Keith Mattix II

icon indicating an email [email protected]

icon company @microsoft icon location Dallas, TX icon location Istio @ Microsoft

Results 442 comments of Keith Mattix II

Update envoy version to v1.23, and contour to v1.22

@nshankar13 New contour version was just released!

Update envoy version to v1.23, and contour to v1.22

Approving pending green CI

Allow users to provide a CA bundle for configuring the mutatingWebhookConfiguration in OSM

@jaellio Does the current cert-rotation work enable this? My guess is no

Error when performing upgrades on v1.0.0

Doesn't the reconciler also re-create the mutatingwebhookconfiguration if it's deleted?

Error when performing upgrades on v1.0.0

The current implementation of conversion webhooks is essentially equivalent to a `None` conversion strategy. We've got the webhooks in source control, so it doesn't seem like it would be too...

Error when performing upgrades on v1.0.0

Fixed in #5065

[Research] Explore SPIFFE/SPIRE Integration

Sure, it's probably worth exploring the extent to which we may want to utilize SPIFFE/SPIRE. @trstringer your thoughts?

[Research] Explore SPIFFE/SPIRE Integration

Good idea! I added it to the description

Integrate with OpenPolicyAgent GateKeeper for unified policy definitions

Here's some background information I've gathered after some research: [OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper) is a policy enforcement engine _specifically for Kubernetes resources_. It's deployed as a validating webhook and executes potential resources...

Integrate with OpenPolicyAgent GateKeeper for unified policy definitions

@steeling's distinction is correct; Gatekeeper's value-add is strictly admission control for business policies custom to an organization. The difference between policies enforced with gatekeeper vs our own validating webhook is...