Add flag trustDomain to pilot.

[axel7born]

Add the flag identityDomain to the pilot to make the trust domain for PilotSAN configurable.

This PR is the first part of #8976 and is related to #8661

[googlebot]

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again. If the bot doesn't comment, it means it doesn't think anything has changed.

[codecov]

Codecov Report

Merging #9059 into release-1.1 will increase coverage by 8%.
The diff coverage is 70%.

@@              Coverage Diff               @@
##           release-1.1   #9059      +/-   ##
==============================================
+ Coverage           63%     70%      +8%     
==============================================
  Files              561     438     -123     
  Lines            51937   41196   -10741     
==============================================
- Hits             32386   28717    -3669     
+ Misses           17691   11092    -6599     
+ Partials          1860    1387     -473

Impacted Files	Coverage Δ
mixer/pkg/checkcache/cache.go	100% <ø> (ø)	⬆️
mixer/pkg/runtime/config/snapshot.go	58% <ø> (ø)	⬆️
mixer/pkg/template/template.go	61% <ø> (ø)	⬆️
pilot/pkg/model/context.go	74% <ø> (+5%)	⬆️
galley/pkg/crd/validation/validation.go	50% <0%> (+16%)	⬆️
mixer/template/template.gen.go	0% <0%> (-29%)	⬇️
pilot/pkg/networking/plugin/mixer/mixer.go	1% <0%> (ø)	⬆️
mixer/pkg/runtime/config/strings.go	92% <0%> (ø)	⬆️
...t/pkg/networking/plugin/envoyfilter/envoyfilter.go	21% <0%> (ø)
mixer/pkg/runtime/routing/table.go	100% <100%> (ø)	⬆️
... and 210 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update dc84b66...82eccca. Read the comment docs.

[googlebot]

CLAs look good, thanks!

[cmluciano]

/ok-to-test

cc @elevran @myidpt

[cmluciano]

/retest

[axel7born]

/retest

[c0d1ngm0nk3y]

/test e2e-mixer-no_auth

[axel7born]

/assign @ijsnellf
/assign @andraxylia
/assign @costinm

[jkbschmid]

/retest

[kramerul]

@myidpt, @hklai Could you retrigger the ci/circleci tests?

[myidpt]

/test e2e-mixer-noauth-v1alpha3-v2

[myidpt]

/lgtm

[istio-testing]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: axel7born, costinm, myidpt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• install/OWNERS [costinm]
• pilot/OWNERS [costinm]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[myidpt]

Finally we got this merged! Thanks everyone!

[istio-testing]

@axel7born: The following tests failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
prow/e2e-simpleTests-cni.sh	61418c70f6426b1420d3c70e967ee56af6becbe5	link	/test e2e-simpleTests-cni
prow/istio-pilot-multicluster-e2e.sh	82eccca	link	/test istio-pilot-multicluster-e2e

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.