diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6345618f3..826696e34 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -303,7 +303,7 @@ jobs: make create-kind-cluster KIND_KUBE_CONFIG=${kube_config} echo "KUBECONFIG=${kube_config}" >> "$GITHUB_ENV" kind load docker-image ghcr.io/nginxinc/nginx-gateway-fabric:${{ steps.ngf-meta.outputs.version }} ghcr.io/nginxinc/nginx-gateway-fabric/nginx:${{ steps.nginx-meta.outputs.version }} - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml - name: Install Chart run: > diff --git a/Makefile b/Makefile index 5f2c9fb0b..a372adf11 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ TELEMETRY_REPORT_PERIOD = 24h TELEMETRY_ENDPOINT=# if empty, NGF will report telemetry in its logs at debug level. TELEMETRY_ENDPOINT_INSECURE = false -GW_API_VERSION = 1.0.0 +GW_API_VERSION = 1.1.0 ENABLE_EXPERIMENTAL = false NODE_VERSION = $(shell cat .nvmrc) diff --git a/README.md b/README.md index 18c7c0d86..7620cd1d2 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ The following table lists the software versions NGINX Gateway Fabric supports. | NGINX Gateway Fabric | Gateway API | Kubernetes | NGINX OSS | NGINX Plus | | -------------------- | ----------- | ---------- | --------- | ---------- | -| Edge | 1.0.0 | 1.25+ | 1.25.5 | R31 | +| Edge | 1.1.0 | 1.25+ | 1.25.5 | R31 | | 1.2.0 | 1.0.0 | 1.23+ | 1.25.4 | R31 | | 1.1.0 | 1.0.0 | 1.23+ | 1.25.3 | n/a | | 1.0.0 | 0.8.1 | 1.23+ | 1.25.2 | n/a | diff --git a/apis/v1alpha1/clientsettingspolicy_types.go b/apis/v1alpha1/clientsettingspolicy_types.go index 370a6e228..a01032af4 100644 --- a/apis/v1alpha1/clientsettingspolicy_types.go +++ b/apis/v1alpha1/clientsettingspolicy_types.go @@ -36,12 +36,6 @@ type ClientSettingsPolicyList struct { // ClientSettingsPolicySpec defines the desired state of ClientSettingsPolicy. type ClientSettingsPolicySpec struct { - // TargetRef identifies an API object to apply the policy to. - // Object must be in the same namespace as the policy. - // - // Support: Gateway, HTTPRoute - TargetRef gatewayv1alpha2.PolicyTargetReference `json:"targetRef"` - // Body defines the client request body settings. // // +optional @@ -51,6 +45,12 @@ type ClientSettingsPolicySpec struct { // // +optional KeepAlive *ClientKeepAlive `json:"keepAlive,omitempty"` + + // TargetRef identifies an API object to apply the policy to. + // Object must be in the same namespace as the policy. + // + // Support: Gateway, HTTPRoute + TargetRef gatewayv1alpha2.LocalPolicyTargetReference `json:"targetRef"` } // ClientBody contains the settings for the client request body. diff --git a/apis/v1alpha1/observabilitypolicy_types.go b/apis/v1alpha1/observabilitypolicy_types.go index fcd614c19..6902db834 100644 --- a/apis/v1alpha1/observabilitypolicy_types.go +++ b/apis/v1alpha1/observabilitypolicy_types.go @@ -37,16 +37,16 @@ type ObservabilityPolicyList struct { // ObservabilityPolicySpec defines the desired state of the ObservabilityPolicy. type ObservabilityPolicySpec struct { - // TargetRef identifies an API object to apply the policy to. - // Object must be in the same namespace as the policy. - // - // Support: HTTPRoute - TargetRef gatewayv1alpha2.PolicyTargetReference `json:"targetRef"` - // Tracing allows for enabling and configuring tracing. // // +optional Tracing *Tracing `json:"tracing,omitempty"` + + // TargetRef identifies an API object to apply the policy to. + // Object must be in the same namespace as the policy. + // + // Support: HTTPRoute + TargetRef gatewayv1alpha2.LocalPolicyTargetReference `json:"targetRef"` } // Tracing allows for enabling and configuring OpenTelemetry tracing. diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go index 222ff43ed..2b3946d72 100644 --- a/apis/v1alpha1/zz_generated.deepcopy.go +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -151,7 +151,6 @@ func (in *ClientSettingsPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClientSettingsPolicySpec) DeepCopyInto(out *ClientSettingsPolicySpec) { *out = *in - in.TargetRef.DeepCopyInto(&out.TargetRef) if in.Body != nil { in, out := &in.Body, &out.Body *out = new(ClientBody) @@ -162,6 +161,7 @@ func (in *ClientSettingsPolicySpec) DeepCopyInto(out *ClientSettingsPolicySpec) *out = new(ClientKeepAlive) (*in).DeepCopyInto(*out) } + out.TargetRef = in.TargetRef } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSettingsPolicySpec. @@ -435,12 +435,12 @@ func (in *ObservabilityPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ObservabilityPolicySpec) DeepCopyInto(out *ObservabilityPolicySpec) { *out = *in - in.TargetRef.DeepCopyInto(&out.TargetRef) if in.Tracing != nil { in, out := &in.Tracing, &out.Tracing *out = new(Tracing) (*in).DeepCopyInto(*out) } + out.TargetRef = in.TargetRef } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObservabilityPolicySpec. diff --git a/charts/nginx-gateway-fabric/README.md b/charts/nginx-gateway-fabric/README.md index 3ff54c6a3..c6714495d 100644 --- a/charts/nginx-gateway-fabric/README.md +++ b/charts/nginx-gateway-fabric/README.md @@ -40,7 +40,7 @@ This chart deploys the NGINX Gateway Fabric in your Kubernetes cluster. > [see the Technical Specifications](https://github.com/nginxinc/nginx-gateway-fabric/blob/main/README.md#technical-specifications). ```shell -kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml +kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` ## Installing the Chart @@ -128,7 +128,7 @@ Gateway Fabric - [see the Technical Specifications](../../README.md#technical-sp To upgrade the Gateway CRDs from [the Gateway API repo](https://github.com/kubernetes-sigs/gateway-api), run: ```shell -kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml +kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` ### Upgrading the CRDs @@ -238,7 +238,7 @@ These commands remove all the Kubernetes components associated with the release To delete the Gateway API CRDs from [the Gateway API repo](https://github.com/kubernetes-sigs/gateway-api), run: ```shell -kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml +kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` ## Configuration diff --git a/charts/nginx-gateway-fabric/templates/rbac.yaml b/charts/nginx-gateway-fabric/templates/rbac.yaml index a5e5188e3..56e3adb3f 100644 --- a/charts/nginx-gateway-fabric/templates/rbac.yaml +++ b/charts/nginx-gateway-fabric/templates/rbac.yaml @@ -90,9 +90,9 @@ rules: - gateways - httproutes - referencegrants + - grpcroutes {{- if .Values.nginxGateway.gwAPIExperimentalFeatures.enable }} - backendtlspolicies - - grpcroutes {{- end }} verbs: - list @@ -103,9 +103,9 @@ rules: - httproutes/status - gateways/status - gatewayclasses/status + - grpcroutes/status {{- if .Values.nginxGateway.gwAPIExperimentalFeatures.enable }} - backendtlspolicies/status - - grpcroutes/status {{- end }} verbs: - update diff --git a/cmd/gateway/validation.go b/cmd/gateway/validation.go index 8fbd4b4c4..2e3d60b3b 100644 --- a/cmd/gateway/validation.go +++ b/cmd/gateway/validation.go @@ -15,7 +15,7 @@ import ( const ( // nolint:lll - // Regex from: https://github.com/kubernetes-sigs/gateway-api/blob/v1.0.0/apis/v1/shared_types.go#L640 + // Regex from: https://github.com/kubernetes-sigs/gateway-api/blob/v1.1.0/apis/v1/shared_types.go#L647 controllerNameRegex = `^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$` //nolint:lll ) diff --git a/config/crd/bases/gateway.nginx.org_clientsettingspolicies.yaml b/config/crd/bases/gateway.nginx.org_clientsettingspolicies.yaml index f34e80587..3f5728a7d 100644 --- a/config/crd/bases/gateway.nginx.org_clientsettingspolicies.yaml +++ b/config/crd/bases/gateway.nginx.org_clientsettingspolicies.yaml @@ -133,16 +133,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind @@ -257,7 +247,7 @@ spec: * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, experimental, ClusterIP Services only) + * Service (Mesh conformance profile, ClusterIP Services only) Support for other resources is Implementation-Specific. @@ -343,9 +333,6 @@ spec: Support: Extended - - - format: int32 maximum: 65535 minimum: 1 @@ -356,14 +343,12 @@ spec: following resources, SectionName is interpreted as the following: - * Gateway: Listener Name. When both Port (experimental) and SectionName + * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. - * Service: Port Name. When both Port (experimental) and SectionName + * Service: Port name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services as Parents - is part of experimental Mesh support and is not supported for any other - purpose. + both specified values. Implementations MAY choose to support attaching Routes to other resources. diff --git a/config/crd/bases/gateway.nginx.org_observabilitypolicies.yaml b/config/crd/bases/gateway.nginx.org_observabilitypolicies.yaml index bb932d7ec..461637d60 100644 --- a/config/crd/bases/gateway.nginx.org_observabilitypolicies.yaml +++ b/config/crd/bases/gateway.nginx.org_observabilitypolicies.yaml @@ -74,16 +74,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind @@ -273,7 +263,7 @@ spec: * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, experimental, ClusterIP Services only) + * Service (Mesh conformance profile, ClusterIP Services only) Support for other resources is Implementation-Specific. @@ -359,9 +349,6 @@ spec: Support: Extended - - - format: int32 maximum: 65535 minimum: 1 @@ -372,14 +359,12 @@ spec: following resources, SectionName is interpreted as the following: - * Gateway: Listener Name. When both Port (experimental) and SectionName + * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. - * Service: Port Name. When both Port (experimental) and SectionName + * Service: Port name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services as Parents - is part of experimental Mesh support and is not supported for any other - purpose. + both specified values. Implementations MAY choose to support attaching Routes to other resources. diff --git a/conformance/Makefile b/conformance/Makefile index 91ce92da7..4fae26d27 100644 --- a/conformance/Makefile +++ b/conformance/Makefile @@ -3,9 +3,9 @@ VERSION = 1.2.0 # NGF version PREFIX = nginx-gateway-fabric NGINX_PREFIX = $(PREFIX)/nginx NGINX_PLUS_PREFIX ?= $(PREFIX)/nginx-plus -GW_API_VERSION ?= 1.0.0 +GW_API_VERSION ?= 1.1.0 GATEWAY_CLASS = nginx -SUPPORTED_FEATURES = HTTPRouteQueryParamMatching,HTTPRouteMethodMatching,HTTPRoutePortRedirect,HTTPRouteSchemeRedirect,HTTPRouteHostRewrite,HTTPRoutePathRewrite,GatewayPort8080,HTTPRouteResponseHeaderModification +SUPPORTED_FEATURES = HTTPRouteQueryParamMatching,HTTPRouteMethodMatching,HTTPRoutePortRedirect,HTTPRouteSchemeRedirect,HTTPRouteHostRewrite,HTTPRoutePathRewrite,GatewayPort8080,HTTPRouteResponseHeaderModification,GRPCExactMethodMatching,GRPCRouteListenerHostnameMatching,GRPCRouteHeaderMatching KIND_IMAGE ?= $(shell grep -m1 'FROM kindest/node' \033[0m\n\nTargets:\n\n"}; {printf " \033[36m%-30s\033[0m %s\n", $$1, $$2}' @@ -108,8 +104,14 @@ run-conformance-tests: ## Run conformance tests bash scripts/check-pod-exit-code.sh sed -e '1,/CONFORMANCE PROFILE/d' output.txt > conformance-profile.yaml rm output.txt - [ $(shell cat conformance-profile.yaml | yq '.profiles[0].core.result') != "failure" ] \ - && [ $(shell cat conformance-profile.yaml | yq '.profiles[0].extended.result') != "failure" ] || exit 2 + grpc_core_result=`yq '.profiles[0].core.result' conformance-profile.yaml`; \ + http_core_result=`yq '.profiles[1].core.result' conformance-profile.yaml`; \ + http_extended_result=`yq '.profiles[1].extended.result' conformance-profile.yaml`; \ + if [ "$$grpc_core_result" != "failure" ] && [ "$$http_core_result" != "failure" ] && [ "$$http_extended_result" != "failure" ] ; then \ + exit 0; \ + else \ + exit 2; \ + fi .PHONY: cleanup-conformance-tests cleanup-conformance-tests: ## Clean up conformance tests fixtures diff --git a/conformance/README.md b/conformance/README.md index bd3f13e82..fd4f316eb 100644 --- a/conformance/README.md +++ b/conformance/README.md @@ -50,7 +50,7 @@ update-ngf-manifest Update the NGF deployment manifest image na | CONFORMANCE_PREFIX | conformance-test-runner | The prefix for the conformance test image | | TAG | edge | The tag for the locally built NGF image | | PREFIX | nginx-gateway-fabric | The prefix for the locally built NGF image | -| GW_API_VERSION | 1.0.0 | Tag for the Gateway API version to check out. Set to `main` to get the latest version | +| GW_API_VERSION | 1.1.0 | Tag for the Gateway API version to check out. Set to `main` to get the latest version | | KIND_IMAGE | Latest kind image, as defined in the tests/Dockerfile | The kind image to use | | KIND_KUBE_CONFIG | ~/.kube/kind/config | The location of the kubeconfig | | GATEWAY_CLASS | nginx | The gateway class that should be used for the tests | diff --git a/conformance/tests/conformance-rbac.yaml b/conformance/tests/conformance-rbac.yaml index 3378881af..1c7db22f3 100644 --- a/conformance/tests/conformance-rbac.yaml +++ b/conformance/tests/conformance-rbac.yaml @@ -11,6 +11,7 @@ rules: - apiGroups: - "" resources: + - configmaps - namespaces - pods - secrets @@ -35,6 +36,7 @@ rules: resources: - gateways - httproutes + - grpcroutes - referencegrants - gatewayclasses verbs: @@ -43,6 +45,22 @@ rules: - get - list - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - list +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - create + - delete + - get + - list + - patch --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/conformance/tests/conformance_test.go b/conformance/tests/conformance_test.go index 891ae809c..ad8cfb431 