Feat security #2643

2456868764 · 2024-03-23T08:33:21Z

No description provided.

…Options/ClientOptions (apache#2596) fixes apache#2592

)" (apache#2604) This reverts commit 19d1da0.

* fix: triple msgpack invocation * fix triple test * add msgpackCodec unit test * fix golang-ci lint * fix ineffectual assignment

…pache#2615)

fixes apache#2614

Bumps google.golang.org/protobuf from 1.27.1 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.44.0 to 1.56.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.44.0...v1.56.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/emicklei/go-restful/v3](https://github.com/emicklei/go-restful) from 3.7.3 to 3.8.0. - [Release notes](https://github.com/emicklei/go-restful/releases) - [Changelog](https://github.com/emicklei/go-restful/blob/v3/CHANGES.md) - [Commits](emicklei/go-restful@v3.7.3...v3.8.0) --- updated-dependencies: - dependency-name: github.com/emicklei/go-restful/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20211105192438-b53810dc28af to 0.17.0. - [Commits](https://github.com/golang/net/commits/v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps google.golang.org/protobuf from 1.27.1 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. - [Commits](golang/crypto@v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.44.0 to 1.56.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.44.0...v1.56.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/emicklei/go-restful/v3](https://github.com/emicklei/go-restful) from 3.7.3 to 3.8.0. - [Release notes](https://github.com/emicklei/go-restful/releases) - [Changelog](https://github.com/emicklei/go-restful/blob/v3/CHANGES.md) - [Commits](emicklei/go-restful@v3.7.3...v3.8.0) --- updated-dependencies: - dependency-name: github.com/emicklei/go-restful/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

istio/engine/rbac_test.go

README.md

istio/channel/xds_client_api_store.go

sonarcloud · 2024-05-01T02:37:13Z

Quality Gate passed

Issues
88 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.6% Duplication on New Code

See analysis details on SonarCloud

AlexStocks · 2024-05-05T09:35:33Z

为啥要攒这么大个 PR 啊？挺难 review 的 ^_^

dongjiang1989 and others added 30 commits February 19, 2024 13:19

chores: replace deprecation ioutil functions (apache#2593)

abb51f5

fix Prometheus Pushgateway can not enable (apache#2594)

e9cc9ea

feat: deep copy the configuration when instanceOptions flow to Server…

8efb9ea

…Options/ClientOptions (apache#2596) fixes apache#2592

Update github-actions.yml

cf95f22

Update github-actions.yml

1377034

Update github-actions.yml

52c8103

Revert "feat: interleaved weighted round-robin load balance (apache#2405

ae70398

)" (apache#2604) This reverts commit 19d1da0.

fix: Triple invocation with Json serialization (apache#2605)

c865c83

Add interleaved weighted round-robin and alias-method loadbalancer (a…

b645659

…pache#2606)

fix: triple msgpack invocation (apache#2613)

8a87c62

* fix: triple msgpack invocation * fix triple test * add msgpackCodec unit test * fix golang-ci lint * fix ineffectual assignment

Fix#2543, nacos App Metadata not compatible with java (apache#2563) (a…

c75b90e

…pache#2615)

fix config_center does not work for new options api (apache#2616)

333cba2

fixes apache#2614

Bump go version to 1.20 (apache#2612)

faf6f2a

fix: modify placeholder in the log(apache#2618)

b505f89

add sds/xds client and lds/rds/cds/eds protocol parse

72616f0

add ls parse to get mtls setting

51d22c3

init mtls,jwt,authn,rbac filter

3657bef

init host inbound listener

ca17e8e

init server xds option and protocol tls provider option

1183c33

fix xds provider name

81fbed7

add xds and tls provider

1621563

2456868764 added 9 commits April 4, 2024 22:09

fix jwt authn unit test

47f7e69

adjust common http2 header name

bf4bbc3

add rbac Matcher and Principal model

d33a7f2

add rbac engine

b0e8c7b

fix from headers bug

be954b3

add rbac rule model

7230ddb

delete unused info log

89390fb

add rbac models

da6a290

add request.auth.* header to attachments

da41ba0

2456868764 force-pushed the feat-security branch from e955749 to da41ba0 Compare April 7, 2024 02:27

2456868764 added 9 commits April 7, 2024 11:22

add rbac StringValueMatcher

043df2d

add rbac more unit test

4bba80c

add rbac unit test and fix bugs

cba03f7

fix rbac bug and add unit test

a39a322

remove todo

bc2514c

add new document

483b2a0

comment unused func

111b734

delete comment

8f78339

fix comments

67a34e6

AlexStocks reviewed Apr 10, 2024

View reviewed changes

istio/engine/rbac_test.go Show resolved Hide resolved

AlexStocks reviewed Apr 10, 2024

View reviewed changes

README.md Outdated Show resolved Hide resolved

2456868764 force-pushed the feat-security branch 2 times, most recently from d3e97c1 to d40b131 Compare April 24, 2024 08:48

fix ci

51e27ed

2456868764 force-pushed the feat-security branch from d40b131 to 51e27ed Compare April 24, 2024 10:22

YarBor reviewed Apr 25, 2024

View reviewed changes

istio/channel/xds_client_api_store.go Outdated Show resolved Hide resolved

EndlessSeeker mentioned this pull request Apr 26, 2024

Community weekly meeting record (2024.04.26) #2667

Open

remove rdsMutex unused field

8e9cbb6

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feat security #2643

Feat security #2643

2456868764 commented Mar 23, 2024

sonarcloud bot commented May 1, 2024

AlexStocks commented May 5, 2024

Feat security #2643

Are you sure you want to change the base?

Feat security #2643

Conversation

2456868764 commented Mar 23, 2024

sonarcloud bot commented May 1, 2024

Quality Gate passed

AlexStocks commented May 5, 2024