Air release 1.23.4 airbnb1 #7
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…builder/tree/c4b2830c95b537e3a70b1b5c83b529ab3eb2d3ae (istio#52117) Signed-off-by: Benjamin Leggett <[email protected]> Co-authored-by: Benjamin Leggett <[email protected]>
`chart.enabled` is pretty standard across the ecosystem, Istio itself in other places, and Helm recommendations (https://helm.sh/docs/topics/charts/#tags-and-condition-fields-in-dependencies) Co-authored-by: John Howard <[email protected]>
…52126) * [release-1.23] Update master to release-1.23 plus update-deps * Run bin/update_deps.sh
…tio#52157) * initial fix for jsonpatch problems Signed-off-by: ilrudie <[email protected]> * add clarifying comment about why dropping second patch in resolveConflict is ok Signed-off-by: ilrudie <[email protected]> --------- Signed-off-by: ilrudie <[email protected]> Co-authored-by: ilrudie <[email protected]>
…stio#52165) Co-authored-by: istio-testing <[email protected]>
* Make new stat regex backwards compatible * Small optimize * One more cleanup --------- Signed-off-by: Keith Mattix II <[email protected]>
* add default retry policy for inbound routes Signed-off-by: Rama Chavali <[email protected]> * fix version Signed-off-by: Rama Chavali <[email protected]> --------- Signed-off-by: Rama Chavali <[email protected]>
Signed-off-by: ilrudie <[email protected]>
…stio#52193) * align v2 autoallocate behavior with existing behavior * revert label key change --------- Signed-off-by: ilrudie <[email protected]>
…stio#52189) (istio#52197) See test case for details. The problem is we key on IP address; this is not a unique key. This means a random WE will 'win' the slot, giving us a 50/50 chance we only compare to ourselves, realize there was no change, and skip the push. Interestingly, the comment notes the key is not unique! I believe that over time the code was refactored to make the uniqueness critcal to correctness, whereas before it was not. (cherry picked from commit a84cfbd)
Signed-off-by: Antoine Deschênes <[email protected]> Co-authored-by: Antoine Deschênes <[email protected]>
…2173) * Work around netlink bug on ipset create error Signed-off-by: Benjamin Leggett <[email protected]> * See if we can test this Signed-off-by: Benjamin Leggett <[email protected]> * fmt Signed-off-by: Benjamin Leggett <[email protected]> * Fixup Signed-off-by: Benjamin Leggett <[email protected]> * tidy Signed-off-by: Benjamin Leggett <[email protected]> * Drop log we don't need Signed-off-by: Benjamin Leggett <[email protected]> * Fixup Signed-off-by: Benjamin Leggett <[email protected]> * Remove env we don't use, actually test this correctly, add relnote Signed-off-by: Benjamin Leggett <[email protected]> * comments Signed-off-by: Benjamin Leggett <[email protected]> --------- Signed-off-by: Benjamin Leggett <[email protected]> Co-authored-by: Benjamin Leggett <[email protected]>
* Drop SupportedFeatures from gateway-api This field provides no value but causes a lot of harm: * kubernetes-sigs/gateway-api#3200 (comment) * istio#50851 * add note --------- Co-authored-by: John Howard <[email protected]>
* Fix http_conn_manager stats Signed-off-by: Keith Mattix II <[email protected]> * Make gen Signed-off-by: Keith Mattix II <[email protected]> * Fix lint Signed-off-by: Keith Mattix II <[email protected]> * Make lint and gen Signed-off-by: Keith Mattix II <[email protected]> --------- Signed-off-by: Keith Mattix II <[email protected]> Co-authored-by: Keith Mattix II <[email protected]>
…stener (istio#52249) * networking: match multiple VIPs in sidecar outbound listener (istio#51967) * networking: match multiple addresses in sidecar outbound listener Signed-off-by: Jacek Ewertowski <[email protected]> * Add unit tests for GetAllAddressesForProxy Signed-off-by: Jacek Ewertowski <[email protected]> * Refactor buildSidecarOutboundListener Signed-off-by: Jacek Ewertowski <[email protected]> * Add an integration test Signed-off-by: Jacek Ewertowski <[email protected]> * Add a release note Signed-off-by: Jacek Ewertowski <[email protected]> * Refactor GetAllAddressesForProxy Signed-off-by: Jacek Ewertowski <[email protected]> * Fix linter error Signed-off-by: Jacek Ewertowski <[email protected]> * Revert removal svcExtraListenAddresses variable Signed-off-by: Jacek Ewertowski <[email protected]> * Fix unit tests Signed-off-by: Jacek Ewertowski <[email protected]> * Refactoring Signed-off-by: Jacek Ewertowski <[email protected]> * Fix TestEDSOverlapping Signed-off-by: Jacek Ewertowski <[email protected]> * Skip testServiceEntryWithMultipleVIPs in ambient mode Signed-off-by: Jacek Ewertowski <[email protected]> * Fix TestEDSUnhealthyEndpoints Signed-off-by: Jacek Ewertowski <[email protected]> * Add test case for ServiceEntry with resolution NONE and multiple VIPs Signed-off-by: Jacek Ewertowski <[email protected]> * Fix lint error Signed-off-by: Jacek Ewertowski <[email protected]> * Fix linter errors Signed-off-by: Jacek Ewertowski <[email protected]> * Fix lint error Signed-off-by: Jacek Ewertowski <[email protected]> * Generate service with all ports Signed-off-by: Jacek Ewertowski <[email protected]> * do not create service instance for each hostname/address pair Signed-off-by: Jacek Ewertowski <[email protected]> * Refactor GetExtraAddressesForProxy and revert removal of its usage from buildSidecarOutboundListener Signed-off-by: Jacek Ewertowski <[email protected]> * Fix listenerBindings.Extra() Signed-off-by: Jacek Ewertowski <[email protected]> * Handle IPv6 prefix length Signed-off-by: Jacek Ewertowski <[email protected]> * Check address' family only if a proxy supports given family Signed-off-by: Jacek Ewertowski <[email protected]> * Update a comment Signed-off-by: Jacek Ewertowski <[email protected]> * Refactor getAllAddressesForProxy Signed-off-by: Jacek Ewertowski <[email protected]> --------- Signed-off-by: Jacek Ewertowski <[email protected]> * Revert unintentional change of a comment Signed-off-by: Jacek Ewertowski <[email protected]> --------- Signed-off-by: Jacek Ewertowski <[email protected]>
