Skip to content

Fix shared=true when no clientSelector,#6072

Merged
arkodg merged 15 commits intoenvoyproxy:mainfrom
ryanhristovski:fix-no-clientselector-rl-and-domain-issue
May 27, 2025
Merged

Fix shared=true when no clientSelector,#6072
arkodg merged 15 commits intoenvoyproxy:mainfrom
ryanhristovski:fix-no-clientselector-rl-and-domain-issue

Conversation

@ryanhristovski
Copy link
Contributor

@ryanhristovski ryanhristovski commented May 14, 2025

  • fixes bug where when shared=true with no clientSelector it does not match
  • cleans up filter logic (always adds listener)
  • fixes duplicate rl descriptor logic & domain matching errors (was adding descriptors to the incorrect domain before)
  • fixes e2e tests

@ryanhristovski
Fix shared=true when no clientSelector, cleanup filter logic, fix rl …
a030575 
…descriptor logic

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski ryanhristovski requested a review from a team as a code owner May 14, 2025 21:30
@ryanhristovski
testdata update
9646602 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
Linting, remove unused funcs
94a71c9 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@arkodg arkodg requested a review from zhaohuabing May 14, 2025 22:08
@arkodg arkodg requested a review from shawnh2 May 14, 2025 22:08
@codecov
Copy link

codecov bot commented May 14, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 97.95918% with 1 line in your changes missing coverage. Please review.

Project coverage is 70.57%. Comparing base (cbb5381) to head (793224b).
Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
internal/xds/translator/ratelimit.go 97.95% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6072      +/-   ##
==========================================
- Coverage   70.61%   70.57%   -0.05%     
==========================================
  Files         219      219              
  Lines       36515    36487      -28     
==========================================
- Hits        25786    25750      -36     
- Misses       9201     9210       +9     
+ Partials     1528     1527       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@ryanhristovski ryanhristovski marked this pull request as draft May 14, 2025 22:42
@ryanhristovski
fix e2e
8277fc1 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
test requests are real requests
0fb2dfd 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
Fix test
c376e61 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
increase test limit
997c97f 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski ryanhristovski marked this pull request as ready for review May 15, 2025 02:06
@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 15, 2025

RateLimitGlobalMergeTest is passing successfully

2025-05-15T02:05:07.9767980Z --- FAIL: TestE2E/ExtProc/http_route_with_ext_proc (32.03s) seems to be failing consistently which is unrelated to this PR

@ryanhristovski ryanhristovski mentioned this pull request May 15, 2025
Closed
zhaohuabing
zhaohuabing reviewed May 15, 2025
View reviewed changes
zhaohuabing
zhaohuabing reviewed May 15, 2025
View reviewed changes
zhaohuabing
zhaohuabing previously approved these changes May 15, 2025
View reviewed changes
Copy link
Member

@zhaohuabing zhaohuabing left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR looks good. The ratlimit code is much cleaner now!

I just have a few minor non-blocking nits.

@zhaohuabing
Copy link
Member

zhaohuabing commented May 15, 2025

Looks like the shared ratelimit tests are flaky.

@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 15, 2025

@zhaohuabing hmm, looks like its flaky due to giving no grace time for EG to pickup the RL rules - I could add a sleep or something for ~2s but this is just a naive approach

@zhaohuabing
Copy link
Member

zhaohuabing commented May 15, 2025

@zhaohuabing hmm, looks like its flaky due to giving no grace time for EG to pickup the RL rules - I could add a sleep or something for ~2s but this is just a naive approach

Can we use require.eventually for this?

@ryanhristovski
fix test, clean up nit
bd021af 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 15, 2025

Updated with require.eventually to get a x-rate-limit header response before starting, hoping that'll work.

