From 38e30b55425d0073c81ddf61bc67925466defe43 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Feb 2025 16:37:46 -0800 Subject: [PATCH 01/11] build(deps): bump github.com/miekg/dns from 1.1.62 to 1.1.63 (#5243) Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.62 to 1.1.63. - [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release) - [Commits](https://github.com/miekg/dns/compare/v1.1.62...v1.1.63) --- updated-dependencies: - dependency-name: github.com/miekg/dns dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index f91e6d1f6e2..80440c374cf 100644 --- a/go.mod +++ b/go.mod @@ -32,7 +32,7 @@ require ( github.com/google/go-cmp v0.6.0 github.com/google/go-containerregistry v0.20.3 github.com/hashicorp/go-multierror v1.1.1 - github.com/miekg/dns v1.1.62 + github.com/miekg/dns v1.1.63 github.com/ohler55/ojg v1.26.1 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.20.5 diff --git a/go.sum b/go.sum index af37e4b1a79..345f388310c 100644 --- a/go.sum +++ b/go.sum @@ -578,8 +578,8 @@ github.com/mdlayher/socket v0.4.1 h1:eM9y2/jlbs1M615oshPQOHZzj6R6wMT7bX5NPiQvn2U github.com/mdlayher/socket v0.4.1/go.mod h1:cAqeGjoufqdxWkD7DkpyS+wcefOtmu5OQ8KuoJGIReA= github.com/microsoft/go-mssqldb v1.7.2 h1:CHkFJiObW7ItKTJfHo1QX7QBBD1iV+mn1eOyRP3b/PA= github.com/microsoft/go-mssqldb v1.7.2/go.mod h1:kOvZKUdrhhFQmxLZqbwUV0rHkNkZpthMITIb2Ko1IoA= -github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ= -github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ= +github.com/miekg/dns v1.1.63 h1:8M5aAw6OMZfFXTT7K5V0Eu5YiiL8l7nUAkyN6C9YwaY= +github.com/miekg/dns v1.1.63/go.mod h1:6NGHfjhpmr5lt3XPLuyfDJi5AXbNIPM9PY6H6sF1Nfs= github.com/mistifyio/go-zfs/v3 v3.0.1 h1:YaoXgBePoMA12+S1u/ddkv+QqxcfiZK4prI6HPnkFiU= github.com/mistifyio/go-zfs/v3 v3.0.1/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= From 953f3504dcbd5b6cd7e319e218eb523ceea99497 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Feb 2025 09:37:32 +0800 Subject: [PATCH 02/11] build(deps): bump the golang-org group across 2 directories with 2 updates (#5239) Bumps the golang-org group with 2 updates in the / directory: [golang.org/x/sys](https://github.com/golang/sys) and google.golang.org/protobuf. Bumps the golang-org group with 2 updates in the /examples/extension-server directory: [golang.org/x/sys](https://github.com/golang/sys) and google.golang.org/protobuf. Updates `golang.org/x/sys` from 0.29.0 to 0.30.0 - [Commits](https://github.com/golang/sys/compare/v0.29.0...v0.30.0) Updates `google.golang.org/protobuf` from 1.36.4 to 1.36.5 Updates `golang.org/x/sys` from 0.29.0 to 0.30.0 - [Commits](https://github.com/golang/sys/compare/v0.29.0...v0.30.0) Updates `google.golang.org/protobuf` from 1.36.4 to 1.36.5 --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-org - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang-org - dependency-name: golang.org/x/sys dependency-type: indirect update-type: version-update:semver-minor dependency-group: golang-org - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang-org ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- examples/extension-server/go.mod | 4 ++-- examples/extension-server/go.sum | 8 ++++---- go.mod | 4 ++-- go.sum | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/examples/extension-server/go.mod b/examples/extension-server/go.mod index 9f25439f54b..156f1a9e1e1 100644 --- a/examples/extension-server/go.mod +++ b/examples/extension-server/go.mod @@ -8,7 +8,7 @@ require ( github.com/envoyproxy/go-control-plane/envoy v1.32.3 github.com/urfave/cli/v2 v2.27.5 google.golang.org/grpc v1.70.0 - google.golang.org/protobuf v1.36.4 + google.golang.org/protobuf v1.36.5 k8s.io/apimachinery v0.32.1 sigs.k8s.io/controller-runtime v0.20.1 sigs.k8s.io/gateway-api v1.2.1 @@ -33,7 +33,7 @@ require ( github.com/x448/float16 v0.8.4 // indirect github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect golang.org/x/net v0.34.0 // indirect - golang.org/x/sys v0.29.0 // indirect + golang.org/x/sys v0.30.0 // indirect golang.org/x/text v0.21.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f // indirect diff --git a/examples/extension-server/go.sum b/examples/extension-server/go.sum index 1221fef5f2d..a931cc49271 100644 --- a/examples/extension-server/go.sum +++ b/examples/extension-server/go.sum @@ -106,8 +106,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= @@ -128,8 +128,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f h1: google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f/go.mod h1:+2Yz8+CLJbIfL9z73EW45avw8Lmge3xVElCP9zEKi50= google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ= google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw= -google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM= -google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/go.mod b/go.mod index 80440c374cf..1e7bccefe71 100644 --- a/go.mod +++ b/go.mod @@ -57,10 +57,10 @@ require ( go.uber.org/zap v1.27.0 golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e golang.org/x/net v0.34.0 - golang.org/x/sys v0.29.0 + golang.org/x/sys v0.30.0 google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f google.golang.org/grpc v1.70.0 - google.golang.org/protobuf v1.36.4 + google.golang.org/protobuf v1.36.5 gopkg.in/yaml.v3 v3.0.1 helm.sh/helm/v3 v3.17.0 k8s.io/api v0.32.1 diff --git a/go.sum b/go.sum index 345f388310c..14b901efb7b 100644 --- a/go.sum +++ b/go.sum @@ -1039,8 +1039,8 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1114,8 +1114,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM= -google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20160105164936-4f90aeace3a2/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From b2519fc57c53248c2c1beeb3dac8d229920fcfc1 Mon Sep 17 00:00:00 2001 From: sh2 Date: Tue, 11 Feb 2025 09:39:02 +0800 Subject: [PATCH 03/11] fix: implement num-route-per-host for benchmark scale_httproutes case (#5235) * implement num-route-per-host for benchmark scale httproutes test Signed-off-by: shawnh2 * fix job name Signed-off-by: shawnh2 * refactor the test suite and polish the benchmark report Signed-off-by: shawnh2 * fix lint Signed-off-by: shawnh2 --------- Signed-off-by: shawnh2 --- test/benchmark/config/httproute.yaml | 2 +- test/benchmark/suite/suite.go | 37 ++++++++++++++++------- test/benchmark/tests/scale_httproutes.go | 38 +++++++++++++----------- 3 files changed, 48 insertions(+), 29 deletions(-) diff --git a/test/benchmark/config/httproute.yaml b/test/benchmark/config/httproute.yaml index b422d4f2d85..711c482eeb7 100644 --- a/test/benchmark/config/httproute.yaml +++ b/test/benchmark/config/httproute.yaml @@ -7,7 +7,7 @@ spec: parentRefs: - name: "{REF_GATEWAY_NAME}" hostnames: - - "www.benchmark.com" + - "{HTTPROUTE_HOSTNAME}" rules: - backendRefs: - group: "" diff --git a/test/benchmark/suite/suite.go b/test/benchmark/suite/suite.go index 014d841798a..80a6ff1daf2 100644 --- a/test/benchmark/suite/suite.go +++ b/test/benchmark/suite/suite.go @@ -160,7 +160,7 @@ func (b *BenchmarkTestSuite) Run(t *testing.T, tests []BenchmarkTest) { // Generate a human-readable benchmark report for each test. t.Logf("Got %d reports for test: %s", len(reports), test.ShortName) - if err := RenderReport(writer, "Test: "+test.ShortName, test.Description, 2, reports); err != nil { + if err := RenderReport(writer, test.ShortName, test.Description, 2, reports); err != nil { t.Errorf("Error generating report for %s: %v", test.ShortName, err) } } @@ -182,10 +182,15 @@ func (b *BenchmarkTestSuite) Run(t *testing.T, tests []BenchmarkTest) { // TODO: currently running benchmark test via nighthawk_client, // consider switching to gRPC nighthawk-service for benchmark test. // ref: https://github.com/envoyproxy/nighthawk/blob/main/api/client/service.proto -func (b *BenchmarkTestSuite) Benchmark(t *testing.T, ctx context.Context, name, gatewayHostPort string, requestHeaders ...string) (*BenchmarkReport, error) { - t.Logf("Running benchmark test: %s", name) +func (b *BenchmarkTestSuite) Benchmark(t *testing.T, ctx context.Context, jobName, resultTitle, gatewayHostPort, hostnamePattern string, host int) (*BenchmarkReport, error) { + t.Logf("Running benchmark test: %s", resultTitle) - jobNN, err := b.createBenchmarkClientJob(ctx, name, gatewayHostPort, requestHeaders...) + requestHeaders := make([]string, 0, host) + // hostname index starts with 1 + for i := 1; i <= host; i++ { + requestHeaders = append(requestHeaders, "Host: "+fmt.Sprintf(hostnamePattern, i)) + } + jobNN, err := b.createBenchmarkClientJob(ctx, jobName, gatewayHostPort, requestHeaders) if err != nil { return nil, err } @@ -214,7 +219,7 @@ func (b *BenchmarkTestSuite) Benchmark(t *testing.T, ctx context.Context, name, } } - t.Logf("Job %s still not complete", name) + t.Logf("Job %s still not complete", jobName) return false, nil }); err != nil { @@ -223,9 +228,9 @@ func (b *BenchmarkTestSuite) Benchmark(t *testing.T, ctx context.Context, name, return nil, err } - t.Logf("Running benchmark test: %s successfully", name) + t.Logf("Running benchmark test: %s successfully", resultTitle) - report, err := NewBenchmarkReport(name, path.Join(b.ReportSaveDir, "profiles"), b.kubeClient, b.promClient) + report, err := NewBenchmarkReport(resultTitle, path.Join(b.ReportSaveDir, "profiles"), b.kubeClient, b.promClient) if err != nil { return nil, fmt.Errorf("failed to create benchmark report: %w", err) } @@ -238,14 +243,14 @@ func (b *BenchmarkTestSuite) Benchmark(t *testing.T, ctx context.Context, name, return report, nil } -func (b *BenchmarkTestSuite) createBenchmarkClientJob(ctx context.Context, name, gatewayHostPort string, requestHeaders ...string) (*types.NamespacedName, error) { +func (b *BenchmarkTestSuite) createBenchmarkClientJob(ctx context.Context, name, gatewayHostPort string, requestHeaders []string) (*types.NamespacedName, error) { job := b.BenchmarkClientJob.DeepCopy() job.SetName(name) job.SetLabels(map[string]string{ BenchmarkTestClientKey: "true", }) - runtimeArgs := prepareBenchmarkClientRuntimeArgs(gatewayHostPort, requestHeaders...) + runtimeArgs := prepareBenchmarkClientRuntimeArgs(gatewayHostPort, requestHeaders) container := &job.Spec.Template.Spec.Containers[0] container.Args = append(container.Args, runtimeArgs...) @@ -266,7 +271,7 @@ func prepareBenchmarkClientStaticArgs(options BenchmarkOptions) []string { return staticArgs } -func prepareBenchmarkClientRuntimeArgs(gatewayHostPort string, requestHeaders ...string) []string { +func prepareBenchmarkClientRuntimeArgs(gatewayHostPort string, requestHeaders []string) []string { args := make([]string, 0, len(requestHeaders)*2+1) for _, reqHeader := range requestHeaders { @@ -284,7 +289,7 @@ func prepareBenchmarkClientRuntimeArgs(gatewayHostPort string, requestHeaders .. // has been created successfully. // // All created scaled resources will be labeled with BenchmarkTestScaledKey. -func (b *BenchmarkTestSuite) ScaleUpHTTPRoutes(ctx context.Context, scaleRange [2]uint16, routeNameFormat, refGateway string, afterCreation func(*gwapiv1.HTTPRoute)) error { +func (b *BenchmarkTestSuite) ScaleUpHTTPRoutes(ctx context.Context, scaleRange [2]uint16, routeNameFormat, routeHostnameFormat, refGateway string, batchNumPerHost uint16, afterCreation func(*gwapiv1.HTTPRoute)) error { var i, begin, end uint16 begin, end = scaleRange[0], scaleRange[1] @@ -292,12 +297,16 @@ func (b *BenchmarkTestSuite) ScaleUpHTTPRoutes(ctx context.Context, scaleRange [ return fmt.Errorf("got wrong scale range, %d is not greater than %d", end, begin) } + var counterPerBatch, currentBatch uint16 = 0, 1 for i = begin + 1; i <= end; i++ { routeName := fmt.Sprintf(routeNameFormat, i) + routeHostname := fmt.Sprintf(routeHostnameFormat, currentBatch) + newRoute := b.HTTPRouteTemplate.DeepCopy() newRoute.SetName(routeName) newRoute.SetLabels(b.scaledLabels) newRoute.Spec.ParentRefs[0].Name = gwapiv1.ObjectName(refGateway) + newRoute.Spec.Hostnames[0] = gwapiv1.Hostname(routeHostname) if err := b.CreateResource(ctx, newRoute); err != nil { return err @@ -306,6 +315,12 @@ func (b *BenchmarkTestSuite) ScaleUpHTTPRoutes(ctx context.Context, scaleRange [ if afterCreation != nil { afterCreation(newRoute) } + + counterPerBatch++ + if counterPerBatch == batchNumPerHost { + counterPerBatch = 0 + currentBatch++ + } } return nil diff --git a/test/benchmark/tests/scale_httproutes.go b/test/benchmark/tests/scale_httproutes.go index 1431032bcec..f9f381f0756 100644 --- a/test/benchmark/tests/scale_httproutes.go +++ b/test/benchmark/tests/scale_httproutes.go @@ -26,15 +26,13 @@ func init() { var ScaleHTTPRoutes = suite.BenchmarkTest{ ShortName: "ScaleHTTPRoute", - Description: "Fixed one Gateway and different scales of HTTPRoutes.", + Description: "Fixed one Gateway and different scales of HTTPRoutes with different portion of hostnames.", Test: func(t *testing.T, bSuite *suite.BenchmarkTestSuite) (reports []*suite.BenchmarkReport) { var ( - ctx = context.Background() - ns = "benchmark-test" - err error - requestHeaders = []string{ - "Host: www.benchmark.com", - } + ctx = context.Background() + ns = "benchmark-test" + totalHosts uint16 = 5 + err error ) gatewayNN := types.NamespacedName{Name: "benchmark", Namespace: ns} @@ -44,6 +42,7 @@ var ScaleHTTPRoutes = suite.BenchmarkTest{ require.NoError(t, err) routeNameFormat := "benchmark-route-%d" + routeHostnameFormat := "www.benchmark-%d.com" routeScales := []uint16{10, 50, 100, 300, 500, 1000} routeScalesN := len(routeScales) routeNNs := make([]types.NamespacedName, 0, routeScales[routeScalesN-1]) @@ -51,24 +50,28 @@ var ScaleHTTPRoutes = suite.BenchmarkTest{ bSuite.RegisterCleanup(t, ctx, gateway, &gwapiv1.HTTPRoute{}) t.Run("scaling up httproutes", func(t *testing.T) { - var start uint16 = 0 + var start, batch uint16 = 0, 0 for _, scale := range routeScales { - t.Run(fmt.Sprintf("scaling up httproutes to %d", scale), func(t *testing.T) { - err = bSuite.ScaleUpHTTPRoutes(ctx, [2]uint16{start, scale}, routeNameFormat, gatewayNN.Name, func(route *gwapiv1.HTTPRoute) { + routePerHost := scale / totalHosts + testName := fmt.Sprintf("scaling up httproutes to %d with %d routes per hostname", scale, routePerHost) + + t.Run(testName, func(t *testing.T) { + err = bSuite.ScaleUpHTTPRoutes(ctx, [2]uint16{start, scale}, routeNameFormat, routeHostnameFormat, gatewayNN.Name, routePerHost-batch, func(route *gwapiv1.HTTPRoute) { routeNN := types.NamespacedName{Name: route.Name, Namespace: route.Namespace} routeNNs = append(routeNNs, routeNN) - t.Logf("Create HTTPRoute: %s", routeNN.String()) + t.Logf("Create HTTPRoute: %s with hostname %s", routeNN.String(), route.Spec.Hostnames[0]) }) require.NoError(t, err) start = scale + batch = routePerHost gatewayAddr := kubernetes.GatewayAndHTTPRoutesMustBeAccepted(t, bSuite.Client, bSuite.TimeoutConfig, bSuite.ControllerName, kubernetes.NewGatewayRef(gatewayNN), routeNNs...) // Run benchmark test at different scale. - name := fmt.Sprintf("scale-up-httproutes-%d", scale) - report, err := bSuite.Benchmark(t, ctx, name, gatewayAddr, requestHeaders...) + jobName := fmt.Sprintf("scale-up-httproutes-%d", scale) + report, err := bSuite.Benchmark(t, ctx, jobName, testName, gatewayAddr, routeHostnameFormat, int(totalHosts)) require.NoError(t, err) reports = append(reports, report) @@ -78,11 +81,12 @@ var ScaleHTTPRoutes = suite.BenchmarkTest{ t.Run("scaling down httproutes", func(t *testing.T) { start := routeScales[routeScalesN-1] - for i := routeScalesN - 2; i >= 0; i-- { scale := routeScales[i] + routePerHost := scale / totalHosts + testName := fmt.Sprintf("scaling down httproutes to %d with %d routes per hostname", scale, routePerHost) - t.Run(fmt.Sprintf("scaling down httproutes to %d", scale), func(t *testing.T) { + t.Run(testName, func(t *testing.T) { err = bSuite.ScaleDownHTTPRoutes(ctx, [2]uint16{start, scale}, routeNameFormat, gatewayNN.Name, func(route *gwapiv1.HTTPRoute) { routeNN := routeNNs[len(routeNNs)-1] routeNNs = routeNNs[:len(routeNNs)-1] @@ -99,8 +103,8 @@ var ScaleHTTPRoutes = suite.BenchmarkTest{ bSuite.ControllerName, kubernetes.NewGatewayRef(gatewayNN), routeNNs...) // Run benchmark test at different scale. - name := fmt.Sprintf("scale-down-httproutes-%d", scale) - report, err := bSuite.Benchmark(t, ctx, name, gatewayAddr, requestHeaders...) + jobName := fmt.Sprintf("scale-down-httproutes-%d", scale) + report, err := bSuite.Benchmark(t, ctx, jobName, testName, gatewayAddr, routeHostnameFormat, int(totalHosts)) require.NoError(t, err) reports = append(reports, report) From 850eb59b08a00f7e1f84015659ad2b0801a86ad4 Mon Sep 17 00:00:00 2001 From: Arko Dasgupta Date: Mon, 10 Feb 2025 18:08:27 -0800 Subject: [PATCH 04/11] docs: fix config for api key (#5250) the namespace of the secret was set to `envoy-gateway-system` and was set in a different namespace than the SecurityPolicy Fixes: https://github.com/envoyproxy/gateway/issues/5245 Signed-off-by: Arko Dasgupta --- site/content/en/docs/tasks/security/apikey-auth.md | 4 ---- site/content/en/latest/tasks/security/apikey-auth.md | 4 ---- site/content/en/v1.3/tasks/security/apikey-auth.md | 4 ---- 3 files changed, 12 deletions(-) diff --git a/site/content/en/docs/tasks/security/apikey-auth.md b/site/content/en/docs/tasks/security/apikey-auth.md index 9d934635b54..68913cb8aab 100644 --- a/site/content/en/docs/tasks/security/apikey-auth.md +++ b/site/content/en/docs/tasks/security/apikey-auth.md @@ -33,7 +33,6 @@ kind: Secret type: Opaque metadata: name: apikey-secret - namespace: envoy-gateway-system stringData: client1: supersecret EOF @@ -50,7 +49,6 @@ kind: Secret type: Opaque metadata: name: apikey-secret - namespace: envoy-gateway-system stringData: client1: supersecret ``` @@ -82,7 +80,6 @@ spec: - group: "" kind: Secret name: apikey-secret - namespace: envoy-gateway-system extractFrom: - headers: - x-api-key @@ -109,7 +106,6 @@ spec: - group: "" kind: Secret name: apikey-secret - namespace: envoy-gateway-system extractFrom: - headers: - x-api-key diff --git a/site/content/en/latest/tasks/security/apikey-auth.md b/site/content/en/latest/tasks/security/apikey-auth.md index 9d934635b54..68913cb8aab 100644 --- a/site/content/en/latest/tasks/security/apikey-auth.md +++ b/site/content/en/latest/tasks/security/apikey-auth.md @@ -33,7 +33,6 @@ kind: Secret type: Opaque metadata: name: apikey-secret - namespace: envoy-gateway-system stringData: client1: supersecret EOF @@ -50,7 +49,6 @@ kind: Secret type: Opaque metadata: name: apikey-secret - namespace: envoy-gateway-system stringData: client1: supersecret ``` @@ -82,7 +80,6 @@ spec: - group: "" kind: Secret name: apikey-secret - namespace: envoy-gateway-system extractFrom: - headers: - x-api-key @@ -109,7 +106,6 @@ spec: - group: "" kind: Secret name: apikey-secret - namespace: envoy-gateway-system extractFrom: - headers: - x-api-key diff --git a/site/content/en/v1.3/tasks/security/apikey-auth.md b/site/content/en/v1.3/tasks/security/apikey-auth.md index 9d934635b54..68913cb8aab 100644 --- a/site/content/en/v1.3/tasks/security/apikey-auth.md +++ b/site/content/en/v1.3/tasks/security/apikey-auth.md @@ -33,7 +33,6 @@ kind: Secret type: Opaque metadata: name: apikey-secret - namespace: envoy-gateway-system stringData: client1: supersecret EOF @@ -50,7 +49,6 @@ kind: Secret type: Opaque metadata: name: apikey-secret - namespace: envoy-gateway-system stringData: client1: supersecret ``` @@ -82,7 +80,6 @@ spec: - group: "" kind: Secret name: apikey-secret - namespace: envoy-gateway-system extractFrom: - headers: - x-api-key @@ -109,7 +106,6 @@ spec: - group: "" kind: Secret name: apikey-secret - namespace: envoy-gateway-system extractFrom: - headers: - x-api-key From c4920899659e75ceb342df02665e1b484eb0ecbc Mon Sep 17 00:00:00 2001 From: Isaac <10012479+jukie@users.noreply.github.com> Date: Mon, 10 Feb 2025 21:28:07 -0700 Subject: [PATCH 05/11] feat: Add support for MaxUnavailable in KubernetesPodDisruptionBudgetSpec (#5209) * Add support for MaxUnavailable in PDB Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * linting Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * remove tmpcharts Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * Use IntOrString to provide support for percentage Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * gen-check Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * lint Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * fix default case, remove linting changes from non-relevant files Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * Update shared_types.go Co-authored-by: Arko Dasgupta Signed-off-by: Isaac <10012479+jukie@users.noreply.github.com> * regen site docs Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * gen-check Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * cel-validation and description typos Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> * Add passing PDB spec Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> --------- Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com> Signed-off-by: Isaac <10012479+jukie@users.noreply.github.com> Signed-off-by: Arko Dasgupta Co-authored-by: Arko Dasgupta Co-authored-by: zirain --- api/v1alpha1/shared_types.go | 15 +++++-- api/v1alpha1/zz_generated.deepcopy.go | 8 +++- .../gateway.envoyproxy.io_envoyproxies.yaml | 24 +++++++++-- .../kubernetes/proxy/resource_provider.go | 21 +++++++--- .../proxy/resource_provider_test.go | 40 +++++++++++++++++-- .../testdata/pdb/max-unavailable-percent.yaml | 14 +++++++ .../proxy/testdata/pdb/max-unavailable.yaml | 14 +++++++ .../testdata/pdb/min-available-percent.yaml | 14 +++++++ .../testdata/pdb/patch-pdb-no-minmax.yaml | 10 +++++ release-notes/current.yaml | 1 + site/content/en/latest/api/extension_types.md | 3 +- site/content/zh/latest/api/extension_types.md | 3 +- test/cel-validation/envoyproxy_test.go | 34 ++++++++++++++++ 13 files changed, 182 insertions(+), 19 deletions(-) create mode 100644 internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable-percent.yaml create mode 100644 internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable.yaml create mode 100644 internal/infrastructure/kubernetes/proxy/testdata/pdb/min-available-percent.yaml create mode 100644 internal/infrastructure/kubernetes/proxy/testdata/pdb/patch-pdb-no-minmax.yaml diff --git a/api/v1alpha1/shared_types.go b/api/v1alpha1/shared_types.go index 1c8f9a3aae3..3f356755e85 100644 --- a/api/v1alpha1/shared_types.go +++ b/api/v1alpha1/shared_types.go @@ -11,6 +11,7 @@ import ( corev1 "k8s.io/api/core/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/api/resource" + "k8s.io/apimachinery/pkg/util/intstr" gwapiv1 "sigs.k8s.io/gateway-api/apis/v1" ) @@ -400,12 +401,20 @@ const ( ) // KubernetesPodDisruptionBudgetSpec defines Kubernetes PodDisruptionBudget settings of Envoy Proxy Deployment. +// +// +kubebuilder:validation:XValidation:rule="(has(self.minAvailable) && !has(self.maxUnavailable)) || (!has(self.minAvailable) && has(self.maxUnavailable))",message="only one of minAvailable or maxUnavailable can be specified" type KubernetesPodDisruptionBudgetSpec struct { - // MinAvailable specifies the minimum number of pods that must be available at all times during voluntary disruptions, + // MinAvailable specifies the minimum amount of pods (can be expressed as integers or as a percentage) that must be available at all times during voluntary disruptions, + // such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability + // and resilience during maintenance operations. Cannot be combined with maxUnavailable. + // +optional + MinAvailable *intstr.IntOrString `json:"minAvailable,omitempty"` + + // MaxUnavailable specifies the maximum amount of pods (can be expressed as integers or as a percentage) that can be unavailable at all times during voluntary disruptions, // such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability - // and resilience during maintenance operations. + // and resilience during maintenance operations. Cannot be combined with minAvailable. // +optional - MinAvailable *int32 `json:"minAvailable,omitempty"` + MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty"` // Patch defines how to perform the patch operation to the PodDisruptionBudget // diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 69531024a76..f26bbf4579a 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -16,6 +16,7 @@ import ( apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" "sigs.k8s.io/gateway-api/apis/v1" "sigs.k8s.io/gateway-api/apis/v1alpha2" ) @@ -3707,7 +3708,12 @@ func (in *KubernetesPodDisruptionBudgetSpec) DeepCopyInto(out *KubernetesPodDisr *out = *in if in.MinAvailable != nil { in, out := &in.MinAvailable, &out.MinAvailable - *out = new(int32) + *out = new(intstr.IntOrString) + **out = **in + } + if in.MaxUnavailable != nil { + in, out := &in.MaxUnavailable, &out.MaxUnavailable + *out = new(intstr.IntOrString) **out = **in } if in.Patch != nil { diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyproxies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyproxies.yaml index 7ba4805cee1..391fb3147a7 100644 --- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyproxies.yaml +++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyproxies.yaml @@ -10226,13 +10226,24 @@ spec: description: EnvoyPDB allows to control the pod disruption budget of an Envoy Proxy. properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + MaxUnavailable specifies the maximum amount of pods (can be expressed as integers or as a percentage) that can be unavailable at all times during voluntary disruptions, + such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability + and resilience during maintenance operations. Cannot be combined with minAvailable. + x-kubernetes-int-or-string: true minAvailable: + anyOf: + - type: integer + - type: string description: |- - MinAvailable specifies the minimum number of pods that must be available at all times during voluntary disruptions, + MinAvailable specifies the minimum amount of pods (can be expressed as integers or as a percentage) that must be available at all times during voluntary disruptions, such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability - and resilience during maintenance operations. - format: int32 - type: integer + and resilience during maintenance operations. Cannot be combined with maxUnavailable. + x-kubernetes-int-or-string: true patch: description: Patch defines how to perform the patch operation to the PodDisruptionBudget @@ -10251,6 +10262,11 @@ spec: - value type: object type: object + x-kubernetes-validations: + - message: only one of minAvailable or maxUnavailable can + be specified + rule: (has(self.minAvailable) && !has(self.maxUnavailable)) + || (!has(self.minAvailable) && has(self.maxUnavailable)) envoyService: description: |- EnvoyService defines the desired state of the Envoy service resource. diff --git a/internal/infrastructure/kubernetes/proxy/resource_provider.go b/internal/infrastructure/kubernetes/proxy/resource_provider.go index 4bbfc69f3e7..c769cde808f 100644 --- a/internal/infrastructure/kubernetes/proxy/resource_provider.go +++ b/internal/infrastructure/kubernetes/proxy/resource_provider.go @@ -432,7 +432,7 @@ func (r *ResourceRender) PodDisruptionBudgetSpec() (*egv1a1.KubernetesPodDisrupt } podDisruptionBudget := provider.GetEnvoyProxyKubeProvider().EnvoyPDB - if podDisruptionBudget == nil || podDisruptionBudget.MinAvailable == nil { + if podDisruptionBudget == nil || podDisruptionBudget.MinAvailable == nil && podDisruptionBudget.MaxUnavailable == nil && podDisruptionBudget.Patch == nil { return nil, nil } @@ -441,11 +441,23 @@ func (r *ResourceRender) PodDisruptionBudgetSpec() (*egv1a1.KubernetesPodDisrupt func (r *ResourceRender) PodDisruptionBudget() (*policyv1.PodDisruptionBudget, error) { podDisruptionBudgetConfig, err := r.PodDisruptionBudgetSpec() - // If podDisruptionBudget config is nil or MinAvailable is nil, ignore PodDisruptionBudget. + // If podDisruptionBudget config is nil, ignore PodDisruptionBudget. if podDisruptionBudgetConfig == nil { return nil, err } + pdbSpec := policyv1.PodDisruptionBudgetSpec{ + Selector: r.stableSelector(), + } + switch { + case podDisruptionBudgetConfig.MinAvailable != nil: + pdbSpec.MinAvailable = podDisruptionBudgetConfig.MinAvailable + case podDisruptionBudgetConfig.MaxUnavailable != nil: + pdbSpec.MaxUnavailable = podDisruptionBudgetConfig.MaxUnavailable + default: + pdbSpec.MinAvailable = &intstr.IntOrString{Type: intstr.Int, IntVal: 0} + } + podDisruptionBudget := &policyv1.PodDisruptionBudget{ ObjectMeta: metav1.ObjectMeta{ Name: r.Name(), @@ -455,10 +467,7 @@ func (r *ResourceRender) PodDisruptionBudget() (*policyv1.PodDisruptionBudget, e APIVersion: "policy/v1", Kind: "PodDisruptionBudget", }, - Spec: policyv1.PodDisruptionBudgetSpec{ - MinAvailable: &intstr.IntOrString{IntVal: ptr.Deref(podDisruptionBudgetConfig.MinAvailable, 0)}, - Selector: r.stableSelector(), - }, + Spec: pdbSpec, } // apply merge patch to PodDisruptionBudget diff --git a/internal/infrastructure/kubernetes/proxy/resource_provider_test.go b/internal/infrastructure/kubernetes/proxy/resource_provider_test.go index 58bb88e84f9..c005a5db4fb 100644 --- a/internal/infrastructure/kubernetes/proxy/resource_provider_test.go +++ b/internal/infrastructure/kubernetes/proxy/resource_provider_test.go @@ -22,6 +22,7 @@ import ( apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/utils/ptr" "sigs.k8s.io/yaml" @@ -1320,14 +1321,14 @@ func TestPDB(t *testing.T) { caseName: "default", infra: newTestInfra(), pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ - MinAvailable: ptr.To(int32(1)), + MinAvailable: ptr.To(intstr.IntOrString{Type: intstr.Int, IntVal: 1}), }, }, { caseName: "patch-json-pdb", infra: newTestInfra(), pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ - MinAvailable: ptr.To(int32(1)), + MinAvailable: ptr.To(intstr.IntOrString{Type: intstr.Int, IntVal: 1}), Patch: &egv1a1.KubernetesPatchSpec{ Type: ptr.To(egv1a1.JSONMerge), Value: apiextensionsv1.JSON{ @@ -1340,7 +1341,7 @@ func TestPDB(t *testing.T) { caseName: "patch-strategic-pdb", infra: newTestInfra(), pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ - MinAvailable: ptr.To(int32(1)), + MinAvailable: ptr.To(intstr.IntOrString{Type: intstr.Int, IntVal: 1}), Patch: &egv1a1.KubernetesPatchSpec{ Type: ptr.To(egv1a1.StrategicMerge), Value: apiextensionsv1.JSON{ @@ -1349,6 +1350,39 @@ func TestPDB(t *testing.T) { }, }, }, + { + caseName: "max-unavailable", + infra: newTestInfra(), + pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ + MaxUnavailable: ptr.To(intstr.IntOrString{Type: intstr.Int, IntVal: 1}), + }, + }, + { + caseName: "max-unavailable-percent", + infra: newTestInfra(), + pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ + MaxUnavailable: ptr.To(intstr.IntOrString{Type: intstr.String, StrVal: "20%"}), + }, + }, + { + caseName: "min-available-percent", + infra: newTestInfra(), + pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ + MinAvailable: ptr.To(intstr.IntOrString{Type: intstr.String, StrVal: "20%"}), + }, + }, + { + caseName: "patch-pdb-no-minmax", + infra: newTestInfra(), + pdb: &egv1a1.KubernetesPodDisruptionBudgetSpec{ + Patch: &egv1a1.KubernetesPatchSpec{ + Type: ptr.To(egv1a1.StrategicMerge), + Value: apiextensionsv1.JSON{ + Raw: []byte("{\"metadata\":{\"name\":\"foo\"}, \"spec\": {\"minAvailable\": 1, \"selector\": {\"matchLabels\": {\"app\": \"bar\"}}}}"), + }, + }, + }, + }, } for _, tc := range cases { diff --git a/internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable-percent.yaml b/internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable-percent.yaml new file mode 100644 index 00000000000..c13ce64c012 --- /dev/null +++ b/internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable-percent.yaml @@ -0,0 +1,14 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: envoy-default-37a8eec1 + namespace: envoy-gateway-system +spec: + maxUnavailable: 20% + selector: + matchLabels: + app.kubernetes.io/component: proxy + app.kubernetes.io/managed-by: envoy-gateway + app.kubernetes.io/name: envoy + gateway.envoyproxy.io/owning-gateway-name: default + gateway.envoyproxy.io/owning-gateway-namespace: default diff --git a/internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable.yaml b/internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable.yaml new file mode 100644 index 00000000000..4d35159a703 --- /dev/null +++ b/internal/infrastructure/kubernetes/proxy/testdata/pdb/max-unavailable.yaml @@ -0,0 +1,14 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: envoy-default-37a8eec1 + namespace: envoy-gateway-system +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/component: proxy + app.kubernetes.io/managed-by: envoy-gateway + app.kubernetes.io/name: envoy + gateway.envoyproxy.io/owning-gateway-name: default + gateway.envoyproxy.io/owning-gateway-namespace: default diff --git a/internal/infrastructure/kubernetes/proxy/testdata/pdb/min-available-percent.yaml b/internal/infrastructure/kubernetes/proxy/testdata/pdb/min-available-percent.yaml new file mode 100644 index 00000000000..89cb99397a2 --- /dev/null +++ b/internal/infrastructure/kubernetes/proxy/testdata/pdb/min-available-percent.yaml @@ -0,0 +1,14 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: envoy-default-37a8eec1 + namespace: envoy-gateway-system +spec: + minAvailable: 20% + selector: + matchLabels: + app.kubernetes.io/component: proxy + app.kubernetes.io/managed-by: envoy-gateway + app.kubernetes.io/name: envoy + gateway.envoyproxy.io/owning-gateway-name: default + gateway.envoyproxy.io/owning-gateway-namespace: default diff --git a/internal/infrastructure/kubernetes/proxy/testdata/pdb/patch-pdb-no-minmax.yaml b/internal/infrastructure/kubernetes/proxy/testdata/pdb/patch-pdb-no-minmax.yaml new file mode 100644 index 00000000000..20a25b7e1b0 --- /dev/null +++ b/internal/infrastructure/kubernetes/proxy/testdata/pdb/patch-pdb-no-minmax.yaml @@ -0,0 +1,10 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: foo + namespace: envoy-gateway-system +spec: + minAvailable: 1 + selector: + matchLabels: + app: bar diff --git a/release-notes/current.yaml b/release-notes/current.yaml index 153ceea96b1..bd0d5ebcf5f 100644 --- a/release-notes/current.yaml +++ b/release-notes/current.yaml @@ -8,6 +8,7 @@ security updates: | # New features or capabilities added in this release. new features: | + Added support for configuring maxUnavailable in KubernetesPodDisruptionBudgetSpec Added support for percentage-based request mirroring bug fixes: | diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index 12181f7cc3a..49a929a4f62 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -2657,7 +2657,8 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `minAvailable` | _integer_ | false | | MinAvailable specifies the minimum number of pods that must be available at all times during voluntary disruptions,
