New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ldelossa/phase out sec label pt1 #25057
Ldelossa/phase out sec label pt1 #25057
Conversation
Marking as draft, suggestion from out of band convo is to refactor terminology from "sec_label" to "sec_identity". Making it explicit that we are using a security identity. |
56e77a4
to
7fbb773
Compare
610b0c3
to
544c1ef
Compare
/test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM from technical perspective.
I am not a big fan of this _sec_
thing though. Do we have other types of identities? If we want to emphasize that this is a "Secutiry Identity" then I would rather use security_id
than sec_identity
.
We landed on "sec_identity" since it stays close to the terminology used in our upstream documentation. I.e. we make explicit call outs to the term "identity" in docs. For instance you can search "identity" in upstream docs and get a lot of info. I understand this is a bit subjective, but there was some previous discussion on this naming change, and I think we could keep going back and forth on 'security_id' vs 'sec_identity' ad infinitum. My feeling is to try to ground the naming change into something tangible, like what words we use in the upstream docs the most often to explain a "concept". |
In the datapath we often swap between calling the `security identity` an `identity` and a `sec_label`. As an effort to consolidate our terminology, begin phasing out the `sec_label` terminology, with the first step focusing on the `remote_endpoint_info` structure. Rename the `sec_label` field on this structure to `sec_identity`, and also update variables to consistently use `*_sec_identity` syntax. Signed-off-by: Louis DeLosSantos <louis.delos@isovalent.com>
544c1ef
to
0015581
Compare
/test Job 'Cilium-PR-K8s-1.25-kernel-5.4' failed: Click to show.Test Name
Failure Output
Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.25-kernel-5.4/135/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. |
/test-1.25-5.4 |
/mlh new-flake Cilium-PR-K8s-1.25-kernel-5.4 |
Currently in the datapath we swap around the terminology
sec_label
andidentity
.As an effort to consolidate our terminology, this PR begins the phasing out of the keywords
sec_label
in favor ofsec_identity
.An arbitrary starting point was picked, the
remote_endpoint_info
struct, and further renames will take place over time, as to not create too many conflicts with other PRs.