[release/v1.4] Cherry Pick fixes into v1.4.1 by arkodg · Pull Request #6258 · envoyproxy/gateway

arkodg · 2025-06-03T23:45:18Z

https://github.com/envoyproxy/gateway/issues?q=label%3Acherrypick%2Frelease-v1.4.1

…oxy#5862) * set OverlappingTLSConfig condition for merged Gateways Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix lint Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * minor change Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit be51e5b) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix backend tls test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * enable backend tls test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * remove gateway TLS to simplify the test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * rename secret to avoid conflicts Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit a685667) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* validate gateway namespace mode and merged gateways in translator Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix lint Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * skip merge gateways test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * validate on gatewayclass and set the status Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * skip e2e test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * add valid testcases Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * Update internal/provider/kubernetes/controller.go Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix lint Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * skip merge gateways test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * rebase Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> --------- Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> (cherry picked from commit c5f6831) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix shared=true when no clientSelector, cleanup filter logic, fix rl descriptor logic Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * testdata update Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Linting, remove unused funcs Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * fix e2e Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> (cherry picked from commit bb3c8da) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

…icy.validation (envoyproxy#6092) * Add support for SubjectAltNames from BackendTLSPolicy.validation Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com> (cherry picked from commit 35420d5) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

…de (envoyproxy#6100) * feat: add ownerreference to infra resources when gateway namespace mode Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> (cherry picked from commit fc462a8) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: add FullDuplexStreamed to enum Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 020d60a) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

…xy#6133) * Quoted string for zone values Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * release note Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * regen Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> (cherry picked from commit ea9cb05) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

return early from buildwasms Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 64624fe) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* chore: bump go and purego Signed-off-by: zirain <zirain2009@gmail.com> * fix gen Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit 40ae9e3) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: translate udp listener Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: tcp/udp no routes testdata in xds translator Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: release note Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> (cherry picked from commit 8f538e7) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

Signed-off-by: Emin Aktas <eminaktas34@gmail.com> (cherry picked from commit f721925) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix broken btp ratelimit merge Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * lint Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> --------- Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> (cherry picked from commit 0f6f363) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

…hen ALPN is explicitly set via ClientTrafficPolicy (envoyproxy#6217) Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set in ClientTrafficPolicy Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit de816a6) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Allow for headless envoy services Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Allow headless service, cleanup Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * clean Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Add test and comment Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Fix tests Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> (cherry picked from commit 2e168a8) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

…E envVar for accesslog (envoyproxy#6221) * remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix e2e test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> --------- Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> (cherry picked from commit b7ed197) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

codecov · 2025-06-03T23:53:58Z

Codecov Report

Attention: Patch coverage is 91.07143% with 30 lines in your changes missing coverage. Please review.

Project coverage is 70.51%. Comparing base (5bd01c7) to head (16fd300).
Report is 1 commits behind head on release/v1.4.

