Commit Graph

252 Commits (9b2c1be0534e16a6a30a69e4c8c4f68b8fa45de7)

Author SHA1 Message Date
loshz 7724bb88d5
[NET-6593] agent: check for minimum RSA key size (#20112)
11 months ago
aahel a6496898de
added tenancy to TestBuildL4TrafficPermissions (#19932)
12 months ago
Matt Keeler efe279f802
Retry lint fixes (#19151)
12 months ago
John Murret 2591318c82
Skip tests with p95 greater than 30 seconds outside of main and release branches. (#19628)
1 year ago
Chris S. Kim 9d00b13140
Vault CA bugfixes (#19285)
1 year ago
Chris S. Kim 92ce814693
Remove old build tags (#19128)
1 year ago
Chris Thain dcdf2fc6ba
Update Vault CA provider namespace configuration (#19095)
1 year ago
Chris S. Kim 4dfca64ded
Vault CA provider clean up previous default issuers (#18773)
1 year ago
Nitya Dhanushkodi 78b170ad50
xds controller: setup watches for and compute leaf cert references in ProxyStateTemplate, and wire up leaf cert manager dependency (#18756)
1 year ago
Iryna Shustava 3c70e14713
sidecar-proxy controller: L4 controller with explicit upstreams (NET-3988) (#18352)
1 year ago
Semir Patel 53e28a4963
OSS -> CE (community edition) changes (#18517)
1 year ago
hashicorp-copywrite[bot] 5fb9df1640
[COMPLIANCE] License changes (#18443)
1 year ago
cui fliter 18a5edd232
docs: Fix some comments (#17118)
1 year ago
Chris S. Kim 747a4c73c1
Fix bug with Vault CA provider (#18112)
1 year ago
Tom Davies f472164f05
Pass configured role name to Vault for AWS auth in Connect CA (#17885)
1 year ago
Chris S. Kim a4653de8da
CA provider doc updates and Vault provider minor update (#17831)
1 year ago
John Eikenberry bd76fdeaeb
enable auto-tidy expired issuers in vault (as CA)
2 years ago
Eric Haberkorn b1fae05983
Add sameness groups to service intentions. (#17064)
2 years ago
John Murret 2cefa8d9bd
ci: remove test-integrations CircleCI workflow (#16928)
2 years ago
Chris S. Kim a5397b1f23
Connect CA Primary Provider refactor (#16749)
2 years ago
Ronald 94ec4eb2f4
copyright headers for agent folder (#16704)
2 years ago
John Eikenberry f5641ffccc
support vault auth config for alicloud ca provider
2 years ago
John Eikenberry 56ffee6d42
add provider ca support for approle auth-method
2 years ago
John Eikenberry e8eec1fa80
add provider ca auth support for kubernetes
2 years ago
John Eikenberry 4211069080
add provider ca support for jwt file base auth
2 years ago
John Eikenberry 4f2d9a91e5
add provider ca auth-method support for azure
2 years ago
Andrew Stucki 9bb0ecfc18
[API Gateway] Add integration test for HTTP routes (#16236)
2 years ago
John Eikenberry ed7367b6f4
remove redundant vault api retry logic (#16143)
2 years ago
John Eikenberry 5c836f2aa9
fix goroutine leak in renew testing (#16142)
2 years ago
Chris Thain 2f4c8e50f2
Support Vault agent auth config for AWS/GCP CA provider auth (#15970)
2 years ago
Dan Upton 7a55de375c
xds: don't attempt to load-balance sessions for local proxies (#15789)
2 years ago
Semir Patel bafa5c7156
Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700)
2 years ago
R.B. Boyer 5af94fb2a0
connect: use -dev-no-store-token for test vaults to reduce source of flakes (#15691)
2 years ago
R.B. Boyer 900584ca82
connect: ensure all vault connect CA tests use limited privilege tokens (#15669)
2 years ago
R.B. Boyer 4940a728ab
Detect Vault 1.11+ import in secondary datacenters and update default issuer (#15661)
2 years ago
Chris S. Kim c9ec9fa320
Fix Vault managed intermediate PKI bug (#15525)
2 years ago
Alexander Scheel 2b90307f6d
Detect Vault 1.11+ import, update default issuer (#15253)
2 years ago
Kyle Havlovitz dde5c524ad
connect: strip port from DNS SANs for ingress gateway leaf cert (#15320)
2 years ago
Kyle Schochenmaier bf0f61a878
removes ioutil usage everywhere which was deprecated in go1.16 (#15297)
2 years ago
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter
2 years ago
Kyle Havlovitz d122108992 Warn instead of returning an error when intermediate mount tune permission is missing
2 years ago
freddygv fac3ddc857 Use internal server certificate for peering TLS
2 years ago
freddygv 0ea3353537 Add handling in agent cache for server leaf certs
2 years ago
Kyle Havlovitz d67bccd210 Update intermediate pki mount/role when reconfiguring Vault provider
2 years ago
Freddy f4dfd42e0a
Add SpiffeID for Consul server agents (#14485)
2 years ago
Eric Haberkorn 58901ad7df
Cluster peering failover disco chain changes (#14296)
2 years ago
R.B. Boyer 201d1458c3
xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460)
2 years ago
Chris S. Kim a02e9abcc1
Update RBAC to handle imported services (#13404)
2 years ago
Freddy 74ca6406ea
Configure upstream TLS context with peer root certs (#13321)
3 years ago
R.B. Boyer 1a8834e1c8
peering: replicate expected SNI, SPIFFE, and service protocol to peers (#13218)
3 years ago