such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability
and resilience during maintenance operations. | +| `minAvailable` | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#intorstring-intstr-util)_ | false | | MinAvailable specifies the minimum amount of pods (can be expressed as integers or as a percentage) that must be available at all times during voluntary disruptions,
such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability
and resilience during maintenance operations. Cannot be combined with maxUnavailable. | +| `maxUnavailable` | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#intorstring-intstr-util)_ | false | | MaxUnavailable specifies the maximum amount of pods (can be expressed as integers or as a percentage) that can be unavailable at all times during voluntary disruptions,
such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability
and resilience during maintenance operations. Cannot be combined with minAvailable. | | `patch` | _[KubernetesPatchSpec](#kubernetespatchspec)_ | false | | Patch defines how to perform the patch operation to the PodDisruptionBudget | diff --git a/site/content/zh/latest/api/extension_types.md b/site/content/zh/latest/api/extension_types.md index 12181f7cc3a..49a929a4f62 100644 --- a/site/content/zh/latest/api/extension_types.md +++ b/site/content/zh/latest/api/extension_types.md @@ -2657,7 +2657,8 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `minAvailable` | _integer_ | false | | MinAvailable specifies the minimum number of pods that must be available at all times during voluntary disruptions,
such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability
and resilience during maintenance operations. | +| `minAvailable` | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#intorstring-intstr-util)_ | false | | MinAvailable specifies the minimum amount of pods (can be expressed as integers or as a percentage) that must be available at all times during voluntary disruptions,
such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability
and resilience during maintenance operations. Cannot be combined with maxUnavailable. | +| `maxUnavailable` | _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#intorstring-intstr-util)_ | false | | MaxUnavailable specifies the maximum amount of pods (can be expressed as integers or as a percentage) that can be unavailable at all times during voluntary disruptions,
such as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability
and resilience during maintenance operations. Cannot be combined with minAvailable. | | `patch` | _[KubernetesPatchSpec](#kubernetespatchspec)_ | false | | Patch defines how to perform the patch operation to the PodDisruptionBudget | diff --git a/test/cel-validation/envoyproxy_test.go b/test/cel-validation/envoyproxy_test.go index df07be46217..89f14cef895 100644 --- a/test/cel-validation/envoyproxy_test.go +++ b/test/cel-validation/envoyproxy_test.go @@ -15,6 +15,7 @@ import ( "time" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/utils/ptr" gwapiv1 "sigs.k8s.io/gateway-api/apis/v1" @@ -253,6 +254,39 @@ func TestEnvoyProxyProvider(t *testing.T) { }, wantErrors: []string{}, }, + { + desc: "PDB-with-invalid-spec", + mutate: func(envoy *egv1a1.EnvoyProxy) { + envoy.Spec = egv1a1.EnvoyProxySpec{ + Provider: &egv1a1.EnvoyProxyProvider{ + Type: egv1a1.ProviderTypeKubernetes, + Kubernetes: &egv1a1.EnvoyProxyKubernetesProvider{ + EnvoyPDB: &egv1a1.KubernetesPodDisruptionBudgetSpec{ + MinAvailable: &intstr.IntOrString{Type: intstr.Int, IntVal: 1}, + MaxUnavailable: &intstr.IntOrString{Type: intstr.Int, IntVal: 1}, + }, + }, + }, + } + }, + wantErrors: []string{"only one of minAvailable or maxUnavailable can be specified"}, + }, + { + desc: "PDB-with-passing-spec", + mutate: func(envoy *egv1a1.EnvoyProxy) { + envoy.Spec = egv1a1.EnvoyProxySpec{ + Provider: &egv1a1.EnvoyProxyProvider{ + Type: egv1a1.ProviderTypeKubernetes, + Kubernetes: &egv1a1.EnvoyProxyKubernetesProvider{ + EnvoyPDB: &egv1a1.KubernetesPodDisruptionBudgetSpec{ + MaxUnavailable: &intstr.IntOrString{Type: intstr.Int, IntVal: 1}, + }, + }, + }, + } + }, + wantErrors: []string{}, + }, { desc: "ServiceTypeClusterIP-with-LoadBalancerIP", mutate: func(envoy *egv1a1.EnvoyProxy) { From 662d3653d0e46847239e9454aa5d8592f2947819 Mon Sep 17 00:00:00 2001 From: Anurag Nayak Date: Tue, 11 Feb 2025 22:52:10 +0530 Subject: [PATCH 06/11] docs: fixed the documentation for multiple request mirrorfilter docs (#5234) docs: fixed the multiple backendref docs and other typos Signed-off-by: Anu-Ra-g --- site/content/en/contributions/CONTRIBUTING.md | 4 ++-- .../en/latest/tasks/traffic/http-request-mirroring.md | 7 +++---- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/site/content/en/contributions/CONTRIBUTING.md b/site/content/en/contributions/CONTRIBUTING.md index 6598efb6d47..bdb9df9f3c9 100644 --- a/site/content/en/contributions/CONTRIBUTING.md +++ b/site/content/en/contributions/CONTRIBUTING.md @@ -46,7 +46,7 @@ to the following guidelines for all code, APIs, and documentation: * Tests will automatically run for you. * We will **not** merge any PR that is not passing tests. * PRs are expected to have 100% test coverage for added code. This can be verified with a coverage - build. If your PR cannot have 100% coverage for some reason please clearly explain why when you + build. If your PR cannot have 100% coverage for some reason please clearly explain why, when you open it. * Any PR that changes user-facing behavior **must** have associated documentation in the [docs](https://github.com/envoyproxy/gateway/tree/main/site) folder of the repo as well as the [changelog](./RELEASING). @@ -54,7 +54,7 @@ to the following guidelines for all code, APIs, and documentation: If you are not a fluent English speaker (or a bad writer ;-)) please let us know and we will try to find some help but there are no guarantees. * Your PR title should be descriptive, and generally start with type that contains a subsystem name with `()` if necessary - and summary followed by a colon. format `chore/docs/feat/fix/refactor/style/test: summary`. + and summary followed by a colon format `chore/docs/feat/fix/refactor/style/test: summary`. Examples: * "docs: fix grammar error" * "feat(translator): add new feature" diff --git a/site/content/en/latest/tasks/traffic/http-request-mirroring.md b/site/content/en/latest/tasks/traffic/http-request-mirroring.md index 5c1c8065652..8c81214866a 100644 --- a/site/content/en/latest/tasks/traffic/http-request-mirroring.md +++ b/site/content/en/latest/tasks/traffic/http-request-mirroring.md @@ -138,6 +138,7 @@ spec: {{% /tab %}} {{< /tabpane >}} + Then create an `HTTPRoute` that uses a `HTTPRequestMirrorFilter` to send requests to the original service from the quickstart, and mirror request to the service that was just deployed. @@ -146,6 +147,7 @@ service from the quickstart, and mirror request to the service that was just dep ```shell cat <}} {{% tab header="Apply from stdin" %}} @@ -435,9 +437,6 @@ spec: {{% /tab %}} {{< /tabpane >}} -```console -Error from server: error when creating "STDIN": admission webhook "validate.gateway.networking.k8s.io" denied the request: spec.rules[0].filters: Invalid value: "RequestMirror": cannot be used multiple times in the same rule -``` [Traffic Splitting]: ../http-traffic-splitting/ [HTTPRoute]: https://gateway-api.sigs.k8s.io/api-types/httproute/ From c1e18b29c41f7cdeec7e50ea859d7101356f78af Mon Sep 17 00:00:00 2001 From: zirain Date: Wed, 12 Feb 2025 09:25:34 +0800 Subject: [PATCH 07/11] xds: use a dedicated listener port for envoy proxy readiness (#5197) * build ready listener Signed-off-by: zirain * release-notes Signed-off-by: zirain * fix gen Signed-off-by: zirain * fix gen Signed-off-by: zirain * remove listener when prometheus is disabled Signed-off-by: zirain * use 500 instead of 200 in DirectResponse Signed-off-by: zirain * gen Signed-off-by: zirain --------- Signed-off-by: zirain --- .../translate/out/default-resources.all.yaml | 62 +++++++---- .../out/from-gateway-api-to-xds.all.json | 91 ++++++++++++--- .../out/from-gateway-api-to-xds.all.yaml | 50 +++++++-- .../from-gateway-api-to-xds.bootstrap.yaml | 12 +- .../out/from-gateway-api-to-xds.listener.yaml | 38 +++++++ ...-single-route-single-match-to-xds.all.json | 91 ++++++++++++--- ...-single-route-single-match-to-xds.all.yaml | 50 +++++++-- ...e-route-single-match-to-xds.bootstrap.yaml | 12 +- ...le-route-single-match-to-xds.listener.yaml | 38 +++++++ .../out/no-service-cluster-ip.all.yaml | 50 +++++++-- .../translate/out/quickstart.all.yaml | 5 + internal/gatewayapi/listener.go | 23 ++++ .../backend-invalid-feature-disabled.out.yaml | 5 + .../testdata/backend-with-fallback.out.yaml | 5 + .../backendtlspolicy-across-ns.out.yaml | 5 + .../backendtlspolicy-ca-only-secret.out.yaml | 5 + .../backendtlspolicy-ca-only.out.yaml | 5 + ...ndtlspolicy-default-ns-targetrefs.out.yaml | 10 ++ .../backendtlspolicy-default-ns.out.yaml | 5 + .../backendtlspolicy-invalid-ca.out.yaml | 5 + ...backendtlspolicy-multiple-targets.out.yaml | 5 + ...ackendtlspolicy-system-truststore.out.yaml | 5 + ...y-buffer-limit-out-of-range-error.out.yaml | 10 ++ ...y-buffer-limit-with-invalid-value.out.yaml | 10 ++ ...backendtrafficpolicy-buffer-limit.out.yaml | 10 ++ .../backendtrafficpolicy-compression.out.yaml | 5 + ...endtrafficpolicy-override-replace.out.yaml | 5 + ...ndtrafficpolicy-status-conditions.out.yaml | 15 +++ ...fficpolicy-status-fault-injection.out.yaml | 10 ++ ...trafficpolicy-use-client-protocol.out.yaml | 5 + ...policy-with-circuitbreakers-error.out.yaml | 10 ++ ...rafficpolicy-with-circuitbreakers.out.yaml | 10 ++ ...ndtrafficpolicy-with-dns-settings.out.yaml | 10 ++ ...endtrafficpolicy-with-healthcheck.out.yaml | 10 ++ .../backendtrafficpolicy-with-http2.out.yaml | 10 ++ ...fficpolicy-with-httproute-timeout.out.yaml | 5 + ...nvalid-consistent-hash-table-size.out.yaml | 5 + ...ndtrafficpolicy-with-loadbalancer.out.yaml | 10 ++ ...telimit-default-route-level-limit.out.yaml | 5 + ...ocal-ratelimit-invalid-limit-unit.out.yaml | 5 + ...ocal-ratelimit-invalid-match-type.out.yaml | 5 + ...valid-multiple-route-level-limits.out.yaml | 5 + ...rafficpolicy-with-local-ratelimit.out.yaml | 5 + ...rafficpolicy-with-panic-threshold.out.yaml | 10 ++ ...dtrafficpolicy-with-proxyprotocol.out.yaml | 10 ++ ...ratelimit-invalid-distinct-invert.out.yaml | 5 + ...licy-with-ratelimit-invalid-regex.out.yaml | 5 + ...ckendtrafficpolicy-with-ratelimit.out.yaml | 10 ++ ...esponse-override-invalid-valueref.out.yaml | 10 ++ ...fficpolicy-with-response-override.out.yaml | 10 ++ ...backendtrafficpolicy-with-retries.out.yaml | 10 ++ ...olicy-with-same-prefix-httproutes.out.yaml | 5 + ...cp-udp-listeners-apply-on-gateway.out.yaml | 5 + ...-tcp-udp-listeners-apply-on-route.out.yaml | 5 + ...ndtrafficpolicy-with-tcpkeepalive.out.yaml | 10 ++ ...dtrafficpolicy-with-timeout-error.out.yaml | 5 + ...ficpolicy-with-timeout-targetrefs.out.yaml | 10 ++ ...backendtrafficpolicy-with-timeout.out.yaml | 10 ++ ...cy-buffer-limit-with-format-error.out.yaml | 5 + ...fer-limit-with-out-of-range-error.out.yaml | 5 + .../clienttrafficpolicy-buffer-limit.out.yaml | 5 + ...trafficpolicy-client-ip-detection.out.yaml | 5 + ...fficpolicy-connection-limit-error.out.yaml | 5 + ...enttrafficpolicy-connection-limit.out.yaml | 5 + ...nttrafficpolicy-for-tcp-listeners.out.yaml | 5 + ...clienttrafficpolicy-headers-error.out.yaml | 5 + .../clienttrafficpolicy-headers.out.yaml | 5 + ...nttrafficpolicy-http-health-check.out.yaml | 5 + .../clienttrafficpolicy-http10.out.yaml | 5 + .../clienttrafficpolicy-http2.out.yaml | 5 + .../clienttrafficpolicy-http3.out.yaml | 5 + ...ficpolicy-idle-timeout-with-error.out.yaml | 5 + .../clienttrafficpolicy-idle-timeout.out.yaml | 5 + ...enttrafficpolicy-invalid-settings.out.yaml | 5 + ...icpolicy-mtls-client-verification.out.yaml | 10 ++ ...s-forward-client-cert-custom-data.out.yaml | 25 +++++ ...icpolicy-mtls-forward-client-cert.out.yaml | 25 +++++ .../clienttrafficpolicy-mtls.out.yaml | 10 ++ ...clienttrafficpolicy-path-settings.out.yaml | 5 + ...cy-preserve-case-multiple-targets.out.yaml | 10 ++ ...clienttrafficpolicy-preserve-case.out.yaml | 5 + ...clienttrafficpolicy-proxyprotocol.out.yaml | 5 + ...enttrafficpolicy-ratelimitheaders.out.yaml | 5 + ...nttrafficpolicy-status-conditions.out.yaml | 20 ++++ ...clienttrafficpolicy-tcp-keepalive.out.yaml | 5 + ...ttrafficpolicy-timeout-with-error.out.yaml | 5 + .../clienttrafficpolicy-timeout.out.yaml | 5 + .../clienttrafficpolicy-tls-settings.out.yaml | 15 +++ .../clienttrafficpolicy-trailers.out.yaml | 5 + .../testdata/conflicting-policies.out.yaml | 5 + .../testdata/custom-filter-order.out.yaml | 5 + .../testdata/disable-accesslog.out.yaml | 5 + ...ensionpolicy-invalid-cross-ns-ref.out.yaml | 5 + ...yextensionpolicy-override-replace.out.yaml | 5 + ...extensionpolicy-status-conditions.out.yaml | 15 +++ ...-extproc-invalid-no-matching-port.out.yaml | 5 + ...licy-with-extproc-invalid-no-port.out.yaml | 5 + ...xtproc-invalid-no-reference-grant.out.yaml | 5 + ...y-with-extproc-invalid-no-service.out.yaml | 5 + ...ith-extproc-with-backendtlspolicy.out.yaml | 5 + ...extproc-with-multiple-backendrefs.out.yaml | 5 + ...ith-extproc-with-traffic-features.out.yaml | 5 + ...xtensionpolicy-with-wasm-env-vars.out.yaml | 5 + ...ensionpolicy-with-wasm-targetrefs.out.yaml | 5 + .../envoyextensionpolicy-with-wasm.out.yaml | 5 + .../envoypatchpolicy-cross-ns-target.out.yaml | 5 + ...chpolicy-invalid-feature-disabled.out.yaml | 5 + ...nvalid-target-kind-merge-gateways.out.yaml | 5 + ...oypatchpolicy-invalid-target-kind.out.yaml | 5 + ...ypatchpolicy-valid-merge-gateways.out.yaml | 5 + .../testdata/envoypatchpolicy-valid.out.yaml | 5 + .../envoyproxy-accesslog-als-json.out.yaml | 5 + ...oyproxy-accesslog-backend-invalid.out.yaml | 5 + .../envoyproxy-accesslog-backend.out.yaml | 5 + ...yproxy-accesslog-cel-with-invalid.out.yaml | 5 + .../envoyproxy-accesslog-cel.out.yaml | 5 + ...oxy-accesslog-file-json-no-format.out.yaml | 5 + .../envoyproxy-accesslog-file-json.out.yaml | 5 + .../envoyproxy-accesslog-types.out.yaml | 5 + ...voyproxy-accesslog-with-bad-sinks.out.yaml | 5 + ...envoyproxy-accesslog-with-traffic.out.yaml | 5 + ...voyproxy-accesslog-without-format.out.yaml | 5 + .../testdata/envoyproxy-accesslog.out.yaml | 5 + ...roxy-endpoint-routing-for-gateway.out.yaml | 5 + .../envoyproxy-endpoint-routing.out.yaml | 5 + ...envoyproxy-metric-backend-invalid.out.yaml | 5 + .../envoyproxy-metric-backend.out.yaml | 5 + ...envoyproxy-metric-enabled-backend.out.yaml | 5 + .../envoyproxy-preserve-route-order.out.yaml | 5 + .../envoyproxy-priority-backend.out.yaml | 5 + ...proxy-service-routing-for-gateway.out.yaml | 5 + .../envoyproxy-service-routing.out.yaml | 5 + ...nvoyproxy-tls-settings-invalid-ns.out.yaml | 5 + .../envoyproxy-tls-settings-invalid.out.yaml | 5 + .../testdata/envoyproxy-tls-settings.out.yaml | 5 + ...nvoyproxy-tracing-backend-invalid.out.yaml | 5 + .../envoyproxy-tracing-backend.out.yaml | 5 + .../testdata/envoyproxy-valid.out.yaml | 5 + .../extensionpolicy-tcp-listener.out.yaml | 5 + .../extensionpolicy-udp-listener.out.yaml | 5 + ...tensionpolicy-with-invalid-target.out.yaml | 5 + ...ionpolicy-with-valid-target-array.out.yaml | 10 ++ ...extensionpolicy-with-valid-target.out.yaml | 5 + ...th-extension-filter-invalid-group.out.yaml | 5 + ...ith-non-matching-extension-filter.out.yaml | 5 + ...with-unsupported-extension-filter.out.yaml | 5 + ...route-with-valid-extension-filter.out.yaml | 5 + ...-namespace-with-allowed-httproute.out.yaml | 5 + ...mespace-with-disallowed-httproute.out.yaml | 5 + ...stener-with-hostname-intersection.out.yaml | 5 + .../testdata/gateway-infrastructure.out.yaml | 5 + ...way-with-addresses-with-ipaddress.out.yaml | 5 + ...with-infrastructure-parametersref.out.yaml | 5 + ...ture-parametersref-does-not-exist.out.yaml | 5 + ...astructure-parametersref-fallback.out.yaml | 5 + ...valid-allowed-namespaces-selector.out.yaml | 5 + ...with-invalid-allowed-routes-group.out.yaml | 5 + ...allowed-routes-kind-and-supported.out.yaml | 5 + ...-with-invalid-allowed-routes-kind.out.yaml | 5 + ...th-invalid-allowed-tls-route-kind.out.yaml | 5 + ...nvalid-multiple-tls-configuration.out.yaml | 5 + ...id-tls-configuration-invalid-mode.out.yaml | 5 + ...configuration-no-certificate-refs.out.yaml | 5 + ...ion-no-valid-certificate-for-fqdn.out.yaml | 5 + ...nfiguration-secret-does-not-exist.out.yaml | 5 + ...uration-secret-in-other-namespace.out.yaml | 5 + ...configuration-secret-is-not-valid.out.yaml | 5 + ...ssing-allowed-namespaces-selector.out.yaml | 5 + ...h-listener-with-tcp-with-hostname.out.yaml | 5 + ...route-with-mismatch-port-protocol.out.yaml | 5 + ...h-tcproute-with-multiple-backends.out.yaml | 5 + ...with-tcproute-with-multiple-rules.out.yaml | 5 + ...her-namespace-allowed-by-refgrant.out.yaml | 5 + ...ith-tls-terminate-and-passthrough.out.yaml | 5 + ...h-listener-with-udp-with-hostname.out.yaml | 5 + ...route-with-mismatch-port-protocol.out.yaml | 5 + ...h-udproute-with-multiple-backends.out.yaml | 5 + ...with-udproute-with-multiple-rules.out.yaml | 5 + ...-listener-with-unmatched-tcproute.out.yaml | 5 + ...-listener-with-unmatched-udproute.out.yaml | 5 + ...istener-with-unsupported-protocol.out.yaml | 5 + ...ith-same-algorithm-different-fqdn.out.yaml | 5 + ...-valid-multiple-tls-configuration.out.yaml | 5 + ...ener-with-valid-tls-configuration.out.yaml | 5 + ...with-preexisting-status-condition.out.yaml | 5 + ...-listener-with-multiple-tcproutes.out.yaml | 5 + ...-listener-with-multiple-udproutes.out.yaml | 5 + ...teway-with-stale-status-condition.out.yaml | 5 + ...listeners-on-same-tcp-or-tls-port.out.yaml | 5 + ...th-two-listeners-on-same-udp-port.out.yaml | 5 + ...d-tlsroute-same-hostname-and-port.out.yaml | 5 + ...isteners-with-multiple-httproutes.out.yaml | 5 + ...eners-with-same-port-and-hostname.out.yaml | 5 + ...me-port-and-incompatible-protocol.out.yaml | 5 + ...-with-same-port-http-tcp-protocol.out.yaml | 5 + ...-with-same-port-http-udp-protocol.out.yaml | 5 + ...s-with-tcproutes-with-sectionname.out.yaml | 5 + ...ith-tcproutes-without-sectionname.out.yaml | 5 + ...s-with-udproutes-with-sectionname.out.yaml | 5 + ...ith-udproutes-without-sectionname.out.yaml | 5 + .../testdata/grpcroute-with-backend.out.yaml | 5 + .../grpcroute-with-empty-backends.out.yaml | 5 + .../grpcroute-with-header-match.out.yaml | 5 + ...ute-with-method-and-service-match.out.yaml | 5 + .../grpcroute-with-method-match.out.yaml | 5 + ...oute-with-request-header-modifier.out.yaml | 5 + .../grpcroute-with-service-match.out.yaml | 5 + ...dtrafficpolicy-with-timeout-error.out.yaml | 5 + ...backendtrafficpolicy-with-timeout.out.yaml | 10 ++ ...way-with-more-different-listeners.out.yaml | 5 + ...ng-to-gateway-with-more-listeners.out.yaml | 5 + ...wo-listeners-with-different-ports.out.yaml | 5 + ...ing-to-gateway-with-two-listeners.out.yaml | 5 + .../httproute-attaching-to-gateway.out.yaml | 5 + ...taching-to-listener-matching-port.out.yaml | 5 + ...ner-on-gateway-with-two-listeners.out.yaml | 5 + ...with-backend-and-core-backendrefs.out.yaml | 5 + ...end-backendref-mixed-address-type.out.yaml | 5 + ...-listener-with-backend-backendref.out.yaml | 5 + ...end-backendrefs-diff-address-type.out.yaml | 5 + ...end-backendrefs-same-address-type.out.yaml | 5 + ...ort-backendrefs-diff-address-type.out.yaml | 5 + ...ort-backendrefs-same-address-type.out.yaml | 5 + ...port-backendref-fqdn-address-type.out.yaml | 5 + ...ort-backendref-mixed-address-type.out.yaml | 5 + ...ner-with-serviceimport-backendref.out.yaml | 5 + .../httproute-attaching-to-listener.out.yaml | 5 + ...httproute-backend-request-timeout.out.yaml | 5 + ...ing-to-listener-non-matching-port.out.yaml | 5 + .../httproute-request-timeout.out.yaml | 5 + .../testdata/httproute-retry.out.yaml | 10 ++ ...ith-empty-backends-and-no-filters.out.yaml | 5 + ...-multiple-backends-and-no-weights.out.yaml | 5 + ...ith-multiple-backends-and-weights.out.yaml | 5 + ...ervice-backends-and-app-protocols.out.yaml | 5 + ...-non-service-backends-and-weights.out.yaml | 5 + ...h-backendref-add-multiple-filters.out.yaml | 5 + ...her-namespace-allowed-by-refgrant.out.yaml | 5 + ...her-namespace-allowed-by-refgrant.out.yaml | 5 + .../httproute-with-direct-response.out.yaml | 5 + .../httproute-with-empty-matches.out.yaml | 5 + ...er-duplicate-add-multiple-filters.out.yaml | 5 + ...with-header-filter-duplicate-adds.out.yaml | 5 + ...duplicate-remove-multiple-filters.out.yaml | 5 + ...h-header-filter-duplicate-removes.out.yaml | 5 + ...header-filter-empty-header-values.out.yaml | 5 + ...-with-header-filter-empty-headers.out.yaml | 5 + ...ith-header-filter-invalid-headers.out.yaml | 5 + ...ute-with-header-filter-no-headers.out.yaml | 5 + ...th-header-filter-no-valid-headers.out.yaml | 5 + ...tproute-with-header-filter-remove.out.yaml | 5 + ...with-invalid-backend-ref-bad-port.out.yaml | 5 + ...invalid-backend-ref-invalid-group.out.yaml | 5 + ...-invalid-backend-ref-invalid-kind.out.yaml | 5 + ...-with-invalid-backend-ref-no-port.out.yaml | 5 + ...lid-backend-ref-no-service.import.out.yaml | 5 + ...th-invalid-backend-ref-no-service.out.yaml | 5 + ...id-backend-ref-unsupported-filter.out.yaml | 5 + ...lid-backendref-in-other-namespace.out.yaml | 5 + .../httproute-with-invalid-regex.out.yaml | 10 ++ .../testdata/httproute-with-metadata.out.yaml | 5 + ...ute-with-mirror-filter-duplicates.out.yaml | 5 + ...route-with-mirror-filter-multiple.out.yaml | 5 + ...irror-filter-percentage-mirroring.out.yaml | 5 + ...ith-mirror-filter-service-no-port.out.yaml | 5 + ...h-mirror-filter-service-not-found.out.yaml | 5 + .../httproute-with-mirror-filter.out.yaml | 5 + ...oute-with-multi-gateways-notmatch.out.yaml | 10 ++ ...ith-multi-gateways-with-same-name.out.yaml | 10 ++ ...ltiple-gateways-from-different-ns.out.yaml | 10 ++ ...th-multiple-gateways-from-same-ns.out.yaml | 10 ++ ...to-gateway-with-wildcard-hostname.out.yaml | 5 + ...ct-filter-full-path-replace-https.out.yaml | 5 + ...ute-with-redirect-filter-hostname.out.yaml | 5 + ...direct-filter-invalid-filter-type.out.yaml | 5 + ...th-redirect-filter-invalid-scheme.out.yaml | 5 + ...th-redirect-filter-invalid-status.out.yaml | 5 + ...ter-prefix-replace-with-port-http.out.yaml | 5 + ...-with-response-header-filter-adds.out.yaml | 5 + ...er-duplicate-add-multiple-filters.out.yaml | 5 + ...onse-header-filter-duplicate-adds.out.yaml | 5 + ...duplicate-remove-multiple-filters.out.yaml | 5 + ...e-header-filter-duplicate-removes.out.yaml | 5 + ...header-filter-empty-header-values.out.yaml | 5 + ...ponse-header-filter-empty-headers.out.yaml | 5 + ...nse-header-filter-invalid-headers.out.yaml | 5 + ...response-header-filter-no-headers.out.yaml | 5 + ...se-header-filter-no-valid-headers.out.yaml | 5 + ...ith-response-header-filter-remove.out.yaml | 5 + ...single-rule-with-exact-path-match.out.yaml | 5 + ...ingle-rule-with-http-method-match.out.yaml | 5 + ...h-single-rule-with-multiple-rules.out.yaml | 5 + ...h-prefix-and-exact-header-matches.out.yaml | 5 + ...e-invalid-backend-refs-no-service.out.yaml | 5 + ...to-gateway-with-wildcard-hostname.out.yaml | 5 + ...to-gateway-with-wildcard-hostname.out.yaml | 5 + ...ite-filter-full-path-replace-http.out.yaml | 5 + ...te-filter-hostname-prefix-replace.out.yaml | 5 + ...e-with-urlrewrite-filter-hostname.out.yaml | 5 + ...ewrite-filter-invalid-filter-type.out.yaml | 5 + ...rlrewrite-filter-invalid-hostname.out.yaml | 5 + ...e-filter-invalid-multiple-filters.out.yaml | 5 + ...lrewrite-filter-invalid-path-type.out.yaml | 5 + ...th-urlrewrite-filter-invalid-path.out.yaml | 5 + ...th-urlrewrite-filter-missing-path.out.yaml | 5 + ...ewrite-filter-prefix-replace-http.out.yaml | 5 + ...e-filter-regex-match-replace-http.out.yaml | 5 + ...ilter-regex-match-replace-invalid.out.yaml | 5 + ...rlrewrite-hostname-filter-invalid.out.yaml | 5 + ...e-with-urlrewrite-hostname-filter.out.yaml | 5 + ...ng-to-gateway-with-unset-hostname.out.yaml | 5 + .../httproutes-with-multiple-matches.out.yaml | 5 + .../merge-invalid-multiple-gateways.out.yaml | 5 + ...ays-multiple-listeners-same-ports.out.yaml | 5 + ...multiple-gateways-multiple-routes.out.yaml | 5 + .../merge-valid-multiple-gateways.out.yaml | 5 + .../merge-with-isolated-policies-2.out.yaml | 5 + .../merge-with-isolated-policies.out.yaml | 5 + ...curitypolicy-invalid-cross-ns-ref.out.yaml | 5 + .../securitypolicy-override-replace.out.yaml | 5 + .../securitypolicy-status-conditions.out.yaml | 10 ++ ...icy-with-authoriztion-client-cidr.out.yaml | 5 + ...olicy-with-authoriztion-jwt-claim.out.yaml | 5 + .../securitypolicy-with-basic-auth.out.yaml | 5 + ...curitypolicy-with-cors-targetrefs.out.yaml | 15 +++ .../securitypolicy-with-cors.out.yaml | 15 +++ ...curitypolicy-with-extauth-backend.out.yaml | 5 + ...itypolicy-with-extauth-backendref.out.yaml | 5 + .../securitypolicy-with-extauth-body.out.yaml | 5 + ...-extauth-invalid-no-matching-port.out.yaml | 5 + ...licy-with-extauth-invalid-no-port.out.yaml | 5 + ...xtauth-invalid-no-reference-grant.out.yaml | 5 + ...y-with-extauth-invalid-no-service.out.yaml | 5 + ...policy-with-extauth-recomputation.out.yaml | 5 + ...ith-extauth-with-backendtlspolicy.out.yaml | 5 + .../securitypolicy-with-extauth.out.yaml | 5 + ...ypolicy-with-jwt-and-invalid-oidc.out.yaml | 5 + ...itypolicy-with-jwt-backendcluster.out.yaml | 5 + .../securitypolicy-with-jwt-optional.out.yaml | 10 ++ ...cy-with-jwt-with-custom-extractor.out.yaml | 10 ++ .../testdata/securitypolicy-with-jwt.out.yaml | 10 ++ ...typolicy-with-oidc-backendcluster.out.yaml | 5 + ...typolicy-with-oidc-custom-cookies.out.yaml | 5 + ...typolicy-with-oidc-invalid-issuer.out.yaml | 5 + ...olicy-with-oidc-invalid-secretref.out.yaml | 15 +++ .../securitypolicy-with-oidc.out.yaml | 5 + ...teway-with-listener-tls-terminate.out.yaml | 5 + .../testdata/tcproute-with-backend.out.yaml | 5 + .../tlsroute-attaching-to-gateway.out.yaml | 5 + .../tlsroute-invalid-reference-grant.out.yaml | 5 + .../testdata/tlsroute-multiple.out.yaml | 5 + ...attaching-to-gateway-with-no-mode.out.yaml | 5 + .../testdata/tlsroute-with-backend.out.yaml | 5 + ...her-namespace-allowed-by-refgrant.out.yaml | 5 + .../tlsroute-with-empty-hostname.out.yaml | 5 + ...oute-with-empty-listener-hostname.out.yaml | 5 + ...er-both-passthrough-and-cert-data.out.yaml | 5 + .../tracing-merged-multiple-routes.out.yaml | 5 + .../testdata/tracing-multiple-routes.out.yaml | 10 ++ .../testdata/udproute-with-backend.out.yaml | 5 + internal/gatewayapi/translator_test.go | 2 + internal/infrastructure/host/proxy_infra.go | 2 +- .../kubernetes/proxy/resource.go | 18 +-- .../kubernetes/proxy/resource_provider.go | 2 +- .../testdata/daemonsets/component-level.yaml | 7 +- .../proxy/testdata/daemonsets/custom.yaml | 19 ++-- .../testdata/daemonsets/default-env.yaml | 19 ++-- .../proxy/testdata/daemonsets/default.yaml | 19 ++-- .../daemonsets/disable-prometheus.yaml | 36 +----- .../testdata/daemonsets/extension-env.yaml | 19 ++-- .../override-labels-and-annotations.yaml | 19 ++-- .../testdata/daemonsets/patch-daemonset.yaml | 19 ++-- .../testdata/daemonsets/shutdown-manager.yaml | 19 ++-- .../proxy/testdata/daemonsets/volumes.yaml | 19 ++-- .../testdata/daemonsets/with-annotations.yaml | 19 ++-- .../testdata/daemonsets/with-concurrency.yaml | 7 +- .../testdata/daemonsets/with-extra-args.yaml | 19 ++-- .../daemonsets/with-image-pull-secrets.yaml | 19 ++-- .../proxy/testdata/daemonsets/with-name.yaml | 19 ++-- .../daemonsets/with-node-selector.yaml | 19 ++-- .../with-topology-spread-constraints.yaml | 19 ++-- .../proxy/testdata/deployments/bootstrap.yaml | 7 +- .../testdata/deployments/component-level.yaml | 7 +- .../proxy/testdata/deployments/custom.yaml | 19 ++-- .../custom_with_initcontainers.yaml | 19 ++-- .../testdata/deployments/default-env.yaml | 19 ++-- .../proxy/testdata/deployments/default.yaml | 19 ++-- .../deployments/disable-prometheus.yaml | 36 +----- .../testdata/deployments/dual-stack.yaml | 19 ++-- .../testdata/deployments/extension-env.yaml | 19 ++-- .../proxy/testdata/deployments/ipv6.yaml | 19 ++-- .../override-labels-and-annotations.yaml | 19 ++-- .../deployments/patch-deployment.yaml | 19 ++-- .../deployments/shutdown-manager.yaml | 19 ++-- .../proxy/testdata/deployments/volumes.yaml | 19 ++-- .../deployments/with-annotations.yaml | 19 ++-- .../deployments/with-concurrency.yaml | 7 +- .../deployments/with-empty-memory-limits.yaml | 19 ++-- .../testdata/deployments/with-extra-args.yaml | 19 ++-- .../deployments/with-image-pull-secrets.yaml | 19 ++-- .../proxy/testdata/deployments/with-name.yaml | 19 ++-- .../deployments/with-node-selector.yaml | 19 ++-- .../with-topology-spread-constraints.yaml | 19 ++-- internal/ir/xds.go | 11 ++ internal/ir/zz_generated.deepcopy.go | 20 ++++ internal/utils/proto/proto.go | 9 +- internal/xds/bootstrap/bootstrap.go | 37 +++---- internal/xds/bootstrap/bootstrap.yaml.tpl | 20 +--- internal/xds/bootstrap/bootstrap_test.go | 2 +- .../bootstrap/testdata/merge/default.out.yaml | 12 +- .../merge/merge-user-bootstrap.out.yaml | 12 +- .../merge/patch-global-config.out.yaml | 12 +- .../testdata/merge/stats_sinks.out.yaml | 12 +- .../testdata/render/custom-server-port.yaml | 12 +- .../testdata/render/custom-stats-matcher.yaml | 12 +- .../testdata/render/disable-prometheus.yaml | 28 ----- .../enable-prometheus-gzip-compression.yaml | 12 +- .../testdata/render/enable-prometheus.yaml | 12 +- .../xds/bootstrap/testdata/render/ipv6.yaml | 12 +- .../render/otel-metrics-backendref.yaml | 28 ----- .../testdata/render/otel-metrics.yaml | 28 ----- .../render/with-max-heap-size-bytes.yaml | 12 +- internal/xds/bootstrap/util.go | 1 - internal/xds/bootstrap/validate.go | 1 - .../xds/filters/testdata/healthcheck.yaml | 8 ++ internal/xds/filters/wellknown.go | 34 +++++- internal/xds/filters/wellknown_test.go | 37 +++++++ internal/xds/translator/jsonpatch.go | 4 - internal/xds/translator/listener_ready.go | 104 ++++++++++++++++++ .../xds/translator/listener_ready_test.go | 86 +++++++++++++++ .../translator/testdata/in/xds-ir/ready.yaml | 6 + .../testdata/out/xds-ir/ready.clusters.yaml | 1 + .../testdata/out/xds-ir/ready.endpoints.yaml | 1 + .../testdata/out/xds-ir/ready.listeners.yaml | 35 ++++++ .../testdata/out/xds-ir/ready.routes.yaml | 1 + .../testdata/readylistener/dual.yaml | 