ba54dView commit details -
added template for scc name for easier testing, may or may not leave …
…in and make better
Configuration menu - View commit details
-
Copy full SHA for 78aa9ce - Browse repository at this point
Copy the full SHA 78aa9ceView commit details -
Configuration menu - View commit details
-
Copy full SHA for d0a70e6 - Browse repository at this point
Copy the full SHA d0a70e6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0f2eaac - Browse repository at this point
Copy the full SHA 0f2eaacView commit details
Commits on Aug 8, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 103bee3 - Browse repository at this point
Copy the full SHA 103bee3View commit details