mirror of https://github.com/hashicorp/consul
Branch:
CSLC-91-egress-connect-proxy
1.14.0-beta1
1.6.2
18831-backport1.14.10
18831-backport1.15.6
18831-backport1.16.2
404-checker-update
Amier3-patch-1
CC-5545/upgrade-hds-packages
CC-6363/downgrade-node-for-ci
CC-6363/downgrade-node-for-v-1-point-15
CC-7146/Sidebar-item-for-linking-status
CC-7146/convert-consul-hcp-to-a-simpler-component-for-some-upcoming-changes
CC-7146/hcp-link-item-in-the-nav-bar
CSLC-103-egress-gtwy-cert-tgtwy
CSLC-91-egress-connect-proxy
CSLC-91-egress-connect-proxy-2
CTIA-8-verify-builds-v2
FFMMM-patch-1
GH-migration-add-oss-ent-builder-logic
HCPCP-1619-unix-socket-host
NET-10248-consul-cross-namespace-requests-to-a-terminating-gateway-fail-with-no-healthy-upstream
NET-10288-Bump-go-to-resolve-CVE-2024-24791
NET-10290-Bump-envoy-to-resolve-CVE-2024-39305
NET-10719-fix-apigw-jwt-cluster-generation
NET-1530-set-envoy-ext-rate-limit-plugin
NET-1594-backport
NET-1594-backport-1.14.x
NET-1594-backport-1.15.x
NET-1643-66794-consul-version-in-prometheus-format-metrics-is-0
NET-1723/append-rules
NET-1728/remove-docs-with-token-param
NET-1805-cleanup-test-container-lib-basic-topology-single-dc
NET-1805-upgrade-test-grpc
NET-2029-Normalize-status-for-new-config-entry-types
NET-2063-Implementation-API-GW-Use-XDS-primitives-instead-of-Ingress-GW-primitives
NET-2088-upgrade-test-ingress-gateway
NET-3059/acl-agent-api
NET-3914-gha-change-upgrade-test-small-runner
NET-3914-gha-change-upgrade-test-small-runner-no-splitting
NET-3914-gha-resolve-the-issue-of-running-multiple-docker-container
NET-3914-gha-run-compat-tests-single-runner
NET-3914-gha-upgrade-test-single-runner
NET-4277
NET-4277-tests
NET-438/add-ent-version-suffix
NET-4558-Address-comments-for-PR-https-github.com-hashicorp-consul-pull-15235
NET-4924_update_readme
NET-5017-status-condition-fixes
NET-5084/TrafficPermission-WorkloadIdentity-protos
NET-5090/implicit-destinations
NET-5147-plumbing
NET-5327-consistency-docs
NET-581-Configure-Vault-namespaces-for-Connect-CA-via-Helm-Stanza
NET-5889-absl
NET-6313/resource-list-poc
NET-6354
NET-6416-meshgateway-acls
NET-6453/skip-traffic-permission-test-on-M1
NET-6469/add-custom-watch
NET-6608
NET-6820-Mesh-GW-Customize-mesh-gateway-proxy-limits
NET-6821-Host-Header-Rewrite
NET-685-rate-limiting-to-registering-imported-services
NET-7014-consul-Look-up-mesh-gateway-controlling-workload-instead-of-assuming-its-identity
NET-7376-consul-consul-k8s-Set-status-on-APIGateway-with-required-info-from-kubesig
NET-800-add-internal-endpoint-to-return-all-exported-services-to-a-given-peer
NET-801-add-internal-endpoint-to-return-peer-stream-health-from-peerstream-tracker
NET-818-server-cert
NET-8983/raft-version-bump
RELENG-305
RELTOOL-20
SECVULN-6892-word-wrap
SECVULN-8533-lodash-template
SECVULN-8621_consul_api_validate_request_content_type
SuyashHashiCorp-patch-1
SuyashHashiCorp-patch-1-1
SuyashHashiCorp-patch-2
a10-thunder-adc
aahel
acl/wait-for-token-replication-to-use-token
acpana/clean-peer-2
acpana/no-19-metrics
acpana/nonuser-peering-reg-3
acpana/peering-imported-counter
add-bind-type-policy
add-docs-for-anno
add-downstream-service-meta
add-linter-net-rpc-2-test
add-linter-net-rpc-r2
add-missing-consul-env-file
add-new-golden-file-tests
add-partitions-to-e2e-gateway-tests
add-patches
add-peering-changes
add-peering-commontopo-tests-ci-fiddling
add-ui-checker
add_build_ui
adds-helm-docs-update-from-1-4-2-consul-k8s
agent/tls-types
anita-upgrade-fix
ap/exports-docs
ap/main-docs
api-gateway-all-controllers
api-gateway-sds-fixes
api-gateway-ui
api-gw-docs-broken-link
apivalidateclusters
architecture-log
ariadne/hack/backend
art
artifact-manifest/main/smoothly-fresh-quagga
ashwin-michael/crd-auto-generation
b-ui/manual-backport-d3-color
b/scada-retry-disconnect
backend-changes-doesnt-run-frontend-task-on-ci-test
backport-1.16-fix-snapshot-test
backport-squashing-fix-for-namespaces
backport/1.11.x/11107
backport/1.13.x/api-gw-docs
backport/16955-transfer-leader/safely-positive-bobcat
backport/CC-7146/convert-consul-hcp-to-a-simpler-component-for-some-upcoming-changes/barely-trusting-yeti
backport/CE-564-external-services-crd/carefully-generous-kodiak
backport/CE-572-file-system-certificate/slowly-pure-herring
backport/CE-577-release-notes/namely-fleet-lionfish
backport/CI-upload-upgrade-test-to-datadog/incredibly-helping-pig
backport/CTIA-5-gh-12578-endpoint-returns-500-instead-of-404/merely-optimum-wahoo
backport/CTIA-5-gh-12578-endpoint-returns-500-instead-of-404/partly-liberal-bluegill
backport/CTIA-5-gh-12578-endpoint-returns-500-instead-of-404/reliably-dear-hen
backport/NET-10288-Bump-go-to-resolve-CVE-2024-24791/wrongly-optimal-lamprey
backport/NET-1521/conversely-romantic-dodo
backport/NET-2292-upgrade-port-http/initially-innocent-dodo
backport/NET-3474/start-reporting-agent/slowly-inviting-whippet
backport/NET-3476/add-reporting-config/quickly-talented-wildcat
backport/NET-3860/moderately-awake-grouse
backport/NET-3860/namely-curious-iguana
backport/NET-3860/uniformly-funny-pug
backport/NET-3893/container-logs/intensely-nice-boar
backport/NET-3893/container-logs/obviously-primary-sawfly
backport/NET-3914-fix-container-test-slow-image-build/sharply-game-mastiff
backport/NET-4135/fairly-stable-lamb
backport/NET-4135/marginally-ultimate-sculpin
backport/NET-4519/annually-huge-filly
backport/NET-4519/deadly-precise-jawfish
backport/NET-4519/heavily-equal-spaniel
backport/NET-5611_fix_trigger_ci/simply-relevant-foal
backport/NET-5688-gwui-fixes/mentally-superb-prawn
backport/NET-5688-gwui-fixes/noticeably-easy-magpie
backport/NET-8717-Vulnerabilities-in-consul-enterprise-d3-color/accurately-normal-snipe
backport/RELPLAT-897-copywrite-bot-workarounds/likely-content-goshawk
backport/RELPLAT-980-license-file-updates/vertically-modern-dogfish
backport/SECVULN-8633-TOB-CONSUL24-17-Consul-configuration-allows-repeated-keys/publicly-deciding-hookworm
backport/Suppress-CVE-2024-8096/gradually-brave-ewe
backport/Suppress-CVE-2024-8096/quietly-brief-koala
backport/add-ent-and-ce-frontend-test-runs-to-pr/morally-sure-fowl
backport/add-ent-and-ce-frontend-test-runs-to-pr/painfully-outgoing-drum
backport/add-ent-and-ce-frontend-test-runs-to-pr/similarly-new-sloth
backport/add-query-for-namespace-lookup-when-creating-services
backport/add-release-config-key/gradually-wanted-trout
backport/add-release-config-key/lightly-sterling-mongrel
backport/add-release-config-key/mentally-equal-wallaby
backport/add-tests-for-gw-proxy-controller/loosely-primary-crane
backport/am-ak-patch-1/really-stirring-flounder
backport/api-gateway-install-redirrects/wholly-one-sunbird
backport/asheshvidyut/NET-3865/gratefully-apt-haddock
backport/ashwin/cluster-peering-helm-docs/curiously-legible-drum
backport/ashwin/envoy-readiness/cleanly-supreme-poodle
backport/ashwin/envoy-readiness/visually-warm-sunfish
backport/ashwin/generate-proto-deep-copy-json-marshal/naturally-exotic-anemone
backport/ashwin/peer-count-metric/greatly-many-chimp
backport/ashwin/recreate-token-docs/virtually-new-koi
backport/ashwin/use-prxoy-health-docs/uniformly-new-cattle
backport/backport/remove-CONSUL_HCP_LINK_ENABLED-flag/scarcely-precise-silkworm-manual
backport/brk.chore/remove-link-format-check/promptly-aware-garfish
backport/brk.fix/update-links-for-developer/reasonably-choice-vulture
backport/broken_links/evidently-improved-starfish
backport/broken_links/lately-faithful-falcon
backport/broken_links/regularly-living-monitor
backport/catalog-deregistration-fix/grossly-lenient-treefrog
backport/catalog-deregistration-fix/optionally-blessed-cockatoo
backport/cc-4361/hcp-metrics-bootstrap-config/manually-composed-snail
backport/cc-4519-collect-node-id/brightly-sharp-akita
backport/cc-4519-collect-node-id/suitably-funky-warthog
backport/cc-4716-link-existing-clusters/hopelessly-full-koi
backport/cc-4716-link-existing-clusters/slightly-on-wren
backport/cc-4929-cap-socket-path/horribly-sunny-airedale
backport/cc-4960/hcp-telemetry-periodic-refresh/namely-joint-tarpon
backport/cc-4960/hcp-telemetry-periodic-refresh/quietly-splendid-leech
backport/cc-4960/move-first-fetch-into-provider/informally-exciting-blowfish
backport/cc-4960/move-first-fetch-into-provider/rapidly-climbing-airedale
backport/cc-4960/move-first-fetch-into-provider/separately-nearby-seagull
backport/cc-7147-link-to-hcp-modal/kindly-verified-snipe
backport/chore-fix-module-name/fully-giving-hagfish
backport/ci-remove-duplicate-test/actually-sensible-swine
backport/compliance/license-changes/vigorously-holy-escargot
backport/consul-collector-reduce-flush-intervals/externally-natural-pangolin
backport/consul-collector-reduce-flush-intervals/likely-loved-hog
backport/consul-er-add-service-discovery-seo-doc/notably-social-koala
backport/consul-k8s-docs-typo/firstly-present-hawk
backport/consul-k8s-docs-typo/largely-liked-badger
backport/correct-redhat-tags/humbly-central-cricket
backport/correct-redhat-tags/promptly-intense-dodo
backport/correct-redhat-tags/sadly-deep-tiger
backport/cp_NET-3684/mentally-fit-squirrel
backport/cthain/net-5807/vault-ca-namespace-config/heavily-rested-donkey
backport/cthain/net-5807/vault-ca-namespace-config/miserably-factual-blowfish
backport/danielehc-fix-filter-links/cleanly-humble-mole
backport/danielehc-fix-filter-links/vaguely-welcome-jawfish
backport/dans/NET-1757/access-logs-docs/only-definite-polecat
backport/dans/NET-3917/default-0s-initial_fetch_timeout/fairly-fluent-drake
backport/dans/NET-6796/dns-v2-catalog-v2-ns-soa/mostly-real-ibex
backport/dans/fix-snapshot-save-test/partly-sweeping-mollusk
backport/dans/fix-snapshot-save-test/vaguely-solid-sheepdog
backport/dans/fix-snapshot-save-test/willingly-golden-leopard
backport/david-yu-admin-partitions/deeply-fair-quagga
backport/david-yu-admin-partitions/eminently-awaited-porpoise
backport/david-yu-admin-partitions/gradually-open-octopus
backport/david-yu-admin-partitions/jointly-ready-mole
backport/david-yu-admin-partitions/officially-charming-orca
backport/david-yu-admin-partitions/typically-fast-shark
backport/david-yu-agent-latency-requirements/severely-ready-raccoon
backport/david-yu-build-dockerfile/mutually-assuring-albacore
backport/david-yu-cleanup-1-18/distinctly-stirring-catfish
