| Andreas Geissler | e08eee0 | 2023-04-21 14:21:37 +0200 | [diff] [blame] | 1 | global: |
| 2 | proxy: |
| 3 | # Controls if sidecar is injected at the front of the container list and blocks the start of the other containers until the proxy is ready |
| 4 | holdApplicationUntilProxyStarts: true |
| 5 | #logging: |
| 6 | # level: "default:debug" |
| 7 | meshConfig: |
| 8 | rootNamespace: istio-config |
| 9 | extensionProviders: |
| 10 | - name: oauth2-proxy |
| 11 | envoyExtAuthzHttp: |
| 12 | service: oauth2-proxy.default.svc.cluster.local |
| 13 | port: 80 |
| 14 | timeout: 1.5s |
| 15 | includeHeadersInCheck: ["authorization", "cookie"] |
| 16 | headersToUpstreamOnAllow: ["x-forwarded-access-token", "authorization", "path", "x-auth-request-user", "x-auth-request-email", "x-auth-request-access-token"] |
| 17 | headersToDownstreamOnDeny: ["content-type", "set-cookie"] |
| 18 | pilot: |
| 19 | env: |
| 20 | PILOT_ENABLE_MYSQL_FILTER: true |
| 21 | PILOT_HTTP10: true |