Skip to content

release: v1.2.7 #5410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
zhaohuabing merged 10 commits into from
Mar 6, 2025
Merged

release: v1.2.7 #5410

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
11085a9
validate all xds resources before returning the translation result (#…
zhaohuabing Feb 20, 2025
153f156
fix: Allow weights to be zero on endpoints (#5278)
tobrien-nydig Feb 22, 2025
4b431d5
fix: Standalone mode - Secret and ConfigMap parsing (#5329)
bstasz-bonrepublic Feb 26, 2025
5f7bee7
fix: backendSettings for extAuth (#5372)
arkodg Mar 1, 2025
29d9f4d
bump version to 1.2.7
zhaohuabing Mar 5, 2025
8a2c91a
fix gen
zhaohuabing Mar 5, 2025
bc92bd0
bump ratelimit to ae4cee11
zhaohuabing Mar 5, 2025
243db4e
fix gen
zhaohuabing Mar 5, 2025
804f2db
bump ratelimt
zhaohuabing Mar 6, 2025
5e7f7af
bump ratelimit
zhaohuabing Mar 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion VERSION
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
v1.2.6
v1.2.7
2 changes: 1 addition & 1 deletion api/v1alpha1/shared_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ const (
// DefaultShutdownManagerImage is the default image used for the shutdown manager.
DefaultShutdownManagerImage = "docker.io/envoyproxy/gateway-dev:latest"
// DefaultRateLimitImage is the default image used by ratelimit.
DefaultRateLimitImage = "docker.io/envoyproxy/ratelimit:49af5cca"
DefaultRateLimitImage = "docker.io/envoyproxy/ratelimit:ae4cee11"
// HTTPProtocol is the common-used http protocol.
HTTPProtocol = "http"
// GRPCProtocol is the common-used grpc protocol.
Expand Down
2 changes: 1 addition & 1 deletion charts/gateway-helm/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ To uninstall the chart:
| global.images.envoyGateway.image | string | `nil` | |
| global.images.envoyGateway.pullPolicy | string | `nil` | |
| global.images.envoyGateway.pullSecrets | list | `[]` | |
| global.images.ratelimit.image | string | `"docker.io/envoyproxy/ratelimit:49af5cca"` | |
| global.images.ratelimit.image | string | `"docker.io/envoyproxy/ratelimit:ae4cee11"` | |
| global.images.ratelimit.pullPolicy | string | `"IfNotPresent"` | |
| global.images.ratelimit.pullSecrets | list | `[]` | |
| kubernetesClusterDomain | string | `"cluster.local"` | |
Expand Down
2 changes: 1 addition & 1 deletion charts/gateway-helm/values.tmpl.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ global:
pullSecrets: []
ratelimit:
# This is the full image name including the hub, repo, and tag.
image: "docker.io/envoyproxy/ratelimit:49af5cca"
image: "docker.io/envoyproxy/ratelimit:ae4cee11"
# Specify image pull policy if default behavior isn't desired.
# Default behavior: latest images will be Always else IfNotPresent.
pullPolicy: IfNotPresent
Expand Down
30 changes: 30 additions & 0 deletions internal/gatewayapi/resource/load.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,8 @@
}
kobjVal := reflect.ValueOf(kobj).Elem()
spec := kobjVal.FieldByName("Spec")
data := kobjVal.FieldByName("Data")
stringData := kobjVal.FieldByName("StringData")

Check warning on line 99 in internal/gatewayapi/resource/load.go

View check run for this annotation

Codecov / codecov/patch

internal/gatewayapi/resource/load.go#L98-L99 

Added lines #L98 - L99 were not covered by tests

switch gvk.Kind {
case KindEnvoyProxy:
Expand Down Expand Up @@ -307,6 +309,34 @@
Spec: typedSpec.(egv1a1.BackendSpec),
}
resources.Backends = append(resources.Backends, backend)
case KindSecret:
typedData := data.Interface()
typedStringData := stringData.Interface()
secret := &corev1.Secret{
TypeMeta: metav1.TypeMeta{
Kind: KindSecret,
},
ObjectMeta: metav1.ObjectMeta{
Name: name,
Namespace: namespace,
},
Data: typedData.(map[string][]byte),
StringData: typedStringData.(map[string]string),
}
resources.Secrets = append(resources.Secrets, secret)
case KindConfigMap:
typedData := data.Interface()
configMap := &corev1.ConfigMap{
TypeMeta: metav1.TypeMeta{
Kind: KindConfigMap,
},
ObjectMeta: metav1.ObjectMeta{
Name: name,
Namespace: namespace,
},
Data: typedData.(map[string]string),
}
resources.ConfigMaps = append(resources.ConfigMaps, configMap)

