Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of DNS token doc updates into release/1.17.x #19618

Merged
merged 139 commits into from
Nov 13, 2023
Merged

Backport of DNS token doc updates into release/1.17.x #19618

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
139 commits
Select commit Hold shift + click to select a range
20d1fb8
server: run the api checks against the path without params (#19205)
rboyer Oct 13, 2023
3d1a606
Clone proto into deepcopy correctly (#19204)
thisisnotashwin Oct 13, 2023
9b0f4b7
chore: update version and nightly CI for 1.17 (#19208)
zalimeni Oct 13, 2023
e94d6ce
mesh: add validation hook to proxy configuration (#19186)
ishustava Oct 13, 2023
2ea33e9
mesh: add more validations to Destinations resource (#19202)
ishustava Oct 13, 2023
105ebfd
catalog, mesh: implement missing ACL hooks (#19143)
ishustava Oct 13, 2023
a7fbd00
NET-5073 - ProxyConfiguration: implement various connection options (…
jmurret Oct 14, 2023
3716b69
Relplat 897 copywrite bot workarounds (#19200)
modrake Oct 16, 2023
6c7d075
mesh: add xRoute ACL hook tenancy tests (#19177)
rboyer Oct 16, 2023
ad17769
resource: enforce lowercase v2 resource names (#19218)
analogue Oct 16, 2023
df8ea43
mesh: add DestinationPolicy ACL hook tenancy tests (#19178)
rboyer Oct 16, 2023
6741392
catalog: add FailoverPolicy ACL hook tenancy test (#19179)
rboyer Oct 16, 2023
dcd5930
docs: Multi-port corrections (#19224)
boruszak Oct 16, 2023
b81c862
Add reason why port 53 is not used by default (#19222)
Oct 16, 2023
4c5a46e
v2tenancy: rename v1alpha1 -> v2beta1 (#19227)
analogue Oct 16, 2023
8eb074e
[NET-5944] security: Update Go version to 1.20.10 and `x/net` to 0.17…
zalimeni Oct 16, 2023
9f4f99c
NET-6097 - sidecar proxy controller - give name to first failover pol…
jmurret Oct 17, 2023
a6c990c
Cc 5545: Upgrade HDS packages and modifiers (#19226)
chris-hut Oct 17, 2023
b78465b
[NET-5810] CE changes for multiple virtual hosts (#19246)
jm96441n Oct 17, 2023
61bd08c
Net 4893- Ensure we're testing all the latest versions of Vault/Nomad…
sophie-gairo Oct 17, 2023
9976e08
docs: Fix example control-plane-request-limit HCL and JSON (#19105)
blake Oct 17, 2023
9b719e6
test: add 1.17 nightly integrations test (#19253)
DanStough Oct 17, 2023
51b58cd
fix expose paths (#19257)
ndhanushkodi Oct 17, 2023
c4d6d4d
docs: Multiport HCP constraint update (#19261)
boruszak Oct 17, 2023
16f0a24
docs: Fix multi-port install (#19262)
Oct 17, 2023
f45be22
Prevent circular dependencies between v2 resources and generate a mer…
erichaberkorn Oct 18, 2023
a94c013
build(docker): always publish full and minor version tags for dev ima…
DanStough Oct 18, 2023
d52ee6a
fix nightly integration test: envoy version and n-2 version (#19286)
huikang Oct 18, 2023
5e517c5
[NET-6221] Ensure LB policy set for locality-aware routing (CE) (#19283)
zalimeni Oct 19, 2023
2bd38d8
fix: allow snake case keys for ip based rate limit config entry (#19277)
JadhavPoonam Oct 19, 2023
e5a49bf
reformatted the JSON schema server conf ref (#19288)
trujillo-adam Oct 19, 2023
dfea3a0
acls,catalog,mesh: properly authorize workload selectors on writes (#…
ishustava Oct 19, 2023
ef27bc2
NET-6239: Temporarily disable verify envoy check (#19299)
NiniOak Oct 19, 2023
681aef3
Update supported Envoy versions (#19276)
cthain Oct 19, 2023
def66dd
mesh: provide missing domain to route configurations in ProxyStateTem…
ndhanushkodi Oct 19, 2023
6ffcf28
enable verify envoy script (#19303)
NiniOak Oct 19, 2023
9d00b13
Vault CA bugfixes (#19285)
Oct 20, 2023
b1871fd
Backout Envoy 1.28.0 (#19306)
cthain Oct 20, 2023
1280f45
added ent to ce downgrade changes (#19311)
aahel Oct 20, 2023
b962d91
skip envoy version check in ci (#19315)
NiniOak Oct 20, 2023
d5c9f11
Tenancy Bridge v2 (#19220)
dhiaayachi Oct 20, 2023
27f649c
remove branch name causing conflicts (#19319)
NiniOak Oct 20, 2023
809bf1d
mesh: ensure route configs are named uniquely per port (#19323)
ishustava Oct 20, 2023
46804c0
[NET-5327] Templated policies api/cli docs (#19270)
roncodingenthusiast Oct 23, 2023
fea35e6
More templated policies docs (#19312)
roncodingenthusiast Oct 23, 2023
62dec7e
Fixing docs to add more templated policies references (#19335)
roncodingenthusiast Oct 23, 2023
ee2f046
Upgrade Consul UI to Node 18 (#19252)
chris-hut Oct 23, 2023
96606d1
resource: default peername to local in list endpoints (#19340)
analogue Oct 23, 2023
48c4a5b
Add grpc keepalive configuration. (#19339)
hashi-derek Oct 24, 2023
12ef115
bump raft-wal version to 0.4.1 (#19314)
dhiaayachi Oct 24, 2023
9775758
NET-5397 - wire up destination golden tests from sidecar-proxy contro…
jmurret Oct 24, 2023
9417fc2
gvk partial inference (#19058)
wangxinyi7 Oct 24, 2023
59d4962
NET-6079 - wire up sidecarproxy golden file inputs into xds controlle…
jmurret Oct 24, 2023
abbf858
NET-6080 - xds controller golden file inputs into xds resources - des…
jmurret Oct 24, 2023
dc00be0
NET-6081 - xds controller golden file inputs into xds resources - sou…
jmurret Oct 24, 2023
e414cbe
Use strict DNS for mesh gateways with hostnames (#19268)
Oct 24, 2023
a7803bd
[NET-6305] xds: Ensure v2 route match and protocol are populated for …
zalimeni Oct 25, 2023
6360c74
Add clarification for route match behavior (#19363)
Oct 25, 2023
6d5c01e
Fix 1.17.x release notes and added templated policies (#19370)
roncodingenthusiast Oct 25, 2023
0fefaa6
docs - release notes (add enterprise label and example of non compati…
Oct 26, 2023
b5023b6
feat: read resource namespace (#19320)
JadhavPoonam Oct 26, 2023
0295b95
Net 5875 - Create the Exported Services Resources (#19117)
absolutelightning Oct 26, 2023
1806bcb
test: add missing tests for list endpoint (#19364)
JadhavPoonam Oct 26, 2023
4096c96
Add enterprise label for rate limiting (#19384)
Oct 26, 2023
3b806d4
test deployer: fix a bug when deploying cluster with various ent imag…
huikang Oct 26, 2023
ea91e58
Stop use of templated-policy and templated-policy-file simultaneously…
roncodingenthusiast Oct 26, 2023
5698353
Resource Hook Pre-Decode Utilities (#18548)
mkeeler Oct 26, 2023
0abd96c
resource: resource service now checks for `v2tenancy` feature flag (#…
analogue Oct 27, 2023
01bfa2c
Fix casing in example yaml config (#19369)
nathancoleman Oct 27, 2023
1a6225a
Delete unused files (#19402)
Oct 27, 2023
f0cf8f2
NET-6294 - v1 Agentless proxycfg datasource errors after v2 changes (…
jmurret Oct 27, 2023
3350a91
increasing unit tests timeout from 10m to 30m (#19423)
jmurret Oct 27, 2023
42647de
[NET-6138] security: Bump `google.golang.org/grpc` to 1.56.3 (CVE-202…
zalimeni Oct 30, 2023
e18901b
Update multi-port examples to remove spec.template.metadata.name (#19…
im2nguyen Oct 30, 2023
4b26ed8
