Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Major
Fix Version/s: OSSM 3.0-TP2
Affects Version/s: None
Component/s: Sail Operator
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
OSSM-5
Git Pull Request:
https://gitlab.cee.redhat.com/istio/cpaas/containers-midstream/-/merge_requests/1709
Intelligence Requested:
Market:

Target Version:

OSSM 3.0-TP2

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

It would be better if the istioctl binary was created as part of a different container image than istio-pilot.

Having it contained within istio-pilot:

Increases the footprint of the container, which is undesirable, and
Introduces a potential security risk by an additional package being shipped in the container that could be exploited.

It is recognized that it would be a lot of work to create a whole new container image just for this one binary, and it would be pointless to publish such an image. Thus, instead, it has been suggested that perhaps we instead build istioctl and distribute it as part of the must-gather image.

This Jira represents researching what would be the best solution, and then implementing it. It is recognized that this change will probably mean having to make updates in the subsequent distribution systems which are involved.

is caused by

OSSM-6395 Add istioctl build step into midstream repository

Closed

mentioned on

Merge request - Move istioctl build into must-gather image

Assignee:: Brian Mangoenpawiro

Reporter:: David Ward

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/09/25 2:23 AM

Updated:: 2024/11/13 2:42 PM

Resolved:: 2024/11/13 2:42 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates