This adds a dependency on go-spiffe in order to parse SPIFFE bundles. More specifically, that library does not yet support SPIFFE bundle maps, but it does support SPIFFE bundles. This adds parsing of these maps to grpc-go
* Draft of e2e test
* No Audit, Audit on Allow and Deny
* Audit on Allow, Audit on Deny
* fix typo
* SPIFFE related testing
* SPIFFE Id validation and certs creation script
* Address PR comments
* Wrap tests using grpctest.Tester
* Address PR comments
* Change package name to authz_test to fit other end2end tests
* Add licence header, remove SPIFFE slice
* Licence year change
* Address PR comments part 1
* Address PR comments part 2
* Address PR comments part 3
* Address PR comments final part
* Drop newline for a brace
* Address PR comments, fix outdated function comment
* Address PR comments
* Fix typo
* Remove unused var
* Address PR comment, change most test error handling to Errorf
* Address PR comments
* This will be used in certprovider tests where we would want more than one server and client certs.
* Also, updated existing usages of these certs to point to the new files.
* Also copy over the required certs/key files. This avoids the example gomodule from depending on gRPC testdata package which should be able to change independently.
* Fix interop test's SAN.
- For interoperability testing, we need the same certs everywhere.
- This was not possible before because Go could not deal with some field
being encoded as PRINTABLESTRING in the CA and UTF8STRING in the
server1 cert. However, the certs have been fixed in:
https://github.com/grpc/grpc/pull/4096
- Also changed the go root testdata cert to avoid confusion (maybe there
should not be that many copy of the certs in the repo but I will leave
this to the repo maintainers).
Arjan Singh Bal
Gregory Cooke
eshitachandwani
Nathan Baulch
erm-g
Easwar Swaminathan
ZhenLian
Jiangtao Li
Menghan Li
田欧
Julien Boeuf
iamqizhao