100644 --- a/conformance/tests/conformance_test.go +++ b/conformance/tests/conformance_test.go @@ -23,12 +23,8 @@ import ( . "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/util/sets" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/client/config" - v1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" - "sigs.k8s.io/gateway-api/apis/v1beta1" - "sigs.k8s.io/gateway-api/conformance/apis/v1alpha1" + conf_v1 "sigs.k8s.io/gateway-api/conformance/apis/v1" + "sigs.k8s.io/gateway-api/conformance" "sigs.k8s.io/gateway-api/conformance/tests" "sigs.k8s.io/gateway-api/conformance/utils/flags" "sigs.k8s.io/gateway-api/conformance/utils/suite" @@ -37,52 +33,32 @@ import ( func TestConformance(t *testing.T) { g := NewWithT(t) - cfg, err := config.GetConfig() - g.Expect(err).To(BeNil()) - - client, err := client.New(cfg, client.Options{}) - g.Expect(err).To(BeNil()) - - g.Expect(v1alpha2.AddToScheme(client.Scheme())).To(Succeed()) - g.Expect(v1.AddToScheme(client.Scheme())).To(Succeed()) - g.Expect(v1beta1.AddToScheme(client.Scheme())).To(Succeed()) - - supportedFeatures := suite.ParseSupportedFeatures(*flags.SupportedFeatures) - exemptFeatures := suite.ParseSupportedFeatures(*flags.ExemptFeatures) t.Logf(`Running conformance tests with %s GatewayClass\n cleanup: %t\n`+ `debug: %t\n enable all features: %t \n supported features: [%v]\n exempt features: [%v]`, *flags.GatewayClassName, *flags.CleanupBaseResources, *flags.ShowDebug, *flags.EnableAllSupportedFeatures, *flags.SupportedFeatures, *flags.ExemptFeatures) - expSuite, err := suite.NewExperimentalConformanceTestSuite(suite.ExperimentalConformanceOptions{ - Options: suite.Options{ - Client: client, - GatewayClassName: *flags.GatewayClassName, - Debug: *flags.ShowDebug, - CleanupBaseResources: *flags.CleanupBaseResources, - SupportedFeatures: supportedFeatures, - ExemptFeatures: exemptFeatures, - EnableAllSupportedFeatures: *flags.EnableAllSupportedFeatures, - }, - Implementation: v1alpha1.Implementation{ + opts := conformance.DefaultOptions(t) + opts.Implementation = conf_v1.Implementation{ Organization: "nginxinc", Project: "nginx-gateway-fabric", URL: "https://github.com/nginxinc/nginx-gateway-fabric", Version: *flags.ImplementationVersion, Contact: []string{ "https://github.com/nginxinc/nginx-gateway-fabric/discussions/new/choose", - }, }, - ConformanceProfiles: sets.New(suite.HTTPConformanceProfileName), - }) + } + opts.ConformanceProfiles = sets.New(suite.GatewayHTTPConformanceProfileName, suite.GatewayGRPCConformanceProfileName) + + testSuite, err := suite.NewConformanceTestSuite(opts) g.Expect(err).To(Not(HaveOccurred())) - expSuite.Setup(t) - err = expSuite.Run(t, tests.ConformanceTests) + testSuite.Setup(t, tests.ConformanceTests) + err = testSuite.Run(t, tests.ConformanceTests) g.Expect(err).To(Not(HaveOccurred())) - report, err := expSuite.Report() + report, err := testSuite.Report() g.Expect(err).To(Not(HaveOccurred())) yamlReport, err := yaml.Marshal(report) diff --git a/deploy/crds.yaml b/deploy/crds.yaml index da732fcc5..5289c855f 100644 --- a/deploy/crds.yaml +++ b/deploy/crds.yaml @@ -132,16 +132,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind @@ -256,7 +246,7 @@ spec: * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, experimental, ClusterIP Services only) + * Service (Mesh conformance profile, ClusterIP Services only) Support for other resources is Implementation-Specific. @@ -342,9 +332,6 @@ spec: Support: Extended - - - format: int32 maximum: 65535 minimum: 1 @@ -355,14 +342,12 @@ spec: following resources, SectionName is interpreted as the following: - * Gateway: Listener Name. When both Port (experimental) and SectionName + * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. - * Service: Port Name. When both Port (experimental) and SectionName + * Service: Port name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services as Parents - is part of experimental Mesh support and is not supported for any other - purpose. + both specified values. Implementations MAY choose to support attaching Routes to other resources. @@ -864,16 +849,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind @@ -1063,7 +1038,7 @@ spec: * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, experimental, ClusterIP Services only) + * Service (Mesh conformance profile, ClusterIP Services only) Support for other resources is Implementation-Specific. @@ -1149,9 +1124,6 @@ spec: Support: Extended - - - format: int32 maximum: 65535 minimum: 1 @@ -1162,14 +1134,12 @@ spec: following resources, SectionName is interpreted as the following: - * Gateway: Listener Name. When both Port (experimental) and SectionName + * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. - * Service: Port Name. When both Port (experimental) and SectionName + * Service: Port name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services as Parents - is part of experimental Mesh support and is not supported for any other - purpose. + both specified values. Implementations MAY choose to support attaching Routes to other resources. diff --git a/deploy/manifests/nginx-gateway-experimental.yaml b/deploy/manifests/nginx-gateway-experimental.yaml index a52689370..15db4a72b 100644 --- a/deploy/manifests/nginx-gateway-experimental.yaml +++ b/deploy/manifests/nginx-gateway-experimental.yaml @@ -76,8 +76,8 @@ rules: - gateways - httproutes - referencegrants - - backendtlspolicies - grpcroutes + - backendtlspolicies verbs: - list - watch @@ -87,8 +87,8 @@ rules: - httproutes/status - gateways/status - gatewayclasses/status - - backendtlspolicies/status - grpcroutes/status + - backendtlspolicies/status verbs: - update - apiGroups: diff --git a/deploy/manifests/nginx-gateway.yaml b/deploy/manifests/nginx-gateway.yaml index f10dff697..8dc5b2659 100644 --- a/deploy/manifests/nginx-gateway.yaml +++ b/deploy/manifests/nginx-gateway.yaml @@ -75,6 +75,7 @@ rules: - gateways - httproutes - referencegrants + - grpcroutes verbs: - list - watch @@ -84,6 +85,7 @@ rules: - httproutes/status - gateways/status - gatewayclasses/status + - grpcroutes/status verbs: - update - apiGroups: diff --git a/deploy/manifests/nginx-plus-gateway-experimental.yaml b/deploy/manifests/nginx-plus-gateway-experimental.yaml index 824440d4e..81743dcee 100644 --- a/deploy/manifests/nginx-plus-gateway-experimental.yaml +++ b/deploy/manifests/nginx-plus-gateway-experimental.yaml @@ -82,8 +82,8 @@ rules: - gateways - httproutes - referencegrants - - backendtlspolicies - grpcroutes + - backendtlspolicies verbs: - list - watch @@ -93,8 +93,8 @@ rules: - httproutes/status - gateways/status - gatewayclasses/status - - backendtlspolicies/status - grpcroutes/status + - backendtlspolicies/status verbs: - update - apiGroups: diff --git a/deploy/manifests/nginx-plus-gateway.yaml b/deploy/manifests/nginx-plus-gateway.yaml index c94be584b..04736bb30 100644 --- a/deploy/manifests/nginx-plus-gateway.yaml +++ b/deploy/manifests/nginx-plus-gateway.yaml @@ -81,6 +81,7 @@ rules: - gateways - httproutes - referencegrants + - grpcroutes verbs: - list - watch @@ -90,6 +91,7 @@ rules: - httproutes/status - gateways/status - gatewayclasses/status + - grpcroutes/status verbs: - update - apiGroups: diff --git a/docs/developer/quickstart.md b/docs/developer/quickstart.md index 75ec82a35..245a28502 100644 --- a/docs/developer/quickstart.md +++ b/docs/developer/quickstart.md @@ -127,13 +127,13 @@ This will build the docker images `nginx-gateway-fabric:` and `nginx- 3. Install Gateway API CRDs: ```shell - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` If you're implementing experimental Gateway API features, install Gateway API CRDs from the experimental channel: ```shell - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/experimental-install.yaml ``` 4. Install NGF using your custom image and expose NGF with a NodePort Service: diff --git a/docs/proposals/client-settings.md b/docs/proposals/client-settings.md index ab476af34..35ca6913d 100644 --- a/docs/proposals/client-settings.md +++ b/docs/proposals/client-settings.md @@ -77,7 +77,7 @@ type ClientSettingsPolicySpec struct { // TargetRef identifies an API object to apply the policy to. // Object must be in the same namespace as the policy. // Support: Gateway and HTTPRoute - TargetRef gatewayv1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef gatewayv1alpha2.LocalPolicyTargetReference `json:"targetRef"` // Body defines the client request body settings. // +optional diff --git a/docs/proposals/observability.md b/docs/proposals/observability.md index e0efb2f8e..fd4987787 100644 --- a/docs/proposals/observability.md +++ b/docs/proposals/observability.md @@ -68,7 +68,7 @@ type ObservabilityPolicySpec struct { // TargetRef identifies an API object to apply the policy to. // Object must be in the same namespace as the policy. // Support: HTTPRoute - TargetRef gatewayv1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef gatewayv1alpha2.LocalPolicyTargetReference `json:"targetRef"` // Tracing allows for enabling and configuring tracing. // diff --git a/examples/grpc-routing/README.md b/examples/grpc-routing/README.md index 1feffee6d..97f953ab9 100644 --- a/examples/grpc-routing/README.md +++ b/examples/grpc-routing/README.md @@ -8,7 +8,6 @@ to route traffic to that application using GRPCRoute resources. ## 1. Deploy NGINX Gateway Fabric 1. Follow the [installation instructions](https://docs.nginx.com/nginx-gateway-fabric/installation/) to deploy NGINX Gateway Fabric. - > **Important**: Ensure the Gateway APIs from the experimental channel are installed and that NGF is deployed with the Gateway experimental features enabled. 1. Save the public IP address of NGINX Gateway Fabric into a shell variable: diff --git a/examples/grpc-routing/exact-method.yaml b/examples/grpc-routing/exact-method.yaml index b47b0a801..c277f2f83 100644 --- a/examples/grpc-routing/exact-method.yaml +++ b/examples/grpc-routing/exact-method.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.networking.k8s.io/v1beta1 +apiVersion: gateway.networking.k8s.io/v1 kind: Gateway metadata: name: same-namespace @@ -12,7 +12,7 @@ spec: namespaces: from: Same --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1 kind: GRPCRoute metadata: name: exact-matching diff --git a/examples/grpc-routing/headers.yaml b/examples/grpc-routing/headers.yaml index fcd3b256d..715f02cd9 100644 --- a/examples/grpc-routing/headers.yaml +++ b/examples/grpc-routing/headers.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.networking.k8s.io/v1beta1 +apiVersion: gateway.networking.k8s.io/v1 kind: Gateway metadata: name: same-namespace @@ -12,7 +12,7 @@ spec: namespaces: from: Same --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1 kind: GRPCRoute metadata: name: grpc-header-matching diff --git a/examples/grpc-routing/hostname.yaml b/examples/grpc-routing/hostname.yaml index 4da094064..e71ceacb2 100644 --- a/examples/grpc-routing/hostname.yaml +++ b/examples/grpc-routing/hostname.yaml @@ -1,4 +1,4 @@ -apiVersion: gateway.networking.k8s.io/v1beta1 +apiVersion: gateway.networking.k8s.io/v1 kind: Gateway metadata: name: grpcroute-listener-hostname-matching @@ -22,7 +22,7 @@ spec: from: Same hostname: foo.bar.com --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1 kind: GRPCRoute metadata: name: backend-v1 @@ -35,7 +35,7 @@ spec: - name: grpc-infra-backend-v1 port: 8080 --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1 kind: GRPCRoute metadata: name: backend-v2 diff --git a/go.mod b/go.mod index 8162dcd67..d1705fd7d 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( k8s.io/client-go v0.30.1 sigs.k8s.io/controller-runtime v0.18.2 sigs.k8s.io/controller-tools v0.15.0 - sigs.k8s.io/gateway-api v1.0.0 + sigs.k8s.io/gateway-api v1.1.0 sigs.k8s.io/yaml v1.4.0 ) @@ -34,7 +34,7 @@ require ( github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect github.com/evanphx/json-patch v5.7.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fatih/color v1.16.0 // indirect @@ -42,9 +42,9 @@ require ( github.com/go-logfmt/logfmt v0.5.1 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.4 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gobuffalo/flect v1.0.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect @@ -54,7 +54,7 @@ require ( github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/gorilla/websocket v1.5.0 // indirect + github.com/gorilla/websocket v1.5.1 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect @@ -63,6 +63,7 @@ require ( github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect + github.com/miekg/dns v1.1.58 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect @@ -79,18 +80,17 @@ require ( go.opentelemetry.io/otel/trace v1.26.0 // indirect go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect + golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.24.0 // indirect - golang.org/x/oauth2 v0.18.0 // indirect + golang.org/x/oauth2 v0.19.0 // indirect golang.org/x/sync v0.7.0 // indirect golang.org/x/sys v0.19.0 // indirect golang.org/x/term v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.20.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect google.golang.org/grpc v1.63.2 // indirect @@ -99,8 +99,8 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/klog/v2 v2.120.1 // indirect - k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 // indirect + k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index a712c5f61..ead43772d 100644 --- a/go.sum +++ b/go.sum @@ -7,12 +7,11 @@ github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyY github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= @@ -32,14 +31,12 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gobuffalo/flect v1.0.2 h1:eqjPGSo2WmjgY2XlpGwo2NXgL3RucAKo4k4qQMNA5sA= @@ -48,13 +45,10 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -66,8 +60,8 @@ github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwg github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= -github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 h1:/c3QmbOGMGTOumP2iT/rCwB7b0QDGLKzqOmktBjT+Is= github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1/go.mod h1:5SN9VR2LTsRFsrEC6FHgRbTWrTHu6tqPeKxEQv15giM= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= @@ -80,11 +74,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= @@ -96,6 +87,8 @@ github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWE github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1 h1:NicmruxkeqHjDv03SfSxqmaLuisddudfP3h5wdXFbhM= github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1/go.mod h1:eyp4DdUJAKkr9tvxR3jWhw2mDK7CWABMG5r9uyaKC7I= +github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -133,8 +126,8 @@ github.com/prometheus/common v0.53.0 h1:U2pL9w9nmJwJDa4qqLQ3ZaePJ6ZTwt7cMD3AG3+a github.com/prometheus/common v0.53.0/go.mod h1:BrxBKv3FWBIGXw89Mg1AeBq7FSyRzXWI3l3e7W3RN5U= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8= github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM= @@ -153,7 +146,6 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 h1:1u/AyyOqAWzy+SkPxDpahCNZParHV8Vid1RnI2clyDE= @@ -177,58 +169,44 @@ go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= -golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI= -golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -237,8 +215,6 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de h1:jFNzHPIeuzhdRwVhbZdiym9q0ory/xY3sA+v2wPg8I0= @@ -247,8 +223,6 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda h1: google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM= google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -274,16 +248,16 @@ k8s.io/client-go v0.30.1 h1:uC/Ir6A3R46wdkgCV3vbLyNOYyCJ8oZnjtJGKfytl/Q= k8s.io/client-go v0.30.1/go.mod h1:wrAqLNs2trwiCH/wxxmT/x3hKVH9PuV0GGW0oDoHVqc= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 h1:Q8Z7VlGhcJgBHJHYugJ/K/7iB8a2eSxCyxdVjJp+lLY= +k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 h1:ao5hUqGhsqdm+bYbjH/pRkCs0unBGe9UyDahzs9zQzQ= +k8s.io/utils v0.0.0-20240423183400-0849a56e8f22/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.18.2 h1:RqVW6Kpeaji67CY5nPEfRz6ZfFMk0lWQlNrLqlNpx+Q= sigs.k8s.io/controller-runtime v0.18.2/go.mod h1:tuAt1+wbVsXIT8lPtk5RURxqAnq7xkpv2Mhttslg7Hw= sigs.k8s.io/controller-tools v0.15.0 h1:4dxdABXGDhIa68Fiwaif0vcu32xfwmgQ+w8p+5CxoAI= sigs.k8s.io/controller-tools v0.15.0/go.mod h1:8zUSS2T8Hx0APCNRhJWbS3CAQEbIxLa07khzh7pZmXM= -sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= -sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= +sigs.k8s.io/gateway-api v1.1.0 h1:DsLDXCi6jR+Xz8/xd0Z1PYl2Pn0TyaFMOPPZIj4inDM= +sigs.k8s.io/gateway-api v1.1.0/go.mod h1:ZH4lHrL2sDi0FHZ9jjneb8kKnGzFWyrTya35sWUTrRs= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/internal/framework/controller/register_test.go b/internal/framework/controller/register_test.go index ecb433730..d038e44bd 100644 --- a/internal/framework/controller/register_test.go +++ b/internal/framework/controller/register_test.go @@ -33,8 +33,8 @@ func TestRegister(t *testing.T) { getDefaultFakes := func() fakes { scheme := runtime.NewScheme() - utilruntime.Must(v1.AddToScheme(scheme)) - utilruntime.Must(v1beta1.AddToScheme(scheme)) + utilruntime.Must(v1.Install(scheme)) + utilruntime.Must(v1beta1.Install(scheme)) indexer := &controllerfakes.FakeFieldIndexer{} diff --git a/internal/framework/gatewayclass/validate.go b/internal/framework/gatewayclass/validate.go index 78ac7ddd5..4c60599a5 100644 --- a/internal/framework/gatewayclass/validate.go +++ b/internal/framework/gatewayclass/validate.go @@ -13,7 +13,7 @@ const ( // BundleVersionAnnotation is the annotation on Gateway API CRDs that contains the installed version. BundleVersionAnnotation = "gateway.networking.k8s.io/bundle-version" // SupportedVersion is the supported version of the Gateway API CRDs. - SupportedVersion = "v1.0.0" + SupportedVersion = "v1.1.0" ) var gatewayCRDs = map[string]apiVersion{ diff --git a/internal/framework/helpers/helpers_test.go b/internal/framework/helpers/helpers_test.go index 8d219fd53..c98383296 100644 --- a/internal/framework/helpers/helpers_test.go +++ b/internal/framework/helpers/helpers_test.go @@ -7,7 +7,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - gatewayv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" + gatewayv1alpha3 "sigs.k8s.io/gateway-api/apis/v1alpha3" ) func TestMustCastObject(t *testing.T) { @@ -20,6 +20,6 @@ func TestMustCastObject(t *testing.T) { }).ToNot(Panic()) g.Expect(func() { - _ = MustCastObject[*gatewayv1alpha2.BackendTLSPolicy](obj) + _ = MustCastObject[*gatewayv1alpha3.BackendTLSPolicy](obj) }).To(Panic()) } diff --git a/internal/framework/status/leader_aware_group_updater_test.go b/internal/framework/status/leader_aware_group_updater_test.go index 0b6739566..5ec97b41f 100644 --- a/internal/framework/status/leader_aware_group_updater_test.go +++ b/internal/framework/status/leader_aware_group_updater_test.go @@ -22,7 +22,7 @@ var _ = Describe("LeaderAwareGroupUpdater", func() { BeforeEach(OncePerOrdered, func() { scheme := runtime.NewScheme() - Expect(v1.AddToScheme(scheme)).Should(Succeed()) + Expect(v1.Install(scheme)).Should(Succeed()) k8sClient = fake.NewClientBuilder(). WithScheme(scheme). diff --git a/internal/framework/status/updater_test.go b/internal/framework/status/updater_test.go index 7b08b5407..7c047e42c 100644 --- a/internal/framework/status/updater_test.go +++ b/internal/framework/status/updater_test.go @@ -96,7 +96,7 @@ var _ = Describe("Updater", func() { BeforeEach(OncePerOrdered, func() { scheme := runtime.NewScheme() - Expect(v1.AddToScheme(scheme)).Should(Succeed()) + Expect(v1.Install(scheme)).Should(Succeed()) k8sClient = fake.NewClientBuilder(). WithScheme(scheme). diff --git a/internal/mode/provisioner/handler_test.go b/internal/mode/provisioner/handler_test.go index fa789b62d..636753980 100644 --- a/internal/mode/provisioner/handler_test.go +++ b/internal/mode/provisioner/handler_test.go @@ -43,7 +43,7 @@ var _ = Describe("handler", func() { BeforeEach(OncePerOrdered, func() { scheme := runtime.NewScheme() - Expect(gatewayv1.AddToScheme(scheme)).Should(Succeed()) + Expect(gatewayv1.Install(scheme)).Should(Succeed()) Expect(v1.AddToScheme(scheme)).Should(Succeed()) Expect(apiext.AddToScheme(scheme)).Should(Succeed()) diff --git a/internal/mode/provisioner/manager.go b/internal/mode/provisioner/manager.go index bbef8c653..4776cceb5 100644 --- a/internal/mode/provisioner/manager.go +++ b/internal/mode/provisioner/manager.go @@ -40,7 +40,7 @@ type Config struct { // many important features. See https://github.com/nginxinc/nginx-gateway-fabric/issues/634 for more details. func StartManager(cfg Config) error { scheme := runtime.NewScheme() - utilruntime.Must(gatewayv1.AddToScheme(scheme)) + utilruntime.Must(gatewayv1.Install(scheme)) utilruntime.Must(v1.AddToScheme(scheme)) utilruntime.Must(apiext.AddToScheme(scheme)) diff --git a/internal/mode/static/manager.go b/internal/mode/static/manager.go index 9069fecc5..30191296e 100644 --- a/internal/mode/static/manager.go +++ b/internal/mode/static/manager.go @@ -31,7 +31,7 @@ import ( metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" k8spredicate "sigs.k8s.io/controller-runtime/pkg/predicate" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - gatewayv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" + gatewayv1alpha3 "sigs.k8s.io/gateway-api/apis/v1alpha3" gatewayv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" @@ -65,9 +65,9 @@ const ( var scheme = runtime.NewScheme() func init() { - utilruntime.Must(gatewayv1beta1.AddToScheme(scheme)) - utilruntime.Must(gatewayv1.AddToScheme(scheme)) - utilruntime.Must(gatewayv1alpha2.AddToScheme(scheme)) + utilruntime.Must(gatewayv1beta1.Install(scheme)) + utilruntime.Must(gatewayv1.Install(scheme)) + utilruntime.Must(gatewayv1alpha3.Install(scheme)) utilruntime.Must(apiv1.AddToScheme(scheme)) utilruntime.Must(discoveryV1.AddToScheme(scheme)) utilruntime.Must(ngfAPI.AddToScheme(scheme)) @@ -421,12 +421,18 @@ func registerControllers( controller.WithK8sPredicate(k8spredicate.GenerationChangedPredicate{}), }, }, + { + objectType: &gatewayv1.GRPCRoute{}, + options: []controller.Option{ + controller.WithK8sPredicate(k8spredicate.GenerationChangedPredicate{}), + }, + }, } if cfg.ExperimentalFeatures { gwExpFeatures := []ctlrCfg{ { - objectType: &gatewayv1alpha2.BackendTLSPolicy{}, + objectType: &gatewayv1alpha3.BackendTLSPolicy{}, options: []controller.Option{ controller.WithK8sPredicate(k8spredicate.GenerationChangedPredicate{}), }, @@ -436,12 +442,6 @@ func registerControllers( // https://github.com/nginxinc/nginx-gateway-fabric/issues/1545 objectType: &apiv1.ConfigMap{}, }, - { - objectType: &gatewayv1alpha2.GRPCRoute{}, - options: []controller.Option{ - controller.WithK8sPredicate(k8spredicate.GenerationChangedPredicate{}), - }, - }, } controllerRegCfgs = append(controllerRegCfgs, gwExpFeatures...) } @@ -606,15 +606,15 @@ func prepareFirstEventBatchPreparerArgs( &gatewayv1.HTTPRouteList{}, &gatewayv1beta1.ReferenceGrantList{}, &ngfAPI.NginxProxyList{}, + &gatewayv1.GRPCRouteList{}, partialObjectMetadataList, } if enableExperimentalFeatures { objectLists = append( objectLists, - &gatewayv1alpha2.BackendTLSPolicyList{}, + &gatewayv1alpha3.BackendTLSPolicyList{}, &apiv1.ConfigMapList{}, - &gatewayv1alpha2.GRPCRouteList{}, ) } diff --git a/internal/mode/static/manager_test.go b/internal/mode/static/manager_test.go index a8693a9ed..dbcfc1d25 100644 --- a/internal/mode/static/manager_test.go +++ b/internal/mode/static/manager_test.go @@ -13,7 +13,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - gatewayv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" + gatewayv1alpha3 "sigs.k8s.io/gateway-api/apis/v1alpha3" gatewayv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" @@ -54,6 +54,7 @@ func TestPrepareFirstEventBatchPreparerArgs(t *testing.T) { &gatewayv1.GatewayList{}, &gatewayv1beta1.ReferenceGrantList{}, &ngfAPI.NginxProxyList{}, + &gatewayv1.GRPCRouteList{}, partialObjectMetadataList, }, }, @@ -75,6 +76,7 @@ func TestPrepareFirstEventBatchPreparerArgs(t *testing.T) { &gatewayv1.HTTPRouteList{}, &gatewayv1beta1.ReferenceGrantList{}, &ngfAPI.NginxProxyList{}, + &gatewayv1.GRPCRouteList{}, partialObjectMetadataList, }, }, @@ -97,9 +99,9 @@ func TestPrepareFirstEventBatchPreparerArgs(t *testing.T) { &gatewayv1.HTTPRouteList{}, &gatewayv1beta1.ReferenceGrantList{}, &ngfAPI.NginxProxyList{}, + &gatewayv1.GRPCRouteList{}, partialObjectMetadataList, - &gatewayv1alpha2.BackendTLSPolicyList{}, - &gatewayv1alpha2.GRPCRouteList{}, + &gatewayv1alpha3.BackendTLSPolicyList{}, }, experimentalEnabled: true, }, diff --git a/internal/mode/static/state/change_processor.go b/internal/mode/static/state/change_processor.go index 5a70be3a5..223c08a68 100644 --- a/internal/mode/static/state/change_processor.go +++ b/internal/mode/static/state/change_processor.go @@ -16,7 +16,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/apiutil" v1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "sigs.k8s.io/gateway-api/apis/v1beta1" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" @@ -104,10 +104,10 @@ func NewChangeProcessorImpl(cfg ChangeProcessorConfig) *ChangeProcessorImpl { ReferenceGrants: make(map[types.NamespacedName]*v1beta1.ReferenceGrant), Secrets: make(map[types.NamespacedName]*apiv1.Secret), CRDMetadata: make(map[types.NamespacedName]*metav1.PartialObjectMetadata), - BackendTLSPolicies: make(map[types.NamespacedName]*v1alpha2.BackendTLSPolicy), + BackendTLSPolicies: make(map[types.NamespacedName]*v1alpha3.BackendTLSPolicy), ConfigMaps: make(map[types.NamespacedName]*apiv1.ConfigMap), NginxProxies: make(map[types.NamespacedName]*ngfAPI.NginxProxy), - GRPCRoutes: make(map[types.NamespacedName]*v1alpha2.GRPCRoute), + GRPCRoutes: make(map[types.NamespacedName]*v1.GRPCRoute), } extractGVK := func(obj client.Object) schema.GroupVersionKind { @@ -151,12 +151,12 @@ func NewChangeProcessorImpl(cfg ChangeProcessorConfig) *ChangeProcessorImpl { predicate: nil, }, { - gvk: extractGVK(&v1alpha2.BackendTLSPolicy{}), + gvk: extractGVK(&v1alpha3.BackendTLSPolicy{}), store: newObjectStoreMapAdapter(clusterStore.BackendTLSPolicies), predicate: nil, }, { - gvk: extractGVK(&v1alpha2.GRPCRoute{}), + gvk: extractGVK(&v1.GRPCRoute{}), store: newObjectStoreMapAdapter(clusterStore.GRPCRoutes), predicate: nil, }, diff --git a/internal/mode/static/state/change_processor_test.go b/internal/mode/static/state/change_processor_test.go index 9c03a9137..6c65ff371 100644 --- a/internal/mode/static/state/change_processor_test.go +++ b/internal/mode/static/state/change_processor_test.go @@ -15,6 +15,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" v1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "sigs.k8s.io/gateway-api/apis/v1beta1" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" @@ -192,9 +193,9 @@ func createAlwaysValidValidators() validation.Validators { func createScheme() *runtime.Scheme { scheme := runtime.NewScheme() - utilruntime.Must(v1.AddToScheme(scheme)) - utilruntime.Must(v1beta1.AddToScheme(scheme)) - utilruntime.Must(v1alpha2.AddToScheme(scheme)) + utilruntime.Must(v1.Install(scheme)) + utilruntime.Must(v1beta1.Install(scheme)) + utilruntime.Must(v1alpha3.Install(scheme)) utilruntime.Must(apiv1.AddToScheme(scheme)) utilruntime.Must(discoveryV1.AddToScheme(scheme)) utilruntime.Must(apiext.AddToScheme(scheme)) @@ -1030,7 +1031,7 @@ var _ = Describe("ChangeProcessor", func() { hr1svc, sharedSvc, bazSvc1, bazSvc2, bazSvc3, invalidSvc, notRefSvc *apiv1.Service hr1slice1, hr1slice2, noRefSlice, missingSvcNameSlice *discoveryV1.EndpointSlice gw *v1.Gateway - btls *v1alpha2.BackendTLSPolicy + btls *v1alpha3.BackendTLSPolicy ) createSvc := func(name string) *apiv1.Service { @@ -1052,18 +1053,19 @@ var _ = Describe("ChangeProcessor", func() { } } - createBackendTLSPolicy := func(name string, svcName string) *v1alpha2.BackendTLSPolicy { - return &v1alpha2.BackendTLSPolicy{ + createBackendTLSPolicy := func(name string, svcName string) *v1alpha3.BackendTLSPolicy { + return &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: name, }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Kind: v1.Kind("Service"), - Name: v1.ObjectName(svcName), - Namespace: helpers.GetPointer(v1.Namespace("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Kind: v1.Kind("Service"), + Name: v1.ObjectName(svcName), + }, }, }, }, @@ -1625,7 +1627,7 @@ var _ = Describe("ChangeProcessor", func() { ns, unrelatedNS, testNs, barNs *apiv1.Namespace secret, secretUpdated, unrelatedSecret, barSecret, barSecretUpdated *apiv1.Secret cm, cmUpdated, unrelatedCM *apiv1.ConfigMap - btls, btlsUpdated *v1alpha2.BackendTLSPolicy + btls, btlsUpdated *v1alpha3.BackendTLSPolicy np, npUpdated *ngfAPI.NginxProxy ) @@ -1894,22 +1896,23 @@ var _ = Describe("ChangeProcessor", func() { } btlsNsName = types.NamespacedName{Namespace: "test", Name: "btls-1"} - btls = &v1alpha2.BackendTLSPolicy{ + btls = &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: btlsNsName.Name, Namespace: btlsNsName.Namespace, Generation: 1, }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Kind: "Service", - Name: v1.ObjectName(svc.Name), - Namespace: helpers.GetPointer(v1.Namespace(svc.Namespace)), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Kind: "Service", + Name: v1.ObjectName(svc.Name), + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: []v1.LocalObjectReference{ + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: []v1.LocalObjectReference{ { Name: v1.ObjectName(cm.Name), }, @@ -1993,7 +1996,7 @@ var _ = Describe("ChangeProcessor", func() { processor.CaptureDeleteChange(&v1.Gateway{}, gwNsName) processor.CaptureDeleteChange(&v1.HTTPRoute{}, hrNsName) processor.CaptureDeleteChange(&v1beta1.ReferenceGrant{}, rgNsName) - processor.CaptureDeleteChange(&v1alpha2.BackendTLSPolicy{}, btlsNsName) + processor.CaptureDeleteChange(&v1alpha3.BackendTLSPolicy{}, btlsNsName) processor.CaptureDeleteChange(&apiv1.ConfigMap{}, cmNsName) processor.CaptureDeleteChange(&ngfAPI.NginxProxy{}, npNsName) diff --git a/internal/mode/static/state/dataplane/configuration.go b/internal/mode/static/state/dataplane/configuration.go index 35164b9f1..648d0a5cd 100644 --- a/internal/mode/static/state/dataplane/configuration.go +++ b/internal/mode/static/state/dataplane/configuration.go @@ -11,7 +11,6 @@ import ( "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" v1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" "github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/graph" @@ -197,7 +196,7 @@ func convertBackendTLS(btp *graph.BackendTLSPolicy) *VerifyTLS { } else { verify.RootCAPath = alpineSSLRootCAPath } - verify.Hostname = string(btp.Source.Spec.TLS.Hostname) + verify.Hostname = string(btp.Source.Spec.Validation.Hostname) return verify } @@ -288,7 +287,7 @@ func (hpr *hostPathRules) upsertRoute(route *graph.L7Route, listener *graph.List var objectSrc *metav1.ObjectMeta if GRPC { - objectSrc = &helpers.MustCastObject[*v1alpha2.GRPCRoute](route.Source).ObjectMeta + objectSrc = &helpers.MustCastObject[*v1.GRPCRoute](route.Source).ObjectMeta } else { objectSrc = &helpers.MustCastObject[*v1.HTTPRoute](route.Source).ObjectMeta } diff --git a/internal/mode/static/state/dataplane/configuration_test.go b/internal/mode/static/state/dataplane/configuration_test.go index db98a605f..2fa7b75c3 100644 --- a/internal/mode/static/state/dataplane/configuration_test.go +++ b/internal/mode/static/state/dataplane/configuration_test.go @@ -12,7 +12,8 @@ import ( "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" v1 "sigs.k8s.io/gateway-api/apis/v1" - v1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" @@ -37,13 +38,13 @@ func TestBuildConfiguration(t *testing.T) { } } - createGRPCRoute := func(name string) *v1alpha2.GRPCRoute { - return &v1alpha2.GRPCRoute{ + createGRPCRoute := func(name string) *v1.GRPCRoute { + return &v1.GRPCRoute{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: name, }, - Spec: v1alpha2.GRPCRouteSpec{}, + Spec: v1.GRPCRouteSpec{}, } } @@ -317,23 +318,24 @@ func TestBuildConfiguration(t *testing.T) { ) httpsRouteHR8.Spec.Rules[0].BackendRefs[0].BackendTLSPolicy = &graph.BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "btp", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: "foo", - Namespace: (*v1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: "foo", + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.example.com", - CACertRefs: []v1.LocalObjectReference{ + CACertificateRefs: []v1.LocalObjectReference{ { Kind: "ConfigMap", Name: "configmap-1", @@ -370,23 +372,24 @@ func TestBuildConfiguration(t *testing.T) { expGRGroups := createExpBackendGroupsForRoute(routeGR) httpsRouteHR9.Spec.Rules[0].BackendRefs[0].BackendTLSPolicy = &graph.BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "btp2", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: "foo", - Namespace: (*v1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: "foo", + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.example.com", - CACertRefs: []v1.LocalObjectReference{ + CACertificateRefs: []v1.LocalObjectReference{ { Kind: "ConfigMap", Name: "configmap-2", @@ -2626,14 +2629,14 @@ func TestHostnameMoreSpecific(t *testing.T) { func TestConvertBackendTLS(t *testing.T) { btpCaCertRefs := &graph.BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "btp", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: []v1.LocalObjectReference{ + Spec: v1alpha3.BackendTLSPolicySpec{ + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: []v1.LocalObjectReference{ { Name: "ca-cert", }, @@ -2647,9 +2650,9 @@ func TestConvertBackendTLS(t *testing.T) { } btpWellKnownCerts := &graph.BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ - Spec: v1alpha2.BackendTLSPolicySpec{ - TLS: v1alpha2.BackendTLSPolicyConfig{ + Source: &v1alpha3.BackendTLSPolicy{ + Spec: v1alpha3.BackendTLSPolicySpec{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "example.com", }, }, diff --git a/internal/mode/static/state/graph/backend_refs.go b/internal/mode/static/state/graph/backend_refs.go index fcdd8a597..172f5d5ab 100644 --- a/internal/mode/static/state/graph/backend_refs.go +++ b/internal/mode/static/state/graph/backend_refs.go @@ -8,7 +8,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/validation/field" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" @@ -194,10 +194,10 @@ func validateBackendTLSPolicyMatchingAllBackends(backendRefs []BackendRef) *cond var mismatch bool var referencePolicy *BackendTLSPolicy - checkPoliciesEqual := func(p1, p2 *v1alpha2.BackendTLSPolicy) bool { - return !slices.Equal(p1.Spec.TLS.CACertRefs, p2.Spec.TLS.CACertRefs) || - p1.Spec.TLS.WellKnownCACerts != p2.Spec.TLS.WellKnownCACerts || - p1.Spec.TLS.Hostname != p2.Spec.TLS.Hostname + checkPoliciesEqual := func(p1, p2 *v1alpha3.BackendTLSPolicy) bool { + return !slices.Equal(p1.Spec.Validation.CACertificateRefs, p2.Spec.Validation.CACertificateRefs) || + p1.Spec.Validation.WellKnownCACertificates != p2.Spec.Validation.WellKnownCACertificates || + p1.Spec.Validation.Hostname != p2.Spec.Validation.Hostname } for _, backendRef := range backendRefs { @@ -244,18 +244,18 @@ func findBackendTLSPolicyForService( for _, btp := range backendTLSPolicies { btpNs := btp.Source.Namespace - if btp.Source.Spec.TargetRef.Namespace != nil { - btpNs = string(*btp.Source.Spec.TargetRef.Namespace) - } - if string(btp.Source.Spec.TargetRef.Name) == refName && btpNs == refNs { - if beTLSPolicy != nil { - if sort.LessObjectMeta(&btp.Source.ObjectMeta, &beTLSPolicy.Source.ObjectMeta) { + for _, targetRef := range btp.Source.Spec.TargetRefs { + if string(targetRef.Name) == refName && btpNs == refNs { + if beTLSPolicy != nil { + if sort.LessObjectMeta(&btp.Source.ObjectMeta, &beTLSPolicy.Source.ObjectMeta) { + beTLSPolicy = btp + } + } else { beTLSPolicy = btp } - } else { - beTLSPolicy = btp } } + } if beTLSPolicy != nil { diff --git a/internal/mode/static/state/graph/backend_refs_test.go b/internal/mode/static/state/graph/backend_refs_test.go index c6a4cc0f5..2bee12994 100644 --- a/internal/mode/static/state/graph/backend_refs_test.go +++ b/internal/mode/static/state/graph/backend_refs_test.go @@ -11,6 +11,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "sigs.k8s.io/gateway-api/apis/v1beta1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" @@ -452,23 +453,24 @@ func TestAddBackendRefsToRulesTest(t *testing.T) { getPolicy := func(name, svcName, cmName string) *BackendTLSPolicy { return &BackendTLSPolicy{ Valid: true, - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: gatewayv1.ObjectName(svcName), - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: gatewayv1.ObjectName(svcName), + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.example.com", - CACertRefs: []gatewayv1.LocalObjectReference{ + CACertificateRefs: []gatewayv1.LocalObjectReference{ { Group: "", Kind: "ConfigMap", @@ -492,20 +494,21 @@ func TestAddBackendRefsToRulesTest(t *testing.T) { getBtp := func(name string, svcName string, cmName string) *BackendTLSPolicy { return &BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{Name: name, Namespace: "test"}, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: gatewayv1.ObjectName(svcName), - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: gatewayv1.ObjectName(svcName), + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.example.com", - CACertRefs: []gatewayv1.LocalObjectReference{ + CACertificateRefs: []gatewayv1.LocalObjectReference{ { Group: "", Kind: "ConfigMap", @@ -713,23 +716,24 @@ func TestCreateBackend(t *testing.T) { svc3NamespacedName := types.NamespacedName{Namespace: "test", Name: "service3"} btp := BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "btp", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: "service2", - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: "service2", + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ - Hostname: "foo.example.com", - WellKnownCACerts: (helpers.GetPointer(v1alpha2.WellKnownCACertSystem)), + Validation: v1alpha3.BackendTLSPolicyValidation{ + Hostname: "foo.example.com", + WellKnownCACertificates: (helpers.GetPointer(v1alpha3.WellKnownCACertificatesSystem)), }, }, }, @@ -737,23 +741,24 @@ func TestCreateBackend(t *testing.T) { } btp2 := BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "btp2", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: "service3", - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: "service3", + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ - Hostname: "foo.example.com", - WellKnownCACerts: (helpers.GetPointer(v1alpha2.WellKnownCACertType("unknown"))), + Validation: v1alpha3.BackendTLSPolicyValidation{ + Hostname: "foo.example.com", + WellKnownCACertificates: (helpers.GetPointer(v1alpha3.WellKnownCACertificatesType("unknown"))), }, }, }, @@ -978,15 +983,15 @@ func TestGetServicePort(t *testing.T) { func TestValidateBackendTLSPolicyMatchingAllBackends(t *testing.T) { getBtp := func(name, caCertName string) *BackendTLSPolicy { return &BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TLS: v1alpha2.BackendTLSPolicyConfig{ + Spec: v1alpha3.BackendTLSPolicySpec{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.example.com", - CACertRefs: []gatewayv1.LocalObjectReference{ + CACertificateRefs: []gatewayv1.LocalObjectReference{ { Group: "", Kind: "ConfigMap", @@ -1082,19 +1087,20 @@ func TestFindBackendTLSPolicyForService(t *testing.T) { getBtp := func(name string, timestamp metav1.Time) *BackendTLSPolicy { return &BackendTLSPolicy{ Valid: true, - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: "test", CreationTimestamp: timestamp, }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: "svc1", - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: "svc1", + }, }, }, }, diff --git a/internal/mode/static/state/graph/backend_tls_policy.go b/internal/mode/static/state/graph/backend_tls_policy.go index ee6ed9a36..7749970c3 100644 --- a/internal/mode/static/state/graph/backend_tls_policy.go +++ b/internal/mode/static/state/graph/backend_tls_policy.go @@ -7,7 +7,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/validation/field" v1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" @@ -16,7 +16,7 @@ import ( type BackendTLSPolicy struct { // Source is the source resource. - Source *v1alpha2.BackendTLSPolicy + Source *v1alpha3.BackendTLSPolicy // CaCertRef is the name of the ConfigMap that contains the CA certificate. CaCertRef types.NamespacedName // Gateway is the name of the Gateway that is being checked for this BackendTLSPolicy. @@ -32,7 +32,7 @@ type BackendTLSPolicy struct { } func processBackendTLSPolicies( - backendTLSPolicies map[types.NamespacedName]*v1alpha2.BackendTLSPolicy, + backendTLSPolicies