It appears that we're using the format: binary in our VirtualService CRD for the field spec.http.directResponse.body.bytes. This is meant for raw octet input which is not possible in CRDs - and we also document that users should use base64-encoded strings. For that use case though, the format to use is byte, and using that also doesn't emit any warnings.