Ben Leggett

icon company @edera-dev icon location Within The Bromley Contingent icon location I like complicated things and deleting code. Strong Sega kid vibes.

Results 71 issues of Ben Leggett

`ipset` creation error parsing seems broken

1 comment

1. Manually create an ipset named `my-special-ipset` 2. Run the following code: ``` err := netlink.IpsetCreate("my-special-ipset, "hash:ip", netlink.IpsetCreateOptions{Comments: true, Replace: true, Family: family}) log.Debugf("IPSET ERROR IS: %s", err) if err...

KAS RSA keys should be deprecated in favor of EC keys in the spec

1. Right now, TDF uses an RSA keypair for wrapping. 2. EC is smaller, faster, and more secure than RSA - TDF should use EC keys, there is no good...

enhancement

`rust` module can't load tree-sitter grammar when `+tree-sitter` option enabled on non-x86 emacs builds

1 comment

### I confirm that... - [X] I have searched the [issue tracker](https://github.com/doomemacs/doomemacs/issues), [documentation](https://docs.doomemacs.org), [FAQ](https://docs.doomemacs.org/-/faq), [Discourse](https://discourse.doomemacs.org), and [Google](https://google.com), in case this issue has already been reported/resolved. - [X] I have read...

module:lang/rust
is:upstream
module:tools/tree-sitter

Some combination of `docker` and `k3d` versions may require `K3D_FIX_MOUNTS` for `istio-cni` to function

Without K3D_FIX_MOUNTS=1, the following mount error is produced when `istio-cni` is scheduled: > Error: failed to generate container "667e605ba636efcce61e601834ade912448cbc6a212c75a5f12b7aeb08590f6f" spec: failed to generate spec: path "/var/run/netns" is mounted on "/var/run"...

authz-tcp doctest flake

1 comment

This was not-fixed by https://github.com/istio/istio.io/pull/15474#issuecomment-2258801446 (but the fact that we had a commented "make sure we nuke the env because preceeding tests aren't cleaning up" is suspicious) The flake is...

Better signalling if `istiod` instance CA cert expires

1 comment

**Describe the feature request** If there are multiple `istiod` instances deployed, and for some environmental reason one of the instances does not get a renewed CA cert issued to it,...

kind/enhancement
area/security
area/perf and scalability

Deprecate `EnableDualStack`

12 comment

**Describe the feature request** In `istiod` and other spots + tests we have the flag `EnableDualStack`. This flag should be entirely deprecated. - K8S decides whether we are dual stack...

kind/enhancement
area/networking
area/dual-stack

drop `spire-sleep`/`spire-curl` sample usage from SPIRE doc

See https://github.com/istio/istio/pull/53381#discussion_r1785385785 for context. We really don't need a copypasted `curl` sample for this, it's the regular one with ~2 labels/annos added. We should delete the unique sample and use...

Add bleggett to docs/infra group

I'm semi-familiar with the docs infra stuff at this point, and I feel like we need more hands there specifically, so this makes sense to me. I'd also be OK...

size/XS

Come up with consistent rules about what kinds of resources ` istio.io/rev` should be applied to

1 comment

### Is this the right place to submit this? - [X] This is not a security vulnerability or a crashing bug - [X] This is not a question about how...

area/environments
area/user experience
lifecycle/stale