map[types.NamespacedName]*v1alpha3.BackendTLSPolicy, configMapResolver *configMapResolver, ctlrName string, gateway *Gateway, @@ -51,9 +51,9 @@ func processBackendTLSPolicies( gateway, ) - if valid && !ignored && backendTLSPolicy.Spec.TLS.CACertRefs != nil { + if valid && !ignored && backendTLSPolicy.Spec.Validation.CACertificateRefs != nil { caCertRef = types.NamespacedName{ - Namespace: backendTLSPolicy.Namespace, Name: string(backendTLSPolicy.Spec.TLS.CACertRefs[0].Name), + Namespace: backendTLSPolicy.Namespace, Name: string(backendTLSPolicy.Spec.Validation.CACertificateRefs[0].Name), } } @@ -73,7 +73,7 @@ func processBackendTLSPolicies( } func validateBackendTLSPolicy( - backendTLSPolicy *v1alpha2.BackendTLSPolicy, + backendTLSPolicy *v1alpha3.BackendTLSPolicy, configMapResolver *configMapResolver, ctlrName string, gateway *Gateway, @@ -88,21 +88,24 @@ func validateBackendTLSPolicy( valid = false conds = append(conds, staticConds.NewBackendTLSPolicyInvalid(fmt.Sprintf("invalid hostname: %s", err.Error()))) } - if backendTLSPolicy.Spec.TLS.CACertRefs != nil && backendTLSPolicy.Spec.TLS.WellKnownCACerts != nil { + + caCertRefs := backendTLSPolicy.Spec.Validation.CACertificateRefs + wellKnownCerts := backendTLSPolicy.Spec.Validation.WellKnownCACertificates + if len(caCertRefs) > 0 && wellKnownCerts != nil { valid = false - msg := "CACertRefs and WellKnownCACerts are mutually exclusive" + msg := "CACertificateRefs and WellKnownCACertificates are mutually exclusive" conds = append(conds, staticConds.NewBackendTLSPolicyInvalid(msg)) - } else if backendTLSPolicy.Spec.TLS.CACertRefs != nil && len(backendTLSPolicy.Spec.TLS.CACertRefs) > 0 { + } else if len(caCertRefs) > 0 { if err := validateBackendTLSCACertRef(backendTLSPolicy, configMapResolver); err != nil { valid = false conds = append(conds, staticConds.NewBackendTLSPolicyInvalid( - fmt.Sprintf("invalid CACertRef: %s", err.Error()))) + fmt.Sprintf("invalid CACertificateRef: %s", err.Error()))) } - } else if backendTLSPolicy.Spec.TLS.WellKnownCACerts != nil { + } else if wellKnownCerts != nil { if err := validateBackendTLSWellKnownCACerts(backendTLSPolicy); err != nil { valid = false conds = append(conds, staticConds.NewBackendTLSPolicyInvalid( - fmt.Sprintf("invalid WellKnownCACerts: %s", err.Error()))) + fmt.Sprintf("invalid WellKnownCACertificates: %s", err.Error()))) } } else { valid = false @@ -111,7 +114,7 @@ func validateBackendTLSPolicy( return valid, ignored, conds } -func validateAncestorMaxCount(backendTLSPolicy *v1alpha2.BackendTLSPolicy, ctlrName string, gateway *Gateway) error { +func validateAncestorMaxCount(backendTLSPolicy *v1alpha3.BackendTLSPolicy, ctlrName string, gateway *Gateway) error { var err error if len(backendTLSPolicy.Status.Ancestors) >= 16 { // check if we already are an ancestor on this policy. If we are, we are safe to continue. @@ -134,45 +137,49 @@ func validateAncestorMaxCount(backendTLSPolicy *v1alpha2.BackendTLSPolicy, ctlrN return err } -func validateBackendTLSHostname(btp *v1alpha2.BackendTLSPolicy) error { - h := string(btp.Spec.TLS.Hostname) +func validateBackendTLSHostname(btp *v1alpha3.BackendTLSPolicy) error { + h := string(btp.Spec.Validation.Hostname) if err := validateHostname(h); err != nil { path := field.NewPath("tls.hostname") - valErr := field.Invalid(path, btp.Spec.TLS.Hostname, err.Error()) + valErr := field.Invalid(path, btp.Spec.Validation.Hostname, err.Error()) return valErr } return nil } -func validateBackendTLSCACertRef(btp *v1alpha2.BackendTLSPolicy, configMapResolver *configMapResolver) error { - if len(btp.Spec.TLS.CACertRefs) != 1 { +func validateBackendTLSCACertRef(btp *v1alpha3.BackendTLSPolicy, configMapResolver *configMapResolver) error { + if len(btp.Spec.Validation.CACertificateRefs) != 1 { path := field.NewPath("tls.cacertrefs") - valErr := field.TooMany(path, len(btp.Spec.TLS.CACertRefs), 1) + valErr := field.TooMany(path, len(btp.Spec.Validation.CACertificateRefs), 1) return valErr } - if btp.Spec.TLS.CACertRefs[0].Kind != "ConfigMap" { + if btp.Spec.Validation.CACertificateRefs[0].Kind != "ConfigMap" { path := field.NewPath("tls.cacertrefs[0].kind") - valErr := field.NotSupported(path, btp.Spec.TLS.CACertRefs[0].Kind, []string{"ConfigMap"}) + valErr := field.NotSupported(path, btp.Spec.Validation.CACertificateRefs[0].Kind, []string{"ConfigMap"}) return valErr } - if btp.Spec.TLS.CACertRefs[0].Group != "" && btp.Spec.TLS.CACertRefs[0].Group != "core" { + if btp.Spec.Validation.CACertificateRefs[0].Group != "" && btp.Spec.Validation.CACertificateRefs[0].Group != "core" { path := field.NewPath("tls.cacertrefs[0].group") - valErr := field.NotSupported(path, btp.Spec.TLS.CACertRefs[0].Group, []string{"", "core"}) + valErr := field.NotSupported(path, btp.Spec.Validation.CACertificateRefs[0].Group, []string{"", "core"}) return valErr } - nsName := types.NamespacedName{Namespace: btp.Namespace, Name: string(btp.Spec.TLS.CACertRefs[0].Name)} + nsName := types.NamespacedName{Namespace: btp.Namespace, Name: string(btp.Spec.Validation.CACertificateRefs[0].Name)} if err := configMapResolver.resolve(nsName); err != nil { path := field.NewPath("tls.cacertrefs[0]") - return field.Invalid(path, btp.Spec.TLS.CACertRefs[0], err.Error()) + return field.Invalid(path, btp.Spec.Validation.CACertificateRefs[0], err.Error()) } return nil } -func validateBackendTLSWellKnownCACerts(btp *v1alpha2.BackendTLSPolicy) error { - if *btp.Spec.TLS.WellKnownCACerts != v1alpha2.WellKnownCACertSystem { - path := field.NewPath("tls.wellknowncacerts") - return field.NotSupported(path, btp.Spec.TLS.WellKnownCACerts, []string{string(v1alpha2.WellKnownCACertSystem)}) +func validateBackendTLSWellKnownCACerts(btp *v1alpha3.BackendTLSPolicy) error { + if *btp.Spec.Validation.WellKnownCACertificates != v1alpha3.WellKnownCACertificatesSystem { + path := field.NewPath("tls.wellknowncacertificates") + return field.NotSupported( + path, + btp.Spec.Validation.WellKnownCACertificates, + []string{string(v1alpha3.WellKnownCACertificatesSystem)}, + ) } return nil } diff --git a/internal/mode/static/state/graph/backend_tls_policy_test.go b/internal/mode/static/state/graph/backend_tls_policy_test.go index 386e76049..bcf03c98f 100644 --- a/internal/mode/static/state/graph/backend_tls_policy_test.go +++ b/internal/mode/static/state/graph/backend_tls_policy_test.go @@ -9,27 +9,29 @@ import ( "k8s.io/apimachinery/pkg/types" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" ) func TestProcessBackendTLSPoliciesEmpty(t *testing.T) { - backendTLSPolicies := map[types.NamespacedName]*v1alpha2.BackendTLSPolicy{ + backendTLSPolicies := map[types.NamespacedName]*v1alpha3.BackendTLSPolicy{ {Namespace: "test", Name: "tls-policy"}: { ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Kind: "Service", - Name: "service1", - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Kind: "Service", + Name: "service1", + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: []gatewayv1.LocalObjectReference{ + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: []gatewayv1.LocalObjectReference{ { Kind: "ConfigMap", Name: "configmap", @@ -49,7 +51,7 @@ func TestProcessBackendTLSPoliciesEmpty(t *testing.T) { tests := []struct { expected map[types.NamespacedName]*BackendTLSPolicy gateway *Gateway - backendTLSPolicies map[types.NamespacedName]*v1alpha2.BackendTLSPolicy + backendTLSPolicies map[types.NamespacedName]*v1alpha3.BackendTLSPolicy name string }{ { @@ -78,11 +80,12 @@ func TestProcessBackendTLSPoliciesEmpty(t *testing.T) { } func TestValidateBackendTLSPolicy(t *testing.T) { - targetRefNormalCase := &v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Kind: "Service", - Name: "service1", - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("test")), + targetRefNormalCase := []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Kind: "Service", + Name: "service1", + }, }, } @@ -152,7 +155,7 @@ func TestValidateBackendTLSPolicy(t *testing.T) { ancestorsWithUs := append(ancestors, getAncestorRef("test", "gateway")) tests := []struct { - tlsPolicy *v1alpha2.BackendTLSPolicy + tlsPolicy *v1alpha3.BackendTLSPolicy gateway *Gateway name string isValid bool @@ -160,16 +163,16 @@ func TestValidateBackendTLSPolicy(t *testing.T) { }{ { name: "normal case with ca cert refs", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefNormalCase, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefNormalCase, + Hostname: "foo.test.com", }, }, }, @@ -177,16 +180,16 @@ func TestValidateBackendTLSPolicy(t *testing.T) { }, { name: "normal case with ca cert refs and 16 ancestors including us", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefNormalCase, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefNormalCase, + Hostname: "foo.test.com", }, }, Status: v1alpha2.PolicyStatus{ @@ -197,16 +200,16 @@ func TestValidateBackendTLSPolicy(t *testing.T) { }, { name: "normal case with well known certs", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - WellKnownCACerts: (helpers.GetPointer(v1alpha2.WellKnownCACertSystem)), - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + WellKnownCACertificates: (helpers.GetPointer(v1alpha3.WellKnownCACertificatesSystem)), + Hostname: "foo.test.com", }, }, }, @@ -214,94 +217,94 @@ func TestValidateBackendTLSPolicy(t *testing.T) { }, { name: "no hostname invalid case", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefNormalCase, - Hostname: "", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefNormalCase, + Hostname: "", }, }, }, }, { name: "invalid ca cert ref name", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefInvalidName, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefInvalidName, + Hostname: "foo.test.com", }, }, }, }, { name: "invalid ca cert ref kind", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefInvalidKind, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefInvalidKind, + Hostname: "foo.test.com", }, }, }, }, { name: "invalid ca cert ref group", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefInvalidGroup, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefInvalidGroup, + Hostname: "foo.test.com", }, }, }, }, { name: "invalid case with well known certs", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - WellKnownCACerts: (helpers.GetPointer(v1alpha2.WellKnownCACertType("unknown"))), - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + WellKnownCACertificates: (helpers.GetPointer(v1alpha3.WellKnownCACertificatesType("unknown"))), + Hostname: "foo.test.com", }, }, }, }, { name: "invalid case neither TLS config option chosen", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.test.com", }, }, @@ -309,49 +312,49 @@ func TestValidateBackendTLSPolicy(t *testing.T) { }, { name: "invalid case with too many ca cert refs", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefTooManyCerts, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefTooManyCerts, + Hostname: "foo.test.com", }, }, }, }, { name: "invalid case with too both ca cert refs and wellknowncerts", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefNormalCase, - Hostname: "foo.test.com", - WellKnownCACerts: (helpers.GetPointer(v1alpha2.WellKnownCACertSystem)), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefNormalCase, + Hostname: "foo.test.com", + WellKnownCACertificates: (helpers.GetPointer(v1alpha3.WellKnownCACertificatesSystem)), }, }, }, }, { name: "invalid case with too many ancestors", - tlsPolicy: &v1alpha2.BackendTLSPolicy{ + tlsPolicy: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "tls-policy", Namespace: "test", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: *targetRefNormalCase, - TLS: v1alpha2.BackendTLSPolicyConfig{ - CACertRefs: localObjectRefNormalCase, - Hostname: "foo.test.com", + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: targetRefNormalCase, + Validation: v1alpha3.BackendTLSPolicyValidation{ + CACertificateRefs: localObjectRefNormalCase, + Hostname: "foo.test.com", }, }, Status: v1alpha2.PolicyStatus{ diff --git a/internal/mode/static/state/graph/graph.go b/internal/mode/static/state/graph/graph.go index 4ea89583f..2e23bd25e 100644 --- a/internal/mode/static/state/graph/graph.go +++ b/internal/mode/static/state/graph/graph.go @@ -7,7 +7,7 @@ import ( "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "sigs.k8s.io/gateway-api/apis/v1beta1" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" @@ -25,10 +25,10 @@ type ClusterState struct { ReferenceGrants map[types.NamespacedName]*v1beta1.ReferenceGrant Secrets map[types.NamespacedName]*v1.Secret CRDMetadata map[types.NamespacedName]*metav1.PartialObjectMetadata - BackendTLSPolicies map[types.NamespacedName]*v1alpha2.BackendTLSPolicy + BackendTLSPolicies map[types.NamespacedName]*v1alpha3.BackendTLSPolicy ConfigMaps map[types.NamespacedName]*v1.ConfigMap NginxProxies map[types.NamespacedName]*ngfAPI.NginxProxy - GRPCRoutes map[types.NamespacedName]*v1alpha2.GRPCRoute + GRPCRoutes map[types.NamespacedName]*gatewayv1.GRPCRoute } // Graph is a Graph-like representation of Gateway API resources. diff --git a/internal/mode/static/state/graph/graph_test.go b/internal/mode/static/state/graph/graph_test.go index 5f5e81e13..99332fc45 100644 --- a/internal/mode/static/state/graph/graph_test.go +++ b/internal/mode/static/state/graph/graph_test.go @@ -13,6 +13,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" "sigs.k8s.io/gateway-api/apis/v1beta1" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" @@ -52,23 +53,24 @@ func TestBuildGraph(t *testing.T) { } btp := BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "btp", Namespace: "service", }, - Spec: v1alpha2.BackendTLSPolicySpec{ - TargetRef: v1alpha2.PolicyTargetReferenceWithSectionName{ - PolicyTargetReference: v1alpha2.PolicyTargetReference{ - Group: "", - Kind: "Service", - Name: "foo", - Namespace: (*gatewayv1.Namespace)(helpers.GetPointer("service")), + Spec: v1alpha3.BackendTLSPolicySpec{ + TargetRefs: []v1alpha2.LocalPolicyTargetReferenceWithSectionName{ + { + LocalPolicyTargetReference: v1alpha2.LocalPolicyTargetReference{ + Group: "", + Kind: "Service", + Name: "foo", + }, }, }, - TLS: v1alpha2.BackendTLSPolicyConfig{ + Validation: v1alpha3.BackendTLSPolicyValidation{ Hostname: "foo.example.com", - CACertRefs: []v1alpha2.LocalObjectReference{ + CACertificateRefs: []v1alpha2.LocalObjectReference{ { Kind: "ConfigMap", Name: "configmap", @@ -164,12 +166,12 @@ func TestBuildGraph(t *testing.T) { hr2 := createRoute("hr-2", "wrong-gateway", "listener-80-1") hr3 := createRoute("hr-3", "gateway-1", "listener-443-1") // https listener; should not conflict with hr1 - gr := &v1alpha2.GRPCRoute{ + gr := &gatewayv1.GRPCRoute{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: "gr", }, - Spec: v1alpha2.GRPCRouteSpec{ + Spec: gatewayv1.GRPCRouteSpec{ CommonRouteSpec: gatewayv1.CommonRouteSpec{ ParentRefs: []gatewayv1.ParentReference{ { @@ -182,9 +184,9 @@ func TestBuildGraph(t *testing.T) { Hostnames: []gatewayv1.Hostname{ "foo.example.com", }, - Rules: []v1alpha2.GRPCRouteRule{ + Rules: []gatewayv1.GRPCRouteRule{ { - BackendRefs: []v1alpha2.GRPCBackendRef{ + BackendRefs: []gatewayv1.GRPCBackendRef{ { BackendRef: commonGWBackendRef, }, @@ -351,7 +353,7 @@ func TestBuildGraph(t *testing.T) { client.ObjectKeyFromObject(hr2): hr2, client.ObjectKeyFromObject(hr3): hr3, }, - GRPCRoutes: map[types.NamespacedName]*v1alpha2.GRPCRoute{ + GRPCRoutes: map[types.NamespacedName]*gatewayv1.GRPCRoute{ client.ObjectKeyFromObject(gr): gr, }, Services: map[types.NamespacedName]*v1.Service{ @@ -367,7 +369,7 @@ func TestBuildGraph(t *testing.T) { Secrets: map[types.NamespacedName]*v1.Secret{ client.ObjectKeyFromObject(secret): secret, }, - BackendTLSPolicies: map[types.NamespacedName]*v1alpha2.BackendTLSPolicy{ + BackendTLSPolicies: map[types.NamespacedName]*v1alpha3.BackendTLSPolicy{ client.ObjectKeyFromObject(btp.Source): btp.Source, }, ConfigMaps: map[types.NamespacedName]*v1.ConfigMap{ diff --git a/internal/mode/static/state/graph/grpcroute.go b/internal/mode/static/state/graph/grpcroute.go index 287e00254..cbbbaf65b 100644 --- a/internal/mode/static/state/graph/grpcroute.go +++ b/internal/mode/static/state/graph/grpcroute.go @@ -4,7 +4,6 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/validation/field" v1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" staticConds "github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/conditions" @@ -13,7 +12,7 @@ import ( func buildGRPCRoute( validator validation.HTTPFieldsValidator, - ghr *v1alpha2.GRPCRoute, + ghr *v1.GRPCRoute, gatewayNsNames []types.NamespacedName, http2disabled bool, ) *L7Route { @@ -78,7 +77,7 @@ func buildGRPCRoute( } func processGRPCRouteRules( - specRules []v1alpha2.GRPCRouteRule, + specRules []v1.GRPCRouteRule, validator validation.HTTPFieldsValidator, ) (rules []RouteRule, atLeastOneValid bool, allRulesErrs field.ErrorList) { rules = make([]RouteRule, len(specRules)) @@ -144,7 +143,7 @@ func processGRPCRouteRules( return rules, atLeastOneValid, allRulesErrs } -func convertGRPCMatches(grpcMatches []v1alpha2.GRPCRouteMatch) []v1.HTTPRouteMatch { +func convertGRPCMatches(grpcMatches []v1.GRPCRouteMatch) []v1.HTTPRouteMatch { pathValue := "/" pathType := v1.PathMatchType("PathPrefix") // If no matches are specified, the implementation MUST match every gRPC request. @@ -192,7 +191,7 @@ func convertGRPCMatches(grpcMatches []v1alpha2.GRPCRouteMatch) []v1.HTTPRouteMat func validateGRPCMatch( validator validation.HTTPFieldsValidator, - match v1alpha2.GRPCRouteMatch, + match v1.GRPCRouteMatch, matchPath *field.Path, ) field.ErrorList { var allErrs field.ErrorList @@ -210,7 +209,7 @@ func validateGRPCMatch( func validateGRPCMethodMatch( validator validation.HTTPFieldsValidator, - method *v1alpha2.GRPCMethodMatch, + method *v1.GRPCMethodMatch, methodPath *field.Path, ) field.ErrorList { var allErrs field.ErrorList @@ -220,10 +219,10 @@ func validateGRPCMethodMatch( methodMethodPath := methodPath.Child("method") if method.Type == nil { allErrs = append(allErrs, field.Required(methodPath.Child("type"), "cannot be empty")) - } else if *method.Type != v1alpha2.GRPCMethodMatchExact { + } else if *method.Type != v1.GRPCMethodMatchExact { allErrs = append( allErrs, - field.NotSupported(methodPath.Child("type"), *method.Type, []string{string(v1alpha2.GRPCMethodMatchExact)}), + field.NotSupported(methodPath.Child("type"), *method.Type, []string{string(v1.GRPCMethodMatchExact)}), ) } if method.Service == nil || *method.Service == "" { @@ -250,23 +249,23 @@ func validateGRPCMethodMatch( func validateGRPCFilter( validator validation.HTTPFieldsValidator, - filter v1alpha2.GRPCRouteFilter, + filter v1.GRPCRouteFilter, filterPath *field.Path, ) field.ErrorList { var allErrs field.ErrorList switch filter.Type { - case v1alpha2.GRPCRouteFilterRequestHeaderModifier: + case v1.GRPCRouteFilterRequestHeaderModifier: return validateFilterHeaderModifier(validator, filter.RequestHeaderModifier, filterPath.Child(string(filter.Type))) - case v1alpha2.GRPCRouteFilterResponseHeaderModifier: + case v1.GRPCRouteFilterResponseHeaderModifier: return validateFilterHeaderModifier(validator, filter.ResponseHeaderModifier, filterPath.Child(string(filter.Type))) default: valErr := field.NotSupported( filterPath.Child("type"), filter.Type, []string{ - string(v1alpha2.GRPCRouteFilterRequestHeaderModifier), - string(v1alpha2.GRPCRouteFilterResponseHeaderModifier), + string(v1.GRPCRouteFilterRequestHeaderModifier), + string(v1.GRPCRouteFilterResponseHeaderModifier), }, ) allErrs = append(allErrs, valErr) @@ -276,20 +275,20 @@ func validateGRPCFilter( // convertGRPCFilters converts GRPCRouteFilters (a subset of HTTPRouteFilter) to HTTPRouteFilters // so we can reuse the logic from HTTPRoute filter validation and processing -func convertGRPCFilters(filters []v1alpha2.GRPCRouteFilter) []v1.HTTPRouteFilter { +func convertGRPCFilters(filters []v1.GRPCRouteFilter) []v1.HTTPRouteFilter { if len(filters) == 0 { return nil } httpFilters := make([]v1.HTTPRouteFilter, 0, len(filters)) for _, filter := range filters { switch filter.Type { - case v1alpha2.GRPCRouteFilterRequestHeaderModifier: + case v1.GRPCRouteFilterRequestHeaderModifier: httpRequestHeaderFilter := v1.HTTPRouteFilter{ Type: v1.HTTPRouteFilterRequestHeaderModifier, RequestHeaderModifier: filter.RequestHeaderModifier, } httpFilters = append(httpFilters, httpRequestHeaderFilter) - case v1alpha2.GRPCRouteFilterResponseHeaderModifier: + case v1.GRPCRouteFilterResponseHeaderModifier: httpResponseHeaderFilter := v1.HTTPRouteFilter{ Type: v1.HTTPRouteFilterResponseHeaderModifier, ResponseHeaderModifier: filter.ResponseHeaderModifier, diff --git a/internal/mode/static/state/graph/grpcroute_test.go b/internal/mode/static/state/graph/grpcroute_test.go index 165a491db..0a732dedd 100644 --- a/internal/mode/static/state/graph/grpcroute_test.go +++ b/internal/mode/static/state/graph/grpcroute_test.go @@ -9,7 +9,6 @@ import ( "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" v1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" @@ -18,15 +17,15 @@ import ( "github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/validation/validationfakes" ) -func createGRPCMethodMatch(serviceName, methodName, methodType string) v1alpha2.GRPCRouteRule { - var mt *v1alpha2.GRPCMethodMatchType +func createGRPCMethodMatch(serviceName, methodName, methodType string) v1.GRPCRouteRule { + var mt *v1.GRPCMethodMatchType if methodType != "nilType" { - mt = (*v1alpha2.GRPCMethodMatchType)(&methodType) + mt = (*v1.GRPCMethodMatchType)(&methodType) } - return v1alpha2.GRPCRouteRule{ - Matches: []v1alpha2.GRPCRouteMatch{ + return v1.GRPCRouteRule{ + Matches: []v1.GRPCRouteMatch{ { - Method: &v1alpha2.GRPCMethodMatch{ + Method: &v1.GRPCMethodMatch{ Type: mt, Service: &serviceName, Method: &methodName, @@ -36,14 +35,14 @@ func createGRPCMethodMatch(serviceName, methodName, methodType string) v1alpha2. } } -func createGRPCHeadersMatch(headerType, headerName, headerValue string) v1alpha2.GRPCRouteRule { - return v1alpha2.GRPCRouteRule{ - Matches: []v1alpha2.GRPCRouteMatch{ +func createGRPCHeadersMatch(headerType, headerName, headerValue string) v1.GRPCRouteRule { + return v1.GRPCRouteRule{ + Matches: []v1.GRPCRouteMatch{ { - Headers: []v1alpha2.GRPCHeaderMatch{ + Headers: []v1.GRPCHeaderMatch{ { Type: (*v1.HeaderMatchType)(&headerType), - Name: v1alpha2.GRPCHeaderName(headerName), + Name: v1.GRPCHeaderName(headerName), Value: headerValue, }, }, @@ -56,14 +55,14 @@ func createGRPCRoute( name string, refName string, hostname v1.Hostname, - rules []v1alpha2.GRPCRouteRule, -) *v1alpha2.GRPCRoute { - return &v1alpha2.GRPCRoute{ + rules []v1.GRPCRouteRule, +) *v1.GRPCRoute { + return &v1.GRPCRoute{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: name, }, - Spec: v1alpha2.GRPCRouteSpec{ + Spec: v1.GRPCRouteSpec{ CommonRouteSpec: v1.CommonRouteSpec{ ParentRefs: []v1.ParentReference{ { @@ -82,11 +81,11 @@ func createGRPCRoute( func TestBuildGRPCRoutes(t *testing.T) { gwNsName := types.NamespacedName{Namespace: "test", Name: "gateway"} - gr := createGRPCRoute("gr-1", gwNsName.Name, "example.com", []v1alpha2.GRPCRouteRule{}) + gr := createGRPCRoute("gr-1", gwNsName.Name, "example.com", []v1.GRPCRouteRule{}) - grWrongGateway := createGRPCRoute("gr-2", "some-gateway", "example.com", []v1alpha2.GRPCRouteRule{}) + grWrongGateway := createGRPCRoute("gr-2", "some-gateway", "example.com", []v1.GRPCRouteRule{}) - grRoutes := map[types.NamespacedName]*v1alpha2.GRPCRoute{ + grRoutes := map[types.NamespacedName]*v1.GRPCRoute{ client.ObjectKeyFromObject(gr): gr, client.ObjectKeyFromObject(grWrongGateway): grWrongGateway, } @@ -164,7 +163,7 @@ func TestBuildGRPCRoute(t *testing.T) { "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{methodMatchRule, headersMatchRule}, + []v1.GRPCRouteRule{methodMatchRule, headersMatchRule}, ) backendRef := v1.BackendRef{ @@ -176,7 +175,7 @@ func TestBuildGRPCRoute(t *testing.T) { }, } - grpcBackendRef := v1alpha2.GRPCBackendRef{ + grpcBackendRef := v1.GRPCBackendRef{ BackendRef: backendRef, } @@ -184,48 +183,48 @@ func TestBuildGRPCRoute(t *testing.T) { "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{{BackendRefs: []v1alpha2.GRPCBackendRef{grpcBackendRef}}}, + []v1.GRPCRouteRule{{BackendRefs: []v1.GRPCBackendRef{grpcBackendRef}}}, ) - grInvalidHostname := createGRPCRoute("gr-1", gatewayNsName.Name, "", []v1alpha2.GRPCRouteRule{methodMatchRule}) - grNotNGF := createGRPCRoute("gr", "some-gateway", "example.com", []v1alpha2.GRPCRouteRule{methodMatchRule}) + grInvalidHostname := createGRPCRoute("gr-1", gatewayNsName.Name, "", []v1.GRPCRouteRule{methodMatchRule}) + grNotNGF := createGRPCRoute("gr", "some-gateway", "example.com", []v1.GRPCRouteRule{methodMatchRule}) grInvalidMatchesEmptyMethodFields := createGRPCRoute( "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{methodMatchEmptyFields}, + []v1.GRPCRouteRule{methodMatchEmptyFields}, ) grInvalidMatchesInvalidMethodFields := createGRPCRoute( "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{methodMatchInvalidFields}, + []v1.GRPCRouteRule{methodMatchInvalidFields}, ) grInvalidMatchesNilMethodType := createGRPCRoute( "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{methodMatchNilType}, + []v1.GRPCRouteRule{methodMatchNilType}, ) grInvalidHeadersEmptyType := createGRPCRoute( "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{headersMatchInvalid}, + []v1.GRPCRouteRule{headersMatchInvalid}, ) grOneInvalid := createGRPCRoute( "gr-1", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{methodMatchRule, headersMatchInvalid}, + []v1.GRPCRouteRule{methodMatchRule, headersMatchInvalid}, ) grDuplicateSectionName := createGRPCRoute( "gr", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{methodMatchRule}, + []v1.GRPCRouteRule{methodMatchRule}, ) grDuplicateSectionName.Spec.ParentRefs = append( grDuplicateSectionName.Spec.ParentRefs, @@ -234,7 +233,7 @@ func TestBuildGRPCRoute(t *testing.T) { grInvalidFilterRule := createGRPCMethodMatch("myService", "myMethod", "Exact") - grInvalidFilterRule.Filters = []v1alpha2.GRPCRouteFilter{ + grInvalidFilterRule.Filters = []v1.GRPCRouteFilter{ { Type: "RequestMirror", }, @@ -244,12 +243,12 @@ func TestBuildGRPCRoute(t *testing.T) { "gr", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{grInvalidFilterRule}, + []v1.GRPCRouteRule{grInvalidFilterRule}, ) grValidFilterRule := createGRPCMethodMatch("myService", "myMethod", "Exact") - grValidFilterRule.Filters = []v1alpha2.GRPCRouteFilter{ + grValidFilterRule.Filters = []v1.GRPCRouteFilter{ { Type: "RequestHeaderModifier", RequestHeaderModifier: &v1.HTTPHeaderFilter{ @@ -270,7 +269,7 @@ func TestBuildGRPCRoute(t *testing.T) { "gr", gatewayNsName.Name, "example.com", - []v1alpha2.GRPCRouteRule{grValidFilterRule}, + []v1.GRPCRouteRule{grValidFilterRule}, ) convertedFilters := []v1.HTTPRouteFilter{ @@ -298,7 +297,7 @@ func TestBuildGRPCRoute(t *testing.T) { tests := []struct { validator *validationfakes.FakeHTTPFieldsValidator - gr *v1alpha2.GRPCRoute + gr *v1.GRPCRoute expected *L7Route name string http2disabled bool @@ -733,7 +732,7 @@ func TestConvertGRPCMatches(t *testing.T) { tests := []struct { name string - methodMatches []v1alpha2.GRPCRouteMatch + methodMatches []v1.GRPCRouteMatch expected []v1.HTTPRouteMatch }{ { @@ -748,7 +747,7 @@ func TestConvertGRPCMatches(t *testing.T) { }, { name: "empty matches", - methodMatches: []v1alpha2.GRPCRouteMatch{}, + methodMatches: []v1.GRPCRouteMatch{}, expected: expectedEmptyMatches, }, } @@ -764,7 +763,7 @@ func TestConvertGRPCMatches(t *testing.T) { } func TestConvertGRPCFilters(t *testing.T) { - grFilters := []v1alpha2.GRPCRouteFilter{ + grFilters := []v1.GRPCRouteFilter{ { Type: "RequestHeaderModifier", RequestHeaderModifier: &v1.HTTPHeaderFilter{ diff --git a/internal/mode/static/state/graph/httproute_test.go b/internal/mode/static/state/graph/httproute_test.go index 0fd49b78b..4686908a2 100644 --- a/internal/mode/static/state/graph/httproute_test.go +++ b/internal/mode/static/state/graph/httproute_test.go @@ -10,7 +10,6 @@ import ( "k8s.io/apimachinery/pkg/util/validation/field" "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" @@ -149,7 +148,7 @@ func TestBuildHTTPRoutes(t *testing.T) { routes := buildRoutesForGateways( validator, hrRoutes, - map[types.NamespacedName]*v1alpha2.GRPCRoute{}, + map[types.NamespacedName]*gatewayv1.GRPCRoute{}, test.gwNsNames, nil, ) diff --git a/internal/mode/static/state/graph/route_common.go b/internal/mode/static/state/graph/route_common.go index d9bede3cb..7fdbaee47 100644 --- a/internal/mode/static/state/graph/route_common.go +++ b/internal/mode/static/state/graph/route_common.go @@ -10,7 +10,6 @@ import ( "k8s.io/apimachinery/pkg/util/validation/field" "sigs.k8s.io/controller-runtime/pkg/client" v1 "sigs.k8s.io/gateway-api/apis/v1" - v1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" @@ -118,7 +117,7 @@ func CreateRouteKey(obj client.Object) RouteKey { switch obj.