consul/envoyextensions/xdscommon
Nathan Coleman 5e9f02d4be
[NET-8091] Add file-system-certificate config entry for API gateway (#20873)
* Define file-system-certificate config entry

* Collect file-system-certificate(s) referenced by api-gateway onto snapshot

* Add file-system-certificate to config entry kind allow lists

* Remove inapplicable validation

This validation makes sense for inline certificates since Consul server is holding the certificate; however, for file system certificates, Consul server never actually sees the certificate.

* Support file-system-certificate as source for listener TLS certificate

* Add more required mappings for the new config entry type

* Construct proper TLS context based on certificate kind

* Add support or SDS in xdscommon

* Remove unused param

* Adds back verification of certs for inline-certificates

* Undo tangential changes to TLS config consumption

* Remove stray curly braces

* Undo some more tangential changes

* Improve function name for generating API gateway secrets

* Add changelog entry

* Update .changelog/20873.txt

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Add some nil-checking, remove outdated TODO

* Update test assertions to include file-system-certificate

* Add documentation for file-system-certificate config entry

Add new doc to nav

* Fix grammar mistake

* Rename watchmaps, remove outdated TODO

---------

Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2024-04-15 16:45:05 -04:00
..
envoy_versioning.go [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
envoy_versioning_test.go security: bump go, x/net and envoy versions (#20956) 2024-04-08 19:18:40 +00:00
proxysupport.go security: bump go, x/net and envoy versions (#20956) 2024-04-08 19:18:40 +00:00
proxysupport_test.go [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
xdscommon.go [NET-8091] Add file-system-certificate config entry for API gateway (#20873) 2024-04-15 16:45:05 -04:00
xdscommon_test.go [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00