mirror of https://github.com/hashicorp/consul
ccc3c53d3e
mesh: add ComputedImplicitDestinations resource for future use (#20547) Creates a new controller to create ComputedImplicitDestinations resources by composing ComputedRoutes, Services, and ComputedTrafficPermissions to infer all ParentRef services that could possibly send some portion of traffic to a Service that has at least one accessible Workload Identity. A followup PR will rewire the sidecar controller to make use of this new resource. As this is a performance optimization, rather than a security feature the following aspects of traffic permissions have been ignored: - DENY rules - port rules (all ports are allowed) Also: - Add some v2 TestController machinery to help test complex dependency mappers. Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| catalogtest | ||
| internal | ||
| workloadselector | ||
| exports.go | ||