25 commits

Author	SHA1	Message	Date
Caleb Doxsey	ae420f01c6	core/config: add config version, additional telemetry (#4645) ... * core/config: add config version, additional telemetry * typo	2023-10-27 15:16:40 -06:00
Caleb Doxsey	f63945c0ad	support loading route configuration via rds (#4098) ... * support loading route configuration via rds * fix any shadowing * fix test * add fully static option * support dynamically defined rds * fix build * downgrade opa	2023-04-17 11:20:12 -06:00
Caleb Doxsey	6af0655206	protoutil: add NewAny method for deterministic serialization (#2462)	2021-08-09 17:51:57 -06:00
Caleb Doxsey	b5b1013947	config: add client_crl (#2157) ... * config: add client_crl * address comments * add ignored file	2021-04-30 14:36:32 -06:00
wasaga	e0c09a0998	log context (#2107)	2021-04-22 10:58:13 -04:00
Caleb Doxsey	f760cdece5	envoyconfig: move most bootstrap config to shared package (#2088)	2021-04-14 12:07:49 -06:00
Caleb Doxsey	1dcccf2b56	envoy: refactor controlplane xds to new envoyconfig package (#2086)	2021-04-13 13:51:44 -06:00
Caleb Doxsey	eddabc46c7	envoy: upgrade to v1.17.1 (#1993)	2021-03-17 19:32:58 -06:00
Caleb Doxsey	a8a703218f	return errors in xds build methods (#1827)	2021-01-26 14:40:39 -07:00
wasaga	3a505d5573	expose envoy cluster options in policy (#1804)	2021-01-25 09:49:03 -05:00
Caleb Doxsey	c90eda5622	autocert: store certificates separately from config certificates (#1794)	2021-01-21 13:13:55 -07:00
Caleb Doxsey	10912add67	config: detect underlying file changes (#1775) ... * wip * cleanup * add test * use uuid for temp dir, derive root CA path from filemgr for tests * fix comment * fix double close * use latest notify	2021-01-14 18:06:02 -07:00
Caleb Doxsey	3524697f6f	use incremental API for envoy xDS (#1732) ... * use incremental API * add test * use backoff v4 * remove panic, add comment to exponential try, add test for HashProto * merge master * fix missing import	2021-01-05 12:45:55 -07:00
bobby	f837c92741	dev: update linter (#1728) ... - gofumpt everything - fix TLS MinVersion to be at least 1.2 - add octal syntax - remove newlines - fix potential decompression bomb in ecjson - remove implicit memory aliasing in for loops. Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2020-12-30 09:02:57 -08:00
Cuong Manh Le	4b3e07c5f5	internal/controlplane: mocking policy name in test ... We don't have to test for exact policy name, as it does not make sense and force us to change test every new go release.	2020-08-12 22:20:50 +07:00
Travis Groth	ee2170f5f5	config: add a consistent route ID (#905)	2020-06-16 09:20:18 -04:00
Bobby DeSimone	79d793d122	controlplane: fix missing full cert chain (#888) ... Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>	2020-06-14 17:53:02 -07:00
Caleb Doxsey	b80a419699	xds: use ipv4 address when ipv6 is disabled (#823)	2020-06-02 13:05:44 -06:00
Caleb Doxsey	8943c7c17d	xds: lazy-load root ca bundle to avoid log in version command (#778)	2020-05-26 12:00:36 -06:00
Caleb Doxsey	dedf4b1428	controlplane: xds unit tests (#770) ... * xds: use plain functions, add unit tests for control plane routes * xds: add test for grpc routes * xds: add test for pomerium http routes * xds: add test for policy routes * xds: use plain functions * xds: test get all routeable domains * xds: add build downstream tls context test * more tests * test for client cert * more tests	2020-05-25 11:14:07 -06:00
Caleb Doxsey	e854cfe83b	envoy: implement policy TLS options (#724) ... * envoy: implement policy TLS options * fix tests * log which CAs are being used	2020-05-18 16:52:51 -06:00
Caleb Doxsey	dccec1e646	envoy: support autocert (#695) ... * envoy: support autocert * envoy: fallback to http host routing if sni fails to match * update comment * envoy: renew certs when necessary * fix tests	2020-05-18 17:10:10 -04:00
Travis Groth	f5a9bad3d6	enable ipv6 grpc routing (#692)	2020-05-18 17:10:10 -04:00
Caleb Doxsey	352c2b851b	envoy: add separate proxy log level option (#689)	2020-05-18 17:10:10 -04:00
Travis Groth	99e788a9b4	envoy: Initial changes	2020-05-18 17:10:10 -04:00