Add metadata labels for cilium policy selectors
to support visibility policy L7 allow-all
#31359
Labels
area/cli
Impacts the command line interface of any command in the repository.
area/misc
Impacts miscellaneous areas of the code not otherwise owned by another area.
good-first-issue
Good starting point for new developers, which requires minimal understanding of Cilium.
help-wanted
Please volunteer for this by adding yourself as an assignee!
priority/low
This is considered nice to have.
sig/policy
Impacts whether traffic is allowed or denied based on user-defined policies.
During the investigation that led to #31358, I discovered that we are missing one source for metadata labels for the
cilium policy selectors
command in the case of visibility policies, seecilium/pkg/policy/visibility.go
Line 136 in 687e4f8
We would need to figure out what we should pass as the metadata here. We don't have labels because the visibility policy is not a K8s resource, however the visibility policy comes from an annotation on a pod. Potentially some way to signal that this selector is coming from an annotation, along with the namespace/name of the pod could suffice.
Mostly a cosmetic issue, but nice to fix.
The text was updated successfully, but these errors were encountered: