Commit Graph

26 Commits (31539a28be069f646a982642ca9a87c63115443a)

Author SHA1 Message Date
John Murret d925e4b812
NET-6946 / NET-6941 - Replace usage of deprecated Envoy fields envoy.config.route.v3.HeaderMatcher.safe_regex_match and envoy.type.matcher.v3.RegexMatcher.google_re2 (#20013)
11 months ago
John Maguire 2c244b6f42
[APIGW] NET-5017 JWT Cleanup/Status Conditions (#18700)
1 year ago
John Maguire 59ab57f350
NET-5147: Added placeholder structs for JWT functionality (#18575)
1 year ago
John Murret b80c5258fa
NET-4853 - xds v2 - implement base connect proxy functionality for clusters (#18499)
1 year ago
hashicorp-copywrite[bot] 5fb9df1640
[COMPLIANCE] License changes (#18443)
1 year ago
Dan Stough 8e3a1ddeb6
[OSS] Improve xDS Code Coverage - Endpoints and Misc (#18222)
1 year ago
Ronald bcc6a9d752
Use JWT-auth filter in metadata mode & Delegate validation to RBAC filter (#18062)
1 year ago
Ronald 55e283dda9
[NET-3092] JWT Verify claims handling (#17452)
2 years ago
Eric Haberkorn b1fae05983
Add sameness groups to service intentions. (#17064)
2 years ago
Ronald 94ec4eb2f4
copyright headers for agent folder (#16704)
2 years ago
Matt Keeler 085c0addc0
Protobuf Refactoring for Multi-Module Cleanliness (#16302)
2 years ago
Eric Haberkorn 8d923c1789
Add the Lua Envoy extension (#15906)
2 years ago
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter
2 years ago
Dan Stough 49f3dadb8f feat: connect proxy xDS for destinations
2 years ago
R.B. Boyer 31b95c747b
xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629)
2 years ago
Chris S. Kim fb5eb20563
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
2 years ago
Chris S. Kim a02e9abcc1
Update RBAC to handle imported services (#13404)
3 years ago
freddygv d90e30f009 Update spiffe ID patterns used for RBAC
3 years ago
freddygv 5e54f253d7 Expand testing of simplifyNotSourceSlice for partitions
3 years ago
freddygv 19da23be28 Expand testing of removeSameSourceIntentions for partitions
3 years ago
freddygv beab0cd962 Account for partition when matching src intentions
3 years ago
R.B. Boyer 20feb42d3a
xds: ensure single L7 deny intention with default deny policy does not result in allow action (CVE-2021-36213) (#10619)
3 years ago
R.B. Boyer 398b766532
xds: default to speaking xDS v3, but allow for v2 to be spoken upon request (#9658)
4 years ago
R.B. Boyer 3b6ffc447b
xds: remove deprecated usages of xDS (#9602)
4 years ago
R.B. Boyer 1b413b0444
connect: support defining intentions using layer 7 criteria (#8839)
4 years ago
R.B. Boyer 74d5df7c7a
xds: use envoy's rbac filter to handle intentions entirely within envoy (#8569)
4 years ago