Skip to content

[FEATURE]: Make Export CRD a single source-of-truth for service attributes #690

New issue
New issue
Open
Open
[FEATURE]: Make Export CRD a single source-of-truth for service attributes#690
Labels
controlplaneenhancementNew feature or requestpoliciesIssues related to policies and policy engine
@zivnevo

Description

@zivnevo
zivnevo
opened on Sep 3, 2024

Currently, service attributes are taken from the Export CRD only on the server side.
On the client side, service attributes are taken from the Import CRD.
This may result in inconsistent policy decisions (same policy evaluates to different decisions on the two sides of the connection).

It is therefore required to have a single source of truth for service attributes, and it makes more sense to use the Export CRD for this purpose. However, this requires the Peer on the client side to get service attributes from the Peer on the server side.
We probably want to extend the heartbeat mechanism to support more requests.

Metadata

Metadata

Assignees

No one assigned

    Labels

    controlplaneenhancementNew feature or requestpoliciesIssues related to policies and policy engine

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions