istio update to 1.23.2-bb.1

Package Merge Request

Package Changes

https://repo1.dso.mil/big-bang/product/packages/istio-controlplane/-/blob/1.23.2-bb.1/CHANGELOG.md

Package MR

big-bang/product/packages/istio-controlplane!323 (merged)

For Issue

Closes big-bang/product/packages/istio-controlplane#239 (closed)

Upgrade Notices

This release adds a default EnvoyFilter to increase the security of the Istio cluster. This filter which defaults to enabled can be disabled using e.g. istio.Values.defaultSecurityHeaders.enabled: false. The filter will add the following HTTP headers when the backend service does not already provide the header.

• StrictTransportSecurity: maxage=31536000; includeSubDomains
• XFrameOptions: SAMEORIGIN
• XContentTypeOptions: nosniff
• ReferrerPolicy: strictorigin

In the event these additional headers cause issues with any deployment, you can disable the filter and reach out to the Big Bang team.

added botmr istio statusdoing labels

assigned to @michaelmartin

changed the description

requested review from @chris.oconnell and @andrewshoell

marked this merge request as ready

changed the description

changed milestone to %2.40.0

added statusreview label and removed statusdoing label

approved this merge request

merged

mentioned in commit 4d611cf2