Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[pull] main from envoyproxy:main #40

Merged
merged 260 commits into from
Apr 9, 2024
Merged
Changes from 1 commit
Commits
Show all changes
260 commits
Select commit Hold shift + click to select a range
b9150ff
chore: fix merge race (#2691)
shawnh2 Feb 24, 2024
5bfcb20
feat: add `egctl experimental dashboard envoy-proxy` to render the a…
hanxiaop Feb 24, 2024
ae64f79
build(deps): bump go.opentelemetry.io/otel from 1.23.1 to 1.24.0 (#2698)
dependabot[bot] Feb 26, 2024
211ca25
build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/…
dependabot[bot] Feb 26, 2024
338515a
build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/…
dependabot[bot] Feb 26, 2024
e1b2a71
fix: Policies should apply only to gateways they were attached to whe…
liorokman Feb 26, 2024
72fadb7
feat: add egctl ratelimit config support (#2674)
ShyunnY Feb 26, 2024
329aafc
feat: Gracefully drain listeners before envoy shutdown on pod termina…
davidalger Feb 27, 2024
1b6635b
build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (#2695)
dependabot[bot] Feb 27, 2024
9e8839e
build(deps): bump distroless/static from `6a3500b` to `49af061` in /t…
dependabot[bot] Feb 27, 2024
288cd9a
build(deps): bump github.com/evanphx/json-patch from 5.7.0+incompatib…
dependabot[bot] Feb 27, 2024
f316c69
build(deps): bump github.com/norwoodj/helm-docs from 1.12.0 to 1.13.0…
dependabot[bot] Feb 27, 2024
a64c94b
fix: add unsupported status condition for filters within BackendRef (…
cnvergence Feb 27, 2024
efedbd1
chore: add crd categories (#2713)
zirain Feb 27, 2024
698e6f1
fix: Configure idle timeout when timeout is set on HTTPRoute (#2708)
davidalger Feb 27, 2024
82d9b6f
chore: improve the stability of coverage test in CI (#2692)
shawnh2 Feb 27, 2024
ad61e43
e2e: add test for Timeout in ClientTrafficPolicy (#2705)
zirain Feb 28, 2024
1aee767
Revert "build(deps): bump github.com/norwoodj/helm-docs from 1.12.0 t…
guydc Feb 28, 2024
6d8337e
chore: use most recent gateway api conformance backend (#2715)
guydc Feb 28, 2024
26d9d97
docs: fix helm chart install docs (#2722)
phantooom Feb 28, 2024
8efa0d4
docs: Timeouts in CTP (#2710)
zirain Feb 28, 2024
8b0bbd3
e2e: add test for jwt claim base routing (#2712)
zirain Feb 29, 2024
fa6b0d4
feat: support patch in envoyService (#2719)
arkodg Feb 29, 2024
f6ae81f
chore: update TestDeployment (#2721)
zirain Feb 29, 2024
c9b3f19
chore: remove duplicate logic for err (#2731)
Xunzhuo Feb 29, 2024
5015061
add overriding condition to BackendTrafficPolicy and SecurityPolicy (…
zhaohuabing Mar 1, 2024
c5fd103
doc: add JWT claim base routing (#2728)
zirain Mar 1, 2024
bfca32e
fix(translator): Panic when translating routes with empty backends (#…
davidalger Mar 1, 2024
4ebe6a9
Validate the CA Cert (#2732)
zirain Mar 1, 2024
8751461
chore: filename be more gopher (#2735)
zirain Mar 1, 2024
790e4c2
chore: follow-up #2735 (#2737)
Xunzhuo Mar 1, 2024
4d9c927
chore: correct source code (#2736)
zirain Mar 1, 2024
2a63f91
chore: support run single e2e test (#2745)
zirain Mar 2, 2024
74f86f9
fix(helm): refactor monitoring service (#2704)
nipsufn Mar 2, 2024
4816db4
ratelimit support prometheus (#2729)
zirain Mar 2, 2024
37d35ba
