[release-1.6] cherry-pick for v1.6.1#7663
Closed
zhaohuabing wants to merge 9 commits intoenvoyproxy:release/v1.6from
Closed
[release-1.6] cherry-pick for v1.6.1#7663zhaohuabing wants to merge 9 commits intoenvoyproxy:release/v1.6from
zhaohuabing wants to merge 9 commits intoenvoyproxy:release/v1.6from
Conversation
…envoyproxy#7460) fix: oid authentication endpoint was overriden by discovered value Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit 50dcb15) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
…invalid (envoyproxy#7488) * do not return 500 for all requests when part of BackendRefs are invalid Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit 2899416) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## release/v1.6 #7663 +/- ##
=============================================
Coverage 72.30% 72.30%
=============================================
Files 231 231
Lines 34071 34095 +24
=============================================
+ Hits 24634 24654 +20
- Misses 7663 7666 +3
- Partials 1774 1775 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
…es (envoyproxy#7536) * fix: prevent skeleton route status entries for unmanaged GatewayClasses When processing policies (EnvoyExtensionPolicy, SecurityPolicy), the translator was calling GetRouteParentContext for ALL parentRefs in a route, even those referencing gateways with different GatewayClasses not managed by this translator. GetRouteParentContext creates a skeleton RouteParentStatus entry with just the controllerName when called on a parentRef that hasn't been processed yet. Since all GatewayClass instances share the same controller name, these skeleton entries persisted in status without conditions. The fix checks if a parentRef context already exists before attempting to apply policy configuration to it. If the context doesn't exist, it means this parentRef wasn't processed by this translator and should be skipped. Signed-off-by: Raj Singh <raj@tailscale.com> * fix: also prevent skeleton entries in BackendTrafficPolicy processing The same issue exists in BackendTrafficPolicy route processing - calling GetRouteParentContext for all parentRefs creates skeleton status entries. Apply the same fix: check if parentRef context exists before adding to list. Signed-off-by: Raj Singh <raj@tailscale.com> --------- Signed-off-by: Raj Singh <raj@tailscale.com> (cherry picked from commit ff13742) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
Signed-off-by: cong <q1875486458@gmail.com> (cherry picked from commit 7cb5f72) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
use fixed duration for cpu rate Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> (cherry picked from commit 536486f) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
* chore: bump golang.org/x/crypto Signed-off-by: zirain <zirain2009@gmail.com> * fix gen Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit 70fa59a) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
…ss (envoyproxy#7611) * fix: filter Gateway by controller in findOwningGateway Prevent cross-controller Gateway mutations by validating GatewayClass Signed-off-by: Sudipto Baral <sudiptobaral.me@gmail.com> (cherry picked from commit ba8e0e2) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
* fix: use default when namespace is unset Signed-off-by: zirain <zirain2009@gmail.com> * fix Signed-off-by: zirain <zirain2009@gmail.com> * fix test Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit be2cc73) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit 0fa26d7) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
… (#7460)
fix: oid authentication endpoint was overriden by discovered value
(cherry picked from commit 50dcb15)
What type of PR is this?
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Release Notes: Yes/No