-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Backport of correct prometheus port and scheme annotations if tls is enabled into release/1.0.x #2855
Commits on Mar 2, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 1ea918e - Browse repository at this point
Copy the full SHA 1ea918eView commit details
Commits on Mar 3, 2023
-
Mw/add backport checker (#1982)
* fix grammar in changelog checker * add backport checker
Configuration menu - View commit details
-
Copy full SHA for c0e5c69 - Browse repository at this point
Copy the full SHA c0e5c69View commit details
Commits on Mar 6, 2023
-
Automatic ACL bootstrap with Vault secrets backend (#1920)
Support automatic ACL bootstrapping with the Vault secrets backend With the Vault secrets backend, server-acl-init now: * Runs the Vault agent as a sidecar * Bootstraps ACLs if the Vault bootstrap token is empty or not found, and writes the bootstrap token back to Vault via the Vault agent The Kubernetes backend will write the bootstrap token to the user-provided secret if that secret is empty. The Vault behavior is the same. The Vault backend writes to a default secret name if the secretName and secretKey are not set in the helm chart values. server-acl-init reads the secret directly from k8s or Vault. * Remove -bootstrap-token-file flag from server-acl-init and remove the * Remove the volume/mount for bootstrap token --------- Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7079fc8 - Browse repository at this point
Copy the full SHA 7079fc8View commit details
Commits on Mar 8, 2023
-
* update charts to point to 1.15.1 * updated consul libraries to the latest
Configuration menu - View commit details
-
Copy full SHA for 86454d2 - Browse repository at this point
Copy the full SHA 86454d2View commit details
Commits on Mar 9, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a46657e - Browse repository at this point
Copy the full SHA a46657eView commit details -
Configuration menu - View commit details
-
Copy full SHA for d13953b - Browse repository at this point
Copy the full SHA d13953bView commit details
Commits on Mar 13, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6fbb20f - Browse repository at this point
Copy the full SHA 6fbb20fView commit details
Commits on Mar 14, 2023
-
Add SNI skip for client node configuration
Andrew Stucki committedMar 14, 2023 Configuration menu - View commit details
-
Copy full SHA for e23dbb6 - Browse repository at this point
Copy the full SHA e23dbb6View commit details -
Andrew Stucki committed
Mar 14, 2023 Configuration menu - View commit details
-
Copy full SHA for 730ab26 - Browse repository at this point
Copy the full SHA 730ab26View commit details -
Merge pull request #2013 from hashicorp/NET-2966/sni-fix-gateway-cont…
…roller Add SNI skip for client node configuration
Andrew Stucki authoredMar 14, 2023 Configuration menu - View commit details
-
Copy full SHA for a029eae - Browse repository at this point
Copy the full SHA a029eaeView commit details
Commits on Mar 15, 2023
-
values.yaml - set default connect inject init cpu resource limits to …
…`null` to increase service registration times (#2008) * Update values.yaml
David Yu authoredMar 15, 2023 Configuration menu - View commit details
-
Copy full SHA for 1483c17 - Browse repository at this point
Copy the full SHA 1483c17View commit details
Commits on Mar 20, 2023
-
Remove client.enabled requirement in docs (#2027)
Clients are not required for ingress/terminating gateways.
Configuration menu - View commit details
-
Copy full SHA for 9de3ff9 - Browse repository at this point
Copy the full SHA 9de3ff9View commit details
Commits on Mar 21, 2023
-
Remove website prefix from generated docs (#2028)
Website has linting that errors when links have the developer.hashicorp.com prefix.
Configuration menu - View commit details
-
Copy full SHA for 7d098bd - Browse repository at this point
Copy the full SHA 7d098bdView commit details
Commits on Mar 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6344071 - Browse repository at this point
Copy the full SHA 6344071View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3783178 - Browse repository at this point
Copy the full SHA 3783178View commit details
Commits on Mar 25, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7ec6ec2 - Browse repository at this point
Copy the full SHA 7ec6ec2View commit details -
Merge branch 'bug/gateway-controller-incomplete-acl' of github.com:ha…
…shicorp/consul-k8s into bug/gateway-controller-incomplete-acl
Configuration menu - View commit details
-
Copy full SHA for 4dd5298 - Browse repository at this point
Copy the full SHA 4dd5298View commit details -
Configuration menu - View commit details
-
Copy full SHA for d718883 - Browse repository at this point
Copy the full SHA d718883View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5d0a6ad - Browse repository at this point
Copy the full SHA 5d0a6adView commit details
Commits on Mar 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 74291af - Browse repository at this point
Copy the full SHA 74291afView commit details
Commits on Mar 28, 2023
-
Configuration menu - View commit details
-
Copy full SHA for f76c1dc - Browse repository at this point
Copy the full SHA f76c1dcView commit details -
Configuration menu - View commit details
-
Copy full SHA for ed2c3d6 - Browse repository at this point
Copy the full SHA ed2c3d6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4f00647 - Browse repository at this point
Copy the full SHA 4f00647View commit details -
Configuration menu - View commit details
-
Copy full SHA for c6068ca - Browse repository at this point
Copy the full SHA c6068caView commit details -
Merge pull request #2016 from hashicorp/copyright-config-file
[COMPLIANCE] add copyright headers to files
Configuration menu - View commit details
-
Copy full SHA for 54ec4b6 - Browse repository at this point
Copy the full SHA 54ec4b6View commit details -
Merge pull request #2029 from hashicorp/bug/gateway-controller-incomp…
…lete-acl Update ACLs, add namespace.write permission
Configuration menu - View commit details
-
Copy full SHA for 385ecd0 - Browse repository at this point
Copy the full SHA 385ecd0View commit details
Commits on Apr 3, 2023
-
add failover policy to service resolver annd proxy default
Maliz committedApr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for faf41e8 - Browse repository at this point
Copy the full SHA faf41e8View commit details -
change default mode to sequential
Maliz committedApr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for fd2b265 - Browse repository at this point
Copy the full SHA fd2b265View commit details -
Maliz committed
Apr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for ec4165a - Browse repository at this point
Copy the full SHA ec4165aView commit details -
add region field to failover policy
Maliz committedApr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for 6c82e99 - Browse repository at this point
Copy the full SHA 6c82e99View commit details -
Maliz committed
Apr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for b4e313e - Browse repository at this point
Copy the full SHA b4e313eView commit details -
add test for validate function
Maliz committedApr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for adbca80 - Browse repository at this point
Copy the full SHA adbca80View commit details -
Maliz committed
Apr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for 5ec0a7f - Browse repository at this point
Copy the full SHA 5ec0a7fView commit details -
Maliz committed
Apr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for 36e3d5c - Browse repository at this point
Copy the full SHA 36e3d5cView commit details -
Maliz committed
Apr 3, 2023 Configuration menu - View commit details
-
Copy full SHA for 3a18ca1 - Browse repository at this point
Copy the full SHA 3a18ca1View commit details
Commits on Apr 4, 2023
-
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 58a1434 - Browse repository at this point
Copy the full SHA 58a1434View commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 2221165 - Browse repository at this point
Copy the full SHA 2221165View commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 446e8c1 - Browse repository at this point
Copy the full SHA 446e8c1View commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for ac32897 - Browse repository at this point
Copy the full SHA ac32897View commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 7cebf6e - Browse repository at this point
Copy the full SHA 7cebf6eView commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 064453b - Browse repository at this point
Copy the full SHA 064453bView commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for e51fddf - Browse repository at this point
Copy the full SHA e51fddfView commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 610c946 - Browse repository at this point
Copy the full SHA 610c946View commit details -
Maliz committed
Apr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for 9a10ce1 - Browse repository at this point
Copy the full SHA 9a10ce1View commit details -
update acl test to pass in oss and ent
Maliz committedApr 4, 2023 Configuration menu - View commit details
-
Copy full SHA for b10598e - Browse repository at this point
Copy the full SHA b10598eView commit details
Commits on Apr 5, 2023
-
Fix the indentation of the copyAnnotations example (#2037)
Thomas Eckert authoredApr 5, 2023 Configuration menu - View commit details
-
Copy full SHA for 2cff14e - Browse repository at this point
Copy the full SHA 2cff14eView commit details -
make all acl error comparisons consistent in tests
Maliz committedApr 5, 2023 Configuration menu - View commit details
-
Copy full SHA for ed8325b - Browse repository at this point
Copy the full SHA ed8325bView commit details -
Merge pull request #2030 from hashicorp/maliz-add-failover-policy-pro…
…xy-default add failover policy to service resolver and proxy default
malizz authoredApr 5, 2023 Configuration menu - View commit details
-
Copy full SHA for f5b9ac9 - Browse repository at this point
Copy the full SHA f5b9ac9View commit details
Commits on Apr 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 2fb7944 - Browse repository at this point
Copy the full SHA 2fb7944View commit details -
Revert "test image form consul-enterprise"
This reverts commit 2fb7944.