36 ++++++ .../testdata/readylistener/ipv4.yaml | 35 ++++++ .../testdata/readylistener/ipv6.yaml | 36 ++++++ internal/xds/translator/translator.go | 21 ++++ release-notes/current.yaml | 1 + .../content/en/latest/install/install-helm.md | 24 ++-- tools/make/kube.mk | 3 + 442 files changed, 3262 insertions(+), 812 deletions(-) create mode 100644 internal/xds/filters/testdata/healthcheck.yaml create mode 100644 internal/xds/filters/wellknown_test.go create mode 100644 internal/xds/translator/listener_ready.go create mode 100644 internal/xds/translator/listener_ready_test.go create mode 100644 internal/xds/translator/testdata/in/xds-ir/ready.yaml create mode 100644 internal/xds/translator/testdata/out/xds-ir/ready.clusters.yaml create mode 100644 internal/xds/translator/testdata/out/xds-ir/ready.endpoints.yaml create mode 100644 internal/xds/translator/testdata/out/xds-ir/ready.listeners.yaml create mode 100644 internal/xds/translator/testdata/out/xds-ir/ready.routes.yaml create mode 100644 internal/xds/translator/testdata/readylistener/dual.yaml create mode 100644 internal/xds/translator/testdata/readylistener/ipv4.yaml create mode 100644 internal/xds/translator/testdata/readylistener/ipv6.yaml diff --git a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml index ac69663b8c6..0963e89f94a 100644 --- a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml @@ -40,7 +40,7 @@ envoyProxyForGatewayClass: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -51,7 +51,7 @@ envoyProxyForGatewayClass: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -68,14 +68,6 @@ envoyProxyForGatewayClass: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -670,14 +662,6 @@ xds: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -696,8 +680,8 @@ xds: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 - '@type': type.googleapis.com/envoy.admin.v3.EndpointsConfigDump dynamicEndpointConfigs: - endpointConfig: @@ -876,6 +860,44 @@ xds: type: EDS - '@type': type.googleapis.com/envoy.admin.v3.ListenersConfigDump dynamicListeners: + - activeState: + listener: + '@type': type.googleapis.com/envoy.config.listener.v3.Listener + address: + socketAddress: + address: 0.0.0.0 + portValue: 19003 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19003 - activeState: listener: '@type': type.googleapis.com/envoy.config.listener.v3.Listener diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json index a8a4553c583..f33a4c9b850 100644 --- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json +++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json @@ -246,21 +246,6 @@ "typedConfig": { "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", "httpFilters": [ - { - "name": "envoy.filters.http.health_check", - "typedConfig": { - "@type": "type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck", - "headers": [ - { - "name": ":path", - "stringMatch": { - "exact": "/ready" - } - } - ], - "passThroughMode": false - } - }, { "name": "envoy.filters.http.router", "typedConfig": { @@ -296,13 +281,13 @@ } ] }, - "statPrefix": "eg-ready-http" + "statPrefix": "eg-stats-http" } } ] } ], - "name": "envoy-gateway-proxy-ready-0.0.0.0-19001" + "name": "envoy-gateway-proxy-stats-0.0.0.0-19001" } ] } @@ -612,6 +597,78 @@ { "@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump", "dynamicListeners": [ + { + "activeState": { + "listener": { + "@type": "type.googleapis.com/envoy.config.listener.v3.Listener", + "address": { + "socketAddress": { + "address": "0.0.0.0", + "portValue": 19003 + } + }, + "filterChains": [ + { + "filters": [ + { + "name": "envoy.filters.network.http_connection_manager", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", + "httpFilters": [ + { + "name": "envoy.filters.http.health_check", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck", + "headers": [ + { + "name": ":path", + "stringMatch": { + "exact": "/ready" + } + } + ], + "passThroughMode": false + } + }, + { + "name": "envoy.filters.http.router", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router", + "suppressEnvoyHeaders": true + } + } + ], + "routeConfig": { + "name": "ready_route", + "virtualHosts": [ + { + "domains": [ + "*" + ], + "name": "ready_route", + "routes": [ + { + "directResponse": { + "status": 500 + }, + "match": { + "prefix": "/" + } + } + ] + } + ] + }, + "statPrefix": "eg-ready-http" + } + } + ] + } + ], + "name": "envoy-gateway-proxy-ready-0.0.0.0-19003" + } + } + }, { "activeState": { "listener": { diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml index bebba668425..d0d9ff27c30 100644 --- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml @@ -145,14 +145,6 @@ xds: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -171,8 +163,8 @@ xds: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 - '@type': type.googleapis.com/envoy.admin.v3.EndpointsConfigDump dynamicEndpointConfigs: - endpointConfig: @@ -351,6 +343,44 @@ xds: type: EDS - '@type': type.googleapis.com/envoy.admin.v3.ListenersConfigDump dynamicListeners: + - activeState: + listener: + '@type': type.googleapis.com/envoy.config.listener.v3.Listener + address: + socketAddress: + address: 0.0.0.0 + portValue: 19003 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19003 - activeState: listener: '@type': type.googleapis.com/envoy.config.listener.v3.Listener diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.bootstrap.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.bootstrap.yaml index 53671443584..61c11f94434 100644 --- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.bootstrap.yaml +++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.bootstrap.yaml @@ -144,14 +144,6 @@ xds: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -170,5 +162,5 @@ xds: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml index b6c94a95ae8..acf5c63b3df 100644 --- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml +++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml @@ -2,6 +2,44 @@ xds: default/eg: '@type': type.googleapis.com/envoy.admin.v3.ListenersConfigDump dynamicListeners: + - activeState: + listener: + '@type': type.googleapis.com/envoy.config.listener.v3.Listener + address: + socketAddress: + address: 0.0.0.0 + portValue: 19003 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19003 - activeState: listener: '@type': type.googleapis.com/envoy.config.listener.v3.Listener diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json index 459908049c4..c12ec8b9656 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json @@ -246,21 +246,6 @@ "typedConfig": { "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", "httpFilters": [ - { - "name": "envoy.filters.http.health_check", - "typedConfig": { - "@type": "type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck", - "headers": [ - { - "name": ":path", - "stringMatch": { - "exact": "/ready" - } - } - ], - "passThroughMode": false - } - }, { "name": "envoy.filters.http.router", "typedConfig": { @@ -296,13 +281,13 @@ } ] }, - "statPrefix": "eg-ready-http" + "statPrefix": "eg-stats-http" } } ] } ], - "name": "envoy-gateway-proxy-ready-0.0.0.0-19001" + "name": "envoy-gateway-proxy-stats-0.0.0.0-19001" } ] } @@ -438,6 +423,78 @@ { "@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump", "dynamicListeners": [ + { + "activeState": { + "listener": { + "@type": "type.googleapis.com/envoy.config.listener.v3.Listener", + "address": { + "socketAddress": { + "address": "0.0.0.0", + "portValue": 19003 + } + }, + "filterChains": [ + { + "filters": [ + { + "name": "envoy.filters.network.http_connection_manager", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", + "httpFilters": [ + { + "name": "envoy.filters.http.health_check", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck", + "headers": [ + { + "name": ":path", + "stringMatch": { + "exact": "/ready" + } + } + ], + "passThroughMode": false + } + }, + { + "name": "envoy.filters.http.router", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router", + "suppressEnvoyHeaders": true + } + } + ], + "routeConfig": { + "name": "ready_route", + "virtualHosts": [ + { + "domains": [ + "*" + ], + "name": "ready_route", + "routes": [ + { + "directResponse": { + "status": 500 + }, + "match": { + "prefix": "/" + } + } + ] + } + ] + }, + "statPrefix": "eg-ready-http" + } + } + ] + } + ], + "name": "envoy-gateway-proxy-ready-0.0.0.0-19003" + } + } + }, { "activeState": { "listener": { diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml index ef365f82f09..4a2bab4025d 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml @@ -145,14 +145,6 @@ xds: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -171,8 +163,8 @@ xds: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 - '@type': type.googleapis.com/envoy.admin.v3.EndpointsConfigDump dynamicEndpointConfigs: - endpointConfig: @@ -249,6 +241,44 @@ xds: type: STRICT_DNS - '@type': type.googleapis.com/envoy.admin.v3.ListenersConfigDump dynamicListeners: + - activeState: + listener: + '@type': type.googleapis.com/envoy.config.listener.v3.Listener + address: + socketAddress: + address: 0.0.0.0 + portValue: 19003 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19003 - activeState: listener: '@type': type.googleapis.com/envoy.config.listener.v3.Listener diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.bootstrap.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.bootstrap.yaml index 5060329bd6f..47303dbd1a5 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.bootstrap.yaml +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.bootstrap.yaml @@ -144,14 +144,6 @@ xds: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -170,5 +162,5 @@ xds: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml index c9ee8194bf9..9bc5311e6a1 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml @@ -2,6 +2,44 @@ xds: envoy-gateway-system/eg: '@type': type.googleapis.com/envoy.admin.v3.ListenersConfigDump dynamicListeners: + - activeState: + listener: + '@type': type.googleapis.com/envoy.config.listener.v3.Listener + address: + socketAddress: + address: 0.0.0.0 + portValue: 19003 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19003 - activeState: listener: '@type': type.googleapis.com/envoy.config.listener.v3.Listener diff --git a/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml b/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml index a3e7fc3dbad..499506aca34 100644 --- a/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml @@ -145,14 +145,6 @@ xds: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -171,8 +163,8 @@ xds: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 - '@type': type.googleapis.com/envoy.admin.v3.EndpointsConfigDump dynamicEndpointConfigs: - endpointConfig: @@ -212,6 +204,44 @@ xds: type: EDS - '@type': type.googleapis.com/envoy.admin.v3.ListenersConfigDump dynamicListeners: + - activeState: + listener: + '@type': type.googleapis.com/envoy.config.listener.v3.Listener + address: + socketAddress: + address: 0.0.0.0 + portValue: 19003 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19003 - activeState: listener: '@type': type.googleapis.com/envoy.config.listener.v3.Listener diff --git a/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml b/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml index de96e757e8e..84a0ebc0f6d 100644 --- a/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml @@ -129,3 +129,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/listener.go b/internal/gatewayapi/listener.go index c7efd9eb47f..72911ec376b 100644 --- a/internal/gatewayapi/listener.go +++ b/internal/gatewayapi/listener.go @@ -24,6 +24,7 @@ import ( "github.com/envoyproxy/gateway/internal/utils" "github.com/envoyproxy/gateway/internal/utils/naming" "github.com/envoyproxy/gateway/internal/utils/net" + "github.com/envoyproxy/gateway/internal/xds/bootstrap" ) var _ ListenersTranslator = (*Translator)(nil) @@ -51,6 +52,7 @@ func (t *Translator) ProcessListeners(gateways []*GatewayContext, xdsIR resource if gateway.envoyProxy != nil { infraIR[irKey].Proxy.Config = gateway.envoyProxy } + t.processProxyReadyListener(xdsIR[irKey], gateway.envoyProxy) t.processProxyObservability(gateway, xdsIR[irKey], infraIR[irKey].Proxy.Config, resources) for _, listener := range gateway.listeners { @@ -184,6 +186,27 @@ func buildListenerMetadata(listener *ListenerContext, gateway *GatewayContext) * } } +func (t *Translator) processProxyReadyListener(xdsIR *ir.Xds, envoyProxy *egv1a1.EnvoyProxy) { + var ( + ipFamily = egv1a1.IPv4 + address = net.IPv4ListenerAddress + ) + + if envoyProxy != nil && envoyProxy.Spec.IPFamily != nil { + ipFamily = *envoyProxy.Spec.IPFamily + } + if ipFamily == egv1a1.IPv6 || ipFamily == egv1a1.DualStack { + address = net.IPv6ListenerAddress + } + + xdsIR.ReadyListener = &ir.ReadyListener{ + Address: address, + Port: uint32(bootstrap.EnvoyReadinessPort), + Path: bootstrap.EnvoyReadinessPath, + IPFamily: ipFamily, + } +} + func (t *Translator) processProxyObservability(gwCtx *GatewayContext, xdsIR *ir.Xds, envoyProxy *egv1a1.EnvoyProxy, resources *resource.Resources) { var err error diff --git a/internal/gatewayapi/testdata/backend-invalid-feature-disabled.out.yaml b/internal/gatewayapi/testdata/backend-invalid-feature-disabled.out.yaml index d942bf363a4..983152c5435 100644 --- a/internal/gatewayapi/testdata/backend-invalid-feature-disabled.out.yaml +++ b/internal/gatewayapi/testdata/backend-invalid-feature-disabled.out.yaml @@ -181,3 +181,8 @@ xdsIR: distinct: false name: "" prefix: /1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backend-with-fallback.out.yaml b/internal/gatewayapi/testdata/backend-with-fallback.out.yaml index d5f7e87642d..6df87f9c932 100644 --- a/internal/gatewayapi/testdata/backend-with-fallback.out.yaml +++ b/internal/gatewayapi/testdata/backend-with-fallback.out.yaml @@ -180,3 +180,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-across-ns.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-across-ns.out.yaml index ae77deb8c62..bca9ddb5c4e 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-across-ns.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-across-ns.out.yaml @@ -156,3 +156,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-ca-only-secret.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-ca-only-secret.out.yaml index cd7e70d8bfa..064faa66a35 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-ca-only-secret.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-ca-only-secret.out.yaml @@ -173,3 +173,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-ca-only.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-ca-only.out.yaml index a89dc859cdd..3bd4aef2101 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-ca-only.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-ca-only.out.yaml @@ -173,3 +173,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-default-ns-targetrefs.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-default-ns-targetrefs.out.yaml index a6cf1223961..c27c2f8134c 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-default-ns-targetrefs.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-default-ns-targetrefs.out.yaml @@ -319,6 +319,11 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-btls2: accessLog: text: @@ -377,3 +382,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-default-ns.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-default-ns.out.yaml index 5dab3f46b19..fbdb616b87f 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-default-ns.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-default-ns.out.yaml @@ -286,3 +286,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-invalid-ca.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-invalid-ca.out.yaml index c4436b7f6cc..b0371c1e3d1 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-invalid-ca.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-invalid-ca.out.yaml @@ -160,3 +160,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-multiple-targets.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-multiple-targets.out.yaml index 75f11c18849..46be64819e8 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-multiple-targets.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-multiple-targets.out.yaml @@ -237,3 +237,8 @@ xdsIR: distinct: false exact: /exact-2 name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtlspolicy-system-truststore.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-system-truststore.out.yaml index 07fd07b2498..a4c313974a4 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-system-truststore.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-system-truststore.out.yaml @@ -170,3 +170,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-out-of-range-error.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-out-of-range-error.out.yaml index bb171e01da7..c79efbf6f81 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-out-of-range-error.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-out-of-range-error.out.yaml @@ -287,6 +287,11 @@ xdsIR: maxConnectionDuration: 17s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -329,3 +334,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-with-invalid-value.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-with-invalid-value.out.yaml index 654c9bdab4a..8317af99c8b 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-with-invalid-value.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit-with-invalid-value.out.yaml @@ -287,6 +287,11 @@ xdsIR: maxConnectionDuration: 17s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -329,3 +334,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit.out.yaml index d95c8a0fcc0..07eab50376f 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-buffer-limit.out.yaml @@ -287,6 +287,11 @@ xdsIR: maxConnectionDuration: 17s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -330,3 +335,8 @@ xdsIR: traffic: backendConnection: bufferLimit: 100000000 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-compression.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-compression.out.yaml index 8bd4eac943f..04e7e066bb1 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-compression.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-compression.out.yaml @@ -169,3 +169,8 @@ xdsIR: compression: - type: Brotli - type: Gzip + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-override-replace.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-override-replace.out.yaml index 8aafd70c0bb..fb650049ad8 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-override-replace.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-override-replace.out.yaml @@ -361,3 +361,8 @@ xdsIR: name: "" prefix: /baz traffic: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions.out.yaml index 7c63ff375ed..2c957c30771 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions.out.yaml @@ -535,6 +535,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-1: accessLog: text: @@ -569,6 +574,11 @@ xdsIR: name: "" prefix: / traffic: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -603,6 +613,11 @@ xdsIR: namespace: envoy-gateway name: grpcroute/envoy-gateway/grpcroute-1/rule/0/match/0/* traffic: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-2/tcp diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-status-fault-injection.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-status-fault-injection.out.yaml index 02222719f3f..886f4cc4e3f 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-status-fault-injection.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-status-fault-injection.out.yaml @@ -368,6 +368,11 @@ xdsIR: delay: fixedDelay: 5.4s percentage: 80 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -441,3 +446,8 @@ xdsIR: delay: fixedDelay: 5.4s percentage: 80 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-use-client-protocol.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-use-client-protocol.out.yaml index 0a13771f373..737d339c3d3 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-use-client-protocol.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-use-client-protocol.out.yaml @@ -164,3 +164,8 @@ xdsIR: prefix: / traffic: {} useClientProtocol: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers-error.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers-error.out.yaml index 2b49ea23741..224b78ee4bb 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers-error.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers-error.out.yaml @@ -344,6 +344,11 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -408,3 +413,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers.out.yaml index 575bfca2e1b..0baa798dbdb 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-circuitbreakers.out.yaml @@ -291,6 +291,11 @@ xdsIR: maxParallelRetries: 1024 maxPendingRequests: 1 maxRequestsPerConnection: 1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -338,3 +343,8 @@ xdsIR: maxParallelRetries: 24 maxPendingRequests: 42 maxRequestsPerConnection: 42 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-dns-settings.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-dns-settings.out.yaml index 12bbf12dbe7..6c6b537811d 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-dns-settings.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-dns-settings.out.yaml @@ -357,6 +357,11 @@ xdsIR: dns: dnsRefreshRate: 10s respectDnsTtl: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -425,3 +430,8 @@ xdsIR: dns: dnsRefreshRate: 1s respectDnsTtl: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-healthcheck.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-healthcheck.out.yaml index 4f964492673..b1ab762c216 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-healthcheck.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-healthcheck.out.yaml @@ -782,6 +782,11 @@ xdsIR: interval: 3s timeout: 1s unhealthyThreshold: 3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -961,3 +966,8 @@ xdsIR: interval: 1s maxEjectionPercent: 100 splitExternalLocalOriginErrors: false + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-http2.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-http2.out.yaml index 35dbb164bf1..7945716cb84 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-http2.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-http2.out.yaml @@ -288,6 +288,11 @@ xdsIR: initialStreamWindowSize: 1073741824 maxConcurrentStreams: 500 resetStreamOnError: false + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -334,3 +339,8 @@ xdsIR: initialStreamWindowSize: 524288000 maxConcurrentStreams: 200 resetStreamOnError: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-httproute-timeout.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-httproute-timeout.out.yaml index c60ae5b2347..14d00cb95c0 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-httproute-timeout.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-httproute-timeout.out.yaml @@ -273,3 +273,8 @@ xdsIR: cookie: name: test useClientProtocol: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer-invalid-consistent-hash-table-size.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer-invalid-consistent-hash-table-size.out.yaml index dc2ba7fb3d3..9c976a64a91 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer-invalid-consistent-hash-table-size.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer-invalid-consistent-hash-table-size.out.yaml @@ -260,3 +260,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer.out.yaml index b2378edf754..063eb1b1dc3 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-loadbalancer.out.yaml @@ -455,6 +455,11 @@ xdsIR: traffic: loadBalancer: random: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -550,3 +555,8 @@ xdsIR: consistentHash: sourceIP: true tableSize: 524287 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-default-route-level-limit.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-default-route-level-limit.out.yaml index d64aea61aee..3b1c64ed69f 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-default-route-level-limit.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-default-route-level-limit.out.yaml @@ -218,3 +218,8 @@ xdsIR: limit: requests: 10 unit: Minute + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-limit-unit.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-limit-unit.out.yaml index 0be116e1ebf..0518edf59c8 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-limit-unit.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-limit-unit.out.yaml @@ -191,3 +191,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-match-type.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-match-type.out.yaml index 21cae9b09f3..987a5c1fc02 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-match-type.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-match-type.out.yaml @@ -187,3 +187,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-multiple-route-level-limits.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-multiple-route-level-limits.out.yaml index 0fd1f442bd8..da4d9c6233f 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-multiple-route-level-limits.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit-invalid-multiple-route-level-limits.out.yaml @@ -194,3 +194,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit.out.yaml index f05856b9630..b8ca9baff54 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-local-ratelimit.out.yaml @@ -221,3 +221,8 @@ xdsIR: limit: requests: 10 unit: Minute + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-panic-threshold.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-panic-threshold.out.yaml index caab297462b..d6076a88fd7 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-panic-threshold.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-panic-threshold.out.yaml @@ -353,6 +353,11 @@ xdsIR: traffic: healthCheck: panicThreshold: 80 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -419,3 +424,8 @@ xdsIR: traffic: healthCheck: panicThreshold: 66 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-proxyprotocol.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-proxyprotocol.out.yaml index c65df985ac5..9276355050a 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-proxyprotocol.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-proxyprotocol.out.yaml @@ -279,6 +279,11 @@ xdsIR: traffic: proxyProtocol: version: V1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -322,3 +327,8 @@ xdsIR: traffic: proxyProtocol: version: V2 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-distinct-invert.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-distinct-invert.out.yaml index d4c68adcb6f..45dc289551e 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-distinct-invert.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-distinct-invert.out.yaml @@ -158,3 +158,8 @@ xdsIR: name: grpcroute namespace: default name: grpcroute/default/grpcroute/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-regex.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-regex.out.yaml index 8b20cbc59c9..fa44bb090b6 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-regex.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit-invalid-regex.out.yaml @@ -169,3 +169,8 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit.out.yaml index a7eb921e023..ea278208e3f 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-ratelimit.out.yaml @@ -325,6 +325,11 @@ xdsIR: limit: requests: 10 unit: Hour + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -383,3 +388,8 @@ xdsIR: number: 1 responseCost: format: '%DYNAMIC_METADATA(something.com:some_cost_set_by_foo)%' + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override-invalid-valueref.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override-invalid-valueref.out.yaml index c1542d9caec..8e48daba86e 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override-invalid-valueref.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override-invalid-valueref.out.yaml @@ -327,6 +327,11 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 default/gateway-2: accessLog: text: @@ -369,3 +374,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override.out.yaml index e0d6fb9e7e1..ef27a958ce3 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-response-override.out.yaml @@ -419,6 +419,11 @@ xdsIR: "error": "Internal Server Error" } contentType: application/json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 default/gateway-2: accessLog: text: @@ -513,3 +518,8 @@ xdsIR: name: backendtrafficpolicy/default/policy-for-route-2/responseoverride/rule/0 response: statusCode: 401 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-retries.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-retries.out.yaml index 2e3dd5bbbfc..dadd985a21b 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-retries.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-retries.out.yaml @@ -442,6 +442,11 @@ xdsIR: retryOn: triggers: - cancelled + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -541,3 +546,8 @@ xdsIR: triggers: - connect-failure - retriable-status-codes + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-same-prefix-httproutes.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-same-prefix-httproutes.out.yaml index d032b952236..f3662723579 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-same-prefix-httproutes.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-same-prefix-httproutes.out.yaml @@ -229,3 +229,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-gateway.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-gateway.out.yaml index 9fa8e7235c9..28bffb50389 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-gateway.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-gateway.out.yaml @@ -232,6 +232,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: default/tcp-gateway/bar diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-route.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-route.out.yaml index 5b1707b6f1a..43f6f9c8b97 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-route.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcp-udp-listeners-apply-on-route.out.yaml @@ -305,6 +305,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: default/tcp-gateway/bar diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcpkeepalive.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcpkeepalive.out.yaml index 0213525db48..3e0ecdbe0be 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcpkeepalive.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-tcpkeepalive.out.yaml @@ -285,6 +285,11 @@ xdsIR: idleTime: 1200 interval: 60 probes: 3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -330,3 +335,8 @@ xdsIR: idleTime: 10 interval: 1800 probes: 6 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-error.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-error.out.yaml index dc80d9e73a8..236a87b847f 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-error.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-error.out.yaml @@ -160,3 +160,8 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-targetrefs.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-targetrefs.out.yaml index 72646d946e0..962c991d228 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-targetrefs.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout-targetrefs.out.yaml @@ -268,6 +268,11 @@ xdsIR: maxConnectionDuration: 17s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -308,3 +313,8 @@ xdsIR: maxConnectionDuration: 17s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout.out.yaml index 7177bcae009..eb1856992bc 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-with-timeout.out.yaml @@ -296,6 +296,11 @@ xdsIR: requestTimeout: 18s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -345,3 +350,8 @@ xdsIR: requestTimeout: 23s tcp: connectTimeout: 20s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-format-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-format-error.out.yaml index a11ad751e08..726841e1fac 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-format-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-format-error.out.yaml @@ -188,3 +188,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml index 9993a11f26d..15fc35a1fff 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml @@ -189,3 +189,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit.out.yaml index d897fac8887..32afb9d4bec 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit.out.yaml @@ -190,3 +190,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-client-ip-detection.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-client-ip-detection.out.yaml index 898d87d0be0..612f6e2b172 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-client-ip-detection.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-client-ip-detection.out.yaml @@ -329,3 +329,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8084 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit-error.out.yaml index 705e23a8d0e..67a510c7b67 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit-error.out.yaml @@ -190,3 +190,8 @@ xdsIR: mergeSlashes: true port: 8080 tcpKeepalive: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit.out.yaml index e4f163f5963..f4e45e348a3 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-connection-limit.out.yaml @@ -194,3 +194,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-for-tcp-listeners.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-for-tcp-listeners.out.yaml index bb695decae7..741d4a3b5a3 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-for-tcp-listeners.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-for-tcp-listeners.out.yaml @@ -183,6 +183,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 connection: diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-headers-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-headers-error.out.yaml index 9eee58d7df7..c7dbc8bb22c 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-headers-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-headers-error.out.yaml @@ -125,3 +125,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-headers.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-headers.out.yaml index 4e66bd91c64..695603a9c88 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-headers.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-headers.out.yaml @@ -199,3 +199,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-http-health-check.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-http-health-check.out.yaml index f41c8fd3a2c..af01ba4a5dc 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-http-health-check.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-http-health-check.out.yaml @@ -105,3 +105,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-http10.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-http10.out.yaml index f7816b6f701..a61f10e3d52 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-http10.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-http10.out.yaml @@ -575,3 +575,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml index 3de4101c8c6..492a4163a64 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml @@ -197,3 +197,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-http3.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-http3.out.yaml index c946f22c841..b53d0ac7137 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-http3.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-http3.out.yaml @@ -176,3 +176,8 @@ xdsIR: serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= maxVersion: "1.3" minVersion: "1.2" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout-with-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout-with-error.out.yaml index 94775b0aeab..c4c03ef5d14 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout-with-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout-with-error.out.yaml @@ -104,3 +104,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout.out.yaml index e728cd78c63..d6573e7f38a 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-idle-timeout.out.yaml @@ -159,3 +159,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-invalid-settings.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-invalid-settings.out.yaml index b327707b491..ccce83caf94 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-invalid-settings.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-invalid-settings.out.yaml @@ -484,6 +484,11 @@ xdsIR: name: httproute-3 namespace: default name: httproute/default/httproute-3/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: default/gateway-1/tcp-1 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-client-verification.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-client-verification.out.yaml index db303deed2e..79be443acdd 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-client-verification.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-client-verification.out.yaml @@ -272,6 +272,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -302,3 +307,8 @@ xdsIR: serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR6akNDQXJhZ0F3SUJBZ0lVT0dKOUx1VGtKWkU0NmNVaUpGYmJ2bm10elFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2J6RUxNQWtHQTFVRUJoTUNWVk14Q3pBSkJnTlZCQWdNQWxaQk1SRXdEd1lEVlFRSERBaFRiMjFsUTJsMAplVEVUTUJFR0ExVUVDZ3dLUlc1MmIzbFFjbTk0ZVRFUU1BNEdBMVVFQ3d3SFIyRjBaWGRoZVRFWk1CY0dBMVVFCkF3d1FiWFJzY3k1bGVHRnRjR3hsTG1OdmJUQWdGdzB5TkRBM01UWXlNalV4TWpOYUdBOHlNVEkwTURZeU1qSXkKTlRFeU0xb3diekVMTUFrR0ExVUVCaE1DVlZNeEN6QUpCZ05WQkFnTUFsWkJNUkV3RHdZRFZRUUhEQWhUYjIxbApRMmwwZVRFVE1CRUdBMVVFQ2d3S1JXNTJiM2xRY205NGVURVFNQTRHQTFVRUN3d0hSMkYwWlhkaGVURVpNQmNHCkExVUVBd3dRYlhSc2N5NWxlR0Z0Y0d4bExtTnZiVENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0MKQVFvQ2dnRUJBS3kwZnp5NWFaVnRNajAxVWJPRGtsU1IxbTI1Mkt0QTJ2L2tmT05vNTZkNEJQbGdqVXdXUVZNUgpTclUxZzd4T2tWdjZiL0czdG5tQVhwWWY2VlIxODIyak96cCsxQ0c4ZWlGSEpjT2ZxV2lZMjh1NnFSV2VKUFZlCnpYdUFsMmd4cWJpTzZLdDZwbnI0aXFoVGhIK3ZqV3NXTnBDSVhrbDFydVlYbnhWLzRCOENxY1JJeTZHaEp6bloKRjR3NHJBNkRlRlJmZHl0MWd1bWtkN25PVVhYKzRZMzJrd0xGRU8zR3NnUTh1aVpEQmN1UEs5RjRHRDUydDZYTgowT2tlNTU0eEl2VldvZ1M1Vzl4UFIvcU5kQlpIQ1pid05jZzRRTVllbWZva0pkUXo4elVJcnZ6VUltM3ZvOUs3CnE4MmI1eTVFSm4yWEU5OVMycDZUZnJlSG1sUHpKNHNDQXdFQUFhTmdNRjR3Q3dZRFZSMFBCQVFEQWdTd01CTUcKQTFVZEpRUU1NQW9HQ0NzR0FRVUZCd01CTUJzR0ExVWRFUVFVTUJLQ0VHMTBiSE11WlhoaGJYQnNaUzVqYjIwdwpIUVlEVlIwT0JCWUVGRm1FTjBqRVFpckpYeGlLRHFlK2tTMVV3Q2gyTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCCkFRQ0NTVlluRVJPbHJpWDM2M0VtRzd1b091Nm54ajU1eWVmOXRKbnRubFVMVFZsMjlqc205Z3d5VnFUVCtUcXMKdzFPYW01TExmMEpjSWNRdmFUM203b0RpMElDUUo5eTlRQkNwMTh1TDBUeElDaFdVRTVnRUIxM3MyTzEwWWNFMQp1K2ozSzM0MStQNStoaEJpQnJ1d0dncStkVVRGRTZTYVVMY0xMVlB1RjdTeG1KbTRHK0Q0NVlqM1NDVy9aMzU2CkFXZzB4L0prZGFKSVVLVFJaUDVJTEZKQ1lJTUM3QWI1RmdWeGRCVW5kNWxheUZGb2NVMzRQaDlwZUxiYW00alYKdGt0SGNTSFJ6OERNTm1PNHpHTEZYNzlQR0lsaTZzTDU3V0N6bkw5RFFtajRyajFIS2tyeEdnMVExbUcwbDhOTQo5cXQyWEZNNUttWkVOb2E1MmFWSklHYWoKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= maxVersion: "1.3" minVersion: "1.2" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert-custom-data.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert-custom-data.out.yaml index f93cd15f504..19b722af049 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert-custom-data.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert-custom-data.out.yaml @@ -592,6 +592,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -627,6 +632,11 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-3: accessLog: text: @@ -664,6 +674,11 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-4: accessLog: text: @@ -703,6 +718,11 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-5: accessLog: text: @@ -744,3 +764,8 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert.out.yaml index 6c79b0fe42b..c89e9a810de 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls-forward-client-cert.out.yaml @@ -579,6 +579,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -614,6 +619,11 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-3: accessLog: text: @@ -649,6 +659,11 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-4: accessLog: text: @@ -684,6 +699,11 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-5: accessLog: text: @@ -719,3 +739,8 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls.out.yaml index 19999f14772..62f779a6358 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-mtls.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-mtls.out.yaml @@ -271,6 +271,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -302,3 +307,8 @@ xdsIR: maxVersion: "1.3" minVersion: "1.2" requireClientCertificate: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-path-settings.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-path-settings.out.yaml index 2cf85c63b8b..77b75dbbb17 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-path-settings.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-path-settings.out.yaml @@ -154,3 +154,8 @@ xdsIR: escapedSlashesAction: KeepUnchanged mergeSlashes: false port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case-multiple-targets.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case-multiple-targets.out.yaml index 5f48ea0ed67..905a4e0d297 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case-multiple-targets.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case-multiple-targets.out.yaml @@ -215,6 +215,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -251,3 +256,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case.out.yaml index 4f6bfdbdf97..7f585b828d4 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-preserve-case.out.yaml @@ -160,3 +160,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-proxyprotocol.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-proxyprotocol.out.yaml index 0d88cb4d8fd..de309ecc600 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-proxyprotocol.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-proxyprotocol.out.yaml @@ -155,3 +155,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-ratelimitheaders.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-ratelimitheaders.out.yaml index 51e89d7272b..a014ea308c6 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-ratelimitheaders.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-ratelimitheaders.out.yaml @@ -162,3 +162,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions.out.yaml index f4fcac96827..9aec403c75d 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions.out.yaml @@ -516,6 +516,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -535,6 +540,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-2/tcp @@ -558,6 +568,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 not-same-namespace/not-same-namespace-gateway: accessLog: text: @@ -577,3 +592,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-tcp-keepalive.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-tcp-keepalive.out.yaml index 8b0e90b3848..3d9e70f146d 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-tcp-keepalive.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-tcp-keepalive.out.yaml @@ -194,3 +194,8 @@ xdsIR: mergeSlashes: true port: 8080 tcpKeepalive: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-timeout-with-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-timeout-with-error.out.yaml index 7d12e8b98ac..e94acdc1707 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-timeout-with-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-timeout-with-error.out.yaml @@ -104,3 +104,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-timeout.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-timeout.out.yaml index 664f5fe1fc7..c3c4fa4bf66 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-timeout.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-timeout.out.yaml @@ -159,3 +159,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-tls-settings.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-tls-settings.out.yaml index e673ed66b7a..adab5eef101 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-tls-settings.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-tls-settings.out.yaml @@ -369,6 +369,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -396,6 +401,11 @@ xdsIR: serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= maxVersion: "1.3" minVersion: "1.2" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-3: accessLog: text: @@ -423,3 +433,8 @@ xdsIR: serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= maxVersion: "1.3" minVersion: "1.2" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-trailers.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-trailers.out.yaml index 114af441730..2897a04f720 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-trailers.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-trailers.out.yaml @@ -157,3 +157,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/conflicting-policies.out.yaml b/internal/gatewayapi/testdata/conflicting-policies.out.yaml index 8acabbca876..fb9a7f83c37 100644 --- a/internal/gatewayapi/testdata/conflicting-policies.out.yaml +++ b/internal/gatewayapi/testdata/conflicting-policies.out.yaml @@ -350,3 +350,8 @@ xdsIR: name: "" safeRegex: http://.*\.foo\.com maxAge: 10m0s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/custom-filter-order.out.yaml b/internal/gatewayapi/testdata/custom-filter-order.out.yaml index 9e2aa540081..685d6b7fe59 100644 --- a/internal/gatewayapi/testdata/custom-filter-order.out.yaml +++ b/internal/gatewayapi/testdata/custom-filter-order.out.yaml @@ -312,3 +312,8 @@ xdsIR: name: example2 remoteJWKS: uri: http://two.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/disable-accesslog.out.yaml b/internal/gatewayapi/testdata/disable-accesslog.out.yaml index b0dc0dd4bb1..deb407860aa 100644 --- a/internal/gatewayapi/testdata/disable-accesslog.out.yaml +++ b/internal/gatewayapi/testdata/disable-accesslog.out.yaml @@ -133,3 +133,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-invalid-cross-ns-ref.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-invalid-cross-ns-ref.out.yaml index df3a01d780f..5483c2ac5d9 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-invalid-cross-ns-ref.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-invalid-cross-ns-ref.out.yaml @@ -93,3 +93,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-override-replace.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-override-replace.out.yaml index 2c6b006af93..247477332ed 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-override-replace.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-override-replace.out.yaml @@ -362,3 +362,8 @@ xdsIR: distinct: false name: "" prefix: /baz + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions.out.yaml index 51aa2de1c1b..cdf108125eb 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions.out.yaml @@ -535,6 +535,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-1: accessLog: text: @@ -569,6 +574,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -603,6 +613,11 @@ xdsIR: name: grpcroute-1 namespace: envoy-gateway name: grpcroute/envoy-gateway/grpcroute-1/rule/0/match/0/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-2/tcp diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-matching-port.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-matching-port.out.yaml index beac28da518..b738951c17f 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-matching-port.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-matching-port.out.yaml @@ -167,3 +167,8 @@ xdsIR: distinct: false name: "" prefix: /foo + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-port.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-port.out.yaml index efd62e1e0ea..d76302a9ecc 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-port.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-port.out.yaml @@ -167,3 +167,8 @@ xdsIR: distinct: false name: "" prefix: /foo + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-reference-grant.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-reference-grant.out.yaml index ba93c2decdc..b601b9b0249 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-reference-grant.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-reference-grant.out.yaml @@ -169,3 +169,8 @@ xdsIR: distinct: false name: "" prefix: /foo + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-service.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-service.out.yaml index 066917dd152..a4ba09479de 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-service.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-invalid-no-service.out.yaml @@ -168,3 +168,8 @@ xdsIR: distinct: false name: "" prefix: /foo + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-backendtlspolicy.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-backendtlspolicy.out.yaml index 49e173aabc5..43473f9e4da 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-backendtlspolicy.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-backendtlspolicy.out.yaml @@ -399,3 +399,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-multiple-backendrefs.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-multiple-backendrefs.out.yaml index 5f1cd880246..1b06d510663 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-multiple-backendrefs.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-multiple-backendrefs.out.yaml @@ -375,3 +375,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-traffic-features.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-traffic-features.out.yaml index df04fea804f..ef62f2c46ce 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-traffic-features.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-extproc-with-traffic-features.out.yaml @@ -431,3 +431,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-env-vars.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-env-vars.out.yaml index 4a19852eea0..be90420717d 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-env-vars.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-env-vars.out.yaml @@ -340,3 +340,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-targetrefs.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-targetrefs.out.yaml index f61cabdcffa..4d04082edbf 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-targetrefs.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm-targetrefs.out.yaml @@ -296,3 +296,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm.out.yaml index 368c32a4055..8c3562de6ae 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-with-wasm.out.yaml @@ -344,3 +344,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoypatchpolicy-cross-ns-target.out.yaml b/internal/gatewayapi/testdata/envoypatchpolicy-cross-ns-target.out.yaml index e40792057eb..7e5b2463866 100644 --- a/internal/gatewayapi/testdata/envoypatchpolicy-cross-ns-target.out.yaml +++ b/internal/gatewayapi/testdata/envoypatchpolicy-cross-ns-target.out.yaml @@ -75,3 +75,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoypatchpolicy-invalid-feature-disabled.out.yaml b/internal/gatewayapi/testdata/envoypatchpolicy-invalid-feature-disabled.out.yaml index 4eff002f05f..308a7f4e542 100644 --- a/internal/gatewayapi/testdata/envoypatchpolicy-invalid-feature-disabled.out.yaml +++ b/internal/gatewayapi/testdata/envoypatchpolicy-invalid-feature-disabled.out.yaml @@ -101,3 +101,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind-merge-gateways.out.yaml b/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind-merge-gateways.out.yaml index e36a5d543ac..8b5f81a51aa 100644 --- a/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind-merge-gateways.out.yaml +++ b/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind-merge-gateways.out.yaml @@ -103,3 +103,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind.out.yaml b/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind.out.yaml index 14addeb27dc..14ffaeab25e 100644 --- a/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind.out.yaml +++ b/internal/gatewayapi/testdata/envoypatchpolicy-invalid-target-kind.out.yaml @@ -94,3 +94,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoypatchpolicy-valid-merge-gateways.out.yaml b/internal/gatewayapi/testdata/envoypatchpolicy-valid-merge-gateways.out.yaml index 315fc208bad..f9d7916f321 100644 --- a/internal/gatewayapi/testdata/envoypatchpolicy-valid-merge-gateways.out.yaml +++ b/internal/gatewayapi/testdata/envoypatchpolicy-valid-merge-gateways.out.yaml @@ -130,3 +130,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoypatchpolicy-valid.out.yaml b/internal/gatewayapi/testdata/envoypatchpolicy-valid.out.yaml index 6ac0112c140..7ee69150333 100644 --- a/internal/gatewayapi/testdata/envoypatchpolicy-valid.out.yaml +++ b/internal/gatewayapi/testdata/envoypatchpolicy-valid.out.yaml @@ -122,3 +122,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-als-json.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-als-json.out.yaml index 8695f47ecfa..9abf10fd9a1 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-als-json.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-als-json.out.yaml @@ -196,3 +196,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-backend-invalid.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-backend-invalid.out.yaml index 96139693377..95ff87b2411 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-backend-invalid.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-backend-invalid.out.yaml @@ -156,3 +156,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-backend.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-backend.out.yaml index 94763fd2522..c2881c65207 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-backend.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-backend.out.yaml @@ -167,3 +167,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-cel-with-invalid.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-cel-with-invalid.out.yaml index c03e380ab2e..70ab7009b8d 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-cel-with-invalid.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-cel-with-invalid.out.yaml @@ -157,3 +157,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-cel.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-cel.out.yaml index 4161575dd8a..ccaaf81573d 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-cel.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-cel.out.yaml @@ -191,3 +191,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json-no-format.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json-no-format.out.yaml index f1fc863b98e..fe0a48bf9e0 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json-no-format.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json-no-format.out.yaml @@ -140,3 +140,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json.out.yaml index cb2e10fc988..b0dc9f63f3a 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-file-json.out.yaml @@ -148,3 +148,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-types.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-types.out.yaml index ee6c126ab9b..c91f1807665 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-types.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-types.out.yaml @@ -454,3 +454,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-with-bad-sinks.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-with-bad-sinks.out.yaml index db14cc4b8e3..4da34e7fcd3 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-with-bad-sinks.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-with-bad-sinks.out.yaml @@ -142,3 +142,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-with-traffic.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-with-traffic.out.yaml index 28ef831b03a..12f17f9ba24 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-with-traffic.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-with-traffic.out.yaml @@ -324,3 +324,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog-without-format.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog-without-format.out.yaml index 43505266ec0..b8b7d173839 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog-without-format.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog-without-format.out.yaml @@ -208,3 +208,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-accesslog.out.yaml b/internal/gatewayapi/testdata/envoyproxy-accesslog.out.yaml index 9694dd07ad7..c07508a5cd9 100644 --- a/internal/gatewayapi/testdata/envoyproxy-accesslog.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-accesslog.out.yaml @@ -220,3 +220,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-endpoint-routing-for-gateway.out.yaml b/internal/gatewayapi/testdata/envoyproxy-endpoint-routing-for-gateway.out.yaml index 1b31bae27e7..82343ffda78 100644 --- a/internal/gatewayapi/testdata/envoyproxy-endpoint-routing-for-gateway.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-endpoint-routing-for-gateway.out.yaml @@ -147,3 +147,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-endpoint-routing.out.yaml b/internal/gatewayapi/testdata/envoyproxy-endpoint-routing.out.yaml index 9f058d69051..5a3a3f627a1 100644 --- a/internal/gatewayapi/testdata/envoyproxy-endpoint-routing.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-endpoint-routing.out.yaml @@ -142,3 +142,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-metric-backend-invalid.out.yaml b/internal/gatewayapi/testdata/envoyproxy-metric-backend-invalid.out.yaml index 0eb8716e217..3a96a86c7ca 100644 --- a/internal/gatewayapi/testdata/envoyproxy-metric-backend-invalid.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-metric-backend-invalid.out.yaml @@ -149,3 +149,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-metric-backend.out.yaml b/internal/gatewayapi/testdata/envoyproxy-metric-backend.out.yaml index 4bff8f998d5..dc7f8588fca 100644 --- a/internal/gatewayapi/testdata/envoyproxy-metric-backend.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-metric-backend.out.yaml @@ -146,3 +146,8 @@ xdsIR: enablePerEndpointStats: false enableRequestResponseSizesStats: false enableVirtualHostStats: false + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-metric-enabled-backend.out.yaml b/internal/gatewayapi/testdata/envoyproxy-metric-enabled-backend.out.yaml index 7605114bf22..55892bd1669 100644 --- a/internal/gatewayapi/testdata/envoyproxy-metric-enabled-backend.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-metric-enabled-backend.out.yaml @@ -149,3 +149,8 @@ xdsIR: enablePerEndpointStats: true enableRequestResponseSizesStats: true enableVirtualHostStats: true + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-preserve-route-order.out.yaml b/internal/gatewayapi/testdata/envoyproxy-preserve-route-order.out.yaml index 3168fb2bdf7..83955490ea3 100644 --- a/internal/gatewayapi/testdata/envoyproxy-preserve-route-order.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-preserve-route-order.out.yaml @@ -333,3 +333,8 @@ xdsIR: distinct: false name: "" safeRegex: /longer/regex/after/shorter/regex/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-priority-backend.out.yaml b/internal/gatewayapi/testdata/envoyproxy-priority-backend.out.yaml index 8044e3874ed..c1d4f1f6409 100644 --- a/internal/gatewayapi/testdata/envoyproxy-priority-backend.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-priority-backend.out.yaml @@ -381,3 +381,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-service-routing-for-gateway.out.yaml b/internal/gatewayapi/testdata/envoyproxy-service-routing-for-gateway.out.yaml index 76859d37624..293fce7322d 100644 --- a/internal/gatewayapi/testdata/envoyproxy-service-routing-for-gateway.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-service-routing-for-gateway.out.yaml @@ -146,3 +146,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-service-routing.out.yaml b/internal/gatewayapi/testdata/envoyproxy-service-routing.out.yaml index a679b4aef60..f3c53f932e6 100644 --- a/internal/gatewayapi/testdata/envoyproxy-service-routing.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-service-routing.out.yaml @@ -141,3 +141,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid-ns.out.yaml b/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid-ns.out.yaml index 306302e68e1..ded425d44c3 100644 --- a/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid-ns.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid-ns.out.yaml @@ -259,6 +259,11 @@ xdsIR: - name: envoy-gateway/default-cert privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKRENDQWd5Z0F3SUJBZ0lVU3JTYktMZjBiTEVHb2dXeC9nQ3cyR0N0dnhFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0V6RVJNQThHQTFVRUF3d0lWR1Z6ZENCSmJtTXdIaGNOTWpRd01qSTVNRGt6TURFd1doY05NelF3TWpJMgpNRGt6TURFd1dqQVRNUkV3RHdZRFZRUUREQWhVWlhOMElFbHVZekNDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFECmdnRVBBRENDQVFvQ2dnRUJBSzFKempQSWlXZzNxb0hTckFkZGtlSmphTVA5aXlNVGkvQlBvOWNKUG9SRThaaTcKV2FwVXJYTC85QTlyK2pITXlHSVpOWk5kY1o1Y1kyWHYwTFA4WnhWeTJsazArM3d0WXpIbnBHWUdWdHlxMnRldApEaEZzaVBsODJZUmpDMG16V2E0UU16NFNYekZITmdJRHBSZGhmcm92bXNldVdHUUU4cFY0VWQ5VUsvU0tpbE1PCnF0QjVKaXJMUDJWczVUMW9XaWNXTFF2ZmJHd3Y3c0ZEZHI5YkcwWHRTUXAxN0hTZ281MFNERTUrQmpTbXB0RncKMVZjS0xscWFoTVhCRERpb3Jnd2hJaEdHS3BFU2VNMFA3YkZoVm1rTTNhc2gyeFNUQnVGVUJEbEU0Sk9haHp3cwpEWHJ1cFVoRGRTMWhkYzJmUHJqaEZBbEpmV0VZWjZCbFpqeXNpVlVDQXdFQUFhTndNRzR3SFFZRFZSME9CQllFCkZCUXVmSzFMaWJ1Vm05VHMvVmpCeDhMM3VpTmVNQjhHQTFVZEl3UVlNQmFBRkJRdWZLMUxpYnVWbTlUcy9WakIKeDhMM3VpTmVNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdHd1lEVlIwUkJCUXdFb0lCS29JTktpNWxlR0Z0Y0d4bApMbU52YlRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWZQUzQxYWdldldNVjNaWHQwQ09GRzN1WWZQRlhuVnc2ClA0MXA5TzZHa2RZc3VxRnZQZVR5eUgyL2RBSUtLd1N6TS9wdGhnOEtuOExabG1KeUZObkExc3RKeG41WGRiVjEKcFBxajhVdllDQnp5ak1JcW1SeW9peUxpUWxib2hNYTBVZEVCS2NIL1BkTEU5SzhUR0pyWmdvR1hxcTFXbWl0RAozdmNQalNlUEtFaVVKVlM5bENoeVNzMEtZNUIraFVRRDBKajZucEZENFprMHhxZHhoMHJXdWVDcXE3dmpxRVl6CnBqNFB3cnVmbjFQQlRtZnhNdVYvVUpWNWViaWtldVpQMzVrV3pMUjdaV0FMN3d1RGRXcC82bzR5azNRTGFuRFEKQ3dnQ0ZjWCtzcyswVnl1TTNZZXJUT1VVOFFWSkp4NFVaQU5aeDYrNDNwZEpaT2NudFBaNENBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-tls/ diff --git a/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid.out.yaml b/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid.out.yaml index 2078ceeb703..0c965b2b2b6 100644 --- a/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-tls-settings-invalid.out.yaml @@ -257,6 +257,11 @@ xdsIR: - name: envoy-gateway/default-cert privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKRENDQWd5Z0F3SUJBZ0lVU3JTYktMZjBiTEVHb2dXeC9nQ3cyR0N0dnhFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0V6RVJNQThHQTFVRUF3d0lWR1Z6ZENCSmJtTXdIaGNOTWpRd01qSTVNRGt6TURFd1doY05NelF3TWpJMgpNRGt6TURFd1dqQVRNUkV3RHdZRFZRUUREQWhVWlhOMElFbHVZekNDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFECmdnRVBBRENDQVFvQ2dnRUJBSzFKempQSWlXZzNxb0hTckFkZGtlSmphTVA5aXlNVGkvQlBvOWNKUG9SRThaaTcKV2FwVXJYTC85QTlyK2pITXlHSVpOWk5kY1o1Y1kyWHYwTFA4WnhWeTJsazArM3d0WXpIbnBHWUdWdHlxMnRldApEaEZzaVBsODJZUmpDMG16V2E0UU16NFNYekZITmdJRHBSZGhmcm92bXNldVdHUUU4cFY0VWQ5VUsvU0tpbE1PCnF0QjVKaXJMUDJWczVUMW9XaWNXTFF2ZmJHd3Y3c0ZEZHI5YkcwWHRTUXAxN0hTZ281MFNERTUrQmpTbXB0RncKMVZjS0xscWFoTVhCRERpb3Jnd2hJaEdHS3BFU2VNMFA3YkZoVm1rTTNhc2gyeFNUQnVGVUJEbEU0Sk9haHp3cwpEWHJ1cFVoRGRTMWhkYzJmUHJqaEZBbEpmV0VZWjZCbFpqeXNpVlVDQXdFQUFhTndNRzR3SFFZRFZSME9CQllFCkZCUXVmSzFMaWJ1Vm05VHMvVmpCeDhMM3VpTmVNQjhHQTFVZEl3UVlNQmFBRkJRdWZLMUxpYnVWbTlUcy9WakIKeDhMM3VpTmVNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdHd1lEVlIwUkJCUXdFb0lCS29JTktpNWxlR0Z0Y0d4bApMbU52YlRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWZQUzQxYWdldldNVjNaWHQwQ09GRzN1WWZQRlhuVnc2ClA0MXA5TzZHa2RZc3VxRnZQZVR5eUgyL2RBSUtLd1N6TS9wdGhnOEtuOExabG1KeUZObkExc3RKeG41WGRiVjEKcFBxajhVdllDQnp5ak1JcW1SeW9peUxpUWxib2hNYTBVZEVCS2NIL1BkTEU5SzhUR0pyWmdvR1hxcTFXbWl0RAozdmNQalNlUEtFaVVKVlM5bENoeVNzMEtZNUIraFVRRDBKajZucEZENFprMHhxZHhoMHJXdWVDcXE3dmpxRVl6CnBqNFB3cnVmbjFQQlRtZnhNdVYvVUpWNWViaWtldVpQMzVrV3pMUjdaV0FMN3d1RGRXcC82bzR5azNRTGFuRFEKQ3dnQ0ZjWCtzcyswVnl1TTNZZXJUT1VVOFFWSkp4NFVaQU5aeDYrNDNwZEpaT2NudFBaNENBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-tls/ diff --git a/internal/gatewayapi/testdata/envoyproxy-tls-settings.out.yaml b/internal/gatewayapi/testdata/envoyproxy-tls-settings.out.yaml index 017c4a29429..b9f17e7808a 100644 --- a/internal/gatewayapi/testdata/envoyproxy-tls-settings.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-tls-settings.out.yaml @@ -285,6 +285,11 @@ xdsIR: - name: envoy-gateway/default-cert privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKRENDQWd5Z0F3SUJBZ0lVU3JTYktMZjBiTEVHb2dXeC9nQ3cyR0N0dnhFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0V6RVJNQThHQTFVRUF3d0lWR1Z6ZENCSmJtTXdIaGNOTWpRd01qSTVNRGt6TURFd1doY05NelF3TWpJMgpNRGt6TURFd1dqQVRNUkV3RHdZRFZRUUREQWhVWlhOMElFbHVZekNDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFECmdnRVBBRENDQVFvQ2dnRUJBSzFKempQSWlXZzNxb0hTckFkZGtlSmphTVA5aXlNVGkvQlBvOWNKUG9SRThaaTcKV2FwVXJYTC85QTlyK2pITXlHSVpOWk5kY1o1Y1kyWHYwTFA4WnhWeTJsazArM3d0WXpIbnBHWUdWdHlxMnRldApEaEZzaVBsODJZUmpDMG16V2E0UU16NFNYekZITmdJRHBSZGhmcm92bXNldVdHUUU4cFY0VWQ5VUsvU0tpbE1PCnF0QjVKaXJMUDJWczVUMW9XaWNXTFF2ZmJHd3Y3c0ZEZHI5YkcwWHRTUXAxN0hTZ281MFNERTUrQmpTbXB0RncKMVZjS0xscWFoTVhCRERpb3Jnd2hJaEdHS3BFU2VNMFA3YkZoVm1rTTNhc2gyeFNUQnVGVUJEbEU0Sk9haHp3cwpEWHJ1cFVoRGRTMWhkYzJmUHJqaEZBbEpmV0VZWjZCbFpqeXNpVlVDQXdFQUFhTndNRzR3SFFZRFZSME9CQllFCkZCUXVmSzFMaWJ1Vm05VHMvVmpCeDhMM3VpTmVNQjhHQTFVZEl3UVlNQmFBRkJRdWZLMUxpYnVWbTlUcy9WakIKeDhMM3VpTmVNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdHd1lEVlIwUkJCUXdFb0lCS29JTktpNWxlR0Z0Y0d4bApMbU52YlRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWZQUzQxYWdldldNVjNaWHQwQ09GRzN1WWZQRlhuVnc2ClA0MXA5TzZHa2RZc3VxRnZQZVR5eUgyL2RBSUtLd1N6TS9wdGhnOEtuOExabG1KeUZObkExc3RKeG41WGRiVjEKcFBxajhVdllDQnp5ak1JcW1SeW9peUxpUWxib2hNYTBVZEVCS2NIL1BkTEU5SzhUR0pyWmdvR1hxcTFXbWl0RAozdmNQalNlUEtFaVVKVlM5bENoeVNzMEtZNUIraFVRRDBKajZucEZENFprMHhxZHhoMHJXdWVDcXE3dmpxRVl6CnBqNFB3cnVmbjFQQlRtZnhNdVYvVUpWNWViaWtldVpQMzVrV3pMUjdaV0FMN3d1RGRXcC82bzR5azNRTGFuRFEKQ3dnQ0ZjWCtzcyswVnl1TTNZZXJUT1VVOFFWSkp4NFVaQU5aeDYrNDNwZEpaT2NudFBaNENBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-tls/ diff --git a/internal/gatewayapi/testdata/envoyproxy-tracing-backend-invalid.out.yaml b/internal/gatewayapi/testdata/envoyproxy-tracing-backend-invalid.out.yaml index 92ff7c81dd5..605b7eca334 100644 --- a/internal/gatewayapi/testdata/envoyproxy-tracing-backend-invalid.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-tracing-backend-invalid.out.yaml @@ -149,3 +149,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/envoyproxy-tracing-backend.out.yaml b/internal/gatewayapi/testdata/envoyproxy-tracing-backend.out.yaml index b3a44d78fdc..fcddbf667a8 100644 --- a/internal/gatewayapi/testdata/envoyproxy-tracing-backend.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-tracing-backend.out.yaml @@ -169,6 +169,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tracing: destination: name: tracing diff --git a/internal/gatewayapi/testdata/envoyproxy-valid.out.yaml b/internal/gatewayapi/testdata/envoyproxy-valid.out.yaml index 5bd374167ee..afd9053b55e 100644 --- a/internal/gatewayapi/testdata/envoyproxy-valid.out.yaml +++ b/internal/gatewayapi/testdata/envoyproxy-valid.out.yaml @@ -133,3 +133,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/extensionpolicy-tcp-listener.out.yaml b/internal/gatewayapi/testdata/extensions/extensionpolicy-tcp-listener.out.yaml index 0095b815fd7..623c2b6869b 100644 --- a/internal/gatewayapi/testdata/extensions/extensionpolicy-tcp-listener.out.yaml +++ b/internal/gatewayapi/testdata/extensions/extensionpolicy-tcp-listener.out.yaml @@ -145,6 +145,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 extensionRefs: diff --git a/internal/gatewayapi/testdata/extensions/extensionpolicy-udp-listener.out.yaml b/internal/gatewayapi/testdata/extensions/extensionpolicy-udp-listener.out.yaml index 1ff835552d9..ee15a09ecc9 100644 --- a/internal/gatewayapi/testdata/extensions/extensionpolicy-udp-listener.out.yaml +++ b/internal/gatewayapi/testdata/extensions/extensionpolicy-udp-listener.out.yaml @@ -145,6 +145,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 extensionRefs: diff --git a/internal/gatewayapi/testdata/extensions/extensionpolicy-with-invalid-target.out.yaml b/internal/gatewayapi/testdata/extensions/extensionpolicy-with-invalid-target.out.yaml index 8140d239ab5..7bbcdec0519 100644 --- a/internal/gatewayapi/testdata/extensions/extensionpolicy-with-invalid-target.out.yaml +++ b/internal/gatewayapi/testdata/extensions/extensionpolicy-with-invalid-target.out.yaml @@ -125,3 +125,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target-array.out.yaml b/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target-array.out.yaml index 5a0b8ef2f97..f49bb990c1a 100644 --- a/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target-array.out.yaml +++ b/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target-array.out.yaml @@ -213,6 +213,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10081 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -274,3 +279,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target.out.yaml b/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target.out.yaml index 29b482ae554..09990fa8b84 100644 --- a/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target.out.yaml +++ b/internal/gatewayapi/testdata/extensions/extensionpolicy-with-valid-target.out.yaml @@ -260,3 +260,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/httproute-with-extension-filter-invalid-group.out.yaml b/internal/gatewayapi/testdata/extensions/httproute-with-extension-filter-invalid-group.out.yaml index 79aeb1f3eeb..a00a7adf425 100644 --- a/internal/gatewayapi/testdata/extensions/httproute-with-extension-filter-invalid-group.out.yaml +++ b/internal/gatewayapi/testdata/extensions/httproute-with-extension-filter-invalid-group.out.yaml @@ -123,3 +123,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/httproute-with-non-matching-extension-filter.out.yaml b/internal/gatewayapi/testdata/extensions/httproute-with-non-matching-extension-filter.out.yaml index d70cea292b5..9d2eca1f34f 100644 --- a/internal/gatewayapi/testdata/extensions/httproute-with-non-matching-extension-filter.out.yaml +++ b/internal/gatewayapi/testdata/extensions/httproute-with-non-matching-extension-filter.out.yaml @@ -121,3 +121,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/httproute-with-unsupported-extension-filter.out.yaml b/internal/gatewayapi/testdata/extensions/httproute-with-unsupported-extension-filter.out.yaml index 1af974c72bb..326d45e1a1f 100644 --- a/internal/gatewayapi/testdata/extensions/httproute-with-unsupported-extension-filter.out.yaml +++ b/internal/gatewayapi/testdata/extensions/httproute-with-unsupported-extension-filter.out.yaml @@ -121,3 +121,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/extensions/httproute-with-valid-extension-filter.out.yaml b/internal/gatewayapi/testdata/extensions/httproute-with-valid-extension-filter.out.yaml index 1cb405e4dd8..a3856afd3a0 100644 --- a/internal/gatewayapi/testdata/extensions/httproute-with-valid-extension-filter.out.yaml +++ b/internal/gatewayapi/testdata/extensions/httproute-with-valid-extension-filter.out.yaml @@ -151,3 +151,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-allowed-httproute.out.yaml b/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-allowed-httproute.out.yaml index 2dd68040951..d6e02dc520f 100644 --- a/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-allowed-httproute.out.yaml +++ b/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-allowed-httproute.out.yaml @@ -131,3 +131,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-disallowed-httproute.out.yaml b/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-disallowed-httproute.out.yaml index 35383fcb502..67f90c57376 100644 --- a/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-disallowed-httproute.out.yaml +++ b/internal/gatewayapi/testdata/gateway-allows-same-namespace-with-disallowed-httproute.out.yaml @@ -110,3 +110,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-http-listener-with-hostname-intersection.out.yaml b/internal/gatewayapi/testdata/gateway-http-listener-with-hostname-intersection.out.yaml index ce41660893b..d2f579b84aa 100644 --- a/internal/gatewayapi/testdata/gateway-http-listener-with-hostname-intersection.out.yaml +++ b/internal/gatewayapi/testdata/gateway-http-listener-with-hostname-intersection.out.yaml @@ -228,3 +228,8 @@ xdsIR: distinct: false name: "" prefix: /wildcard-example-com + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-infrastructure.out.yaml b/internal/gatewayapi/testdata/gateway-infrastructure.out.yaml index 0b38b962b89..f014e7eb743 100644 --- a/internal/gatewayapi/testdata/gateway-infrastructure.out.yaml +++ b/internal/gatewayapi/testdata/gateway-infrastructure.out.yaml @@ -155,3 +155,8 @@ xdsIR: - name: default/tls-secret-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-addresses-with-ipaddress.out.yaml b/internal/gatewayapi/testdata/gateway-with-addresses-with-ipaddress.out.yaml index 798641857cd..fb0690577e2 100644 --- a/internal/gatewayapi/testdata/gateway-with-addresses-with-ipaddress.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-addresses-with-ipaddress.out.yaml @@ -65,6 +65,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-infrastructure-parametersref.out.yaml b/internal/gatewayapi/testdata/gateway-with-infrastructure-parametersref.out.yaml index 8794f263e57..70e746fc998 100644 --- a/internal/gatewayapi/testdata/gateway-with-infrastructure-parametersref.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-infrastructure-parametersref.out.yaml @@ -158,6 +158,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tracing: authority: otel-collector.monitoring.svc.cluster.local destination: diff --git a/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-does-not-exist.out.yaml b/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-does-not-exist.out.yaml index deed8d261b5..845298f464a 100644 --- a/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-does-not-exist.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-does-not-exist.out.yaml @@ -141,3 +141,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-fallback.out.yaml b/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-fallback.out.yaml index 0ec88f622c9..dfdf540c4f1 100644 --- a/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-fallback.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-invalid-infrastructure-parametersref-fallback.out.yaml @@ -158,6 +158,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tracing: authority: otel-collector.monitoring.svc.cluster.local destination: diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-namespaces-selector.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-namespaces-selector.out.yaml index 6525ecfc32e..bbacda3fa3f 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-namespaces-selector.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-namespaces-selector.out.yaml @@ -90,3 +90,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-group.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-group.out.yaml index 182b2b17313..72162144e3e 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-group.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-group.out.yaml @@ -81,3 +81,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind-and-supported.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind-and-supported.out.yaml index a21d579d0e8..dd0d33086a9 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind-and-supported.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind-and-supported.out.yaml @@ -83,3 +83,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind.out.yaml index 460da331ff4..fbc8f759712 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-kind.out.yaml @@ -81,3 +81,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-tls-route-kind.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-tls-route-kind.out.yaml index a7dbadf7fd0..4b51c595c0a 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-tls-route-kind.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-tls-route-kind.out.yaml @@ -81,3 +81,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-multiple-tls-configuration.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-multiple-tls-configuration.out.yaml index d503d2875cb..2d71cb92fbb 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-multiple-tls-configuration.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-multiple-tls-configuration.out.yaml @@ -96,3 +96,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-invalid-mode.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-invalid-mode.out.yaml index f5b1bd561dd..b4aece4978c 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-invalid-mode.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-invalid-mode.out.yaml @@ -89,3 +89,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-certificate-refs.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-certificate-refs.out.yaml index 84dd3118e90..7deba94f944 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-certificate-refs.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-certificate-refs.out.yaml @@ -84,3 +84,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-valid-certificate-for-fqdn.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-valid-certificate-for-fqdn.out.yaml index d67fa87f9b6..5f9d3daf8ec 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-valid-certificate-for-fqdn.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-no-valid-certificate-for-fqdn.out.yaml @@ -91,3 +91,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-does-not-exist.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-does-not-exist.out.yaml index cac358ab651..f3e7401e378 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-does-not-exist.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-does-not-exist.out.yaml @@ -88,3 +88,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-in-other-namespace.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-in-other-namespace.out.yaml index 3c27f730a57..cc36c9fce7f 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-in-other-namespace.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-in-other-namespace.out.yaml @@ -90,3 +90,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-is-not-valid.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-is-not-valid.out.yaml index 72c30d42149..94bc24969b1 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-is-not-valid.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-invalid-tls-configuration-secret-is-not-valid.out.yaml @@ -88,3 +88,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-missing-allowed-namespaces-selector.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-missing-allowed-namespaces-selector.out.yaml index 2e8f83dbaf9..f5d18e807bb 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-missing-allowed-namespaces-selector.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-missing-allowed-namespaces-selector.out.yaml @@ -83,3 +83,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-tcp-with-hostname.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-tcp-with-hostname.out.yaml index 50308df1df7..e9662503046 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-tcp-with-hostname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-tcp-with-hostname.out.yaml @@ -46,3 +46,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-mismatch-port-protocol.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-mismatch-port-protocol.out.yaml index 64e9d93ead0..e0ff76dd5fc 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-mismatch-port-protocol.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-mismatch-port-protocol.out.yaml @@ -91,6 +91,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-backends.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-backends.out.yaml index cbc01a3d11d..0ea918fec98 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-backends.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-backends.out.yaml @@ -94,6 +94,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-rules.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-rules.out.yaml index 7e583a73bda..bc804b275a2 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-rules.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-tcproute-with-multiple-rules.out.yaml @@ -95,6 +95,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-tls-secret-in-other-namespace-allowed-by-refgrant.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-tls-secret-in-other-namespace-allowed-by-refgrant.out.yaml index 6e35700c58e..45025ee173c 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-tls-secret-in-other-namespace-allowed-by-refgrant.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-tls-secret-in-other-namespace-allowed-by-refgrant.out.yaml @@ -144,3 +144,8 @@ xdsIR: - name: default/tls-secret-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-tls-terminate-and-passthrough.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-tls-terminate-and-passthrough.out.yaml index 9e2db8004e5..ca211c61883 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-tls-terminate-and-passthrough.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-tls-terminate-and-passthrough.out.yaml @@ -213,6 +213,11 @@ xdsIR: - name: envoy-gateway/tls-secret-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls-passthrough diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-udp-with-hostname.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-udp-with-hostname.out.yaml index c3022120b3f..68c004f2a8d 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-udp-with-hostname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-udp-with-hostname.out.yaml @@ -46,3 +46,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-mismatch-port-protocol.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-mismatch-port-protocol.out.yaml index 2e62a910d44..2b85a8f15aa 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-mismatch-port-protocol.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-mismatch-port-protocol.out.yaml @@ -91,6 +91,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-backends.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-backends.out.yaml index 70a5a2a8599..c2e81c80ca2 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-backends.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-backends.out.yaml @@ -94,6 +94,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-rules.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-rules.out.yaml index 850f9e64cba..4be83e098d4 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-rules.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-udproute-with-multiple-rules.out.yaml @@ -95,6 +95,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-tcproute.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-tcproute.out.yaml index 79295aded7b..5dcf14268c9 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-tcproute.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-tcproute.out.yaml @@ -58,6 +58,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-udproute.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-udproute.out.yaml index a30d7cf5a5b..2c7107f005b 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-udproute.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-unmatched-udproute.out.yaml @@ -58,6 +58,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-unsupported-protocol.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-unsupported-protocol.out.yaml index 0875ec2454d..1fcbcc80c25 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-unsupported-protocol.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-unsupported-protocol.out.yaml @@ -83,3 +83,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml index a9939722a0d..ea96ba283ce 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration-with-same-algorithm-different-fqdn.out.yaml @@ -149,3 +149,8 @@ xdsIR: - name: envoy-gateway/tls-secret-ecdsa-2 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ5RENDQVU2Z0F3SUJBZ0lVUWltVUFlSExNdHo0dEdSdG5oNG9qWHRhVXpzd0NnWUlLb1pJemowRUF3SXcKR3pFWk1CY0dBMVVFQXd3UWRHVnpkQzVsZUdGdGNHeGxMbU52YlRBZUZ3MHlOREExTWpVd09URXhNemRhRncwegpOREExTWpNd09URXhNemRhTUJzeEdUQVhCZ05WQkFNTUVIUmxjM1F1WlhoaGJYQnNaUzVqYjIwd2RqQVFCZ2NxCmhrak9QUUlCQmdVcmdRUUFJZ05pQUFSNHkwY0xlRWg2clpDeDJTMUtMOWsxSDh3bzFxOUtiY2MyZnUwYWlCK3AKcXFmd0JLQWNocnZKUlQ3NCt5Z01QcVIvNzRKN3U2eDNTWkE3VktkMWdoYVBaQXVJalBRMWtmd0g5Q3ZpTHNuUQpnckN4Q1ZTZTZkbXEva3BqMU10QnJTZWpVekJSTUIwR0ExVWREZ1FXQkJUYVNlb1RtY3JlRU5Kd0t5ZmlZS3JnCjlIdnFVREFmQmdOVkhTTUVHREFXZ0JUYVNlb1RtY3JlRU5Kd0t5ZmlZS3JnOUh2cVVEQVBCZ05WSFJNQkFmOEUKQlRBREFRSC9NQW9HQ0NxR1NNNDlCQU1DQTJnQU1HVUNNRzFPSlUrRTlEaCt4TjdJMFZVTXIwdmt3S0h6V2Q3NwpTQXFXQjJVcG4vNThQTzd3eWNvWHZNMjlwREU0SkUvRzVRSXhBT2FhemxKZ1M3Z081eU50aW1tZ0llWFJ1K2pwCkNXb3kxb3hZU2ZSMmh1YkJ1Q1RUUkFqNkhPODBjTUVrZHFrMWp3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration.out.yaml index 6fdbe779e25..688ee268d0e 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-multiple-tls-configuration.out.yaml @@ -149,3 +149,8 @@ xdsIR: - name: envoy-gateway/tls-secret-ecdsa-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJnVENDQVNlZ0F3SUJBZ0lVRm1sOExCRzBvL1FLNFErWjdrODI0c0MyaUZ3d0NnWUlLb1pJemowRUF3SXcKRmpFVU1CSUdBMVVFQXd3TFptOXZMbUpoY2k1amIyMHdIaGNOTWpRd01qSTVNRGt6TURFd1doY05NelF3TWpJMgpNRGt6TURFd1dqQVdNUlF3RWdZRFZRUUREQXRtYjI4dVltRnlMbU52YlRCWk1CTUdCeXFHU000OUFnRUdDQ3FHClNNNDlBd0VIQTBJQUJMYVl2cUt1VlZveERvNTJlV3p2WUI1anc3RU1GODZybXlvaTVadWF5emRNdnBnNHpCcjgKUktCak5zK1QxakI4T0t1Y1MvN1JVRHgwcHorOTc2ek0zaU9qVXpCUk1CMEdBMVVkRGdRV0JCVE82K2NnMFIwZAp3dHJ6SlFQRzZnNzZoQkJVelRBZkJnTlZIU01FR0RBV2dCVE82K2NnMFIwZHd0cnpKUVBHNmc3NmhCQlV6VEFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUFvR0NDcUdTTTQ5QkFNQ0EwZ0FNRVVDSVFDMlhwUFFnUXpXYWUzYjVwWnQKR2N1TWZESjBjME9QS2NuZWdrWFoyQzRCM2dJZ1Uvc1Jrd0lwTFFOUlYrRWFZdzRQNVQ1Z1BFNlkrVnBtQzk4aApvVmpaL3pRPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-tls-configuration.out.yaml b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-tls-configuration.out.yaml index 680ff1bf524..050f9dfdf3c 100644 --- a/internal/gatewayapi/testdata/gateway-with-listener-with-valid-tls-configuration.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-listener-with-valid-tls-configuration.out.yaml @@ -143,3 +143,8 @@ xdsIR: - name: envoy-gateway/tls-secret-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-preexisting-status-condition.out.yaml b/internal/gatewayapi/testdata/gateway-with-preexisting-status-condition.out.yaml index 6598bfde8d4..5dc4140c68b 100644 --- a/internal/gatewayapi/testdata/gateway-with-preexisting-status-condition.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-preexisting-status-condition.out.yaml @@ -131,3 +131,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-tcproutes.out.yaml b/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-tcproutes.out.yaml index f7fd4e2752c..89941fb0941 100644 --- a/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-tcproutes.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-tcproutes.out.yaml @@ -121,6 +121,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-udproutes.out.yaml b/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-udproutes.out.yaml index 4f4555a87e8..19c9bdc6eff 100644 --- a/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-udproutes.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-single-listener-with-multiple-udproutes.out.yaml @@ -121,6 +121,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/testdata/gateway-with-stale-status-condition.out.yaml b/internal/gatewayapi/testdata/gateway-with-stale-status-condition.out.yaml index bafbb34668b..808bb4ebfde 100644 --- a/internal/gatewayapi/testdata/gateway-with-stale-status-condition.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-stale-status-condition.out.yaml @@ -143,3 +143,8 @@ xdsIR: - name: default/tls-secret-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-tcp-or-tls-port.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-tcp-or-tls-port.out.yaml index e3bc11e2cc5..2162b9968a6 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-tcp-or-tls-port.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-tcp-or-tls-port.out.yaml @@ -114,6 +114,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp1 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-udp-port.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-udp-port.out.yaml index 5f904c3de3e..8d6d83c3185 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-udp-port.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-on-same-udp-port.out.yaml @@ -117,6 +117,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp1 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-http-and-tlsroute-same-hostname-and-port.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-http-and-tlsroute-same-hostname-and-port.out.yaml index dfe1d49dc37..2cfa0b97469 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-http-and-tlsroute-same-hostname-and-port.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-http-and-tlsroute-same-hostname-and-port.out.yaml @@ -150,3 +150,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-multiple-httproutes.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-multiple-httproutes.out.yaml index d6b31a59f6a..e2b9819b643 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-multiple-httproutes.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-multiple-httproutes.out.yaml @@ -278,3 +278,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-hostname.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-hostname.out.yaml index bf051ef6c79..756806da51d 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-hostname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-hostname.out.yaml @@ -118,3 +118,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-incompatible-protocol.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-incompatible-protocol.out.yaml index acbd772d0f6..d4f8aeec588 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-incompatible-protocol.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-and-incompatible-protocol.out.yaml @@ -118,3 +118,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-tcp-protocol.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-tcp-protocol.out.yaml index 67867078333..18a7f9df19f 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-tcp-protocol.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-tcp-protocol.out.yaml @@ -198,6 +198,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-udp-protocol.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-udp-protocol.out.yaml index b7bdac0b389..3b3d464c5ed 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-udp-protocol.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-same-port-http-udp-protocol.out.yaml @@ -198,6 +198,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-with-sectionname.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-with-sectionname.out.yaml index d2d74cd296e..4a1a1bfe3ad 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-with-sectionname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-with-sectionname.out.yaml @@ -159,6 +159,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp1 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-without-sectionname.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-without-sectionname.out.yaml index 20519f07857..2a6475f7c08 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-without-sectionname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-tcproutes-without-sectionname.out.yaml @@ -155,6 +155,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp1 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-with-sectionname.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-with-sectionname.out.yaml index 00a61415035..30b86d9dc10 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-with-sectionname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-with-sectionname.out.yaml @@ -159,6 +159,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp1 diff --git a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-without-sectionname.out.yaml b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-without-sectionname.out.yaml index f6cb6959c4b..a805d2666a6 100644 --- a/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-without-sectionname.out.yaml +++ b/internal/gatewayapi/testdata/gateway-with-two-listeners-with-udproutes-without-sectionname.out.yaml @@ -155,6 +155,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp1 diff --git a/internal/gatewayapi/testdata/grpcroute-with-backend.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-backend.out.yaml index 1f7f559aaf0..c5e6dff62ef 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-backend.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-backend.out.yaml @@ -180,3 +180,8 @@ xdsIR: distinct: false name: "" prefix: /com.ExampleExact + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/grpcroute-with-empty-backends.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-empty-backends.out.yaml index 2f633cb8a20..35d2417db83 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-empty-backends.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-empty-backends.out.yaml @@ -124,3 +124,8 @@ xdsIR: distinct: false name: "" prefix: /com.ExampleExact + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/grpcroute-with-header-match.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-header-match.out.yaml index bc7697e2f18..f76641af746 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-header-match.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-header-match.out.yaml @@ -135,3 +135,8 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/0/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/grpcroute-with-method-and-service-match.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-method-and-service-match.out.yaml index 765481a5838..0d05bc42b40 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-method-and-service-match.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-method-and-service-match.out.yaml @@ -159,3 +159,8 @@ xdsIR: distinct: false name: "" safeRegex: /foo.*/Foobar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/grpcroute-with-method-match.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-method-match.out.yaml index 38b49dda801..67b6e3fc755 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-method-match.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-method-match.out.yaml @@ -157,3 +157,8 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/0/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/grpcroute-with-request-header-modifier.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-request-header-modifier.out.yaml index 110d404c44f..b533815951c 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-request-header-modifier.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-request-header-modifier.out.yaml @@ -147,3 +147,8 @@ xdsIR: name: grpcroute-1 namespace: default name: grpcroute/default/grpcroute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/grpcroute-with-service-match.out.yaml b/internal/gatewayapi/testdata/grpcroute-with-service-match.out.yaml index b8855487138..dcb875be6bf 100644 --- a/internal/gatewayapi/testdata/grpcroute-with-service-match.out.yaml +++ b/internal/gatewayapi/testdata/grpcroute-with-service-match.out.yaml @@ -157,3 +157,8 @@ xdsIR: distinct: false name: "" prefix: /com.ExampleExact + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout-error.out.yaml b/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout-error.out.yaml index 6cbe82eca0a..b67d761df6e 100644 --- a/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout-error.out.yaml +++ b/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout-error.out.yaml @@ -172,3 +172,8 @@ xdsIR: name: "" prefix: / timeout: 1s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout.out.yaml b/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout.out.yaml index 60c001200b9..51aef16e129 100644 --- a/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout.out.yaml +++ b/internal/gatewayapi/testdata/httproute-and-backendtrafficpolicy-with-timeout.out.yaml @@ -292,6 +292,11 @@ xdsIR: maxConnectionDuration: 17s tcp: connectTimeout: 15s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -339,3 +344,8 @@ xdsIR: maxConnectionDuration: 22s tcp: connectTimeout: 20s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-different-listeners.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-different-listeners.out.yaml index e532697a7b4..4ccd23b6b42 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-different-listeners.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-different-listeners.out.yaml @@ -636,3 +636,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-listeners.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-listeners.out.yaml index 5bc5e17485a..106ef69b077 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-listeners.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-more-listeners.out.yaml @@ -587,3 +587,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners-with-different-ports.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners-with-different-ports.out.yaml index 2b7899d4f75..a30c0a6e473 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners-with-different-ports.