luxolus/open-consul
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-consul/agent/xds
History
R.B. Boyer 2c329475ce
state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 
Because peerings are pairwise, between two tuples of (datacenter,
partition) having any exported reference via a discovery chain that
crosses out of the peered datacenter or partition will ultimately not be
able to work for various reasons. The biggest one is that there is no
way in the ultimate destination to configure an intention that can allow
an external SpiffeID to access a service.

This PR ensures that a user simply cannot do this, so they won't run
into weird situations like this.
2022-07-12 11:03:41 -05:00
..
proxysupport connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
serverlessplugin Fix spelling mistake in serverless patcher (#13607) 2022-06-29 15:21:21 -04:00
testdata state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
xdscommon peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362) 2022-06-03 16:42:50 -05:00
clusters.go state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
clusters_test.go feat: tgtwy xDS generation for destinations 2022-06-16 16:17:49 -04:00
config.go Fix proto lint errors after version bump 2022-05-24 18:44:54 -07:00
config_test.go
delta.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
delta_test.go add general runstep test helper instead of copying it all over the place (#13013) 2022-05-10 15:25:51 -05:00
endpoints.go state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726) 2022-07-12 11:03:41 -05:00
endpoints_test.go xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
envoy_versioning.go
envoy_versioning_test.go connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
failover_math.go
failover_math_test.go
golden_test.go
listeners.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
listeners_ingress.go Configure upstream TLS context with peer root certs (#13321) 2022-06-01 15:53:52 -06:00
listeners_test.go feat: tgtwy xDS generation for destinations 2022-06-16 16:17:49 -04:00
naming.go
net_fallback.go
net_linux.go
protocol_trace.go
rbac.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
rbac_test.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
resources.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
resources_oss_test.go xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
resources_test.go xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624) 2022-06-28 14:52:25 -05:00
response.go
routes.go xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 2022-06-29 10:29:54 -05:00
routes_test.go xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
server.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
server_oss.go
serverless_plugin_oss_test.go Fix spelling mistake in serverless patcher (#13607) 2022-06-29 15:21:21 -04:00
testing.go
xds.go
xds_protocol_helpers_test.go xds: remove HTTPCheckFetcher dependency (#13366) 2022-06-06 15:15:33 +01:00
z_xds_packages.go Add connection limit setting to service defaults 2022-05-24 10:13:38 -07:00
z_xds_packages_test.go