gcp_authn: simplify crypto utils #45385
Check was skipped
This check was not triggered in this CI run
Details
Request (pr/45385/main@c6a8cd4)
c6a8cd4 
#45385 merge main@86c2632
gcp_authn: simplify crypto utils
Commit Message: gcp_authn: simplify crypto utils
Additional Description:Previously my understanding was that the gcp authn filter was going to have its own sds config to specify a certificate for generating bound tokens. However, due to incompatibility with grpc, this design was scrapped in favor of just directly the cluster's client certificate.
This makes the job of the crypto util simpler since it no longer needs to verify the cert. Instead it trusts that the cluster is configured correctly (otherwise the connection will likely fail anyway--so the token wont matter), so all it needs to do is generate a fingerprint. The san matching functionality has been removed.
Risk Level: none (changing unused code)
Testing: unit tests updated
Docs Changes: none needed
Release Notes: none neededI used generative AI to create this change.
Environment
Request variables
| Key | Value |
|---|---|
| ref | 1657813 |
| sha | c6a8cd4 |
| pr | 45385 |
| base-sha | 86c2632 |
| actor | @antoniovleonti |
| message | gcp_authn: simplify crypto utils... |
| started | 1780417020.021042 |
| target-branch | main |
| trusted | false |
Build image
Container image/s (as used in this CI run)
| Key | Value |
|---|---|
| default | docker.io/envoyproxy/envoy-build:v0.1.5 |
| mobile | docker.io/envoyproxy/envoy-build:mobile-v0.1.5 |
Version
Envoy version (as used in this CI run)
| Key | Value |
|---|---|
| major | 1 |
| minor | 39 |
| patch | 0 |
| dev | true |