Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Refactor ConsulLogin() to return the acltoken in addition to theerror. * Refactor createACLPolicyRoleAndBindingRule toappend datacenters for local tokens. Refactor updateOrCreateBindingRule to create binding rule if there are binding rules but this one does not exist * Rename -create-client-token flag to -client * set additional sans for consul server load balancer so that client will be able to use the certificate to talk to the load balancers rather than just an individual server. * Refactor server-acl-init command to create ACL Policy and Rule for client component so that client can call ConsulLogin and receive and ACL Token Call. * Enable client to talk to Consul Server to perform consul login. * Pass Auth Method to k8s al-init command. * Configure Consul address to be the Consul Server Load Balancer. * Configure CA Cert volume to be in memory rather than k8s secret when using vault. * Set consul/login volume and CONSUL_HTTP_TOKEN_FILE for use during logout. * Setup prestop command to perform consul logout. * Configure client-daemonset so that we can utilize the externalServers setting to configure clients to be able to call consul login on a server that is on a different partition. * Configuring partition-init to remove additional flags and use ones that already exist * adding missing comma * fix flakey tests by wrapping asserts in retries a la Iryna * Adding -use-https flag to client-daemonset.yaml when externalServers are enabled * Refactoring tests to cover client-acl-init changes * addressing PR comments * removing mounted tmpfs for consul-ca-cert when using vault and restoring datacenter logic because of breaking test. * addressing PR comments and only appending datacenters to a policy when its a local token, not global tokens. * completing additional dns names based on PR feedback * Do not ca-cert volume when using vault. * removing unused flagConsulCACert from partition-init command * PR Feedback. Removing unused envvars in acl-init container. changing ConsulLogin to return secretID, error instead ok token, error.
- Loading branch information