backport/david-yu-docs-cluster-peering/poorly-flying-leopard
backport/david-yu-enterprise-image/noticeably-brave-man
backport/david-yu-enterprise-image/wholly-welcome-platypus
backport/david-yu-gke-autopilot/internally-sharp-thrush
backport/david-yu-gke-autopilot/recently-driving-dingo
backport/david-yu-k8s-install-helm/normally-cool-fish
backport/david-yu-k8s-install-helm/notably-thorough-crow
backport/david-yu-k8s-install-helm/trivially-intimate-aardvark
backport/david-yu-log-level-error/lightly-polite-porpoise
backport/david-yu-log-level-error/quickly-helping-ghoul
backport/david-yu-patch-2/correctly-eternal-hamster
backport/david-yu-patch-2/nominally-viable-squirrel
backport/david-yu-patch-3/informally-factual-colt
backport/david-yu-ubi/curiously-cunning-meerkat
backport/david-yu-ubi/publicly-loving-bluejay
backport/david-yu-ubi/secretly-balanced-rodent
backport/derekm/NET-3007/fix-peer-stream-cleanup/friendly-caring-krill
backport/derekm/NET-3881/health-call-loop-entfix/possibly-safe-swan
backport/derekm/NET-3881/health-call-loop/trivially-dashing-ox
backport/derekm/NET-4958/missing-endpoints/unlikely-positive-wildcat
backport/derekm/NET-7652/broadly-regular-firefly
backport/derekm/NET-7652/freely-peaceful-kit
backport/derekm/fix-cicd-docker-pull/steadily-evolved-kitten
backport/derekm/grpc-server-keepalive/gladly-popular-cod
backport/dev-image-publishing/willingly-literate-stag
backport/dev-portal/largely-exact-worm
backport/dev-portal/thoroughly-enabling-kid
backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow
backport/dhiaayachi/fix_panic_policy_delete/publicly-pumped-tadpole
backport/dhiaayachi/raft-wal-0.4.1/sadly-super-monarch
backport/disable_envoy_check/closely-liberal-monkfish
backport/disable_envoy_check/mistakenly-mighty-glider
backport/dns-parititon-docs/certainly-real-vulture
backport/doc-v2-traffic-permission/jointly-top-ant
backport/docs-nomad-ent/cheaply-guiding-sloth
backport/docs-nomad-ent/only-touched-mutt
backport/docs-nomad-ent/scarcely-thorough-anteater
backport/docs/1-10-upgrade-compatibility-clarification/distinctly-relaxing-snail
backport/docs/1-10-upgrade-compatibility-clarification/gradually-united-polecat
backport/docs/1-17-release-notes/friendly-smiling-sailfish
backport/docs/1-19-release-notes-fix/factually-evolving-koala
backport/docs/CE-749-remove-references-from-consul/humbly-leading-emu
backport/docs/add-rate-limit-ops-diagram/widely-alive-mallard
backport/docs/add-redirects-1.8-conf-entries/factually-relieved-flounder
backport/docs/add-redirects-1.8-conf-entries/freely-grateful-camel
backport/docs/add-redirects-1.8-conf-entries/illegally-driving-fawn
backport/docs/add-redirects-1.8-conf-entries/pleasantly-cunning-pig
backport/docs/added-1.17-features-to-enterprise-overview
backport/docs/added-redirects-for-conf-entries
backport/docs/added-redirects-for-conf-entries-1.13.x
backport/docs/added-redirects-for-conf-entries-1.14.x
backport/docs/address-multicluster-singledc-docs/hopefully-set-mallard
backport/docs/admin-partitions-114-update/correctly-enough-shad
backport/docs/admin-partitions-link-k8s/trivially-excited-jaybird
backport/docs/admin-partitions-node-scope/forcibly-bursting-kid
backport/docs/amb.migrate-link-formats/adversely-helping-troll
backport/docs/amb.migrate-link-formats/jointly-renewed-dolphin
backport/docs/amb.migrate-link-formats/thoroughly-obliging-trout
backport/docs/amb.migrate-link-formats/truly-supreme-hagfish
backport/docs/amb.migrate-link-formats/usually-sweeping-panda
backport/docs/api-gw-k8s-add-upgrade-step-1.16/fully-suited-cattle
backport/docs/apigee-backports/deeply-active-jackal
backport/docs/auto-cert-1-13-2/constantly-above-turtle
backport/docs/blake/fix-spelling-errors-aug23/partially-equal-haddock
backport/docs/capigw-0.3/carefully-sharp-rattler
backport/docs/capigw-0.3/correctly-peaceful-muskrat
backport/docs/capigw-tech-spec-update/explicitly-renewing-badger
backport/docs/capigw-tech-spec-update/formerly-awaited-elf
backport/docs/capigw-typos-usage/socially-needed-dodo
backport/docs/ce-514-envoy-constraints/publicly-modern-sturgeon
backport/docs/change-backendRefs-api-group/largely-working-woodcock
backport/docs/clarify-connect-language-2/humbly-native-spaniel
backport/docs/clarify-license-behavior-on-restart/morally-ready-monkey
backport/docs/clarify-snapshot-restore-version-restriction/blindly-sure-buffalo
backport/docs/clarify-snapshot-restore-version-restriction/firstly-endless-eagle
backport/docs/clarify-vault-ca-provider-permissions-needed/optionally-hardy-emu
backport/docs/cluster-peering-parameter-fixes/yearly-flowing-arachnid
backport/docs/common-errors/amazingly-golden-pony
backport/docs/config-enable-debug/broadly-loving-tomcat
backport/docs/config-enable-debug/conversely-positive-goblin
backport/docs/config-enable-debug/endlessly-probable-manatee
backport/docs/config-enable-debug/willingly-master-sloth
backport/docs/consistency-mode-improvements/annually-united-iguana
backport/docs/consistency-mode-improvements/implicitly-smart-jaguar
backport/docs/consistency-mode-improvements/mildly-wanted-slug
backport/docs/consistency-mode-improvements/nationally-key-swan
backport/docs/consistency-mode-improvements/slowly-mint-bull
backport/docs/consistency-mode-improvements/willingly-sterling-bluegill
backport/docs/correct-1.10.x-upgrade-path/hardly-ultimate-leopard
backport/docs/crossref-maint-mode-from-health-checks/explicitly-renewed-owl
backport/docs/deemphasize-token-query-param/reasonably-amusing-impala
backport/docs/dyu-compat-matrix/positively-funky-dory
backport/docs/enterprise-feature-table/recently-upright-lemur
backport/docs/external-crd-fix/accurately-talented-cobra
backport/docs/fips-cluster-peering/repeatedly-evolved-stallion
backport/docs/fix-api-landing-page-typos/curiously-eminent-quail
backport/docs/fix-bad-links-service-defaults-ref/evenly-causal-buzzard
backport/docs/fix-bad-links-service-defaults-ref/hardly-related-llama
backport/docs/fix-bad-links-service-defaults-ref/supposedly-selected-arachnid
backport/docs/fix-broken-links-8-18/cleanly-wired-honeybee
backport/docs/fix-broken-links-8-18/conversely-gentle-swan
backport/docs/fix-consul-ecs-tf-path/cleanly-happy-newt
backport/docs/fix-k8s-crd-example-configs/naturally-capital-bobcat
backport/docs/fix-k8s-crd-example-configs/seriously-real-cricket
backport/docs/fix-node-lookup-by-removing-tag/moderately-brave-barnacle
backport/docs/flag-ent-features-1.17/marginally-stirred-crappie
backport/docs/fox-peering-metrics-labels-table/conversely-capital-yak
backport/docs/fox-peering-metrics-labels-table/quietly-ready-louse
backport/docs/initial-multiport-fixes/constantly-thorough-pheasant
backport/docs/invoke-services-from-lambda/severely-useful-katydid
backport/docs/invoke-services-from-lambda/vigorously-generous-treefrog
backport/docs/jwt-auth-fixes/poorly-suited-pelican
backport/docs/k8s-1-14-releasenotes/widely-organic-wahoo
backport/docs/k8s-acl-fix/repeatedly-solid-cricket
backport/docs/k8s-federation-requirements/constantly-vocal-cougar
backport/docs/k8s-federation-requirements/finally-lenient-cub
backport/docs/k8s-federation-requirements/friendly-prompt-jay
backport/docs/k8s-federation-requirements/rapidly-resolved-doberman
backport/docs/k8s-federation-requirements/surely-eminent-tomcat
backport/docs/k8s-tgw-tutorial-role-id-fix/duly-known-shad
backport/docs/k8s-tgw-tutorial-role-id-fix/seemingly-social-chow
backport/docs/k8s-tgw-tutorial-role-id-fix/severely-innocent-mosquito
backport/docs/lkysow/prepare-dataplane-upgrade/deeply-joint-herring
backport/docs/lkysow/verify-outgoing/luckily-viable-anchovy
backport/docs/lkysow/verify-outgoing/sincerely-expert-buck
backport/docs/lkysow/verify-outgoing/strictly-well-sheepdog
backport/docs/manage-traffic-link-fix/hardly-together-salmon
backport/docs/mgw-primary-upgrade/poorly-sincere-rattler
backport/docs/multi-port-v1-17-ga/hopelessly-premium-ostrich
backport/docs/multiport-hcp-update/seemingly-valid-jaybird
backport/docs/new-vault-connect-ca-permissions-needed/happily-knowing-sponge
backport/docs/new-vault-connect-ca-permissions-needed/miserably-fun-drum
backport/docs/note-about-connect-service-upstream-env-var/certainly-helped-horse
backport/docs/note-about-connect-service-upstream-env-var/lively-exciting-reptile
backport/docs/nrichu-hcp-doc-patch/jolly-poetic-rat
backport/docs/page-descs-for-CLI/early-ample-basilisk
backport/docs/page-descs-for-CLI/implicitly-precious-calf
backport/docs/patch-release/constantly-teaching-giraffe
backport/docs/peering-api-update/amazingly-chief-mosquito
backport/docs/redirect-acl-system-page/rapidly-awaited-bluegill
backport/docs/redirect-acl-system-page/similarly-smiling-kodiak
backport/docs/remove-comparisons-from-ref-docs/definitely-direct-hyena
backport/docs/remove-empty-codeblockconfig-elements/daily-viable-oryx
backport/docs/remove-empty-codeblockconfig-elements/severely-merry-newt
backport/docs/restore-missing-config-content/curiously-evolving-snail
backport/docs/restore-missing-config-content/eminently-definite-tick
backport/docs/scale-typo/early-set-drum
backport/docs/scale-typo/mostly-verified-werewolf
backport/docs/search-metadata-headers/supposedly-eternal-ox
backport/docs/single-dc-multi-k8s/weekly-humorous-cricket
backport/docs/tutorial-refresh-support/mostly-settled-alien
backport/docs/tutorial-refresh-support/yearly-integral-clam
backport/docs/update-acl-docs/locally-happy-wasp
backport/docs/update-acl-docs/publicly-up-pony
backport/docs/update-consul-k8s-nginx-ingress-controller-example/sadly-inviting-pika
backport/docs/uri-decode-resource-names-for-http-api/early-neat-pipefish
backport/docs/uri-decode-resource-names-for-http-api/fairly-busy-mouse
backport/docs/use_values_yaml_everywhere/broadly-pro-possum
backport/docs/use_values_yaml_everywhere/clearly-frank-bonefish
backport/docs/wal-fix/certainly-romantic-parrot
backport/docs/what-is-consul-devdot-update/mutually-pleasing-insect
backport/docs_discovery_typo/jointly-happy-crane
backport/docs_update_helm_docs_vault_synccatalog/fairly-saved-filly
backport/dstough/GH-12628-multiple-https-ingress-services/distinctly-charming-stork
backport/dstough/GH-12628-multiple-https-ingress-services/yearly-accepted-pipefish