@ryanhristovski
Linting
9dedbb8 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
Fix GotExactExpectedResponse
c7bdd83 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 15, 2025

@zhaohuabing yup that worked, other flaky tests failing now

@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 15, 2025

/retest

@zhaohuabing
Copy link
Member

zhaohuabing commented May 23, 2025

@ryanhristovski LGTM. Resolving the conflicts then it's good to go.

zhaohuabing
zhaohuabing previously approved these changes May 23, 2025
View reviewed changes
shawnh2
shawnh2 previously approved these changes May 23, 2025
View reviewed changes
Copy link
Contributor

@shawnh2 shawnh2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one non-blocking comment. LGTM

internal/xds/translator/ratelimit.go Outdated
filters := []*hcmv3.HttpFilter{}
created := make(map[string]bool)

domains := make(map[string]struct{})
Copy link
Contributor

@shawnh2 shawnh2 May 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we use k8s.io/apimachinery/pkg/util/sets instead?

@ryanhristovski
Merge branch 'main' into fix-no-clientselector-rl-and-domain-issue
6a96fbf 
Signed-off-by: Ryan Hristovski <61257223+ryanhristovski@users.noreply.github.com>
@ryanhristovski ryanhristovski dismissed stale reviews from shawnh2 and zhaohuabing via 6a96fbf May 27, 2025 12:38
@ryanhristovski
use k8s.io/apimachinery/pkg/util/set instead
b73c4d1 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
merge conflict fixes
793224b 
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 27, 2025

@zhaohuabing @shawnh2 fixed, theres some flaky tests unrelated failing though.

@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 27, 2025

/retest

1 similar comment
@ryanhristovski
Copy link
Contributor Author

ryanhristovski commented May 27, 2025

/retest

@arkodg arkodg merged commit bb3c8da into envoyproxy:main May 27, 2025
55 of 63 checks passed
arkodg pushed a commit to arkodg/gateway that referenced this pull request Jun 3, 2025
@ryanhristovski
Fix shared=true when no clientSelector, (envoyproxy#6072)
3d52788 
* Fix shared=true when no clientSelector, cleanup filter logic, fix rl descriptor logic

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* testdata update

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Linting, remove unused funcs

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* fix e2e

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit bb3c8da)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>
arkodg added a commit that referenced this pull request Jun 4, 2025
@arkodg @zhaohuabing
@cnvergence @zirain @ryanhristovski @ankushagarwal @kkk777-7 @guydc @jukie @eminaktas
[release/v1.4] Cherry Pick fixes into v1.4.1 (#6258)
12345ea 
* feat: set OverlappingTLSConfig condition for merged Gateways (#5862)

* set OverlappingTLSConfig condition for merged Gateways

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* fix lint

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* minor change

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

---------

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
(cherry picked from commit be51e5b)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* e2e: fix backend tls test (#6029)

* fix backend tls test

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* enable backend tls test

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* remove gateway TLS to simplify the test

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* rename secret to avoid conflicts

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

---------

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
(cherry picked from commit a685667)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* validate gateway namespace mode and merged gateways (#6041)

* validate gateway namespace mode and merged gateways in translator

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* fix lint

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* skip merge gateways test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* validate on gatewayclass and set the status

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* skip e2e test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* add valid testcases

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* Update internal/provider/kubernetes/controller.go

Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com>
Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* fix lint

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* skip merge gateways test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* rebase

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

---------

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
Co-authored-by: zirain <zirain2009@gmail.com>
Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com>
(cherry picked from commit c5f6831)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix shared=true when no clientSelector, (#6072)

* Fix shared=true when no clientSelector, cleanup filter logic, fix rl descriptor logic

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* testdata update

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Linting, remove unused funcs

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* fix e2e

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit bb3c8da)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix(tranlator): SubjectAltNames were being dropped from BackendTLSPolicy.validation (#6092)

* Add support for SubjectAltNames from BackendTLSPolicy.validation

Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com>
(cherry picked from commit 35420d5)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* feat: add ownerreference to infra resources when gateway namespace mode (#6100)

* feat: add ownerreference to infra resources when gateway namespace mode

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
(cherry picked from commit fc462a8)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: add FullDuplexStreamed to enum (#6103)

