Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* update envoy Signed-off-by: Kuat Yessenov <kuat@google.com> * update Envoy's SHA to latest to include the SNI inspecting method, for using SNI in telemetry and policies Signed-off-by: Vadim Eisenberg <vadime@il.ibm.com> * implement destination.principal Signed-off-by: Kuat Yessenov <kuat@google.com> * missing test Signed-off-by: Kuat Yessenov <kuat@google.com> * review Signed-off-by: Kuat Yessenov <kuat@google.com> * add AttributeName::kConnectionRequestedServerName * fix format * add GetRequestedServerName() to TCP CheckData * add building attribute ConnectionRequestedServerName * test building attribute ConnectionRequestedServerName * add GetRequestedServerName() to tcp mixer filter * fix compilation errors * use explicit conversion from absl::string_view to std::string * check that the requested server name is not emtpy in attributes builder * fixed a compilation error * add GetRequestedServerName to http mixer filters (check_data) * add GetRequestedServerName to http MockCheckData * specify the class of a method * add setting connection.requested_server_name to the http attributes * qualify Return by testing:: * use connection_ as a pointer * add explicit conversion from absl::string_view to std::string * add missing mock call * Revert "Add connection requested server name attribute to TCP read filter" * update the API SHA (istio/api#575) * add the connection.requested_server_name attribute to tcp and http filters * add missing parentheses * add AttributeName::kConnectionRequestedServerName * fix cardinality of a mock method * fix the signature of TCP Filter::GetRequestedServerName() * add declarations of GetRequestedServerName() to tcp Filter/http CheckData classes * add peer and local distinction Signed-off-by: Kuat Yessenov <kuat@google.com> * Add connection open event. * update comment. * Replace boolean with enum. * extract origin IP Signed-off-by: Kuat Yessenov <kuat@google.com> * Update Envoy SHA to latest. (#1852) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Revert "Update Envoy SHA to latest. (#1852)" (#1854) This reverts commit f85f49c. * update api sha (#1855) * update api sha * update api sha * Update Envoy SHA to latest. (#1857) * Update Envoy SHA to latest. Signed-off-by: Piotr Sikora <piotrsikora@google.com> * review: install pkg-config on CircleCI. Signed-off-by: Piotr Sikora <piotrsikora@google.com> * review: install pkg-config on build image. Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Update Envoy SHA for WebSocket fix (#1859) Signed-off-by: Shriram Rajagopalan <shriramr@vmware.com> * Revert "Update Envoy SHA for WebSocket fix (#1859)" (#1860) This reverts commit f47be07. * Update Envoy SHA to latest. (#1862) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Update istio.dep as valid json (#1863) * Update software in the build image used by CircleCI. (#1874) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Improve build times on CircleCI. (#1875) 1. Stop trashing build's cache. 2. Split ASan and TSan tests into separate targets. 3. Fix output directory, so that caching works on macOS. Before: - build : 49 mins - macos : 30 mins After: - build : 27 mins - linux_asan: 20 mins - linux_tsan: 16 mins - macos : 30 mins After (with warm cache): - build : 3 mins - linux_asan: 4 mins - linux_tsan: 2 mins - macos : 5 mins Fixes #1815. Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Install ninja in the build image used by CircleCI. (#1888) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * merge 1.0 branch to master (#1885) * Reduce log level for jwt filter (#1866) * Update_Dependencies (#1873) * Correctly clean up headers used for payload from JWT authentication (#1879) * Correctly clean up headers used for payload from JWT authentication * Clang * Update_Dependencies (#1883) * destination.principal derivation fix (#1884) * fix attribute extraction Signed-off-by: Kuat Yessenov <kuat@google.com> * seed mock Signed-off-by: Kuat Yessenov <kuat@google.com> * merge 1.0 to master * Update API SHA (#1891) * add needed dependencies for circle ci * Remove fallback for attribute builder when authn filter is not available (#1887) * Update Envoy SHA to latest with ORIGINAL_DST_LB fix. (#1894) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Using request dynamic metadata to pass data from JWT filter to authn filter. (#1893) * Using dynamicMetadata to pass data between filters instead of headers * Lint * Populate authn result to dynamic data only. * Integration test for authn * Clean up and verify all tests * Remove unused test configs * Address reviews * Lint * Add the groups claim to the attribute request.auth.groups (#1896) * Add the groups JWT claims to the attribute request.auth.groups * Fix lint errors * Simplify the code * Fix lint error * Simplify the code * Add a test * Fix the test error * add context.proxy_error_code to report attributes (#1897) * Add integration test with JWT+AuthN+Mixer filter chain (#1899) * Add integration test with JWT+AuthN+Mixer filter chain * Lint * Rename helper function * Lint * Review * send rbac shadow policies metrics to mixer (#1900) * send rbac shadow policies metrics to mixer * rename shadow -> permissive * address comments * address comments * address comments * Use dynamic metadata to for authentication filter output. (#1901) * Use dynamic metadata to for authentication filter output. * Clean up comments. * Lint * Reviews * Lint * Fix test * Remove mis-type * Lint * Add two new attributes: request.url_path and request.queries (#1837) * Add two new attributes: request.url_path and request.queries * Update api in repositories.bzl * update ENVOY_SHA (#1904) * update ENVOY_SHA * change WORKSPACE file * skip empty sni (#1909) Signed-off-by: Kuat Yessenov <kuat@google.com> * add rbac filter to istio http integration test. (#1907) * add rbac filter to istio http integration test. * rename issueer for rbac test. * Fix macOS build on CircleCI. (#1916) Apparently, automake is now installed automatically, which broke the brew install step. Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Install clang-format in the build image used by CircleCI. (#1917) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Provide source version information in the binary. (#1915) Before: $ bazel-bin/src/envoy/envoy --version bazel-bin/src/envoy/envoy version: 0/1.8.0-dev//DEBUG After: $ bazel-bin/src/envoy/envoy --version bazel-bin/src/envoy/envoy version: f315a32fc7c6f727fc9645cc1ca27d4160c1d0e0/1.8.0-dev/Clean/DEBUG Fixes #1803. Signed-off-by: Piotr Sikora <piotrsikora@google.com> * fixed broken links to dev guide and contribution guide (#1913) * Update clang to 6.0 and use it for release binaries. (#1914) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Update Envoy SHA to latest with LcTrie optimizations. (#1918) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * add debug logs for collecting rbac attributes (#1922) * populate source user without authn (#1926) Signed-off-by: Kuat Yessenov <kuat@google.com> * update API sha. (#1927) * Add a check cache test for string map sub keys (#1931) Signed-off-by: Wayne Zhang <qiwzhang@google.com> * update Envoy SHA
- Loading branch information