status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
consul/agent/rpc/peering
History
R.B. Boyer 0fa828db76
peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 
When traversing an exported peered service, the discovery chain
evaluation at the other side may re-route the request to a variety of
endpoints. Furthermore we intend to terminate mTLS at the mesh gateway
for arriving peered traffic that is http-like (L7), so the caller needs
to know the mesh gateway's SpiffeID in that case as well.

The following new SpiffeID values will be shipped back in the peerstream
replication:

- tcp: all possible SpiffeIDs resulting from the service-resolver
        component of the exported discovery chain

- http-like: the SpiffeID of the mesh gateway
 		2022-06-27 14:37:18 -05:00
..
health_snapshot.go peering: accept replication stream of discovery chain information at the importing side (#13151) 2022-05-19 16:37:52 -05:00
health_snapshot_test.go peering: accept replication stream of discovery chain information at the importing side (#13151) 2022-05-19 16:37:52 -05:00
replication.go Clean up imported nodes/services/checks as needed (#13367) 2022-06-13 11:52:28 -06:00
service.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
service_oss_test.go peering: allow protobuf requests to populate the default partition or namespace (#13398) 2022-06-08 11:55:18 -05:00
service_test.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
stream_test.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
stream_tracker.go peering: initial sync (#12842) 2022-04-21 17:34:40 -05:00
stream_tracker_test.go add general runstep test helper instead of copying it all over the place (#13013) 2022-05-10 15:25:51 -05:00
subscription_blocking.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
subscription_manager.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
subscription_manager_test.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
subscription_state.go peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
subscription_state_test.go peering: replicate expected SNI, SPIFFE, and service protocol to peers (#13218) 2022-05-25 12:37:44 -05:00
subscription_view.go peering: mesh gateways are required for cross-peer service mesh communication (#13410) 2022-06-09 11:05:18 -05:00
subscription_view_test.go peering: replicate discovery chains information to importing peers 2022-05-19 14:21:44 -05:00
testing.go peering: accept replication stream of discovery chain information at the importing side (#13151) 2022-05-19 16:37:52 -05:00
testutil_oss_test.go peering: initial sync (#12842) 2022-04-21 17:34:40 -05:00
validate.go peering: accept replication stream of discovery chain information at the importing side (#13151) 2022-05-19 16:37:52 -05:00
validate_test.go Patches to peering initiation for POC demo (#13076) 2022-05-13 13:01:00 -06:00