Skip to content

feat(helm): optional Istio resources (Sidecar egress, ServiceEntries, JWT authn/authz)#2240

Closed
elihai-risk wants to merge 1 commit into
kagent-dev:mainfrom
elihai-risk:feat/istio-support
Closed

feat(helm): optional Istio resources (Sidecar egress, ServiceEntries, JWT authn/authz)#2240
elihai-risk wants to merge 1 commit into
kagent-dev:mainfrom
elihai-risk:feat/istio-support

Conversation

@elihai-risk

Copy link
Copy Markdown

What

A generic, fully value-driven istio block (everything disabled by default):

  • Sidecar — restrict egress for the chart's pods (workloadSelector, egressHosts, outboundTrafficPolicy). This is the allow-list agent pods need under REGISTRY_ONLY meshes.
  • ServiceEntry list — register the external hosts agents actually reach (LLM providers, OAuth issuers, databases) in the mesh registry; TLS or raw TCP ports.
  • RequestAuthentication + AuthorizationPolicy — JWT validation / access rules on selected workloads, with jwtRules / rules passed through verbatim.

Why

Agents are exactly the workload you want egress-fenced: they execute model-driven tool calls, so meshes running REGISTRY_ONLY need ServiceEntries for every LLM/OAuth/DB host and a Sidecar allow-list — today that all has to live in a wrapper chart. We run kagent 0.9.11 on EKS + Istio with this shape in production (LiteLLM + Okta + Postgres egress).

Nothing here is opinionated: no hosts or issuers are pre-filled, selectors are user-supplied, and sidecar injection itself stays where it already works (podAnnotations). Orgs not on Istio see zero change.

Notes

🤖 Generated with Claude Code

… JWT authn/authz)

Add a generic, fully value-driven istio block (all disabled by default):

- Sidecar: restrict egress for the chart's pods (workloadSelector,
  egressHosts, outboundTrafficPolicy) - the allow-list agents need under
  REGISTRY_ONLY meshes
- ServiceEntries: register external hosts (LLM providers, OAuth issuers,
  databases) in the mesh registry, TLS or raw TCP
- RequestAuthentication + AuthorizationPolicy: JWT validation and access
  rules, jwtRules/rules passed through verbatim

Nothing is opinionated: no defaults beyond Istio's own, selectors and
hosts fully user-supplied, sidecar injection stays via podAnnotations.
Includes helm-unittest coverage (4 tests).

Signed-off-by: Elihai Blomberg <elihai.blomberg@riskified.com>
Copilot AI review requested due to automatic review settings July 14, 2026 15:33
@elihai-risk elihai-risk requested a review from a team as a code owner July 14, 2026 15:33

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot couldn't run its full agentic review because no GitHub Actions runner was available. Make sure your repository has a runner available to run Copilot's review, or add a copilot-setup-steps.yml file specifying one with the runs-on attribute. See the docs for more details.

Adds an optional, fully value-driven istio configuration block to the Helm chart (disabled by default) to support Istio meshes requiring controlled egress and JWT auth policies.

Changes:

  • Introduces istio values for Sidecar egress restriction, ServiceEntries, and JWT RequestAuthentication/AuthorizationPolicy.
  • Adds templates/istio.yaml to render the optional Istio CRs based on values.
  • Adds helm-unittest coverage validating “default off” and basic render behavior for each resource type.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 8 comments.

File Description
helm/kagent/values.yaml Documents and defines the new istio values block (default-disabled).
helm/kagent/templates/istio.yaml Implements rendering for Sidecar, ServiceEntry, RequestAuthentication, AuthorizationPolicy.
helm/kagent/tests/istio_test.yaml Adds helm-unittest cases for default behavior and enabled resources.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

values.yaml.
*/}}
{{- if .Values.istio.sidecar.enabled }}
apiVersion: networking.istio.io/v1
{{- end }}
{{- range .Values.istio.serviceEntries }}
---
apiVersion: networking.istio.io/v1
{{- end }}
{{- if .Values.istio.requestAuthentication.enabled }}
---
apiVersion: security.istio.io/v1
{{- end }}
{{- if .Values.istio.authorizationPolicy.enabled }}
---
apiVersion: security.istio.io/v1
apiVersion: networking.istio.io/v1
kind: ServiceEntry
metadata:
name: {{ include "kagent.fullname" $ }}-{{ .name }}
Comment on lines +38 to +43
hosts:
{{- toYaml .hosts | nindent 4 }}
location: {{ .location | default "MESH_EXTERNAL" }}
resolution: {{ .resolution | default "DNS" }}
ports:
{{- toYaml .ports | nindent 4 }}
Comment on lines +78 to +80
action: {{ .Values.istio.authorizationPolicy.action | default "ALLOW" }}
rules:
{{- toYaml .Values.istio.authorizationPolicy.rules | nindent 4 }}
Comment on lines +60 to +61
jwtRules:
{{- toYaml .Values.istio.requestAuthentication.jwtRules | nindent 4 }}
@github-actions github-actions Bot added the enhancement New feature or request label Jul 14, 2026
@EItanya

EItanya commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Hey there, I really appreciate the PR but frankly I think this is too specific for the core kagent helm chart, this could be a good use case for extraObjects as proposed in #2174

@elihai-risk

Copy link
Copy Markdown
Author

Fair call — extraObjects (#2174) is the right generic mechanism for this. We'll move our resources to it once it lands. Feel free to lift anything from this PR (templates/tests) into docs or examples if useful. Thanks for the quick review!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants