consul/agent
R.B. Boyer 0fa828db76
peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612)
When traversing an exported peered service, the discovery chain
evaluation at the other side may re-route the request to a variety of
endpoints. Furthermore we intend to terminate mTLS at the mesh gateway
for arriving peered traffic that is http-like (L7), so the caller needs
to know the mesh gateway's SpiffeID in that case as well.

The following new SpiffeID values will be shipped back in the peerstream
replication:

- tcp: all possible SpiffeIDs resulting from the service-resolver
        component of the exported discovery chain

- http-like: the SpiffeID of the mesh gateway
2022-06-27 14:37:18 -05:00
..
ae sdk: add TestLogLevel for setting log level in tests 2022-02-03 13:42:28 -05:00
auto-config peering: initial sync (#12842) 2022-04-21 17:34:40 -05:00
cache proxycfg: remove dependency on `cache.UpdateEvent` (#13144) 2022-05-20 15:47:40 +01:00
cache-types xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460) 2022-06-15 14:36:18 -05:00
checks UDP check for service stanza #12221 (#12722) 2022-06-06 15:13:19 -04:00
config Change default dates 2022-06-09 17:07:41 -07:00
configentry Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
connect xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460) 2022-06-15 14:36:18 -05:00
consul peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
debug bulk rewrite using this script 2022-01-20 10:46:23 -06:00
dns test: fix incorrect use of t instead of r in retry test (#13146) 2022-05-19 14:00:07 -05:00
exec re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
grpc Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
local Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
metadata partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
mock
pool Add timeout to Client RPC calls (#11500) 2022-04-21 16:21:35 -04:00
proxycfg Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508) 2022-06-20 22:47:14 -04:00
proxycfg-glue peering: allow mesh gateways to proxy L4 peered traffic (#13339) 2022-06-06 14:20:41 -05:00
proxycfg-sources Fix a flaky test (#13282) 2022-05-27 13:25:08 -04:00
router sdk: add TestLogLevel for setting log level in tests 2022-02-03 13:42:28 -05:00
routine-leak-checker Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
rpc peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
rpcclient/health Add support for merge-central-config query param (#13001) 2022-05-25 13:20:17 -07:00
structs peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
submatview proxycfg: remove dependency on `cache.UpdateEvent` (#13144) 2022-05-20 15:47:40 +01:00
systemd
token agent/token: rename `agent_master` to `agent_recovery` (internally) (#11744) 2021-12-07 12:12:47 +00:00
uiserver Reimplement fs.FileInfo interface (#13315) 2022-06-01 11:09:51 -04:00
xds Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508) 2022-06-20 22:47:14 -04:00
acl.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
acl_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
acl_endpoint_legacy.go
acl_endpoint_legacy_test.go agent: Ensure partition is considered in agent endpoints (#11427) 2021-10-26 15:20:57 -04:00
acl_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
acl_oss.go agent: support `X-Consul-Results-Filtered-By-ACLs` header in agent-local endpoints (#11610) 2021-12-03 20:36:28 +00:00
acl_test.go Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
agent.go Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
agent_endpoint.go xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460) 2022-06-15 14:36:18 -05:00
agent_endpoint_oss.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
agent_endpoint_oss_test.go Add oss test 2022-05-09 10:07:19 -07:00
agent_endpoint_test.go Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
agent_oss.go proxycfg: replace direct agent cache usage with interfaces (#13320) 2022-06-01 16:18:06 +01:00
agent_test.go Update go version to 1.18.1 2022-04-18 11:41:10 -04:00
apiserver.go
apiserver_test.go
catalog_endpoint.go [OSS] Support merge-central-config option in node services list API (#13450) 2022-06-15 08:30:31 -07:00
catalog_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
catalog_endpoint_test.go [OSS] Support merge-central-config option in node services list API (#13450) 2022-06-15 08:30:31 -07:00
check.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
config_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
config_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
connect_auth.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
connect_ca_endpoint.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
connect_ca_endpoint_test.go Update go version to 1.18.1 2022-04-18 11:41:10 -04:00
coordinate_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