(type) { case *v1.HTTPRoute: routeType = RouteTypeHTTP - case *v1alpha2.GRPCRoute: + case *v1.GRPCRoute: routeType = RouteTypeGRPC default: panic(fmt.Sprintf("Unknown type: %T", obj)) @@ -133,7 +132,7 @@ func CreateRouteKey(obj client.Object) RouteKey { func buildRoutesForGateways( validator validation.HTTPFieldsValidator, httpRoutes map[types.NamespacedName]*v1.HTTPRoute, - grpcRoutes map[types.NamespacedName]*v1alpha2.GRPCRoute, + grpcRoutes map[types.NamespacedName]*v1.GRPCRoute, gatewayNsNames []types.NamespacedName, npCfg *ngfAPI.NginxProxy, ) map[RouteKey]*L7Route { diff --git a/internal/mode/static/status/prepare_requests.go b/internal/mode/static/status/prepare_requests.go index 70c2c3611..459be5f8e 100644 --- a/internal/mode/static/status/prepare_requests.go +++ b/internal/mode/static/status/prepare_requests.go @@ -8,6 +8,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" v1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" @@ -56,13 +57,13 @@ func PrepareRouteRequests( reqs = append(reqs, req) } else if r.RouteType == graph.RouteTypeGRPC { - status := v1alpha2.GRPCRouteStatus{ + status := v1.GRPCRouteStatus{ RouteStatus: routeStatus, } req := frameworkStatus.UpdateRequest{ NsName: routeKey.NamespacedName, - ResourceType: &v1alpha2.GRPCRoute{}, + ResourceType: &v1.GRPCRoute{}, Setter: newGRPCRouteStatusSetter(status, gatewayCtlrName), } @@ -327,7 +328,7 @@ func PrepareBackendTLSPolicyRequests( reqs = append(reqs, frameworkStatus.UpdateRequest{ NsName: nsname, - ResourceType: &v1alpha2.BackendTLSPolicy{}, + ResourceType: &v1alpha3.BackendTLSPolicy{}, Setter: newBackendTLSPolicyStatusSetter(status, gatewayCtlrName), }) } diff --git a/internal/mode/static/status/prepare_requests_test.go b/internal/mode/static/status/prepare_requests_test.go index cc34054f7..594e317df 100644 --- a/internal/mode/static/status/prepare_requests_test.go +++ b/internal/mode/static/status/prepare_requests_test.go @@ -15,6 +15,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" v1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions" @@ -28,8 +29,8 @@ func createK8sClientFor(resourceType client.Object) client.Client { scheme := runtime.NewScheme() // for simplicity, we add all used schemes here - utilruntime.Must(v1.AddToScheme(scheme)) - utilruntime.Must(v1alpha2.AddToScheme(scheme)) + utilruntime.Must(v1.Install(scheme)) + utilruntime.Must(v1alpha3.Install(scheme)) utilruntime.Must(ngfAPI.AddToScheme(scheme)) k8sClient := fake.NewClientBuilder(). @@ -279,23 +280,23 @@ func TestBuildHTTPRouteStatuses(t *testing.T) { } func TestBuildGRPCRouteStatuses(t *testing.T) { - grValid := &v1alpha2.GRPCRoute{ + grValid := &v1.GRPCRoute{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: "gr-valid", Generation: 3, }, - Spec: v1alpha2.GRPCRouteSpec{ + Spec: v1.GRPCRouteSpec{ CommonRouteSpec: commonRouteSpecValid, }, } - grInvalid := &v1alpha2.GRPCRoute{ + grInvalid := &v1.GRPCRoute{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: "gr-invalid", Generation: 3, }, - Spec: v1alpha2.GRPCRouteSpec{ + Spec: v1.GRPCRouteSpec{ CommonRouteSpec: commonRouteSpecInvalid, }, } @@ -315,7 +316,7 @@ func TestBuildGRPCRouteStatuses(t *testing.T) { }, } - expectedStatuses := map[types.NamespacedName]v1alpha2.GRPCRouteStatus{ + expectedStatuses := map[types.NamespacedName]v1.GRPCRouteStatus{ {Namespace: "test", Name: "gr-valid"}: { RouteStatus: routeStatusValid, }, @@ -326,7 +327,7 @@ func TestBuildGRPCRouteStatuses(t *testing.T) { g := NewWithT(t) - k8sClient := createK8sClientFor(&v1alpha2.GRPCRoute{}) + k8sClient := createK8sClientFor(&v1.GRPCRoute{}) for _, r := range routes { err := k8sClient.Create(context.Background(), r.Source) @@ -342,7 +343,7 @@ func TestBuildGRPCRouteStatuses(t *testing.T) { g.Expect(reqs).To(HaveLen(len(expectedStatuses))) for nsname, expected := range expectedStatuses { - var hr v1alpha2.GRPCRoute + var hr v1.GRPCRoute err := k8sClient.Get(context.Background(), nsname, &hr) g.Expect(err).ToNot(HaveOccurred()) @@ -1089,7 +1090,7 @@ func TestBuildBackendTLSPolicyStatuses(t *testing.T) { getBackendTLSPolicy := func(policyCfg policyCfg) *graph.BackendTLSPolicy { return &graph.BackendTLSPolicy{ - Source: &v1alpha2.BackendTLSPolicy{ + Source: &v1alpha3.BackendTLSPolicy{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test", Name: policyCfg.Name, @@ -1252,7 +1253,7 @@ func TestBuildBackendTLSPolicyStatuses(t *testing.T) { t.Run(test.name, func(t *testing.T) { g := NewWithT(t) - k8sClient := createK8sClientFor(&v1alpha2.BackendTLSPolicy{}) + k8sClient := createK8sClientFor(&v1alpha3.BackendTLSPolicy{}) for _, pol := range test.backendTLSPolicies { err := k8sClient.Create(context.Background(), pol.Source) @@ -1268,7 +1269,7 @@ func TestBuildBackendTLSPolicyStatuses(t *testing.T) { updater.Update(context.Background(), reqs...) for nsname, expected := range test.expected { - var pol v1alpha2.BackendTLSPolicy + var pol v1alpha3.BackendTLSPolicy err := k8sClient.Get(context.Background(), nsname, &pol) g.Expect(err).ToNot(HaveOccurred()) diff --git a/internal/mode/static/status/status_setters.go b/internal/mode/static/status/status_setters.go index d745de621..12cf21cb6 100644 --- a/internal/mode/static/status/status_setters.go +++ b/internal/mode/static/status/status_setters.go @@ -6,6 +6,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" @@ -99,9 +100,9 @@ func newHTTPRouteStatusSetter(status gatewayv1.HTTPRouteStatus, gatewayCtlrName } } -func newGRPCRouteStatusSetter(status v1alpha2.GRPCRouteStatus, gatewayCtlrName string) frameworkStatus.Setter { +func newGRPCRouteStatusSetter(status gatewayv1.GRPCRouteStatus, gatewayCtlrName string) frameworkStatus.Setter { return func(object client.Object) (wasSet bool) { - gr := object.(*v1alpha2.GRPCRoute) + gr := object.(*gatewayv1.GRPCRoute) // keep all the parent statuses that belong to other controllers for _, os := range gr.Status.Parents { @@ -194,7 +195,7 @@ func newBackendTLSPolicyStatusSetter( gatewayCtlrName string, ) frameworkStatus.Setter { return func(object client.Object) (wasSet bool) { - btp := helpers.MustCastObject[*v1alpha2.BackendTLSPolicy](object) + btp := helpers.MustCastObject[*v1alpha3.BackendTLSPolicy](object) // maxAncestors is the max number of ancestor statuses which is the sum of all new ancestor statuses and all old // ancestor statuses. diff --git a/internal/mode/static/status/status_setters_test.go b/internal/mode/static/status/status_setters_test.go index 4c060fe93..d258ec6a6 100644 --- a/internal/mode/static/status/status_setters_test.go +++ b/internal/mode/static/status/status_setters_test.go @@ -7,6 +7,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha3" ngfAPI "github.com/nginxinc/nginx-gateway-fabric/apis/v1alpha1" "github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers" @@ -307,12 +308,12 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { tests := []struct { name string - status, newStatus, expStatus v1alpha2.GRPCRouteStatus + status, newStatus, expStatus gatewayv1.GRPCRouteStatus expStatusSet bool }{ { name: "GRPCRoute has no status", - newStatus: v1alpha2.GRPCRouteStatus{ + newStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -323,7 +324,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - expStatus: v1alpha2.GRPCRouteStatus{ + expStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -338,7 +339,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, { name: "GRPCRoute has old status", - newStatus: v1alpha2.GRPCRouteStatus{ + newStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -349,7 +350,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - status: v1alpha2.GRPCRouteStatus{ + status: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -360,7 +361,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - expStatus: v1alpha2.GRPCRouteStatus{ + expStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -375,7 +376,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, { name: "GRPCRoute has old status, keep other controller statuses", - newStatus: v1alpha2.GRPCRouteStatus{ + newStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -386,7 +387,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - status: v1alpha2.GRPCRouteStatus{ + status: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -402,7 +403,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - expStatus: v1alpha2.GRPCRouteStatus{ + expStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -422,7 +423,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, { name: "GRPCRoute has same status", - newStatus: v1alpha2.GRPCRouteStatus{ + newStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -433,7 +434,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - status: v1alpha2.GRPCRouteStatus{ + status: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -444,7 +445,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { }, }, }, - expStatus: v1alpha2.GRPCRouteStatus{ + expStatus: gatewayv1.GRPCRouteStatus{ RouteStatus: gatewayv1.RouteStatus{ Parents: []gatewayv1.RouteParentStatus{ { @@ -464,7 +465,7 @@ func TestNewGRPCRouteStatusSetter(t *testing.T) { g := NewWithT(t) setter := newGRPCRouteStatusSetter(test.newStatus, controllerName) - obj := &v1alpha2.GRPCRoute{Status: test.status} + obj := &gatewayv1.GRPCRoute{Status: test.status} statusSet := setter(obj) @@ -654,7 +655,7 @@ func TestNewBackendTLSPolicyStatusSetter(t *testing.T) { g := NewWithT(t) setter := newBackendTLSPolicyStatusSetter(test.newStatus, controllerName) - obj := &v1alpha2.BackendTLSPolicy{Status: test.status} + obj := &v1alpha3.BackendTLSPolicy{Status: test.status} statusSet := setter(obj) diff --git a/site/content/how-to/traffic-management/securing-backend-traffic.md b/site/content/how-to/traffic-management/securing-backend-traffic.md index 07b325c2e..edb0b1eaa 100644 --- a/site/content/how-to/traffic-management/securing-backend-traffic.md +++ b/site/content/how-to/traffic-management/securing-backend-traffic.md @@ -229,18 +229,17 @@ Next, we create the Backend TLS Policy which targets our `secure-app` Service an ```yaml kubectl apply -f - < Annotations: -API Version: gateway.networking.k8s.io/v1alpha2 +API Version: gateway.networking.k8s.io/v1alpha3 Kind: BackendTLSPolicy Metadata: - Creation Timestamp: 2024-02-01T12:02:38Z + Creation Timestamp: 2024-05-15T12:02:38Z Generation: 1 Resource Version: 19380 UID: b3983a6e-92f1-4a98-b2af-64b317d74528 Spec: - Target Ref: + Target Refs: Group: Kind: Service Name: secure-app - Namespace: default - Tls: - Ca Cert Refs: + Validation: + Ca Certificate Refs: Group: Kind: ConfigMap Name: backend-cert @@ -286,7 +284,7 @@ Status: Name: gateway Namespace: default Conditions: - Last Transition Time: 2024-02-01T12:02:38Z + Last Transition Time: 2024-05-15T12:02:38Z Message: BackendTLSPolicy is accepted by the Gateway Reason: Accepted Status: True diff --git a/site/content/includes/installation/install-gateway-api-resources.md b/site/content/includes/installation/install-gateway-api-resources.md index c5c25fe92..459ea709a 100644 --- a/site/content/includes/installation/install-gateway-api-resources.md +++ b/site/content/includes/installation/install-gateway-api-resources.md @@ -7,12 +7,12 @@ docs: "DOCS-1438" To install the Gateway API resources, run the following: ```shell -kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml +kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` Alternatively, you can install the Gateway API resources from the experimental channel. We support a subset of the additional features provided by the experimental channel. To install from the experimental channel, run the following: ```shell -kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml +kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/experimental-install.yaml ``` diff --git