consul/agent/xds/testdata
freddygv af52d21884 Update prepared query cluster SAN validation
Previously SAN validation for prepared queries was broken because we
validated against the name, namespace, and datacenter for prepared
queries.

However, prepared queries can target:

- Services with a name that isn't their own
- Services in multiple datacenters

This means that the SpiffeID to validate needs to be based on the
prepared query endpoints, and not the prepared query's upstream
definition.

This commit updates prepared query clusters to account for that.
2021-08-20 17:40:33 -06:00
..
clusters Update prepared query cluster SAN validation 2021-08-20 17:40:33 -06:00
endpoints Update prepared query cluster SAN validation 2021-08-20 17:40:33 -06:00
listeners Regen golden files 2021-06-15 14:18:25 -06:00
rbac xds: ensure single L7 deny intention with default deny policy does not result in allow action (CVE-2021-36213) (#10619) 2021-07-15 10:09:00 -05:00
routes connect: update supported envoy versions to 1.18.2, 1.17.2, 1.16.3, and 1.15.4 (#10101) 2021-04-29 15:22:03 -05:00
alt-test-leaf-cert.golden
alt-test-leaf-key.golden
alt-test-root-cert.golden
cache-test-leaf-cert.golden
cache-test-leaf-key.golden
db-test-leaf-cert.golden
db-test-leaf-key.golden
test-leaf-cert.golden
test-leaf-key.golden
test-root-cert.golden