Check warning on line 339 in internal/gatewayapi/resource/load.go

View check run for this annotation

Codecov / codecov/patch

internal/gatewayapi/resource/load.go#L312-L339 

Added lines #L312 - L339 were not covered by tests
}

return nil
Expand Down
268 changes: 268 additions & 0 deletions internal/gatewayapi/resource/testdata/all-resources.in.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,268 @@
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: example
namespace: default
spec:
provider:
type: Kubernetes
kubernetes:
envoyService:
annotations:
custom1: svc-annotation1
---
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
name: eg
spec:
controllerName: gateway.envoyproxy.io/gatewayclass-controller
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: eg
spec:
gatewayClassName: eg
listeners:
- name: http
protocol: HTTP
port: 80
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TCPRoute
metadata:
name: backend
namespace: default
spec:
parentRefs:
- name: eg
sectionName: tcp
rules:
- backendRefs:
- name: backend
port: 3000
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: UDPRoute
metadata:
name: backend
namespace: default
spec:
parentRefs:
- name: eg
sectionName: udp
rules:
- backendRefs:
- name: backend
port: 3000
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TLSRoute
metadata:
name: backend
namespace: default
spec:
parentRefs:
- name: eg
sectionName: tls-passthrough
rules:
- backendRefs:
- name: backend
port: 3000
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: backend
namespace: default
spec:
parentRefs:
- name: eg
hostnames:
- "www.example.com"
rules:
- backendRefs:
- name: providedBackend
port: 8000
---
apiVersion: gateway.networking.k8s.io/v1
kind: GRPCRoute
metadata:
name: backend
namespace: default
spec:
parentRefs:
- name: eg
sectionName: grpc
hostnames:
- "www.grpc-example.com"
rules:
- matches:
- method:
service: com.example.Things
method: DoThing
headers:
- name: com.example.Header
value: foobar
backendRefs:
- name: providedBackend
port: 9000
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyPatchPolicy
metadata:
name: ratelimit-patch-policy
namespace: default
spec:
targetRef:
group: gateway.networking.k8s.io
kind: Gateway
name: eg
type: JSONPatch
jsonPatches:
- type: "type.googleapis.com/envoy.config.listener.v3.Listener"
# The listener name is of the form <GatewayNamespace>/<GatewayName>/<GatewayListenerName>
name: default/eg/http
operation:
op: add
path: "/default_filter_chain/filters/0/typed_config/http_filters/0"
value:
name: "envoy.filters.http.ratelimit"
typed_config:
"@type": "type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimit"
domain: "eag-ratelimit"
failure_mode_deny: true
timeout: 1s
rate_limit_service:
grpc_service:
envoy_grpc:
cluster_name: rate-limit-cluster
transport_api_version: V3
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: SecurityPolicy
metadata:
name: jwt-example
spec:
targetRef:
group: gateway.networking.k8s.io
kind: HTTPRoute
name: backend
apiKeyAuth:
credentialRefs:
- name: foobar
extractFrom:
- headers:
- foobar
jwt:
providers:
- name: example
remoteJWKS:
uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/jwt/jwks.json
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: BackendTrafficPolicy
metadata:
name: cookie-lb-policy
namespace: gateway-conformance-infra
spec:
targetRefs:
- group: gateway.networking.k8s.io
kind: HTTPRoute
name: cookie-lb-route
loadBalancer:
type: ConsistentHash
consistentHash:
type: Cookie
cookie:
name: "Lb-Test-Cookie"
ttl: 60s
attributes:
SameSite: Strict
retry:
retryOn:
httpStatusCodes:
- 200
- 404
healthCheck:
active:
type: HTTP
http:
path: "/"
method: GET
circuitBreaker:
maxRequestsPerConnection: 123
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: ClientTrafficPolicy
metadata:
name: client-timeout
namespace: gateway-conformance-infra
spec:
targetRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: same-namespace
timeout:
http:
requestReceivedTimeout: 50ms
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: HTTPRouteFilter
metadata:
name: direct-response-inline
namespace: default
spec:
directResponse:
contentType: text/plain
body:
type: Inline
inline: "OK"
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: Backend
metadata:
name: backend
spec:
endpoints:
- ip:
address: 0.0.0.0
port: 4321
---
apiVersion: v1
kind: Secret
metadata:
name: secret-with-data-and-string-data
namespace: default
data:
.secret-file: dmFsdWUtMg0KDQo=
stringData:
secret: "literal value"
---
apiVersion: v1
kind: Secret
metadata:
name: secret-with-data
namespace: default
data:
.secret-file: dmFsdWUtMg0KDQo=
---
apiVersion: v1
kind: Secret
metadata:
name: secret-with-string-data
namespace: default
stringData:
secret: "literal value"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap
namespace: default
data:
player_initial_lives: "3"
game.properties: |
enemy.types=aliens,monsters
player.maximum-lives=5
Loading
Loading