istio
/
api
mirror of https://github.com/istio/api.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,897 Commits 56 Branches 466 Tags 41 MiB
Commit Graph

118 Commits

Author SHA1 Message Date
Peter Jausovec 796ac64a96
docs: field name and minor formatting fixes (#3057) 
Signed-off-by: Peter Jausovec <peter.jausovec@solo.io>
 2024-01-19 10:39:48 -08:00
jacob-delgado 06018d723c
Run make gen with new protoc (#3051) 
* Run make gen with new protoc

* Update dependencies
 2024-01-17 09:03:58 -08:00
Yao Zengzeng b92f58bb0b
align `selector` comments of PeerAuthentication with `RequestAuthentication` and `AuthorizationPolicy` (#3031) 
* align `selector` comments of PeerAuthentication with `RequestAuthentication` and `AuthorizationPolicy`

* make gen
 2024-01-03 06:38:01 -08:00
Keith Mattix II bb3cb9c034
Add note on targetRef + authorization policy in multi-revision environment (#3021) 
Signed-off-by: Keith Mattix II <keithmattix@microsoft.com>
 2023-12-08 11:57:07 -08:00
Zhonghu Xu 7aaf411469
Added retrieve JWT from cookies support (#2997) 
* Add retrieve jwt from cookies support

* Add retrieve jwt from cookies support

* make gen
 2023-11-28 10:29:12 -08:00
Zhonghu Xu 2c49e44609
Update authz document (#2954) 
* update authorizationPolicy CUSTOM action feature status

* update authorizationPolicy CUSTOM action feature status
 2023-10-12 09:43:42 -07:00
John Howard 685ef7d06b
Migrate to protoc-gen-crd (#2941) 2023-10-05 16:16:01 -07:00
Jackie Elliott 283cc40b07
Define targetRef proto (#2888) 
* Define protobuf for PolicyTargetReference

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Add targetRef to AuthorizationPolicy, Telemetry, WasmPlugin,
ProxyConfig, and RequestAuthentication.

Need more examples.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Add examples

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Moved targetRef def to selector.proto. Removed kubebuilder
comments. Added release note for targetRef.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Add oneof to CRD protos. Add clarifying comments about intended
use of taretRef.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Remove targetRef from ProxyConfig

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Removed root namespace references and ingress gateway targetRef
examples.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Hide API changes from docs and remove examples until impl is
complete

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Remove telemtry example until impl complete

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* add clarification resource must be in same ns as policy and add
oneof to wasm plugin.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Remove oneof in to avoid go changes.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* update release note to clarify scope is limited to waypoints

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Update authorizationPolicy selector comment

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* clarify in targetRef description only waypoint is supported as a
targeted resource

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* add k8s gateway references

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Respond to PR feedback and add selector example.

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

* Address nits

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>

---------

Signed-off-by: Jackie Elliott <jaellio@microsoft.com>
 2023-09-05 15:45:52 -07:00
wulianglongrd 68bd84f7b0
fix JWT claim based routing doc (#2918) 2023-08-29 02:48:34 -07:00
Saverio Proto dc0f5cf640
Fix typo Authorizaion to Authorization (#2909) 
* Fix typo Authorizaion  to Authorization

* Update authorization_policy.proto

Fix typo from Authorizaion to Authorization
 2023-08-24 06:01:59 -07:00
Faseela K 86459b6f41
Fix AuthorizationPolicy typo (#2894) 
Signed-off-by: Faseela K <faseela.k@est.tech>
 2023-08-10 10:21:08 -07:00
John Howard 38de472a5f
Drop json schema generation (#2875) 
We only generate this for some resources and not others, and no one has
complained -- so there doesn't seem to be much value in maintaining
this, but it provides a lot of boilerplate.

Rather than "fixing" it to be used for all types, seems better to just
drop this. We already have the schema as proto and OpenAPI (via CRD).
 2023-08-02 19:44:43 -07:00
Matt Kramer 064529d3bb
chore: Fix typo in VirtualService docs (#2847) 
* Fix typo in VirtualService docs

* Run make gen
 2023-07-06 13:44:32 -07:00
AndreaM12345 f8ef33f530
fixes for Duplicate reference docs overwriting each other (#2811) 
* change page

* changes for docs to sync the needed ones

* fix tabset error

* fix spacing issue

* add checks to sync.sh to ensure mode is set

* fix changes from merge

* fix missing tabset

* fix tabset again
 2023-06-22 06:41:07 -07:00
wulianglongrd 89e0db7ec4
Add authz dry-run example (#2761) 
* add authz dry-run example

* make gen

* add experimental note
 2023-06-20 08:52:09 -07:00
Hisanobu Tomari c899271129
Replace 1.2.3.4 with RFC5737 address (#2774) (#2777) 2023-05-02 18:45:05 -07:00
jacob-delgado 209ab38ea6
Run make gen with latest tools image (#2764) 2023-04-26 07:50:28 -07:00
Faseela K e5c70bb8f3
small correction in peer auth example (#2741) 
* small correction in peer auth example

Signed-off-by: Faseela K <faseela.k@est.tech>

* address review comments

Signed-off-by: Faseela K <faseela.k@est.tech>

---------

Signed-off-by: Faseela K <faseela.k@est.tech>
 2023-03-24 06:22:00 -07:00
zirain 49a8f67e97
update `proxy_inbound_listen_port` doc (#2735) 
* update doc

* fix make gen

* fix gencheck
 2023-03-21 19:43:21 -07:00
Sathish d80de99025
Format corrections of JWTRule document (#2720) 
* Fix indentation of jwt doc

* Update comment line of jwtrule

* Fix indentation of jwt doc

* Update comment line of jwtrule

* Rebase with latest master

---------

Co-authored-by: Sathish Swaminathan <sathish.swaminathan@ibm.com>
 2023-03-13 12:07:22 -07:00
Peter Jausovec 3c7d940965
replace quotes with backticks when referring to values (#2687) 2023-02-21 13:47:33 -08:00
Eric Van Norman 7300918fbd
Fix link (#2683) 2023-02-16 10:39:23 -08:00
Eric Van Norman aa0187a0dc
Fix link (#2681) 2023-02-16 08:17:22 -08:00
Aryan Gupta b214fbae4c
small fix in authz docs (#2658) 2023-01-27 14:11:32 -08:00
Yossi Mesika 63c80143ed
Correct confusing typo in the authz policy proto (#2598) 
* Correct confusing typo in the authz policy proto

* make gen
 2022-12-15 07:28:09 -08:00
Aryan Gupta 82e7f2d88e
added L7 deny tcp info in v1 authz (#2579) 2022-12-05 13:01:05 -08:00
Aryan Gupta bd9c37f95e
security policy graduation to v1 (#2553) 2022-11-22 12:03:23 -08:00
Aryan Gupta 9c7e8716fa
copy jwt claim to header (#2570) 2022-11-17 14:44:03 -08:00
Aryan Gupta 5cbad44e0b
update authz policy docs (#2561) 2022-11-17 11:52:57 -08:00
Istio Automation f26e759dd3
Automator: update common-files@master in istio/api@master (#2523) 2022-10-21 08:24:46 -07:00
Eric Van Norman a51f8f8389
Run `make gen` with the new build-tools to generate new html (#2509) 2022-10-17 06:58:09 -07:00
Faseela K d1ffe5e901
Running make gen (#2446) 
Running make gen for some other change resulted in many additional
changes showing up in my local repo. So pushing a separate review for the same.

Signed-off-by: Faseela K <faseela.k@est.tech>
 2022-08-04 07:28:26 -07:00
Istio Automation fbb909b586
Automator: update common-files@master in istio/api@master (#2443) 2022-08-03 06:08:58 -07:00
John Howard 72aa7f8e98
Validate and fix all samples (#2413) 
* Fix broken samples

* run make gen
 2022-07-12 19:08:17 -07:00
Eric Van Norman 5294aace93
Run `make gen` with current tooling (#2409) 2022-07-06 07:17:29 -07:00
John Howard 9d336787a4
Migrate from gogo/protobuf to golang/protobuf (#2293) 
* Migrate gogo/protobuf to golang/protobuf

* generated changes

* Fixes to deepcopy
 2022-03-23 08:11:37 -07:00
Yangmin Zhu a6aeb68ad2
clarify multiple tokens case for request authentication API (#2220) 
* clarify multiple tokens case for request authentication API

* address comments
 2022-02-06 19:04:16 -08:00
Yangmin Zhu 4af825ec1a
update authz and JWT documentation (#2152) 2021-12-07 11:02:10 -08:00
Yangmin Zhu a1902f2405
update jwt based routing (#2134) 
* update jwt based routing

* update

* update

* update comment

* update comment

* add quote

* address comments

* update comment
 2021-11-08 13:38:41 -08:00
Yangmin Zhu 5eaecec55c
support x-jwt-claim in request authentication (#2105) 
* support x-jwt-claim in virtual service

* update

* update to request authN

* revert vs

* Apply suggestions from code review

Co-authored-by: Sven Mawson <sven@google.com>

* update

Co-authored-by: Sven Mawson <sven@google.com>
 2021-10-04 09:49:41 -07:00
Dhi Aurrahman f167acc88a
docs: Use fromHeaders instead of jwtHeaders field in JWTRule example (#2102) 
This patch fixes the use of jwtHeaders as a field in the example (there
is no jwtHeaders field). This is tipped by issue a comment here:
https://github.com/envoyproxy/envoy/issues/11672#issuecomment-653404950.

Signed-off-by: Dhi Aurrahman <dio@rockybars.com>
 2021-09-17 07:45:48 -07:00
Jianfei Hu 7f52510f94
Clarify request authentication root namespace scope. (#2086) 
* Clarify request authentication root namespace scope.

* typo fix.

* make gen.

* make gen.

* clarified all workloads instead.

* update with authz example.

* Update security/v1beta1/request_authentication.proto

Co-authored-by: Sven Mawson <sven@google.com>

* Update security/v1beta1/request_authentication.proto

Co-authored-by: Sven Mawson <sven@google.com>

* update the doc gen.

Co-authored-by: Lin Sun <lin.sun@solo.io>
Co-authored-by: Sven Mawson <sven@google.com>
 2021-09-14 11:39:02 -07:00
Shamsher Ansari c26b0c624c
Fix jwt rule note (#2025) 
* Fix jwt rule note

* use jwksUri for docs
 2021-06-29 23:20:52 -07:00
Istio Automation aadf1ba23c
Automator: update common-files@master in istio/api@master (#2007) 2021-05-25 17:10:56 -07:00
Tom T 2af152115f
Change snake_case to camelCase for yaml documentation (#1964) 
* Change snake_case to camelCase for yaml documentation

* Run make gen
 2021-05-03 10:10:55 -07:00
Yangmin Zhu a9c5294cac
change ext-authz feature to experimental (#1936) 2021-04-05 19:43:26 -07:00
Yangmin Zhu 8d2a4ee53a
update the ext-authz extension provider and promote to alpha (#1926) 
* ext-authz: promote to alpha

* address comments

* update comment

* address comments

* update

* address comments

* update comment
 2021-04-01 21:22:07 -07:00
Kenshin Chen a83ee6cc20
Fix AuthorizationPolicy Doc (#1895) 
* Fix AuthorizationPolicy Doc

* Fix AuthorizationPolicy Doc
 2021-04-01 20:58:42 -07:00
Ryota 1a327717c7
Add info about `portLevelMtls` requirement of workload selector with PeerAuthentication (#1928) 
* Clarify portLevelMtls requirement

* Run make gen

* Update security/v1beta1/peer_authentication.proto

Co-authored-by: Sven Mawson <sven@google.com>

* Rerun make gen

Co-authored-by: Sven Mawson <sven@google.com>
 2021-03-29 11:43:44 -07:00
Shamsher Ansari ec7ef4cd6e
Fix broken link for auth location (#1919) 2021-03-22 07:50:30 -07:00