status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-09 21:35:52 +00:00
Code Issues Projects Releases Wiki Activity
consul/command
History
R.B. Boyer 31b95c747b
xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629) 
When the protocol is http-like, and an intention has a peered source
then the normal RBAC mTLS SAN field check is replaces with a joint combo
of:

    mTLS SAN field must be the service's local mesh gateway leaf cert
      AND
    the first XFCC header (from the MGW) must have a URI field that matches the original intention source

Also:

- Update the regex program limit to be much higher than the teeny
  defaults, since the RBAC regex constructions are more complicated now.

- Fix a few stray panics in xds generation.
2022-06-29 10:29:54 -05:00
..
acl
Fix namespace default field names in expanded token output
2022-04-13 16:46:39 -07:00
agent
Fixup agent startup
2022-06-09 17:04:05 -07:00
catalog
re-run gofmt on 1.17 (#11579)
2021-11-16 12:04:01 -06:00
cli
cmd: introduce a shim to expose Stdout/Stderr writers
2021-06-02 16:51:34 -04:00
config
update gateway-services table with endpoints (#13217)
2022-05-31 16:20:12 -04:00
connect
xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629)
2022-06-29 10:29:54 -05:00
debug
debug: update CLI docs
2022-02-15 18:16:12 -05:00
event
testing: skip slow tests with -short
2020-12-07 13:42:55 -05:00
exec
Replace use of 'sane' where appropriate
2021-07-02 12:18:46 -04:00
flags
bulk rewrite using this script
2022-01-20 10:46:23 -06:00
forceleave
agent: add variation of force-leave that exclusively works on the WAN (#11722)
2021-12-02 17:15:10 -06:00
helpers
Centralized Config CLI (#5731)
2019-04-30 16:27:16 -07:00
info
testing: skip slow tests with -short
2020-12-07 13:42:55 -05:00
intention
bulk rewrite using this script
2022-01-20 10:46:23 -06:00
join
partitions: various refactors to support partitioning the serf LAN pool (#11568)
2021-11-15 09:51:14 -06:00
keygen
Update default gossip encryption key size to 32 bytes
2019-07-30 09:45:41 -06:00
keyring
Fixup acl.EnterpriseMeta
2022-04-05 15:11:49 -07:00
kv
KV refactoring, part 2 (#11512)
2021-11-08 11:43:21 -05:00
leave
testing: skip slow tests with -short
2020-12-07 13:42:55 -05:00
lock
re-run gofmt on 1.17 (#11579)
2021-11-16 12:04:01 -06:00
login
Add IAM Auth Method (#12583)
2022-03-31 10:18:48 -05:00
logout
acl: gRPC login and logout endpoints (#12935)
2022-05-04 17:38:45 +01:00
maint
Fix maint test
2021-07-30 12:58:46 -04:00
members
Fixup acl.EnterpriseMeta
2022-04-05 15:11:49 -07:00
monitor
fix monitor to only start the monitor in json format when requested (#10358)
2021-06-07 12:08:48 -04:00
operator
testing: skip slow tests with -short
2020-12-07 13:42:55 -05:00
reload
testing: skip slow tests with -short
2020-12-07 13:42:55 -05:00
rtt
catalog: compare node names case insensitively in more places (#12444)
2022-02-24 16:54:47 -06:00
services
bulk rewrite using this script
2022-01-20 10:46:23 -06:00
snapshot
Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311)
2022-02-14 09:45:45 -08:00
tls
Merge pull request #11884 from assareh/patch-1
2022-01-04 15:17:32 -05:00
validate
config: replace calls to config.NewBuilder with config.Load
2021-01-27 17:34:43 -05:00
version
Fix issue with consul version tests
2022-06-09 17:04:05 -07:00
watch
cli: Test API access using /status/leader in consul watch (#10795)
2021-08-09 09:00:33 -07:00
registry_oss.go
Add build tag for oss (#13279)
2022-05-27 11:39:58 -04:00
registry.go
Refactor some functions for better enterprise use (#13280)
2022-05-30 09:46:55 -04:00