* fix: add FullDuplexStreamed to enum

Signed-off-by: Guy Daich <guy.daich@sap.com>
(cherry picked from commit 020d60a)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: Use quoted values zone annotation in topology injector (#6133)

* Quoted string for zone values

Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>

* release note

Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>

* regen

Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
(cherry picked from commit ea9cb05)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: return early from buildwasms (#6169)

return early from buildwasms

Signed-off-by: Guy Daich <guy.daich@sap.com>
(cherry picked from commit 64624fe)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* chore: bump go and purego (#6174)

* chore: bump go and purego

Signed-off-by: zirain <zirain2009@gmail.com>

* fix  gen

Signed-off-by: zirain <zirain2009@gmail.com>

---------

Signed-off-by: zirain <zirain2009@gmail.com>
(cherry picked from commit 40ae9e3)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: translate xds udp listener (#6183)

* fix: translate udp listener

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>

* add: tcp/udp no routes testdata in xds translator

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>

* add: release note

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
(cherry picked from commit 8f538e7)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Change static uid to  for global ratelimit dashboard (#6193)

Signed-off-by: Emin Aktas <eminaktas34@gmail.com>
(cherry picked from commit f721925)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix broken btp ratelimit merge (#6214)

* Fix broken btp ratelimit merge

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* lint

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

---------

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit 0f6f363)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set via ClientTrafficPolicy (#6217)

Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set in ClientTrafficPolicy

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
(cherry picked from commit de816a6)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix testdata

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Allow for headless envoy services (#6250)

* Allow for headless envoy services

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Allow headless service, cleanup

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* clean

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Add test and comment

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Fix tests

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit 2e168a8)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog (#6221)

* remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* fix e2e test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

---------

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
(cherry picked from commit b7ed197)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix lint

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

---------

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
Signed-off-by: Arko Dasgupta <arko@tetrate.io>
Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com>
Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: Emin Aktas <eminaktas34@gmail.com>
Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
Co-authored-by: Karol Szwaj <karol.szwaj@gmail.com>
Co-authored-by: zirain <zirain2009@gmail.com>
Co-authored-by: Ryan Hristovski <61257223+ryanhristovski@users.noreply.github.com>
Co-authored-by: Ankush Agarwal <ankushagarwal11@gmail.com>
Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com>
Co-authored-by: Guy Daich <guy.daich@sap.com>
Co-authored-by: Isaac <10012479+jukie@users.noreply.github.com>
Co-authored-by: Emin AKTAS <eminaktas34@gmail.com>
@BrewTestBot BrewTestBot mentioned this pull request Aug 8, 2025
Merged
shawnh2 pushed a commit to shawnh2/gateway that referenced this pull request Sep 15, 2025
@arkodg @zhaohuabing
@cnvergence @zirain @ryanhristovski @ankushagarwal @kkk777-7 @guydc @jukie @eminaktas @shawnh2
[release/v1.4] Cherry Pick fixes into v1.4.1 (envoyproxy#6258)
d98883b 
* feat: set OverlappingTLSConfig condition for merged Gateways (envoyproxy#5862)

* set OverlappingTLSConfig condition for merged Gateways

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* fix lint

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* minor change

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

---------

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
(cherry picked from commit be51e5b)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* e2e: fix backend tls test (envoyproxy#6029)

* fix backend tls test

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* enable backend tls test

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* remove gateway TLS to simplify the test

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* rename secret to avoid conflicts

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

---------

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
(cherry picked from commit a685667)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* validate gateway namespace mode and merged gateways (envoyproxy#6041)

* validate gateway namespace mode and merged gateways in translator

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* fix lint

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* skip merge gateways test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* validate on gatewayclass and set the status

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* skip e2e test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* add valid testcases

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* Update internal/provider/kubernetes/controller.go

Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com>
Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* fix lint

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* skip merge gateways test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* rebase