coordinate_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
delegate_mock_test.go Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
denylist.go
denylist_test.go
discovery_chain_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
discovery_chain_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
dns.go Add dns node lookup support in partitions 2022-06-10 11:23:51 -07:00
dns_oss.go Fixup acl.EnterpriseMeta 2022-04-05 15:11:49 -07:00
dns_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
enterprise_delegate_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
event_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
event_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
federation_state_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
health_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
health_endpoint_test.go [OSS] Fix merge central config tests (#13309) 2022-05-31 12:04:19 -07:00
http.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
http_decode_test.go add test cases for h2ping_use_tls default behavior 2021-10-09 17:12:52 -04:00
http_oss.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
http_oss_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
http_register.go peering: rename initiate to establish in the context of the APIs (#13419) 2022-06-10 11:10:46 -05:00
http_test.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
intentions_endpoint.go oss: peering, http: get peer service intentions (#2098) 2022-06-22 16:25:09 -07:00
intentions_endpoint_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
intentions_endpoint_test.go oss: peering, http: get peer service intentions (#2098) 2022-06-22 16:25:09 -07:00
keyring.go Allows keyring operations on client agents 2022-02-24 17:24:57 +00:00
keyring_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
kvs_endpoint.go Fix KVSGet method to handle QueryOptions properly (#13344) 2022-06-02 12:26:18 -04:00
kvs_endpoint_test.go
metrics.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
metrics_test.go Add isLeader metric to track if a server is a leader (#13304) 2022-06-03 13:07:37 -04:00
nodeid.go
nodeid_test.go
notify.go
notify_test.go
operator_endpoint.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
operator_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
operator_endpoint_test.go
peering_endpoint.go peering: rename initiate to establish in the context of the APIs (#13419) 2022-06-10 11:10:46 -05:00
peering_endpoint_oss_test.go [sync oss] api: add peering api module (#12911) 2022-05-02 11:49:05 -07:00
peering_endpoint_test.go Avoid deleting peerings marked as terminated. 2022-06-14 15:37:09 -06:00
prepared_query_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
prepared_query_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
reload.go
remote_exec.go
remote_exec_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
retry_join.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
retry_join_test.go
service_checks_test.go
service_manager.go Add support for merge-central-config query param (#13001) 2022-05-25 13:20:17 -07:00
service_manager_test.go Add support for merge-central-config query param (#13001) 2022-05-25 13:20:17 -07:00
session_endpoint.go Revert getPathSuffixUnescaped (#13256) 2022-06-01 13:17:14 -04:00
session_endpoint_test.go
setup.go Add isLeader metric to track if a server is a leader (#13304) 2022-06-03 13:07:37 -04:00
setup_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
sidecar_service.go
sidecar_service_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
signal_unix.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
signal_windows.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
snapshot_endpoint.go
snapshot_endpoint_test.go
status_endpoint.go
status_endpoint_test.go
streaming_test.go regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
testagent.go Retry on bad dogstatsd connection (#13091) 2022-05-19 16:03:46 -04:00
testagent_test.go
translate_addr.go
txn_endpoint.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
txn_endpoint_test.go Unify various status errors into one HTTP error type. (#12594) 2022-04-29 13:42:49 -04:00
ui_endpoint.go peering, internal: support UIServices, UINodes, UINodeInfo (#13577) 2022-06-24 15:17:35 -07:00
ui_endpoint_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
ui_endpoint_test.go peering, internal: support UIServices, UINodes, UINodeInfo (#13577) 2022-06-24 15:17:35 -07:00
user_event.go Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
user_event_test.go Update 4 non-acl tests that used the legacy ACL.Apply 2021-09-21 17:57:29 -04:00
util.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
util_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
watch_handler.go
watch_handler_test.go