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners-with-different-ports.out.yaml @@ -214,3 +214,8 @@ xdsIR: - name: envoy-gateway/tls-secret-1 privateKey: '[redacted]' serverCertificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUREVENDQWZXZ0F3SUJBZ0lVRUZNaFA5ZUo5WEFCV3NRNVptNmJSazJjTE5Rd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xabTl2TG1KaGNpNWpiMjB3SGhjTk1qUXdNakk1TURrek1ERXdXaGNOTXpRdwpNakkyTURrek1ERXdXakFXTVJRd0VnWURWUVFEREF0bWIyOHVZbUZ5TG1OdmJUQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbEk2WXhFOVprQ1BzNnBDUXhickNtZWl4OVA1RGZ4OVJ1NUxENFQKSm1kVzdJS2R0UVYvd2ZMbXRzdTc2QithVGRDaldlMEJUZmVPT1JCYlIzY1BBRzZFbFFMaWNsUVVydW4zcStncwpKcEsrSTdjSStqNXc4STY4WEg1V1E3clZVdGJ3SHBxYncrY1ZuQnFJVU9MaUlhdGpJZjdLWDUxTTF1RjljZkVICkU0RG5jSDZyYnI1OS9SRlpCc2toeHM1T3p3Sklmb2hreXZGd2V1VHd4Sy9WcGpJKzdPYzQ4QUJDWHBOTzlEL3EKRWgrck9hdWpBTWNYZ0hRSVRrQ2lpVVRjVW82TFNIOXZMWlB0YXFmem9acTZuaE1xcFc2NUUxcEF3RjNqeVRUeAphNUk4SmNmU0Zqa2llWjIwTFVRTW43TThVNHhIamFvL2d2SDBDQWZkQjdSTFUyc0NBd0VBQWFOVE1GRXdIUVlEClZSME9CQllFRk9SQ0U4dS8xRERXN2loWnA3Y3g5dFNtUG02T01COEdBMVVkSXdRWU1CYUFGT1JDRTh1LzFERFcKN2loWnA3Y3g5dFNtUG02T01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQgpBRnQ1M3pqc3FUYUg1YThFMmNodm1XQWdDcnhSSzhiVkxNeGl3TkdqYm1FUFJ6K3c2TngrazBBOEtFY0lEc0tjClNYY2k1OHU0b1didFZKQmx6YS9adWpIUjZQMUJuT3BsK2FveTc4NGJiZDRQMzl3VExvWGZNZmJCQ20xdmV2aDkKQUpLbncyWnRxcjRta2JMY3hFcWxxM3NCTEZBUzlzUUxuS05DZTJjR0xkVHAyYm9HK3FjZ3lRZ0NJTTZmOEVNdgpXUGlmQ01NR3V6Sy9HUkY0YlBPL1lGNDhld0R1M1VlaWgwWFhkVUFPRTlDdFVhOE5JaGMxVVBhT3pQcnRZVnFyClpPR2t2L0t1K0I3OGg4U0VzTzlYclFjdXdiT25KeDZLdFIrYWV5a3ZBcFhDUTNmWkMvYllLQUFSK1A4QUpvUVoKYndJVW1YaTRnajVtK2JLUGhlK2lyK0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0= + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners.out.yaml index 4d3310f2614..2e639df361a 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-gateway-with-two-listeners.out.yaml @@ -197,3 +197,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-gateway.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-gateway.out.yaml index 817bc24013a..88a7f71169d 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-gateway.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-gateway.out.yaml @@ -131,3 +131,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-matching-port.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-matching-port.out.yaml index 4abbc554d9d..cdafb1ba101 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-matching-port.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-matching-port.out.yaml @@ -135,3 +135,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-on-gateway-with-two-listeners.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-on-gateway-with-two-listeners.out.yaml index 5b4bf8d4bb9..e434446c7f3 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-on-gateway-with-two-listeners.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-on-gateway-with-two-listeners.out.yaml @@ -178,3 +178,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-and-core-backendrefs.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-and-core-backendrefs.out.yaml index e7ec462624c..0529f737284 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-and-core-backendrefs.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-and-core-backendrefs.out.yaml @@ -281,3 +281,8 @@ xdsIR: distinct: false name: "" prefix: /2 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref-mixed-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref-mixed-address-type.out.yaml index 64b578f98b5..b15cba86db9 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref-mixed-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref-mixed-address-type.out.yaml @@ -313,3 +313,8 @@ xdsIR: distinct: false name: "" prefix: /2 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref.out.yaml index 709c48725c5..74e7b200e35 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-backend-backendref.out.yaml @@ -436,3 +436,8 @@ xdsIR: distinct: false name: "" prefix: /5 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-diff-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-diff-address-type.out.yaml index deefbd7878e..401de0bdece 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-diff-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-diff-address-type.out.yaml @@ -361,3 +361,8 @@ xdsIR: distinct: false name: "" prefix: /4 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-same-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-same-address-type.out.yaml index a230922d110..59187ae0aa0 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-same-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-backend-backendrefs-same-address-type.out.yaml @@ -370,3 +370,8 @@ xdsIR: distinct: false name: "" prefix: /3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-diff-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-diff-address-type.out.yaml index 7b2b55fe1c0..d64b752d6c2 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-diff-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-diff-address-type.out.yaml @@ -145,3 +145,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-same-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-same-address-type.out.yaml index 5667491636e..27e2250e55c 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-same-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-multiple-serviceimport-backendrefs-same-address-type.out.yaml @@ -145,3 +145,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-fqdn-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-fqdn-address-type.out.yaml index e29f978c85e..cc3411a5552 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-fqdn-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-fqdn-address-type.out.yaml @@ -135,3 +135,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-mixed-address-type.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-mixed-address-type.out.yaml index 9cf88550489..14075a67edc 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-mixed-address-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref-mixed-address-type.out.yaml @@ -128,3 +128,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref.out.yaml index 144ccbd3c57..96b969d6412 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener-with-serviceimport-backendref.out.yaml @@ -135,3 +135,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-attaching-to-listener.out.yaml b/internal/gatewayapi/testdata/httproute-attaching-to-listener.out.yaml index 3bdc7cc4697..e6ff47ad7d2 100644 --- a/internal/gatewayapi/testdata/httproute-attaching-to-listener.out.yaml +++ b/internal/gatewayapi/testdata/httproute-attaching-to-listener.out.yaml @@ -133,3 +133,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-backend-request-timeout.out.yaml b/internal/gatewayapi/testdata/httproute-backend-request-timeout.out.yaml index 189c968899b..5b8123e55cb 100644 --- a/internal/gatewayapi/testdata/httproute-backend-request-timeout.out.yaml +++ b/internal/gatewayapi/testdata/httproute-backend-request-timeout.out.yaml @@ -136,3 +136,8 @@ xdsIR: name: "" prefix: / timeout: 1s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-not-attaching-to-listener-non-matching-port.out.yaml b/internal/gatewayapi/testdata/httproute-not-attaching-to-listener-non-matching-port.out.yaml index 9cd60408345..2673cadee1e 100644 --- a/internal/gatewayapi/testdata/httproute-not-attaching-to-listener-non-matching-port.out.yaml +++ b/internal/gatewayapi/testdata/httproute-not-attaching-to-listener-non-matching-port.out.yaml @@ -113,3 +113,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-request-timeout.out.yaml b/internal/gatewayapi/testdata/httproute-request-timeout.out.yaml index 88b1dc893f3..819dd940aa9 100644 --- a/internal/gatewayapi/testdata/httproute-request-timeout.out.yaml +++ b/internal/gatewayapi/testdata/httproute-request-timeout.out.yaml @@ -136,3 +136,8 @@ xdsIR: name: "" prefix: / timeout: 5s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-retry.out.yaml b/internal/gatewayapi/testdata/httproute-retry.out.yaml index 3b6b246b51e..c4ce6b1ca31 100644 --- a/internal/gatewayapi/testdata/httproute-retry.out.yaml +++ b/internal/gatewayapi/testdata/httproute-retry.out.yaml @@ -251,6 +251,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -316,3 +321,8 @@ xdsIR: triggers: - connect-failure - retriable-status-codes + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-rule-with-empty-backends-and-no-filters.out.yaml b/internal/gatewayapi/testdata/httproute-rule-with-empty-backends-and-no-filters.out.yaml index c7fd7b9e40e..f467fd39c43 100644 --- a/internal/gatewayapi/testdata/httproute-rule-with-empty-backends-and-no-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-rule-with-empty-backends-and-no-filters.out.yaml @@ -121,3 +121,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-no-weights.out.yaml b/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-no-weights.out.yaml index 11634b9f050..4de0058a5a2 100644 --- a/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-no-weights.out.yaml +++ b/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-no-weights.out.yaml @@ -147,3 +147,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-weights.out.yaml b/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-weights.out.yaml index e9a785e0d1b..4e22236edf7 100644 --- a/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-weights.out.yaml +++ b/internal/gatewayapi/testdata/httproute-rule-with-multiple-backends-and-weights.out.yaml @@ -153,3 +153,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-app-protocols.out.yaml b/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-app-protocols.out.yaml index 4c5fcd5e8e2..36b2ba719af 100644 --- a/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-app-protocols.out.yaml +++ b/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-app-protocols.out.yaml @@ -236,3 +236,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-weights.out.yaml b/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-weights.out.yaml index ee0ea6d639a..52c7c634d82 100644 --- a/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-weights.out.yaml +++ b/internal/gatewayapi/testdata/httproute-rule-with-non-service-backends-and-weights.out.yaml @@ -234,3 +234,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-backendref-add-multiple-filters.out.yaml b/internal/gatewayapi/testdata/httproute-with-backendref-add-multiple-filters.out.yaml index 122d09efdeb..c5c3a4e9888 100644 --- a/internal/gatewayapi/testdata/httproute-with-backendref-add-multiple-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-backendref-add-multiple-filters.out.yaml @@ -198,3 +198,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml b/internal/gatewayapi/testdata/httproute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml index d708b748380..262fe1a8a73 100644 --- a/internal/gatewayapi/testdata/httproute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml @@ -133,3 +133,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-backendref-serviceimport-in-other-namespace-allowed-by-refgrant.out.yaml b/internal/gatewayapi/testdata/httproute-with-backendref-serviceimport-in-other-namespace-allowed-by-refgrant.out.yaml index 9b175f032c4..a7e96386e77 100644 --- a/internal/gatewayapi/testdata/httproute-with-backendref-serviceimport-in-other-namespace-allowed-by-refgrant.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-backendref-serviceimport-in-other-namespace-allowed-by-refgrant.out.yaml @@ -135,3 +135,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-direct-response.out.yaml b/internal/gatewayapi/testdata/httproute-with-direct-response.out.yaml index 29b6b051366..daf54d70d1c 100644 --- a/internal/gatewayapi/testdata/httproute-with-direct-response.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-direct-response.out.yaml @@ -206,3 +206,8 @@ xdsIR: distinct: false name: "" prefix: /inline + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-empty-matches.out.yaml b/internal/gatewayapi/testdata/httproute-with-empty-matches.out.yaml index 6853b8172b3..d5b6d430048 100644 --- a/internal/gatewayapi/testdata/httproute-with-empty-matches.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-empty-matches.out.yaml @@ -126,3 +126,8 @@ xdsIR: name: httproute-1 namespace: default name: httproute/default/httproute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-add-multiple-filters.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-add-multiple-filters.out.yaml index 605aa384f3e..13872fdedc7 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-add-multiple-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-add-multiple-filters.out.yaml @@ -164,3 +164,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-adds.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-adds.out.yaml index f122fc17d5b..b8a423d2f2f 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-adds.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-adds.out.yaml @@ -182,3 +182,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-remove-multiple-filters.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-remove-multiple-filters.out.yaml index e3ea3d5158b..5f882dcc2a2 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-remove-multiple-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-remove-multiple-filters.out.yaml @@ -151,3 +151,8 @@ xdsIR: - rem-header-1 - rem-header-2 - rem-header-3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-removes.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-removes.out.yaml index 23567e22077..6148296924f 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-removes.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-duplicate-removes.out.yaml @@ -144,3 +144,8 @@ xdsIR: prefix: / removeRequestHeaders: - some-header-1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-empty-header-values.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-empty-header-values.out.yaml index 67c14e133a7..383e2c4c525 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-empty-header-values.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-empty-header-values.out.yaml @@ -154,3 +154,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-empty-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-empty-headers.out.yaml index 7549c52cbb1..fe5d5d18a64 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-empty-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-empty-headers.out.yaml @@ -126,3 +126,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-invalid-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-invalid-headers.out.yaml index 5405ad66246..9dce6510357 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-invalid-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-invalid-headers.out.yaml @@ -127,3 +127,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-no-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-no-headers.out.yaml index a8986f5d429..6e16b96a66a 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-no-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-no-headers.out.yaml @@ -139,3 +139,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-no-valid-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-no-valid-headers.out.yaml index 36f621f095c..a3f7c1b1e5e 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-no-valid-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-no-valid-headers.out.yaml @@ -122,3 +122,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-header-filter-remove.out.yaml b/internal/gatewayapi/testdata/httproute-with-header-filter-remove.out.yaml index b111af6e08b..1ee7f8db89b 100644 --- a/internal/gatewayapi/testdata/httproute-with-header-filter-remove.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-header-filter-remove.out.yaml @@ -147,3 +147,8 @@ xdsIR: - example-header-1 - example-header-2 - example-header-3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-bad-port.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-bad-port.out.yaml index 57e337fd1f5..20006ce00fc 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-bad-port.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-bad-port.out.yaml @@ -125,3 +125,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-group.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-group.out.yaml index c6090f5c196..c22f681afb7 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-group.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-group.out.yaml @@ -129,3 +129,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-kind.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-kind.out.yaml index 984dc0c98b3..9ab883e74d5 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-kind.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-invalid-kind.out.yaml @@ -127,3 +127,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-port.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-port.out.yaml index 4274a5f8644..bbe88dd6199 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-port.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-port.out.yaml @@ -125,3 +125,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.import.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.import.out.yaml index 06a77064819..572943fed35 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.import.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.import.out.yaml @@ -127,3 +127,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.out.yaml index ae96ef5ed30..27462479d95 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-no-service.out.yaml @@ -125,3 +125,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-unsupported-filter.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-unsupported-filter.out.yaml index df79cfc2e92..a2cb10d3f29 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-unsupported-filter.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backend-ref-unsupported-filter.out.yaml @@ -132,3 +132,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-backendref-in-other-namespace.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-backendref-in-other-namespace.out.yaml index c22e21c8920..1379cfa4210 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-backendref-in-other-namespace.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-backendref-in-other-namespace.out.yaml @@ -126,3 +126,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-invalid-regex.out.yaml b/internal/gatewayapi/testdata/httproute-with-invalid-regex.out.yaml index 05617ca8192..024bc19d812 100644 --- a/internal/gatewayapi/testdata/httproute-with-invalid-regex.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-invalid-regex.out.yaml @@ -162,6 +162,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -181,3 +186,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10081 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-metadata.out.yaml b/internal/gatewayapi/testdata/httproute-with-metadata.out.yaml index 9049ebe41de..f13c423e9d7 100644 --- a/internal/gatewayapi/testdata/httproute-with-metadata.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-metadata.out.yaml @@ -165,3 +165,8 @@ xdsIR: namespace: default sectionName: rule-1 name: httproute/default/httproute-1/rule/0/match/-1/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-mirror-filter-duplicates.out.yaml b/internal/gatewayapi/testdata/httproute-with-mirror-filter-duplicates.out.yaml index 80fa07db8e6..3d007a2e051 100644 --- a/internal/gatewayapi/testdata/httproute-with-mirror-filter-duplicates.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-mirror-filter-duplicates.out.yaml @@ -168,3 +168,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-mirror-filter-multiple.out.yaml b/internal/gatewayapi/testdata/httproute-with-mirror-filter-multiple.out.yaml index 1609b805abb..c75155a9719 100644 --- a/internal/gatewayapi/testdata/httproute-with-mirror-filter-multiple.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-mirror-filter-multiple.out.yaml @@ -195,3 +195,8 @@ xdsIR: prefix: / removeRequestHeaders: - X-Header-Remove + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-mirror-filter-percentage-mirroring.out.yaml b/internal/gatewayapi/testdata/httproute-with-mirror-filter-percentage-mirroring.out.yaml index 164873c64d8..59353e5cb0d 100644 --- a/internal/gatewayapi/testdata/httproute-with-mirror-filter-percentage-mirroring.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-mirror-filter-percentage-mirroring.out.yaml @@ -174,3 +174,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-no-port.out.yaml b/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-no-port.out.yaml index af0ed8f79e7..5d0f451de0a 100644 --- a/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-no-port.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-no-port.out.yaml @@ -123,3 +123,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-not-found.out.yaml b/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-not-found.out.yaml index 85ff5860d40..3dde1092ee7 100644 --- a/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-not-found.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-mirror-filter-service-not-found.out.yaml @@ -123,3 +123,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-mirror-filter.out.yaml b/internal/gatewayapi/testdata/httproute-with-mirror-filter.out.yaml index 58852fdcf23..e3abd1843a0 100644 --- a/internal/gatewayapi/testdata/httproute-with-mirror-filter.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-mirror-filter.out.yaml @@ -153,3 +153,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-multi-gateways-notmatch.out.yaml b/internal/gatewayapi/testdata/httproute-with-multi-gateways-notmatch.out.yaml index c7801a560d0..11a6b8f2c3d 100644 --- a/internal/gatewayapi/testdata/httproute-with-multi-gateways-notmatch.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-multi-gateways-notmatch.out.yaml @@ -130,6 +130,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -149,3 +154,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-multi-gateways-with-same-name.out.yaml b/internal/gatewayapi/testdata/httproute-with-multi-gateways-with-same-name.out.yaml index f3c1a6b1ed4..f735cc6c75b 100644 --- a/internal/gatewayapi/testdata/httproute-with-multi-gateways-with-same-name.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-multi-gateways-with-same-name.out.yaml @@ -184,6 +184,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-1: accessLog: text: @@ -203,3 +208,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-different-ns.out.yaml b/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-different-ns.out.yaml index ba2f58b8667..8f9670d8890 100644 --- a/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-different-ns.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-different-ns.out.yaml @@ -210,6 +210,11 @@ xdsIR: distinct: false name: "" prefix: /toy + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-b: accessLog: text: @@ -247,3 +252,8 @@ xdsIR: distinct: false name: "" prefix: /toy + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-same-ns.out.yaml b/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-same-ns.out.yaml index 4e6bef64b9e..3541b6be3ac 100644 --- a/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-same-ns.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-multiple-gateways-from-same-ns.out.yaml @@ -208,6 +208,11 @@ xdsIR: distinct: false name: "" prefix: /toy + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-b: accessLog: text: @@ -245,3 +250,8 @@ xdsIR: distinct: false name: "" prefix: /toy + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-non-matching-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-non-matching-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml index 810a78ccb87..0b3d9c27fc9 100644 --- a/internal/gatewayapi/testdata/httproute-with-non-matching-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-non-matching-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml @@ -114,3 +114,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-redirect-filter-full-path-replace-https.out.yaml b/internal/gatewayapi/testdata/httproute-with-redirect-filter-full-path-replace-https.out.yaml index d40408b2b02..7c2ae44a9f1 100644 --- a/internal/gatewayapi/testdata/httproute-with-redirect-filter-full-path-replace-https.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-redirect-filter-full-path-replace-https.out.yaml @@ -140,3 +140,8 @@ xdsIR: port: 443 scheme: https statusCode: 301 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-redirect-filter-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-redirect-filter-hostname.out.yaml index d7496698338..4d8644353ea 100644 --- a/internal/gatewayapi/testdata/httproute-with-redirect-filter-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-redirect-filter-hostname.out.yaml @@ -136,3 +136,8 @@ xdsIR: port: 443 scheme: https statusCode: 301 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-filter-type.out.yaml b/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-filter-type.out.yaml index 63b32e64bb8..53fa93b5d3d 100644 --- a/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-filter-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-filter-type.out.yaml @@ -121,3 +121,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-scheme.out.yaml b/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-scheme.out.yaml index 43ca155587d..c49b99ee0a2 100644 --- a/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-scheme.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-scheme.out.yaml @@ -118,3 +118,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-status.out.yaml b/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-status.out.yaml index 588877b155e..0084bbcf37b 100644 --- a/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-status.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-redirect-filter-invalid-status.out.yaml @@ -117,3 +117,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-redirect-filter-prefix-replace-with-port-http.out.yaml b/internal/gatewayapi/testdata/httproute-with-redirect-filter-prefix-replace-with-port-http.out.yaml index 9676b5d7688..0ea7a878aae 100644 --- a/internal/gatewayapi/testdata/httproute-with-redirect-filter-prefix-replace-with-port-http.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-redirect-filter-prefix-replace-with-port-http.out.yaml @@ -141,3 +141,8 @@ xdsIR: port: 8080 scheme: http statusCode: 302 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-adds.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-adds.out.yaml index 6dcb4b28779..f5cdd309e52 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-adds.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-adds.out.yaml @@ -178,3 +178,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-add-multiple-filters.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-add-multiple-filters.out.yaml index 47d61c9fcfa..90d94cb7834 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-add-multiple-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-add-multiple-filters.out.yaml @@ -164,3 +164,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-adds.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-adds.out.yaml index 1d2f4f7124c..e092487f6d0 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-adds.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-adds.out.yaml @@ -182,3 +182,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-remove-multiple-filters.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-remove-multiple-filters.out.yaml index b0dbd71c18d..c5c3066ccf8 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-remove-multiple-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-remove-multiple-filters.out.yaml @@ -151,3 +151,8 @@ xdsIR: - rem-header-1 - rem-header-2 - rem-header-3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-removes.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-removes.out.yaml index 893ce8cc969..300de597669 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-removes.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-duplicate-removes.out.yaml @@ -144,3 +144,8 @@ xdsIR: prefix: / removeResponseHeaders: - some-header-1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-header-values.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-header-values.out.yaml index 723cabbe6f7..870f0f3a7ec 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-header-values.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-header-values.out.yaml @@ -154,3 +154,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-headers.out.yaml index 6c8c063716d..00d1fc33c3d 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-empty-headers.out.yaml @@ -126,3 +126,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-invalid-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-invalid-headers.out.yaml index f46e5ae3977..1e88681e080 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-invalid-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-invalid-headers.out.yaml @@ -127,3 +127,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-headers.out.yaml index e8d2f720d19..4fa349c2f3a 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-headers.out.yaml @@ -139,3 +139,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-valid-headers.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-valid-headers.out.yaml index cd89f06e995..22517a8e33f 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-valid-headers.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-no-valid-headers.out.yaml @@ -122,3 +122,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-response-header-filter-remove.out.yaml b/internal/gatewayapi/testdata/httproute-with-response-header-filter-remove.out.yaml index e0f78c08c9d..d19befd4a35 100644 --- a/internal/gatewayapi/testdata/httproute-with-response-header-filter-remove.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-response-header-filter-remove.out.yaml @@ -147,3 +147,8 @@ xdsIR: - example-header-1 - example-header-2 - example-header-3 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-single-rule-with-exact-path-match.out.yaml b/internal/gatewayapi/testdata/httproute-with-single-rule-with-exact-path-match.out.yaml index a73f169aad1..8f4ac269a1a 100644 --- a/internal/gatewayapi/testdata/httproute-with-single-rule-with-exact-path-match.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-single-rule-with-exact-path-match.out.yaml @@ -132,3 +132,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-single-rule-with-http-method-match.out.yaml b/internal/gatewayapi/testdata/httproute-with-single-rule-with-http-method-match.out.yaml index d4bf9af1612..6fa764155c6 100644 --- a/internal/gatewayapi/testdata/httproute-with-single-rule-with-http-method-match.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-single-rule-with-http-method-match.out.yaml @@ -130,3 +130,8 @@ xdsIR: name: httproute-1 namespace: default name: httproute/default/httproute-1/rule/0/match/0/* + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-single-rule-with-multiple-rules.out.yaml b/internal/gatewayapi/testdata/httproute-with-single-rule-with-multiple-rules.out.yaml index 48706fbfb0c..35b3d167a47 100644 --- a/internal/gatewayapi/testdata/httproute-with-single-rule-with-multiple-rules.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-single-rule-with-multiple-rules.out.yaml @@ -137,3 +137,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-single-rule-with-path-prefix-and-exact-header-matches.out.yaml b/internal/gatewayapi/testdata/httproute-with-single-rule-with-path-prefix-and-exact-header-matches.out.yaml index 0be3cbea1d2..3bf429c5fb1 100644 --- a/internal/gatewayapi/testdata/httproute-with-single-rule-with-path-prefix-and-exact-header-matches.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-single-rule-with-path-prefix-and-exact-header-matches.out.yaml @@ -143,3 +143,8 @@ xdsIR: distinct: false name: "" prefix: /pathprefix + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-some-invalid-backend-refs-no-service.out.yaml b/internal/gatewayapi/testdata/httproute-with-some-invalid-backend-refs-no-service.out.yaml index 37776a693da..de5bca15ee4 100644 --- a/internal/gatewayapi/testdata/httproute-with-some-invalid-backend-refs-no-service.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-some-invalid-backend-refs-no-service.out.yaml @@ -129,3 +129,8 @@ xdsIR: distinct: false exact: /exact name: "" + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml index 34ec33802bf..994c938db92 100644 --- a/internal/gatewayapi/testdata/httproute-with-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-specific-hostname-attaching-to-gateway-with-wildcard-hostname.out.yaml @@ -134,3 +134,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-two-specific-hostnames-attaching-to-gateway-with-wildcard-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-two-specific-hostnames-attaching-to-gateway-with-wildcard-hostname.out.yaml index 2213aa315cb..128a3174103 100644 --- a/internal/gatewayapi/testdata/httproute-with-two-specific-hostnames-attaching-to-gateway-with-wildcard-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-two-specific-hostnames-attaching-to-gateway-with-wildcard-hostname.out.yaml @@ -155,3 +155,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-full-path-replace-http.