Configuration menu - View commit details
-
Copy full SHA for 0e771fc - Browse repository at this point
Copy the full SHA 0e771fcView commit details
Commits on Apr 13, 2023
-
Convert acceptance to use github actions (#2046)
* Terraform: increase node sizes * update GKE to use already created subnets * Dispatch: dispatch to consul-k8s-workflows
Configuration menu - View commit details
-
Copy full SHA for 10c7a56 - Browse repository at this point
Copy the full SHA 10c7a56View commit details
Commits on Apr 14, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3b2d5e8 - Browse repository at this point
Copy the full SHA 3b2d5e8View commit details -
* Update status on PRs * Split pr and push into 2 different files so that context can be passed through
Configuration menu - View commit details
-
Copy full SHA for 5817c28 - Browse repository at this point
Copy the full SHA 5817c28View commit details
Commits on Apr 17, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 8d2c193 - Browse repository at this point
Copy the full SHA 8d2c193View commit details
Commits on Apr 18, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 34fb4a2 - Browse repository at this point
Copy the full SHA 34fb4a2View commit details -
add sameness group CRD (#2048)
* draft of adding sameness group CRD * move sameness group tests to ent test file * update tests * fix lint issues * generate yaml and update helm charts * update field descriptions and validation and its test * remove unwanted files, add license comments back * rename samenessgroups to samenessgroup * fix resource names * update failing unit test
malizz authoredApr 18, 2023 Configuration menu - View commit details
-
Copy full SHA for 11f842c - Browse repository at this point
Copy the full SHA 11f842cView commit details
Commits on Apr 20, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7145b02 - Browse repository at this point
Copy the full SHA 7145b02View commit details
Commits on Apr 21, 2023
-
Fix Sync Catalog ACL Token Environment Var Name (#2068)
* Fix Sync Catalog ACL Token Environment Var Name * Update ACL variable name in tests
Configuration menu - View commit details
-
Copy full SHA for e0df679 - Browse repository at this point
Copy the full SHA e0df679View commit details
Commits on Apr 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 568ab03 - Browse repository at this point
Copy the full SHA 568ab03View commit details -
add sameness group to exported services (#2075)
* add sameness group to exported services * update CRDs * update deep copy * re add license line * check if sameness group is wildcard * remove experimental tag on peering fields * update error message case * update error message case in webhook test
malizz authoredApr 24, 2023 Configuration menu - View commit details
-
Copy full SHA for f8eb931 - Browse repository at this point
Copy the full SHA f8eb931View commit details
Commits on Apr 27, 2023
-
Adjust API gateway controller deployment appropriately when Vault con…
…figured as secrets backend (#2083) * Adjust mount based on whether Vault is enabled as secrets backend * Add changelog entry * Improve wording of changelog entry * Use Vault serverca for CONSUL_CACERT when secrets backend enabled * Add comment to Helm template explaining logic * Add unit test for CONSUL_CACERT with Vault secret path * Add unit tests for removing mounts when Vault is secrets backend
Configuration menu - View commit details
-
Copy full SHA for 969b6f9 - Browse repository at this point
Copy the full SHA 969b6f9View commit details -
Result of tsccr-helper -pin-all-workflows . (#2089)
Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2173112 - Browse repository at this point
Copy the full SHA 2173112View commit details
Commits on Apr 28, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7a006b5 - Browse repository at this point
Copy the full SHA 7a006b5View commit details -
add sameness group to service resolver, update manifests (#2086)
* add sameness group to service resolver, update manifests * get the latest api and update acceptance tests * get the latest api in acceptanc tests * update validation code, remove dynamic validations, update tests * check nil pointer * go get latest api * revert acceptance changes
malizz authoredApr 28, 2023 Configuration menu - View commit details
-
Copy full SHA for 28f396a - Browse repository at this point
Copy the full SHA 28f396aView commit details -
add sameness group to source intention (#2097)
* add sameness group to source intention * add more test coverage * add comment on metaValueMaxLength variable * fix comment lint issue
malizz authoredApr 28, 2023 Configuration menu - View commit details
-
Copy full SHA for 8c22f83 - Browse repository at this point
Copy the full SHA 8c22f83View commit details
Commits on May 4, 2023
-
Configuration menu - View commit details
-
Copy full SHA for bc693e6 - Browse repository at this point
Copy the full SHA bc693e6View commit details -
Spatel/net 1646 add max ejection percent and base ejection time (#2064)
* Add MaxEjectionPercent and BaseEjectionTime to servicedefaults * test with sister branch in consul repo * missed one * fix tag names * fix json tags and duration type * update test * generate yaml files and fix imports --------- Co-authored-by: Semir Patel <semir.patel@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for c86f3d5 - Browse repository at this point
Copy the full SHA c86f3d5View commit details
Commits on May 8, 2023
-
Configuration menu - View commit details
-
Copy full SHA for d7bf922 - Browse repository at this point
Copy the full SHA d7bf922View commit details -
Configuration menu - View commit details
-
Copy full SHA for cb7fd51 - Browse repository at this point
Copy the full SHA cb7fd51View commit details
Commits on May 10, 2023
-
Customizing Vault Version for WanFed Test (#2043)
* Customizing Vault Version for WanFed Test * Modified * Changed according to the review comments * Removed the commented line * Vault server version type changed to String * changed back to VaultServerVersion type * Changing "VaultServerVersion" to type "String"
Configuration menu - View commit details
-
Copy full SHA for 4a2bd44 - Browse repository at this point
Copy the full SHA 4a2bd44View commit details
Commits on May 11, 2023
-
add config read command (#2078)
* add config read command * add tests * lint * update docs * add changelog * fix linting errors * PR feedback
Configuration menu - View commit details
-
Copy full SHA for ccb51c1 - Browse repository at this point
Copy the full SHA ccb51c1View commit details -
Update CRDs for Permissive mTLS (#2100)
* Add mutualTLSMode to service-defaults and proxy-defaults * Add allowEnablingPermisiveMutualTLS to mesh config entry
Paul Glass authoredMay 11, 2023 Configuration menu - View commit details
-
Copy full SHA for bd16ab8 - Browse repository at this point
Copy the full SHA bd16ab8View commit details
Commits on May 12, 2023
-
helm: add HOST_IP to mesh-gateway (#1808)
* add HOST_IP to mesh-gateway
Configuration menu - View commit details
-
Copy full SHA for d159fc5 - Browse repository at this point
Copy the full SHA d159fc5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8a10701 - Browse repository at this point
Copy the full SHA 8a10701View commit details
Commits on May 15, 2023
-
Add support for syncing Ingress hostname to the Consul Catalog (#2098)
* Add support for syncing Ingress hostname to the Consul Catalog * fix changelog-checker syntax error
Configuration menu - View commit details
-
Copy full SHA for eeab076 - Browse repository at this point
Copy the full SHA eeab076View commit details
Commits on May 16, 2023
-
Add telemetry collector deployment to consul-k8s (#2134)
* Create values.yaml section for telemetry-collector * Initial telemetry-collector validation and bats test * Add nodeSelector * Add connect-init initContainer * Add consul-dataplane container * Conditionally add ca-cert volume * Include vault annotations * Prune tests to pertinent test cases * Move consul server env vars * Check ca mount for dataplane container * Check correct env var * Set default resources * Set initContainer and tolerations * Support priorityClassName * Support setting initContainer resources * Fix replicas unit test * Turn off tproxy and remove unneeded security context * Set -tls-disabled if global.tls.enabled=false * Set -ca-certs correct if tls is enabled * Set external server args * Set partition flag tests * Label bats tests, remove duplicate flags * Bats tests for service, add metricsserver port * Support annotations and imagePullSecret on serviceAccount * Create configmap for custom configuration * Add configmap to deployment * Fix test names * Remove unneeded cloud validation. fixup comment * Comment values.yaml changes * Switch from sidecar auth method to component auth method * changelog * Add PodSecurityPolicy for consul-telemetry-collector * Rename init container + add comment * Remove logLevel bats tests as it is unsupported right now * Remove auth-method special cases * Replace LOGIN_DATACENTER login with LOGIN_NAMESPACE * Remove unneeded LOGIN_DATACENTER test
Configuration menu - View commit details
-
Copy full SHA for 02cab6c - Browse repository at this point
Copy the full SHA 02cab6cView commit details
Commits on May 17, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 5bd6c60 - Browse repository at this point
Copy the full SHA 5bd6c60View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7b09da1 - Browse repository at this point
Copy the full SHA 7b09da1View commit details
Commits on May 18, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2079)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 85c28bd - Browse repository at this point
Copy the full SHA 85c28bdView commit details
Commits on May 23, 2023
-
* update go-discove so we're not pulling in a version of tencent cloud that no longer exists * Update go discover to latest
Configuration menu - View commit details
-
Copy full SHA for 889b689 - Browse repository at this point
Copy the full SHA 889b689View commit details -
add helm chart values to configure global server side rate limiting (#…
…2170) * add helm chart values to configure global server side rate limiting * add changelog. * update server checksum for configmap * fix the other 2 checksums
1Configuration menu - View commit details
-
Copy full SHA for d5b4601 - Browse repository at this point
Copy the full SHA d5b4601View commit details
Commits on May 25, 2023
-
Disable DNS redirection when tproxy is disabled (#2176)
* Disable DNS redirection when tproxy is disabled DNS redirection and the various settings that make that possible (like the dataplane binding to a port for DNS) is only useful if tproxy is enabled. Most of the code checked if tproxy was enabled but there was one location where we didn't check. This resulted in a bug with our multiport support where even though tproxy is disabled, we tried to setup the dataplane to proxy DNS. This meant each dataplane tried to bind to 8600 but because there are >1 dataplanes with multiport, there was a port conflict. This PR fixes the location where we didn't check if tproxy was enabled and as a result fixes the multiport issue.
