istio
Update PeerAuthentication docs
Given we seem to have decided to keep PeerAuthentication around in ambient mode, update the docs to remove the warning, and add the caveat you can't DISABLE mTLS any more.
(This may or may not be the project's decision.)
@craigbox: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:
| Test name | Commit | Details | Required | Rerun command |
|---|---|---|---|---|
| gencheck_api | a53bdf6b2daf8306d93a163e46d13bb33a5b04bf | link | unknown | /test gencheck |
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.
the gencheck test is asking me to patch a file which doesn't exist any more, since #3188 made the files into aliases.
However, make gen is failing too:
craigbox@solo-system-craigbox:~/Documents/Projects/istio-api$ make gen
./clean.sh
./gen.sh
2024/05/31 14:27:15 Generating istio.security.v1beta1.RequestAuthentication
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.WorkloadGroup
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.VirtualService
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.DestinationRule
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.WorkloadEntry
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.Sidecar
2024/05/31 14:27:15 Generating istio.networking.v1beta1.ProxyConfig
2024/05/31 14:27:15 Generating istio.security.v1beta1.AuthorizationPolicy
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.ServiceEntry
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.EnvoyFilter
2024/05/31 14:27:15 Generating istio.security.v1beta1.PeerAuthentication
2024/05/31 14:27:15 Generating istio.extensions.v1alpha1.WasmPlugin
2024/05/31 14:27:15 Generating istio.telemetry.v1alpha1.Telemetry
2024/05/31 14:27:15 Generating istio.networking.v1alpha3.Gateway
mesh/v1alpha1/config.proto:1273:12:Field "59" with name "discovery_selectors" on message "MeshConfig" changed type from "k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector" to "istio.mesh.v1alpha1.LabelSelector".
make[1]: *** [Makefile.core.mk:53: breaking] Error 100
make: *** [gen] Error 2
In response to a cherrypick label: #3184 failed to apply on top of branch "release-1.22":
Applying: Update PeerAuthentication docs for mTLS
Applying: update
Applying: update text
Applying: made gen
Applying: make gen
Applying: fix gencheck
Using index info to reconstruct a base tree...
A security/v1/peer_authentication_alias.gen.go
Falling back to patching base and 3-way merge...
CONFLICT (modify/delete): security/v1/peer_authentication_alias.gen.go deleted in HEAD and modified in fix gencheck. Version fix gencheck of security/v1/peer_authentication_alias.gen.go left in tree.
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0006 fix gencheck
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
In response to a cherrypick label: new issue created for failed cherrypick: #3250