Loading...

XML

Word

Printable

Details

Type: Story
Resolution: Done-Errata
Priority: Critical
Fix Version/s: OSSM 2.4.3
Affects Version/s: OSSM 2.4.0
Component/s: Customer Impact, Maistra
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Affects:

Release Notes
Release Note Text:
Previous versions, Grpc was in techPreview. Now, for the external authorization feature has been made generally available in 2.4.0, this release adds the envoyExtAuthzGrpc field to configure an external authorization provider using the gRPC API.
Git Pull Request:
https://github.com/maistra/maistra-test-tool/pull/593, https://github.com/maistra/istio-operator/pull/1231

Target Version:

OSSM 2.4.1

SFDC Cases Links:
SFDC Cases Counter:

Description

This is required to enable External Authorization for gRPC, and to complete the external authorization story.

Related (Gateway API): https://issues.redhat.com/browse/OSSM-983

As a workaround, this field is accessible via the "techPreview" configuration today.

Acceptance criteria:

Users can deploy SMCP v2.4 with envoyExtAuthzGrpc:

apiVersion: maistra.io/v2
kind: ServiceMeshControlPlane
metadata: 
  name: basic
spec: 
  meshConfig: 
    extensionProviders: 
    - name: ext-authz
      envoyExtAuthzGrpc: 
        service: ext-authz.foo.svc.cluster.local
        port: 8000
        ...

The implementation will be almost 1:1 copy of this pull request: https://github.com/maistra/istio-operator/pull/1136.

Attachments

Issue Links

is cloned by

OSSM-4628 Casting envoyExtAuthzGrpc extension provider

Closed

links to

RHBA-2023:120107 Red Hat OpenShift Service Mesh Containers for 2.4.3

mentioned on

Merge request - Updated US source to: 821f8f4 OSSM-3979 Adding EnvoyExtAuthzGRPC to GA (#1231)

Activity

People

Assignee:: Mayleigh Myers

Reporter:: Jamie Longmuir

Contributors:: Gwynne Monahan, Praneeth Bajjuri

Votes:: 0 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Created:: 2023/05/17 8:33 PM

Updated:: 2023/09/14 5:35 PM

Resolved:: 2023/09/14 5:35 PM