a/site/content/includes/installation/uninstall-gateway-api-resources.md b/site/content/includes/installation/uninstall-gateway-api-resources.md index 453b26359..9fa16ace2 100644 --- a/site/content/includes/installation/uninstall-gateway-api-resources.md +++ b/site/content/includes/installation/uninstall-gateway-api-resources.md @@ -7,11 +7,11 @@ docs: "DOCS-1436" To uninstall the Gateway API resources, run the following: ```shell - kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` Alternatively, if you installed the Gateway APIs from the experimental channel, run the following: ```shell - kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml + kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/experimental-install.yaml ``` diff --git a/site/content/installation/installing-ngf/helm.md b/site/content/installation/installing-ngf/helm.md index 0f8dbdc5c..658425f6e 100644 --- a/site/content/installation/installing-ngf/helm.md +++ b/site/content/installation/installing-ngf/helm.md @@ -126,17 +126,17 @@ To upgrade NGINX Gateway Fabric and get the latest features and improvements, ta To upgrade your Gateway API resources, take the following steps: - Verify the Gateway API resources are compatible with your NGINX Gateway Fabric version. Refer to the [Technical Specifications]({{< relref "reference/technical-specifications.md" >}}) for details. -- Review the [release notes](https://github.com/kubernetes-sigs/gateway-api/releases/tag/v1.0.0) for any important upgrade-specific information. +- Review the [release notes](https://github.com/kubernetes-sigs/gateway-api/releases/tag/v1.1.0) for any important upgrade-specific information. - To upgrade the Gateway API resources, run: ```shell - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` or, if you installed the from the experimental channel: ```shell - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/experimental-install.yaml ``` ### Upgrade NGINX Gateway Fabric CRDs diff --git a/site/content/installation/installing-ngf/manifests.md b/site/content/installation/installing-ngf/manifests.md index 5e2cc87ef..f6200be88 100644 --- a/site/content/installation/installing-ngf/manifests.md +++ b/site/content/installation/installing-ngf/manifests.md @@ -131,13 +131,13 @@ To upgrade NGINX Gateway Fabric and get the latest features and improvements, ta - To upgrade the Gateway API resources, run: ```shell - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` or, if you installed the from the experimental channel: ```shell - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/experimental-install.yaml ``` 1. **Upgrade NGINX Gateway Fabric CRDs:** diff --git a/site/content/overview/gateway-api-compatibility.md b/site/content/overview/gateway-api-compatibility.md index c8106ac8f..894924db5 100644 --- a/site/content/overview/gateway-api-compatibility.md +++ b/site/content/overview/gateway-api-compatibility.md @@ -15,11 +15,11 @@ docs: "DOCS-1412" | [Gateway](#gateway) | Supported | Not supported | Not supported | v1 | | [HTTPRoute](#httproute) | Supported | Partially supported | Not supported | v1 | | [ReferenceGrant](#referencegrant) | Supported | N/A | Not supported | v1beta1 | -| [GRPCRoute](#grpcroute) | Partially Supported | Not supported | Not supported | v1alpha2 | +| [GRPCRoute](#grpcroute) | Partially Supported | Not supported | Not supported | v1 | | [TLSRoute](#tlsroute) | Not supported | Not supported | Not supported | N/A | | [TCPRoute](#tcproute) | Not supported | Not supported | Not supported | N/A | | [UDPRoute](#udproute) | Not supported | Not supported | Not supported | N/A | -| [BackendTLSPolicy](#backendtlspolicy) | Supported | Supported | Not supported | v1alpha2 | +| [BackendTLSPolicy](#backendtlspolicy) | Supported | Supported | Not supported | v1alpha3 | | [Custom policies](#custom-policies) | Not supported | N/A | Not supported | N/A | {{< /bootstrap-table >}} @@ -187,7 +187,7 @@ See the [static-mode]({{< relref "/reference/cli-help.md#static-mode">}}) comman {{< bootstrap-table "table table-striped table-bordered" >}} | Resource | Core Support Level | Extended Support Level | Implementation-Specific Support Level | API Version | | --------- | ------------------- | ---------------------- | ------------------------------------- | ----------- | -| GRPCRoute | Supported | Not supported | Not supported | v1alpha2 | +| GRPCRoute | Supported | Not supported | Not supported | v1 | {{< /bootstrap-table >}} **Fields**: @@ -283,24 +283,23 @@ Fields: {{< bootstrap-table "table table-striped table-bordered" >}} | Resource | Core Support Level | Extended Support Level | Implementation-Specific Support Level | API Version | | ---------------- | ------------------ | ---------------------- | ------------------------------------- | ----------- | -| BackendTLSPolicy | Supported | Supported | Not supported | v1alpha2 | +| BackendTLSPolicy | Supported | Supported | Not supported | v1alpha3 | {{< /bootstrap-table >}} Fields: - `spec` - - `targetRef` + - `targetRefs` - `group` - supported. - `kind` - supports `Service`. - `name` - supported. - - `namespace` - supported. - - `tls` - - `caCertRefs` - supports single reference to a `ConfigMap`, with the CA certificate in a key named `ca.crt`. + - `validation` + - `caCertificateRefs` - supports single reference to a `ConfigMap`, with the CA certificate in a key named `ca.crt`. - `name`- supported. - `group` - supported. - `kind` - supports `ConfigMap`. - `hostname` - supported. - - `wellKnownCerts` - supports `System`. This will set the CA certificate to the Alpine system root CA path `/etc/ssl/cert.pem`. NB: This option will only work if the NGINX image used is Alpine based. The NGF NGINX images are Alpine based by default. + - `wellKnownCertificates` - supports `System`. This will set the CA certificate to the Alpine system root CA path `/etc/ssl/cert.pem`. NB: This option will only work if the NGINX image used is Alpine based. The NGF NGINX images are Alpine based by default. - `status` - `ancestors` - `ancestorRef` - supported. diff --git a/tests/Makefile b/tests/Makefile index 0776da47c..2eb920342 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -5,7 +5,7 @@ NGINX_PLUS_PREFIX = $(PREFIX)/nginx-plus PLUS_ENABLED=false PULL_POLICY=Never GW_API_PREV_VERSION ?= 1.0.0 ## Supported Gateway API version from previous NGF release -GW_API_VERSION ?= 1.0.0 ## Supported Gateway API version for NGF under test +GW_API_VERSION ?= 1.1.0 ## Supported Gateway API version for NGF under test K8S_VERSION ?= latest ## Expected format: 1.24 (major.minor) or latest GW_SERVICE_TYPE=NodePort GW_SVC_GKE_INTERNAL=false diff --git a/tests/README.md b/tests/README.md index 21179a5af..c94d8a3a8 100644 --- a/tests/README.md +++ b/tests/README.md @@ -76,7 +76,7 @@ test-with-plus Runs the functional tests for NGF with NGINX Plus | NGINX_PLUS_PREFIX | nginx-gateway-fabric/nginx-plus | prefix for the locally built NGINX Plus image | | PLUS_ENABLED | false | Flag to indicate if NGINX Plus should be enabled | | PULL_POLICY | Never | NGF image pull policy | -| GW_API_VERSION | 1.0.0 | version of Gateway API resources to install | +| GW_API_VERSION | 1.1.0 | version of Gateway API resources to install | | K8S_VERSION | latest | version of k8s that the tests are run on | | GW_SERVICE_TYPE | NodePort | type of Service that should be created | | GW_SVC_GKE_INTERNAL | false | specifies if the LoadBalancer should be a GKE internal service | diff --git a/tests/go.mod b/tests/go.mod index 48a4930cd..e04023adf 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -11,7 +11,7 @@ require ( k8s.io/apimachinery v0.30.1 k8s.io/client-go v0.30.1 sigs.k8s.io/controller-runtime v0.18.2 - sigs.k8s.io/gateway-api v1.0.0 + sigs.k8s.io/gateway-api v1.1.0 sigs.k8s.io/yaml v1.4.0 ) @@ -19,13 +19,13 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-logr/logr v1.4.1 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.4 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -34,8 +34,8 @@ require ( github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect - github.com/google/uuid v1.3.1 // indirect - github.com/gorilla/websocket v1.5.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/gorilla/websocket v1.5.1 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/influxdata/tdigest v0.0.1 // indirect github.com/josharian/intern v1.0.0 // indirect @@ -54,24 +54,23 @@ require ( github.com/prometheus/procfs v0.12.0 // indirect github.com/rs/dnscache v0.0.0-20211102005908-e0241e321417 // indirect github.com/spf13/pflag v1.0.5 // indirect - golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect + golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect golang.org/x/net v0.24.0 // indirect - golang.org/x/oauth2 v0.13.0 // indirect + golang.org/x/oauth2 v0.19.0 // indirect golang.org/x/sync v0.7.0 // indirect golang.org/x/sys v0.19.0 // indirect golang.org/x/term v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.20.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.8 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/klog/v2 v2.120.1 // indirect - k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 // indirect + k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/tests/go.sum b/tests/go.sum index d55e5ed79..5cbda18b2 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -6,14 +6,13 @@ github.com/bmizerany/perks v0.0.0-20230307044200-03f9df79da1e h1:mWOqoK5jV13ChKf github.com/bmizerany/perks v0.0.0-20230307044200-03f9df79da1e/go.mod h1:ac9efd0D1fsDb3EJvhqgXRbFx7bs2wqZ10HQPeU8U/Q= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgryski/go-gk v0.0.0-20200319235926-a69029f61654 h1:XOPLOMn/zT4jIgxfxSsoXPxkrzz0FaCHwp33x5POJ+Q= github.com/dgryski/go-gk v0.0.0-20200319235926-a69029f61654/go.mod h1:qm+vckxRlDt0aOla0RYJJVeqHZlWfOm2UIxHaqPB46E= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= @@ -24,28 +23,23 @@ github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -54,11 +48,11 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= -github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/influxdata/tdigest v0.0.1 h1:XpFptwYmnEKUqmkcDjrzffswZ3nvNeevbUSLPP/ZzIY= @@ -69,11 +63,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= @@ -107,8 +98,8 @@ github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lne github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/rs/dnscache v0.0.0-20211102005908-e0241e321417 h1:Lt9DzQALzHoDwMBGJ6v8ObDPR0dzr2a6sXTB1Fq7IHs= github.com/rs/dnscache v0.0.0-20211102005908-e0241e321417/go.mod h1:qe5TWALJ8/a1Lqznoc5BDHpYX/8HU60Hm2AwRmqzxqA= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -116,19 +107,13 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/streadway/quantile v0.0.0-20220407130108-4246515d968d h1:X4+kt6zM/OVO6gbJdAfJR60MGPsqCzbtXNnjoGqdfAs= github.com/streadway/quantile v0.0.0-20220407130108-4246515d968d/go.mod h1:lbP8tGiBjZ5YWIc2fzuRpTaz0b/53vT6PEs3QuAWzuU= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tsenart/vegeta/v12 v12.11.1 h1:Rbwe7Zxr7sJ+BDTReemeQalYPvKiSV+O7nwmUs20B3E= github.com/tsenart/vegeta/v12 v12.11.1/go.mod h1:swiFmrgpqj2llHURgHYFRFN0tfrIrlnspg01HjwOnSQ= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -138,56 +123,42 @@ go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -199,10 +170,6 @@ gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuB gonum.org/v1/gonum v0.0.0-20181121035319-3f7ecaa7e8ca h1:PupagGYwj8+I4ubCxcmcBRk3VlUWtTg5huQpZR9flmE= gonum.org/v1/gonum v0.0.0-20181121035319-3f7ecaa7e8ca/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= gonum.org/v1/netlib v0.0.0-20181029234149-ec6d1f5cefe6/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -213,7 +180,6 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.30.1 h1:kCm/6mADMdbAxmIh0LBjS54nQBE+U4KmbCfIkF5CpJY= @@ -226,16 +192,16 @@ k8s.io/client-go v0.30.1 h1:uC/Ir6A3R46wdkgCV3vbLyNOYyCJ8oZnjtJGKfytl/Q= k8s.io/client-go v0.30.1/go.mod h1:wrAqLNs2trwiCH/wxxmT/x3hKVH9PuV0GGW0oDoHVqc= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 h1:Q8Z7VlGhcJgBHJHYugJ/K/7iB8a2eSxCyxdVjJp+lLY= +k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 h1:ao5hUqGhsqdm+bYbjH/pRkCs0unBGe9UyDahzs9zQzQ= +k8s.io/utils v0.0.0-20240423183400-0849a56e8f22/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= pgregory.net/rapid v1.1.0 h1:CMa0sjHSru3puNx+J0MIAuiiEV4N0qj8/cMWGBBCsjw= pgregory.net/rapid v1.1.0/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04= sigs.k8s.io/controller-runtime v0.18.2 h1:RqVW6Kpeaji67CY5nPEfRz6ZfFMk0lWQlNrLqlNpx+Q= sigs.k8s.io/controller-runtime v0.18.2/go.mod h1:tuAt1+wbVsXIT8lPtk5RURxqAnq7xkpv2Mhttslg7Hw= -sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= -sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= +sigs.k8s.io/gateway-api v1.1.0 h1:DsLDXCi6jR+Xz8/xd0Z1PYl2Pn0TyaFMOPPZIj4inDM= +sigs.k8s.io/gateway-api v1.1.0/go.mod h1:ZH4lHrL2sDi0FHZ9jjneb8kKnGzFWyrTya35sWUTrRs= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/tests/reconfig/setup.md b/tests/reconfig/setup.md index 1883786c5..60db6c352 100644 --- a/tests/reconfig/setup.md +++ b/tests/reconfig/setup.md @@ -35,7 +35,7 @@ 2. Deploy CRDs: ```bash - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` 3. Deploy NGF from edge using Helm install and wait for LoadBalancer Service to be ready diff --git a/tests/scale/scale.md b/tests/scale/scale.md index 94ae84471..328378596 100644 --- a/tests/scale/scale.md +++ b/tests/scale/scale.md @@ -48,7 +48,7 @@ are listed in the [Scale Upstream Servers](#scale-upstream-servers) test steps. - Install Gateway API Resources: ```console - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml ``` - Install edge NGF: