Merge branch 'fix-sw-qa' of ssh://github.com/hashicorp/consul into fi…

…x-sw-qa
hashicorp · Jul 19, 2023 · 56576b3 · 56576b3
2 parents bb9493c + ab44712
commit 56576b3
Show file tree

Hide file tree

Showing 301 changed files with 18,526 additions and 2,430 deletions.
diff --git a/.changelog/17694.txt b/.changelog/17694.txt
@@ -0,0 +1,3 @@
+```release-note:feature
+Windows: support consul connect envoy command on Windows
+```
diff --git a/.changelog/17754.txt b/.changelog/17754.txt
@@ -0,0 +1,3 @@
+```release-note:feature
+ui: Display the Consul agent version in the nodes list, and allow filtering and sorting of nodes based on versions.
+```
diff --git a/.changelog/17885.txt b/.changelog/17885.txt
@@ -0,0 +1,2 @@
+```release-note:bug
+ca: Fixed a bug where the Vault provider was not passing the configured role param for AWS auth
diff --git a/.changelog/18024.txt b/.changelog/18024.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+connect: fix a bug with Envoy potentially starting with incomplete configuration by not waiting enough for initial xDS configuration.
+```
diff --git a/.changelog/18080.txt b/.changelog/18080.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+Fix some typos in metrics docs
+```
diff --git a/.changelog/18112.txt b/.changelog/18112.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+ca: Fixes a Vault CA provider bug where updating RootPKIPath but not IntermediatePKIPath would not renew leaf signing certificates
+```
diff --git a/.github/workflows/build-distros.yml b/.github/workflows/build-distros.yml
@@ -2,7 +2,7 @@
 # It is aimed at checking new commits don't introduce any breaking build changes.
 name: build-distros
 
-on: 
+on:
   pull_request:
   push:
     branches:
@@ -33,7 +33,7 @@ jobs:
       run: ./.github/scripts/get_runner_classes.sh
 
   check-go-mod:
-    needs: 
+    needs:
     - setup
     uses: ./.github/workflows/reusable-check-go-mod.yml
     with:
@@ -43,8 +43,8 @@ jobs:
       elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
 
   build-386:
-    needs: 
-    - setup 
+    needs:
+    - setup
     - check-go-mod
     env:
       XC_OS: "freebsd linux windows"
@@ -56,7 +56,7 @@ jobs:
     - name: Setup Git
       if: ${{ endsWith(github.repository, '-enterprise') }}
       run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
-      
+
     - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
       with:
         go-version-file: 'go.mod'
@@ -68,7 +68,7 @@ jobs:
 
   build-amd64:
     needs:
-    - setup 
+    - setup
     - check-go-mod
     env:
       XC_OS: "darwin freebsd linux solaris windows"
@@ -80,7 +80,7 @@ jobs:
     - name: Setup Git
       if: ${{ endsWith(github.repository, '-enterprise') }}
       run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
-      
+
     - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
       with:
         go-version-file: 'go.mod'
@@ -92,7 +92,7 @@ jobs:
 
   build-arm:
     needs:
-    - setup 
+    - setup
     - check-go-mod
     runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }}
     env:
@@ -105,7 +105,7 @@ jobs:
     - name: Setup Git
       if: ${{ endsWith(github.repository, '-enterprise') }}
       run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
-      
+
 
     - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
       with:
@@ -117,6 +117,26 @@ jobs:
     - run: CC=arm-linux-gnueabihf-gcc GOARCH=arm GOARM=6 go build -tags "${{ env.GOTAGS }}"
     - run: CC=aarch64-linux-gnu-gcc GOARCH=arm64 go build -tags "${{ env.GOTAGS }}"
 
+
+  build-s390x:
+    if: ${{ endsWith(github.repository, '-enterprise') }}
+    needs:
+    - setup
+    - check-go-mod
+    runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }}
+    steps:
+    - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+
+    # NOTE: This step is specifically needed for ENT. It allows us to access the required private HashiCorp repos.
+    - name: Setup Git
+      run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
+
+    - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
+      with:
+        go-version-file: 'go.mod'
+    - name: Build
+      run: GOOS=linux GOARCH=s390x CGO_ENABLED=0 go build -tags "${{ env.GOTAGS }}"
+
   # This is job is required for branch protection as a required gihub check
   # because GitHub actions show up as checks at the job level and not the
   # workflow level.  This is currently a feature request:
@@ -126,18 +146,18 @@ jobs:
   # - be placed after the fanout of a workflow so that everything fans back in
   #   to this job.
   # - "need" any job that is part of the fan out / fan in
-  # - implement the if logic because we have conditional jobs 
-  #   (go-test-enteprise) that this job needs and this would potentially get 
-  #   skipped if a previous job got skipped.  So we use the if clause to make 
+  # - implement the if logic because we have conditional jobs
+  #   (go-test-enteprise) that this job needs and this would potentially get
+  #   skipped if a previous job got skipped.  So we use the if clause to make
   # sure it does not get skipped.
-
   build-distros-success:
-    needs: 
+    needs:
     - setup
     - check-go-mod
     - build-386
     - build-amd64
     - build-arm
+    - build-s390x
     runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }}
     if: ${{ always() }}
     steps:

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -57,6 +57,7 @@ jobs:
           echo "Product Date: ${{ needs.set-product-version.outputs.product-date }}"
           echo "Prerelease Version: ${{ needs.set-product-version.outputs.pre-version }}"
           echo "Ldflags: ${{ needs.set-product-version.outputs.shared-ldflags }}"
+
   generate-metadata-file:
     needs: set-product-version
     runs-on: ubuntu-latest
@@ -173,6 +174,57 @@ jobs:
           name: ${{ env.DEB_PACKAGE }}
           path: out/${{ env.DEB_PACKAGE }}
 
+  build-s390x:
+    needs: set-product-version
+    if: ${{ endsWith(github.repository, '-enterprise') }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - {go: "1.20.4", goos: "linux", goarch: "s390x"}
+      fail-fast: true
+
+    name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
+    steps:
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+
+      - name: Setup with node and yarn
+        uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
+        with:
+          node-version: '14'
+          cache: 'yarn'
+          cache-dependency-path: 'ui/yarn.lock'
+
+      - name: Build UI
+        run: |
+          CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }}
+          CONSUL_DATE=${{ needs.set-product-version.outputs.product-date }}
+          CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE}
+          CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD)
+          echo "consul_version is ${CONSUL_VERSION}"
+          echo "consul_date is ${CONSUL_DATE}"
+          echo "consul binary type is ${CONSUL_BINARY_TYPE}"
+          echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}"
+          cd ui && make && cd ..
+          rm -rf agent/uiserver/dist
+          mv ui/packages/consul-ui/dist agent/uiserver/
+      - name: Go Build
+        env:
+          PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }}
+          PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }}
+          CGO_ENABLED: "0"
+          GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}"
+        uses: hashicorp/actions-go-build@v0.1.7
+        with:
+          product_name: ${{ env.PKG_NAME }}
+          product_version: ${{ needs.set-product-version.outputs.product-version }}
+          go_version: ${{ matrix.go }}
+          os: ${{ matrix.goos }}
+          arch: ${{ matrix.goarch }}
+          reproducible: report
+          instructions: |-
+            go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false
+
   build-darwin:
     needs: set-product-version
     runs-on: macos-latest
@@ -186,7 +238,7 @@ jobs:
     name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
     steps:
       - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
-          
+
       - name: Setup with node and yarn
         uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
         with:
@@ -319,7 +371,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        arch: ["386", "amd64", "arm", "arm64"]
+        arch: ["386", "amd64", "arm", "arm64", "s390x"]
       fail-fast: true
     env:
       version: ${{ needs.set-product-version.outputs.product-version }}
@@ -328,8 +380,10 @@ jobs:
     name: Verify ${{ matrix.arch }} linux binary
     steps:
       - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }}
 
       - name: Download ${{ matrix.arch  }} zip
+        if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }}
         uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
         with:
           name: ${{ env.zip_name }}
@@ -342,6 +396,7 @@ jobs:
           platforms: arm,arm64
 
       - name: Run verification for ${{ matrix.arch }} binary
+        if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }}
         run: .github/scripts/verify_artifact.sh ${{ env.zip_name }} v${{ env.version }}
 
   verify-darwin:
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		```release-note:bug
		ca: Fixed a bug where the Vault provider was not passing the configured role param for AWS auth