mirror of https://github.com/status-im/consul.git
6742340878
Creates a new controller to create ComputedImplicitDestinations resources by composing ComputedRoutes, Services, and ComputedTrafficPermissions to infer all ParentRef services that could possibly send some portion of traffic to a Service that has at least one accessible Workload Identity. A followup PR will rewire the sidecar controller to make use of this new resource. As this is a performance optimization, rather than a security feature the following aspects of traffic permissions have been ignored: - DENY rules - port rules (all ports are allowed) Also: - Add some v2 TestController machinery to help test complex dependency mappers. |
||
|---|---|---|
| .. | ||
| annotations/ratelimit | ||
| pbacl | ||
| pbauth/v2beta1 | ||
| pbcatalog/v2beta1 | ||
| pbconnectca | ||
| pbdataplane | ||
| pbdns | ||
| pbhcp/v2 | ||
| pbmesh/v2beta1 | ||
| pbmulticluster | ||
| pbresource | ||
| pbserverdiscovery | ||
| pbtenancy/v2beta1 | ||
| .copywrite.hcl | ||
| LICENSE | ||
| buf.gen.yaml | ||
| buf.lock | ||
| buf.yaml | ||
| go.mod | ||
| go.sum | ||