envoyproxy
Allow to pull wasm image from insecure registry while using envoy extension policy
Description: I got an x509: certificate signed by unknown authority error because the wasm image registry was insecure while using envoy extension policy,I've read about the api docs but couldn't find where I can configure trusted registry in,so I wonder if it can be configured or is a feature to be provided? Thanks! [optional Relevant Links:] https://github.com/istio/istio/issues/36571 is a similar situation.
Hello,I would like to know if there is any way to work around this problem?All the certificates we have in test environment are untrusted,so the wasm usage now is blocked.
Hi @elvenlegolas As a temporary workaround, Can you use a HTTP code source for testing?
Hi @elvenlegolas As a temporary workaround, Can you use a HTTP code source for testing?
Ok I'll try it,btw the example wasm http url given in envoy gateway doc https://raw.githubusercontent.com/envoyproxy/envoy/main/examples/wasm-cc/lib/envoy_filter_http_wasm_example.wasm seems invalid now ,would you fix it as a reference?
Hi! I'd love to take this issue as my first open-source code contribution.
I'm a networking and security professional getting into Go and cloud-native development, and this looks like a great place to start. I'd really appreciate it if you could assign this to me.
Thanks!
@arkodg The API is in. We still need implementation.
https://github.com/envoyproxy/gateway/blob/309750a6c7157463a3dd86ff8500cb5c58e05bf0/api/v1alpha1/wasm_types.go#L131-L135
it looks like @kamxnet is no longer working on this, can I pick this up instead @zhaohuabing?