Configuration menu - View commit details
-
Copy full SHA for 13c166f - Browse repository at this point
Copy the full SHA 13c166fView commit details -
Configuration menu - View commit details
-
Copy full SHA for eac1df8 - Browse repository at this point
Copy the full SHA eac1df8View commit details
Commits on May 26, 2023
-
[API Gateway] Add stub acceptance test (#2185)
Andrew Stucki authoredMay 26, 2023 Configuration menu - View commit details
-
Copy full SHA for 1aa138a - Browse repository at this point
Copy the full SHA 1aa138aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 37dd929 - Browse repository at this point
Copy the full SHA 37dd929View commit details -
API Gateways for Consul on Kubernetes
BETA
(#2152)* Add API Gateway subcommand to Control Plane. Co-authored-by: Thomas Eckert <teckert@hashicorp.com> * Add GatewayClassConfig CRD (#2036) * Update dependencies so that CRDs can be added * Generate CRD for GatewayClassConfig * Return empty logger instead of nil due to dependency update * Update sidecar webhook to use ProbeHandler instead of Handler * Update controller sub resources to use sub resource update options * Re-add copyright header that got removed on generation * Use NewTestLogger and ProbeHandler in tests * Add api_gateway_types_test * Remove boilerplate from ctrl-generate as it is no longer required * Add app-copyright-header to Makefile * Clarify GatewayClassConfig description * Remove unneeded fields from GatewayClassConfig * Fix lint issues * Fix TestLogger in enterprise tests * Add Changelog * Fix TestLogger in enterprise test in one more place * Remove the helpers * Remove unused consts * Adds API Gateway Class Config controller * Add Hack for Generating CRDs from external sources (#2060) * Add generate-external-crds to Makefile * Add contributing docs * Add comment about Helm ignoring kustomization.yaml * Update Makefile Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com> * Update CONTRIBUTING.md Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> --------- Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Remove the api-gateway subcommand we decided not to use (#2062) * APIGW Resource Translation (#2070) * WIP: api-gateway resource conversion * convert meta for apigw from k8s * Added tests and updated config entry translation for APIGW * Fix linting issue, move translation code to correct location * Updates from PR comments * Update config entry translation to use k8s type NamedNamespace, updated tests * switch to standard import rename for consul api * Add GatewayClass Controller (#2055) * Add permissions to connect-inject clusterrole * Add gateway api crd deps * Stub out the gatewayclass controller * Add finalizer functions * Use finalizer functions * Add tests for GatewayClass Controller * Change the controller name * Only register gwv1beta1 * Run tests in parallel * Remove RBAC comments * Remove perms from resources not yet implemented * shouldUpdate -> expectedDidUpdate * Don't requeue if in use * Address PR feedback * Apply suggestions from code review Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> * Make gatewayClassFinalizer private * Separate out indexers * Move validation of parametersRef to a helper func * Add reason to ensureStatus * Rename GatewayClassReconciler -> GatewayClassController * Add perms to list gateways * Clean up status conditions * Clean up indexes * Set conditions properly and test them * Test incorrect parametersRef * Fix comments on indexer funcs * Fix lint issues * Set conditions without unnecessary updates * Set ObservedGeneration from parent object * Fix infinite loop issue with invalid config * Fix update issue * Return error if the GatewayClass cannot be reached --------- Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> * Updates GatewayClassConfig Controller to use common finalizer methods * APIGW4CONK8S: HTTP Route/TCPRoute/Secrets Translation (#2088) * Add http route translation * Added copywrite headers * Add namespace translation for service * handle potential nil pointer on section name, check if parent ref if an api gateway, fix comment from PR Review * Added TCPRoute Translation * Fix potential nil pointer deref in tcp service namespace, update tcproute tests * Add inline certs translation, clean up some potential nil pointer derefs * Clean up comments * Linting * Switch out env var usage for field on translator * rename api-gateway/consul package to api-gateway/translation * Adds stub for Gateway Controller * Use the non-deprecated logr test (#2125) * APIGW4CONK8s: Add Consul Cache (#2118) * Added basic cache functionality with most tests, todo: add get method for cache and expand tests * Updated tests for Cache.Run function, removed tests of unexported methods called by Run function * Moved translation function def to translation package, added translate apigw config entry * Add translation for consul config entries to k8s namespaced name meta * Added Get method to cache * Add watch for contoller and setup in inject command * Updated comments, renamed TranslateConsulInlineSecret method to TranslateConsulInlineCertificate * Updates from PR review * Parallelize tests * Bump consul api version * Set api timeout for cache calls * Revert "Bump consul api version" This reverts commit c074b0f. * Linting fun * Add Gatekeeper for managing gateway deployment resources (#2117) * Stub out the gatewayclass controller * Change the controller name * Only register gwv1beta1 * Address PR feedback * Adds stub of Gateway Controller * cannot understand why the indexes are not working * some updates, want to do cleanup * rebase and cleanup * Start adding deployer * Flesh out tests * Refactor into a "gatekeeper" * Integrate the gatekeeper into the gateway controller * Simplify the api * Remove the creation of helm config until later * Remove use and rename package to gatekeeper * Add labels to apigateway * Manage ServiceAccount * Manage Deployment * Add more to deployment * Update Helm Values * WIP fleshing out the gateway deployment upsert behavior * Update role and service * Fix merge conflicts * Round out tests * Add test for respecting replicas * Change the Gatekeeper New API and add comments for Upsert and Delete * implement joinResources * accept suggestions from @jm96441n * Use pointer receivers * Separate out mutator * Update deployment correctly * Update Role and ServiceAccount * Fix that silly linting error * Comments on HelmConfig * Add Image to deployment * Merge api-gateway into branch --------- Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com> * Net 3490/reference grants (#2122) * Adds reference grant validation * Adds all necessary methods and tests * lint * some cleanup, fix copypasta test errors * lint * more linting * PR updates, fix capitalization * Add a bunch of TODOs for teamwork * Split out cleanup func and clear up todos * APIGW4CONK8S: Serialize the GatewayClassConfig onto the Gateway for easier retrieval (#2126) * Add serialization of gateway class config * Parallelize tests * Remove prints, fix cache tests * Add outer managed check to ensure we don't fetch config if we don't need to * Stub out where the openshift role info will go (#2145) * APIGW4CONK8S: Function to get all refs for a gateway (#2139) * Added function to get all refs for a gateway * Use k8s objects for references rather than consul objects * Fix comment * [API Gateway] API Gateway Binding Logic (#2142) * initial commit * Add additional TODO * Add some basic lifecycle unit tests * split up implementation * Add more tests and fix some bugs * remove one parallel call in a loop * Fix binding * Add resolvedRefs statuses for routes * Fix issue with empty parent ref that k8s doesn't like * Fix up updates/status ordering * Add basic gateway status setting * Finish up first pass on gateway statuses * Re-organize and begin adding comments * More comments * More comments * More comments * More comments * More comments * Add file that wasn't saved * Add utils unit tests * Add more tests * Final tests * Fix tests * Fix up gateway annotation with binding logic * Update doc comments for linter * Add forgotten file * Fix block in tests due to buffered channel size and better handle context cancelation * Add basic acceptance tests for route binding behavior (#2161) * Configure Gateway Controller with Helm values (#2158) * Stub out the gatewayclass controller * Change the controller name * Only register gwv1beta1 * Address PR feedback * Adds stub of Gateway Controller * cannot understand why the indexes are not working * some updates, want to do cleanup * rebase and cleanup * Start adding deployer * Flesh out tests * Refactor into a "gatekeeper" * Integrate the gatekeeper into the gateway controller * Simplify the api * Remove the creation of helm config until later * Remove use and rename package to gatekeeper * Add labels to apigateway * Manage ServiceAccount * Manage Deployment * Add more to deployment * Update Helm Values * WIP fleshing out the gateway deployment upsert behavior * Update role and service * Fix merge conflicts * Round out tests * Add test for respecting replicas * Change the Gatekeeper New API and add comments for Upsert and Delete * implement joinResources * accept suggestions from @jm96441n * Use pointer receivers * Separate out mutator * Update deployment correctly * Update Role and ServiceAccount * Fix that silly linting error * Comments on HelmConfig * Add Image to deployment * Add Gateway flags to inject-connect * Pass through env vars * Add environment variables to the deployment template * Add conditional injection of environment variables * Add env vars back in * Fix up issues from merge * Test default env vars * Test all of the env vars * Fix up more issues from merge * Pass in values to HelmConfig then to Controller * Just pass config in as a struct * Add gateway-gatewayclass * Add gateway-gatewayclassconfig * Add DeploymentSpec to GatewayClassConfig * Remove deployment configuration settings from HelmConfig * Remove BATs on deployment configuration * Expand gatewayclassconfig * Set deployment replicas in test * Place GatewayClassConfig in the crds/ dir * Update control-plane/api-gateway/gatekeeper/gatekeeper_test.go Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> --------- Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> * Net 4124/handle syncing consul lifecycle events (#2173) * with type switch * latest changes * remove debugging panic * Updated error in test * Fix bug with capacity v length in the cache list and type that is being subscribed to * Fix linting issues/naming from PR review * Added tests for delete function * Plumbing for gatekeeper with snapshot * [API Gateway] Hooking up API Gateways End-to-End (#2175) * updated gatekeeper, added update call, still needs work * still has some print statements, seeing issues with updates * some linting * run ctrl-manifests and generate * get the whole gamut finally working in a minimum configuration * Fix up tests * Add some tests * Move cache package * Fix up tests after other fixes * Fix up test lifecycle * Fix up linter issues * Remove unnecessary test that panics * Add MeshService CRD * fix bats tests * bats bats bats * baaaatttss * Fix up acceptance test cleanup by introducing uninstall hook to cleanup managed GatewayClass and GatewayClassConfig resources * Add test for deletion failures due to finalizers * reorder commands --------- Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com> * Fix crd loading (#2179) * Fix CRD loading for CLI * Adds crds directory to install with consul-k8s cli * fix tests * testing * fix bats tests --------- Co-authored-by: Thomas Eckert <teckert@hashicorp.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> * Add Changelog * Fix up issues after merge back * Fix wildcard usage on enterprise * Don't subscribe to peerings when not enabled * Remove additional changelog entries since we're only going to use 1 --------- Co-authored-by: Melisa Griffin <missylbytes@users.noreply.github.com> Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: John Maguire <john.maguire@hashicorp.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com> Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 8bfcfcf - Browse repository at this point
Copy the full SHA 8bfcfcfView commit details -
Update consul image on prepare-dev and prepare-release (#2180)
Update consul image on prepare-dev and prepare-release
Configuration menu - View commit details
-
Copy full SHA for e7d528a - Browse repository at this point
Copy the full SHA e7d528aView commit details -
Configuration menu - View commit details
-
Copy full SHA for f44d888 - Browse repository at this point
Copy the full SHA f44d888View commit details
Commits on May 29, 2023
-
Fix CVEs by updating controller-runtime (#2183)
* Bump version of controller runtime * Use SubResourceUpdateOption * Fix test loggr * Fix ProbeHandler * Set runtime to 0.14.6 * Add Changelog * Fix up a few more breaking change issues
Thomas Eckert authoredMay 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 725e78d - Browse repository at this point
Copy the full SHA 725e78dView commit details -
Adding support for idleTimeout in Service Router spec (#2156)
* Adding support for idleTimeout in Service Router spec
Configuration menu - View commit details
-
Copy full SHA for 1734d98 - Browse repository at this point
Copy the full SHA 1734d98View commit details
Commits on May 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 370976f - Browse repository at this point
Copy the full SHA 370976fView commit details -
Configuration menu - View commit details
-
Copy full SHA for fa3e146 - Browse repository at this point
Copy the full SHA fa3e146View commit details -
inject envoy_telemetry_bind_socket_dir proxy config when telemetry co…
…llector is enabled (#2143) * inject envoy_telemetry_bind_socket_dir proxy config when telemetry collector is enabled * use metrics.enableTelemetryCollector value to gate controller logic * add changelog entry and unit test
Configuration menu - View commit details
-
Copy full SHA for ea41d4d - Browse repository at this point
Copy the full SHA ea41d4dView commit details
Commits on May 31, 2023
-
Configuration menu - View commit details
-
Copy full SHA for cb67e6a - Browse repository at this point
Copy the full SHA cb67e6aView commit details -
Configuration menu - View commit details
-
Copy full SHA for f132cdd - Browse repository at this point
Copy the full SHA f132cddView commit details -
Fix bug on service intention CRDs causing source partitions and names…
…paces not to be compared. (#2194) This bug means that swapping partitions and namespaces on sources wouldn't get reflected in Consul.
