Add authorize Monitor connection elements. #1333
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…Server chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
| @@ -117,6 +119,16 @@ func WithAuthorizeServer(authorizeServer networkservice.NetworkServiceServer) Op | |||
| } | |||
| } | |||
|
|
|||
| // WithAuthorizeMonitorServer sets authorization MonitorConnectionServer chain element | |||
| func WithAuthorizeMonitorServer(authorizeMonitorServer networkservice.MonitorConnectionServer) Option { | |||
There was a problem hiding this comment.
Please apply for other places
Suggested change
| func WithAuthorizeMonitorServer(authorizeMonitorServer networkservice.MonitorConnectionServer) Option { | |
| func WithAuthorizeMonitorConnectionServer(authorizeMonitorServer networkservice.MonitorConnectionServer) Option { |
Comment on lines
75
to
77
| for _, v := range in.PathSegments { | ||
| seg = append(seg, v.GetId()) | ||
| } |
There was a problem hiding this comment.
Please check only previous segment.
Comment on lines
22
to
26
| conn_ids := [y | y = input.spiffe_id_connection_map[input.service_spiffe_id][_]] | ||
| count(input.path_segments) > 0 | ||
| count(conn_ids) > 0 | ||
| conn_ids == input.path_segments | ||
| } |
There was a problem hiding this comment.
Please note: the client is always previous segment. Please check only previous id.
Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
| @@ -55,7 +54,8 @@ func pemEncodingX509Cert(cert *x509.Certificate) string { | |||
| return string(certpem) | |||
| } | |||
|
|
|||
| func parseX509Cert(authInfo credentials.AuthInfo) *x509.Certificate { | |||
| // ParseX509Cert - parses x509 certificate from the passed credentials.AuthInfo | |||
| func ParseX509Cert(authInfo credentials.AuthInfo) *x509.Certificate { | |||
There was a problem hiding this comment.
I use this method in other package.
| ids = &spire.ConnectionIDSet{} | ||
| } | ||
| var placer struct{} | ||
| ids.Store(connID, placer) |
There was a problem hiding this comment.
Suggested change
| ids.Store(connID, placer) | |
| ids.Store(connID, struct{}{}) |
Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
| @@ -0,0 +1,36 @@ | |||
| // Copyright (c) 2022 Cisco and/or its affiliates. | |||
There was a problem hiding this comment.
this file can be removed
There was a problem hiding this comment.
removed
Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
denis-tingaikin
approved these changes
Jul 28, 2022
nsmbot
pushed a commit
to networkservicemesh/sdk-kernel
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-ipam-vl3
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-registry-memory
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nsc-init
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nse-remote-vlan
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-map-ip-k8s
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-cluster-info-k8s
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-registry-proxy-dns
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nsmgr
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nsmgr-proxy
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-nse-vfio
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/sdk-k8s
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
nsmbot
pushed a commit
to networkservicemesh/cmd-admission-webhook-k8s
that referenced
this pull request
Jul 28, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
This was referenced Jul 28, 2022
This was referenced Jul 28, 2022
nsmbot
pushed a commit
to networkservicemesh/cmd-registry-proxy-dns
that referenced
this pull request
Jul 29, 2022
…k@main PR link: networkservicemesh/sdk#1333 Commit: 990b341 Author: anastasia-malysheva Date: 2022-07-28 19:53:47 +0700 Message: - Add authorize Monitor connection elements. (#1333) * Add authorize Monitor connection elements. Add next monitorConnectionServer chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain. Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * rename options Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com> * update auth monitor police Signed-off-by: NSMBot <nsmbot@networkservicmesh.io>
13 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…Server chain element. Add options to enable mointor authorize element. Add unit tests. Turn off authorize monitor by default in the network service chain.
Signed-off-by: anastasia.malysheva anastasia.malysheva@xored.com
Description
Issue link
#46
How Has This Been Tested?
Types of changes