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-full-path-replace-http.out.yaml index 3d8c69a6178..c2ee229c7fa 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-full-path-replace-http.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-full-path-replace-http.out.yaml @@ -146,3 +146,8 @@ xdsIR: path: fullReplace: /rewrite prefixMatchReplace: null + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname-prefix-replace.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname-prefix-replace.out.yaml index 8e3079c9bbe..b482857cdd0 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname-prefix-replace.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname-prefix-replace.out.yaml @@ -149,3 +149,8 @@ xdsIR: path: fullReplace: null prefixMatchReplace: /rewrite + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname.out.yaml index c0d8cce8b8a..d158220db8d 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-hostname.out.yaml @@ -143,3 +143,8 @@ xdsIR: urlRewrite: host: name: rewrite.com + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-filter-type.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-filter-type.out.yaml index 7cbff74f25b..2d98f875576 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-filter-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-filter-type.out.yaml @@ -143,3 +143,8 @@ xdsIR: urlRewrite: host: name: urlrewrite.envoyproxy.io + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-hostname.out.yaml index e1905ea7933..989d3c6f4c6 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-hostname.out.yaml @@ -125,3 +125,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-multiple-filters.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-multiple-filters.out.yaml index 3dcffc8edbb..5485a4dc659 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-multiple-filters.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-multiple-filters.out.yaml @@ -127,3 +127,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path-type.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path-type.out.yaml index c51f0b56107..044f58793c8 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path-type.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path-type.out.yaml @@ -123,3 +123,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path.out.yaml index 25991b658fa..38f6a9f114e 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-invalid-path.out.yaml @@ -122,3 +122,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-missing-path.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-missing-path.out.yaml index 86b8fce36bd..1edde191104 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-missing-path.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-missing-path.out.yaml @@ -120,3 +120,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-prefix-replace-http.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-prefix-replace-http.out.yaml index dd20383d2ea..9dcc8ca2513 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-prefix-replace-http.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-prefix-replace-http.out.yaml @@ -146,3 +146,8 @@ xdsIR: path: fullReplace: null prefixMatchReplace: /rewrite + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-http.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-http.out.yaml index c42f3934568..7b2fd3a791b 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-http.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-http.out.yaml @@ -366,3 +366,8 @@ xdsIR: regexMatchReplace: pattern: .* substitution: foo + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-invalid.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-invalid.out.yaml index 17ffc680f52..94ee61029bb 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-invalid.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-filter-regex-match-replace-invalid.out.yaml @@ -356,3 +356,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter-invalid.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter-invalid.out.yaml index ab24ec0e81d..b7de04b7ffe 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter-invalid.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter-invalid.out.yaml @@ -362,3 +362,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter.out.yaml b/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter.out.yaml index 916f7d0cefe..3a893a554c4 100644 --- a/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-urlrewrite-hostname-filter.out.yaml @@ -360,3 +360,8 @@ xdsIR: urlRewrite: host: header: my-host + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproute-with-wildcard-hostname-attaching-to-gateway-with-unset-hostname.out.yaml b/internal/gatewayapi/testdata/httproute-with-wildcard-hostname-attaching-to-gateway-with-unset-hostname.out.yaml index 821a30d4cb3..8c322e3f8f9 100644 --- a/internal/gatewayapi/testdata/httproute-with-wildcard-hostname-attaching-to-gateway-with-unset-hostname.out.yaml +++ b/internal/gatewayapi/testdata/httproute-with-wildcard-hostname-attaching-to-gateway-with-unset-hostname.out.yaml @@ -133,3 +133,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/httproutes-with-multiple-matches.out.yaml b/internal/gatewayapi/testdata/httproutes-with-multiple-matches.out.yaml index a21561696f2..b81fa150488 100644 --- a/internal/gatewayapi/testdata/httproutes-with-multiple-matches.out.yaml +++ b/internal/gatewayapi/testdata/httproutes-with-multiple-matches.out.yaml @@ -446,3 +446,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/merge-invalid-multiple-gateways.out.yaml b/internal/gatewayapi/testdata/merge-invalid-multiple-gateways.out.yaml index d8d24642dd3..7ef783c02ad 100644 --- a/internal/gatewayapi/testdata/merge-invalid-multiple-gateways.out.yaml +++ b/internal/gatewayapi/testdata/merge-invalid-multiple-gateways.out.yaml @@ -150,6 +150,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-2/udp diff --git a/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-listeners-same-ports.out.yaml b/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-listeners-same-ports.out.yaml index 0e015155214..5d4162a42c5 100644 --- a/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-listeners-same-ports.out.yaml +++ b/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-listeners-same-ports.out.yaml @@ -228,3 +228,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8888 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-routes.out.yaml b/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-routes.out.yaml index 4c48dd68694..531228c56ba 100644 --- a/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-routes.out.yaml +++ b/internal/gatewayapi/testdata/merge-valid-multiple-gateways-multiple-routes.out.yaml @@ -307,3 +307,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/merge-valid-multiple-gateways.out.yaml b/internal/gatewayapi/testdata/merge-valid-multiple-gateways.out.yaml index 7afe665224b..7b09fb531d4 100644 --- a/internal/gatewayapi/testdata/merge-valid-multiple-gateways.out.yaml +++ b/internal/gatewayapi/testdata/merge-valid-multiple-gateways.out.yaml @@ -187,3 +187,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 8888 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/merge-with-isolated-policies-2.out.yaml b/internal/gatewayapi/testdata/merge-with-isolated-policies-2.out.yaml index b0e8b627fe8..4cd8ed5f916 100644 --- a/internal/gatewayapi/testdata/merge-with-isolated-policies-2.out.yaml +++ b/internal/gatewayapi/testdata/merge-with-isolated-policies-2.out.yaml @@ -705,3 +705,8 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/merge-with-isolated-policies.out.yaml b/internal/gatewayapi/testdata/merge-with-isolated-policies.out.yaml index 8e62bb597d5..dfa22e32415 100644 --- a/internal/gatewayapi/testdata/merge-with-isolated-policies.out.yaml +++ b/internal/gatewayapi/testdata/merge-with-isolated-policies.out.yaml @@ -387,3 +387,8 @@ xdsIR: timeout: http: requestReceivedTimeout: 5s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-invalid-cross-ns-ref.out.yaml b/internal/gatewayapi/testdata/securitypolicy-invalid-cross-ns-ref.out.yaml index 5ce63e62453..b38a3c24332 100644 --- a/internal/gatewayapi/testdata/securitypolicy-invalid-cross-ns-ref.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-invalid-cross-ns-ref.out.yaml @@ -104,3 +104,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-override-replace.out.yaml b/internal/gatewayapi/testdata/securitypolicy-override-replace.out.yaml index bc300a92ef3..aaf06530d0d 100644 --- a/internal/gatewayapi/testdata/securitypolicy-override-replace.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-override-replace.out.yaml @@ -438,3 +438,8 @@ xdsIR: name: "" safeRegex: http://.*\.example\.com maxAge: 16m40s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-status-conditions.out.yaml b/internal/gatewayapi/testdata/securitypolicy-status-conditions.out.yaml index 35eb026bbe7..5f06381e189 100644 --- a/internal/gatewayapi/testdata/securitypolicy-status-conditions.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-status-conditions.out.yaml @@ -449,6 +449,11 @@ xdsIR: name: "" safeRegex: http://.*\.example\.com maxAge: 16m40s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -489,6 +494,11 @@ xdsIR: name: "" safeRegex: http://.*\.example\.com maxAge: 16m40s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-2/tcp diff --git a/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-client-cidr.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-client-cidr.out.yaml index 82281af294a..9530895469d 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-client-cidr.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-client-cidr.out.yaml @@ -413,3 +413,8 @@ xdsIR: ip: 10.0.2.0 isIPv6: false maskLen: 24 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-jwt-claim.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-jwt-claim.out.yaml index ed422e70031..9aab19104b1 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-jwt-claim.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-authoriztion-jwt-claim.out.yaml @@ -218,3 +218,8 @@ xdsIR: name: example1 remoteJWKS: uri: https://two.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-basic-auth.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-basic-auth.out.yaml index 02fd1a6ddd1..283f4445de9 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-basic-auth.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-basic-auth.out.yaml @@ -299,3 +299,8 @@ xdsIR: basicAuth: name: securitypolicy/default/policy-for-gateway-1 users: '[redacted]' + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-cors-targetrefs.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-cors-targetrefs.out.yaml index 5438cf7dca2..951122b289f 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-cors-targetrefs.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-cors-targetrefs.out.yaml @@ -385,6 +385,11 @@ xdsIR: - x-header-3 - x-header-4 maxAge: 16m40s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -418,6 +423,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-3: accessLog: text: @@ -473,3 +483,8 @@ xdsIR: - x-header-3 - x-header-4 maxAge: 16m40s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-cors.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-cors.out.yaml index 3f58304e886..2bf80a12131 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-cors.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-cors.out.yaml @@ -455,6 +455,11 @@ xdsIR: - x-header-3 - x-header-4 maxAge: 16m40s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -514,6 +519,11 @@ xdsIR: - x-header-7 - x-header-8 maxAge: 33m20s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-3: accessLog: text: @@ -570,3 +580,8 @@ xdsIR: - x-header-7 - x-header-8 maxAge: 33m20s + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.out.yaml index 34eff3c3cc5..3a7d6652498 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.out.yaml @@ -555,3 +555,8 @@ xdsIR: weight: 1 path: "" name: securitypolicy/default/policy-for-http-route-3-http-backendref + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-backendref.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-backendref.out.yaml index d72cd182896..81cdac6eed0 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-backendref.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-backendref.out.yaml @@ -352,3 +352,8 @@ xdsIR: - header2 path: /auth name: securitypolicy/default/policy-for-gateway-1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-body.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-body.out.yaml index ac4dfe7f306..105edaf1b72 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-body.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-body.out.yaml @@ -333,3 +333,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-matching-port.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-matching-port.out.yaml index c5bf4237f52..19152dbae9a 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-matching-port.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-matching-port.out.yaml @@ -174,3 +174,8 @@ xdsIR: name: "" prefix: /foo security: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-port.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-port.out.yaml index 3f5e60f11e8..d1b2c6b4b55 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-port.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-port.out.yaml @@ -174,3 +174,8 @@ xdsIR: name: "" prefix: /foo security: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-reference-grant.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-reference-grant.out.yaml index 1f8fd280ad6..f781a46ed1e 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-reference-grant.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-reference-grant.out.yaml @@ -175,3 +175,8 @@ xdsIR: name: "" prefix: /foo security: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-service.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-service.out.yaml index 294267b90e0..12932390d9b 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-service.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-invalid-no-service.out.yaml @@ -174,3 +174,8 @@ xdsIR: name: "" prefix: /foo security: {} + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-recomputation.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-recomputation.out.yaml index 350fc8e908b..f1334844887 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-recomputation.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-recomputation.out.yaml @@ -330,3 +330,8 @@ xdsIR: distinct: false name: "" prefix: /bar + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-with-backendtlspolicy.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-with-backendtlspolicy.out.yaml index c4f0d3b6c99..1c920be90b6 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth-with-backendtlspolicy.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth-with-backendtlspolicy.out.yaml @@ -385,3 +385,8 @@ xdsIR: - header2 path: /auth name: securitypolicy/default/policy-for-gateway + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth.out.yaml index d72cd182896..81cdac6eed0 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-extauth.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-extauth.out.yaml @@ -352,3 +352,8 @@ xdsIR: - header2 path: /auth name: securitypolicy/default/policy-for-gateway-1 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-jwt-and-invalid-oidc.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-jwt-and-invalid-oidc.out.yaml index d5731870d17..9c063280375 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-jwt-and-invalid-oidc.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-jwt-and-invalid-oidc.out.yaml @@ -317,3 +317,8 @@ xdsIR: name: example2 remoteJWKS: uri: https://one.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-jwt-backendcluster.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-jwt-backendcluster.out.yaml index bf6d4380286..b242d023fa7 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-jwt-backendcluster.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-jwt-backendcluster.out.yaml @@ -280,3 +280,8 @@ xdsIR: - gateway-error - reset uri: https://foo.bar.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-jwt-optional.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-jwt-optional.out.yaml index 711d30f0d14..81ca95ec553 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-jwt-optional.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-jwt-optional.out.yaml @@ -333,6 +333,11 @@ xdsIR: name: example2 remoteJWKS: uri: https://two.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -394,3 +399,8 @@ xdsIR: name: example3 remoteJWKS: uri: https://three.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-jwt-with-custom-extractor.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-jwt-with-custom-extractor.out.yaml index c892bef7e4f..d3936db2e18 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-jwt-with-custom-extractor.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-jwt-with-custom-extractor.out.yaml @@ -332,6 +332,11 @@ xdsIR: name: example2 remoteJWKS: uri: https://two.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -392,3 +397,8 @@ xdsIR: name: example3 remoteJWKS: uri: https://three.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-jwt.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-jwt.out.yaml index 704961a0476..5756a4e9e79 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-jwt.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-jwt.out.yaml @@ -324,6 +324,11 @@ xdsIR: name: example2 remoteJWKS: uri: http://two.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 envoy-gateway/gateway-2: accessLog: text: @@ -376,3 +381,8 @@ xdsIR: name: example3 remoteJWKS: uri: https://three.example.com/jwt/public-key/jwks.json + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-oidc-backendcluster.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-oidc-backendcluster.out.yaml index d0bb9f408bd..263361709d6 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-oidc-backendcluster.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-oidc-backendcluster.out.yaml @@ -292,3 +292,8 @@ xdsIR: refreshToken: true scopes: - openid + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-oidc-custom-cookies.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-oidc-custom-cookies.out.yaml index a42e482a758..4f4a5f98c0f 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-oidc-custom-cookies.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-oidc-custom-cookies.out.yaml @@ -193,3 +193,8 @@ xdsIR: redirectURL: https://www.example.com/bar/oauth2/callback scopes: - openid + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-issuer.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-issuer.out.yaml index caf951bcc40..edafadc1011 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-issuer.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-issuer.out.yaml @@ -111,3 +111,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-secretref.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-secretref.out.yaml index 319d6bcfe58..8fb0803702e 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-secretref.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-oidc-invalid-secretref.out.yaml @@ -295,6 +295,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 default/gateway-2: accessLog: text: @@ -314,6 +319,11 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 default/gateway-3: accessLog: text: @@ -333,3 +343,8 @@ xdsIR: escapedSlashesAction: UnescapeAndRedirect mergeSlashes: true port: 10080 + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/securitypolicy-with-oidc.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-oidc.out.yaml index 1d9093a8d38..62323da86e0 100644 --- a/internal/gatewayapi/testdata/securitypolicy-with-oidc.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-with-oidc.out.yaml @@ -333,3 +333,8 @@ xdsIR: refreshToken: true scopes: - openid + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/tcproute-attaching-to-gateway-with-listener-tls-terminate.out.yaml b/internal/gatewayapi/testdata/tcproute-attaching-to-gateway-with-listener-tls-terminate.out.yaml index d3a6e8bdc19..254ad49ff26 100644 --- a/internal/gatewayapi/testdata/tcproute-attaching-to-gateway-with-listener-tls-terminate.out.yaml +++ b/internal/gatewayapi/testdata/tcproute-attaching-to-gateway-with-listener-tls-terminate.out.yaml @@ -165,6 +165,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tcproute-with-backend.out.yaml b/internal/gatewayapi/testdata/tcproute-with-backend.out.yaml index 0565f5e2fc9..69addd22b73 100644 --- a/internal/gatewayapi/testdata/tcproute-with-backend.out.yaml +++ b/internal/gatewayapi/testdata/tcproute-with-backend.out.yaml @@ -110,6 +110,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tcp diff --git a/internal/gatewayapi/testdata/tlsroute-attaching-to-gateway.out.yaml b/internal/gatewayapi/testdata/tlsroute-attaching-to-gateway.out.yaml index a3dc7519ecd..b549ad3817e 100644 --- a/internal/gatewayapi/testdata/tlsroute-attaching-to-gateway.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-attaching-to-gateway.out.yaml @@ -93,6 +93,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tlsroute-invalid-reference-grant.out.yaml b/internal/gatewayapi/testdata/tlsroute-invalid-reference-grant.out.yaml index 833bcd48919..c0831ae274e 100644 --- a/internal/gatewayapi/testdata/tlsroute-invalid-reference-grant.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-invalid-reference-grant.out.yaml @@ -96,6 +96,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: gateway-conformance-infra/gateway-tlsroute-referencegrant/https diff --git a/internal/gatewayapi/testdata/tlsroute-multiple.out.yaml b/internal/gatewayapi/testdata/tlsroute-multiple.out.yaml index 5a065e6d6bb..6cf6f5b62a5 100644 --- a/internal/gatewayapi/testdata/tlsroute-multiple.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-multiple.out.yaml @@ -127,6 +127,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tlsroute-not-attaching-to-gateway-with-no-mode.out.yaml b/internal/gatewayapi/testdata/tlsroute-not-attaching-to-gateway-with-no-mode.out.yaml index af1a22807e7..bb3b530b548 100644 --- a/internal/gatewayapi/testdata/tlsroute-not-attaching-to-gateway-with-no-mode.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-not-attaching-to-gateway-with-no-mode.out.yaml @@ -79,3 +79,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/tlsroute-with-backend.out.yaml b/internal/gatewayapi/testdata/tlsroute-with-backend.out.yaml index d5ddd669db7..a45718cb48e 100644 --- a/internal/gatewayapi/testdata/tlsroute-with-backend.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-with-backend.out.yaml @@ -113,6 +113,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tlsroute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml b/internal/gatewayapi/testdata/tlsroute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml index 1f8515c6532..973fdadf66b 100644 --- a/internal/gatewayapi/testdata/tlsroute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-with-backendref-in-other-namespace-allowed-by-refgrant.out.yaml @@ -94,6 +94,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tlsroute-with-empty-hostname.out.yaml b/internal/gatewayapi/testdata/tlsroute-with-empty-hostname.out.yaml index 09664c0e41c..ba3c8e14cd6 100644 --- a/internal/gatewayapi/testdata/tlsroute-with-empty-hostname.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-with-empty-hostname.out.yaml @@ -92,6 +92,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tlsroute-with-empty-listener-hostname.out.yaml b/internal/gatewayapi/testdata/tlsroute-with-empty-listener-hostname.out.yaml index d40d0927396..08a0fef2d0d 100644 --- a/internal/gatewayapi/testdata/tlsroute-with-empty-listener-hostname.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-with-empty-listener-hostname.out.yaml @@ -94,6 +94,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tcp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/tls diff --git a/internal/gatewayapi/testdata/tlsroute-with-listener-both-passthrough-and-cert-data.out.yaml b/internal/gatewayapi/testdata/tlsroute-with-listener-both-passthrough-and-cert-data.out.yaml index b25e52b2663..504789febf9 100644 --- a/internal/gatewayapi/testdata/tlsroute-with-listener-both-passthrough-and-cert-data.out.yaml +++ b/internal/gatewayapi/testdata/tlsroute-with-listener-both-passthrough-and-cert-data.out.yaml @@ -84,3 +84,8 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 diff --git a/internal/gatewayapi/testdata/tracing-merged-multiple-routes.out.yaml b/internal/gatewayapi/testdata/tracing-merged-multiple-routes.out.yaml index 9c0610b4051..9363592cf99 100644 --- a/internal/gatewayapi/testdata/tracing-merged-multiple-routes.out.yaml +++ b/internal/gatewayapi/testdata/tracing-merged-multiple-routes.out.yaml @@ -314,6 +314,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tracing: authority: otel-collector.monitoring.svc.cluster.local destination: diff --git a/internal/gatewayapi/testdata/tracing-multiple-routes.out.yaml b/internal/gatewayapi/testdata/tracing-multiple-routes.out.yaml index 4bd1415e464..ae08d9848ec 100644 --- a/internal/gatewayapi/testdata/tracing-multiple-routes.out.yaml +++ b/internal/gatewayapi/testdata/tracing-multiple-routes.out.yaml @@ -290,6 +290,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tracing: authority: otel-collector.monitoring.svc.cluster.local destination: @@ -360,6 +365,11 @@ xdsIR: distinct: false name: "" prefix: / + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 tracing: authority: otel-collector.monitoring.svc.cluster.local destination: diff --git a/internal/gatewayapi/testdata/udproute-with-backend.out.yaml b/internal/gatewayapi/testdata/udproute-with-backend.out.yaml index 108d3949bb6..511ac7b931f 100644 --- a/internal/gatewayapi/testdata/udproute-with-backend.out.yaml +++ b/internal/gatewayapi/testdata/udproute-with-backend.out.yaml @@ -110,6 +110,11 @@ xdsIR: accessLog: text: - path: /dev/stdout + readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19003 udp: - address: 0.0.0.0 name: envoy-gateway/gateway-1/udp diff --git a/internal/gatewayapi/translator_test.go b/internal/gatewayapi/translator_test.go index 6ac3765f018..28af480221a 100644 --- a/internal/gatewayapi/translator_test.go +++ b/internal/gatewayapi/translator_test.go @@ -868,6 +868,7 @@ func (m *mockWasmCache) Cleanup() {} // This allows us to use cmp.Diff to compare the types with field-level cmpopts. func xdsWithoutEqual(a *ir.Xds) any { ret := struct { + ReadyListener *ir.ReadyListener AccessLog *ir.AccessLog Tracing *ir.Tracing Metrics *ir.Metrics @@ -877,6 +878,7 @@ func xdsWithoutEqual(a *ir.Xds) any { EnvoyPatchPolicies []*ir.EnvoyPatchPolicy FilterOrder []egv1a1.FilterPosition }{ + ReadyListener: a.ReadyListener, AccessLog: a.AccessLog, Tracing: a.Tracing, Metrics: a.Metrics, diff --git a/internal/infrastructure/host/proxy_infra.go b/internal/infrastructure/host/proxy_infra.go index 371aedc2be9..6c362535897 100644 --- a/internal/infrastructure/host/proxy_infra.go +++ b/internal/infrastructure/host/proxy_infra.go @@ -58,7 +58,7 @@ func (i *Infra) CreateOrUpdateProxyInfra(ctx context.Context, infra *ir.Infra) e XdsServerHost: ptr.To("0.0.0.0"), WasmServerPort: ptr.To(int32(0)), AdminServerPort: ptr.To(int32(0)), - ReadyServerPort: ptr.To(int32(0)), + StatsServerPort: ptr.To(int32(0)), } args, err := common.BuildProxyArgs(proxyInfra, proxyConfig.Spec.Shutdown, bootstrapConfigOptions, proxyName) diff --git a/internal/infrastructure/kubernetes/proxy/resource.go b/internal/infrastructure/kubernetes/proxy/resource.go index f99d0ce2b30..13d462cb6f5 100644 --- a/internal/infrastructure/kubernetes/proxy/resource.go +++ b/internal/infrastructure/kubernetes/proxy/resource.go @@ -81,22 +81,24 @@ func enablePrometheus(infra *ir.ProxyInfra) bool { // expectedProxyContainers returns expected proxy containers. func expectedProxyContainers(infra *ir.ProxyInfra, containerSpec *egv1a1.KubernetesContainerSpec, - shutdownConfig *egv1a1.ShutdownConfig, - shutdownManager *egv1a1.ShutdownManager, - namespace string, - dnsDomain string, + shutdownConfig *egv1a1.ShutdownConfig, shutdownManager *egv1a1.ShutdownManager, + namespace string, dnsDomain string, ) ([]corev1.Container, error) { - // Define slice to hold container ports - var ports []corev1.ContainerPort - + ports := make([]corev1.ContainerPort, 0, 2) if enablePrometheus(infra) { ports = append(ports, corev1.ContainerPort{ Name: "metrics", - ContainerPort: bootstrap.EnvoyReadinessPort, // TODO: make this configurable + ContainerPort: bootstrap.EnvoyStatsPort, // TODO: make this configurable Protocol: corev1.ProtocolTCP, }) } + ports = append(ports, corev1.ContainerPort{ + Name: "readiness", + ContainerPort: bootstrap.EnvoyReadinessPort, // TODO: make this configurable + Protocol: corev1.ProtocolTCP, + }) + var proxyMetrics *egv1a1.ProxyMetrics if infra.Config != nil && infra.Config.Spec.Telemetry != nil { diff --git a/internal/infrastructure/kubernetes/proxy/resource_provider.go b/internal/infrastructure/kubernetes/proxy/resource_provider.go index c769cde808f..b06f944f46e 100644 --- a/internal/infrastructure/kubernetes/proxy/resource_provider.go +++ b/internal/infrastructure/kubernetes/proxy/resource_provider.go @@ -576,7 +576,7 @@ func (r *ResourceRender) getPodAnnotations(resourceAnnotation map[string]string, if enablePrometheus(r.infra) { podAnnotations["prometheus.io/path"] = "/stats/prometheus" // TODO: make this configurable podAnnotations["prometheus.io/scrape"] = "true" - podAnnotations["prometheus.io/port"] = strconv.Itoa(bootstrap.EnvoyReadinessPort) + podAnnotations["prometheus.io/port"] = strconv.Itoa(bootstrap.EnvoyStatsPort) } if len(podAnnotations) == 0 { diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/component-level.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/component-level.yaml index 5b0f132f0b9..f78f2267fa3 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/component-level.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/component-level.yaml @@ -69,11 +69,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -97,7 +100,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/custom.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/custom.yaml index fd76973886f..43207e9acb0 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/custom.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/custom.yaml @@ -72,7 +72,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -83,7 +83,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -100,14 +100,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -256,11 +248,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -278,7 +273,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default-env.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default-env.yaml index 532b50a595b..a4bfeefd76f 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default-env.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default-env.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -255,11 +247,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -277,7 +272,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default.yaml index 4eff96068e8..c4fa20eaa92 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/disable-prometheus.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/disable-prometheus.yaml index 987b70c62d4..a482ba99808 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/disable-prometheus.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/disable-prometheus.yaml @@ -66,34 +66,6 @@ spec: ads: {} resource_api_version: V3 static_resources: - listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 - address: - socket_address: - address: '0.0.0.0' - port_value: 19001 - protocol: TCP - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http - normalize_path: true - route_config: - name: local_route - http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - connect_timeout: 10s load_assignment: @@ -207,11 +179,15 @@ spec: port: 19002 scheme: HTTP name: envoy + ports: + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -235,7 +211,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/extension-env.