Files with missing lines	Patch %	Lines
internal/infrastructure/kubernetes/proxy_infra.go	63.41%	10 Missing and 5 partials ⚠️
internal/xds/translator/translator.go	85.41%	5 Missing and 2 partials ⚠️
internal/gatewayapi/status/gateway.go	57.14%	2 Missing and 1 partial ⚠️
internal/gatewayapi/backendtlspolicy.go	84.61%	2 Missing ⚠️
...frastructure/kubernetes/proxy/resource_provider.go	96.36%	1 Missing and 1 partial ⚠️
internal/xds/translator/ratelimit.go	97.95%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@               Coverage Diff                @@
##           release/v1.4    #6258      +/-   ##
================================================
+ Coverage         70.38%   70.51%   +0.12%     
================================================
  Files               217      217              
  Lines             36171    36313     +142     
================================================
+ Hits              25460    25605     +145     
+ Misses             9188     9182       -6     
- Partials           1523     1526       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* feat: set OverlappingTLSConfig condition for merged Gateways (envoyproxy#5862) * set OverlappingTLSConfig condition for merged Gateways Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix lint Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * minor change Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit be51e5b) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * e2e: fix backend tls test (envoyproxy#6029) * fix backend tls test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * enable backend tls test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * remove gateway TLS to simplify the test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * rename secret to avoid conflicts Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit a685667) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * validate gateway namespace mode and merged gateways (envoyproxy#6041) * validate gateway namespace mode and merged gateways in translator Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix lint Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * skip merge gateways test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * validate on gatewayclass and set the status Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * skip e2e test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * add valid testcases Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * Update internal/provider/kubernetes/controller.go Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix lint Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * skip merge gateways test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * rebase Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> --------- Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> (cherry picked from commit c5f6831) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * Fix shared=true when no clientSelector, (envoyproxy#6072) * Fix shared=true when no clientSelector, cleanup filter logic, fix rl descriptor logic Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * testdata update Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Linting, remove unused funcs Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * fix e2e Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> (cherry picked from commit bb3c8da) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix(tranlator): SubjectAltNames were being dropped from BackendTLSPolicy.validation (envoyproxy#6092) * Add support for SubjectAltNames from BackendTLSPolicy.validation Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com> (cherry picked from commit 35420d5) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * feat: add ownerreference to infra resources when gateway namespace mode (envoyproxy#6100) * feat: add ownerreference to infra resources when gateway namespace mode Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> (cherry picked from commit fc462a8) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix: add FullDuplexStreamed to enum (envoyproxy#6103) * fix: add FullDuplexStreamed to enum Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 020d60a) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix: Use quoted values zone annotation in topology injector (envoyproxy#6133) * Quoted string for zone values Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * release note Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * regen Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> (cherry picked from commit ea9cb05) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix: return early from buildwasms (envoyproxy#6169) return early from buildwasms Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 64624fe) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * chore: bump go and purego (envoyproxy#6174) * chore: bump go and purego Signed-off-by: zirain <zirain2009@gmail.com> * fix gen Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit 40ae9e3) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix: translate xds udp listener (envoyproxy#6183) * fix: translate udp listener Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: tcp/udp no routes testdata in xds translator Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: release note Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> (cherry picked from commit 8f538e7) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * Change static uid to for global ratelimit dashboard (envoyproxy#6193) Signed-off-by: Emin Aktas <eminaktas34@gmail.com> (cherry picked from commit f721925) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * Fix broken btp ratelimit merge (envoyproxy#6214) * Fix broken btp ratelimit merge Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * lint Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> --------- Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> (cherry picked from commit 0f6f363) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set via ClientTrafficPolicy (envoyproxy#6217) Keep ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set in ClientTrafficPolicy Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit de816a6) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix testdata Signed-off-by: Arko Dasgupta <arko@tetrate.io> * Allow for headless envoy services (envoyproxy#6250) * Allow for headless envoy services Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Allow headless service, cleanup Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * clean Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Add test and comment Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> * Fix tests Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> (cherry picked from commit 2e168a8) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog (envoyproxy#6221) * remove infra ENVOY_GATEWAY_NAMESPACE and introduce ENVOY_POD_NAMESPACE envVar for accesslog Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix e2e test Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> --------- Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> (cherry picked from commit b7ed197) Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix lint Signed-off-by: Arko Dasgupta <arko@tetrate.io> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Arko Dasgupta <arko@tetrate.io> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> Signed-off-by: Ryan Hristovski <ryan.hristovski@docker.com> Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com> Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Emin Aktas <eminaktas34@gmail.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: Karol Szwaj <karol.szwaj@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Ryan Hristovski <61257223+ryanhristovski@users.noreply.github.com> Co-authored-by: Ankush Agarwal <ankushagarwal11@gmail.com> Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com> Co-authored-by: Guy Daich <guy.daich@sap.com> Co-authored-by: Isaac <10012479+jukie@users.noreply.github.com> Co-authored-by: Emin AKTAS <eminaktas34@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com>

zhaohuabing and others added 17 commits June 3, 2025 13:59

fix: add FullDuplexStreamed to enum (envoyproxy#6103)

46ce393

* fix: add FullDuplexStreamed to enum Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 020d60a) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

fix: return early from buildwasms (envoyproxy#6169)

4b7c706

return early from buildwasms Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 64624fe) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

Change static uid to for global ratelimit dashboard (envoyproxy#6193)

10c3c82

Signed-off-by: Emin Aktas <eminaktas34@gmail.com> (cherry picked from commit f721925) Signed-off-by: Arko Dasgupta <arko@tetrate.io>

fix testdata

e0dccff

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

arkodg requested a review from a team as a code owner June 3, 2025 23:45

arkodg requested a review from a team June 3, 2025 23:45

fix lint

16fd300

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

guydc approved these changes Jun 4, 2025

View reviewed changes

arkodg merged commit 12345ea into envoyproxy:release/v1.4 Jun 4, 2025
32 of 38 checks passed

shawnh2 mentioned this pull request Jun 4, 2025

v1.4.1 release notes #6254

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[release/v1.4] Cherry Pick fixes into v1.4.1#6258

[release/v1.4] Cherry Pick fixes into v1.4.1#6258
arkodg merged 18 commits intoenvoyproxy:release/v1.4from
arkodg:cp-141

arkodg commented Jun 3, 2025

Uh oh!

codecov bot commented Jun 3, 2025 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

10 participants

Conversation

arkodg commented Jun 3, 2025

Uh oh!

codecov bot commented Jun 3, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

10 participants

codecov bot commented Jun 3, 2025 •

edited

Loading