e2e: add test for BackendTrafficPolicy retry (#2738)
zirain Mar 2, 2024
2976ba3
chore: Cleanup test data for routes with RequestRedirect filter (#2746)
davidalger Mar 2, 2024
6ae72d0
e2e: set service name for test pod (#2748)
zirain Mar 2, 2024
3e70498
docs: Retry in BackendTrafficPolicy (#2747)
zirain Mar 2, 2024
c8b1147
chore: add make uninstall-e2e-telemetry (#2740)
zirain Mar 2, 2024
e1772e4
e2e: increase the size of header to avoid flaky (#2743)
zirain Mar 2, 2024
5e982de
chore: clean warning message (#2752)
zirain Mar 3, 2024
308a86d
docs: Unified envoy gateway installation documentation (#2621)
yuluo-yx Mar 3, 2024
7f182b3
feat(translator): add default retry budget and retry host predicate (…
guydc Mar 3, 2024
ff08897
fix circuitbreaker BTP (#2753)
zirain Mar 3, 2024
93d6d21
chore: use list instead of map for Provider Resources (#2658)
arkodg Mar 3, 2024
4db02e6
ci: set github action concurrency (#2750)
zirain Mar 3, 2024
75fcedc
fix: reset translate in retry (#2756)
guydc Mar 4, 2024
5ca939e
docs: add http-timeouts docs (#2741)
phantooom Mar 4, 2024
9c120c8
build(deps): bump github.com/prometheus/common from 0.47.0 to 0.49.0 …
dependabot[bot] Mar 4, 2024
4f76446
build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 (#2759)
dependabot[bot] Mar 4, 2024
aaf5004
build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from …
dependabot[bot] Mar 4, 2024
093ce02
build(deps): bump actions/download-artifact from 4.1.2 to 4.1.4 (#2765)
dependabot[bot] Mar 4, 2024
ca572b8
build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 (#2766)
dependabot[bot] Mar 4, 2024
e8a2b5e
fix: Circuit Breaker flaky test (#2770)
guydc Mar 4, 2024
ce1eb54
Add Upstream TLS Support (#2247)
TasdidurRahman Mar 4, 2024
9b48ff9
build(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#2760)
dependabot[bot] Mar 4, 2024
dd60e40
API: support max_retries in circuit breakers API (#2773)
guydc Mar 5, 2024
c2ad8c1
charts:move backendtlspolicies into right home (#2776)
arkodg Mar 5, 2024
f1ac586
Adding OIDC e2e tests and Relaxing HTTPS restriction for OIDC token e…
zhaohuabing Mar 5, 2024
5ecbdcd
Fix hmac secret (#2768)
zhaohuabing Mar 5, 2024
a506c0b
chore: ignore docs path when testing (#2779)
zhaohuabing Mar 5, 2024
d8ff060
release: v1.0.0-rc.1 (#2780)
Xunzhuo Mar 5, 2024
6a5a354
ci: update cherry-pick v1.0.0 (#2784)
Xunzhuo Mar 5, 2024
26def5c
fix: add missing release notes details and re organize it (#2785)
Xunzhuo Mar 5, 2024
8817d4e
e2e: backend upgrade test (#2725)
guydc Mar 5, 2024
930dcc1
chore: add testdata to passive health checks (#2788)
deszhou Mar 5, 2024
aafed63
promote: guydc as maintainer (#2794)
Xunzhuo Mar 6, 2024
a6cc60a
fix: Delete unused status keys from watchable (#2782)
uniglot Mar 6, 2024
af72b32
docs: fix commands in basic auth example (#2791)
arkodg Mar 6, 2024
ef1934f
feat: Support WellKnownSystemCerts in BackendTLSPolicy (#2804)
liorokman Mar 6, 2024
10b39e0
docs: refactor user guides (#2797)
Xunzhuo Mar 7, 2024
bdda774
Fix gen check (#2814)
Xunzhuo Mar 7, 2024
44ede66
refactor: set instead of map for mergeGateways (#2803)
deszhou Mar 7, 2024
fe4de9f
remove: support for hostnetwork (#2815)
Xunzhuo Mar 7, 2024
73eba18
feat(egctl): add support for egctl to translate from gateway-api reso…
