mirror of https://github.com/hashicorp/consul
6742340878
Creates a new controller to create ComputedImplicitDestinations resources by composing ComputedRoutes, Services, and ComputedTrafficPermissions to infer all ParentRef services that could possibly send some portion of traffic to a Service that has at least one accessible Workload Identity. A followup PR will rewire the sidecar controller to make use of this new resource. As this is a performance optimization, rather than a security feature the following aspects of traffic permissions have been ignored: - DENY rules - port rules (all ports are allowed) Also: - Add some v2 TestController machinery to help test complex dependency mappers. |
||
---|---|---|
.. | ||
dependencymock | ||
.mockery.yaml | ||
cache.go | ||
cache_test.go | ||
higher_order.go | ||
higher_order_test.go | ||
simple.go | ||
simple_test.go | ||
transform.go | ||
transform_test.go |