Dependency Bumps
- rotisserie/eris has been upgraded to v0.5.4.
- solo-io/solo-kit has been upgraded to v0.34.2.
New Features
- Update to allow deletion of secrets when warnings or errors are present.
When the deletion of a secret is validated, the validating admission webhook removes the secret from the current snapshot, runs translations and looks for errors. Previously, the secret would not be deleted if there were errors, or if there were warnings and theignore_warnings
setting was set asfalse
. This casues issues when trying to delete secrets that are unrelated to the warnings or errors.
The new behavior is to collect all the artifacts of the valdiation process, rerun validation against the original snapshot, and compare the artifacts from that process to the artifacts previously collected. If the artifacts are the same, the secret did not degrade the system and the deletion is allowed. If the artifacts are different, the secret is not deleted and errors are returned.
Because this may incur a performance hit due to the extra validation and the loss of short-circuiting of the validation process due to the need to collect all artifacts, this feature can be turned off by setting theDISABLE_VALIDATION_AGAINST_PREVIOUS_STATE
environment variable totrue
in thegloo
deployment. A dedicated helm value has not been added, and the environment variable can be set usinggloo.gloo.deployment.customEnv
(#8931) - Expose use_hostname_for_hashing, the hostname will be used for hashing when using maglev for example, useful when using multiple host in the upstreams that resolve to the same IP. (#9138)