Make AuthorizationPolicy spec usable with controller-gen

[jfremy]

Describe the feature request

The AuthorizationPolicy spec (security/v1beta1/authorization_policy.pb.go) go type can't be used with controller-tools
If I try to create a CRD with kubebuilder / controller-tools that embeds an AuthorizationPolicy spec as part of my CRD object, I have to create my own copy of the existing type, which adds more work to translate it to an actual AuthorizationPolicy later on.

The reason this fails is that the type has an ActionDetail property which lacks any json tag.
This is because this property is not part of the CRD itself I believe. However, controller-tools at best allows to ignore private properties from a type but not public properties. So it fails to create the CRD object.

One option would be to make ActionDetail private (actionDetail - there is already a GetActionDetail method defined) but this is an interface change that would likely introduce breakages in existing code if they access that property directly

Describe alternatives you've considered

Alternative is to create a "copy" of the type and create methods to get an istio AuthorizationPolicy object out of the clone type

Affected product area (please put an X in all that apply)

[ ] Configuration Infrastructure
[ ] Docs
[ ] Installation
[ ] Networking
[ ] Performance and Scalability
[ ] Policies and Telemetry
[ ] Security
[ ] Test and Release
[ ] User Experience

Additional context

[howardjohn]

You will never be able to derive a proper Istio CRD from a Go struct, or at least not with kubebuilder. We have completely custom definition (protobuf) -> CRD schema. Like we have custom attributes, etc. Even if it appears to work by fixing a few issues like the ones mentioned here, it will be incorrect, possibly in subtle ways.

sorry if that doesn't really help you though... fwiw https://github.com/istio/tools/blob/master/cmd/protoc-gen-crd/ is the code