endpoints-controller: add workload identity to the service endpoints …

…resource
hashicorp · Aug 4, 2023 · cef3f65 · cef3f65
1 parent 0761406
commit cef3f65
Show file tree

Hide file tree

Showing 7 changed files with 62 additions and 2 deletions.
diff --git a/agent/connect/uri_service.go b/agent/connect/uri_service.go
@@ -74,7 +74,7 @@ func (id SpiffeIDIdentity) URI() *url.URL {
 	return &result
 }
 
-// SpiffeIDFromIdentityRef creates the SIFFE ID from an identity.
+// SpiffeIDFromIdentityRef creates the SPIFFE ID from an identity.
 func SpiffeIDFromIdentityRef(trustDomain string, ref *pbresource.Reference) string {
 	return SpiffeIDIdentity{
 		Host:      trustDomain,

diff --git a/internal/catalog/catalogtest/test_integration_v1alpha1.go b/internal/catalog/catalogtest/test_integration_v1alpha1.go
@@ -161,6 +161,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_PASSING,
+				Identity:     "api",
 			},
 			// api-2
 			{
@@ -175,6 +176,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-3
 			{
@@ -189,6 +191,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-4
 			{
@@ -203,6 +206,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-5
 			{
@@ -217,6 +221,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-6
 			{
@@ -231,6 +236,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-7
 			{
@@ -245,6 +251,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-8
 			{
@@ -259,6 +266,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-9
 			{
@@ -273,6 +281,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-10
 			{
@@ -287,6 +296,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-11
 			{
@@ -301,6 +311,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-12
 			{
@@ -315,6 +326,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-13
 			{
@@ -329,6 +341,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-14
 			{
@@ -343,6 +356,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-15
 			{
@@ -357,6 +371,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-16
 			{
@@ -371,6 +386,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-17
 			{
@@ -385,6 +401,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_PASSING,
+				Identity:     "api",
 			},
 			// api-18
 			{
@@ -399,6 +416,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-19
 			{
@@ -413,6 +431,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-20
 			{
@@ -427,6 +446,7 @@ func expectedApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.Servi
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 		},
 	}
@@ -445,6 +465,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_PASSING,
+				Identity:     "api",
 			},
 			// api-10
 			{
@@ -456,6 +477,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-11
 			{
@@ -467,6 +489,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-12
 			{
@@ -478,6 +501,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-13
 			{
@@ -489,6 +513,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-14
 			{
@@ -500,6 +525,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-15
 			{
@@ -511,6 +537,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-16
 			{
@@ -522,6 +549,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-17
 			{
@@ -533,6 +561,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_PASSING,
+				Identity:     "api",
 			},
 			// api-18
 			{
@@ -544,6 +573,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-19
 			{
@@ -555,6 +585,7 @@ func expectedHTTPApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"http": {Port: 8080, Protocol: pbcatalog.Protocol_PROTOCOL_HTTP},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 		},
 	}
@@ -575,6 +606,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_PASSING,
+				Identity:     "api",
 			},
 			// api-2
 			{
@@ -588,6 +620,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-3
 			{
@@ -601,6 +634,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-4
 			{
@@ -614,6 +648,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-5
 			{
@@ -627,6 +662,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-6
 			{
@@ -640,6 +676,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_WARNING,
+				Identity:     "api",
 			},
 			// api-7
 			{
@@ -653,6 +690,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-8
 			{
@@ -666,6 +704,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 			// api-9
 			{
@@ -679,6 +718,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_CRITICAL,
+				Identity:     "api",
 			},
 			// api-20
 			{
@@ -692,6 +732,7 @@ func expectedGRPCApiServiceEndpoints(t *testing.T, c *rtest.Client) *pbcatalog.S
 					"mesh": {Port: 10000, Protocol: pbcatalog.Protocol_PROTOCOL_MESH},
 				},
 				HealthStatus: pbcatalog.Health_HEALTH_MAINTENANCE,
+				Identity:     "api",
 			},
 		},
 	}