daml/triggers
Gary Verhaegen b4750a495c
trigger reach auth on internal network (#10844)
In many network setups, there will be a more direct route for the
trigger service to contact the auth middleware than going back through
the frontend's public IP address (and possibly thus also through
intermediaries like an nginx reverse proxy etc.). In _some_ network
setups, it may not even be possible for the trigger service to reach the
auth middleware through its externally-visible address.

This PR caters to these cases by allowing the trigger service to use two
separate addresses for the auth middleware, an internal one the trigger
service uses when it needs to talk to the auth middleware, and an
external one used in generating URLs for external clients.

This is backwards-compatible: if the old option is used, we simply use
the same value for both.

CHANGELOG_BEGIN
- The Trigger Service can now accept separate `--auth-internal` and
  `--auth-external` CLI arguments, where `--auth-internal` is the
  address used by the Trigger Service to reach the Auth Middleware
  directly, and `--auth-external` is the address the Trigger Service uses
  in generated URLs sent back to the client. The `--auth` option remains
  and keeps working as before, setting both internal and external
  addresses to the same given value.
CHANGELOG_END
2021-09-14 14:16:42 +00:00
..
daml Expose pending contracts in triggers (#10672) 2021-08-25 13:23:15 +00:00
runner [DPP-589] Add CLI flag to select minimum enabled TLS version (#10854) 2021-09-14 12:37:38 +02:00
service trigger reach auth on internal network (#10844) 2021-09-14 14:16:42 +00:00
tests [DPP-589] Add CLI flag to select minimum enabled TLS version (#10854) 2021-09-14 12:37:38 +02:00