Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls: implement SPIFFE Certificate Validator for independent multiple trust domain support #14884

Merged
merged 46 commits into from
Mar 3, 2021
Merged

tls: implement SPIFFE Certificate Validator for independent multiple trust domain support #14884

merged 46 commits into from
Mar 3, 2021

Commits on Jan 31, 2021

  1. Add SPIFFE validator 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Jan 31, 2021
    Configuration menu
    Copy the full SHA
    ceae724 View commit details
    Browse the repository at this point in the history

Commits on Feb 1, 2021

  1. Initial impl 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 1, 2021
    Configuration menu
    Copy the full SHA
    521c3a6 View commit details
    Browse the repository at this point in the history

  2. Test 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 1, 2021
    Configuration menu
    Copy the full SHA
    d82ca2c View commit details
    Browse the repository at this point in the history

  3. Trust bundle nullcheck 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 1, 2021
    Configuration menu
    Copy the full SHA
    3e57b43 View commit details
    Browse the repository at this point in the history

Commits on Feb 2, 2021

  1. add tests 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    8476b3a View commit details
    Browse the repository at this point in the history

  2. add additional tests 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    d8c9076 View commit details
    Browse the repository at this point in the history

  3. impl addClientValidationContext and add additional tests 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    8d88b16 View commit details
    Browse the repository at this point in the history

  4. impl updateDigestForSessionId 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    0dd80aa View commit details
    Browse the repository at this point in the history

  5. fix format 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    6d2732f View commit details
    Browse the repository at this point in the history

  6. fix test build 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    e34f79c View commit details
    Browse the repository at this point in the history

Commits on Feb 3, 2021

  1. fix build failure in quic 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    6619ad7 View commit details
    Browse the repository at this point in the history

  2. Add integration test 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    ee204d0 View commit details
    Browse the repository at this point in the history

  3. Add additonal integration test 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    2f53ac2 View commit details
    Browse the repository at this point in the history

  4. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    2077588 View commit details
    Browse the repository at this point in the history

  5. Add stats 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    093cf70 View commit details
    Browse the repository at this point in the history

  6. Add doc 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    3eb65f9 View commit details
    Browse the repository at this point in the history

  7. fix doc 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    7d8514a View commit details
    Browse the repository at this point in the history

  8. fix -c opt test failure 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    1b3d256 View commit details
    Browse the repository at this point in the history

  9. fix compiletime_option build & add tests for coverage 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 3, 2021
    Configuration menu
    Copy the full SHA
    4c83dc0 View commit details
    Browse the repository at this point in the history

Commits on Feb 4, 2021

  1. increase coverage 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 4, 2021
    Configuration menu
    Copy the full SHA
    f1aa358 View commit details
    Browse the repository at this point in the history

  2. fix format 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 4, 2021
    Configuration menu
    Copy the full SHA
    8cbbbd1 View commit details
    Browse the repository at this point in the history

Commits on Feb 5, 2021

  1. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Feb 5, 2021
    Configuration menu
    Copy the full SHA
    fed1388 View commit details
    Browse the repository at this point in the history

  2. Review: define TrustDomain msg 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 5, 2021
    Configuration menu
    Copy the full SHA
    5346527 View commit details
    Browse the repository at this point in the history

Commits on Feb 7, 2021

  1. Do manual parsing instead of regexp 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 7, 2021
    Configuration menu
    Copy the full SHA
    7339c3c View commit details
    Browse the repository at this point in the history

  2. review: use envoy_cc_extensions and mv files 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 7, 2021
    Configuration menu
    Copy the full SHA
    8cfadd7 View commit details
    Browse the repository at this point in the history

Commits on Feb 8, 2021

  1. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Feb 8, 2021
    Configuration menu
    Copy the full SHA
    842fc3a View commit details
    Browse the repository at this point in the history

  2. fix doc 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 8, 2021
    Configuration menu
    Copy the full SHA
    19aa7bd View commit details
    Browse the repository at this point in the history

  3. add well_known_names.h 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 8, 2021
    Configuration menu
    Copy the full SHA
    5dc2e31 View commit details
    Browse the repository at this point in the history

  4. fix test build 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 8, 2021
    Configuration menu
    Copy the full SHA
    8c8c6b9 View commit details
    Browse the repository at this point in the history

  5. fix coverage exception 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 8, 2021
    Configuration menu
    Copy the full SHA
    81452de View commit details
    Browse the repository at this point in the history

Commits on Feb 9, 2021

  1. Revert default_validator modification 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 9, 2021
    Configuration menu
    Copy the full SHA
    306d52f View commit details
    Browse the repository at this point in the history

Commits on Feb 24, 2021

  1. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Feb 24, 2021
    Configuration menu
    Copy the full SHA
    adddac0 View commit details
    Browse the repository at this point in the history

  2. Review: style and simplification 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 24, 2021
    Configuration menu
    Copy the full SHA
    5664a31 View commit details
    Browse the repository at this point in the history

  3. Review: take min of expiration days over all certs 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 24, 2021
    Configuration menu
    Copy the full SHA
    85738e3 View commit details
    Browse the repository at this point in the history

Commits on Feb 25, 2021

  1. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Feb 25, 2021
    Configuration menu
    Copy the full SHA
    1008f1e View commit details
    Browse the repository at this point in the history

  2. Review: constify certificateValidationContext 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 25, 2021
    Configuration menu
    Copy the full SHA
    63e4901 View commit details
    Browse the repository at this point in the history

  3. Fix test build failure 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 25, 2021
    Configuration menu
    Copy the full SHA
    67024cb View commit details
    Browse the repository at this point in the history

  4. Fix mock signature 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Feb 25, 2021
    Configuration menu
    Copy the full SHA
    9825778 View commit details
    Browse the repository at this point in the history

Commits on Mar 1, 2021

  1. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Mar 1, 2021
    Configuration menu
    Copy the full SHA
    b4b084d View commit details
    Browse the repository at this point in the history

  2. review: check only URI SAN 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Mar 1, 2021
    Configuration menu
    Copy the full SHA
    e6b2c0f View commit details
    Browse the repository at this point in the history

  3. review: up_ref after append 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Mar 1, 2021
    Configuration menu
    Copy the full SHA
    cdfb3ce View commit details
    Browse the repository at this point in the history

Commits on Mar 2, 2021

  1. review: add CODEOWNER and add version history 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Mar 2, 2021
    Configuration menu
    Copy the full SHA
    88517d2 View commit details
    Browse the repository at this point in the history

  2. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Mar 2, 2021
    Configuration menu
    Copy the full SHA
    409e7d1 View commit details
    Browse the repository at this point in the history

  3. review: not only listener but also cluster 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Mar 2, 2021
    Configuration menu
    Copy the full SHA
    a75b70d View commit details
    Browse the repository at this point in the history

  4. Merge remote-tracking branch 'origin/main' into spiffe-cert

    @mathetake
    mathetake committed Mar 2, 2021
    Configuration menu
    Copy the full SHA
    dcc9634 View commit details
    Browse the repository at this point in the history

  5. fix order of new features 

    Signed-off-by: Takeshi Yoneda <takeshi@tetrate.io>
    @mathetake
    mathetake committed Mar 2, 2021
    Configuration menu
    Copy the full SHA
    684420f View commit details
    Browse the repository at this point in the history