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

---------

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
Co-authored-by: zirain <zirain2009@gmail.com>
Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com>
(cherry picked from commit c5f6831)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix shared=true when no clientSelector, (envoyproxy#6072)

* Fix shared=true when no clientSelector, cleanup filter logic, fix rl descriptor logic

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* testdata update

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Linting, remove unused funcs

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* fix e2e

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit bb3c8da)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix(tranlator): SubjectAltNames were being dropped from BackendTLSPolicy.validation (envoyproxy#6092)

* Add support for SubjectAltNames from BackendTLSPolicy.validation

Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com>
(cherry picked from commit 35420d5)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* feat: add ownerreference to infra resources when gateway namespace mode (envoyproxy#6100)

* feat: add ownerreference to infra resources when gateway namespace mode

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
(cherry picked from commit fc462a8)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: add FullDuplexStreamed to enum (envoyproxy#6103)

* fix: add FullDuplexStreamed to enum

Signed-off-by: Guy Daich <guy.daich@sap.com>
(cherry picked from commit 020d60a)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: Use quoted values zone annotation in topology injector (envoyproxy#6133)

* Quoted string for zone values

Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>

* release note

Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>

* regen

Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
(cherry picked from commit ea9cb05)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: return early from buildwasms (envoyproxy#6169)

return early from buildwasms

Signed-off-by: Guy Daich <guy.daich@sap.com>
(cherry picked from commit 64624fe)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* chore: bump go and purego (envoyproxy#6174)

* chore: bump go and purego

Signed-off-by: zirain <zirain2009@gmail.com>

* fix  gen

Signed-off-by: zirain <zirain2009@gmail.com>

---------

Signed-off-by: zirain <zirain2009@gmail.com>
(cherry picked from commit 40ae9e3)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: translate xds udp listener (envoyproxy#6183)

* fix: translate udp listener

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>

* add: tcp/udp no routes testdata in xds translator

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>

* add: release note

Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
(cherry picked from commit 8f538e7)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Change static uid to  for global ratelimit dashboard (envoyproxy#6193)

Signed-off-by: Emin Aktas <eminaktas34@gmail.com>
(cherry picked from commit f721925)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix broken btp ratelimit merge (envoyproxy#6214)

* Fix broken btp ratelimit merge

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* lint

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

---------

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit 0f6f363)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set via ClientTrafficPolicy (envoyproxy#6217)

Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set in ClientTrafficPolicy

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
(cherry picked from commit de816a6)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix testdata

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Allow for headless envoy services (envoyproxy#6250)

* Allow for headless envoy services

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Allow headless service, cleanup

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* clean

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Add test and comment

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>

* Fix tests

Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
(cherry picked from commit 2e168a8)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog (envoyproxy#6221)

* remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

* fix e2e test

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>

---------

Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
(cherry picked from commit b7ed197)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix lint

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

---------

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
Signed-off-by: Arko Dasgupta <arko@tetrate.io>
Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com>
Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com>
Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: Emin Aktas <eminaktas34@gmail.com>
Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
Co-authored-by: Karol Szwaj <karol.szwaj@gmail.com>
Co-authored-by: zirain <zirain2009@gmail.com>
Co-authored-by: Ryan Hristovski <61257223+ryanhristovski@users.noreply.github.com>
Co-authored-by: Ankush Agarwal <ankushagarwal11@gmail.com>
Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com>
Co-authored-by: Guy Daich <guy.daich@sap.com>
Co-authored-by: Isaac <10012479+jukie@users.noreply.github.com>
Co-authored-by: Emin AKTAS <eminaktas34@gmail.com>
Signed-off-by: shawnh2 <shawnhxh@outlook.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arkodg arkodg arkodg approved these changes

@zhaohuabing zhaohuabing zhaohuabing left review comments

@shawnh2 shawnh2 shawnh2 left review comments

Assignees

No one assigned

Labels

cherrypick/release-v1.4.1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ryanhristovski @zhaohuabing @arkodg @shawnh2