backport/dstough/add-noop-jobs-for-branch-protect/formerly-moving-monkey
backport/dstough/add-noop-jobs-for-branch-protect/uniformly-ideal-stallion
backport/dstough/add-noop-jobs-for-branch-protect/wildly-tight-ladybird
backport/dstough/fix-metrics-false-positive/ghastly-up-mole
backport/dstough/fix-metrics-false-positive/implicitly-integral-leech
backport/dyu/dns-port/manually-light-ant
backport/dyu/dns-port/typically-creative-hermit
backport/dyu/gh-pr-workflow/definitely-relaxed-mollusk
backport/dyu/jobs-pr-feedback/mildly-immune-hyena
backport/dyu/jobs-pr-feedback/presumably-composed-wildcat
backport/dyu/multi-port/greatly-musical-lab
backport/dyu/network-segments/loudly-tops-tadpole
backport/dyu/network-segments/specially-prepared-mammoth
backport/dyu/readme/globally-concise-oarfish
backport/dyu/ubi/carefully-funky-bonefish
backport/dyu/ubi/completely-neat-cobra
backport/dyu/ubi/finally-growing-grub
backport/dyu/ubi/optionally-content-bug
backport/dyu/ubi/ultimately-singular-leech
backport/eculver/fix-pkg-name/firmly-holy-sole
backport/eculver/fix-pkg-name/mainly-modern-elk
backport/eculver/update-nomad-integ-tests/needlessly-saved-collie
backport/eculver/update-nomad-integ-tests/nicely-fresh-bullfrog
backport/ent-port-upgrade-tests-flatten/early-precious-treefrog
backport/envoy-bootstrap-log-fix/infinitely-communal-midge
backport/envoy-bootstrap-logging/enormously-outgoing-martin
backport/exported_services_cli_and_docs/rc1
backport/f/metrics-collector-rename/achooo
backport/f/metrics-collector-rename/highly-clean-elf
backport/feature/hcp-telemetry/personally-central-caribou
backport/file-system-certificate/formally-top-minnow
backport/fix-changelog-check/blindly-pumped-shrimp
backport/fix-changelog/nearly-grown-kangaroo
backport/fix-doc/physically-growing-doberman
backport/fix-ent-merge/enormously-close-sculpin
backport/fix-error-msg-fmt/normally-allowed-redbird
backport/fix-flaky-integ-test-ingress/commonly-strong-cow
backport/fix-flaky-integ-test-ingress/noticeably-unified-dane
backport/fix-flaky-integ-test-ingress/preferably-feasible-rattler
backport/fix-gRPC-limit-peering/especially-premium-asp
backport/fix-home-link/wholly-regular-bengal
backport/fix-integ-flakiness/accurately-cunning-cardinal
backport/fix-integ-flakiness/precisely-simple-quagga
backport/fix-issuer-growing-list-maybe-from-vault/barely-still-aardvark
backport/fix-issuer-growing-list-maybe-from-vault/blindly-adequate-bluebird
backport/fix-issuer-growing-list-maybe-from-vault/uniquely-master-falcon
backport/fix-merge-config-entry/badly-eternal-bonefish
backport/fix-merge-config-entry/carefully-open-stingray
backport/fix-role-linked-token-list/blindly-trusted-glowworm
backport/fix-submat-view-bug/physically-stirring-zebra
backport/fix-unremoved-service-mesh-gateway/primarily-growing-wren
backport/fix_altdomain_dcname_overlap/loudly-definite-dingo
backport/fix_altdomain_dcname_overlap/mistakenly-ready-hog
backport/fix_altdomain_dcname_overlap/thoroughly-daring-mule
backport/fix_docs_conflict_leftovers/highly-sweet-whale
backport/gateway-upstream-disambiguation-ce/strictly-pleasant-mule
backport/gh-13169-show-leader-metrics/fairly-worthy-redbird
backport/gh-13169-show-leader-metrics/formally-pleasing-pigeon
backport/gh-13169-show-leader-metrics/inherently-wealthy-lab
backport/gh-13169-show-leader-metrics/legally-winning-joey
backport/gh-14341-txn-struct/randomly-noted-piglet
backport/gh-17320-update-metrics-doc/probably-promoted-lynx
backport/gh-18152-members-filter-dc/firstly-ideal-maggot
backport/gha-concurrency/finally-exciting-filly
backport/gha-concurrency/honestly-live-sailfish
backport/gha-concurrency/largely-gentle-crab
backport/gha-concurrency/mildly-great-unicorn
backport/hans/add_new_field_to_bootstrap_config_and_push_state/primarily-sweeping-tapir
backport/hans/add_new_field_to_bootstrap_config_and_push_state/sadly-eminent-man
backport/import-filter
backport/import-filter-v2
backport/improve_ci_run_time/miserably-glowing-boa
backport/integ-test-upgrade-test/truly-becoming-mule
backport/integ-test-use-asserter/internally-cheerful-mullet
backport/ishustava/1.14-agentless-docs-updates/internally-star-beetle
backport/ishustava/NET-3995-computed-proxy-config/slightly-cheerful-kangaroo
backport/ishustava/NET-5377-sidecar-proxy-ctrl-improvements/oddly-talented-sole
backport/issue-17886-expose-certs/definitely-wise-sturgeon
backport/jer/cc6039-policy-desc/adversely-sought-ladybird
backport/jer/cc6039-policy-desc/multiply-native-bird
backport/jer/ccm-read-only/lightly-worthy-sawfish
backport/jer/ccm-read-only/unlikely-glad-snapper
backport/jer/cloud-docs/briefly-adequate-filly
backport/jer/cloud-docs/gratefully-stunning-frog
backport/jjti/fix-hcp-client-logs/commonly-desired-antelope
backport/jjti/fix-hcp-client-logs/evenly-clean-slug
backport/jjti/fix-hcp-client-logs/happily-charmed-jawfish
backport/jjti/fix-hcp-client-logs/infinitely-decent-ibex
backport/jjti/fix-hcp-client-logs/presently-free-roughy
backport/jjti/fix-hcp-client-logs/visually-secure-spaniel
backport/jjti/fix-hcp-export-logger/intensely-growing-horse
backport/jjtimmons/reduce-export-freq/hardly-generous-martin
backport/jjtimmons/reduce-export-freq/safely-frank-mudfish
backport/jkirschner-hashicorp-patch-1/reasonably-devoted-pheasant
backport/jkirschner-hashicorp-patch-3/seriously-living-squirrel
backport/jm/0.44.0/wholly-saving-flea
backport/jm/3372/freely-intimate-gannet
backport/jm/3372/freely-singular-dingo
backport/jm/NET-3692/strangely-solid-owl
backport/jm/NET-5397/violently-choice-perch
backport/jm/NET-6081/equally-complete-thrush
backport/jm/NET-6944/clearly-winning-fly
backport/jm/NET-6944/subtly-adequate-gopher
backport/jm/NET-7025/commonly-saved-glowworm
backport/jm/NET-7025/implicitly-optimal-drum
backport/jm/NET-7025/pleasantly-balanced-sole
backport/jm/ba/sadly-tolerant-wombat
backport/jm/ba/usually-promoted-tapir
backport/jm/deep-copy-lint-enums/gladly-fine-pegasus
backport/jm/endpoint-result/yearly-better-sunfish
backport/jm/go-tests-notify-3/allegedly-trusting-moose
backport/jm/go-tests-notify-3/genuinely-pumped-glowworm
backport/jm/go-tests-notify-3/luckily-tough-platypus
backport/jm/go-tests-notify-3/nicely-electric-calf
backport/jm/local-app-protocol-test/hardly-noble-aardvark
backport/jm/macos-arm64/actively-improved-dinosaur
backport/jm/no-parallel-dns-tests/sharply-true-tetra
backport/jm/no-parallel-dns-tests/tightly-liberal-emu
backport/jm/no-parallel-dns-tests/ultimately-accurate-sponge
backport/jm/no-parallel-dns-tests/willingly-adjusted-mallard
backport/jm/remove-compat-test-splitting/honestly-outgoing-calf
backport/jm/remove-compat-test-splitting/rationally-wondrous-krill
backport/jm/remove-tests-skipping/finally-romantic-anteater
backport/jm/remove-tests-skipping/physically-enough-molly
backport/jm/remove-tests-skipping/typically-credible-bug
backport/jm/rmv-test-integrations/probably-topical-shrimp
backport/jm/test-integrations/clearly-curious-liger
backport/jm/ui-main/openly-ace-mole
backport/jm/vault-docs-redesign/indirectly-logical-monitor
backport/jm96441n/normalize-status-conditions/implicitly-mighty-racer
backport/jwt-warning-docs/completely-poetic-herring
backport/jwt-warning-docs/uniquely-organic-muskox
backport/kisunji/NET-4766-vault-ca-bug-fix/inherently-harmless-louse
backport/kisunji/NET-4766-vault-ca-bug-fix/really-leading-tick
backport/kisunji/NET-4766-vault-ca-bug-fix/secondly-first-mullet
backport/kisunji/cleanup-resources/secondly-devoted-longhorn
backport/kisunji/cleanup-resources/solely-moved-dodo
backport/kisunji/controller-test-fix/internally-artistic-buzzard
backport/kisunji/ent-label-ratelimit/normally-casual-sparrow
backport/kisunji/fix-flakes/firstly-desired-dove
backport/kisunji/fix-flakes/formally-giving-goldfish
backport/kisunji/fix-flakes/honestly-bright-dove
backport/kisunji/fix-permissive-envoy-ext/lately-ideal-calf
backport/kisunji/fix-permissive-envoy-ext/unduly-set-ram
backport/kisunji/fix-test/admittedly-valid-ray
backport/kisunji/fix-test/blatantly-prime-loon
backport/kisunji/fix-test/entirely-major-chigger
backport/kisunji/nomad-docs/hugely-concise-crawdad
backport/kisunji/nomad-docs/weekly-hip-starling
backport/kisunji/peering-tproxy-docs/truly-dominant-sawfly
backport/kisunji/update-hcp-scada-provider/socially-wise-silkworm
backport/kisunji/vault-ca-clean-unused-issuers/curiously-neat-tarpon
backport/kisunji/vault-ca-clean-unused-issuers/hugely-eminent-monster
backport/kisunji/vault-ca-clean-unused-issuers/rapidly-smart-sunbird
backport/kisunji/vault-ca-fixes/awfully-smooth-katydid
backport/kisunji/vault-ca-fixes/fully-electric-phoenix
backport/krastin/docs/improve-license/mostly-polite-turtle
backport/krastin/vault-for-consul/clearly-main-molly
backport/krastin/vault-for-consul/factually-enough-buck
backport/krastin/vault-for-consul/indirectly-mint-bison
backport/krastin/vault-for-consul/noticeably-awaited-chamois
backport/krastin/vault-for-consul/thankfully-big-condor
backport/krastin/website/telemetry-labels/duly-firm-toucan
backport/licensing-exp-v2-docs/optionally-allowed-whippet
backport/link-to-hcp-modal-error-when-acls-disabled/severely-cool-sparrow
backport/lorna/cc-6925/hcp-tls/immensely-dear-grouper
backport/lorna/cc-6925/hcp-tls/monthly-correct-buck
backport/loshz-patch-1/friendly-touched-killdeer
backport/loshz/NET-3029-fix/constantly-romantic-fox
backport/loshz/NET-3029-fix/radically-relaxing-robin
backport/ma/vault-namespace-intermediate-provider-v2/positively-unified-aardvark
backport/ma/x-forwarded-client-cert-docs-fix/extremely-definite-shark
backport/ma/x-forwarded-client-cert-docs-fix/repeatedly-fluent-filly
backport/main/strangely-tops-wombat
backport/malizz-validate-name-on-dlt-proxy-defaults/seriously-eager-werewolf
backport/mixed-service-topology/accurately-nearby-falcon
backport/mixed-service-topology/physically-large-griffon
backport/more-xds-races-and-panics/visually-tidy-crow
backport/natemollica-nm-server-workload-telemetry-update/apparently-immune-oriole
backport/natemollica-nm-server-workload-telemetry-update/hopelessly-modest-lark
backport/natemollica-nm-server-workload-telemetry-update/secondly-massive-kiwi
backport/nathancoleman-patch-1/badly-pro-pug
backport/nathancoleman-patch-1/distinctly-growing-parakeet
