luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/proxycfg
History
R.B. Boyer 2c329475ce
state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 
Because peerings are pairwise, between two tuples of (datacenter,
partition) having any exported reference via a discovery chain that
crosses out of the peered datacenter or partition will ultimately not be
able to work for various reasons. The biggest one is that there is no
way in the ultimate destination to configure an intention that can allow
an external SpiffeID to access a service.

This PR ensures that a user simply cannot do this, so they won't run
into weird situations like this.
 		2022-07-12 11:03:41 -05:00
..
connect_proxy.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
data_sources.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
data_sources_oss.go proxycfg: replace direct agent cache usage with interfaces (#13320) 2022-06-01 16:18:06 +01:00
ingress_gateway.go proxycfg: replace direct agent cache usage with interfaces (#13320) 2022-06-01 16:18:06 +01:00
manager.go proxycfg: replace direct agent cache usage with interfaces (#13320) 2022-06-01 16:18:06 +01:00
manager_test.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
mesh_gateway.go xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624) 2022-06-28 14:52:25 -05:00
mesh_gateway_oss.go proxycfg: remove dependency on `cache.UpdateEvent` (#13144) 2022-05-20 15:47:40 +01:00
naming.go peering: Make Upstream peer-aware (#12900) 2022-04-29 18:12:51 -04:00
naming_oss.go peering: Make Upstream peer-aware (#12900) 2022-04-29 18:12:51 -04:00
naming_test.go peering: Make Upstream peer-aware (#12900) 2022-04-29 18:12:51 -04:00
proxycfg.go Enable servers to configure arbitrary proxies from the catalog (#13244) 2022-05-27 12:38:52 +01:00
snapshot.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
state.go peering: allow mesh gateways to proxy L4 peered traffic (#13339) 2022-06-06 14:20:41 -05:00
state_oss_test.go proxycfg: replace direct agent cache usage with interfaces (#13320) 2022-06-01 16:18:06 +01:00
state_test.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
terminating_gateway.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
testing.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
testing_connect_proxy.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
testing_ingress_gateway.go fix: multiple grpc/http2 services for ingress listeners 2022-05-26 10:43:58 -04:00
testing_mesh_gateway.go state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
testing_oss.go proxycfg: replace direct agent cache usage with interfaces (#13320) 2022-06-01 16:18:06 +01:00
testing_peering.go xds: allow for peered upstreams to use tagged addresses that are hostnames (#13422) 2022-06-10 16:11:40 -05:00
testing_terminating_gateway.go proxycfg: server-local intentions data source 2022-07-04 10:48:36 +01:00
testing_tproxy.go proxycfg: remove dependency on `cache.UpdateEvent` (#13144) 2022-05-20 15:47:40 +01:00
testing_upstreams.go proxycfg: remove dependency on `cache.UpdateEvent` (#13144) 2022-05-20 15:47:40 +01:00
upstreams.go xds: allow for peered upstreams to use tagged addresses that are hostnames (#13422) 2022-06-10 16:11:40 -05:00