kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-05 09:55:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
652de761bf8bc65f640ff1141b73d7e9bdf5f428
nomad/nomad
History
Luiz Aoqui 29ffa02683 fix mTLS certificate check on agent to agent RPCs (#11998) 
PR #11956 implemented a new mTLS RPC check to validate the role of the
certificate used in the request, but further testing revealed two flaws:

  1. client-only endpoints did not accept server certificates so the
     request would fail when forwarded from one server to another.
  2. the certificate was being checked after the request was forwarded,
     so the check would happen over the server certificate, not the
     actual source.

This commit checks for the desired mTLS level, where the client level
accepts both, a server or a client certificate. It also validates the
cercertificate before the request is forwarded.
2022-02-04 20:35:20 -05:00
..
deploymentwatcher
rename test variable names to something a easier to identify
2022-01-31 14:59:52 -08:00
drainer
cleanup: prevent leaks from time.After
2022-02-02 14:32:26 -06:00
mock
Fix health checking for ephemeral poststart tasks (#11945)
2022-02-02 16:29:49 -05:00
state
CSI: move terminal alloc handling into denormalization (#11931)
2022-01-27 10:39:08 -05:00
stream
events: fix wildcard namespace handling (#10935)
2021-09-02 09:36:55 -07:00
structs
improve error message on service length (#12012)
2022-02-04 19:39:34 -05:00
volumewatcher
CSI: move terminal alloc handling into denormalization (#11931)
2022-01-27 10:39:08 -05:00
acl_endpoint_test.go
one-time token: never return expired tokens
2021-03-10 08:17:56 -05:00
acl_endpoint.go
nomad: only activate one-time auth tokens with 1.1.0 (#10952)
2021-07-27 13:17:55 -04:00
acl_test.go
Event Stream: Track ACL changes, unsubscribe on invalidating changes (#9447)
2020-12-01 11:11:34 -05:00
acl.go
Audit config, seams for enterprise audit features
2020-03-23 13:47:42 -04:00
alloc_endpoint_test.go
documenting test for #9268
2020-11-05 16:19:55 +00:00
alloc_endpoint.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
autopilot_test.go
test: fix flaky TestAutopilot_CleanupDeadServer
2021-09-28 16:38:56 -07:00
autopilot.go
implement MinQuorum
2020-02-16 16:04:59 -06:00
blocked_evals_stats_test.go
Add metrics for blocked eval resources (#10454)
2021-04-29 15:03:45 -04:00
blocked_evals_stats.go
Add metrics for blocked eval resources (#10454)
2021-04-29 15:03:45 -04:00
blocked_evals_system.go
blocked_evals system evals indexed by job and node
2019-07-18 10:32:12 -04:00
blocked_evals_test.go
Add metrics for blocked eval resources (#10454)
2021-04-29 15:03:45 -04:00
blocked_evals.go
cleanup: prevent leaks from time.After
2022-02-02 14:32:26 -06:00
client_agent_endpoint_test.go
debug: Improve namespace and region support (#11269)
2021-10-12 16:58:41 -04:00
client_agent_endpoint.go
json handles were moved to a new package in #10202
2021-04-02 13:31:10 +00:00
client_alloc_endpoint_test.go
tests: remove duplicate import statements.
2021-06-11 09:39:22 +02:00
client_alloc_endpoint.go
Add gosimple linter (#9590)
2020-12-09 11:05:18 -08:00
client_csi_endpoint_test.go
CSI: volume snapshot
2021-04-01 11:16:52 -04:00
client_csi_endpoint.go
CSI: volume snapshot
2021-04-01 11:16:52 -04:00
client_fs_endpoint_test.go
Events/msgtype cleanup (#9117)
2020-10-19 09:30:15 -04:00
client_fs_endpoint.go
Add gosimple linter (#9590)
2020-12-09 11:05:18 -08:00
client_rpc_test.go
Simplify Bootstrap logic in tests
2020-03-02 13:47:43 -05:00
client_rpc.go
fixup! vendor: explicit use of hashicorp/go-msgpack
2020-03-31 09:48:07 -04:00
client_stats_endpoint_test.go
Events/msgtype cleanup (#9117)
2020-10-19 09:30:15 -04:00
client_stats_endpoint.go
server
2018-09-15 16:23:13 -07:00
config.go
core: implement system batch scheduler
2021-08-03 10:30:47 -04:00
consul_oss_test.go
gofmt all the files
2021-10-01 10:14:28 -04:00
consul_policy_oss_test.go
gofmt all the files
2021-10-01 10:14:28 -04:00
consul_policy_test.go
gofmt all the files
2021-10-01 10:14:28 -04:00
consul_policy.go
consul: correctly check consul acl token namespace when using consul oss
2021-06-08 13:55:57 -05:00
consul_test.go
consul: correctly check consul acl token namespace when using consul oss
2021-06-08 13:55:57 -05:00
consul.go
