open-consul/agent/connect
Chris S. Kim 4cb251497f
Update RBAC to handle imported services (#13404)
When converting from Consul intentions to xds RBAC rules, services imported from other peers must encode additional data like partition (from the remote cluster) and trust domain.

This PR updates the PeeringTrustBundle to hold the sending side's local partition as ExportedPartition. It also updates RBAC code to encode SpiffeIDs of imported services with the ExportedPartition and TrustDomain.
2022-06-10 17:15:22 -04:00
..
ca Configure upstream TLS context with peer root certs (#13321) 2022-06-01 15:53:52 -06:00
authz.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
authz_test.go
common_names.go
csr.go ConnectCA.Sign gRPC Endpoint (#12787) 2022-04-14 14:26:14 +01:00
generate.go ca: examine the full chain in newCARoot 2022-02-17 18:21:30 -05:00
generate_test.go
parsing.go ca: examine the full chain in newCARoot 2022-02-17 18:21:30 -05:00
sni.go peering: replicate expected SNI, SPIFFE, and service protocol to peers (#13218) 2022-05-25 12:37:44 -05:00
sni_test.go peering: replicate expected SNI, SPIFFE, and service protocol to peers (#13218) 2022-05-25 12:37:44 -05:00
testing_ca.go peering: replicate expected SNI, SPIFFE, and service protocol to peers (#13218) 2022-05-25 12:37:44 -05:00
testing_ca_test.go
testing_spiffe.go
uri.go
uri_agent.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
uri_agent_oss.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
uri_agent_oss_test.go
uri_service.go Update RBAC to handle imported services (#13404) 2022-06-10 17:15:22 -04:00
uri_service_oss.go Update RBAC to handle imported services (#13404) 2022-06-10 17:15:22 -04:00
uri_service_oss_test.go Update RBAC to handle imported services (#13404) 2022-06-10 17:15:22 -04:00
uri_signing.go
uri_signing_test.go
uri_test.go
x509_patch.go
x509_patch_test.go