Configuration menu - View commit details
-
Copy full SHA for aaee9a7 - Browse repository at this point
Copy the full SHA aaee9a7View commit details -
Add CRD for jwt-provider config entry (#2209)
* Add CRD for jwt-provider config entry * Pin consul/api to versions containing the jwt-provider config entry * Update Makefile to use v0.10.0 of sigs.k8s.io/controller-tools/cmd/controller-gen
Paul Glass authoredMay 31, 2023 Configuration menu - View commit details
-
Copy full SHA for 3a66856 - Browse repository at this point
Copy the full SHA 3a66856View commit details -
API Gateway tenancy tests + fixes (#2201)
* Initial scaffolding * Fix up some infinite reconciliation issues and initial other bugs * overhaul * get basic e2e working again * Add resource ref validation * Fix up namespace/reference grants * fix binding * clean up logging * cleanup * Get some binder unit tests working again * log guard * Fix unit test * Fix up more binder tests * get more binder tests working * finish binder tests * fix setter test * light touches and un-bak passing tests * Remove controller test as the wiring of deployments is predominantly tests via acceptance tests * Update reference grant tests * fix linter issues * fix acceptance test linters * Fix validation tests * Fix up consul cache tests * fixing up a few more tests * Finish up translation test work * Fix last bit of tests
Andrew Stucki authoredMay 31, 2023 Configuration menu - View commit details
-
Copy full SHA for 5f3f26d - Browse repository at this point
Copy the full SHA 5f3f26dView commit details -
Update ServiceIntentions CRD for JWT auth (#2213)
Paul Glass authoredMay 31, 2023 Configuration menu - View commit details
-
Copy full SHA for 18f2cd5 - Browse repository at this point
Copy the full SHA 18f2cd5View commit details -
Fix setting args for the telemetry-collector (#2224)
* Fix setting args for the telemetry-collector Either the docker container or the execution method for the telemetry-collector is making the args not get included on the process. Switch to putting it directly in the command so we can ensure this works as expected * Fix bats test
Configuration menu - View commit details
-
Copy full SHA for aaaed67 - Browse repository at this point
Copy the full SHA aaaed67View commit details
Commits on Jun 1, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 0c28b9b - Browse repository at this point
Copy the full SHA 0c28b9bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8d51935 - Browse repository at this point
Copy the full SHA 8d51935View commit details -
Add acceptance test cleanup for API Gateway resources (#2237)
Andrew Stucki authoredJun 1, 2023 Configuration menu - View commit details
-
Copy full SHA for 9dfc3d0 - Browse repository at this point
Copy the full SHA 9dfc3d0View commit details -
improve code readability and fix flaky tests re acl token generation (#…
malizz authoredJun 1, 2023 Configuration menu - View commit details
-
Copy full SHA for 494837e - Browse repository at this point
Copy the full SHA 494837eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 10c582f - Browse repository at this point
Copy the full SHA 10c582fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 46055a3 - Browse repository at this point
Copy the full SHA 46055a3View commit details
Commits on Jun 2, 2023
-
Configuration menu - View commit details
-
Copy full SHA for d4b8c73 - Browse repository at this point
Copy the full SHA d4b8c73View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7b6e5eb - Browse repository at this point
Copy the full SHA 7b6e5ebView commit details -
Allow API Gateways to bind to privileged ports (#2253)
Andrew Stucki authoredJun 2, 2023 Configuration menu - View commit details
-
Copy full SHA for b922ef2 - Browse repository at this point
Copy the full SHA b922ef2View commit details -
API Gateway lifecycle acceptance tests (#2248)
* initial test * More lifecycle work * functional lifecycle tests
Andrew Stucki authoredJun 2, 2023 Configuration menu - View commit details
-
Copy full SHA for f9ad994 - Browse repository at this point
Copy the full SHA f9ad994View commit details -
accepance: extend api gateway lifecycle test retryCheck timeouts (#2256)
To reduce the likelihood of flakes.
Configuration menu - View commit details
-
Copy full SHA for 05acb5f - Browse repository at this point
Copy the full SHA 05acb5fView commit details -
api-gateway: create RoleBinding attaching Role to ServiceAccount (#2252)
* Create RoleBinding attaching Role to ServiceAccount * Update ClusterRole for controller to allow management of RoleBindings * Separate logic for RoleBinding management from logic for Role * Use pointer receiver for all functions on Gatekeeper struct * Use more descriptive name for NamespacedName arg on delete * Clean up missed code in cherrypick * Remove out-of-scope TODO * Make Upsert docstring more robust, explaining dependency ordering * Add RoleBindings to unit tests for Gatekeeper
Configuration menu - View commit details
-
Copy full SHA for 6662c78 - Browse repository at this point
Copy the full SHA 6662c78View commit details -
Add missing resources to kustomization.yaml (#2255)
* Add missing JWT provider resource to kustomization.yaml - Add missing assertions for JWT provider too. * Add OSS tests for exported-services
Configuration menu - View commit details
-
Copy full SHA for 3f34676 - Browse repository at this point
Copy the full SHA 3f34676View commit details
Commits on Jun 3, 2023
-
Fix Gateway trigger for when secret is modified (#2261)
* Fix Gateway trigger for when secret is modified * Add some simple unit tests * up some testing timeouts for acceptance tests
Andrew Stucki authoredJun 3, 2023 Configuration menu - View commit details
-
Copy full SHA for 8966651 - Browse repository at this point
Copy the full SHA 8966651View commit details
Commits on Jun 5, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3cecd2e - Browse repository at this point
Copy the full SHA 3cecd2eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 48f97c8 - Browse repository at this point
Copy the full SHA 48f97c8View commit details -
Add the endpoint ignoring logic for triggering gateway reconciliation (…
Andrew Stucki authoredJun 5, 2023 Configuration menu - View commit details
-
Copy full SHA for 2ddd05a - Browse repository at this point
Copy the full SHA 2ddd05aView commit details -
[COMPLIANCE] Add Copyright and License Headers (#2271)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ff021cc - Browse repository at this point
Copy the full SHA ff021ccView commit details
Commits on Jun 6, 2023
-
Add additional helm hook for resource management (#2259)
* Add additional helm hook for resource management * Move GatewayClassConfig CRD to templates * Add CRDs to templates * Add value to values.yaml * Remove GatewayClass and GatewayClassConfig bats * Fix CRD ExportedServices * Change -release to -release-name on gateway-resources subcommand * switch to pointer to avoid lock copy for linter * Move forcible test cleanup to before helm delete since it will now drop CRDs * adjust cleanup logic since it looks like the testing framework sometimes uninstalls the helm chart early * Fix cli unit test and drop CRD reading data since it's no longer embedded in the CLI * Add BATs for Gateway CRDs * Add BATs for Gateway Resources * Update Contributing --------- Co-authored-by: Thomas Eckert <teckert@hashicorp.com>
Andrew Stucki and Thomas Eckert authoredJun 6, 2023 Configuration menu - View commit details
-
Copy full SHA for fe2c481 - Browse repository at this point
Copy the full SHA fe2c481View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8d014c0 - Browse repository at this point
Copy the full SHA 8d014c0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 38cd4d7 - Browse repository at this point
Copy the full SHA 38cd4d7View commit details -
[API Gateway] Add external consul servers test (#2270)
* [API Gateway] Add external consul servers test * Fix up releaseName usage on CLI-based tests to mirror helm-based tests
Andrew Stucki authoredJun 6, 2023 Configuration menu - View commit details
-
Copy full SHA for 0f893be - Browse repository at this point
Copy the full SHA 0f893beView commit details -
Configuration menu - View commit details
-
Copy full SHA for b5b0b27 - Browse repository at this point
Copy the full SHA b5b0b27View commit details -
Add Consul status to routes and gateways (#2281)
Andrew Stucki authoredJun 6, 2023 Configuration menu - View commit details
-
Copy full SHA for 9dd605e - Browse repository at this point
Copy the full SHA 9dd605eView commit details -
Update alpine to 3.18 to fix CVE-2023-2650 (#2284)
* Update alpine to 3.18
Configuration menu - View commit details
-
Copy full SHA for ee256e9 - Browse repository at this point
Copy the full SHA ee256e9View commit details -
Remove check for reference grant for route to gateway (#2283)
* Remove check for reference grant for route to gateway * Fix tenancy tests * Final cleaning up of acceptance test
Configuration menu - View commit details
-
Copy full SHA for 49c5219 - Browse repository at this point
Copy the full SHA 49c5219View commit details
Commits on Jun 7, 2023
-
[API Gateway] Add partition test (#2278)
* Add partition test * drop superfluous sprintf * fix linter issue on acceptance test * Add predicated watch for pods
Andrew Stucki authoredJun 7, 2023 Configuration menu - View commit details
-
Copy full SHA for 3126955 - Browse repository at this point
Copy the full SHA 3126955View commit details -
Update memory defaults for connect inject controller (#2249)
* Update memory defaults for connect inject controllers * Add changelog entry * Bump up Consul server statefulset memory defaults too
Andrew Stucki authoredJun 7, 2023 Configuration menu - View commit details
-
Copy full SHA for 644e02e - Browse repository at this point
Copy the full SHA 644e02eView commit details -
* update eks and aks to use latest kubernetes version * updated the terraform provider as some fields were deprecated
Configuration menu - View commit details
-
Copy full SHA for 3c56558 - Browse repository at this point
Copy the full SHA 3c56558View commit details
Commits on Jun 8, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 57fef1f - Browse repository at this point
Copy the full SHA 57fef1fView commit details -
Configuration menu - View commit details
-
Copy full SHA for e35eaa3 - Browse repository at this point
Copy the full SHA e35eaa3View commit details -
* Add FIPS builds for linux amd64 * add version check * fix CI labels and add local dev commands * fix ci version tagging * switch to ubuntu 20.04 * add CLI version tag * add gcompat for alpine glibc cgo compatibility * remove FIPS version check from connect-init * address comments
Configuration menu - View commit details
-
Copy full SHA for f4435ac - Browse repository at this point
Copy the full SHA f4435acView commit details -
activated weekly acceptance tests for 1-2-x (#2315)
- making this trigger nightly until after 1.2.0 GA - leaving 0.49.x active until after 1.2.0 GA
Configuration menu - View commit details
-
Copy full SHA for 097f945 - Browse repository at this point
Copy the full SHA 097f945View commit details
Commits on Jun 9, 2023
-
Net 4230/add tcp to basic acceptance test (#2297)
* first run through, needs help * still need to make secure pass * left something uncommented * it works and also cleanup * fix acceptance tests
Configuration menu - View commit details
-
Copy full SHA for 61c7280 - Browse repository at this point
Copy the full SHA 61c7280View commit details -
[API Gateway] Add acceptance test for cluster peering (#2306)
* [API Gateway] Add acceptance test for cluster peering * Fix linter * Fix random unrelated linter errors to get CI to run: revert later? * one more linter fix to later probably revert * more linter fixes * Revert "more linter fixes" This reverts commit 6210dff. * Revert "one more linter fix to later probably revert" This reverts commit 030c563. * Revert "Fix random unrelated linter errors to get CI to run: revert later?" This reverts commit fdeccab.
