istio update to 1.23.2-bb.1

Package Merge Request

Package Changes

https://repo1.dso.mil/big-bang/product/packages/istio-controlplane/-/blob/1.23.2-bb.1/CHANGELOG.md

Package MR

big-bang/product/packages/istio-controlplane!323 (merged)

For Issue

Closes big-bang/product/packages/istio-controlplane#239 (closed)

Upgrade Notices

This release adds a default EnvoyFilter to increase the security of the Istio cluster. This filter which defaults to enabled can be disabled using e.g. istio.Values.defaultSecurityHeaders.enabled: false. The filter will add the following HTTP headers when the backend service does not already provide the header.

• StrictTransportSecurity: maxage=31536000; includeSubDomains
• XFrameOptions: SAMEORIGIN
• XContentTypeOptions: nosniff
• ReferrerPolicy: strictorigin

In the event these additional headers cause issues with any deployment, you can disable the filter and reach out to the Big Bang team.