* build an archive of v1.16 in master
* update data/versions.yml and archive index page
* advance master to release-1.18
* Fix lint by moving back to older files - Note automated job will fail lint.
* Temporarily disable the istioctl-analyze test
* build an archive of v1.14 in master
* update data/versions.yml and archive index page
* advance master to release-1.16
* Rerun `make update_ref_docs
* Update to commit on main branch to fix tests
* Disable failing test (temporary)
* Update to use main branch for reference docs
* Updates to fix this for next time (not moving to master)
* Run `make gen`
* Update master istio test reference
* Ingore one shellcheck, SC1091, for now. Not sure why it just showed up
* Prepare for v1.13 as istio source is already branched
* Update VM test image from 1.11 to current to test
* Rename tests to temporaily disable Issue created to reanble before 1.13
* build an archive of v1.11 in master
* update data/versions.yml and archive index page
* advance master to release-1.13
* ANother script update
* go get remaing istio repos to satisfy linter
* Temporarily fix link broken by istio/api #2148
* Temporarily disable istioctl analyze test.
* build an archive of v1.10 in master
* update data/versions.yml and archive index page
* advance master to release-1.12
* Update istio test reference to pick up 1.12 in istioctl messages
* Fix lint and IMAGE_VERSION
* MOre changes for lint
* Use correct IMAGE_VERSION
* Skip virtual machines test - Release Blocker issue created
* build an archive of v1.9 in master
* update data/versions.yml and archive index page
* advance master to release-1.11
* Update the istio test reference to master
* Remove failing deny test
* Remove another test
* Remove a third test
* update security doc with evaluation order, common patterns, shoter task names and some small updates
* update
* update
* add link
* update
* update
* fix lint
* Apply suggestions from code review
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
* update
* Apply suggestions from code review
Co-authored-by: John Howard <howardjohn@google.com>
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
Co-authored-by: John Howard <howardjohn@google.com>
* Silence curl command
* Update more files with -sS (adding S to show errors)
* Over-agressive on the -S and causing some tests to fail.
* Remove more curl -S flags
This required some other changes WRT verification:
- Change __cmp_like to allow for not accepting <pending> for an IP address.
- Change __verify_with_retry to use a timeout rathan than number of retries. This is a more intuitive interface and aligns with the way we do retries in istio/istio. I also got rid of exponential backoff and allow both the timeout and delay between retries to be configured.
* add note about istio protocol detection
* fix accidental replace
* fix extra dot in filename
* path fixes
* add note about how to field authz in effect
* fix typos and add a note on the claims
* undo file rename
* Update content/en/docs/ops/common-problems/security-issues/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/ops/common-problems/security-issues/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* build an archive of v1.6 in master
* update data/versions.yml and archive index page
* advance master to release-1.8
* Missing `make snips` in script
* add an example task to test
* main test function: save progress
* a working example: routing request
* improve log info and error handling
* introduce makefile
* run each test as a subtest; remove common setup from test.sh
* add another test.sh: fault-injection
* improve error handling
* check test environment
* add two more test.sh files
* fix make command for istio setup
* update two test.sh files from upstream
* add comments and update README.md
* update test.sh files from upstream
* support multiple test names
* update README
* update README.md for new framework
* remove documentation of migration steps
* undo format changes
* change separation line to '# @cleanup'
* move go code and makefile from content/ to tests/
* change package name
* make for loop more readable
* change the set of auto-sourced scripts
* add docs for all functions
* approach to deal with folders with the same name
* minor fixes to ensure everything still runs
* fix make gen error
* add a TIMEOUT argument
* make sure util/debug.sh works with new framework
* make lint-go happy
* [BIG CHANGE] allow different istio setup configs
* make linters happy
* make linters happier
* changed wording and function orders
* make error return as the 2nd argument
* add TODOs
* Update content/en/docs/tasks/traffic-management/traffic-shifting/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* only test english docs
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* allow test.sh as suffix
* move adding setup configs to tests/setup
* recommend full paths
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* require full test paths
* converting old tests to new tests: traffic-management and misc
* converting old tests to new tests: security
* remove old tests
* Update content/en/docs/tasks/security/cert-management/dns-cert/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* simplify setup configs
* Update content/en/docs/tasks/security/authentication/authn-policy/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authentication/mtls-migration/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authorization/authz-http/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* do not let istioctl prompt y/n
* Update content/en/docs/tasks/traffic-management/ingress/ingress-sni-passthrough/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/traffic-management/ingress/secure-ingress/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/cert-management/plugin-ca-cert/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* simplify stuff
* rename dns-cert test.sh to test_broken.sh
* fix dns-cert doc and test
* remove egress=disabled
* fix test
* Update content/en/docs/tasks/observability/logs/access-log/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authentication/authn-policy/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* snip.py: Replace github file token with release-specific URL.
* verify.sh: Show the expected output as well as the actual output.
* snip.py: Update the githubfile regex to not include email addresses.
When generating snip scripts, pairs of "@" signs indicate a link to
GitHub repo content. However, JWT attribute values contained pairs of
email addresses such as:
`testing@secure.istio.io/testing@secure.istio.io`
which would be treated as an email address and mangled. This commit
rewrites the regex to not match on email addresses.
* Add authz-jwt user guide test.
Eric Van Norman
Michael
Aryan Gupta
Yangmin Zhu
John Howard
davidhauck
Frank Budinsky
Nathan Mittler
Upo
Hongyi Zhang
Navraj Singh Chhina
Justin Pettit