liorokman Mar 7, 2024
51af250
docs: basic auth example use https (#2806)
phantooom Mar 7, 2024
f595862
chore: group go.opentelemetry.io dependabot (#2821)
zirain Mar 7, 2024
e4cbcdc
Add referenced BackendRefs for ExtAuth to Resource Tree (#2795)
zhaohuabing Mar 8, 2024
ff108c3
fix bootstrap merge (#2801)
zirain Mar 8, 2024
07d3ec9
fix: skip the ReasonTargetNotFound for all policies (#2802)
shawnh2 Mar 8, 2024
2c273e5
docs: update EnvoyProxy logs (#2822)
zirain Mar 8, 2024
95f121b
fix: omit default replicas on Kubernetes Deployment (#2816)
ardikabs Mar 8, 2024
5bd86f0
bug: compute endpointType for all protocol types (#2833)
arkodg Mar 8, 2024
af0837e
docs: Routing outside k8s (#2831)
arkodg Mar 8, 2024
2c07d08
build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#…
dependabot[bot] Mar 8, 2024
8bfbb8b
build(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 (#2826)
dependabot[bot] Mar 8, 2024
25ec9e4
build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2…
dependabot[bot] Mar 8, 2024
59adeb8
Fix: failed to create envoy-oidc-hmac secret when upgrading EG (#2835)
zhaohuabing Mar 8, 2024
3ab88ac
build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 (#2829)
dependabot[bot] Mar 8, 2024
08d4441
Ext auth e2e tests (#2830)
zhaohuabing Mar 8, 2024
80018f5
fix existing secret check (#2838)
zirain Mar 8, 2024
87b5408
ci: update k8s matrix (#2836)
zirain Mar 9, 2024
bfb0ee1
e2e: try to fix client timeout flakes (#2812)
zirain Mar 9, 2024
3c2e3b1
feat: Support Upstream TLS to multiple Backends (#2818)
liorokman Mar 9, 2024
47a9e54
e2e: move drain settings into shutdown settings (#2850)
arkodg Mar 9, 2024
19f07c1
docs: mtls to the gateway (#2851)
arkodg Mar 10, 2024
67079b7
ignore finalizers when comparing envoy proxy svc (#2856)
arkodg Mar 10, 2024
deb3742
Chore: remove the uncessary allAssociatedRefGrants from resourceMappi…
zhaohuabing Mar 10, 2024
8722f73
docs: allow users to configure custom certs for control plane auth (#…
zirain Mar 10, 2024
69010d2
add e2e tests for ext auth with grpc auth service (#2841)
zhaohuabing Mar 10, 2024
fa7c76f
fix: Address race condition disrupting graceful shutdown process (#2864)
davidalger Mar 11, 2024
cec67e4
docs: move Design docs under "Get Involved" (#2857)
arkodg Mar 11, 2024
817a5d5
e2e: backend TLS policy (#2853)
guydc Mar 11, 2024
53cb389
Update the user doc for OIDC (#2778)
zhaohuabing Mar 11, 2024
9a2f739
add ADOPTERS.md (#2865)
zhaohuabing Mar 11, 2024
b94e39f
build(deps): bump softprops/action-gh-release from 1 to 2 (#2867)
dependabot[bot] Mar 11, 2024
32bb11a
build(deps): bump github.com/bufbuild/buf from 1.29.0 to 1.30.0 in /t…
dependabot[bot] Mar 11, 2024
0856f66
build(deps): bump github.com/prometheus/common from 0.49.0 to 0.50.0 …
dependabot[bot] Mar 11, 2024
26ddfb0
build(deps): bump fortio.org/fortio from 1.63.3 to 1.63.4 (#2873)
dependabot[bot] Mar 11, 2024
48c19cc
Add tetrate to adopters (#2874)
zhaohuabing Mar 11, 2024
dbabeae
fix: Don't override the ALPN array if HTTP/3 is enabled. (#2876)
liorokman Mar 11, 2024
0141b9f
[e2e] eg release upgrade test (#2862)
alexwo Mar 11, 2024
8aec3f2
Docs for ext auth (#2868)
zhaohuabing Mar 11, 2024
b689ec5
Remove the uncessary \ (#2883)
zhaohuabing Mar 12, 2024
c678bcb
docs: backend tls policy (#2884)
guydc Mar 12, 2024
753bfcb
feat: add PolicyStatus for BackendTrafficPolicy (#2846)
shawnh2 Mar 12, 2024
5fba1a2
Change the Merge behavior to Replace for SecurityPolicy (#2885)
zhaohuabing Mar 12, 2024
3ff6f13
e2e: add weighted backend (#2863)
ShyunnY Mar 12, 2024
76340b5
http3: use service port in alt-svc header (#2886)
arkodg Mar 12, 2024
01a123a
bug: add h3 alpn by default if http3 is enabled (#2887)
arkodg Mar 12, 2024
8d05fb5
fix: prevent policies targeting non-TLS listeners on the same port fr…
liorokman Mar 12, 2024
3793f54
chore: remove ProcessBackendTLSPoliciesAncestorRef (#2845)
zhaohuabing Mar 12, 2024
87eb555
Change the Merge behavior to Replace for BackendTrafficPolicy (#2888)
zhaohuabing Mar 12, 2024
bb0a9a7
shutdown drainTimeout should also affect envoy drain time (#2898)
arkodg Mar 12, 2024
45f52e8
skip publishing empty status for policies (#2902)
arkodg Mar 13, 2024
0549044
docs: multiple gatewayclass and merge gateways deployment mode (#2881)
cnvergence Mar 13, 2024
32fbed3
feat: add PolicyStatus for ClientTrafficPolicy (#2895)
shawnh2 Mar 13, 2024
9a7fd4d
Use gwapiv1a2.PolicyStatus for SecurityPolicy Status (#2848)
zhaohuabing Mar 13, 2024
2aecc89
Fix oidc doc (#2905)
zhaohuabing Mar 13, 2024
b5f4a07
Release v1.0 (#2909)
Xunzhuo Mar 13, 2024
d85e036
fix: deployment-mode doc markdown links (#2912)
cnvergence Mar 13, 2024
600d4fc
fix: QUIC listeners should only advertise HTTP/3 over ALPN, and not H…
liorokman Mar 13, 2024
c734f29
e2e: graceful envoy shutdown (#2839)
guydc Mar 14, 2024
d00efdc
feat: add PolicyStatus for EnvoyPatchPolicy (#2910)
shawnh2 Mar 14, 2024
642b1fb
chore: improve docs-serve (#2920)
zirain Mar 14, 2024
975ef6e
api: increase rate-limit global rules limit (#2906)
ShyunnY Mar 14, 2024
62ecd29
docs: add Envoy Gateway threat model (#2915)
edurra Mar 15, 2024
5679e41
Remove duplicated http filters for ExtAuth (#2893)
zhaohuabing Mar 15, 2024
6e8862c
feat: expose prom port in rl svc (#2914)
ShyunnY Mar 15, 2024
93b7919
blog post for v1.0 (#2923)
arkodg Mar 15, 2024
f543bbb
rm extra "that" from blog (#2928)
arkodg Mar 15, 2024
36505f4
docs: `%s/Application/API/g` (#2929)
arkodg Mar 15, 2024
f52a6f6
Pin version to v1.0.0 in 1.0.0 docs (#2933)
zhaohuabing Mar 15, 2024
62ecf15
Run certgen when upgrading (#2934)
zhaohuabing Mar 15, 2024
6c6f92f
chore: use v1.0.0 as default for upgrade test (#2938)
guydc Mar 15, 2024
d145921
api: connection limits (#2709)
guydc Mar 15, 2024
23fa358
docs: fix name spelling in threat model (#2936)
mrcdb Mar 15, 2024
0f4a9dd
api: support failOpen in ext auth (#2908)
deszhou Mar 15, 2024
df051fa
API: EnvoyExtensionPolicy (#2570)
guydc Mar 16, 2024
46e6ceb
chore: add helm template test (#2935)
zirain Mar 16, 2024
dafbed4
fix: install-egctl doc dead link (#2916)
deszhou Mar 16, 2024
96f7173
chore: fix helm-template (#2943)
zirain Mar 16, 2024
791cdf5
e2e: use default shutdown mgr settings in upgrade test suite (#2946)
guydc Mar 17, 2024
366e990
refactor: collapse eg-metrics-svc into eg-svc (#2932)
ShyunnY Mar 17, 2024
f9a750b
chore: make clean should clean tools/bin (#2945)
zirain Mar 18, 2024
002459c
build(deps): bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#2…
dependabot[bot] Mar 18, 2024
4f6378b
build(deps): bump distroless/static from `49af061` to `55c6361` in /t…
dependabot[bot] Mar 18, 2024
75796af
build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#2959)
dependabot[bot] Mar 18, 2024
8a8369f
build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 (#2957)
dependabot[bot] Mar 18, 2024
a4e33c2
build(deps): bump docker/login-action from 3.0.0 to 3.1.0 (#2958)
dependabot[bot] Mar 18, 2024
36717d7
build(deps): bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (#2962)
dependabot[bot] Mar 18, 2024
2161064
feat: support failOpen in ext auth (#2948)
deszhou Mar 18, 2024
3163eeb
fix: redirect user doc (#2977)
zhaohuabing Mar 19, 2024
6a57cd1
Remove duplicated http filters (#2944)
zhaohuabing Mar 19, 2024
6fa99be
build(deps): bump the k8s-io group with 6 updates (#2961)
dependabot[bot] Mar 19, 2024
655ee5d
chore: set mergedGateways in translator runner (#2971)
cnvergence Mar 20, 2024
1e7562d
api: fix gatewayclass link (#2986)
zirain Mar 20, 2024
0b122bd
refactor: reuse xPolicy status methods for backendTLSPolicy (#2950)
shawnh2 Mar 20, 2024
37b0a48
Add missing secrets testdata for oidc (#2994)
zhaohuabing Mar 21, 2024
c655811
minor change to address a missing comment in #2944 (#2992)
zhaohuabing Mar 21, 2024
4bf9ad7
docs: set up linkinator for doc site (#2990)
zirain Mar 22, 2024
0be74ab
docs: remove latest from ignore list (#2996)
zirain Mar 22, 2024
4afe12b
fix cors e2e test (#3003)
zhaohuabing Mar 24, 2024
e58bb22
fix: do nof forward not matching prefilights to backends (#3002)
zhaohuabing Mar 25, 2024
e880439
Fix: nil secret in resourceversiontable (#2982)
zhaohuabing Mar 25, 2024
84a6873
build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 (#3008)
dependabot[bot] Mar 25, 2024
8641edf
build(deps): bump actions/deploy-pages from 4.0.4 to 4.0.5 (#3007)
dependabot[bot] Mar 25, 2024
1c9b95f
build(deps): bump fortio.org/log from 1.12.0 to 1.12.1 (#3009)
dependabot[bot] Mar 25, 2024
454d3e2
build(deps): bump github.com/golangci/golangci-lint from 1.56.2 to 1.…
dependabot[bot] Mar 25, 2024
80b31aa
build(deps): bump github.com/prometheus/common from 0.50.0 to 0.51.1 …
dependabot[bot] Mar 25, 2024
8478430
docs: fix squash link (#3013)
zirain Mar 25, 2024
088458c
build(deps): bump fortio.org/fortio from 1.63.4 to 1.63.5 (#3011)
dependabot[bot] Mar 25, 2024
9c1fc10
ci: trigger docs action (#3017)
zirain Mar 26, 2024
b98893a
ci: fix cherrypick permission (#2985)
zirain Mar 26, 2024
2882b7c
fix: set path prefix for http ext auth service (#3018)
zhaohuabing Mar 26, 2024
275b5db
feat: add Chinese language support for doc site (#2532)
wilsonwu Mar 26, 2024
decd878
feat(translator): implement connection limit (#2952)
guydc Mar 26, 2024
7f5cbe8
docs: remove 0.1.0 from linkinator ignore list (#3015)
yuluo-yx Mar 26, 2024
10637c1
disable connection limit test (#3025)
zhaohuabing Mar 26, 2024
e1d39c0
fix: use correct connection limit attribute name in e2e, docs (#3028)
guydc Mar 26, 2024
d020ce7
docs: document patches in envoy proxy (#3027)
yaelSchechter Mar 26, 2024
a11aa70
feat(policy): Adding BTP support for UDP/TCPRoute (#3004)
alexwo Mar 26, 2024
f699edf
fix: add missing http filters to the http filter chain (#2970)
zhaohuabing Mar 27, 2024
c1b9f3d
ci: grant pull-requests permission to cherrypick action (#3039)
zirain Mar 28, 2024
97ea4e3
Update ADOPTERS.md for Airspace Link (#3045)
akhenakh Mar 28, 2024
a270dd8
feat: added option to specify resources on the OIDC security policy (…
jaynis Mar 28, 2024
3d51933
fix: allow websockets in url rewrite (#3022)
zetaab Mar 28, 2024
2a38de6
api: support IdleTimeout in clientTrafficPolicy (#3042)
yaelSchechter Mar 28, 2024
cc01bf5
fix: use Patch API for infra-client (#3034)
ardikabs Mar 28, 2024
f9409e4
fix: Allow Policy to attach to multiple http listeners (#2967)
liorokman Mar 28, 2024
7b47c2d
chore: Address unused write and tautological nilness checks (#3053)
davidalger Mar 29, 2024
31b4058
fix: BadRequest error applying JSON access log example (#3054)
davidalger Mar 29, 2024
767348f
test: supplementary metrics test (#3037)
ShyunnY Mar 29, 2024
50d10b5
api: wasm extension (#2877)
zhaohuabing Mar 29, 2024
deea895
api: support buffer limit in clientTrafficPolicy (#2805)
yaelSchechter Mar 29, 2024
ceb697f
Fix: double slashes in redirect URL (#2998)
zhaohuabing Mar 29, 2024
519eb70
feat: HeadersWithUnderscoreActions on ClientTrafficPolicy (#3052)
davidalger Mar 29, 2024
4529700
highlight Gateway API in readme (#3066)
zirain Apr 1, 2024
b653ca7
chore: bump golang to 1.22 (#2793)
Xunzhuo Apr 1, 2024
680f6cf
docs: version desc (#3065)
zirain Apr 1, 2024
7bed6fa
fix: helm-template should explicitly set ns (#3070)
Xunzhuo Apr 1, 2024
4351816
build(deps): bump github.com/golangci/golangci-lint from 1.57.1 to 1.…
dependabot[bot] Apr 1, 2024
0e71149
build(deps): bump distroless/static from `55c6361` to `6732c39` in /t…
dependabot[bot] Apr 1, 2024
5d5bd52
build(deps): bump carloscastrojumo/github-cherry-pick-action from 1.0…
dependabot[bot] Apr 1, 2024
69ffac8
feat: add install and uninstall sub cmd to egctl (#2859)
ShyunnY Apr 1, 2024
a667f23
refactor: reorder fault filter (#3059)
ShyunnY Apr 1, 2024
5a66927
doc: add user guide on how to enable private key provider (#2533)
soulxu Apr 1, 2024
ca62e2c
fix: repeated file generation on every metrics test running (#3077)
ShyunnY Apr 1, 2024
36d7141
fix: do not create infra resources when missing translated listeners …
cnvergence Apr 1, 2024
8f450a9
Set host for http health checker explicitly to avoid using the cluste…
lemonlinger Apr 2, 2024
91c18bc
feat(translator): implement idle timeout in ClientTrafficPolicy (#3056)
yaelSchechter Apr 2, 2024
06e4f39
api: Model OpenTelelemetry Sinks as a BackendRef (#3067)
zirain Apr 2, 2024
9416798
chore: add ignore path for codecov (#3072)
shawnh2 Apr 2, 2024
0f87fcb
feat(translator): Envoy Extension Policy and ExtProc (#2991)
guydc Apr 3, 2024
8fedc77
fixes minor typo in http-routing guide (#3088)
eitansuez Apr 4, 2024
ec0f31b
fixes minor typo in http-routing guide (#3089)
zirain Apr 4, 2024
b9053b8
feat(EG K8S Provider): Enable leader election for EG controller (#2694)
alexwo Apr 4, 2024
0d1ebfd
correct kubectl command to show deployment in envoy-gateway-system na…
Apr 4, 2024
6941624
feat(translator): implement buffer limit support in CTP (#3058)
yaelSchechter Apr 5, 2024
dd034a0
fix: nil leader election (#3096)
zhaohuabing Apr 5, 2024
11f56fd
Change route sorting order to Exact > RegularExpression > PathPrefix …