backport/nathancoleman-patch-1/ghastly-endless-lioness
backport/nathancoleman-patch-1/instantly-premium-sturgeon
backport/nathancoleman-patch-1/lightly-intimate-labrador
backport/nd/net-4931-l7/endlessly-intimate-reindeer
backport/net-4786/mesh-strict-dns/conversely-climbing-aphid
backport/net-bind-service/evenly-sharp-hornet
backport/nfi-net5476-nightly-peering-integ/horribly-enough-piranha
backport/nia/beta-docs-0.6.0/actively-tidy-mantis
backport/nia/beta-docs-0.6.0/evenly-humble-ray
backport/nia/docs-0.7.0/rarely-dear-finch
backport/nicoleta-k8s-annotations/shortly-rested-duckling
backport/nightly-slack-notification/daily-rich-wren
backport/nightly-slack-notification/legally-smart-terrier
backport/operator-usage-docs/definitely-curious-gecko
backport/partition-cli-acl-info-and-api-crossref/hopefully-able-urchin
backport/patch-1/actually-sharing-chigger
backport/patch-1/arguably-special-marlin
backport/patch-1/briefly-merry-mantis
backport/patch-1/correctly-cheerful-anchovy
backport/patch-1/easily-cheerful-dingo
backport/patch-1/forcibly-shining-javelin
backport/patch-1/formally-happy-dane
backport/patch-1/humbly-helpful-poodle
backport/patch-1/legally-massive-flounder
backport/patch-1/likely-next-halibut
backport/patch-1/loudly-up-hippo
backport/patch-1/noticeably-desired-seal
backport/patch-1/primarily-infinite-asp
backport/patch-1/properly-polished-condor
backport/patch-1/severely-ruling-mouse
backport/patch-1/socially-better-stork
backport/patch-1/tightly-endless-javelin
backport/patch-1/verbally-glad-killdeer
backport/peering/re-establish-terminated/immensely-active-beetle
backport/peering/term-delete/thoroughly-tough-snipe
backport/proxy-register-port-race-2/deeply-warm-man
backport/proxy-register-port-race-2/hugely-whole-hippo
backport/raft-1.5.0-pipeline-fix/extremely-eager-chamois
backport/raft-fix-nonvoter/evenly-pro-cod
backport/rboyer/deployer-makefile/early-steady-sloth
backport/rboyer/fix-drift/singularly-glad-locust
backport/release/1.18.0-followup
backport/releng/remove-duplicate-ubi/mainly-sterling-bulldog
backport/releng/remove-duplicate-ubi/singularly-leading-finch
backport/remove-CONSUL_HCP_LINK_ENABLED-flag/scarcely-precise-silkworm
backport/remove-unused-are-hosts-set-check/loudly-sweet-dingo
backport/revert-17166-jm/remove-compat-test-splitting/reliably-lenient-roughy
backport/ronald/fix-docs-typo/uniformly-teaching-martin
backport/sarahalsmiller-timeoutbehaviormutation/only-native-cow
backport/security-coredns-fix/1.15.x
backport/security-coredns-fix/1.16.x
backport/security-coredns-fix/1.17.x
backport/set-product-version/enormously-glad-titmouse
backport/set-product-version/infinitely-awaited-halibut
backport/set-product-version/instantly-direct-kitten
backport/spatel/NET-1646-add-max-ejection-percent/rarely-working-guinea
backport/spatel/busl-2024/correctly-picked-buffalo
backport/spatel/busl-2024/entirely-closing-dove
backport/spatel/busl-2024/namely-saved-squid
backport/spatel/emit-consul-version-periodically/kindly-close-wasp
backport/spatel/emit-consul-version-periodically/mentally-choice-bug
backport/spatel/list-default-peername/endlessly-moral-krill
backport/spatel/oss_to_ce/highly-moral-spider
backport/spatel/oss_to_ce/mentally-well-moccasin
backport/spatel/oss_to_ce/obviously-proud-fish
backport/support-fossa-scanning/actually-nearby-bream
backport/support-fossa-scanning/allegedly-fleet-donkey
backport/support-fossa-scanning/externally-darling-dane
backport/support-fossa-scanning/separately-exact-marlin
backport/tauhid621/exported_services_api_grpc/literally-cuddly-gecko
backport/tauhid621_exported_services_docs_and_cli/normally-positive-lionfish
backport/tauhid621_exported_services_docs_and_cli/specially-blessed-longhorn
backport/test_skip_ci/literally-cuddly-woodcock
backport/test_skip_ci/usually-glowing-fowl
backport/test_skip_ci/widely-normal-platypus
backport/tgate-http2-upstream/merely-civil-mouse
backport/troubleshoot-ports
backport/ui/CC-7062-get-back-metrics-test-with-updated-selector-upd/broadly-diverse-bear
backport/ui/NET-438-add-ent-version-suffix/actively-faithful-walleye
backport/ui/NET-438-add-ent-version-suffix/privately-inspired-escargot
backport/ui/bug/fix#18406/promptly-choice-goose
backport/ui/bug/fix#18406/roughly-credible-llama
backport/ui/bugfix/icon-tweaks/wrongly-quick-sunbird
backport/ui/feature/hcp/absolutely-mighty-mastiff
backport/ui/feature/make-global-read-only-policy-non-editable/frequently-crack-mouse
backport/ui/feature/make-global-read-only-policy-non-editable/infinitely-related-hornet
backport/ui/feature/make-global-read-only-policy-non-editable/instantly-hardy-chamois
backport/update-apigw-version/annually-renewing-whippet
backport/update-apigw-version/commonly-noted-vervet
backport/update-docs-for-splitting/primarily-smashing-halibut
backport/update-e2e-tests-for-namespaces/wholly-daring-porpoise
backport/update-ent-license-link/exactly-bold-hyena
backport/update-envoy/merely-stunning-doberman
backport/update-exported-services-compat-triggers/immensely-humble-labrador
backport/update_docs_multicluster_k8s/admittedly-decent-grubworm
backport/update_docs_multicluster_k8s/hideously-epic-tiger
backport/upgrade-test-targetImage/enormously-endless-bluegill
backport/upgrade-test-targetImage/generally-guiding-horse
backport/upgrade-testcontainer-version/pleasantly-moved-penguin
backport/upgrade-to-node-18/rationally-fancy-flamingo
backport/upstream-oss-merge/briefly-guided-quagga
backport/vault-compatability-consul-pki-token/arguably-cool-silkworm
backport/vault-compatability-consul-pki-token/incredibly-discrete-lamprey
backport/vault-compatability-consul-pki-token/lightly-arriving-cattle
backport/vault-compatability-consul-pki-token/terribly-grand-tetra
backport/vault-compatability-consul-pki-token/usefully-ethical-kiwi
backport/zalimeni/alemuro/3101-support-statefulset-pvc-retain--docs/logically-complete-krill
backport/zalimeni/feature/net-1151-l7-intentions-security-fixes--api-docs-1.19
backport/zalimeni/fix-submodule-versions-latest/thankfully-funny-colt
backport/zalimeni/k8s-1.4.0-docs-feedback/willingly-strong-pony
backport/zalimeni/net-3900-fix-tproxy-extension-panic/slowly-blessed-moray
backport/zalimeni/net-4904-bump-envoy-versions-docs/normally-endless-wren
backport/zalimeni/net-5146-bump-go-net_http-cve/externally-innocent-maggot
backport/zalimeni/net-5163-prioritize-by-locality-test/pleasantly-central-chow
backport/zalimeni/net-5163-prioritize-by-locality-test/primarily-harmless-marmoset
backport/zalimeni/net-5163-prioritize-by-locality-test/ultimately-related-drum
backport/zalimeni/net-5163-prioritize-by-locality-test/verbally-suited-aphid
backport/zalimeni/net-5217-derive-proxy-locality-from-parent-service-oss/absolutely-pumped-adder
backport/zalimeni/net-5622-consolidate-envoy-version-mgmt/similarly-crisp-mako
backport/zalimeni/net-6725-fix-sidecarproxycontroller-flake/literally-on-raven
backport/zalimeni/net-6725-fix-sidecarproxycontroller-flake/primarily-logical-stingray
backport/zalimeni/net-6741-add-make-target-dependency-update-modules/entirely-genuine-koi
backport/zalimeni/net-6741-add-make-target-dependency-update-modules/partly-welcome-unicorn
backport/zalimeni/net-7713-v2-docs-virtual-port-ref-k8s--1.18.0
backport/zalimeni/net-9224-bump-go-1.21.10/uniquely-bold-jackal
backport/zalimeni/test-bpa-0.4.1/urgently-accepted-snipe
backport/zalimeni/upgrade-vault-remove-go-jose.v2/extremely-feasible-rat
backport/zalimeni/upgrade-vault-remove-go-jose.v2/privately-square-walrus
backport/zalimeni/upgrade-vault-remove-go-jose.v2/usually-quality-locust
backport/zalimeni/use-go-version-file/firmly-tops-chow
backport/zalimeni/use-go-version-file/marginally-modest-condor
backport/zalimeni/use-go-version-file/sincerely-native-man
backup-windows-integration-27th-june
backup_grafana-dashboards
banks-patch-1
blake/1.11-oidc-ui-nspace-fix
blake/fix-kv-import-folder-prefix-10906
blake/ingress-no-dnsname-port-gh-11092
blake/support-qname-minimization-6579
blake/v1.8.0-ingress-websocket-fix
bny-custom-04052021
boruszak/docs-stable-merge
boxofrad/autoreload-merge
boxofrad/backend-list-by-owner
boxofrad/better-vault-error-logging
boxofrad/controller-api-spike
boxofrad/extract-type-registration
boxofrad/fix-changelog-pr-links
boxofrad/rename-master-acl-tokens-internally
boxofrad/resource-service-client
boxofrad/spike-catalog-write-rate-limit
boxofrad/spike-resource-http
boxofrad/spike-server-resource
boxofrad/spike-version-translation
boxofrad/streaming-contention-close-in-goroutine
boxofrad/streaming-contention-experiment
boxofrad/streaming-contention-next-fast-path
boxofrad/streaming-contention-semaphore-wakeup
boxofrad/streaming-contention-simple-semaphore
boxofrad/upgrade-grpc
brk.check-link-follow-redirect
brk.feat/mdx-v2
bug-service-defaults-override-by-proxy-defaults
build-darwin-ubuntu
bump-api
bump/go-and-envoy/rc1.20
case-insensitive-node-names-acl-checks
catalog-service-list-filter
catalog_node_watch_fix
cc-4931/nick-refactor
cc-7178-skip-flakey-test-in-navigation
changes-to-ui-folder-test
checkpoint_telemetry_poc
cherry-pick-fix
cherry-pick-merge
ci/main-assetfs-build
ci/update-security-scanner-token
clarify-connect-language-in-cli-help-text
clarify-hcl-cli
clly/upgrade-vault-api
cluster-peering-partitions
code-organization
commontopo-better
community-12079
compliance/add-headers
computed-gateway-routes-spike
config-issue-616
config_replication_id
consistent-error-handling
consul-docs-ia-redesign
consul-docs-ia-redesign-v2
consul-vs-comp
container-test-speedup
controller-cache
copy-working-file
core-multiport-fixes
correct-acl-hash-replication
crt-consul-migration
crt-migration-build-flags
cts-deprecate-port-option
cts-ls-test-docs
cts-pan-ngfw
dan/1.19.0/changelog-update
dans/NET-1154/persist-ca-updates-in-peering
dans/NET-3917/initial-fetch-timeout-permafix
dans/NET-7910/v2-dns-enable-peering
dans/fic-https-basic-test
dans/fix-compat-test-access-logs
dans/make-peer-name-uniform
dans/remove-multiport-docs
dans/remove-ws-from-jira-gha
dans/skaffold-experiment
dans/test-pr-labeler
dans/that-time-dan-broke-consul
david-yu-admin-partitions
david-yu-bug-report
david-yu-bump-envoy
david-yu-cluster-peering-docs-1-12
david-yu-edit-pr
