fix: watch change for the ca cert in the Backend #7294
Merged
+108
−10
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zhaohuabing
force-pushed
the
fix-backend-ca-watch
branch
from
2576f09 to
2fa9750
Compare
zhaohuabing
changed the title
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7294 +/- ##
==========================================
+ Coverage 70.94% 70.97% +0.03%
==========================================
Files 229 229
Lines 41071 41098 +27
==========================================
+ Hits 29137 29170 +33
+ Misses 10216 10205 -11
- Partials 1718 1723 +5 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Signed-off-by: Huabing Zhao <[email protected]>
zirain
force-pushed
the
fix-backend-ca-watch
branch
from
2fa9750 to
1c223e6
Compare
zirain
approved these changes
Oct 21, 2025
zirain
reviewed
Oct 21, 2025
| } | ||
| } | ||
|
|
||
| if r.backendCRDExists { |
Member
There was a problem hiding this comment.
Does the same problem exist for configmap/clustertrustebundle?
Contributor
There was a problem hiding this comment.
Ah we need to do this for cluster trust bundle as well, good catch
Member
Author
There was a problem hiding this comment.
It's already handled here?
gateway/internal/provider/kubernetes/predicates.go
Lines 187 to 207 in 650fd83
Member
There was a problem hiding this comment.
looks like we missed for ConfigMap?
Member
Author
There was a problem hiding this comment.
ConfigMap has also been handled in this PR #7294 (comment)
zirain
previously approved these changes
Oct 21, 2025
Member
|
/retest |
Signed-off-by: Huabing Zhao <[email protected]>
zhaohuabing
commented
Oct 22, 2025
| } | ||
| } | ||
|
|
||
| if !r.backendAPIDisabled() { |
Member
Author
zirain
approved these changes
Oct 22, 2025
arkodg
approved these changes
Oct 22, 2025
linmosko
pushed a commit
to linmosko/gateway
that referenced
this pull request
Oct 27, 2025
* watch change for the ca cert in the Backend Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: Lin Moskovitch <[email protected]>
ekline-ai
pushed a commit
to ekline-ai/envoyproxy-gateway
that referenced
this pull request
Nov 2, 2025
* watch change for the ca cert in the Backend Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: EkLine AI <[email protected]>
zirain
pushed a commit
to zirain/gateway
that referenced
this pull request
Nov 14, 2025
* watch change for the ca cert in the Backend Signed-off-by: Huabing Zhao <[email protected]>
zirain
pushed a commit
to zirain/gateway
that referenced
this pull request
Nov 14, 2025
* watch change for the ca cert in the Backend Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: zirain <[email protected]>
zirain
added a commit
that referenced
this pull request
Nov 14, 2025
* fix: bug in overlap detection of cert SANs (#7234) Signed-off-by: zirain <[email protected]> * fix(translator): Fix panic with request mirror + grpcroute (#6875) Signed-off-by: Andrew Moreland <[email protected]> Signed-off-by: zirain <[email protected]> * fix: watch change for the ca cert in the Backend (#7294) * watch change for the ca cert in the Backend Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: zirain <[email protected]> * fix ipFamily not set in UDPListener (#7313) fix: set ipfamily in udpistener (#7312) Signed-off-by: cong <[email protected]> Signed-off-by: zirain <[email protected]> * coalesce updates to reduce intermediate updates (#7328) * coalesce updates to reduce redundant processing in subscription handler Signed-off-by: Huabing Zhao <[email protected]> * retain order Signed-off-by: Huabing Zhao <[email protected]> * keep intermediate delete updates Signed-off-by: Huabing Zhao <[email protected]> * minor wording Signed-off-by: Huabing Zhao <[email protected]> * treat delete as normal operations Signed-off-by: Huabing Zhao <[email protected]> * retain the original order of the last updates for each key Signed-off-by: Huabing Zhao <[email protected]> * address comments Signed-off-by: Huabing Zhao <[email protected]> * fix test Signed-off-by: Huabing Zhao <[email protected]> --------- Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: zirain <[email protected]> * fix: port typo (#7397) Signed-off-by: cong <[email protected]> Signed-off-by: zirain <[email protected]> * fix: validate EnvoyGateway configuration before reload (#7412) Signed-off-by: zirain <[email protected]> * fix: missing jwt provider when jwt is configured on multiple listeners sharing the same port (#7337) * fix jwt provider missing when jwt is configured at multiple ir listeners Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: zirain <[email protected]> * fix: memory leak (#7429) Fix memory leak. Two watchable.Maps were never closed when shutting down the provider: - GatewayClassStatuses.Close() - missing in GatewayAPIStatuses.Close() - BackendTrafficPolicyStatuses.Close() - missing in PolicyStatuses.Close() Each unclosed map leaked 3 goroutines: 1. Internal watchable.Map.coalesce goroutine 2. HandleSubscription goroutine blocked on channel read 3. Error handler goroutine blocked on channel read Signed-off-by: Gonzalo Serrano <[email protected]> Signed-off-by: zirain <[email protected]> * fix gen after cherry-pick Signed-off-by: zirain <[email protected]> * fix watchutil test Signed-off-by: Huabing Zhao <[email protected]> --------- Signed-off-by: zirain <[email protected]> Signed-off-by: Andrew Moreland <[email protected]> Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: cong <[email protected]> Signed-off-by: Gonzalo Serrano <[email protected]> Co-authored-by: Rudrakh Panigrahi <[email protected]> Co-authored-by: Andrew Moreland <[email protected]> Co-authored-by: Huabing (Robin) Zhao <[email protected]> Co-authored-by: 聪 <[email protected]> Co-authored-by: Gonzalo Serrano <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes the missing watch for ca cert in the Backend resource.
Release Notes: No