feat: downstream mTLS #2490

arkodg · 2024-01-23T22:09:44Z

Relates to #2483

codecov · 2024-01-23T22:13:23Z

Codecov Report

Attention: 224 lines in your changes are missing coverage. Please review.

Comparison is base (446997b) 63.89% compared to head (1056fb6) 63.57%.

❗ Current head 1056fb6 differs from pull request most recent head 23fe1c8. Consider uploading reports for the commit 23fe1c8 to get more accurate results

Files	Patch %	Lines
internal/provider/kubernetes/controller.go	22.52%	83 Missing and 3 partials ⚠️
internal/provider/kubernetes/indexers.go	5.00%	36 Missing and 2 partials ⚠️
internal/gatewayapi/clienttrafficpolicy.go	66.66%	15 Missing and 5 partials ⚠️
internal/gatewayapi/validate.go	58.33%	14 Missing and 6 partials ⚠️
internal/ir/zz_generated.deepcopy.go	0.00%	18 Missing and 1 partial ⚠️
internal/provider/kubernetes/predicates.go	58.06%	10 Missing and 3 partials ⚠️
internal/gatewayapi/zz_generated.deepcopy.go	0.00%	9 Missing ⚠️
internal/xds/translator/listener.go	70.00%	8 Missing and 1 partial ⚠️
internal/xds/translator/translator.go	33.33%	6 Missing and 2 partials ⚠️
internal/gatewayapi/resource.go	71.42%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2490      +/-   ##
==========================================
- Coverage   63.89%   63.57%   -0.33%     
==========================================
  Files         119      119              
  Lines       18847    18944      +97     
==========================================
+ Hits        12042    12043       +1     
- Misses       6010     6097      +87     
- Partials      795      804       +9

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Relates to envoyproxy#2483 Signed-off-by: Arko Dasgupta <[email protected]>

Signed-off-by: Arko Dasgupta <[email protected]>

internal/xds/translator/listener.go

internal/gatewayapi/clienttrafficpolicy.go

* feat: downstream mTLS Relates to envoyproxy#2483 Signed-off-by: Arko Dasgupta <[email protected]> * configmap provider logic Signed-off-by: Arko Dasgupta <[email protected]> * gatewayapi translation Signed-off-by: Arko Dasgupta <[email protected]> * fix charts Signed-off-by: Arko Dasgupta <[email protected]> * tests Signed-off-by: Arko Dasgupta <[email protected]> * lint Signed-off-by: Arko Dasgupta <[email protected]> --------- Signed-off-by: Arko Dasgupta <[email protected]> Signed-off-by: Yael Shechter <[email protected]>

fix mtls failed test Signed-off-by: shawnh2 <[email protected]>

* feat: downstream mTLS Relates to envoyproxy#2483 Signed-off-by: Arko Dasgupta <[email protected]> * configmap provider logic Signed-off-by: Arko Dasgupta <[email protected]> * gatewayapi translation Signed-off-by: Arko Dasgupta <[email protected]> * fix charts Signed-off-by: Arko Dasgupta <[email protected]> * tests Signed-off-by: Arko Dasgupta <[email protected]> * lint Signed-off-by: Arko Dasgupta <[email protected]> --------- Signed-off-by: Arko Dasgupta <[email protected]> Signed-off-by: Stéphane Cottin <[email protected]>

…#2608) fix mtls failed test Signed-off-by: shawnh2 <[email protected]> Signed-off-by: Stéphane Cottin <[email protected]>