Andrew Stucki authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for 555d4a6 - Browse repository at this point
Copy the full SHA 555d4a6View commit details -
Mw/net 3598 update kind for consul k8s acceptance tests with latest v…
…ersion of kind and k8s 1.27 (#2304) * update cloud tests to use 1.24, 1.25 and 1.26 version of kubernetes for more coverage * updated readme for supported kubernetes versions * added changelog
Configuration menu - View commit details
-
Copy full SHA for b56b7dd - Browse repository at this point
Copy the full SHA b56b7ddView commit details -
[API Gateway] WAN Federation test and fixes (#2295)
* [API Gateway] WAN Federation test and fixes * Fix unit tests
Andrew Stucki authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for 203c9d1 - Browse repository at this point
Copy the full SHA 203c9d1View commit details -
[API Gateway] fix dangling service registrations (#2321)
* Fix when gateways are deleted before we get services populated into cache * a bit of cleanup
Andrew Stucki authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for da147c1 - Browse repository at this point
Copy the full SHA da147c1View commit details -
api-gateway: add unit tests verifying scaling parameters on GatewayCl…
…assConfig are obeyed (#2272) * Add unit tests verifying that scaling parameters on GatewayClassConfig are obeyed * Add test case for scaling w/ no min or max configured
Configuration menu - View commit details
-
Copy full SHA for 198c443 - Browse repository at this point
Copy the full SHA 198c443View commit details -
Rename GatewayClassController to prevent name collision (#2317)
* Rename GatewayClassController to prevent name collision * Use gateway instead of gatewayclass in name * Use the constant in ownership checks * Change GatewayClass name to "consul" * Change GatewayClass name in cases * Change ApiGatewayClass back
Thomas Eckert authoredJun 9, 2023 Configuration menu - View commit details
-
Copy full SHA for 8245efc - Browse repository at this point
Copy the full SHA 8245efcView commit details -
[API Gateway] Conformance Test Fixes (#2326)
* Fix SupportedKinds array to be what Conformance test expects * Fix cert validation status condition for listeners * Add programmed condition for listeners * Fix unit test --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for f07736b - Browse repository at this point
Copy the full SHA f07736bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6933efe - Browse repository at this point
Copy the full SHA 6933efeView commit details -
Ensure Reconciliation Stops (#2305)
* first pass at halting: got httproute and api-gateway done * clean up test * Handle all set for infinite reconcile check * Add table tests for minimal setup * Added some odd field names to test normalization is handled correctly * Use funky casing http routes
Configuration menu - View commit details
-
Copy full SHA for 7f6e1cb - Browse repository at this point
Copy the full SHA 7f6e1cbView commit details
Commits on Jun 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7e076bb - Browse repository at this point
Copy the full SHA 7e076bbView commit details
Commits on Jun 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 4976215 - Browse repository at this point
Copy the full SHA 4976215View commit details
Commits on Jun 12, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 60b214e - Browse repository at this point
Copy the full SHA 60b214eView commit details -
Improvement- [NET-189] Added helm inputs for managing audit logs (#2265)
* Added helm inputs for managing audit logs * Remove unwanted changes from values
Configuration menu - View commit details
-
Copy full SHA for 8f47485 - Browse repository at this point
Copy the full SHA 8f47485View commit details
Commits on Jun 13, 2023
-
Configuration menu - View commit details
-
Copy full SHA for fc40d5e - Browse repository at this point
Copy the full SHA fc40d5eView commit details -
fix: use correct flag when translating namespaces (#2353)
* fix: use correct flag when translating namespaces * Use non-normalized namespace when deregistering services * Guard against namespace queries when namespaces not enabled in cache
Configuration menu - View commit details
-
Copy full SHA for 345f62c - Browse repository at this point
Copy the full SHA 345f62cView commit details -
added imagePullPolicy for images in values.yaml (#2310)
* added imagePullPolicy for images in values.yaml * fix: renamed pullPolicy key according to image * fixed dafault always in tmpl * changed structure of image in yaml * revert changes * added global imagePullPolicy * fixed typo * added changelog file
Configuration menu - View commit details
-
Copy full SHA for 2850962 - Browse repository at this point
Copy the full SHA 2850962View commit details -
Configuration menu - View commit details
-
Copy full SHA for f2c166f - Browse repository at this point
Copy the full SHA f2c166fView commit details -
ci: update backport assistant to 0.3.4 (#2365)
This brings consul-k8s in line with consul. Most importantly, the backport assistant was updated to automatically assign created PRs to the author of the PR that is being backported.
Configuration menu - View commit details
-
Copy full SHA for 80b1f52 - Browse repository at this point
Copy the full SHA 80b1f52View commit details -
update changelog based on changes made to 1.2.x (#2348)
* update changelog based on changes made to 1.2.x * fixed test cases - enterprise cases were in the OSS test cases
Configuration menu - View commit details
-
Copy full SHA for e691f46 - Browse repository at this point
Copy the full SHA e691f46View commit details
Commits on Jun 14, 2023
-
api-gateway: nightly conformance test action (#2257)
* trigger conformance tests nightly, squash * remove extra line * Update nightly-api-gateway-conformance.yml
Configuration menu - View commit details
-
Copy full SHA for 9121afc - Browse repository at this point
Copy the full SHA 9121afcView commit details
Commits on Jun 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3ce3302 - Browse repository at this point
Copy the full SHA 3ce3302View commit details -
set everything to correct version (#2342)
making scripts more robust and removing changing helm chart
Configuration menu - View commit details
-
Copy full SHA for 19d2fb5 - Browse repository at this point
Copy the full SHA 19d2fb5View commit details -
api-gateway: fix cache and service deletion issue (#2377)
* Fix cache and service deletion issue * Add comments * add in acceptance test * Fix indentation * Fix unit test for deleting gateway w/ consul services * Remove redundant service deregistration code * Exit loop early once registration is found for service * Fix import blocking * Set status on pods added to test * Apply suggestions from code review * Reduce count of test gateways to 10 from 100 --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for c4617fc - Browse repository at this point
Copy the full SHA c4617fcView commit details
Commits on Jun 19, 2023
-
Adding support for weighted k8s service (#2293)
* Adding support for weighted k8s service * Adding changelog * if per-app weight is 0 then pull the weight to 1 * Addressing review comments * Addressing review comments * Addressing review comments * Comment update * Comment update * Parameterized table test * Parameterized table test * fixing linting issue * fixing linting issue --------- Co-authored-by: srahul3 <rahulsharma@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 47d4063 - Browse repository at this point
Copy the full SHA 47d4063View commit details -
Bumping go-discover to the lastest version (#2390)
* Bumping go-discover to the lastest version
Configuration menu - View commit details
-
Copy full SHA for fe4857e - Browse repository at this point
Copy the full SHA fe4857eView commit details -
Pin Kind versions on release branches (#2384)
* pinned kind configuration for CI tests - created a yaml file with the desired pinned versions - created a script to read the yaml - added a make target which can be used in CI to get the desired kind inputs/config --------- Co-authored-by: Curt Bushko <cbushko@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for a3c8771 - Browse repository at this point
Copy the full SHA a3c8771View commit details
Commits on Jun 20, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2400)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for aaa54c2 - Browse repository at this point
Copy the full SHA aaa54c2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 63c7682 - Browse repository at this point
Copy the full SHA 63c7682View commit details -
Acceptance test for permissive mTLS (#2378)
Paul Glass authoredJun 20, 2023 Configuration menu - View commit details
-
Copy full SHA for 4141f6f - Browse repository at this point
Copy the full SHA 4141f6fView commit details
Commits on Jun 21, 2023
-
Revert "added imagePullPolicy for images in values.yaml (#2310)" (#2415)
This reverts commit 2850962.
Configuration menu - View commit details
-
Copy full SHA for 08534e3 - Browse repository at this point
Copy the full SHA 08534e3View commit details
Commits on Jun 22, 2023
-
update with new make targets (#2411)
- allow configuration of acceptance testing matrices
Configuration menu - View commit details
-
Copy full SHA for 883fbdc - Browse repository at this point
Copy the full SHA 883fbdcView commit details
Commits on Jun 23, 2023
-
feat(helm): add configurable server-acl-init and cleanup resource lim…
…its (#2416) * feat(helm): add configurable server-acl-init and cleanup resource limits * Apply suggestions from code review Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com> * bugfix yaml path * fix bats test --------- Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 5b1856e - Browse repository at this point
Copy the full SHA 5b1856eView commit details -
Configuration menu - View commit details
-
Copy full SHA for c6c5d52 - Browse repository at this point
Copy the full SHA c6c5d52View commit details -
Thomas Eckert authored
Jun 23, 2023 Configuration menu - View commit details
-
Copy full SHA for f783f7e - Browse repository at this point
Copy the full SHA f783f7eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 79db263 - Browse repository at this point
Copy the full SHA 79db263View commit details
Commits on Jun 26, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2456)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for c2a149b - Browse repository at this point
Copy the full SHA c2a149bView commit details -
Fix GatewayClassConfig Test Timing Issue (#2409)
* Add retryCheckWithWait func * Fix retry timing on GatewayClassConfig test * remove redundant scale, make scale up number max + 1 * NET-4627, fix acceptance tests flake --------- Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for c83ce0c - Browse repository at this point
Copy the full SHA c83ce0cView commit details
Commits on Jun 27, 2023
-
always update acl policy if it exists (#2392)
* always update acl policy if it exists * added changelog * added unit test * fix typo * added some additional assertions to test * refactored create_or_update unit test
Configuration menu - View commit details
-
Copy full SHA for 95af4c7 - Browse repository at this point
Copy the full SHA 95af4c7View commit details -
Proxy Lifecycle helm, connect-inject and acceptance tests (#2233)
Proxy Lifecycle helm, connect-inject and acceptance tests (#2233) Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for e176846 - Browse repository at this point
Copy the full SHA e176846View commit details
Commits on Jun 28, 2023
-
PR breaking change release note change (#2469)
* Add breaking change to release notes
David Yu authoredJun 28, 2023 Configuration menu - View commit details
-
Copy full SHA for d3f9b67 - Browse repository at this point
Copy the full SHA d3f9b67View commit details -
Adds back gateway controller halting integration test (#2412)
Co-authored-by: John Maguire <john.maguire@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 920ee32 - Browse repository at this point
Copy the full SHA 920ee32View commit details
Commits on Jun 29, 2023
-
api-gateway: Fix nil pointer exception panic (#2487)
* fix nil pointer exception * add unit test * added changelog * delete changelog
Configuration menu - View commit details
-
Copy full SHA for e976b88 - Browse repository at this point
Copy the full SHA e976b88View commit details -
Use correct length for certificate RSA key for tests (#2490)
* Use correct length for certificate RSA key * api-gateway: Fix nil pointer exception panic (#2487) * fix nil pointer exception * add unit test * added changelog * delete changelog * Remove skip for fixed test --------- Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 83f050b - Browse repository at this point
Copy the full SHA 83f050bView commit details -
APIGW: Validate length of RSA Keys (#2478)
* Validate length of RSA key for inline certs * Bring key length check functions over from consul * move validation of key length from certificate parsing into validation of cert * Update to use sentinel errors * Add changelog * Addressing PR comments: fixing text in changelog, fixing import blocks, slight refactor of cert validation for readability * Ensure cert is removed from consul if an invalid one is presented * Fix linting issues, added tests for validating keys
Configuration menu - View commit details
-
Copy full SHA for 8fe4fb6 - Browse repository at this point
Copy the full SHA 8fe4fb6View commit details -
add changelog for 1.2.0 dataplane and consul 1.16.0 (#2496)
* add changelog for Consul 1.16.0 * add changelog for dataplane 1.2.0
Configuration menu - View commit details
-
Copy full SHA for ced0ae8 - Browse repository at this point
Copy the full SHA ced0ae8View commit details
Commits on Jun 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 736649d - Browse repository at this point
Copy the full SHA 736649dView commit details
Commits on Jul 3, 2023
-
ci: fix eks terraform quota error by cleaning up oidc providers (#2470)
cleans up oidc providers older than 8 hours.
Configuration menu - View commit details
-
Copy full SHA for 30e9f55 - Browse repository at this point
Copy the full SHA 30e9f55View commit details
Commits on Jul 6, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 1161322 - Browse repository at this point
Copy the full SHA 1161322View commit details
Commits on Jul 7, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2507)
Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for cbcbdc5 - Browse repository at this point
Copy the full SHA cbcbdc5View commit details
Commits on Jul 10, 2023
-
values.yaml - replace connect with service mesh for some instances (#…
…2516) * fix connect/service mesh * Update values.yaml
David Yu authoredJul 10, 2023 Configuration menu - View commit details
-
Copy full SHA for 0cb24d7 - Browse repository at this point
Copy the full SHA 0cb24d7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6624d34 - Browse repository at this point
Copy the full SHA 6624d34View commit details -
feat: adding security context and annotations to tls and acl init/cle…
…anup jobs (#2525) * feat: adding security context and annotations to tls and acl init/cleanup jobs * changelog --------- Co-authored-by: Chinikins <Chinikins@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 11a1851 - Browse repository at this point
Copy the full SHA 11a1851View commit details -
NET-4813: Fix issue where virtual IP saving had insufficient ACLs. (#…
…2520) Fix issue where virtual IP saving had insufficient ACLs.
Configuration menu - View commit details
-
Copy full SHA for fb02159 - Browse repository at this point
Copy the full SHA fb02159View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6adb9a2 - Browse repository at this point
Copy the full SHA 6adb9a2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4676652 - Browse repository at this point
Copy the full SHA 4676652View commit details
Commits on Jul 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 486061a - Browse repository at this point
Copy the full SHA 486061aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6b45156 - Browse repository at this point
Copy the full SHA 6b45156View commit details -
Configuration menu - View commit details
-
Copy full SHA for fd201c5 - Browse repository at this point
Copy the full SHA fd201c5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 592e457 - Browse repository at this point
Copy the full SHA 592e457View commit details -
HCP bootstrap preset to always downcase datacenter (#2551)
* Lowercase datacenter name from HCP bootstrap response * Add test cases to cloud bootstrap
Configuration menu - View commit details
-
Copy full SHA for 8582286 - Browse repository at this point
Copy the full SHA 8582286View commit details -
api-gateway: when multiple listeners have the same port, only add to …
…K8s Service once (#2413) * Modify unit tests to include multiple listeners w/ same port Running the tests on this commit will demonstrate the bug * When multiple listeners have the same port, only add to K8s Service once * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for 4f06479 - Browse repository at this point
Copy the full SHA 4f06479View commit details -
NET-4482: set route condition appropriately when parent ref includes …
…non-existent section (#2420) * Set route accepted condition appropriately when no listener with section name matching parent * Adjust error message for bind errors that aren't specific to one listener * Include section name in message for NoMatchingParent when available * Add unit test coverage for conditions derived from binding results * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for b8be6a0 - Browse repository at this point
Copy the full SHA b8be6a0View commit details
Commits on Jul 12, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 73959e7 - Browse repository at this point
Copy the full SHA 73959e7View commit details -
Update Release Scripts (#2558)
* update environment variables with CONSUL_K8s prefix - This will let us check that we have all the environment variables set more easily with `printenv | grep "CONSUL_K8S"` * update imageConsulDataplane without quotes - this makes it consistent with the other images - allows scripting to work similarly to other images * updated utils script - handle replace case where consul-enterprise is in the values.yaml file and charts.yaml file - handle adding pre-release tag in changelog - handle updating consul-dataplane
Configuration menu - View commit details
-
Copy full SHA for 65c4e74 - Browse repository at this point
Copy the full SHA 65c4e74View commit details -
added missing changelogs (#2565)
* added missing changelogs * Update CHANGELOG.md for 0.49.8 --------- Co-authored-by: Curt Bushko <cbushko@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for df0e649 - Browse repository at this point
Copy the full SHA df0e649View commit details
Commits on Jul 14, 2023
-
Refactor test framework to allow for more than two kube contexts (#2534)
* updated contributing example with new configuration lists add new make target "kind" to makefile * This lets us setup our standard kind environment for testing refactor framework to take config list flags * removed primary/secondary kube flags as this limited us to only two clusters * added flags for kube configs, contexts and namespaces. This way we can support n clusters where n is the length of the longest list. The flags are then combined into a list of objects for use in testing added tests for new helper methods refactored tests * now TestMain for multicluster check that the test arguments contain the expected number of clusters * use helper method `env.GetSecondaryContextKey(t)` which grabs the second context in the list instead of using the defunct environment.SecondaryContextName refactored flag test to use new config lists refactored cli cluster to use get primary helper added multicluster check for vault acceptance * vault tests are multi-cluster but we weren't performing the necessary checks
Configuration menu - View commit details
-
Copy full SHA for 29b6ed3 - Browse repository at this point
Copy the full SHA 29b6ed3View commit details
Commits on Jul 17, 2023
-
[COMPLIANCE] Add Copyright and License Headers (#2577)
Add copyright and license headers
Configuration menu - View commit details
-
Copy full SHA for 59228dd - Browse repository at this point
Copy the full SHA 59228ddView commit details
Commits on Jul 18, 2023
-
Consume gateway-api v0.7.1 for acceptance testing (#2578)
Changes proposed in this PR: - Consume the same version of gateway-api for acceptance testing that we're consuming in the control plane: https://github.com/hashicorp/consul-k8s/blob/29b6ed36923498afc8f377455d4275653960230f/control-plane/go.mod#L42 How I've tested this PR: - 👀 - 🤖 tests pass How I expect reviewers to test this PR: - See above Checklist: - [ ] Tests added - [ ] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for ab462d0 - Browse repository at this point
Copy the full SHA ab462d0View commit details -
Update to handle validation endpoints (#2580)
Changes proposed in this PR: - add in new validation call in endpoint How I've tested this PR: Ran it locally and tested the changes How I expect reviewers to test this PR: Read the code and run the command themselves to verify: ``` ./consul-k8s/acceptance/tests/cloud && go test -run TestBasicCloud -v -p 1 -timeout 20m \ -use-kind \ -kubecontext="kind-dc1" \ -consul-image hashicorppreview/consul-enterprise:1.17-dev -consul-k8s-image hashicorppreview/consul-k8s-control-plane:1.3.0-dev -consul-collector-image hashicorp/consul-telemetry-collector:0.0.1 \ -enable-enterprise ``` Checklist: - [X] Tests added - [n/a] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for c790951 - Browse repository at this point
Copy the full SHA c790951View commit details
Commits on Jul 19, 2023
-
test(eks): fix deprecated CSI driver terraform (#2584)
Changes proposed in this PR: - Replacing the deprecated [`resolve_conflicts`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon#resolve_conflicts) with the new attributes. I don't know if we really need this setting since it is optional and the addon has no user-defined config, but I'm keeping this to keep the behavior consistent. How I've tested this PR: I did not. How I expect reviewers to test this PR: 👀 Checklist: - [ ] ~Tests added~ - [ ] ~[CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)~
Configuration menu - View commit details
-
Copy full SHA for 07cc5cd - Browse repository at this point
Copy the full SHA 07cc5cdView commit details -
Configuration menu - View commit details
-
Copy full SHA for f0530d9 - Browse repository at this point
Copy the full SHA f0530d9View commit details -
test: remove unused workflow inputs (#2589)
Changes proposed in this PR: - Removed unused workflow inputs.
Configuration menu - View commit details
-
Copy full SHA for b3769b1 - Browse repository at this point
Copy the full SHA b3769b1View commit details
Commits on Jul 20, 2023
-
chore: Update actions for security (#2601)
Changes proposed in this PR: - Update actions that are out of date How I've tested this PR: 👀 How I expect reviewers to test this PR: 👀 Checklist: - [ ] Tests added - [ ] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for 4d4c35a - Browse repository at this point
Copy the full SHA 4d4c35aView commit details -
[NET-4122] Doc guidance for federation with externalServers (#2583)
Add guidance for proper configuration when joining to a secondary cluster using WAN fed with external servers also enabled. Also clarify federation requirements and fix formatting for an unrelated value. Changes proposed in this PR: - Update base content for generating Helm chart docs to clarify the use case encountered in #2138 - Minor additional fixes - _Follow-up: propagate generated doc changes to `consul` and additionally update https://developer.hashicorp.com/consul/docs/k8s/deployment-configurations/servers-outside-kubernetes there_ How I've tested this PR: N/A (docs only) How I expect reviewers to test this PR: 👀 Checklist: - [ ] Tests added - [ ] [CHANGELOG entry added](https://github.com/hashicorp/consul-k8s/blob/main/CONTRIBUTING.md#adding-a-changelog-entry)
Configuration menu - View commit details
-
Copy full SHA for a4d9487 - Browse repository at this point
Copy the full SHA a4d9487View commit details -
Handle errors properly when services are de-registered from the catal…
…og (#2571) - In the past, kubernetes nodes were used as the source of truth to determine the list of services that should exist in Consul. - In most cases this was ok but becomes a problem when nodes are quickly deleted from kubernetes such as the case when using spot instances. - Instead, use consul synthetic-nodes to get the list of services and deregister the services that do not have endpoint addresses. --------- Co-authored-by: mr-miles <miles.waller@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 414554c - Browse repository at this point
Copy the full SHA 414554cView commit details -
Adding support for Enterprise and other improvement on the Customizin…
…g Vault Version for WanFed Test (#2481) * Adding support for Enterprise and other improvement on the Customizing Vault Version for WanFed Test This is the extension of the PR - #2043 In this PR, the followings were addressed - 1. Now the vault enterprise version can be provided in the cli command. The previous PR only addressed Vault OSS. 2. Two flags “-no-cleanup-wan-fed” and “test-duration” were introduced to not to cleanup the test environment after successful setup to give it time to do manual testing for features/to reproduce customer issues. Default is 1 hour. 3. This was tested in Kind environment and it works fine. The following was taken out to use the “use-kind” option for WanFed test. //if cfg.UseKind { // t.Skipf("Skipping this test because it's currently flaky on kind") //} * Fix indentation * Fix unit test for deleting gateway w/ consul services * Remove redundant service deregistration code * Exit loop early once registration is found for service * Fix import blocking * Set status on pods added to test * Apply suggestions from code review * Reduce count of test gateways to 10 from 100 --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Changes proposed in this PR: - - How I've tested this PR: How I expect reviewers to test this PR: Checklist: - [ ] Tests added - [ ] CHANGELOG entry added > HashiCorp engineers only, community PRs should not add a changelog entry. > Entries should use present tense (e.g. Add support for...) * Removing the changes in vault_namespaces_test.go * Introducing new flag no-cleanup * Removed "go 1.20" from go.work file * cfg.USEKind check is added back * Removed previousy added "Test Duration" flag * Some changes * Some changes
Configuration menu - View commit details
-
Copy full SHA for ff24495 - Browse repository at this point
Copy the full SHA ff24495View commit details
Commits on Jul 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 8b45de8 - Browse repository at this point
Copy the full SHA 8b45de8View commit details -
added make target for checking for hashicorppreview (#2603)
* added make target for checking for hashicorppreview * added check to prepare-release make target
Configuration menu - View commit details
-
Copy full SHA for efa2be8 - Browse repository at this point
Copy the full SHA efa2be8View commit details -
Increase golangci-lint timeout to 10m (#2621)
This is meant to solve for recurrent timeouts in several steps, particularly `golangci-lint-control-plane` and `golang-ci-lint-cli`. An accompanying change in `consul-k8s-workflows` should disable caching until the (unclear) root of the issue can be resolved, or we can disable or clear cache in a more targeted way that solves for these cases.
Configuration menu - View commit details
-
Copy full SHA for e2adf6f - Browse repository at this point
Copy the full SHA e2adf6fView commit details
Commits on Jul 24, 2023
-
Fix TestAPIGateway_GatewayClassConfig (#2631)
* Fix TestAPIGateway_GatewayClassConfig * Remove stray files from bad merge
Paul Glass authoredJul 24, 2023 Configuration menu - View commit details
-
Copy full SHA for 1690fe2 - Browse repository at this point
Copy the full SHA 1690fe2View commit details -
Support running with restricted PSA enforcement enabled (part 1) (#2572)
Support restricted PSA enforcement in a basic setup. This is enough to get a basic setup with ACLs and TLS working and an acceptance test passing (but does not update every component). On OpenShift, we have the option to set the security context or not. If the security context is unset, then it is set automatically by OpenShift SCCs. However, we prefer to set the security context to avoid useless warnings on OpenShift and to reduce the config difference between OpenShift and plain Kube. By default, OpenShift namespaces have the audit and warn PSA labels set to restricted, so we receive pod security warnings when deploying Consul to OpenShift even though the pods will be able to run. Helm chart changes: * Add a helper to the helm chart to define a "restricted" container security context (when pod security policies are not enabled) * Update the following container securityContexts to use the "restricted" settings (not exhaustive) - gateway-cleanup-job.yaml - gateway-resources-job.yaml - gossip-encryption-autogenerate-job.yaml - server-acl-init-cleanup-job.yaml - only if `.Values.server.containerSecurityContext.server.acl-init` is unset - server-acl-init-job.yaml - only if `.Values.server.containerSecurityContext.server.acl-init` is unset - server-statefulset.yaml: - the locality-init container receives the restricted context - the consul container receives the restricted context only if `.Values.server.containerSecurityContext.server` is unset - tls-init-cleanup-job.yaml - only if `.Values.server.containerSecurityContext.server.tls-init` is unset - tls-init-job.yaml - only if `.Values.server.containerSecurityContext.server.tls-init` is unset - webhook-cert-manager-deployment.yaml Acceptance test changes: * When `-enable-openshift` and `-enable-cni` are set, configure the CNI settings correctly for OpenShift. * Add the `-enable-restricted-psa-enforcement` test flag. When this is set, the tests assume the Consul namespace has restricted PSA enforcement enabled. The tests will deploy the CNI (if enabled) into the `kube-system` namespace. Compatible test cases will deploy applications outside of the Consul namespace. * Update the ConnectHelper to configure the NetworkAttachmentDefinition required to be compatible with the CNI on OpenShift. * Add fixtures for static-client and static-server for OpenShift. This is necessary because the deployment configs must reference the network attachment definition when using the CNI on OpenShift. * Update tests in the `acceptance/tests/connect` directory to either run or skip based on -enable-cni and -enable-openshift
Paul Glass authoredJul 24, 2023 Configuration menu - View commit details
-
Copy full SHA for 3932e28 - Browse repository at this point
Copy the full SHA 3932e28View commit details -
Configuration menu - View commit details
-
Copy full SHA for a924e88 - Browse repository at this point
Copy the full SHA a924e88View commit details -
[NET-4865] security: Upgrade Go and net/http CVE-2023-29406 (#2642)
security: Upgrade Go and net/http Upgrade to Go 1.20.6 and `net/http` 1.12.0 to resolve CVE-2023-29406.
