-
Notifications
You must be signed in to change notification settings - Fork 437
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update Auth API to support route-level auth (#1186)
* Make AuthConfig a top-level resource * More auth API refactor * Re-add and deprecate vhost field in internal ext auth config Will allow us to better serve both the deprecated config(s) and the new one. * Log number of auth configs * Add Extensions field to WeightedDestinationPlugins * Merge branch 'master' into route-level-auth # Conflicts: # projects/gloo/pkg/api/v1/plugins.pb.go # projects/gloo/pkg/bootstrap/opts.go # projects/gloo/pkg/syncer/setup_syncer.go * Changelog * Changelog * Temporarily remove auth related CLI commands * Fix changelog * Adapt CLI auth-related commands * Dep & Codegen * Correct AuthConfig CRD version * Rename auth config group * Add AuthConfig CRD to helm chart * Add AuthConfig RBAC to Helm chart * CI: don't run two compile steps in parallel * Fix RBAC tests * Fix install test * Fix uninstall test * Fix past changelog entries * Fix floating comment * Document new extension field on weighted destinations * Merge branch 'master' into route-level-auth # Conflicts: # docs/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/plugins/extauth/v1/extauth.proto.sk.md # docs/api/github.com/solo-io/gloo/projects/gloo/api/v1/plugins.proto.sk.md # projects/gloo/pkg/api/v1/api_snapshot_emitter.sk.go * Resolve conflicts with master * Fix changelog, again * Merge branch 'master' into route-level-auth * Merge branch 'master' into route-level-auth * Fix changelog after release * Fix RBAC for ingress/knative * Correct changelog * Merge branch 'master' into route-level-auth * Move away from deprecated version check utils * Merge branch 'master' into route-level-auth # Conflicts: # projects/gloo/pkg/api/v1/plugins.pb.go # projects/gloo/pkg/syncer/setup_syncer.go * Codegen
- Loading branch information
1 parent
3487417
commit 2733ec6
Showing
60 changed files
with
3,154 additions
and
1,849 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
changelog: | ||
- type: BREAKING_CHANGE | ||
description: > | ||
Update the external auth APIs to support configuring authentication/authorization on **routes and weighted | ||
destinations**, in addition to virtual hosts. The auth configuration that currently is defined directly on the | ||
virtual service/proxy resources (under virtualHostPlugins) will become a top-level solo-kit resource (in the | ||
context of Kubernetes this means **a new CRD**). Resources that need to use a particular auth configuration can | ||
now just reference the correspondent new `AuthConfig` resource. The advantages of this change are twofold: besides | ||
reducing the duplication of configuration, it guarantees the stability of secured upstreams between auth | ||
configuration updates. | ||
issueLink: https://github.com/solo-io/gloo/issues/1201 | ||
resolvesIssue: false | ||
- type: DEPENDENCY_BUMP | ||
dependencyOwner: solo-io | ||
dependencyRepo: go-utils | ||
dependencyTag: v0.10.8 | ||
description: Update go-utils to version 0.10.8. |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.