consul

History

Eric Haberkorn 7ce6ebaeb3 Handle Traffic Permissions With Empty Sources Properly (#19024 ) Fix issues with empty sources * Validate that each permission on traffic permissions resources has at least one source. * Don't construct RBAC policies when there aren't any principals. This resulted in Envoy rejecting xDS updates with a validation error. ``` error= \| rpc error: code = Internal desc = Error adding/updating listener(s) public_listener: Proto constraint validation failed (RBACValidationError.Rules: embedded message failed validation \| caused by RBACValidationError.Policies[consul-intentions-layer4-1]: embedded message failed validation \| caused by PolicyValidationError.Principals: value must contain at least 1 item(s)): rules { ```	2023-09-28 15:11:59 -04:00
..
internal	Handle Traffic Permissions With Empty Sources Properly (#19024 )	2023-09-28 15:11:59 -04:00
exports.go	v2 explicit destination traffic permissions (#18823 )	2023-09-25 16:50:07 +00:00

Handle Traffic Permissions With Empty Sources Properly (#19024 )

Fix issues with empty sources

* Validate that each permission on traffic permissions resources has at least one source.
* Don't construct RBAC policies when there aren't any principals. This resulted in Envoy rejecting xDS updates with a validation error.

```
error=
  | rpc error: code = Internal desc = Error adding/updating listener(s) public_listener: Proto constraint validation failed (RBACValidationError.Rules: embedded message failed validation | caused by RBACValidationError.Policies[consul-intentions-layer4-1]: embedded message failed validation | caused by PolicyValidationError.Principals: value must contain at least 1 item(s)): rules {
```

2023-09-28 15:11:59 -04:00

internal

Handle Traffic Permissions With Empty Sources Properly (#19024 )

2023-09-28 15:11:59 -04:00

exports.go

v2 explicit destination traffic permissions (#18823 )

2023-09-25 16:50:07 +00:00