Commit Graph

14 Commits (NET-2088-upgrade-test-ingress-gateway)

Author SHA1 Message Date
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter
2 years ago
Dan Stough 49f3dadb8f feat: connect proxy xDS for destinations
2 years ago
R.B. Boyer 31b95c747b
xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629)
2 years ago
Chris S. Kim fb5eb20563
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
2 years ago
Chris S. Kim a02e9abcc1
Update RBAC to handle imported services (#13404)
3 years ago
freddygv d90e30f009 Update spiffe ID patterns used for RBAC
3 years ago
freddygv 5e54f253d7 Expand testing of simplifyNotSourceSlice for partitions
3 years ago
freddygv 19da23be28 Expand testing of removeSameSourceIntentions for partitions
3 years ago
freddygv beab0cd962 Account for partition when matching src intentions
3 years ago
R.B. Boyer 20feb42d3a
xds: ensure single L7 deny intention with default deny policy does not result in allow action (CVE-2021-36213) (#10619)
3 years ago
R.B. Boyer 398b766532
xds: default to speaking xDS v3, but allow for v2 to be spoken upon request (#9658)
4 years ago
R.B. Boyer 3b6ffc447b
xds: remove deprecated usages of xDS (#9602)
4 years ago
R.B. Boyer 1b413b0444
connect: support defining intentions using layer 7 criteria (#8839)
4 years ago
R.B. Boyer 74d5df7c7a
xds: use envoy's rbac filter to handle intentions entirely within envoy (#8569)
4 years ago