Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

datapath: Add auth_type to policy verdict message #25410

Merged
merged 1 commit into from May 25, 2023
Merged

datapath: Add auth_type to policy verdict message #25410

merged 1 commit into from May 25, 2023

Conversation

jrajahalme
Copy link
Member

Add auth type to datapath policy verdict message as well as to Hubble flow message.

policy.AuthType.String() is fixed to return an empty string rather than "none" when authentication is not required to match the strings accepted for auth type in CNP.

@jrajahalme jrajahalme added sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/policy Impacts whether traffic is allowed or denied based on user-defined policies. sig/hubble Impacts hubble server or relay area/servicemesh GH issues or PRs regarding servicemesh labels May 12, 2023
@jrajahalme jrajahalme requested review from a team as code owners May 12, 2023 10:52
@maintainer-s-little-helper maintainer-s-little-helper bot added dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels May 12, 2023
@jrajahalme jrajahalme requested a review from gandro May 12, 2023 10:52
@jrajahalme jrajahalme mentioned this pull request May 12, 2023
Merged
@jrajahalme jrajahalme self-assigned this May 12, 2023
@jrajahalme jrajahalme added the release-note/misc This PR makes changes that have no direct user impact. label May 12, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label May 12, 2023
@jrajahalme
Copy link
Member Author

/test

chancez
chancez reviewed May 12, 2023
View reviewed changes
api/v1/flow/flow.proto Outdated Show resolved Hide resolved
gandro
gandro reviewed May 15, 2023
View reviewed changes
api/v1/flow/flow.proto Outdated Show resolved Hide resolved
api/v1/flow/README.md Outdated Show resolved Hide resolved
@jrajahalme jrajahalme force-pushed the policy-verdict-add-auth-type branch from 4d1543f to abd7204 Compare May 16, 2023 09:29
@jrajahalme jrajahalme requested a review from a team as a code owner May 16, 2023 09:29
@jrajahalme jrajahalme requested a review from youngnick May 16, 2023 09:29
@jrajahalme jrajahalme force-pushed the policy-verdict-add-auth-type branch from abd7204 to e77257e Compare May 16, 2023 09:32
@jrajahalme
Copy link
Member Author

jrajahalme commented May 16, 2023
edited by maintainer-s-little-helper bot

/test

Job 'Cilium-PR-K8s-1.24-kernel-5.4' failed:

Click to show.

Test Name

K8sAgentHubbleTest Hubble Observe Test L7 Flow

Failure Output

FAIL: Failed to start hubble observe

Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.24-kernel-5.4/59/

If it is a flake and a GitHub issue doesn't already exist to track it, comment /mlh new-flake Cilium-PR-K8s-1.24-kernel-5.4 so I can create one.

Then please upload the Jenkins artifacts to that issue.

gandro
gandro approved these changes May 16, 2023
View reviewed changes
Copy link
Member

@gandro gandro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@jrajahalme jrajahalme force-pushed the policy-verdict-add-auth-type branch from e77257e to 9d94b40 Compare May 23, 2023 08:16
@jrajahalme
Copy link
Member Author

Rebased to fix conflicts.

@jrajahalme
Copy link
Member Author

/test

@jrajahalme
datapath: Add auth_type to policy verdict message
00f3933 
Signed-off-by: Jarno Rajahalme <jarno@isovalent.com>
@jrajahalme jrajahalme force-pushed the policy-verdict-add-auth-type branch from 9d94b40 to 00f3933 Compare May 24, 2023 13:24
@jrajahalme
Copy link
Member Author

rebased for main breakage

@jrajahalme
Copy link
Member Author

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label May 24, 2023
@squeed squeed merged commit 225e59d into cilium:main May 25, 2023
58 checks passed
@kaworu kaworu mentioned this pull request Jul 11, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gandro gandro gandro approved these changes

@chancez chancez chancez approved these changes

@christarazi christarazi christarazi approved these changes

@youngnick youngnick youngnick approved these changes

Assignees

@jrajahalme jrajahalme

Labels
area/servicemesh GH issues or PRs regarding servicemesh ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/hubble Impacts hubble server or relay sig/policy Impacts whether traffic is allowed or denied based on user-defined policies.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@jrajahalme @gandro @chancez @christarazi @youngnick @squeed