vixns Apr 5, 2024
07f8a47
feat: configure overload manager (#3082)
shahar-h Apr 5, 2024
b859ec6
ci: pin linkinator version in docs workflow (#3097)
shahar-h Apr 6, 2024
61cab1c
team: remove LanceEA as a gateway-reviewer (#3105)
LanceEa Apr 7, 2024
29946b0
fix: infraIR duplicate port translation for merged gateways (#3061)
cnvergence Apr 7, 2024
5bb7b3f
fixed obsolete links in the docs (#3050)
LiZhenCheng9527 Apr 8, 2024
635ebfc
translator: set SpawnUpstreamSpan to true (#3102)
zirain Apr 8, 2024
7912b1f
run cel validation on different k8s versions (#3101)
zirain Apr 8, 2024
43b7dab
e2e: disable client timeout (#3100)
zirain Apr 8, 2024
a5bedbc
fix: rate limit doesn't work with two(and more) listeners (#3085)
zhaohuabing Apr 8, 2024
e12fdeb
dont fail CI if codecov upload fails (#3123)
arkodg Apr 8, 2024
50052cf
build(deps): bump distroless/static from `6732c39` to `f41b84c` in /t…
dependabot[bot] Apr 8, 2024
36d2948
fix: make setting ratelimit.backend.redis optional (#3128)
arkodg Apr 8, 2024
f48cfab
docs: Translate about page into Chinese (#3035)
wilsonwu Apr 8, 2024
b8b5378
build(deps): bump github.com/prometheus/common from 0.51.1 to 0.52.2 …
dependabot[bot] Apr 8, 2024
b579085
build(deps): bump codecov/codecov-action from 3.1.5 to 4.2.0 (#3115)
dependabot[bot] Apr 8, 2024
f8a8c0b
Revert codecov to v3 (#3132)
arkodg Apr 8, 2024
a58e703
build(deps): bump github.com/bufbuild/buf from 1.30.0 to 1.30.1 in /t…
dependabot[bot] Apr 9, 2024
f0519d9
build(deps): bump peaceiris/actions-hugo from 2.6.0 to 3.0.0 (#3113)
dependabot[bot] Apr 9, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
e2e: add test for jwt claim base routing (envoyproxy#2712)
Signed-off-by: zirain <zirain2009@gmail.com>
zirain authored Feb 29, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
commit 8b0bbd3dcdf7454e9f6b3a5c31d6b64ef37bcbd5
61 changes: 61 additions & 0 deletions test/e2e/testdata/jwt.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: SecurityPolicy
metadata:
name: jwt-example
namespace: gateway-conformance-infra
spec:
targetRef:
group: gateway.networking.k8s.io
kind: HTTPRoute
name: jwt-claim-routing
jwt:
providers:
- name: example
recomputeRoute: true
claimToHeaders:
- claim: sub
header: x-sub
- claim: admin
header: x-admin
- claim: name
header: x-name
remoteJWKS:
uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/jwt/jwks.json
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: jwt-claim-routing
namespace: gateway-conformance-infra
spec:
parentRefs:
- name: same-namespace
rules:
- backendRefs:
- kind: Service
name: infra-backend-v1
port: 8080
weight: 1
matches:
- headers:
- name: x-name
value: John Doe
- backendRefs:
- kind: Service
name: infra-backend-v2
port: 8080
weight: 1
matches:
- headers:
- name: x-name
value: Tom
# catch all
- backendRefs:
- kind: Service
name: infra-backend-invalid
port: 8080
weight: 1
matches:
- path:
type: PathPrefix
value: /
110 changes: 110 additions & 0 deletions test/e2e/tests/jwt.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
// Copyright Envoy Gateway Authors
// SPDX-License-Identifier: Apache-2.0
// The full text of the Apache license is available in the LICENSE file at
// the root of the repo.

