status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Golden File Tests for TermGW w/ Cluster Peering (#19096) 

Add intention to create golden file for terminating gateway peered trust bundle
This commit is contained in:
Thomas Eckert 2023-10-13 11:56:58 -04:00 committed by GitHub
parent c2a0d4f9ca
commit 76c60fdfac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
agent/xds/listeners_test.go
View File

@ -1093,12 +1093,12 @@ func TestListenersFromSnapshot(t *testing.T) {
Bundles: []*pbpeering.PeeringTrustBundle{
{
TrustDomain: "foo.bar.gov",
PeerName: "dc1",
PeerName: "dc2",
Partition: "default",
RootPEMs: []string{
roots.Roots[0].RootCert,
},
ExportedPartition: "dc1",
ExportedPartition: "default",
CreateIndex: 0,
ModifyIndex: 0,
},
@ -1109,8 +1109,11 @@ func TestListenersFromSnapshot(t *testing.T) {
CorrelationID: "service-intentions:web",
Result: structs.SimplifiedIntentions{
{
SourceName: "*",
DestinationName: "web",
SourceName: "source",
SourcePeer: "dc2",
DestinationName: "web",
DestinationPartition: "default",
Action: structs.IntentionActionAllow,
},
},
},

24
agent/xds/testdata/listeners/terminating-gateway-with-peer-trust-bundle.latest.golden vendored
View File

@ -171,7 +171,29 @@
"name": "envoy.filters.network.rbac",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.rbac.v3.RBAC",
"rules": {},
"rules": {
"policies": {
"consul-intentions-layer4": {
"permissions": [
{
"any": true
}
],
"principals": [
{
"authenticated": {
"principalName": {
"safeRegex": {
"googleRe2": {},
"regex": "^spiffe://foo.bar.gov/ns/default/dc/[^/]+/svc/source$"
}
}
}
}
]
}
}
},
"statPrefix": "connect_authz"
}
},