Commit Graph

717 Commits (175728b292dad0d38ed4e48faecbe50db3459fb3)

Author SHA1 Message Date
Chris S. Kim bb832e2bba
Add SourcePeer fields to relevant Intentions types (#13390)
3 years ago
Dhia Ayachi 5ec3274ae5
Egress gtw/connect destination intentions (#13341)
3 years ago
R.B. Boyer ab758b7b32
peering: allow mesh gateways to proxy L4 peered traffic (#13339)
3 years ago
Fulvio d457d8b6ce
UDP check for service stanza #12221 (#12722)
3 years ago
R.B. Boyer 019aeaa57d
peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362)
3 years ago
freddygv 8b58fa8afe Update assumptions around exported-service config
3 years ago
Dhia Ayachi 1b779240ae
update gateway-services table with endpoints (#13217)
3 years ago
Dan Upton 2427e38839
Enable servers to configure arbitrary proxies from the catalog (#13244)
3 years ago
DanStough 2e2c71d2f2 fix: multiple grpc/http2 services for ingress listeners
3 years ago
Riddhi Shah d8d8c8603e
Add support for merge-central-config query param (#13001)
3 years ago
R.B. Boyer 1a8834e1c8
peering: replicate expected SNI, SPIFFE, and service protocol to peers (#13218)
3 years ago
Kyle Havlovitz f2fbe8aec9 Fix proto lint errors after version bump
3 years ago
Kyle Havlovitz 4bc6c23357 Add connection limit setting to service defaults
3 years ago
DanStough 817449041d chore(test): Update bats version
3 years ago
DanStough 147fd96d97 feat: add endpoint struct to ServiceConfigEntry
3 years ago
R.B. Boyer 2e72f44fda
peering: accept replication stream of discovery chain information at the importing side (#13151)
3 years ago
R.B. Boyer 3e4a522882 peering: replicate discovery chains information to importing peers
3 years ago
Freddy 4e215dc411
[OSS] Add upsert handling for receiving CheckServiceNode (#13061)
3 years ago
R.B. Boyer 93b164aac3
structs: add convenience methods to sort slices of ServiceName values (#13038)
3 years ago
FFMMM 37a1e33834
expose meta tags for peering (#12964)
3 years ago
Evan Culver 9c8606e138
peering: add store.PeeringsForService implementation (#12957)
3 years ago
Riddhi Shah 0c855fab98
Validate port on mesh service registration (#12881)
3 years ago
Mark Anderson c6ff4ba7d8
Support vault namespaces in connect CA (#12904)
3 years ago
Mark Anderson 2fcac5224e
Merge pull request #12878 from hashicorp/ma/x-forwarded-client-cert
3 years ago
Dan Upton a668c36930
acl: gRPC login and logout endpoints (#12935)
3 years ago
Mark Anderson 6430af1c0e Update mesh config tests
3 years ago
Mark Anderson 05dc5a26b7 Docs and changelog edits
3 years ago
Mark Anderson fee6c7a7b6 Fixup missed config entry
3 years ago
Mark Anderson 28b4b3a85d Add x-forwarded-client-cert headers
3 years ago
Kyle Havlovitz 0696ed24c8
Merge pull request #12885 from hashicorp/acl-err-cache
3 years ago
Chris S. Kim 9791bad136
peering: Make Upstream peer-aware (#12900)
3 years ago
Kyle Havlovitz 0d8b187ea1 Store and return rpc error in acl cache entries
3 years ago
R.B. Boyer 11213ae180
health: ensure /v1/health/service/:service endpoint returns the most recent results when a filter is used with streaming (#12640)
3 years ago
R.B. Boyer 1a491886fa
structs: ensure exported-services PeerName field can be addressed as peer_name (#12862)
3 years ago
R.B. Boyer f507f62f3c
peering: initial sync (#12842)
3 years ago
Will Jordan c48120d005
Add timeout to Client RPC calls (#11500)
3 years ago
R.B. Boyer 25ba9c147a
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
3 years ago
Kyle Havlovitz 9780b672da
Merge pull request #12685 from hashicorp/http-check-redirect-option
3 years ago
Kyle Havlovitz 3b44343276 Add a field to disable following redirects on http checks
3 years ago
Mark Anderson 98a2e282be Fixup acl.EnterpriseMeta
3 years ago
Mark Anderson 05eded4f1d Manual Structs fixup
3 years ago
Mark Anderson 897ba08cfd add new entmeta stuff.
3 years ago
Kyle Havlovitz 6cf22a5cef
Merge pull request #12672 from hashicorp/tgate-san-validation
3 years ago
Kyle Havlovitz 059bd0a92e
Merge pull request #12670 from hashicorp/token-read-expanded
3 years ago
Kyle Havlovitz f8efe9a208 Log a warning when a terminating gateway service has TLS but not SNI configured
3 years ago
Dhia Ayachi 16b19dd82d
auto-reload configuration when config files change (#12329)
3 years ago
Kyle Havlovitz b21b4346b4 Add expanded token read flag and endpoint option
3 years ago
Eric Haberkorn 458b1838db
Merge pull request #12659 from hashicorp/bump-go-control-plane
3 years ago
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
3 years ago
Eric e4b4f175ed Bump go-control-plane
3 years ago