Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support TLS.FrontendValidation within the Gateway spec #3316

Open
arkodg opened this issue May 1, 2024 · 11 comments
Open

Support TLS.FrontendValidation within the Gateway spec #3316

arkodg opened this issue May 1, 2024 · 11 comments
Assignees
Labels
Milestone

Comments

@arkodg
Copy link
Contributor

arkodg commented May 1, 2024

Description:

Describe the desired behavior, what scenario it enables and how it
would be used.

Support the new Client Cert Validation field introduced by upstream
https://gateway-api.sigs.k8s.io/geps/gep-91/

Its the same feature as #88, and has been implemented in the project using ClientTrafficPolicy, so the translation can be reused

[optional Relevant Links:]

Any extra documentation required to understand the issue.

@arkodg arkodg added triage help wanted Extra attention is needed and removed triage labels May 1, 2024
@arkodg arkodg added this to the v1.1.0-rc1 milestone May 1, 2024
@arkodg
Copy link
Contributor Author

arkodg commented May 1, 2024

blocked on #3265

@zufardhiyaulhaq
Copy link
Contributor

I am interested in working on this feature.
want to understand which one to prioritize if gateway API enable but we are not enabling it on ClientTraficPolicy?

@zufardhiyaulhaq
Copy link
Contributor

let me finish #3202 before working on this one

@shawnh2 shawnh2 removed the help wanted Extra attention is needed label May 12, 2024
@arkodg
Copy link
Contributor Author

arkodg commented May 13, 2024

I am interested in working on this feature. want to understand which one to prioritize if gateway API enable but we are not enabling it on ClientTraficPolicy?

@zufardhiyaulhaq we'll need to simultaneously support both fields, until there is complete feature parity in upstream

@zufardhiyaulhaq
Copy link
Contributor

@arkodg @shawnh2 after checking the spec https://gateway-api.sigs.k8s.io/geps/gep-91/
seems there are no optional features there. which means that if ClientTrafficPolicy set the optional to true, we need to rewrite it to true right?

@zufardhiyaulhaq
Copy link
Contributor

@arkodg

@zufardhiyaulhaq we'll need to simultaneously support both fields, until there is complete feature parity in upstream

which one to be used if different secret is being used on Gateway object & ClientTrafficPolicy object? do we need to merge the certificate?

@arkodg
Copy link
Contributor Author

arkodg commented May 28, 2024

yah lets merge/append the caCerts , this will help with migration in the future

Copy link

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

@github-actions github-actions bot added the stale label Jun 28, 2024
@arkodg arkodg removed the stale label Jun 28, 2024
@arkodg arkodg modified the milestones: v1.1.0-rc1, Backlog Jul 10, 2024
@arkodg arkodg modified the milestones: Backlog, v1.2.0-rc1 Jul 31, 2024
Copy link

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

@github-actions github-actions bot added the stale label Aug 30, 2024
@arkodg arkodg modified the milestones: v1.2.0-rc1, Backlog Oct 10, 2024
@github-actions github-actions bot removed the stale label Oct 10, 2024
Copy link

github-actions bot commented Nov 9, 2024

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

@github-actions github-actions bot added the stale label Nov 9, 2024
@arkodg arkodg modified the milestones: Backlog, v1.3.0-rc.1 Nov 22, 2024
@github-actions github-actions bot removed the stale label Nov 22, 2024
Copy link

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

@github-actions github-actions bot added the stale label Dec 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants