From c7dad56b98d460f0817800b813a3110f4b3cce7f Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 2 Dec 2025 17:27:25 +0000
Subject: [PATCH 1/2] Initial plan


From a0056b9afdf34b406d80e8117eca9586a90c9d7d Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 2 Dec 2025 17:32:50 +0000
Subject: [PATCH 2/2] Fix trailing whitespace and end-of-file issues in k8s
 azure overlay files

Co-authored-by: ianlintner <500914+ianlintner@users.noreply.github.com>
---
 k8s/overlays/azure/README.md                           | 6 +++---
 k8s/overlays/azure/authorization-policy-ext-authz.yaml | 6 +++---
 k8s/overlays/azure/kustomization.yaml                  | 1 -
 k8s/overlays/azure/virtualservice-default.yaml         | 1 -
 4 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/k8s/overlays/azure/README.md b/k8s/overlays/azure/README.md
index c21742c..5c19d7c 100644
--- a/k8s/overlays/azure/README.md
+++ b/k8s/overlays/azure/README.md
@@ -6,7 +6,7 @@ This directory contains Istio configuration to enable OAuth2 authentication for
 
 - **Application**: python-dsa
 - **Namespace**: default
-- **Hostnames**: 
+- **Hostnames**:
   - `dsa.cat-herding.net` (primary)
   - `dsa.hugecat.net` (legacy)
 - **Port**: 80 (routes to container port 5000)
@@ -264,13 +264,13 @@ data:
         service: oauth2-proxy.default.svc.cluster.local
         port: 4180
         includeHeadersInCheck: ["authorization", "cookie"]
-        headersToUpstreamOnAllow: 
+        headersToUpstreamOnAllow:
           - "authorization"
           - "path"
           - "x-auth-request-user"
           - "x-auth-request-email"
           - "x-auth-request-preferred-username"
-        headersToDownstreamOnDeny: 
+        headersToDownstreamOnDeny:
           - "content-type"
           - "set-cookie"
         headersToDownstreamOnAllow:
diff --git a/k8s/overlays/azure/authorization-policy-ext-authz.yaml b/k8s/overlays/azure/authorization-policy-ext-authz.yaml
index 4715593..fcf3521 100644
--- a/k8s/overlays/azure/authorization-policy-ext-authz.yaml
+++ b/k8s/overlays/azure/authorization-policy-ext-authz.yaml
@@ -16,14 +16,14 @@ spec:
   selector:
     matchLabels:
       app: python-dsa
-  
+
   # CUSTOM action defers to ext_authz (oauth2-proxy)
   action: CUSTOM
-  
+
   provider:
     # References the oauth2-proxy extensionProvider configured in Istio mesh config
     name: oauth2-proxy
-  
+
   rules:
   # Apply to all requests
   - to:
diff --git a/k8s/overlays/azure/kustomization.yaml b/k8s/overlays/azure/kustomization.yaml
index 848a32f..701044e 100644
--- a/k8s/overlays/azure/kustomization.yaml
+++ b/k8s/overlays/azure/kustomization.yaml
@@ -12,4 +12,3 @@ resources:
   - virtualservice-default.yaml
   - virtualservice-hugecat-redirect.yaml
   - authorization-policy-ext-authz.yaml
-
diff --git a/k8s/overlays/azure/virtualservice-default.yaml b/k8s/overlays/azure/virtualservice-default.yaml
index 9cf8b0c..c4c6813 100644
--- a/k8s/overlays/azure/virtualservice-default.yaml
+++ b/k8s/overlays/azure/virtualservice-default.yaml
@@ -27,4 +27,3 @@ spec:
         attempts: 3
         perTryTimeout: 10s
         retryOn: gateway-error,connect-failure,refused-stream
-