-
Notifications
You must be signed in to change notification settings - Fork 7.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate IOP fields for DNS1123 compliance #36792
Comments
@nmnellis I think it might be helpful if you could update the description to the task list format to track which has already been checked. |
updated, i think revision is the only one currently validated for DNS1123 |
Things in meshConfig has already been validated. I have created a PR to validate the remaining fields. However, I am not certain about what 'subset' means here. I think you mean the subset in DestinationRule, not the IOP resource? |
Bug Description
Istio can get into a bad state and often default back to default values if any DNS1123 fields are set incorrectly. For example if
trustDomain
is not DNS1123 complaint istio fails to parse the rest of the spec and defaults the trustDomain back tocluster.local
. The current set of errors is hard to decipher the root cause of the issue.Based on the code, we believe that these fields are all required to be compliant if set.
Version
Additional Information
No response
The text was updated successfully, but these errors were encountered: