Compare against live rules, not just codified files

[bittelc]

Team getyourguide! Thank you all for what you've written here! I'm a huge fan. Your tool (and blog post) are addressing the exact problem I'm struggling with right now!

While I know this is a side project on your hack days time, I'd love if this repo kept moving forward!

Specifically, my biggest need right now is that the tool can run these unit tests against a living k8s environment!

Why is this an improvement:

My k8s cluster consists of a dozen different VirtualService objects. Each of those VSs are owned by the same team that manages the microservice that the VS dictates rules for (eg. microservice-a has a Deployment as well as its personal VirtualService codification). I need to enforce that no team is able to introduce a VS rule that breaks the other teams' VS routing logic.

I could do this with the current repo by passing in a dozen VS config files, each from different repos, but this is obviously unmaintainable.

I need to be able to do this:

$ istio-config-validator -t this-repos-tests.yaml --cluster-wide --kubeconfig $HOME/.kube/config

The above command would read all VirtualService objects in the living k8s cluster and run the this-repo-tests.yaml unit tests against the resulting VirtualService objects! I could implement this in a CICD script, so that I could prevent a PR merge that breaks routing functionality for a different microservice's VS.

Let me know what you think, team. I believe there may be enough time over the next month for me to help contribute to this work.