consul: correctly check consul acl token namespace when using consul oss
2021-06-08 13:55:57 -05:00
core_sched_test.go
CSI: resolve invalid claim states (#11890)
2022-01-27 09:30:03 -05:00
core_sched.go
core: log CSI GC cutoff index only on non-forced GC (#11997)
2022-02-03 15:03:39 -05:00
csi_endpoint_test.go
api: support namespace wildcard in CSI volume list (#11724)
2021-12-21 17:19:45 -05:00
csi_endpoint.go
CSI: move terminal alloc handling into denormalization (#11931)
2022-01-27 10:39:08 -05:00
deployment_endpoint_test.go
api: paginate deployment list and accept wildcard namespace (#11743)
2022-01-03 08:36:02 -05:00
deployment_endpoint.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
deployment_watcher_shims.go
consul: plubming for specifying consul namespace in job/group
2021-04-05 10:03:19 -06:00
drainer_int_test.go
Migrate all allocs when draining a node (#10411)
2021-04-21 12:11:14 -04:00
drainer_shims.go
set node.StatusUpdatedAt in raft
2019-05-21 16:13:32 -04:00
endpoints_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
eval_broker_test.go
test: fix fake by increasing time window
2021-09-28 12:22:59 -07:00
eval_broker.go
cleanup: prevent leaks from time.After
2022-02-02 14:32:26 -06:00
eval_endpoint_test.go
api: respect wildcard in evaluations list API (#11710)
2021-12-20 12:23:50 -05:00
eval_endpoint.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
event_endpoint_test.go
events: fix event endpoint tests to ignore heartbeats.
2021-05-24 10:28:19 +02:00
event_endpoint.go
Event Stream: Track ACL changes, unsubscribe on invalidating changes (#9447)
2020-12-01 11:11:34 -05:00
fsm_oss.go
chore: ensure consistent file naming for non-enterprise files.
2022-01-13 11:32:16 +01:00
fsm_registry_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
fsm_test.go
events: fix wildcard namespace handling (#10935)
2021-09-02 09:36:55 -07:00
fsm.go
scheduler: detect and log unexpected scheduling collisions (#11793)
2022-01-14 20:09:14 -05:00
heartbeat_test.go
Events/msgtype cleanup (#9117)
2020-10-19 09:30:15 -04:00
heartbeat.go
goimports
2019-01-22 15:44:31 -08:00
job_endpoint_hook_connect_test.go
fix panic when Connect mesh gateway doesn't have a proxy block (#11257)
2021-10-04 15:52:07 -04:00
job_endpoint_hook_connect.go
fix panic when Connect mesh gateway doesn't have a proxy block (#11257)
2021-10-04 15:52:07 -04:00
job_endpoint_hook_expose_check_test.go
connect: use deterministic injected dynamic exposed port
2021-04-30 15:18:22 -06:00
job_endpoint_hook_expose_check.go
connect: use deterministic injected dynamic exposed port
2021-04-30 15:18:22 -06:00
job_endpoint_hooks.go
Allow configuring memory oversubscription (#10466)
2021-04-29 22:09:56 -04:00
job_endpoint_oss_test.go
gofmt all the files
2021-10-01 10:14:28 -04:00
job_endpoint_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
job_endpoint_test.go
replace 'a alloc' with 'an alloc' where appropriate (#11792)
2022-01-10 11:59:46 -05:00
job_endpoint.go
Verify TLS certificate on endpoints that are used between agents only (#11956)
2022-02-02 15:03:18 -05:00
leader_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
leader_test.go
Make number of scheduler workers reloadable (#11593)
2022-01-06 11:56:13 -05:00
leader.go
csi: update leader's ACL in volumewatcher (#11891)
2022-01-24 11:49:50 -05:00
merge.go
namespace_endpoint_test.go
core: open source namespaces
2020-10-22 15:26:32 -07:00
namespace_endpoint.go
Fix some errcheck errors (#9811)
2021-01-14 12:46:35 -08:00
node_endpoint_test.go
do not initialize copy's slice if nil in original
2021-12-23 16:40:35 -08:00
node_endpoint.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
operator_endpoint_test.go
Events/msgtype cleanup (#9117)
2020-10-19 09:30:15 -04:00
operator_endpoint.go
minor tweaks from Ent
2020-07-20 09:25:09 -04:00
periodic_endpoint_test.go
dispatch-job capability to dispatch periodic jobs
2020-10-27 16:33:01 -04:00
periodic_endpoint.go
dispatch-job capability to dispatch periodic jobs
2020-10-27 16:33:01 -04:00
periodic_test.go
periodic: always reset periodic children status
2021-03-25 11:27:09 -04:00
periodic.go
periodic: always reset periodic children status
2021-03-25 11:27:09 -04:00
plan_apply_oss.go
chore: ensure consistent file naming for non-enterprise files.