david-yu-patch-1
david-yu-patch-2
david-yu-release-note
david-yu-v2-update
debug-1.16-api
debug-sdk
debugging-jm/NET-6294
debugging-jm/NET-6294-deepcopy
deepcopy-gatewaycontroller
dep/raft-boltdb
dependabot/github_actions/actions/setup-go-5.1.0
dependabot/github_actions/browser-actions/setup-chrome-1.7.2
dependabot/github_actions/docker/setup-qemu-action-3.2.0
dependabot/github_actions/golangci/golangci-lint-action-6.1.1
dependabot/github_actions/slackapi/slack-github-action-2.0.0
dependabot/go_modules/github.com/aliyun/alibaba-cloud-sdk-go-1.63.53
dependabot/go_modules/github.com/aws/aws-sdk-go-1.44.128
dependabot/go_modules/github.com/hashicorp/go-sockaddr-1.0.7
dependabot/go_modules/github.com/hashicorp/hcp-sdk-go-0.123.0
dependabot/go_modules/github.com/hashicorp/raft-1.7.1
dependabot/go_modules/github.com/hashicorp/raft-boltdb/v2-2.3.0
dependabot/go_modules/github.com/olekukonko/tablewriter-0.0.5
dependabot/go_modules/go.opentelemetry.io/otel/metric-1.32.0
dependabot/go_modules/golang.org/x/oauth2-0.24.0
dependabot/go_modules/gotest.tools/v3-3.5.1
dependabot/go_modules/k8s.io/apimachinery-0.31.3
dependabot/go_modules/test-integ/github.com/docker/docker-25.0.6incompatible
dependabot/go_modules/test/integration/consul-container/github.com/docker/docker-25.0.6incompatible
dependabot/go_modules/test/integration/consul-container/github.com/opencontainers/runc-1.1.14
dependabot/npm_and_yarn/ui/cross-spawn-6.0.6
dependabot/npm_and_yarn/ui/elliptic-6.6.0
dependabot/npm_and_yarn/ui/express-4.20.0
dependabot/npm_and_yarn/ui/follow-redirects-1.15.6
dependabot/npm_and_yarn/ui/rollup-2.79.2
dependabot/npm_and_yarn/ui/webpack-5.94.0
dependabot/npm_and_yarn/website/husky-9.1.7
dependabot/npm_and_yarn/website/next-15.0.3
dependabot/npm_and_yarn/website/prettier-3.3.3
derekm/NET-6565/release-1.15.3-wpac
derekm/improve-vip-lookups
derekm/xds-use-same-http-protocol-downstream-to-localapp
dhia/ca-cas-config-refactor
dhiaayachi/NET-4926-v1-ns-delete
dhiaayachi/NET-5519-ns-bridge-2
dhiaayachi/fix-trustbundle-peers
dhiaayachi/go-toolchain
dhiaayachi/raft-wal-backend-as-default
dhiaayachi/raft-wal-backend-as-default-code
disable-flaky
disco-retain-details
dl-license
dnephin/acl-resolve-token-4
dnephin/acl-resolve-token-5
dnephin/acl-resolver-6
dnephin/acl-resolver-7
dnephin/agent-setup-user-event-handler
dnephin/ca-cluster-id
dnephin/ca-cluster-id-2
dnephin/ca-manager-move-to-new-package
dnephin/ca-manager-move-to-new-package-2
dnephin/ca-remove-unused-fields
dnephin/catalog-service-list-filter
dnephin/ci-handle-ent-differences
dnephin/cleanup-ae
dnephin/cleanup-ae-2
dnephin/cleanup-ae-3
dnephin/conn-pool-docs
dnephin/deprecate-verify-incoming
dnephin/docs-day-acl-move-config-ref
dnephin/docs-day-acl-move-rules-table
dnephin/docs-day-acl-overview
dnephin/docs-more-details-about-vault-provider
dnephin/enable-logging-color
dnephin/fix-serf-tag-data-race
dnephin/http-struct-interfaces
dnephin/move-dns-server-to-apiServers
dnephin/prefix-overlap-watches
dnephin/remove-lib-translate-keys-attempt-2
dnephin/rpc-metrics
dnephin/secure-defaults
dnephin/structs-proxy-defaults-remove-name-field
dns-srv-separate-tag-from-protocol
doc-clarify-version-format
doc-fix-missing-fed-methods
docs-backport-fix-er
docs-cluster-peering-technical-preview
docs-day
docs/1-17-release-notes
docs/1.17-docs-reconcile
docs/add-partition-query-api
docs/agent-config
docs/api-catalog-register-snake_case
docs/api-overview-devdot
docs/auto-cert
docs/clarify-connect-language
docs/clarify-crd-tutorial
docs/clarify-cross-partition-mgw-export-requirement
docs/clarify-network-area-mesh-gw-compatibility
docs/cli-breakout-positional-args
docs/cli-characteristics-and-crossref
docs/cluster-peering-beta
docs/cluster-peering-improvements
docs/cluster-peering-updates
docs/consul-ia-experiement-fdbk-1
docs/consul-ia-experiment
docs/consul-ia-experiment-cts-adam
docs/consul-k8s-upgrade
docs/consul-snapshot-agent-kms-policy-4369
docs/cts-zscaler-partner-guide
docs/er-404-inline-checker
docs/fix-broken-links
docs/fix-broken-links-1
docs/fix-broken-markdown-link
docs/fix-ent-dns-service-lookup-link
docs/fix-exported-services
docs/fix-release-notes-links
docs/intentions-refactor-docs-day-2022
docs/jeff-sandbox
docs/jkirschner-hashicorp-patch-1
docs/k8s-0-49-helm-docs
docs/k8s-deployment
docs/krastin/connect-serviceintentions-fixlinks
docs/krastin/nomad-for-consul
docs/manual-backport-for-LTS
docs/manual-backport-kv-page
docs/misc-fixes
docs/note-about-connect-service-upstream-env-var
docs/peer-in-dns-lookups
docs/proposed-docs-overview-pages
docs/rebackport-k8s-fed-req-failed-pick
docs/redirect-dns-docs
docs/refactor-discover-services-docs
docs/release-1.17-reconcile-1
docs/rework-service-splitter-ref-docs
docs/rework-service-splitter-ref-docs-no-objects
docs/sentence-case-titles
docs/tables-instead-of-lists
docs/update-config-entry-ref-component
docs/update-content-cluster-peering
docs/update-faq-header
docs/update-loglevel-trace
docs/update-storage-class-ref-arch
docs/update-wan-fed-mesh-gateway-guide
docs/vault-connect-ca-namespace-improvements
docs/vault-secrets-backend-limitations
docs/waf-page-migration
ds-nd/net-9016-kvdataloss
dstough/CSLC-130-restrict-terminating-gateway-access-to-tls
dstough/GH-11250-system-ca-for-tgateways
dstough/acl-for-destinations
dstough/gateway-linked-endpoint
dstough/test-endpoint-service-query
dyu-cluster-peering-fix-1-12
dyu-license
dyu-relnotes
dyu/1.15-docs
dyu/dockerfile
dyu/envoy-bump
eculver/1.12.x/latest-changelog
eculver/1.13.0-alpha1-changelog
eculver/auth-method-docs
eculver/enable-arm-verifications
eculver/envoy-1.21.1
eculver/missing-docs-changes
eculver/oss-ent/new-params
eculver/stable-website/latest-envoy-support
eculver/verifications
eculver/verify-release-artifacts
eikenb/cloudfoundry-vault-provider-auth
eikenb/matrix-integration-testing
eikenb/vault-integration-testing
eliminate-gotest.tools/v3
envoy-crash-help
envoy-ext-local-ratelimit-fix
errors/acl-agent-token-not-set
errors/acl-not-found-bootstrap-not-exist
evrowe-consul-ui-readme-update
experiment/raft-grpc
extend-retry
external-services
f-reloadable-configuration-enable-debug-backup
feature-negotiation-grpc-api
feature/acl-replication-status
feature/envoy-support-tlsv13
ffmmm/b-10871
ffmmm/default-prom-s
fix-agent-cache-leak-3
fix-broken-dockerfile-sam
fix-cherry-pick
fix-controller-watch
fix-deregister-url-service-id
fix-entpoint-get-500
fix-failing-linting-test
fix-fips-build-amd
fix-flaky
fix-flaky-peerstream-test
fix-integ-machines
fix-lambda-docs-spacing-bug
fix-lambda-l7-routing
fix-leaf-panic
fix-leaf-timeout
fix-peering-2-partitions
fix-protobuf-generation
fix-syslog
fix-tests
fix-transparent-proxy
fix/make-test-deployer
fix_k8s_helm_docs_june
fixes/helper-text-config-entry-delete
gateway-listener-binding-bugfix
gateways/typed-status-regen
gh-13491
gh-18096-fix-missing-ttl-value
gh-maxconnections-ingress-gateway
gha-basic-artifact-validation
go-action-cache
gotest-remote-cache
gotest-remote-cache-2
grpc-envoy-bootstrap-params-oss-test
grpc-tls-compat
gw-xds-handling-eventual-consistency
hack-cloudlink
hack-deploy
hack-hcp-integration-split
hackathon/consul-common-errors
hans/ccm-playground
hcp-LastContact
hcp-link-config-skeleton
hcp/expose-grpc-scada
health-prefer-connect
hk/jm/test-integrations-fix-compatibility-test
hk/jm/test-integrations-fix-upgrade-test
ignore-exported-prefix-on-cluster-metrics
im2nguyen-patch-1
improve-intention-error-messages
improve_ci_run_time
increase-maching-size
ingress-gw-tracing-config
iradix-improved
ishustava/NET-5580-bump-all-resource-versions
ishustava/auth-method-secondary-dc
ishustava/authz-types
ishustava/debug-mesh-gw-test
ishustava/dns-proxy-poc
ishustava/fix-agent-proxy-mgr-instantiation
ishustava/mesh-controller-upstream-proxy
ishustava/multi-port-test-fixes
ishustava/sidecar-proxy-controller-tproxy
ishustava/spike-agent-cache-watch
ishustava/spike-controller-leaf-cert-watch
ishustava/spike-proxy-cfg-src-v2
ishustava/test-int-tests
ishustava/v2-traffic-perms-ir-suggestions
ishustava/vault-k8s-docs
ishustava/xds-server-v2
japple-rel-notes-reorg
japple/cherry-pick-1.11.x-release-notes
jer/ccm-read-only-squashed
jer/merge-ccm-bootstrap-config
jjtimmons/backport-48c8a83
jjtimmons/backport-otel-freq-2
jjtimmons/hcp-telemetry-periodic-refresh-start-up
jjtimmons/increase-buckets
jkirschner-hashicorp-patch-2
jm-client-timeout
jm-net-5879
jm-plug
jm-plug-git
jm-plug-http
jm/0427
jm/1.19-updated-go-mods
jm/1.5-sub
jm/1.9-sub
jm/3372-2
jm/NET-3372
jm/NET-3394
jm/NET-4237
jm/NET-4739
jm/NET-4931
jm/NET-4944
jm/NET-4944-1
jm/NET-5150
jm/NET-5590-xds-server
jm/NET-5822-test
jm/NET-6294-NET-4944
jm/NET-6385-hack
jm/NET-6941
jm/NET-8431
jm/acc-tests
jm/agent-hack
jm/bpa
jm/branch-filters
jm/break-branch-protection
jm/cc
jm/checking-changes-old
jm/client-timeout
jm/client-timeout-2
jm/delete-website
jm/destination-tests-grpc
jm/empty-endpoints
jm/ent-deps
jm/ent-dev-migration
jm/explicit-based-l7
jm/fix-jwt-auth-bug
jm/fix-sw-qa
jm/gh-20360
jm/gh-call
jm/gha-recreation
jm/go-testcontainers
jm/go-tests-notify
jm/go-tests-notify-2
jm/gtsm
jm/hack
jm/hack-int
jm/hack-int2
jm/hcp-vault
jm/helm
jm/helm-updates
jm/ip-rate-limit-api
jm/mock-handler
jm/mock-handler-2
jm/move-code
jm/multi-port-integ
jm/multilimiter-memdb
jm/net-4941-leaf
jm/plug
jm/preflight
jm/release-1.18.4
jm/remove-compat-test-splitting
jm/resource-tests
jm/retract
jm/retry-on-connect-failure
jm/rmv-compat
jm/same-docker-compose
jm/snap-restore
jm/snapshot-restore-tests
jm/split-compatibility
jm/split-tests
jm/success
jm/test
jm/test-integrations-hui-test-integ
jm/test-split
jm/test-splitting
jm/ul
jm/v2-dns-v1-data-fetcher
jm/v2-examples
jm/vault-ent-license
jm/vault-gossip
jm/vault-wan-fed
jm/vault-wan-fed-2
jm/verify-linux-fix
jm96441n/manual-backport-dupe-parents
johnlanda/bench
johnlanda/trafficpermissionscontroller
jwt-multiple-virtual-hosts
k8s_healthcheck
kisunji-patch-1
kisunji/1.12.x-revert-pathescape
kisunji/1.13.x-docs-cherrypick
kisunji/1.14.x-docs-backport
kisunji/NET-1396-token-self-expanded
kisunji/NET-2590-default-intention-policy
kisunji/approval-button
kisunji/assetfs-merge-ci
kisunji/cache-fix-test
kisunji/catalog-service-list-filter
kisunji/ent-label-ratelimit
