When installing Gloo Edge into a cluster with Istio, we are interfering with the short names of the CRD's Istio are using. I.e. vs or virtualservice .
Users are getting errors like, when expecting to get Istio virtual services:
Error from server (Forbidden): virtualservices.gateway.solo.io "app" is forbidden: User "developer:margrethe.store-fremtind.no" cannot get resource "virtualservices" in API group "gateway.solo.io" in the namespace "a50503c-devns"
This issue has been marked as stale because of no activity in the last 180 days. It will be closed in the next 180 days unless it is tagged "no stalebot" or other activity occurs.
Gloo Edge Version
1.13.x (latest stable)
Kubernetes Version
None
Describe the bug
When installing Gloo Edge into a cluster with Istio, we are interfering with the short names of the CRD's Istio are using. I.e. vs or virtualservice .
Users are getting errors like, when expecting to get Istio virtual services: Error from server (Forbidden): virtualservices.gateway.solo.io "app" is forbidden: User "developer:margrethe.store-fremtind.no" cannot get resource "virtualservices" in API group "gateway.solo.io" in the namespace "a50503c-devns"
We have this FE that adds shortNames: https://github.com/solo-io/gloo/pull/5592
However, we still have vs as a short name which is causing as to get the whole CRD name
A workaround at the moment would be deleting the shortName:
However for upgrades the users would have to do this operation manually in helm.
Which would be the best approach for solving this?
Steps to reproduce the bug
Install Gloo Edge and Istio in the same cluster
Expected Behavior
Kubectl get vs only gets Gloo Edge VirtualServices but not Istio ones
Additional Context
No response