integ test: snapshot mesh frozen bug test (#19435)
huikang Oct 30, 2023
7a5d0a6
docs - Update k8s compat matrix (#19378)
Oct 31, 2023
54717e6
Update README.md (#19413)
Oct 31, 2023
97d92ad
Fix typo in kind for JWT config on API Gateway (#19441)
nathancoleman Oct 31, 2023
ca655ca
NET-5186 Add NET_BIND_SERVICE capability to consul-dataplane requirem…
nathancoleman Oct 31, 2023
65605c5
added redirect for conf entries 1.8.x (#19460)
trujillo-adam Nov 1, 2023
413e2a7
Update docs for service splitter example typo (#19469)
jm96441n Nov 1, 2023
815c52a
Regen expired test certs (#19476)
analogue Nov 2, 2023
bb3d5a1
build: ensure we pull through the hashicorp proxy instead of going di…
rboyer Nov 2, 2023
896d8f5
temporarily disallow L7 traffic permissions (#19322)
skpratt Nov 2, 2023
77e9a50
Source / local_app golden tests to include all protocols. (#19436)
jmurret Nov 2, 2023
8f4c437
[NET-5916] Fix locality-aware routing config and tests (CE) (#19483)
hashi-derek Nov 2, 2023
a72f868
testing/deployer: update deployer to use v2 catalog constructs when r…
rboyer Nov 2, 2023
aaac20f
resource: misc finalizer apis (#19474)
analogue Nov 2, 2023
4b85aa5
testing/deployer: support tproxy in v2 for dataplane (#19094)
rboyer Nov 2, 2023
2bc0bc3
update v2 changelog (#19446)
ndhanushkodi Nov 2, 2023
d94d316
NET-6319 - L7 routes have statePrefix of upstream. and should have a …
jmurret Nov 3, 2023
ef35525
resource: finalizer aware delete endpoint (2 of 5) (#19493)
analogue Nov 3, 2023
fd128f4
build: dependency updates for 1.17.0 (#19453)
DanStough Nov 3, 2023
65592d9
chore: apply enterprise changes that were missed to some testing file…
rboyer Nov 3, 2023
c3c836e
Net-6291/fix/watch resources (#19467)
JadhavPoonam Nov 3, 2023
74daaa5
XDS V1 should not make runs for TCP Disco Chains. (#19496)
jmurret Nov 3, 2023
6f4e037
testing: disable v2 linkage to nodes in integration tests (#19509)
rboyer Nov 3, 2023
395d32e
Shuffle CICD tests to spread worker load. (#19501)
hashi-derek Nov 6, 2023
6baf695
[NET-6459] Fix issue with wanfed lan ip conflicts. (#19503)
hashi-derek Nov 6, 2023
e5948e8
CC-5545: Side Nav (#19342)
Nov 6, 2023
28b1469
fixed typos in redirect for api gateways (#19526)
trujillo-adam Nov 6, 2023
c9f2a6a
[NET-5916] Update locality-aware routing docs (#19529)
zalimeni Nov 6, 2023
90aa83f
[NET-5916] docs: Remove locality proxy startup section (#19534)
zalimeni Nov 6, 2023
38d9428
Ci upgrade test 1 17 (#19536)
huikang Nov 6, 2023
24df835
added 1.17 features to enterprise overview (#19514)
trujillo-adam Nov 6, 2023
5352ff9
Added tenancy tests for WorkloadHealth controller (#19530)
Ganeshrockz Nov 7, 2023
2da7dd0
v2tenancy: register tenancy controller deps (#19531)
analogue Nov 7, 2023
f115cdb
NET-6385 - Static routes that are inlined in listener filters are als…
jmurret Nov 7, 2023
64db2d9
Add kubebuilder annotations to enums (#19454)
thisisnotashwin Nov 7, 2023
a66cb58
test: fix some of the peering topology tests to safely run without te…
rboyer Nov 7, 2023
393f7a4
Fix more test flakes (#19533)
hashi-derek Nov 7, 2023
028f1d8
NET-6390 Initialize MeshGateway proto (#19548)
nathancoleman Nov 7, 2023
1f5aa83
ui: clear peer on home link (#19549)
Nov 7, 2023
4d7754a
test: update makefile to include ways to trigger deployer integration…
rboyer Nov 7, 2023
d203c0a
test: update deployer default images (#19554)
rboyer Nov 7, 2023
20f43d8
