refactor: infra client CreateOrUpdate to ServerSideApply #3134
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
cc @zirain |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3134 +/- ##
==========================================
+ Coverage 66.51% 67.05% +0.54%
==========================================
Files 161 161
Lines 22673 18040 -4633
==========================================
- Hits 15080 12096 -2984
+ Misses 6720 5077 -1643
+ Partials 873 867 -6 ☔ View full report in Codecov by Sentry. |
ardikabs
force-pushed
the
refactor/infra-createorupdate
branch
from
75f2f42 to
b5135aa
Compare
Signed-off-by: Ardika Bagus <[email protected]>
Signed-off-by: Ardika Bagus <[email protected]>
Signed-off-by: Ardika Bagus <[email protected]>
Signed-off-by: Ardika Bagus <[email protected]>
ardikabs
force-pushed
the
refactor/infra-createorupdate
branch
from
b5135aa to
9a40e37
Compare
|
/retest |
arkodg
approved these changes
Apr 9, 2024
There was a problem hiding this comment.
LGTM thanks !
non blocking comment - prefer if we moved the test out of e2e into internal/infrastructure/kubernetes similar to https://github.com/envoyproxy/gateway/blob/main/internal/provider/kubernetes/kubernetes_test.go in a follow up
zirain
approved these changes
Apr 9, 2024
arkodg
pushed a commit
to arkodg/gateway
that referenced
this pull request
Jun 11, 2024
…3134) * refactor(infra-client): CreateOrUpdate to ServerSideApply Signed-off-by: Ardika Bagus <[email protected]> * test(infra-client): add e2e test for ServerSideApply Signed-off-by: Ardika Bagus <[email protected]> * chore: remove comment Signed-off-by: Ardika Bagus <[email protected]> * chore: fix linter Signed-off-by: Ardika Bagus <[email protected]> --------- Signed-off-by: Ardika Bagus <[email protected]> (cherry picked from commit 81108f2) Signed-off-by: Arko Dasgupta <[email protected]>
arkodg
pushed a commit
to arkodg/gateway
that referenced
this pull request
Jun 12, 2024
…3134) * refactor(infra-client): CreateOrUpdate to ServerSideApply Signed-off-by: Ardika Bagus <[email protected]> * test(infra-client): add e2e test for ServerSideApply Signed-off-by: Ardika Bagus <[email protected]> * chore: remove comment Signed-off-by: Ardika Bagus <[email protected]> * chore: fix linter Signed-off-by: Ardika Bagus <[email protected]> --------- Signed-off-by: Ardika Bagus <[email protected]> (cherry picked from commit 81108f2) Signed-off-by: Arko Dasgupta <[email protected]>
arkodg
added a commit
to arkodg/gateway
that referenced
this pull request
Jun 12, 2024
rm invalid diff related to envoyproxy#3134 Signed-off-by: Arko Dasgupta <[email protected]>
Xunzhuo
pushed a commit
that referenced
this pull request
Jun 12, 2024
* Use <proto>-<port> for naming service and container ports (#3130) * Use <proto>-<port> for naming service and container ports Takes inspiration from #2973 to name port, not off the listener but off the port-proto ensuring that patch (during updates) also works Fixes: #3111 Signed-off-by: Arko Dasgupta <[email protected]> * testdata Signed-off-by: Arko Dasgupta <[email protected]> * fix test Signed-off-by: Arko Dasgupta <[email protected]> * move to helper pkg Signed-off-by: Arko Dasgupta <[email protected]> * fix e2e Signed-off-by: Arko Dasgupta <[email protected]> * lint Signed-off-by: Arko Dasgupta <[email protected]> * fix e2e Signed-off-by: Arko Dasgupta <[email protected]> --------- Signed-off-by: Arko Dasgupta <[email protected]> (cherry picked from commit c41247b) Signed-off-by: Arko Dasgupta <[email protected]> * bug: Tests are failing due to an expired certificate in one of the translator tests (#3476) Replaced a certificate in the test that had expired. The old certificate expired May 24 2024: Certificate: Data: Version: 1 (0x0) Serial Number: ca:7c:5c:b7:25:5d:bb:f9 Signature Algorithm: ecdsa-with-SHA256 Issuer: CN=test.example.com Validity Not Before: May 25 14:10:42 2023 GMT Not After : May 24 14:10:42 2024 GMT Subject: CN=test.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:78:cb:47:0b:78:48:7a:ad:90:b1:d9:2d:4a:2f: d9:35:1f:cc:28:d6:af:4a:6d:c7:36:7e:ed:1a:88: 1f:a9:aa:a7:f0:04:a0:1c:86:bb:c9:45:3e:f8:fb: 28:0c:3e:a4:7f:ef:82:7b:bb:ac:77:49:90:3b:54: a7:75:82:16:8f:64:0b:88:8c:f4:35:91:fc:07:f4: 2b:e2:2e:c9:d0:82:b0:b1:09:54:9e:e9:d9:aa:fe: 4a:63:d4:cb:41:ad:27 ASN1 OID: secp384r1 NIST CURVE: P-384 Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:65:02:31:00:86:4e:33:e4:86:37:4c:26:a7:be:57:51:44: 8e:6c:88:ea:3c:03:58:00:a3:5e:7a:53:9e:2c:54:b3:ab:82: 25:fe:4c:e4:be:4d:8c:56:e2:da:d8:de:d2:20:ca:13:55:02: 30:0c:2a:27:a7:fd:2b:a9:87:4f:06:ea:4e:2d:cc:48:4d:9d: d7:cf:73:88:6d:98:54:18:83:6d:e5:a9:c3:84:75:c9:ee:c6: 0d:1a:15:a2:8c:68:86:88:83:17:b9:7a:9b The new certificate is good for 10 years. Certificate: Data: Version: 3 (0x2) Serial Number: 42:29:94:01:e1:cb:32:dc:f8:b4:64:6d:9e:1e:28:8d:7b:5a:53:3b Signature Algorithm: ecdsa-with-SHA256 Issuer: CN=test.example.com Validity Not Before: May 25 09:11:37 2024 GMT Not After : May 23 09:11:37 2034 GMT Subject: CN=test.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:78:cb:47:0b:78:48:7a:ad:90:b1:d9:2d:4a:2f: d9:35:1f:cc:28:d6:af:4a:6d:c7:36:7e:ed:1a:88: 1f:a9:aa:a7:f0:04:a0:1c:86:bb:c9:45:3e:f8:fb: 28:0c:3e:a4:7f:ef:82:7b:bb:ac:77:49:90:3b:54: a7:75:82:16:8f:64:0b:88:8c:f4:35:91:fc:07:f4: 2b:e2:2e:c9:d0:82:b0:b1:09:54:9e:e9:d9:aa:fe: 4a:63:d4:cb:41:ad:27 ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Subject Key Identifier: DA:49:EA:13:99:CA:DE:10:D2:70:2B:27:E2:60:AA:E0:F4:7B:EA:50 X509v3 Authority Key Identifier: DA:49:EA:13:99:CA:DE:10:D2:70:2B:27:E2:60:AA:E0:F4:7B:EA:50 X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:65:02:30:6d:4e:25:4f:84:f4:38:7e:c4:de:c8:d1:55:0c: af:4b:e4:c0:a1:f3:59:de:fb:48:0a:96:07:65:29:9f:fe:7c: 3c:ee:f0:c9:ca:17:bc:cd:bd:a4:31:38:24:4f:c6:e5:02:31: 00:e6:9a:ce:52:60:4b:b8:0e:e7:23:6d:8a:69:a0:21:e5:d1: bb:e8:e9:09:6a:32:d6:8c:58:49:f4:76:86:e6:c1:b8:24:d3: 44:08:fa:1c:ef:34:70:c1:24:76:a9:35:8f Signed-off-by: Lior Okman <[email protected]> (cherry picked from commit c2c9b43) Signed-off-by: Arko Dasgupta <[email protected]> * fix: use Patch API for infra-client (#3034) * fix(infrastructure): use Patch API instead Signed-off-by: Ardika Bagus <[email protected]> * chore: add interceptor for ApplyPatch on fake client Signed-off-by: Ardika Bagus <[email protected]> * chore: trigger make generate Signed-off-by: Ardika Bagus <[email protected]> * chore: remove update verb Signed-off-by: Ardika Bagus <[email protected]> * chore: SetUID no longer needed Signed-off-by: Ardika Bagus <[email protected]> --------- Signed-off-by: Ardika Bagus <[email protected]> (cherry picked from commit cc01bf5) Signed-off-by: Arko Dasgupta <[email protected]> * refactor: infra client CreateOrUpdate to ServerSideApply (#3134) * refactor(infra-client): CreateOrUpdate to ServerSideApply Signed-off-by: Ardika Bagus <[email protected]> * test(infra-client): add e2e test for ServerSideApply Signed-off-by: Ardika Bagus <[email protected]> * chore: remove comment Signed-off-by: Ardika Bagus <[email protected]> * chore: fix linter Signed-off-by: Ardika Bagus <[email protected]> --------- Signed-off-by: Ardika Bagus <[email protected]> (cherry picked from commit 81108f2) Signed-off-by: Arko Dasgupta <[email protected]> * fix: duplicated xroutes are added to gatewayapi.Resources (#3282) fix duplicated xroutes Signed-off-by: Dingkang Li <[email protected]> (cherry picked from commit 32c6876) Signed-off-by: Arko Dasgupta <[email protected]> * fix: add proxy protocol always as first listenerFilter (#3332) * add proxy protocol always as first listenerFilter Signed-off-by: Jesse Haka <[email protected]> * add test Signed-off-by: Jesse Haka <[email protected]> --------- Signed-off-by: Jesse Haka <[email protected]> (cherry picked from commit 6d8f2dc) Signed-off-by: Arko Dasgupta <[email protected]> * fix: security policy reference grant from field type (#3386) fix: security policy reference grant from field Signed-off-by: Eguzki Astiz Lezaun <[email protected]> (cherry picked from commit bd72474) Signed-off-by: Arko Dasgupta <[email protected]> * bug: Route extension filters with different types but the same name and namespace aren't correctly cached (#3388) * Route extension filters are unstructured.Unstructured instances, so caching them should be done with both the name and type as a key. Signed-off-by: Lior Okman <[email protected]> * Moved NamespacedNameAndType to the Kubernetes helpers, and renamed it to be clearer about what it has. Signed-off-by: Lior Okman <[email protected]> * Also renamed the helper function. Signed-off-by: Lior Okman <[email protected]> * Moved to the 'utils' package to be beside NamespacedName. Signed-off-by: Lior Okman <[email protected]> * Renamed structure according to review, and updated the comments Signed-off-by: Lior Okman <[email protected]> --------- Signed-off-by: Lior Okman <[email protected]> (cherry picked from commit 95e2e35) Signed-off-by: Arko Dasgupta <[email protected]> * fix(translator): set ignoreCase for header matchers in extAuth (#3420) fix: set ignoreCase for header matchers in extAuth Signed-off-by: haoqixu <[email protected]> (cherry picked from commit 8206e11) Signed-off-by: Arko Dasgupta <[email protected]> * fix secrets/configmap updates do not trigger a controller reconcile (#3499) * ensure both secrets and config map reconcile upon changes ensure secret/config map changes trigger a reconcile Signed-off-by: Alex Volchok <[email protected]> * Update controller.go Signed-off-by: Alex Volchok <[email protected]> * Update controller.go Signed-off-by: Alex Volchok <[email protected]> --------- Signed-off-by: Alex Volchok <[email protected]> (cherry picked from commit ff2c598) Signed-off-by: Arko Dasgupta <[email protected]> * feat: backend TLS SAN validation (#3507) * BTLS: enforce SAN validation Signed-off-by: Guy Daich <[email protected]> * use dedicated cert for ext-proc e2e test Signed-off-by: Guy Daich <[email protected]> * fix ext-proc server client tls settings Signed-off-by: Guy Daich <[email protected]> --------- Signed-off-by: Guy Daich <[email protected]> (cherry picked from commit dc201ba) Signed-off-by: Arko Dasgupta <[email protected]> * fix: ReplaceFullPath not working for root path (/) (#3530) * fix: ReplaceFullPath not working for root path (/) Takes #2817 forward Signed-off-by: Arko Dasgupta <[email protected]> (cherry picked from commit 8f83c3d) Signed-off-by: Arko Dasgupta <[email protected]> * chore: Remove namespace restriction for EnvoyProxy parametersRef reso… (#3544) chore: Remove namespace restriction for EnvoyProxy parametersRef resource (cherry picked from commit b870e39) Signed-off-by: Arko Dasgupta <[email protected]> * fix test rm invalid diff related to #3134 Signed-off-by: Arko Dasgupta <[email protected]> * fix GatewayInfraResourceTest Signed-off-by: Arko Dasgupta <[email protected]> --------- Signed-off-by: Arko Dasgupta <[email protected]> Signed-off-by: Lior Okman <[email protected]> Signed-off-by: Ardika Bagus <[email protected]> Signed-off-by: Dingkang Li <[email protected]> Signed-off-by: Jesse Haka <[email protected]> Signed-off-by: Eguzki Astiz Lezaun <[email protected]> Signed-off-by: haoqixu <[email protected]> Signed-off-by: Alex Volchok <[email protected]> Signed-off-by: Guy Daich <[email protected]> Co-authored-by: Lior Okman <[email protected]> Co-authored-by: Ardika <[email protected]> Co-authored-by: Dingkang Li <[email protected]> Co-authored-by: Jesse Haka <[email protected]> Co-authored-by: Eguzki Astiz Lezaun <[email protected]> Co-authored-by: xu0o0 <[email protected]> Co-authored-by: Alex Volchok <[email protected]> Co-authored-by: Guy Daich <[email protected]> Co-authored-by: zou rui <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
Full context #3111
This PR will refactor the infra client which is moving from an imperative to a declarative way to manage the resources, specifically with the server-side apply mechanism, including a full refactor on
CreateOrUpdatetoServerSideApply.The reason, quoted from #3111 (comment):
In previous attempts, we created a resource using the Create operation but then attempted updates using the Apply operation. This led us to identify issues on certain fields, such as
deployment.spec.template.spec.containers[*].ports[*], that returned the following error message:I've also included an e2e test to ensure at least for the Gateway listener changes, specifically for the port name and number.
What this PR does / why we need it:
Which issue(s) this PR fixes: