* envoy: add support for bind_config bootstrap options
* only add upstream bind config options to individual policy clusters
* update docs for new Envoy keys
Co-authored-by: alexfornuto <alex@fornuto.com>
* tls: fallback to self-signed certificate
* remove unknown domain because certs are no longer valid
* update multi-deployment to use service-specific certificates
The `autocert_ca` and `autocert_email` options have been added to be
able to configure CAs that support the ACME protocol as an alternative
to Let's Encrypt.
Fix ProtoBuf definition for additional autocert options
Fix PR comments and add ACME EAB configuration
Add configuration option for trusted CAs when talking ACME
Fix linter issues
copy edits
render updated reference to docs
Add test for autocert manager configuration
Add tests for autocert configuration options
Fix CI build issues
Don't set empty acme.EAB struct if configuration not set
Remove required email when setting custom CA
When using a non-default CA it's no longer required
to specify an email address. I required this before,
because it seemed to cause an issue in which no certificate
was issued. The root cause was something different,
rendering the hard email requirement pointless. It's
still beneficial to specify an email, though. I changed
the text in the docs to explain that.
Update generated docs
Fix failing tests by recreation of a new ACMEManager
The default ACMEManager object was reused in multiple tests,
resulting in unexpected states when tests run in parallel.
By using a new instance for every test, this is no longer
an issue.
* wip
* wip
* handle wildcards in override name
* remove wait for ready, add comment about sync, force initial sync complete in test
* address comments
* sessions: add impersonate_session_id, remove legacy impersonation
* show impersonated user details
* fix headers
* address feedback
* only check impersonate id on non-nil pbSession
* Revert "only check impersonate id on non-nil pbSession"
This reverts commit a6f7ca5abd.
* config: add enable_google_cloud_serverless_authentication to config protobuf
* use dependency injection for embedded envoy provider
* Revert "use dependency injection for embedded envoy provider"
This reverts commit 5c08990501.
* config: attach envoy version to Config to avoid metrics depending on envoy/files