test: update certs for 10 year expiry (#19481)
DanStough Nov 7, 2023
6e2a44e
Update enterprise features table with 1.17 features (#19558)
im2nguyen Nov 7, 2023
f2f7235
Fix typo in GatewayClassConfig docs (#19563)
nathancoleman Nov 7, 2023
48d7d4a
docs: Multi-port support for v1.17 GA (#19401)
boruszak Nov 7, 2023
8d6545e
test/deployer: add the method of deregistering services (#19525)
huikang Nov 7, 2023
caaff73
add DeliverLatest as common function for use by Manager and ProxyTrac…
jmurret Nov 7, 2023
7bc2581
Migrate individual resource tests for Discovery Chains to TestAllReso…
jmurret Nov 8, 2023
985aa76
NET 6354 - Add tenancy in Node Health Controller (#19457)
absolutelightning Nov 8, 2023
09f73d1
Migrate individual resource tests for expose paths and checks to Test…
jmurret Nov 8, 2023
a7774a9
Introduce randomized timings and reproducible randomization into cont…
mkeeler Nov 8, 2023
903ff7f
Migrate individual resource tests for custom configuration to TestAll…
jmurret Nov 8, 2023
873b705
Update Helm docs for consul-k8s 1.3.0 (#19581)
nathancoleman Nov 8, 2023
5aff19f
Migrate individual resource tests for JWT Provider to TestAllResource…
jmurret Nov 8, 2023
7de0b45
Fix xds v2 from creating envoy endpoint resources when already inline…
jmurret Nov 8, 2023
a7f3069
test: add a v2 container integration test of xRoute splits (#19570)
rboyer Nov 8, 2023
2296bd5
docs: spike of info about how to use deployer topology tests (#19576)
rboyer Nov 8, 2023
515eed8
Net 6439 (#19517)
absolutelightning Nov 9, 2023
2553d6e
Migrate individual resource tests for Terminating Gateway to TestAllR…
jmurret Nov 9, 2023
4aa95f3
Migrate individual resource tests for Ingress Gateway to TestAllResou…
jmurret Nov 9, 2023
5b581e0
Update links and fix route kind for APIGW JWT Docs (#19585)
jm96441n Nov 9, 2023
1562cb9
DNS token doc updates
johnlanda Oct 6, 2023
9a049ac
backport of commit 1562cb97491a2f468eaad4b900fcf5daa512a713
johnlanda Oct 6, 2023
1d1db4e
Merge 1562cb97491a2f468eaad4b900fcf5daa512a713 into backport/dns-toke…
hc-github-team-consul-core Nov 13, 2023
f731269
backport of commit 400620e10cebdb8bbee9f4c61cd6fd5722cde489
johnlanda Nov 11, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Migrate individual resource tests for Terminating Gateway to TestAllR… 
…esourcesFromSnapshot (#19505)

migrate terminating-gateway tests to resources_test.go
  • Loading branch information
@jmurret
jmurret authored Nov 9, 2023
commit 2553d6e8b9caef07a978692098540a5202b9cef6
77 changes: 2 additions & 75 deletions agent/xds/clusters_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -563,84 +563,11 @@ func TestClustersFromSnapshot(t *testing.T) {
// TODO(proxystate): ingress gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, nil)
},
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-no-services",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, false, nil, nil)
},
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-service-subsets",
create: proxycfg.TestConfigSnapshotTerminatingGatewayServiceSubsetsWebAndCache,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-hostname-service-subsets",
create: proxycfg.TestConfigSnapshotTerminatingGatewayHostnameSubsets,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-sni",
create: proxycfg.TestConfigSnapshotTerminatingGatewaySNI,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-http2-upstream",
create: proxycfg.TestConfigSnapshotTerminatingGatewayHTTP2,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-http2-upstream-subsets",
create: proxycfg.TestConfigSnapshotTerminatingGatewaySubsetsHTTP2,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-ignore-extra-resolvers",
create: proxycfg.TestConfigSnapshotTerminatingGatewayIgnoreExtraResolvers,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-lb-config",
create: proxycfg.TestConfigSnapshotTerminatingGatewayLBConfigNoHashPolicies,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-tcp-keepalives",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, func(ns *structs.NodeService) {
if ns.Proxy.Config == nil {
ns.Proxy.Config = map[string]interface{}{}
}
ns.Proxy.Config["envoy_gateway_remote_tcp_enable_keepalive"] = true
ns.Proxy.Config["envoy_gateway_remote_tcp_keepalive_time"] = 133
ns.Proxy.Config["envoy_gateway_remote_tcp_keepalive_interval"] = 27
ns.Proxy.Config["envoy_gateway_remote_tcp_keepalive_probes"] = 5
}, nil)
},
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},

{
name: "ingress-multiple-listeners-duplicate-service",
create: proxycfg.TestConfigSnapshotIngress_MultipleListenersDuplicateService,
// TODO(proxystate): terminating gateway will come at a later time
// TODO(proxystate): ingress gateway will come at a later time
alsoRunTestForV2: false,
},
{
Expand Down
28 changes: 0 additions & 28 deletions agent/xds/endpoints_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -461,34 +461,6 @@ func TestEndpointsFromSnapshot(t *testing.T) {
// TODO(proxystate): ingress gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, nil)
},
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-no-services",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, false, nil, nil)
},
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-service-subsets",
create: proxycfg.TestConfigSnapshotTerminatingGatewayServiceSubsets,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "terminating-gateway-default-service-subset",
create: proxycfg.TestConfigSnapshotTerminatingGatewayDefaultServiceSubset,
// TODO(proxystate): terminating gateway will come at a later time
alsoRunTestForV2: false,
},
{
name: "ingress-multiple-listeners-duplicate-service",
create: proxycfg.TestConfigSnapshotIngress_MultipleListenersDuplicateService,
Expand Down
161 changes: 2 additions & 159 deletions agent/xds/listeners_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (
"github.com/hashicorp/consul/agent/xds/testcommon"
"github.com/hashicorp/consul/agent/xdsv2"
"github.com/hashicorp/consul/envoyextensions/xdscommon"
"github.com/hashicorp/consul/proto/private/pbpeering"
"github.com/hashicorp/consul/sdk/testutil"
"github.com/hashicorp/consul/types"
)
Expand Down Expand Up @@ -617,114 +616,7 @@ func TestListenersFromSnapshot(t *testing.T) {
"splitter-with-resolver-redirect-multidc", nil, nil, nil)
},
},
{
name: "terminating-gateway",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, nil)
},
},
{
name: "terminating-gateway-custom-trace-listener",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, func(ns *structs.NodeService) {
ns.Proxy.Config = map[string]interface{}{}
ns.Proxy.Config["protocol"] = "http"
ns.Proxy.Config["envoy_listener_tracing_json"] = customTraceJSON(t)
}, nil)
},
},
{
name: "terminating-gateway-with-tls-incoming-min-version",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "mesh",
Result: &structs.ConfigEntryResponse{
Entry: &structs.MeshConfigEntry{
TLS: &structs.MeshTLSConfig{
Incoming: &structs.MeshDirectionalTLSConfig{
TLSMinVersion: types.TLSv1_3,
},
},
},
},
},
})
},
},
{
name: "terminating-gateway-with-tls-incoming-max-version",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "mesh",
Result: &structs.ConfigEntryResponse{
Entry: &structs.MeshConfigEntry{
TLS: &structs.MeshTLSConfig{
Incoming: &structs.MeshDirectionalTLSConfig{
TLSMaxVersion: types.TLSv1_2,
},
},
},
},
},
})
},
},
{
name: "terminating-gateway-with-tls-incoming-cipher-suites",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "mesh",
Result: &structs.ConfigEntryResponse{
Entry: &structs.MeshConfigEntry{
TLS: &structs.MeshTLSConfig{
Incoming: &structs.MeshDirectionalTLSConfig{
CipherSuites: []types.TLSCipherSuite{
types.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
types.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
},
},
},
},
},
},
})
},
},
{
name: "terminating-gateway-no-services",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, false, nil, nil)
},
},
{
name: "terminating-gateway-custom-and-tagged-addresses",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, func(ns *structs.NodeService) {
ns.Proxy.Config = map[string]interface{}{
"envoy_gateway_no_default_bind": true,
"envoy_gateway_bind_tagged_addresses": true,
"envoy_gateway_bind_addresses": map[string]structs.ServiceAddress{
// This bind address should not get a listener due to deduplication and it sorts to the end
"z-duplicate-of-tagged-wan-addr": {
Address: "198.18.0.1",
Port: 443,
},
"foo": {
Address: "198.17.2.3",
Port: 8080,
},
},
}
}, nil)
},
},
{
name: "terminating-gateway-service-subsets",
create: proxycfg.TestConfigSnapshotTerminatingGatewayServiceSubsets,
},

{
name: "ingress-http-multiple-services",
create: proxycfg.TestConfigSnapshotIngress_HTTPMultipleServices,
Expand All @@ -733,56 +625,7 @@ func TestListenersFromSnapshot(t *testing.T) {
name: "ingress-grpc-multiple-services",
create: proxycfg.TestConfigSnapshotIngress_GRPCMultipleServices,
},
{
name: "terminating-gateway-no-api-cert",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
api := structs.NewServiceName("api", nil)
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "service-leaf:" + api.String(), // serviceLeafIDPrefix
Result: nil, // tombstone this
},
})
},
},
{
name: "terminating-gateway-with-peer-trust-bundle",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
roots, _ := proxycfg.TestCerts(t)
return proxycfg.TestConfigSnapshotTerminatingGateway(t, true, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "peer-trust-bundle:web",
Result: &pbpeering.TrustBundleListByServiceResponse{
Bundles: []*pbpeering.PeeringTrustBundle{
{
TrustDomain: "foo.bar.gov",
PeerName: "dc2",
Partition: "default",
RootPEMs: []string{
roots.Roots[0].RootCert,
},
ExportedPartition: "default",
CreateIndex: 0,
ModifyIndex: 0,
},
},
},
},
{
CorrelationID: "service-intentions:web",
Result: structs.SimplifiedIntentions{
{
SourceName: "source",
SourcePeer: "dc2",
DestinationName: "web",
DestinationPartition: "default",
Action: structs.IntentionActionAllow,
},
},
},
})
},
},

{
name: "ingress-with-tls-listener",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
Expand Down
Loading