* pkg/storage/redis: use SANs cert
Since go1.15, X.509 CommonName is deprecated, switch to a SANs
certificate for test redis TLS.
While at it, add instruction to genearte cert and build test image.
See: https://golang.org/doc/go1.15#commonname
* config: do not test for exact route id
Different go version can genearte different route id, due to the fact
that we are relying on xxhash.
* internal/controlplane: mocking policy name in test
We don't have to test for exact policy name, as it does not make sense
and force us to change test every new go release.
Co-authored-by: Cuong Manh Le <cuong.manhle.vn@gmail.com>
* xds: use plain functions, add unit tests for control plane routes
* xds: add test for grpc routes
* xds: add test for pomerium http routes
* xds: add test for policy routes
* xds: use plain functions
* xds: test get all routeable domains
* xds: add build downstream tls context test
* more tests
* test for client cert
* more tests
* envoy: support autocert
* envoy: fallback to http host routing if sni fails to match
* update comment
* envoy: renew certs when necessary
* fix tests
