Commit Graph

5299 Commits (CC-5545/upgrade-hds-packages)

Author SHA1 Message Date
Iryna Shustava 105ebfdd00
catalog, mesh: implement missing ACL hooks (#19143)
1 year ago
R.B. Boyer 20d1fb8c78
server: run the api checks against the path without params (#19205)
1 year ago
Dhia Ayachi 5fbf0c00d3
Add namespace read write tests (#19173)
1 year ago
Thomas Eckert 76c60fdfac
Golden File Tests for TermGW w/ Cluster Peering (#19096)
1 year ago
Nitya Dhanushkodi 95d9b2c7e4
[NET-4931] xdsv2, sidecarproxycontroller, l4 trafficpermissions: support L7 (#19185)
1 year ago
Iryna Shustava 25283f0ec2
get-envoy-bootstrap-params: when v2 is enabled, use computed proxy configuration (#19175)
1 year ago
Chris S. Kim 197bcd4164
Refactor connect_auth.go into agent_endpoint.go (#19166)
1 year ago
John Maguire 7a323c492b
[NET-5457] Golden Files for Multiple Virtual Hosts (#19131)
1 year ago
John Murret 6cbd417f29
NET-5822 - Add default outbound router in TProxy (#19087)
1 year ago
R.B. Boyer b9ab63c55d
server: when the v2 catalog experiment is enabled reject api and rpc requests that are for the v1 catalog (#19129)
1 year ago
John Maguire 8bebfc147d
[NET-5457] Fix CE code for jwt multiple virtual hosts bug (#19123)
1 year ago
Semir Patel 830c4ea81c
v2tenancy: cluster scoped reads (#19082)
1 year ago
Dhia Ayachi 226590541c
Activate verifier when running WAL with experimental features (#19102)
1 year ago
Chris S. Kim 92ce814693
Remove old build tags (#19128)
1 year ago
Chris Thain dcdf2fc6ba
Update Vault CA provider namespace configuration (#19095)
1 year ago
Ashesh Vidyut a30ccdf5dc
NET-4135 - Fix NodeMeta filtering Catalog List Services API (#18322)
1 year ago
Derek Menteer af3439b53d
Ensure that upstream configuration is properly normalized. (#19076)
1 year ago
Dhia Ayachi ed882e2522
Make raft-wal default when `resource-apis` is active (#19090)
1 year ago
Thomas Eckert 342306c312
Allow connections through Terminating Gateways from peered clusters NET-3463 (#18959)
1 year ago
Chris S. Kim aa526db225
Retry flaky tests (#19088)
1 year ago
Chris S. Kim ad26494016
[CE] Add workload bind type and templated policy (#19077)
1 year ago
Eric Haberkorn f2b7b4591a
Fix Traffic Permissions Default Deny (#19028)
1 year ago
John Murret d67e5c6e35
NET-5590 - authorization: check for identity:write in CA certs, xds server, and getting envoy bootstrap params (#19049)
1 year ago
Chris S. Kim 41e6f6cd8b
Reduce number of ports that consul test agents take (#19047)
1 year ago
sarahalsmiller 9addd9ed7c
[NET-5788] Fix needed for JWTAuth in Consul Enterprise (#19038)
1 year ago
Nitya Dhanushkodi 9a48266712
remove log (#19029)
1 year ago
Chris Thain 5e45db18b7
Include RequestTimeout in marshal/unmarshal of ServiceResolverConfigE… (#19031)
1 year ago
Eric Haberkorn 7ce6ebaeb3
Handle Traffic Permissions With Empty Sources Properly (#19024)
1 year ago
Iryna Shustava 06c15d0656
auth: register auth controllers with the server (#19000)
1 year ago
Iryna Shustava e6b724d062
catalog,mesh,auth: Move resource types to the proto-public module (#18935)
1 year ago
R.B. Boyer 7688178ad2
peerstream: fix flaky test related to autopilot integration (#18979)
1 year ago
Iryna Shustava d88888ee8b
catalog,mesh,auth: Bump versions to v2beta1 (#18930)
1 year ago
R.B. Boyer ef6f2494c7
resource: allow for the ACLs.Read hook to request the entire data payload to perform the authz check (#18925)
1 year ago
Nitya Dhanushkodi 0a11499588
net-5689 fix disabling panic threshold logic (#18958)
1 year ago
Chris S. Kim 565e79344f
Dump response body on fail (#18962)
1 year ago
Ronald 276c60a947
skip flaky test (#18949)
1 year ago
John Landa 9eaa8eb026
dns token (#17936)
1 year ago
Dhia Ayachi 341dc28ff9
Add namespace proto and registration (#18848)
1 year ago
R.B. Boyer d574473fd1
mesh: make FailoverPolicy work in xdsv2 and ProxyStateTemplate (#18900)
1 year ago
Ronald c8299522b5
[NET-5332] Add nomad server templated policy (#18888)
1 year ago
Nitya Dhanushkodi 3a2e62053a
v2: various fixes to make K8s tproxy multiport acceptance tests and manual explicit upstreams (single port) tests pass (#18874)
1 year ago
Nick Ethier 1a3081ab32
agent/config: prevent startup if resource-apis experiment and cloud are enabled (#18876)
1 year ago
Blake Covarrubias 019c62e1ba
xds: Use downstream protocol when connecting to local app (#18573)
1 year ago
Eric Haberkorn 170417ac97
Honor Default Traffic Permissions in V2 (#18886)
1 year ago
Iryna Shustava 212793a4ee
mesh: only build tproxy outbound listener once per destination (#18836)
1 year ago
Chris S. Kim 91e6c3a82f
Remove flaky test assertions (#18870)
1 year ago
Semir Patel 62796a1454
resource: mutate and validate before acls on write (#18868)
1 year ago
Ronald 49cb84297f
Move ACL templated policies to hcl files (#18853)
1 year ago
Andrew Stucki 087539fc7b
Fix gateway services cleanup where proxy deregistration happens after service deregistration (#18831)
1 year ago
Dhia Ayachi 4435e4a420
add v2 tenancy bridge Flag and v2 Tenancy Bridge initial implementation (#18830)
1 year ago