2022-01-13 11:32:16 +01:00
plan_apply_pool_test.go
Events/msgtype cleanup (#9117)
2020-10-19 09:30:15 -04:00
plan_apply_pool.go
plan_apply_test.go
reworked Node.Canonicalize() to enforce invariants, fixed a broken test
2021-03-26 18:58:38 +00:00
plan_apply.go
scheduler: detect and log unexpected scheduling collisions (#11793)
2022-01-14 20:09:14 -05:00
plan_endpoint_test.go
core: prevent malformed plans from crashing leader
2022-01-31 12:15:15 -08:00
plan_endpoint.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
plan_normalization_test.go
allow configuration of Docker hostnames in bridge mode (#11173)
2021-09-16 08:13:09 +02:00
plan_queue_test.go
nomad: fix test goroutine (#6593)
2019-10-31 08:23:32 -04:00
plan_queue.go
cleanup: prevent leaks from time.After
2022-02-02 14:32:26 -06:00
raft_rpc.go
Refactor
2018-02-15 13:59:00 -08:00
regions_endpoint_test.go
tests: swap lib/freeport for tweaked helper/freeport
2019-12-09 08:37:32 -06:00
regions_endpoint.go
server
2018-09-15 16:23:13 -07:00
rpc_test.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
rpc.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
scaling_endpoint_test.go
rpc: fix scaling policy get index response when policy is found.
2021-11-26 10:40:27 +01:00
scaling_endpoint.go
chore: fixup inconsistent method receiver names. (#11704)
2021-12-20 11:44:21 +01:00
search_endpoint_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
search_endpoint_test.go
api: fuzzy search results include job name with id in scope
2021-04-16 17:03:36 -06:00
search_endpoint.go
api: include ent fuzzy struct types in oss
2021-04-20 11:19:38 -06:00
serf_test.go
deflake TestNomad_BootstrapExpect and other leader tests
2021-06-10 22:04:10 -04:00
serf.go
tweak bootstrap testing
2021-01-04 09:00:40 -05:00
server_setup_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
server_test.go
Make number of scheduler workers reloadable (#11593)
2022-01-06 11:56:13 -05:00
server.go
cleanup: prevent leaks from time.After
2022-02-02 14:32:26 -06:00
stats_fetcher_test.go
Simplify Bootstrap logic in tests
2020-03-02 13:47:43 -05:00
stats_fetcher.go
server
2018-09-15 16:23:13 -07:00
status_endpoint_test.go
tests: swap lib/freeport for tweaked helper/freeport
2019-12-09 08:37:32 -06:00
status_endpoint.go
chore: fix incorrect docstring formatting.
2021-08-30 11:08:12 +02:00
system_endpoint_test.go
Events/msgtype cleanup (#9117)
2020-10-19 09:30:15 -04:00
system_endpoint.go
chore: fix incorrect docstring formatting.
2021-08-30 11:08:12 +02:00
testing_oss.go
gofmt all the files
2021-10-01 10:14:28 -04:00
testing.go
Make number of scheduler workers reloadable (#11593)
2022-01-06 11:56:13 -05:00
timetable_test.go
fixup! vendor: explicit use of hashicorp/go-msgpack
2020-03-31 09:48:07 -04:00
timetable.go
vendor: explicit use of hashicorp/go-msgpack
2020-03-31 09:45:21 -04:00
util_test.go
remove unused dropButLastChannel
2020-02-13 18:56:53 -05:00
util.go
fix mTLS certificate check on agent to agent RPCs (#11998)
2022-02-04 20:35:20 -05:00
vault_test.go
Merge pull request #8524 from hashicorp/b-vault-health-checks
2020-08-11 16:01:07 -04:00
vault_testing.go
chore: fix incorrect docstring formatting.
2021-08-30 11:08:12 +02:00
vault.go
cleanup: prevent leaks from time.After
2022-02-02 14:32:26 -06:00
worker_string_schedulerworkerstatus.go
Make number of scheduler workers reloadable (#11593)
2022-01-06 11:56:13 -05:00
worker_string_workerstatus.go
Make number of scheduler workers reloadable (#11593)
2022-01-06 11:56:13 -05:00
worker_test.go
scheduler: detect and log unexpected scheduling collisions (#11793)
2022-01-14 20:09:14 -05:00
worker.go
scheduler: detect and log unexpected scheduling collisions (#11793)
2022-01-14 20:09:14 -05:00