Configuration menu - View commit details
-
Copy full SHA for 5b57e63 - Browse repository at this point
Copy the full SHA 5b57e63View commit details
Commits on Jul 25, 2023
-
Consul client always logs into the local datacenter (#2652)
The consul client always logs into the local datacenter
Configuration menu - View commit details
-
Copy full SHA for 6b26d91 - Browse repository at this point
Copy the full SHA 6b26d91View commit details -
Add support for requestTimeout in Service Resolver spec (#2641)
* Add support for requestTimeout in Service Resolver spec * preserve serviceresolvers.yaml Preserving yaml from main, only adding requesttimeout property. * update generated.deepcopy.go * Use latest controller-gen to generate CRDs --------- Co-authored-by: Ashwin Venkatesh <ashwin.what@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 89a1c6d - Browse repository at this point
Copy the full SHA 89a1c6dView commit details
Commits on Jul 26, 2023
-
Increase timeout for acl replication to 60 seconds and poll every 500…
… ms (#2656) increase timeout for acl replication to 60 seconds and poll every 500 ms
Configuration menu - View commit details
-
Copy full SHA for 94414a7 - Browse repository at this point
Copy the full SHA 94414a7View commit details -
Update changelog to address cloud auto-join change in 1.0.0 (#2667)
Paul Glass authoredJul 26, 2023 Configuration menu - View commit details
-
Copy full SHA for 596a2a7 - Browse repository at this point
Copy the full SHA 596a2a7View commit details -
NET-4967: Fix helm install when setting copyAnnotations or nodeSelect…
…or for apiGateway (#2597) * Support multiline nodeSelector arg * Support multiline service annotations arg * Update test assertions * Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for f026d43 - Browse repository at this point
Copy the full SHA f026d43View commit details
Commits on Jul 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7bb0a57 - Browse repository at this point
Copy the full SHA 7bb0a57View commit details -
Mw/net 4260 phase 2 automate the k8s sameness tests (#2579)
* add kustomize files - These reflect the different test cases - sameness.yaml defines the ordered list of failovers - static-server responds with a unique name so we can track failover order - static-client includes both DNS and CURL in the image used so we can exec in for testing * add sameness tests - We do a bunch of infra setup for peering and partitions, but after the initial setup only partitions are tested - We test service failover, dns failover and PQ failover scenarios * add 4 kind clusters to make target - The sameness tests require 4 kind clusters, so the make target will now spin up 4 kind clusters - not all tests need 4 kind clusters, but the entire suite of tests can be run with 4 * increase kubectl timeout to 90s - add variable for configuring timeout - timeout was triggering locally on intel mac machine, so this timeout should cover our devs lowest performing machines * add sameness test to test packages * Fix comments on partition connect test
Configuration menu - View commit details
-
Copy full SHA for b6d3e61 - Browse repository at this point
Copy the full SHA b6d3e61View commit details
Commits on Jul 28, 2023
-
Added logLevel field for components (#2302)
* Added logLevel field for components * Add changelog * Fix tests * Rename 2298.txt to 2302.txt * Address comments * Fix tests * Fix helm tests * Address comments * Add client and server loglevels * Fix bats * Update changelog * Fix bats tests
Configuration menu - View commit details
-
Copy full SHA for 89ee905 - Browse repository at this point
Copy the full SHA 89ee905View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3e1f799 - Browse repository at this point
Copy the full SHA 3e1f799View commit details -
Use controller-gen 0.8.0 for CRDs (#2684)
- Add missing license headers.
Configuration menu - View commit details
-
Copy full SHA for 63567cb - Browse repository at this point
Copy the full SHA 63567cbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3cb0cce - Browse repository at this point
Copy the full SHA 3cb0cceView commit details -
[NET-4865] Bump golang.org/x/net to 0.12.0 in cni (#2668)
* Bump golang.org/x/net to 0.12.0 in cni This was missed in 5b57e63 as part of a general upgrade of that dependency. * Bump server-connection-manager to v0.1.3 Tidying up following CVE dependency bumps, leading to a new release of this library.
Configuration menu - View commit details
-
Copy full SHA for 6835b1e - Browse repository at this point
Copy the full SHA 6835b1eView commit details
Commits on Jul 31, 2023
-
Fix default Ent image tag in acceptance tests (#2683)
* Fix default Ent image tag in acceptance tests Rather than hard-coding the Docker repository and parsing the non-Ent image tag for a version, simply replace the image name and retain other coordinates. This is consistent with our tagging scheme introduced in hashicorp/consul#13541 and will allow for using `hashicorppreview` images seamlessly regardless of whether OSS or Ent is being tested. * Add make target for loading images in kind Complement other multi-cluster make targets by supporting image loading across kind clusters.
Configuration menu - View commit details
-
Copy full SHA for da99ce4 - Browse repository at this point
Copy the full SHA da99ce4View commit details
Commits on Aug 2, 2023
-
[NET-5146] security: Upgrade Go and
x/net
(#2710)security: Upgrade Go and x/net Upgrade to Go 1.20.7 and `x/net` 1.13.0 to resolve [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) and [CVE-2023-3978](https://nvd.nist.gov/vuln/detail/CVE-2023-3978).
Configuration menu - View commit details
-
Copy full SHA for 8379be9 - Browse repository at this point
Copy the full SHA 8379be9View commit details -
Increase timeout while waiting for vault server to be ready (#2709)
increase timeout while waiting for server to be ready and fix require.Equal check
Configuration menu - View commit details
-
Copy full SHA for 61c7761 - Browse repository at this point
Copy the full SHA 61c7761View commit details
Commits on Aug 3, 2023
-
Acceptance tests: increase api-gateway retries (#2716)
* Increase the retries and add config entry retries
Configuration menu - View commit details
-
Copy full SHA for 939e7c3 - Browse repository at this point
Copy the full SHA 939e7c3View commit details
Commits on Aug 8, 2023
-
NET-3908: allow configuration of SecurityContextConstraints when runn…
…ing on OpenShift (#2184) Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 671675d - Browse repository at this point
Copy the full SHA 671675dView commit details -
Gateway privileged port mapping (#2707)
* Adds port mapping to Gateway Class Config to avoid running container on privileged ports Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for 71cdbc2 - Browse repository at this point
Copy the full SHA 71cdbc2View commit details -
Support restricted PSA enforcement part 2 (#2702)
Paul Glass authoredAug 8, 2023 Configuration menu - View commit details
-
Copy full SHA for a1eb32b - Browse repository at this point
Copy the full SHA a1eb32bView commit details
Commits on Aug 9, 2023
-
NET-4413 Implement translation + validation of TLS options (#2711)
* Implement validation of TLS options * Use constants for annotation keys * Add changelog entry * Implement TLS options translation * Update changelog entry * Add unit test coverage for TLS option validation * Code review feedback
Configuration menu - View commit details
-
Copy full SHA for f3d099c - Browse repository at this point
Copy the full SHA f3d099cView commit details -
NET-4993 JWT auth basic acceptance test (#2706)
* JWT auth basic acceptance test * Update to run only in enterprise mode, update comment to be correct * Remove usage of `testing.t` in retry block * Fixed last `t` in retry block in tests * Update acceptance/tests/api-gateway/api_gateway_test.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Update acceptance/tests/api-gateway/api_gateway_test.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Updating filenames for gw jwt cases and adding message about why this test is skipped --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Configuration menu - View commit details
-
Copy full SHA for a287fce - Browse repository at this point
Copy the full SHA a287fceView commit details
Commits on Aug 10, 2023
-
[NET-5217] Apply K8s node locality to services and sidecars (#2748)
Apply K8s node locality to services and sidecars Locality-aware routing is based on proxy locality rather than the proxied service. Ensure we propagate locality to both when registering services.
Configuration menu - View commit details
-
Copy full SHA for a86533b - Browse repository at this point
Copy the full SHA a86533bView commit details
Commits on Aug 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 0100fa4 - Browse repository at this point
Copy the full SHA 0100fa4View commit details -
Set privileged to false unless on OpenShift without CNI (#2755)
* Set privileged to false unless on OpenShift without CNI
Configuration menu - View commit details
-
Copy full SHA for 6e98cf9 - Browse repository at this point
Copy the full SHA 6e98cf9View commit details -
Configuration menu - View commit details
-
Copy full SHA for b57b936 - Browse repository at this point
Copy the full SHA b57b936View commit details -
Automate the k8s sameness tests add peering (#2725)
* added fixtures * removed fixtures - intentions only gets added now if acls are enabled - payment-service-resolver is only for locality aware which isn't in scope for this PR * updated sameness tests to include peering - refactored with some helper functions for members (now TestClusters) - made names more uniform, tend more towards the cluster-01-a/cluster-02-a/etc. nomenclature * added 4 clusters to cni make target * disable proxy lifecycle
Configuration menu - View commit details
-
Copy full SHA for 1968df4 - Browse repository at this point
Copy the full SHA 1968df4View commit details
Commits on Aug 14, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6e9f473 - Browse repository at this point
Copy the full SHA 6e9f473View commit details
Commits on Aug 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for ab00c03 - Browse repository at this point
Copy the full SHA ab00c03View commit details
Commits on Aug 16, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c188b53 - Browse repository at this point
Copy the full SHA c188b53View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5f38363 - Browse repository at this point
Copy the full SHA 5f38363View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3830503 - Browse repository at this point
Copy the full SHA 3830503View commit details
Commits on Aug 29, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7a0bb46 - Browse repository at this point
Copy the full SHA 7a0bb46View commit details -
Merge c188b53 into backport/NET-2276/prometheus-annotation-fix-https/…
…repeatedly-composed-whale
Configuration menu - View commit details
-
Copy full SHA for 6dd90ab - Browse repository at this point
Copy the full SHA 6dd90abView commit details