Details
-
Bug
-
Resolution: Done
-
Major
-
None
-
None
-
None
Description
From rhn-support-ssadhale (In support email)
IHAC who is facing issues when configuring jwksURI in
RequestAuthentication resource for HTTPS URIs.
Error:
2021-07-22T13:56:57.275247Z warning envoy
config [external/envoy/source/common/config/grpc_subscription_impl.cc:101]
gRPC config for type.googleapis.com/envoy.api.v2.Listener rejected:
Error adding/updating listener(s) virtualInbound: Proto constraint
validation failed (JwtAuthenticationValidationError.Providers[key]:
["embedded message failed validation"] | caused by
JwtProviderValidationError.LocalJwks: ["embedded message failed
validation"] | caused by DataSourceValidationError.InlineString:
["value length must be at least " '\x01' " bytes"]): providers {
I have researched and I found out that the issue was also raised upstream
<https://github.com/istio/istio/issues/24629> and the PR
<https://github.com/istio/istio/pull/25934/files> also seems to have been
released for the istio master branch and 1.6 branch as well.
Comparing the code with our maistra 2.0 branch it does not seem to be
present but the 2.1 branch has it.
References:
1) Maistra GH 2.0
<https://github.com/maistra/istio/blob/maistra-2.0/pilot/pkg/security/authn/v1beta1/policy_applier.go>
2) Maistra GH 2.1
<https://github.com/maistra/istio/blob/maistra-2.1/pilot/pkg/security/authn/v1beta1/policy_applier.go>
Should we be creating a backport for this issue ?
Attachments
Issue Links
- is documented by
-
OSSM-2938 Release notes for OSSM 1.1.17/2.0.7 zstream release
-
- Closed
-