* feat: Suppress 'X-Envoy' headers and pass-through the upstream 'Server' header by default (#2585) * Implement and update tests for the default header transformations. Signed-off-by: Lior Okman <[email protected]> * Make 'gen-check' happy Signed-off-by: Lior Okman <[email protected]> --------- Signed-off-by: Lior Okman <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * bug: fix merge race (#2604) Between #2585 & #2581 Signed-off-by: Arko Dasgupta <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * feat: downstream mTLS (#2490) * feat: downstream mTLS Relates to #2483 Signed-off-by: Arko Dasgupta <[email protected]> * configmap provider logic Signed-off-by: Arko Dasgupta <[email protected]> * gatewayapi translation Signed-off-by: Arko Dasgupta <[email protected]> * fix charts Signed-off-by: Arko Dasgupta <[email protected]> * tests Signed-off-by: Arko Dasgupta <[email protected]> * lint Signed-off-by: Arko Dasgupta <[email protected]> --------- Signed-off-by: Arko Dasgupta <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * add timeout to clientTrafficPolicy Signed-off-by: Yael Shechter <[email protected]> * fix comment Signed-off-by: Yael Shechter <[email protected]> * add omitempty Signed-off-by: Yael Shechter <[email protected]> * add cel test for coverage Signed-off-by: Yael Shechter <[email protected]> * run make commands Signed-off-by: Yael Shechter <[email protected]> * change request timeout field name and desc Signed-off-by: Yael Shechter <[email protected]> * tidy up comment Signed-off-by: Yael Shechter <[email protected]> * fix cel test Signed-off-by: Yael Shechter <[email protected]> * fix typo Signed-off-by: Yael Shechter <[email protected]> * run generate Signed-off-by: Yael Shechter <[email protected]> --------- Signed-off-by: Lior Okman <[email protected]> Signed-off-by: Yael Shechter <[email protected]> Signed-off-by: Arko Dasgupta <[email protected]> Co-authored-by: Lior Okman <[email protected]> Co-authored-by: Arko Dasgupta <[email protected]> Co-authored-by: zirain <[email protected]>

arkodg requested a review from a team as a code owner January 23, 2024 22:09

arkodg marked this pull request as draft January 23, 2024 22:09

arkodg mentioned this pull request Jan 23, 2024

Add Upstream TLS Support #2247

Merged

arkodg force-pushed the implement-mtls branch 2 times, most recently from 6946ed4 to 896c97a Compare January 30, 2024 23:24

arkodg added 2 commits February 9, 2024 14:12

feat: downstream mTLS

4014db9

Relates to envoyproxy#2483 Signed-off-by: Arko Dasgupta <[email protected]>

configmap provider logic

6a19af7

Signed-off-by: Arko Dasgupta <[email protected]>

arkodg force-pushed the implement-mtls branch from 896c97a to 3f1b93d Compare February 10, 2024 01:52

gatewayapi translation

eb458b0

Signed-off-by: Arko Dasgupta <[email protected]>

arkodg force-pushed the implement-mtls branch from 3f1b93d to eb458b0 Compare February 10, 2024 01:55

arkodg added 3 commits February 9, 2024 19:57

fix charts

9068268

Signed-off-by: Arko Dasgupta <[email protected]>

tests

0f00251

Signed-off-by: Arko Dasgupta <[email protected]>

lint

1056fb6

Signed-off-by: Arko Dasgupta <[email protected]>

arkodg marked this pull request as ready for review February 10, 2024 04:40

arkodg requested a review from a team February 10, 2024 04:40

guydc reviewed Feb 12, 2024

View reviewed changes

internal/xds/translator/listener.go Show resolved Hide resolved

arkodg requested a review from guydc February 12, 2024 19:31

guydc reviewed Feb 12, 2024

View reviewed changes

internal/gatewayapi/clienttrafficpolicy.go Show resolved Hide resolved

arkodg mentioned this pull request Feb 12, 2024

Validate the CA Cert #2601

Closed

guydc approved these changes Feb 12, 2024

View reviewed changes

zirain approved these changes Feb 14, 2024

View reviewed changes

Merge branch 'main' into implement-mtls

23fe1c8

arkodg merged commit 765903a into envoyproxy:main Feb 14, 2024
5 of 7 checks passed

arkodg deleted the implement-mtls branch February 14, 2024 01:46

shawnh2 mentioned this pull request Feb 14, 2024

chore: fix failed test case introduced by #2490 #2608

Merged

arkodg pushed a commit that referenced this pull request Feb 14, 2024

chore: fix failed test case introduced by #2490 (#2608)

b97e5ab

fix mtls failed test Signed-off-by: shawnh2 <[email protected]>

vixns pushed a commit to vixns/gateway that referenced this pull request Feb 18, 2024

chore: fix failed test case introduced by envoyproxy#2490 (envoyproxy…

69fb399

…#2608) fix mtls failed test Signed-off-by: shawnh2 <[email protected]> Signed-off-by: Stéphane Cottin <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: downstream mTLS #2490

feat: downstream mTLS #2490

arkodg commented Jan 23, 2024

codecov bot commented Jan 23, 2024 •

edited

Loading

feat: downstream mTLS #2490

feat: downstream mTLS #2490

Conversation

arkodg commented Jan 23, 2024

codecov bot commented Jan 23, 2024 • edited Loading

Codecov Report

codecov bot commented Jan 23, 2024 •

edited

Loading