Fixes istio#51340 Co-authored-by: John Howard <[email protected]>
* convert httpbin to go-based * remove httpbin-vault.yaml which is unused * address other areas httpbin is used --------- Signed-off-by: Daniel Hawton <[email protected]> Co-authored-by: Daniel Hawton <[email protected]>
* Manual backport of istio#53624 Signed-off-by: Benjamin Leggett <[email protected]> * Do the proto dance Signed-off-by: Benjamin Leggett <[email protected]> --------- Signed-off-by: Benjamin Leggett <[email protected]>
…arshal errors (istio#53808) Signed-off-by: Keith Mattix II <[email protected]> Co-authored-by: Keith Mattix II <[email protected]>
…ed error messages (istio#53983) * return error instead of just logging it and add detailed error messages * add test coverage for NewWebhook parsing config error --------- Co-authored-by: Jeremy L. Morris <[email protected]>
Co-authored-by: Jeremy L. Morris <[email protected]>
If the meshConfig has h2Upgrade set and DR has useClientProtocol, the h2Upgrade is done. This is not according to the Istio Docs, which says `when useClientProtocol is set set to true, h2_upgrade_policy will be ineffective i.e. the client connections will not be upgraded to http2.` This PR corrects this behavior. Signed-off-by: Anurag Aggarwal <[email protected]> Co-authored-by: Anurag Aggarwal <[email protected]>
* Fix merge duration influence source * Fix merge duration influence source * Should be dst timeout duration not be polluted * fix lint * remove clone timeout duration before merge * Simplify replace * Add relase note --------- Signed-off-by: Zhonghu Xu <[email protected]>
… annotations (#… (istio#54185) * fix(helm): render service account properly when adding annotations (istio#53989) * fix(helm): render service account annotations properly * Add release notes * make gen Signed-off-by: Ian Rudie <[email protected]> --------- Signed-off-by: Ian Rudie <[email protected]> Co-authored-by: Satbir Chahal <[email protected]>
Signed-off-by: Rama Chavali <[email protected]> Co-authored-by: Rama Chavali <[email protected]>
* initial * clean * lint --------- Co-authored-by: John Howard <[email protected]>
Signed-off-by: Brenden Blanco <[email protected]>
This CL supports inline multi-values header in the AuthzPolicy header match in Istio by using the Envoy safe regex match. Note that only developer access traffic will be using this header match AuthzPolicy. See the design doc: https://docs.google.com/document/d/1Q8mkHOwkL76ciQr27uXRQVi_pFWV3yB2eDRQpKp5pPs/edit#heading=h.3labvasnbv1d Change-Id: Ieee91cae196b2f9b57796115a71543cef199dc0d Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/3622 Reviewed-by: Ying Zhu <[email protected]> Reviewed-by: Douglas Jordan <[email protected]> Reviewed-by: Weibo He <[email protected]> Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/7210 Reviewed-by: Edie Yang <[email protected]>
As suggested in the Istio slack, this hack is due to the fact that the flag to remove protocol sniffing was removed. Change-Id: Ic5c34cf11770bcf4fc844f8d674643a52ce62f78 Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/6343 Reviewed-by: Bhasker Hariharan <[email protected]> Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/7211 Reviewed-by: Douglas Jordan <[email protected]>
Fixes istio#53452. Change-Id: I28303864631b54215e534f00840005df288bcfc7 Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/6970 Reviewed-by: Bhasker Hariharan <[email protected]> Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/7214 Reviewed-by: Douglas Jordan <[email protected]>
The debounce metric should be emitted when we set the free to false, and reset the debounced events to 0, because that's when the next startDebounce starts counting. Change-Id: Ic2c99632f10f0440f5d302ee5cd5385bc6aa6834 Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/4583 Reviewed-by: Douglas Jordan <[email protected]> Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/7215
Backported from istio#52801. Change-Id: I27de5b48495276fa452250bb388d899326d6a8ec Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/6986 Reviewed-by: Ilya Pronin <[email protected]> Reviewed-by: Rushy Panchal <[email protected]> Reviewed-by: Wei Tie <[email protected]> Reviewed-on: https://gerrit.musta.ch/c/public/istio/+/7218 Reviewed-by: Douglas Jordan <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Please provide a description of this PR:
To help us figure out who should review this PR, please put an X in all the areas that this PR affects.
Please check any characteristics that apply to this pull request.