Support TLS.FrontendValidation within the Gateway spec

[arkodg]

Description:

Describe the desired behavior, what scenario it enables and how it
would be used.

Support the new Client Cert Validation field introduced by upstream
https://gateway-api.sigs.k8s.io/geps/gep-91/

Its the same feature as #88, and has been implemented in the project using ClientTrafficPolicy, so the translation can be reused

[optional Relevant Links:]

Any extra documentation required to understand the issue.

[arkodg]

blocked on #3265

[zufardhiyaulhaq]

I am interested in working on this feature.
want to understand which one to prioritize if gateway API enable but we are not enabling it on ClientTraficPolicy?

[zufardhiyaulhaq]

let me finish #3202 before working on this one

[arkodg]

I am interested in working on this feature. want to understand which one to prioritize if gateway API enable but we are not enabling it on ClientTraficPolicy?

@zufardhiyaulhaq we'll need to simultaneously support both fields, until there is complete feature parity in upstream

[zufardhiyaulhaq]

@arkodg @shawnh2 after checking the spec https://gateway-api.sigs.k8s.io/geps/gep-91/
seems there are no optional features there. which means that if ClientTrafficPolicy set the optional to true, we need to rewrite it to true right?

[zufardhiyaulhaq]

@arkodg

@zufardhiyaulhaq we'll need to simultaneously support both fields, until there is complete feature parity in upstream

which one to be used if different secret is being used on Gateway object & ClientTrafficPolicy object? do we need to merge the certificate?