//go:build e2e
// +build e2e

package tests

import (
"testing"

"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/gateway-api/conformance/utils/http"
"sigs.k8s.io/gateway-api/conformance/utils/kubernetes"
"sigs.k8s.io/gateway-api/conformance/utils/suite"
)

func init() {
ConformanceTests = append(ConformanceTests, JWTTest)
}

const (
// from examples/kubernetes/jwt/test.jwt
// nolint: gosec
v1Token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.NHVaYe26MbtOYhSKkoKYdFVomg4i8ZJd8_-RU8VNbftc4TSMb4bXP3l3YlNWACwyXPGffz5aXHc6lty1Y2t4SWRqGteragsVdZufDn5BlnJl9pdR_kdVFUsra2rWKEofkZeIC4yWytE58sMIihvo9H1ScmmVwBcQP6XETqYd0aSHp1gOa9RdUPDvoXQ5oqygTqVtxaDr6wUFKrKItgBMzWIdNZ6y7O9E0DhEPTbE9rfBo6KTFsHAZnMg4k68CDp2woYIaXbmYTWcvbzIuHO7_37GT79XdIwkm95QJ7hYC9RiwrV7mesbY4PAahERJawntho0my942XheVLmGwLMBkQ"
// from examples/kubernetes/jwt/with-different-claim.jwt
// nolint: gosec
v2Token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IlRvbSIsImFkbWluIjp0cnVlLCJpYXQiOjE1MTYyMzkwMjJ9.kyzDDSo7XpweSPU1lxoI9IHzhTBrRNlnmcW9lmCbloZELShg-8isBx4AFoM4unXZTHpS_Y24y0gmd4nDQxgUE-CgjVSnGCb0Xhy3WO1gm9iChoKDyyQ3kHp98EmKxTyxKG2X9GyKcDFNBDjH12OBD7TcJUaBEvLf6Jw1SG2A7FakUPWeK04DQ916-ROylzI6qKyaZ0OpfYIbijvyAQxlQRxxs2XHlAkLdJhfVcUqJBwsFTbwHYARC-WNgd2_etAk1GWdwwZ_NoTmRzZAMryrYJpHY9KPlbnZ93Ye3o9h2viBQ_XRb7JBkWnAGYO4_KswpJWE_7ROUVj8iOJo2jfY6w"
// nolint: gosec
anotherToken = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkplcnJ5IiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.VKLURpaPLWanwE5xoGTfuYKqT9a91Fg1tRBAOyFzNa5t9SbtK8As7-3iJg4f_VlBHj13OeKjfpDEvgLerIt5TKnU708YKERB45di_7TNURoiVZayq3_gFznMqoSarP3irLDzh0YKUjc7Vuh3MX99fueTdbeA-c4pMhG_nwiFeRJhZNQQDzzKtmL9C_L2uwP4bDupmcYz6FAA2EN_r67WoXCjPWQoRQmE435EVQ-FYKgAR7qZ5TdjoSN91ByRQ7Ior9srPl7gOvjuaRbu7fjC-LT7wRE26v2vu-BCM2PveJf2NMobNb8q0pcmpB1TWhSXp1MIZs9yxbqEAZLOumYfUw"
)

var JWTTest = suite.ConformanceTest{
ShortName: "JWT",
Description: "JWT Claim",
Manifests: []string{"testdata/jwt.yaml"},
Test: func(t *testing.T, suite *suite.ConformanceTestSuite) {
t.Run("jwt claim base routing", func(t *testing.T) {
ns := "gateway-conformance-infra"
routeNN := types.NamespacedName{Name: "jwt-claim-routing", Namespace: ns}
gwNN := types.NamespacedName{Name: "same-namespace", Namespace: ns}
gwAddr := kubernetes.GatewayAndHTTPRoutesMustBeAccepted(t, suite.Client, suite.TimeoutConfig, suite.ControllerName, kubernetes.NewGatewayRef(gwNN), routeNN)

testCases := []http.ExpectedResponse{
{
Request: http.Request{
Path: "/get",
Headers: map[string]string{
"Authorization": "Bearer " + v1Token,
},
},
Backend: "infra-backend-v1",
Response: http.Response{
StatusCode: 200,
},
Namespace: ns,
},
{
Request: http.Request{
Path: "/get",
Headers: map[string]string{
"Authorization": "Bearer " + v2Token,
},
},
Backend: "infra-backend-v2",
Response: http.Response{
StatusCode: 200,
},
Namespace: ns,
},
{
Request: http.Request{
Path: "/get",
Headers: map[string]string{
"Authorization": "Bearer " + anotherToken,
},
},
Backend: "infra-backend-v1",
Response: http.Response{
StatusCode: 500,
},
Namespace: ns,
},
{
Request: http.Request{
Path: "/get",
Headers: map[string]string{
"x-name": "Tom",
},
},
Backend: "infra-backend-v2",
Response: http.Response{
StatusCode: 401,
},
Namespace: ns,
},
}

for i := range testCases {
tc := testCases[i]
t.Run(tc.GetTestCaseName(i), func(t *testing.T) {
t.Parallel()
http.MakeRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, tc)
})
}
})
},
}