luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/xds
History
R.B. Boyer 2c329475ce
state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 
Because peerings are pairwise, between two tuples of (datacenter,
partition) having any exported reference via a discovery chain that
crosses out of the peered datacenter or partition will ultimately not be
able to work for various reasons. The biggest one is that there is no
way in the ultimate destination to configure an intention that can allow
an external SpiffeID to access a service.

This PR ensures that a user simply cannot do this, so they won't run
into weird situations like this.
 		2022-07-12 11:03:41 -05:00
..
proxysupport connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
serverlessplugin Fix spelling mistake in serverless patcher (#13607) 2022-06-29 15:21:21 -04:00
testdata state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
xdscommon peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362) 2022-06-03 16:42:50 -05:00
clusters.go state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
clusters_test.go feat: tgtwy xDS generation for destinations 2022-06-16 16:17:49 -04:00
config.go Fix proto lint errors after version bump 2022-05-24 18:44:54 -07:00
config_test.go Support Incremental xDS mode (#9855) 2021-04-29 13:54:05 -05:00
delta.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
delta_test.go add general runstep test helper instead of copying it all over the place (#13013) 2022-05-10 15:25:51 -05:00
endpoints.go state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
endpoints_test.go xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
envoy_versioning.go connect: Add Envoy 1.22 to integration tests, remove Envoy 1.18 (#12805) 2022-04-18 09:36:07 -07:00
envoy_versioning_test.go connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
failover_math.go xds: default to speaking xDS v3, but allow for v2 to be spoken upon request (#9658) 2021-02-26 16:23:15 -06:00
failover_math_test.go partition dicovery chains (#10983) 2021-09-07 16:29:32 -04:00
golden_test.go connect: Add Envoy 1.21.1 to support matrix, remove 1.17.4 (#12777) 2022-04-14 10:44:42 -07:00
listeners.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
listeners_ingress.go Configure upstream TLS context with peer root certs (#13321) 2022-06-01 15:53:52 -06:00
listeners_test.go feat: tgtwy xDS generation for destinations 2022-06-16 16:17:49 -04:00
naming.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
net_fallback.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
net_linux.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
protocol_trace.go Support Incremental xDS mode (#9855) 2021-04-29 13:54:05 -05:00
rbac.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
rbac_test.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
resources.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
resources_oss_test.go xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
resources_test.go xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624) 2022-06-28 14:52:25 -05:00
response.go Continue working through proxy and agent 2021-05-04 12:41:43 -07:00
routes.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
routes_test.go xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
server.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
server_oss.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
serverless_plugin_oss_test.go Fix spelling mistake in serverless patcher (#13607) 2022-06-29 15:21:21 -04:00
testing.go xds: fix for delta xDS reconnect bug in LDS/CDS (#12174) 2022-01-25 11:24:27 -06:00
xds.go Remove unused customEDSClusterJSON 2020-03-27 15:38:16 -04:00
xds_protocol_helpers_test.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
z_xds_packages.go Add connection limit setting to service defaults 2022-05-24 10:13:38 -07:00
z_xds_packages_test.go xds: ensure that all envoyproxy/go-control-plane protobuf symbols are linked into the final binary (#10131) 2021-04-29 14:58:26 -05:00