Treat IP Address as an optional parameter

[ctyano]

Description

IP addresses in X.509 Subject Alternative Names is an optional attribute in Athenz X.509 identity certificate. Users shall set an empty string to POD_IP environment variable to remove IP address from a CSR. If the IP address is not set in the CSR, ZTS will skip verifying the client IP address to match the SANs IP. (e.g. InstanceZTSProvider)

Assignees

• [x] Assignees is set

Type of changes

• [x] Apply one or more labels of the following that fits:
  • bug: Bug fix
  • dependencies: Dependency upgrades
  • documentation: Documentation changes
  • enhancement: New Feature
  • good first issue: First contribution
  • logging: Log changes
  • refactor: Refactoring (no functional changes, no api changes)

Flags

• [ ] Breaks backward compatibility
• [ ] Requires a documentation update

• [ ] Has untestable code

Checklist

• [x] Followed the guidelines in the CONTRIBUTING document
• [x] Added prefix [skip ci]/[ci skip]/[no ci]/[skip actions]/[actions skip] in the PR title if necessary
• [x] Tested and linted the code
• [ ] Commented the code
• [ ] Made corresponding changes to the documentation

Checklist for maintainer

• [ ] Use Squash and merge
• [ ] Double-confirm the merge message has prefix [skip ci]/[ci skip]/[no ci]/[skip actions]/[actions skip]
• [ ] Delete the branch after merge

[mlajkim]

Please modify the athenz-sia.env file too.

• [x] Modify: https://github.com/AthenZ/k8s-athenz-sia/blob/main/athenz-sia.env#L119

[mlajkim]

@ctyano Do you think we should merge this before the release of v3.2.0?

[mlajkim]

~This requires operation check just in case in k8s platform.~ ~TODOs:~ ~-[x] Operation done by @mlajkim~

I won't do it as I wrote this with expectation of including this PR in v3.2.0.

[mlajkim]

This won't be included in v3.2.0 release.