kisunji/fix-golden
kisunji/fix-stable-website
kisunji/fix-stable-website-2
kisunji/go1.17.4
kisunji/grpc-native-balancer
kisunji/kv-docs-fix
kisunji/lintest
kisunji/merge-stable-website
kisunji/merge-test
kisunji/more-ent-test-fixes
kisunji/net-6230-namespace-trafperms
kisunji/peering-bugfix-changelog
kisunji/pin-circleci-docker-version
kisunji/replace-registry-pattern
kisunji/rpc-shim
kisunji/serveraddrs-generate-token-req
kisunji/small
kisunji/small-testfix
kisunji/subloggers
kisunji/temp
kisunji/temp-rpc-deadline
kisunji/upgrade-warning
km.vercel-config
kv-1.10.8-withlogs
kv-1.14.8-withlogs
lambda-beta-docs
lambda-docs
leadership-transfer-cmd
listener-route-spike
lkysow/consul-plugin-exec
lkysow/serverless-via-metadata
lkysow/service-not-exist
lkysow/windows-tests
loadtest-test
local-mesh-gateway-pst
locality-aware-routing
lorna/cc-6925/1-15
loshz/NET-7225-peeringv2-proto-check
luoxuan00733-patch-1
m1-investigate
ma/backport-stable-website
ma/ipv6-robustness-fixes
ma/md5_fix_oss
ma/move-enterprise-meta-try2-oss
ma/resource-listing
ma/typo-fix
ma/vault-namespace-intermediate-provider
main
make-codegen
malizz/NET-1663/fix-bug
malizz/update-proto-imports-in-1.14.x
manual-backport-1.8.0-ingress-gateway
markcv-upstreamConfig-update
mathew.estafanous/dev
max-jitter
may-alignment
mesh-gateway-all-the-things
mesh-gateway-broken-all-the-things
mgw-wanfed-hard-network-partition
migrate-tests-to-use-slack-actions
mirror-to-ent
mktg-tf-b183f7b50da4e35426c936006092c7b3
more-lambda-docs-tweaks
mrktfix18
mvincent/no-freelist-logging
natemollica-nm-patch-1
natemollica-nm-patch-2
nd/bring-back-peering-ext-addr
nd/net-7510-openapi-followup-matt-poc
nd/spike-proxy-state-controller
nd/update-compat
net-5889/workloadhealth-tests
net-6138/release/1.17.x
net-6230-namespace-tp
net-6706
net-7953/adjust-computed-gateway-protos
net-7984/clusters-for-api-gateways
net-7986/routes-for-api-gateways
net-8075/certs-for-api-gateways
net-8416-add-gateway-api-request-redirect-filter
nfi-api-client-nop-write
nfi-cache-unit-test-results
nfi-fix-go-test-check
nfi-fix-test-integ-go-mod
nfi-gha-fiddling
nfi-go-test-cache
nfi-poc-gotestdoc
nfi-poc-unit-and-upgrade
nfi-poc-unit-and-upgrade-type
nfi-split-lint-from-go-tests
nia_resize_image
nickcellino/link-status
nicoleta/bum-envoy-on-1.15.x
nicoleta/bump-envoy
nicoleta/bump-envoy-on-1.18.x
no-change-cache
no-op-ron-lint
nvanthao/b-delete-config
nvanthao/b-snapshot-recovery
only_async_trigger_changes
openapi
optimized-seek-prefix-watch
origin/markcv/CSEP-157/duplicate-sidecar-port-validation
origin/markcv/update-envoy-version-doc
oss-merge-pr-branch
oss-merge-v2
oss-rename-trigger
partition/session-test-kvs-endpoint
pcmccarron-patch-1
peering-upstream-annotation
pglass/dump-aws-bearer-token
poc-alpn-glow
poc-cli-grpc
poc-httpfilter
preetha/NET-1322
promtheus_consul_version
propogate-request-time-downstream
proxycfg-deadlock
proxycfg-deadlock-2
proxycfg/init-local-gateways-map
raft-tls-include-intermediates
rboyer/add-linter-net-rpc
rboyer/deployer-with-v2-tproxy-bookmark
rboyer/fix-manual-vip-writes
rboyer/fix-v2-testing
rboyer/golden-proto-json
rboyer/hack-neo
rboyer/proxy-configuration-cache
rboyer/spike-agent-cache-watch--fork
rboyer/wrappedtypes
rboyer/xds-refactor
reach
rebase-multiport-test-fixes
refactor-add-patches
release/1.10.0
release/1.10.0-alpha
release/1.10.0-beta1
release/1.10.0-beta2
release/1.10.0-beta3
release/1.10.0-beta4
release/1.10.0-rc
release/1.10.0-rc2
release/1.10.1
release/1.10.1-beta1
release/1.10.10
release/1.10.11
release/1.10.12
release/1.10.2
release/1.10.4
release/1.10.5
release/1.10.6
release/1.10.7
release/1.10.8
release/1.10.9
release/1.10.x
release/1.11.0
release/1.11.0-alpha
release/1.11.0-beta1
release/1.11.0-beta2
release/1.11.0-beta3
release/1.11.0-rc
release/1.11.1
release/1.11.10
release/1.11.11
release/1.11.2
release/1.11.3
release/1.11.4
release/1.11.5
release/1.11.6
release/1.11.7
release/1.11.8
release/1.11.9
release/1.11.x
release/1.12.0
release/1.12.0-beta1
release/1.12.1
release/1.12.2
release/1.12.3
release/1.12.4
release/1.12.5
release/1.12.6
release/1.12.7
release/1.12.8
release/1.12.9
release/1.12.x
release/1.13.0
release/1.13.0-alpha1
release/1.13.0-alpha2
release/1.13.0-techpreview1
release/1.13.1
release/1.13.2
release/1.13.3
release/1.13.4
release/1.13.5
release/1.13.6
release/1.13.7
release/1.13.8
release/1.13.9
release/1.13.x
release/1.14.0
release/1.14.0-beta1
release/1.14.1
release/1.14.10
release/1.14.11
release/1.14.2
release/1.14.3
release/1.14.4
release/1.14.5
release/1.14.6
release/1.14.7
release/1.14.8
release/1.14.9
release/1.14.x
release/1.15.0
release/1.15.1
release/1.15.10
release/1.15.12
release/1.15.15
release/1.15.2
release/1.15.3
release/1.15.4
release/1.15.5
release/1.15.6
release/1.15.7
release/1.15.8
release/1.15.9
release/1.15.x
release/1.16.0
release/1.16.0-rc1
release/1.16.1
release/1.16.2
release/1.16.3
release/1.16.4
release/1.16.5
release/1.16.6
release/1.16.8
release/1.16.x
release/1.17.0
release/1.17.0-rc1
release/1.17.1
release/1.17.2
release/1.17.3
release/1.17.5
release/1.17.7
release/1.17.x
release/1.18.0
release/1.18.0-rc1
release/1.18.1
release/1.18.2
release/1.18.4
release/1.18.5
release/1.18.x
release/1.19.0
release/1.19.1
release/1.19.2
release/1.19.3
release/1.19.x
release/1.20.0
release/1.20.0-rc1
release/1.20.1
release/1.20.x
release/1.6.10
release/1.6.7
release/1.6.9
release/1.6.x
release/1.7.10
release/1.7.11
release/1.7.12
release/1.7.13
release/1.7.14
release/1.7.5
release/1.7.6
release/1.7.8
release/1.7.9
release/1.7.x
release/1.8.0
release/1.8.1
release/1.8.10
release/1.8.11
release/1.8.11-beta1
release/1.8.11-beta2
release/1.8.12
release/1.8.13
release/1.8.14
release/1.8.15
release/1.8.17
release/1.8.18
release/1.8.19
release/1.8.2
release/1.8.4
release/1.8.5
release/1.8.6
release/1.8.7
release/1.8.7-beta1
release/1.8.8
release/1.8.9
release/1.8.9-beta1
release/1.8.x
release/1.9.0
release/1.9.0-beta2
release/1.9.0-beta3
release/1.9.0-rc1
release/1.9.1
release/1.9.11
release/1.9.12
release/1.9.13
release/1.9.14
release/1.9.15
release/1.9.16
release/1.9.17
release/1.9.2
release/1.9.3
release/1.9.4
release/1.9.5
release/1.9.6
release/1.9.7
release/1.9.8
release/1.9.9
release/1.9.x
releng-329
remove-deprecated-peering-fields
remove-gogo-getters
remove-legacy-acl-endpoints-cli
remove-legacy-acl-vestiges
remove-references-to-consul-connect
remove-to-ingress
replace-learn-links
resource-type-gen2
resource-type-scope-gen
resource-v1
resource-v1-1.18
retry-flaky
retry-join-timeout
retry-timeout-e2e-test-NET-5208
revert-11376-leadership-transfer-onleave
revert-11692-cherry-pick-fix
revert-17760-backport/docs/lkysow-upgrade/scarcely-master-adder
revert-18796-docs/ext-authz-apigee
revert-19038-NET-5788-fix-ready-listeners-in-core
revert-20682-CC-7479-add-alert-to-link-to-hcp-modal-to-refresh-page
revert-21572-zalimeni/update-bpa
revert-version-updates
robyer/deployer-l7-split-tests
ron-test
routes-controller
sa-restructure-documentation
sar-for-unit-tests
sarah-test
sarah-test-docker-cpus
sarah/test-license-script
sarah/test-reproducible-build
scratch/data-source-metrics
security/auto-go-bump
security/ui-dependency-bump
server-rate-limit/mock-handler-2
server-rate-limit/multilimiter-lock
serverless-via-metadata
service-endpoints-id-ports
service-owner-ref
service-tags-upgrade-fix
shutdown-test-agents
silent-ui-tests
skpratt/acl-controller-test
skpratt/acl-error-debug
skpratt/resource-api-support
skpratt/temp-debug
skpratt/test-coverage-report-ci
skpratt/workload-identity
sm/add-goarm-to-main
smre-317/redhat-projectid
sp/better-make-help
spatel/NET-1847-repro
spatel/NET-3409-automate-goimports-on-commit-using-precommit
spatel/better-testlist-main
spatel/fix-typo
spatel/gci-format-all-the-things
spatel/post-release-fixups
spatel/pre-commit
spatel/sandbox
spatel/scope-required-in-registration
spatel/throwaway
spatel/throwaway-gci-results
spatel/throwaway-gci-results-2
spatel/throwaway-reviser-results
sqm
stable-website
stepbui1-patch-1
streaming-rpc
stub-api-gateway-xds
stub-v2-gateways
suppress-alpine-image-vulns
tagged-addrs
tagger-14
tauhid621/exported_services_api
tauhid621/peer_exported_services_api
temp
temp-branch
terminating-gateway-overrides
terminating-gateway-service
terminating-gateway-service-base
test-branch
test-gh-fix
test-go-build-cache
test-linter
test-no-concurrency
test-no-concurrency-full
test-no-disk
test-prepare
test/jjtimmons/hcp-telemetry
test/load-test-lambda
test/zalimeni/docs-skip-md
test/zalimeni/docs-skip-mdx
test_ci_skip
testingconsul-clean-up
tgw/resolver-query-fix
tgw/resolver-query-fix-1-10
tgw/resolver-query-fix-1-9
traffic-permissions-cache
troubleshoot/changelog
ua-test/conflict-1
udp-check
ui/CC-6137
ui/CC-7062-get-back-metrics-test-with-updated-selector
ui/CC-7062-get-back-metrics-test-with-updated-selector-for-draft
ui/CC-7062-get-back-metrics-test-with-updated-selector-upd
ui/NET-438-add-ent-version-suffix
ui/NET-438/add-ent-version-suffix
ui/NET-5414
ui/ariadne-core-ui
ui/ariadne/ui-changes
ui/backport/1.8.x/11328
ui/bugfix/2-instance-1-proxy
ui/bugfix/403-partitions-endpoint
ui/bugfix/fixup-routlets
ui/bugfix/notfound-t
ui/bugfix/spelling
ui/cc-7178-skip-flakey-test-in-navigation
ui/chore/ci/1.11.x
ui/chore/remove-tooltip-component
ui/chore/standardize-statechart-yield
ui/chore/upgrade-327
ui/chore/upgrade-ember-3-28
ui/codemirror-lint-removal
ui/copy-edits-for-built-in-policy-alert
ui/copy-link-mock-endpoint-to-prefixed-api
ui/de-lint
ui/feature/ember-update-3.28.6
ui/feature/fault-tolerance-link
ui/feature/fix-auth-method-views
ui/feature/has-peerings-class
ui/feature/ui-config-dashboard-urls
ui/feature/use-cut-list-item-for-services
ui/fix-home-link
ui/fix-mock-api-endpoint
ui/fix-tests-whoopsie
ui/node-engine
ui/remove-jsonlint-dep
ui/rm-intention-test-with-latency
ui/scratch/ci-stuff
ui/scratch/empty
ui/scratch/empty-w-route
ui/scratch/light-sshhhhh
ui/scratch/side-app-example
ui/scratch/storybook-overlord
ui/temporary-remove-tests-which-fails-on-consul-enterprise
ui/temporary-remove-token-policy-test
update-api-version
update-go-1.18.9-rboyer
update-golang-x-libs
update-link-to-documents-from-link-to-hcp-modal
update-linux-package-license
update-node-version-to-14
update-to-blessed-fork-of-mapstucture
update-upgrade-test-image
update-version-1.17
update_gen_meta
update_gen_meta-1
update_gen_meta-2
updategolangx
upgrade-1.3-dataplane-to-1.6-dataplane
upgrade-test-remove-docker-login
urldecode-url-query-params-part-1
use_values_yaml_instead_of_config_yaml
using-art-hashi
v2-backend-ref-note
v2-docstring-updates
v2-gateways-api-proto
v2-gateways-controller
v2-tproxy-container-tests
validate-decoded-helper
vanphan24-patch-1
vault-compatability-consul-pki-token
vault-nomad-version-bump
wal-docs
wan-fed-v2
wasm-filters
website/1.10.0
windows-integration-test-envoy
windows-preview
wire-up-traffic-permissions
x/bench-catalog
x/singleflight
x/streaming-v2
x/wal
xds-native-primitives-poc
xds/cds-ack
xw/NET-5725-client-refactor
xw/NET-5725-grpc-cli-clean-up
zalimeni/add-make-target-dependency-update-modules
zalimeni/api-1.23.0-release
zalimeni/api-sdk-backwards-compat-go-version-detect
zalimeni/check-go-max-procs
zalimeni/dhiaayachi/raft-wal-backend-as-default--suggestions
zalimeni/dns-recurse-only-if-enabled
zalimeni/enable-security-scans-release--test
zalimeni/feature/net-1151-l7-intentions-security-fixes--archive
zalimeni/fix-nightly-branch-sourcing-get-go-version
zalimeni/go-work
zalimeni/net-3447-reintroduce-new-extension-resources
zalimeni/net-5189-fix-any-slice-handling-repeated-fields
zalimeni/net-5586-support-virtual-port-xroute-dest
zalimeni/net-5622-consolidate-envoy-version-mgmt-1.17
zalimeni/net-5622-consolidate-envoy-version-mgmt-1.18
zalimeni/net-5622-consolidate-envoy-version-mgmt-test-1.19-nightly
zalimeni/net-5622-consolidate-envoy-version-mgmt-test-nightly-upgrade
zalimeni/net-6597-upgrade-go-jose-go-oidc
zalimeni/net-6600-remove-insecure-hash-use
zalimeni/net-9141-exclude-ce-license-ent
zalimeni/net-9229-remove-coredns-1.16
zalimeni/no-op-test-ci-1.14
zalimeni/sanitize-slack-ci-failure-input--test
zalimeni/skip-failure-notification-slack-on-cancel--test-skip-latest
zalimeni/skip-failure-notification-slack-on-cancel--test-skip-refactor
zalimeni/submodules-to-go-work
zalimeni/test-ci-skips
zalimeni/test-ent-license-exclusion
zalimeni/test-ent-license-exclusion--baseline-main
zalimeni/test-ent-license-exclusion-2
zalimeni/test/main-baseline-envoy-int-tests
zalimeni/tmp-show-least-request-prop-override-golden
zalimeni/try-go-workspace-submodules
zalimeni/update-k8s-docs-1.17.x
zalimeni/update-submodules-post-1.5.0
zalimeni/use-consul-go-version-nomad-vault-int-suite
zalimeni/verify-docker-engine-version
zs.test-mdx-fixes
zs.test-placeholder-page-removal
api/v1.0.0
api/v1.0.1
api/v1.1.0
api/v1.10.0
api/v1.10.1
api/v1.11.0
api/v1.12.0
api/v1.13.0
api/v1.13.1
api/v1.14.0
api/v1.15.0
api/v1.15.1
api/v1.15.2
api/v1.15.3
api/v1.16.0
api/v1.17.0
api/v1.18.0
api/v1.18.1
api/v1.18.2
api/v1.19.0
api/v1.19.1
api/v1.19.2
api/v1.2.0
api/v1.20.0
api/v1.21.0
api/v1.21.1
api/v1.21.2
api/v1.21.3
api/v1.21.4
api/v1.22.0
api/v1.22.0-rc1
api/v1.23.0
api/v1.24.0
api/v1.25.0
api/v1.25.1
api/v1.26.0-rc1
api/v1.26.1
api/v1.26.1-rc1
api/v1.27.0
api/v1.27.1
api/v1.27.2
api/v1.28.0
api/v1.28.0-rc1
api/v1.28.1
api/v1.28.2
api/v1.28.3
api/v1.28.4
api/v1.28.5
api/v1.29.0
api/v1.29.1
api/v1.29.2
api/v1.29.3
api/v1.29.4
api/v1.29.5
api/v1.29.5-rc1
api/v1.29.6
api/v1.3.0
api/v1.30.0
api/v1.4.0
api/v1.5.0
api/v1.6.0
api/v1.7.0
api/v1.8.0
api/v1.8.1
api/v1.9.0
api/v1.9.1
ent-changelog-1.15.11
ent-changelog-1.15.12
ent-changelog-1.15.13
ent-changelog-1.15.14
ent-changelog-1.15.15
ent-changelog-1.16.7
ent-changelog-1.16.8
ent-changelog-1.17.4
ent-changelog-1.17.5
ent-changelog-1.17.6
ent-changelog-1.17.7
ent-changelog-1.18.3
ent-changelog-1.18.4
ent-changelog-1.18.5
ent-changelog-1.19.3
envoyextensions/v0.1.0
envoyextensions/v0.1.1
envoyextensions/v0.1.2
envoyextensions/v0.2.0
envoyextensions/v0.2.1
envoyextensions/v0.2.2
envoyextensions/v0.2.3
envoyextensions/v0.2.4
envoyextensions/v0.3.0
envoyextensions/v0.3.0-rc1
envoyextensions/v0.4.0
envoyextensions/v0.4.1
envoyextensions/v0.5.0-rc1
envoyextensions/v0.5.1
envoyextensions/v0.5.1-rc1
envoyextensions/v0.5.2
envoyextensions/v0.5.3
envoyextensions/v0.5.4
envoyextensions/v0.6.0
envoyextensions/v0.6.0-rc1
envoyextensions/v0.6.1
envoyextensions/v0.6.2
envoyextensions/v0.7.0
envoyextensions/v0.7.1
envoyextensions/v0.7.2
envoyextensions/v0.7.3
envoyextensions/v0.7.4
envoyextensions/v0.7.4-rc1
envoyextensions/v0.7.5
envoyextensions/v0.7.6
internal/v0.1.0
list
proto-public/v0.1.0
proto-public/v0.1.1
proto-public/v0.2.0
proto-public/v0.2.1
proto-public/v0.3.0
proto-public/v0.4.0
proto-public/v0.4.0-rc1
proto-public/v0.4.1
proto-public/v0.5.0-rc1
proto-public/v0.5.1
proto-public/v0.5.1-rc1
proto-public/v0.5.2
proto-public/v0.5.3
proto-public/v0.5.4-rc1
proto-public/v0.6.0
proto-public/v0.6.0-rc1
proto-public/v0.6.1
proto-public/v0.6.2
proto-public/v0.6.3
sdk/v0.1.0
sdk/v0.1.1
sdk/v0.10.0
sdk/v0.11.0
sdk/v0.12.0
sdk/v0.13.0
sdk/v0.13.1
sdk/v0.14.0
sdk/v0.14.0-rc1
sdk/v0.14.1
sdk/v0.14.2-rc1
sdk/v0.14.3-rc1
sdk/v0.15.0
sdk/v0.15.1
sdk/v0.16.0
sdk/v0.16.0-rc1
sdk/v0.16.1
sdk/v0.2.0
sdk/v0.3.0
sdk/v0.4.0
sdk/v0.5.0
sdk/v0.6.0
sdk/v0.7.0
sdk/v0.8.0
sdk/v0.9.0
stable-website-pre-1.12.0-force-push
troubleshoot/v0.1.0
troubleshoot/v0.1.1
troubleshoot/v0.1.2
troubleshoot/v0.2.0
troubleshoot/v0.2.1
troubleshoot/v0.2.2
troubleshoot/v0.3.0
troubleshoot/v0.3.0-rc1
troubleshoot/v0.3.1
troubleshoot/v0.4.0-rc1
troubleshoot/v0.4.1
troubleshoot/v0.4.1-rc1
troubleshoot/v0.5.0
troubleshoot/v0.5.1
troubleshoot/v0.5.2
troubleshoot/v0.5.3
troubleshoot/v0.5.4
troubleshoot/v0.6.0
troubleshoot/v0.6.0-rc1
troubleshoot/v0.6.1
troubleshoot/v0.6.2
troubleshoot/v0.6.3
troubleshoot/v0.6.5
troubleshoot/v0.7.0
troubleshoot/v0.7.1
troubleshoot/v0.7.2
troubleshoot/v0.7.2-rc1
troubleshoot/v0.7.3
v0.1.0
v0.2.0
v0.2.1
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.5.0
v0.5.0rc1
v0.5.1
v0.5.2
v0.6.0
v0.6.0-rc1
v0.6.0-rc2
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.4-rc1
v0.6.4-rc2
v0.6.4-rc3
v0.7.0
v0.7.0-rc1
v0.7.0-rc2
v0.7.1
v0.7.2
v0.7.2-rc1
v0.7.3
v0.7.4
v0.7.5
v0.8.0
v0.8.0-rc1
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.9.0
v0.9.0-rc1
v0.9.1
v0.9.2
v0.9.3
v0.9.3-rc1
v0.9.3-rc2
v0.9.4
v1.0.0
v1.0.0-beta1
v1.0.0-beta2
v1.0.1
v1.0.1-rc1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.1.0
v1.1.1
v1.10.0
v1.10.0-alpha
v1.10.0-beta1
v1.10.0-beta2
v1.10.0-beta3
v1.10.0-beta4
v1.10.0-rc
v1.10.0-rc2
v1.10.1
v1.10.1-beta1
v1.10.10
v1.10.11
v1.10.12
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.10.7
v1.10.8
v1.10.9
v1.11.0
v1.11.0-alpha
v1.11.0-beta1
v1.11.0-beta2
v1.11.0-beta3
v1.11.0-rc
v1.11.1
v1.11.10
v1.11.11
v1.11.2
v1.11.3
v1.11.4
v1.11.5
v1.11.6
v1.11.7
v1.11.8
v1.11.9
v1.12.0
v1.12.0-beta1
v1.12.1
v1.12.2
v1.12.3
v1.12.4
v1.12.5
v1.12.6
v1.12.7
v1.12.8
v1.12.9
v1.13.0
v1.13.0-alpha1
v1.13.0-alpha2
v1.13.1
v1.13.2
v1.13.3
v1.13.4
v1.13.5
v1.13.6
v1.13.7
v1.13.8
v1.13.9
v1.14.0
v1.14.0-beta1
v1.14.1
v1.14.10
v1.14.11
v1.14.2
v1.14.3
v1.14.4
v1.14.5
v1.14.6
v1.14.7
v1.14.8
v1.14.9
v1.15.0
v1.15.1
v1.15.10
v1.15.11
v1.15.2
v1.15.3
v1.15.4
v1.15.5
v1.15.6
v1.15.7
v1.15.8
v1.15.9
v1.16.0
v1.16.0-rc1
v1.16.1
v1.16.2
v1.16.3
v1.16.4
v1.16.5
v1.16.6
v1.16.7
v1.17.0
v1.17.0-rc1
v1.17.1
v1.17.2
v1.17.3
v1.17.4
v1.18.0
v1.18.0-rc1
v1.18.1
v1.18.2
v1.19.0
v1.19.1
v1.19.2
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.20.0
v1.20.0-rc1
v1.20.1
v1.3.0
v1.3.1
v1.4.0
v1.4.0-rc1
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.0-beta1
v1.6.0-beta2
v1.6.0-beta3
v1.6.0-rc1
v1.6.1
v1.6.10
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v1.6.9
v1.7.0
v1.7.0-beta1
v1.7.0-beta2
v1.7.0-beta3
v1.7.0-beta4
v1.7.1
v1.7.10
v1.7.11
v1.7.12
v1.7.13
v1.7.14
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.7.8
v1.7.9
v1.8.0
v1.8.0-beta1
v1.8.0-beta2
v1.8.0-rc1
v1.8.1
v1.8.10
v1.8.11
v1.8.11-beta1
v1.8.11-beta2
v1.8.12
v1.8.13
v1.8.14
v1.8.15
v1.8.16
v1.8.17
v1.8.18
v1.8.19
v1.8.2
v1.8.3
v1.8.4
v1.8.5
v1.8.6
v1.8.7
v1.8.7-beta1
v1.8.8
v1.8.9
v1.8.9-beta1
v1.9.0
v1.9.0-beta1
v1.9.0-beta2
v1.9.0-beta3
v1.9.0-rc1
v1.9.1
v1.9.10
v1.9.11
v1.9.12
v1.9.13
v1.9.14
v1.9.15
v1.9.16
v1.9.17
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
v1.9.7
v1.9.8
v1.9.9
${ item.name }
${ noResults }
229 Commits (CSLC-91-egress-connect-proxy)
| Author | SHA1 | Message | Date |
|---|---|---|---|
Chris S. Kim
|
fb5eb20563
|
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
|
2 years ago |
|
DanStough
|
4b402e3119 |
feat: tgtwy xDS generation for destinations
Signed-off-by: Dhia Ayachi <dhia@hashicorp.com> |
2 years ago |
|
R.B. Boyer
|
201d1458c3
|
xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460)
This is only configured in xDS when a service with an L7 protocol is exported. They also load any relevant trust bundles for the peered services to eventually use for L7 SPIFFE validation during mTLS termination. |
2 years ago |
|
R.B. Boyer
|
f557509e58
|
xds: allow for peered upstreams to use tagged addresses that are hostnames (#13422)
Mesh gateways can use hostnames in their tagged addresses (#7999). This is useful if you were to expose a mesh gateway using a cloud networking load balancer appliance that gives you a DNS name but no reliable static IPs. Envoy cannot accept hostnames via EDS and those must be configured using CDS. There was already logic when configuring gateways in other locations in the code, but given the illusions in play for peering the downstream of a peered service wasn't aware that it should be doing that. Also: - ensuring that we always try to use wan-like addresses to cross peer boundaries. |
2 years ago |
|
R.B. Boyer
|
ab758b7b32
|
peering: allow mesh gateways to proxy L4 peered traffic (#13339)
Mesh gateways will now enable tcp connections with SNI names including peering information so that those connections may be proxied. Note: this does not change the callers to use these mesh gateways. |
2 years ago |
|
Dan Upton
|
b168424398
|
xds: remove HTTPCheckFetcher dependency (#13366)
This is the OSS portion of enterprise PR 1994
Rather than directly interrogating the agent-local state for HTTP
checks using the `HTTPCheckFetcher` interface, we now rely on the
config snapshot containing the checks.
This reduces the number of changes required to support server xDS
sessions.
It's not clear why the fetching approach was introduced in
|
2 years ago |
|
R.B. Boyer
|
019aeaa57d
|
peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362)
This removes unnecessary, vestigal remnants of discovery chains. |
3 years ago |
|
Freddy
|
a09c776645 |
Update public listener with SPIFFE Validator
Envoy's SPIFFE certificate validation extension allows for us to validate against different root certificates depending on the trust domain of the dialing proxy. If there are any trust bundles from peers in the config snapshot then we use the SPIFFE validator as the validation context, rather than the usual TrustedCA. The injected validation config includes the local root certificates as well. |
3 years ago |
|
Freddy
|
74ca6406ea
|
Configure upstream TLS context with peer root certs (#13321)
For mTLS to work between two proxies in peered clusters with different root CAs, proxies need to configure their outbound listener to use different root certificates for validation. Up until peering was introduced proxies would only ever use one set of root certificates to validate all mesh traffic, both inbound and outbound. Now an upstream proxy may have a leaf certificate signed by a CA that's different from the dialing proxy's. This PR makes changes to proxycfg and xds so that the upstream TLS validation uses different root certificates depending on which cluster is being dialed. |
3 years ago |
|
Dan Upton
|
adeabed126
|
proxycfg: replace direct agent cache usage with interfaces (#13320)
This is the OSS portion of enterprise PRs 1904, 1905, 1906, 1907, 1949, and 1971. It replaces the proxycfg manager's direct dependency on the agent cache with interfaces that will be implemented differently when serving xDS sessions from a Consul server. |
3 years ago |
|
freddygv
|
364758ef2f |
Use embedded SpiffeID for peered upstreams
|
3 years ago |
|
Dan Upton
|
2427e38839
|
Enable servers to configure arbitrary proxies from the catalog (#13244)
OSS port of enterprise PR 1822 Includes the necessary changes to the `proxycfg` and `xds` packages to enable Consul servers to configure arbitrary proxies using catalog data. Broadly, `proxycfg.Manager` now has public methods for registering, deregistering, and listing registered proxies — the existing local agent state-sync behavior has been moved into a separate component that makes use of these methods. When an xDS session is started for a proxy service in the catalog, a goroutine will be spawned to watch the service in the server's state store and re-register it with the `proxycfg.Manager` whenever it is updated (and clean it up when the client goes away). |
3 years ago |
|
DanStough
|
2e2c71d2f2 |
fix: multiple grpc/http2 services for ingress listeners
|
3 years ago |
|
Dan Upton
|
d7f8a8e4ef
|
proxycfg: remove dependency on `cache.UpdateEvent` (#13144)
OSS portion of enterprise PR 1857. This removes (most) references to the `cache.UpdateEvent` type in the `proxycfg` package. As we're going to be direct usage of the agent cache with interfaces that can be satisfied by alternative server-local datasources, it doesn't make sense to depend on this type everywhere anymore (particularly on the `state.ch` channel). We also plan to extract `proxycfg` out of Consul into a shared library in the future, which would require removing this dependency. Aside from a fairly rote find-and-replace, the main change is that the `cache.Cache` and `health.Client` types now accept a callback function parameter, rather than a `chan<- cache.UpdateEvents`. This allows us to do the type conversion without running another goroutine. |
3 years ago |
|
Matt Keeler
|
b788691fa6
|
Watch the singular service resolver instead of the list + filtering to 1 (#13012)
* Watch the singular service resolver instead of the list + filtering to 1 * Rename the ConfigEntries cache type to ConfigEntryList |
3 years ago |
|
Chris S. Kim
|
abc472f2a3
|
Default discovery chain when upstream targets a DestinationPeer (#12942)
|
3 years ago |
|
Chris S. Kim
|
9791bad136
|
peering: Make Upstream peer-aware (#12900)
Adds DestinationPeer field to Upstream. Adds Peer field to UpstreamID and its string conversion functions. |
3 years ago |
|
Eric
|
b01bb41553 |
Implement routing and intentions for AWS Lambdas
|
3 years ago |
|
R.B. Boyer
|
25ba9c147a
|
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
Just like standard upstreams the order of applicability in descending precedence: 1. caller's `service-defaults` upstream override for destination 2. caller's `service-defaults` upstream defaults 3. destination's `service-resolver` ConnectTimeout 4. system default of 5s Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> |
3 years ago |
|
Mark Anderson
|
98a2e282be |
Fixup acl.EnterpriseMeta
Signed-off-by: Mark Anderson <manderson@hashicorp.com> |
3 years ago |
|
Kyle Havlovitz
|
1a3b885027 |
Use the GatewayService SNI field for upstream SAN validation
|
3 years ago |
|
Eric
|
e0a15690ae |
Implement Lambda Patching in the Serverless Plugin
|
3 years ago |
|
R.B. Boyer
|
e79ce8ab03
|
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
- `tls.incoming`: applies to the inbound mTLS targeting the public listener on `connect-proxy` and `terminating-gateway` envoy instances - `tls.outgoing`: applies to the outbound mTLS dialing upstreams from `connect-proxy` and `ingress-gateway` envoy instances Fixes #11966 |
3 years ago |
|
R.B. Boyer
|
ac5bea862a
|
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
Also add a new "Default" field to the discovery chain response to clients |
3 years ago |
|
Eric
|
cf3e517d0e |
Create and wire up the serverless patcher
|
3 years ago |
|
R.B. Boyer
|
2a56e0055b
|
proxycfg: change how various proxycfg test helpers for making ConfigSnapshot copies works to be more correct and less error prone (#12531)
Prior to this PR for the envoy xDS golden tests in the agent/xds package we were hand-creating a proxycfg.ConfigSnapshot structure in the proper format for input to the xDS generator. Over time this intermediate structure has gotten trickier to build correctly for the various tests. This PR proposes to switch to using the existing mechanism for turning a structs.NodeService and a sequence of cache.UpdateEvent copies into a proxycfg.ConfigSnapshot, as that is less error prone to construct and aligns more with how the data arrives. NOTE: almost all of this is in test-related code. I tried super hard to craft correct event inputs to get the golden files to be the same, or similar enough after construction to feel ok that i recreated the spirit of the original test cases. |
3 years ago |
|
freddygv
|
ceb52d649a |
Account for upstream targets in another DC.
Transparent proxies typically cannot dial upstreams in remote datacenters. However, if their upstream configures a redirect to a remote DC then the upstream targets will be in another datacenter. In that sort of case we should use the WAN address for the passthrough. |
3 years ago |
|
freddygv
|
cbea3d203c |
Fix race of upstreams with same passthrough ip
Due to timing, a transparent proxy could have two upstreams to dial directly with the same address. For example: - The orders service can dial upstreams shipping and payment directly. - An instance of shipping at address 10.0.0.1 is deregistered. - Payments is scaled up and scheduled to have address 10.0.0.1. - The orders service receives the event for the new payments instance before seeing the deregistration for the shipping instance. At this point two upstreams have the same passthrough address and Envoy will reject the listener configuration. To disambiguate this commit considers the Raft index when storing passthrough addresses. In the example above, 10.0.0.1 would only be associated with the newer payments service instance. |
3 years ago |
|
freddygv
|
659ebc05a9 |
Ensure passthrough addresses get cleaned up
Transparent proxies can set up filter chains that allow direct connections to upstream service instances. Services that can be dialed directly are stored in the PassthroughUpstreams map of the proxycfg snapshot. Previously these addresses were not being cleaned up based on new service health data. The list of addresses associated with an upstream service would only ever grow. As services scale up and down, eventually they will have instances assigned to an IP that was previously assigned to a different service. When IP addresses are duplicated across filter chain match rules the listener config will be rejected by Envoy. This commit updates the proxycfg snapshot management so that passthrough addresses can get cleaned up when no longer associated with a given upstream. There is still the possibility of a race condition here where due to timing an address is shared between multiple passthrough upstreams. That concern is mitigated by #12195, but will be further addressed in a follow-up. |
3 years ago |
|
freddygv
|
c31c1158a6 |
Add failing test
The updated test fails because passthrough upstream addresses are not being cleaned up. |
3 years ago |
|
R.B. Boyer
|
b60d89e7ef |
bulk rewrite using this script
set -euo pipefail
unset CDPATH
cd "$(dirname "$0")"
for f in $(git grep '\brequire := require\.New(' | cut -d':' -f1 | sort -u); do
echo "=== require: $f ==="
sed -i '/require := require.New(t)/d' $f
# require.XXX(blah) but not require.XXX(tblah) or require.XXX(rblah)
sed -i 's/\brequire\.\([a-zA-Z0-9_]*\)(\([^tr]\)/require.\1(t,\2/g' $f
# require.XXX(tblah) but not require.XXX(t, blah)
sed -i 's/\brequire\.\([a-zA-Z0-9_]*\)(\(t[^,]\)/require.\1(t,\2/g' $f
# require.XXX(rblah) but not require.XXX(r, blah)
sed -i 's/\brequire\.\([a-zA-Z0-9_]*\)(\(r[^,]\)/require.\1(t,\2/g' $f
gofmt -s -w $f
done
for f in $(git grep '\bassert := assert\.New(' | cut -d':' -f1 | sort -u); do
echo "=== assert: $f ==="
sed -i '/assert := assert.New(t)/d' $f
# assert.XXX(blah) but not assert.XXX(tblah) or assert.XXX(rblah)
sed -i 's/\bassert\.\([a-zA-Z0-9_]*\)(\([^tr]\)/assert.\1(t,\2/g' $f
# assert.XXX(tblah) but not assert.XXX(t, blah)
sed -i 's/\bassert\.\([a-zA-Z0-9_]*\)(\(t[^,]\)/assert.\1(t,\2/g' $f
# assert.XXX(rblah) but not assert.XXX(r, blah)
sed -i 's/\bassert\.\([a-zA-Z0-9_]*\)(\(r[^,]\)/assert.\1(t,\2/g' $f
gofmt -s -w $f
done
|
3 years ago |
|
R.B. Boyer
|
424f3cdd2c
|
proxycfg: introduce explicit UpstreamID in lieu of bare string (#12125)
The gist here is that now we use a value-type struct proxycfg.UpstreamID as the map key in ConfigSnapshot maps where we used to use "upstream id-ish" strings. These are internal only and used just for bidirectional trips through the agent cache keyspace (like the discovery chain target struct). For the few places where the upstream id needs to be projected into xDS, that's what (proxycfg.UpstreamID).EnvoyID() is for. This lets us ALWAYS inject the partition and namespace into these things without making stuff like the golden testdata diverge. |
3 years ago |
|
Dhia Ayachi
|
e653f81919
|
reset `coalesceTimer` to nil as soon as the event is consumed (#11924)
* reset `coalesceTimer` to nil as soon as the event is consumed * add change log * refactor to add relevant test. * fix linter * Apply suggestions from code review Co-authored-by: Freddy <freddygv@users.noreply.github.com> * remove non needed check Co-authored-by: Freddy <freddygv@users.noreply.github.com> |
3 years ago |
|
freddygv
|
21f2c2e68d |
Purge chain if it shouldn't be there
|
3 years ago |
|
freddygv
|
d26b4860fd |
Account for new upstreams constraint in tests
|
3 years ago |
|
freddygv
|
2fe27b748d |
Check ingress upstreams when gating chain watches
|
3 years ago |
|
freddygv
|
6af9a0d8cf |
Avoid storing chain without an upstream
|
3 years ago |
|
freddygv
|
ba12dc215b |
Clean up chains separately from their watches
|
3 years ago |
|
freddygv
|
70d6358426 |
Store intention upstreams in snapshot
|
3 years ago |
|
R.B. Boyer
|
81ea8129d7
|
proxycfg: ensure all of the watches are canceled if they are cancelable (#11824)
|
3 years ago |
|
R.B. Boyer
|
4aabbe529c
|
proxycfg: use external addresses in tproxy when crossing partition boundaries (#11823)
|
3 years ago |
|
R.B. Boyer
|
631c649291
|
various partition related todos (#11822)
|
3 years ago |
|
R.B. Boyer
|
1e02460bd1
|
re-run gofmt on 1.17 (#11579)
This should let freshly recompiled golangci-lint binaries using Go 1.17 pass 'make lint' |
3 years ago |
|
freddygv
|
0e507492d0 |
Update proxycfg for ingress service partitions
|
3 years ago |
|
Freddy
|
00b5b0a0a2
|
Update filter chain creation for sidecar/ingress listeners (#11245)
The duo of `makeUpstreamFilterChainForDiscoveryChain` and `makeListenerForDiscoveryChain` were really hard to reason about, and led to concealing a bug in their branching logic. There were several issues here: - They tried to accomplish too much: determining filter name, cluster name, and whether RDS should be used. - They embedded logic to handle significantly different kinds of upstream listeners (passthrough, prepared query, typical services, and catch-all) - They needed to coalesce different data sources (Upstream and CompiledDiscoveryChain) Rather than handling all of those tasks inside of these functions, this PR pulls out the RDS/clusterName/filterName logic. This refactor also fixed a bug with the handling of [UpstreamDefaults](https://www.consul.io/docs/connect/config-entries/service-defaults#defaults). These defaults get stored as UpstreamConfig in the proxy snapshot with a DestinationName of "*", since they apply to all upstreams. However, this wildcard destination name must not be used when creating the name of the associated upstream cluster. The coalescing logic in the original functions here was in some situations creating clusters with a `*.` prefix, which is not a valid destination. |
3 years ago |
|
Daniel Upton
|
50a1f20ff9
|
xds: prefer fed state gateway definitions if they're fresher (#11522)
Fixes an issue described in #10132, where if two DCs are WAN federated over mesh gateways, and the gateway in the non-primary DC is terminated and receives a new IP address (as is commonly the case when running them on ephemeral compute instances) the primary DC is unable to re-establish its connection until the agent running on its own gateway is restarted. This was happening because we always preferred gateways discovered by the `Internal.ServiceDump` RPC (which would fail because there's no way to dial the remote DC) over those discovered in the federation state, which is replicated as long as the primary DC's gateway is reachable. |
3 years ago |
|
freddygv
|
60066e5154 |
Exclude default partition from GatewayKey string
This will behave the way we handle SNI and SPIFFE IDs, where the default partition is excluded. Excluding the default ensures that don't attempt to compare default.dc2 to dc2 in OSS. |
3 years ago |
|
freddygv
|
e3666b0bc4 |
Update GatewayKeys deduplication
Federation states data is only keyed on datacenter, so it cannot be directly compared against keys for gateway groups. |
3 years ago |
|
freddygv
|
90ce897456 |
Store GatewayKey in proxycfg snapshot for re-use
|
3 years ago |
|
freddygv
|
4d4ccedb3a |
Update locality check in proxycfg
|
3 years ago |