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/extension-env.yaml index a88d0beff48..079a5722535 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/extension-env.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/extension-env.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -259,11 +251,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -281,7 +276,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/override-labels-and-annotations.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/override-labels-and-annotations.yaml index d7e7983413a..7ba3ac9766f 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/override-labels-and-annotations.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/override-labels-and-annotations.yaml @@ -80,7 +80,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -91,7 +91,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -108,14 +108,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -249,11 +241,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -277,7 +272,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/patch-daemonset.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/patch-daemonset.yaml index c8dada01662..c2db2beb512 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/patch-daemonset.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/patch-daemonset.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/shutdown-manager.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/shutdown-manager.yaml index fa6582d16e5..64dfbd01891 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/shutdown-manager.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/shutdown-manager.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/volumes.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/volumes.yaml index 499941ef018..c81c0507bb4 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/volumes.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/volumes.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -259,11 +251,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -281,7 +276,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-annotations.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-annotations.yaml index 5141c4383d9..b8ac163095e 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-annotations.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-annotations.yaml @@ -76,7 +76,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -87,7 +87,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -104,14 +104,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -245,11 +237,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -273,7 +268,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-concurrency.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-concurrency.yaml index 409d1ee542d..7fbf478e1ec 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-concurrency.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-concurrency.yaml @@ -69,11 +69,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -97,7 +100,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-extra-args.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-extra-args.yaml index 157f0eec28e..469797f3ac6 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-extra-args.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-extra-args.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -242,11 +234,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -270,7 +265,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-image-pull-secrets.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-image-pull-secrets.yaml index 22e09211e4d..cdda89dbac3 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-image-pull-secrets.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-image-pull-secrets.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-name.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-name.yaml index f95aecfb59a..aac203a9283 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-name.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-name.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-node-selector.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-node-selector.yaml index 871540e0095..527bf9239b5 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-node-selector.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-node-selector.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-topology-spread-constraints.yaml b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-topology-spread-constraints.yaml index 794b4c3867c..2d8919f216d 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-topology-spread-constraints.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-topology-spread-constraints.yaml @@ -71,7 +71,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -82,7 +82,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -99,14 +99,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -240,11 +232,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -268,7 +263,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/bootstrap.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/bootstrap.yaml index b9d6973e3e5..3fd56466d1c 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/bootstrap.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/bootstrap.yaml @@ -72,11 +72,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -100,7 +103,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/component-level.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/component-level.yaml index 30172b63ce8..8a6c9740521 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/component-level.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/component-level.yaml @@ -73,11 +73,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -101,7 +104,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom.yaml index 15c4e42af5e..95f6743cce1 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom.yaml @@ -77,7 +77,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -88,7 +88,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -105,14 +105,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -261,11 +253,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -283,7 +278,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom_with_initcontainers.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom_with_initcontainers.yaml index 32faad1977d..14e5f61716b 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom_with_initcontainers.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/custom_with_initcontainers.yaml @@ -77,7 +77,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -88,7 +88,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -105,14 +105,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -261,11 +253,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -283,7 +278,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/default-env.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/default-env.yaml index 8272d1059a1..316dd3452b5 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/default-env.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/default-env.yaml @@ -76,7 +76,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -87,7 +87,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -104,14 +104,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -260,11 +252,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -282,7 +277,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/default.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/default.yaml index bd4d5ad476c..99f1d8b4160 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/default.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/default.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/disable-prometheus.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/disable-prometheus.yaml index 024a7833f90..5f4ed7dfc97 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/disable-prometheus.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/disable-prometheus.yaml @@ -70,34 +70,6 @@ spec: ads: {} resource_api_version: V3 static_resources: - listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 - address: - socket_address: - address: '0.0.0.0' - port_value: 19001 - protocol: TCP - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http - normalize_path: true - route_config: - name: local_route - http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - connect_timeout: 10s load_assignment: @@ -211,11 +183,15 @@ spec: port: 19002 scheme: HTTP name: envoy + ports: + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -239,7 +215,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/dual-stack.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/dual-stack.yaml index bfb4c2e701c..9e26cb9b3b7 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/dual-stack.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/dual-stack.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-::-19001 + - name: envoy-gateway-proxy-stats-::-19001 address: socket_address: address: '::' @@ -87,7 +87,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -104,14 +104,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -245,11 +237,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -273,7 +268,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/extension-env.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/extension-env.yaml index 80d794b1a18..1597933b16d 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/extension-env.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/extension-env.yaml @@ -76,7 +76,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -87,7 +87,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -104,14 +104,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -264,11 +256,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -286,7 +281,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/ipv6.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/ipv6.yaml index 68db42d74c0..4a26e317a3e 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/ipv6.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/ipv6.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-::-19001 + - name: envoy-gateway-proxy-stats-::-19001 address: socket_address: address: '::' @@ -87,7 +87,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -104,14 +104,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -245,11 +237,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -273,7 +268,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/override-labels-and-annotations.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/override-labels-and-annotations.yaml index dfba0ea9943..cbfb9844af2 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/override-labels-and-annotations.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/override-labels-and-annotations.yaml @@ -84,7 +84,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -95,7 +95,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -112,14 +112,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -253,11 +245,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -281,7 +276,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/patch-deployment.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/patch-deployment.yaml index db22502a7c8..aacfe65308a 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/patch-deployment.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/patch-deployment.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/shutdown-manager.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/shutdown-manager.yaml index 4ed5a9a0555..c7e644ab5d8 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/shutdown-manager.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/shutdown-manager.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/volumes.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/volumes.yaml index 438d1e6bd26..870a53a153a 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/volumes.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/volumes.yaml @@ -76,7 +76,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -87,7 +87,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -104,14 +104,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -264,11 +256,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -286,7 +281,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-annotations.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-annotations.yaml index cafd15b5c4c..7e0de78f079 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-annotations.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-annotations.yaml @@ -80,7 +80,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -91,7 +91,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -108,14 +108,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -249,11 +241,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -277,7 +272,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-concurrency.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-concurrency.yaml index 16df5efe6a3..3cdcc8f4d24 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-concurrency.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-concurrency.yaml @@ -73,11 +73,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -101,7 +104,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-empty-memory-limits.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-empty-memory-limits.yaml index 737bb465139..cedf8d34bac 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-empty-memory-limits.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-empty-memory-limits.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -271,7 +266,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-extra-args.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-extra-args.yaml index d015155ef04..35969b8afb8 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-extra-args.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-extra-args.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -246,11 +238,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -274,7 +269,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-image-pull-secrets.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-image-pull-secrets.yaml index 56eab6a0c63..b5370a29d77 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-image-pull-secrets.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-image-pull-secrets.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-name.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-name.yaml index 299f37c907d..487aa6d6c84 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-name.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-name.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-node-selector.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-node-selector.yaml index 6bf4aa1a775..fd060b447b8 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-node-selector.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-node-selector.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-topology-spread-constraints.yaml b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-topology-spread-constraints.yaml index 8134980283c..d56d729b8ee 100644 --- a/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-topology-spread-constraints.yaml +++ b/internal/infrastructure/kubernetes/proxy/testdata/deployments/with-topology-spread-constraints.yaml @@ -75,7 +75,7 @@ spec: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -86,7 +86,7 @@ spec: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -103,14 +103,6 @@ spec: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -244,11 +236,14 @@ spec: - containerPort: 19001 name: metrics protocol: TCP + - containerPort: 19003 + name: readiness + protocol: TCP readinessProbe: failureThreshold: 1 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 5 successThreshold: 1 @@ -272,7 +267,7 @@ spec: failureThreshold: 30 httpGet: path: /ready - port: 19001 + port: 19003 scheme: HTTP periodSeconds: 10 successThreshold: 1 diff --git a/internal/ir/xds.go b/internal/ir/xds.go index aeb2f165b60..f653fbf32fe 100644 --- a/internal/ir/xds.go +++ b/internal/ir/xds.go @@ -131,6 +131,8 @@ func (p *PrivateBytes) UnmarshalJSON(data []byte) error { // used by the xDS Translator to convert it into xDS resources. // +k8s:deepcopy-gen=true type Xds struct { + // ReadyListener is the listener that is ready to accept traffic. + ReadyListener *ReadyListener `json:"readyListener,omitempty" yaml:"readyListener,omitempty"` // AccessLog configuration for the gateway. AccessLog *AccessLog `json:"accessLog,omitempty" yaml:"accessLog,omitempty"` // Tracing configuration for the gateway. @@ -2029,6 +2031,15 @@ const ( ProxyAccessLogTypeListener = ProxyAccessLogType(egv1a1.ProxyAccessLogTypeListener) ) +// ReadyListener holds the configuration for ready listener. +// +k8s:deepcopy-gen=true +type ReadyListener struct { + IPFamily egv1a1.IPFamily `json:"ipFamily" yaml:"ipFamily"` + Address string `json:"address" yaml:"address"` + Port uint32 `json:"port" yaml:"port"` + Path string `json:"path" yaml:"path"` +} + // AccessLog holds the access logging configuration. // +k8s:deepcopy-gen=true type AccessLog struct { diff --git a/internal/ir/zz_generated.deepcopy.go b/internal/ir/zz_generated.deepcopy.go index 7ab45299ca6..a5be0b4b176 100644 --- a/internal/ir/zz_generated.deepcopy.go +++ b/internal/ir/zz_generated.deepcopy.go @@ -2637,6 +2637,21 @@ func (in *RateLimitValue) DeepCopy() *RateLimitValue { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReadyListener) DeepCopyInto(out *ReadyListener) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReadyListener. +func (in *ReadyListener) DeepCopy() *ReadyListener { + if in == nil { + return nil + } + out := new(ReadyListener) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Redirect) DeepCopyInto(out *Redirect) { *out = *in @@ -3749,6 +3764,11 @@ func (in *XForwardedClientCert) DeepCopy() *XForwardedClientCert { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Xds) DeepCopyInto(out *Xds) { *out = *in + if in.ReadyListener != nil { + in, out := &in.ReadyListener, &out.ReadyListener + *out = new(ReadyListener) + **out = **in + } if in.AccessLog != nil { in, out := &in.AccessLog, &out.AccessLog *out = new(AccessLog) diff --git a/internal/utils/proto/proto.go b/internal/utils/proto/proto.go index ff05e3a7150..cebe1ab706c 100644 --- a/internal/utils/proto/proto.go +++ b/internal/utils/proto/proto.go @@ -15,6 +15,13 @@ import ( protov1 "github.com/golang/protobuf/proto" "google.golang.org/protobuf/proto" "sigs.k8s.io/yaml" + + _ "github.com/envoyproxy/gateway/internal/xds/extensions" // DON'T REMOVE: import of all extensions +) + +var ( + marshaler = &jsonpb.Marshaler{} + unmarshaler = &jsonpb.Unmarshaler{AllowUnknownFields: true} ) func FromYAML(content []byte, pb proto.Message) error { @@ -26,7 +33,6 @@ func FromYAML(content []byte, pb proto.Message) error { } func ToYAML(pb proto.Message) ([]byte, error) { - marshaler := &jsonpb.Marshaler{} json, err := marshaler.MarshalToString(protov1.MessageV1(pb)) if err != nil { return nil, err @@ -35,6 +41,5 @@ func ToYAML(pb proto.Message) ([]byte, error) { } func FromJSON(content []byte, out proto.Message) error { - unmarshaler := &jsonpb.Unmarshaler{AllowUnknownFields: true} return unmarshaler.Unmarshal(bytes.NewReader(content), protov1.MessageV1(out)) } diff --git a/internal/xds/bootstrap/bootstrap.go b/internal/xds/bootstrap/bootstrap.go index 0b043bd163b..c23ac9a6236 100644 --- a/internal/xds/bootstrap/bootstrap.go +++ b/internal/xds/bootstrap/bootstrap.go @@ -42,10 +42,9 @@ const ( // DefaultWasmServerPort is the default listening port of the wasm HTTP server. wasmServerPort = 18002 - envoyReadinessAddressv4 = "0.0.0.0" - envoyReadinessAddressv6 = "::" + EnvoyStatsPort = 19001 - EnvoyReadinessPort = 19001 + EnvoyReadinessPort = 19003 EnvoyReadinessPath = "/ready" defaultSdsTrustedCAPath = "/sds/xds-trusted-ca.json" @@ -73,9 +72,8 @@ type bootstrapParameters struct { WasmServer serverParameters // AdminServer defines the configuration of the Envoy admin interface. AdminServer adminServerParameters - // ReadyServer defines the configuration for health check ready listener - ReadyServer readyServerParameters - + // StatsServer defines the configuration for stats listener + StatsServer serverParameters // SdsCertificatePath defines the path to SDS certificate config. SdsCertificatePath string // SdsTrustedCAPath defines the path to SDS trusted CA config. @@ -86,6 +84,7 @@ type bootstrapParameters struct { // EnablePrometheusCompression defines whether to enable HTTP compression on metrics endpoint for prometheus. EnablePrometheusCompression bool // PrometheusCompressionLibrary defines the HTTP compression library for metrics endpoint for prometheus. + // TODO: remove this field because it is not used. PrometheusCompressionLibrary string // OtelMetricSinks defines the configuration of the OpenTelemetry sinks. @@ -125,15 +124,6 @@ type adminServerParameters struct { AccessLogPath string } -type readyServerParameters struct { - // Address is the address of the Envoy readiness probe - Address string - // Port is the port of envoy readiness probe - Port int32 - // ReadinessPath is the path for the envoy readiness probe - ReadinessPath string -} - type StatsMatcherParameters struct { Exacts []string Prefixes []string @@ -153,7 +143,7 @@ type RenderBootstrapConfigOptions struct { XdsServerPort *int32 WasmServerPort *int32 AdminServerPort *int32 - ReadyServerPort *int32 + StatsServerPort *int32 MaxHeapSizeBytes uint64 } @@ -262,10 +252,9 @@ func GetRenderedBootstrapConfig(opts *RenderBootstrapConfigOptions) (string, err Port: EnvoyAdminPort, AccessLogPath: envoyAdminAccessLogPath, }, - ReadyServer: readyServerParameters{ - Address: envoyReadinessAddressv4, - Port: EnvoyReadinessPort, - ReadinessPath: EnvoyReadinessPath, + StatsServer: serverParameters{ + Address: netutils.IPv4ListenerAddress, + Port: EnvoyStatsPort, }, SdsCertificatePath: defaultSdsCertificatePath, SdsTrustedCAPath: defaultSdsTrustedCAPath, @@ -301,8 +290,8 @@ func GetRenderedBootstrapConfig(opts *RenderBootstrapConfigOptions) (string, err if opts.AdminServerPort != nil { cfg.parameters.AdminServer.Port = *opts.AdminServerPort } - if opts.ReadyServerPort != nil { - cfg.parameters.ReadyServer.Port = *opts.ReadyServerPort + if opts.StatsServerPort != nil { + cfg.parameters.StatsServer.Port = *opts.StatsServerPort } if opts.WasmServerPort != nil { cfg.parameters.WasmServer.Port = *opts.WasmServerPort @@ -312,9 +301,9 @@ func GetRenderedBootstrapConfig(opts *RenderBootstrapConfigOptions) (string, err cfg.parameters.IPFamily = string(*opts.IPFamily) if *opts.IPFamily == egv1a1.IPv6 { cfg.parameters.AdminServer.Address = EnvoyAdminAddressV6 - cfg.parameters.ReadyServer.Address = envoyReadinessAddressv6 + cfg.parameters.StatsServer.Address = netutils.IPv6ListenerAddress } else if *opts.IPFamily == egv1a1.DualStack { - cfg.parameters.ReadyServer.Address = envoyReadinessAddressv6 + cfg.parameters.StatsServer.Address = netutils.IPv6ListenerAddress } } diff --git a/internal/xds/bootstrap/bootstrap.yaml.tpl b/internal/xds/bootstrap/bootstrap.yaml.tpl index c2497164cff..44356096ba5 100644 --- a/internal/xds/bootstrap/bootstrap.yaml.tpl +++ b/internal/xds/bootstrap/bootstrap.yaml.tpl @@ -61,12 +61,13 @@ stats_sinks: {{- end }} {{- end }} static_resources: + {{- if .EnablePrometheus }} listeners: - - name: envoy-gateway-proxy-ready-{{ .ReadyServer.Address }}-{{ .ReadyServer.Port }} + - name: envoy-gateway-proxy-stats-{{ .StatsServer.Address }}-{{ .StatsServer.Port }} address: socket_address: - address: '{{ .ReadyServer.Address }}' - port_value: {{ .ReadyServer.Port }} + address: '{{ .StatsServer.Address }}' + port_value: {{ .StatsServer.Port }} protocol: TCP {{- if eq .IPFamily "DualStack" "IPv6" }} ipv4_compat: true @@ -76,11 +77,10 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route - {{- if .EnablePrometheus }} virtual_hosts: - name: prometheus_stats domains: @@ -116,19 +116,11 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.compression.zstd.compressor.v3.Zstd {{- end }} {{- end }} - {{- end }} http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: {{ .ReadyServer.ReadinessPath }} - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + {{- end }} clusters: {{- if .EnablePrometheus }} - name: prometheus_stats diff --git a/internal/xds/bootstrap/bootstrap_test.go b/internal/xds/bootstrap/bootstrap_test.go index d72220a0141..f8916118a4b 100644 --- a/internal/xds/bootstrap/bootstrap_test.go +++ b/internal/xds/bootstrap/bootstrap_test.go @@ -150,7 +150,7 @@ func TestGetRenderedBootstrapConfig(t *testing.T) { XdsServerPort: ptr.To(int32(12345)), WasmServerPort: ptr.To(int32(1111)), AdminServerPort: ptr.To(int32(2222)), - ReadyServerPort: ptr.To(int32(3333)), + StatsServerPort: ptr.To(int32(3333)), SdsConfig: sds, }, }, diff --git a/internal/xds/bootstrap/testdata/merge/default.out.yaml b/internal/xds/bootstrap/testdata/merge/default.out.yaml index f11c4279074..5d5ec881b8e 100644 --- a/internal/xds/bootstrap/testdata/merge/default.out.yaml +++ b/internal/xds/bootstrap/testdata/merge/default.out.yaml @@ -146,14 +146,6 @@ staticResources: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -172,5 +164,5 @@ staticResources: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 diff --git a/internal/xds/bootstrap/testdata/merge/merge-user-bootstrap.out.yaml b/internal/xds/bootstrap/testdata/merge/merge-user-bootstrap.out.yaml index d01fa7b1abb..5867707ec57 100644 --- a/internal/xds/bootstrap/testdata/merge/merge-user-bootstrap.out.yaml +++ b/internal/xds/bootstrap/testdata/merge/merge-user-bootstrap.out.yaml @@ -152,14 +152,6 @@ staticResources: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -178,5 +170,5 @@ staticResources: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 diff --git a/internal/xds/bootstrap/testdata/merge/patch-global-config.out.yaml b/internal/xds/bootstrap/testdata/merge/patch-global-config.out.yaml index ef9fd780d8f..3311b59dbbd 100644 --- a/internal/xds/bootstrap/testdata/merge/patch-global-config.out.yaml +++ b/internal/xds/bootstrap/testdata/merge/patch-global-config.out.yaml @@ -143,14 +143,6 @@ static_resources: typed_config: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager http_filters: - - name: envoy.filters.http.health_check - typed_config: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - string_match: - exact: /ready - pass_through_mode: false - name: envoy.filters.http.router typed_config: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -169,5 +161,5 @@ static_resources: path: /stats/prometheus route: cluster: prometheus_stats - stat_prefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + stat_prefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 diff --git a/internal/xds/bootstrap/testdata/merge/stats_sinks.out.yaml b/internal/xds/bootstrap/testdata/merge/stats_sinks.out.yaml index 7620d655af2..a45cd29d599 100644 --- a/internal/xds/bootstrap/testdata/merge/stats_sinks.out.yaml +++ b/internal/xds/bootstrap/testdata/merge/stats_sinks.out.yaml @@ -163,14 +163,6 @@ staticResources: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: - - name: envoy.filters.http.health_check - typedConfig: - '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - headers: - - name: :path - stringMatch: - exact: /ready - passThroughMode: false - name: envoy.filters.http.router typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router @@ -189,8 +181,8 @@ staticResources: path: /stats/prometheus route: cluster: prometheus_stats - statPrefix: eg-ready-http - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + statPrefix: eg-stats-http + name: envoy-gateway-proxy-stats-0.0.0.0-19001 statsSinks: - name: envoy.stat_sinks.metrics_service typedConfig: diff --git a/internal/xds/bootstrap/testdata/render/custom-server-port.yaml b/internal/xds/bootstrap/testdata/render/custom-server-port.yaml index aad12c4e8f4..addf17ed72a 100644 --- a/internal/xds/bootstrap/testdata/render/custom-server-port.yaml +++ b/internal/xds/bootstrap/testdata/render/custom-server-port.yaml @@ -31,7 +31,7 @@ dynamic_resources: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-3333 + - name: envoy-gateway-proxy-stats-0.0.0.0-3333 address: socket_address: address: '0.0.0.0' @@ -42,7 +42,7 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -59,14 +59,6 @@ static_resources: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router diff --git a/internal/xds/bootstrap/testdata/render/custom-stats-matcher.yaml b/internal/xds/bootstrap/testdata/render/custom-stats-matcher.yaml index 6e3adf03e6d..30682721a3a 100644 --- a/internal/xds/bootstrap/testdata/render/custom-stats-matcher.yaml +++ b/internal/xds/bootstrap/testdata/render/custom-stats-matcher.yaml @@ -42,7 +42,7 @@ dynamic_resources: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -53,7 +53,7 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -70,14 +70,6 @@ static_resources: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router diff --git a/internal/xds/bootstrap/testdata/render/disable-prometheus.yaml b/internal/xds/bootstrap/testdata/render/disable-prometheus.yaml index d5f6664ef37..fa87e3b08db 100644 --- a/internal/xds/bootstrap/testdata/render/disable-prometheus.yaml +++ b/internal/xds/bootstrap/testdata/render/disable-prometheus.yaml @@ -30,34 +30,6 @@ dynamic_resources: ads: {} resource_api_version: V3 static_resources: - listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 - address: - socket_address: - address: '0.0.0.0' - port_value: 19001 - protocol: TCP - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http - normalize_path: true - route_config: - name: local_route - http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - connect_timeout: 10s load_assignment: diff --git a/internal/xds/bootstrap/testdata/render/enable-prometheus-gzip-compression.yaml b/internal/xds/bootstrap/testdata/render/enable-prometheus-gzip-compression.yaml index 8af4b2254ed..8f168089804 100644 --- a/internal/xds/bootstrap/testdata/render/enable-prometheus-gzip-compression.yaml +++ b/internal/xds/bootstrap/testdata/render/enable-prometheus-gzip-compression.yaml @@ -31,7 +31,7 @@ dynamic_resources: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -42,7 +42,7 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -66,14 +66,6 @@ static_resources: typed_config: "@type": type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router diff --git a/internal/xds/bootstrap/testdata/render/enable-prometheus.yaml b/internal/xds/bootstrap/testdata/render/enable-prometheus.yaml index 3fa87bbb460..c1d495764fc 100644 --- a/internal/xds/bootstrap/testdata/render/enable-prometheus.yaml +++ b/internal/xds/bootstrap/testdata/render/enable-prometheus.yaml @@ -31,7 +31,7 @@ dynamic_resources: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -42,7 +42,7 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -59,14 +59,6 @@ static_resources: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router diff --git a/internal/xds/bootstrap/testdata/render/ipv6.yaml b/internal/xds/bootstrap/testdata/render/ipv6.yaml index 064d1334656..93d20a50915 100644 --- a/internal/xds/bootstrap/testdata/render/ipv6.yaml +++ b/internal/xds/bootstrap/testdata/render/ipv6.yaml @@ -31,7 +31,7 @@ dynamic_resources: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-::-19001 + - name: envoy-gateway-proxy-stats-::-19001 address: socket_address: address: '::' @@ -43,7 +43,7 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -60,14 +60,6 @@ static_resources: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router diff --git a/internal/xds/bootstrap/testdata/render/otel-metrics-backendref.yaml b/internal/xds/bootstrap/testdata/render/otel-metrics-backendref.yaml index bf2c2693d82..5dd7fa34727 100644 --- a/internal/xds/bootstrap/testdata/render/otel-metrics-backendref.yaml +++ b/internal/xds/bootstrap/testdata/render/otel-metrics-backendref.yaml @@ -37,34 +37,6 @@ stats_sinks: envoy_grpc: cluster_name: otel_metric_sink_0 static_resources: - listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 - address: - socket_address: - address: '0.0.0.0' - port_value: 19001 - protocol: TCP - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http - normalize_path: true - route_config: - name: local_route - http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - name: otel_metric_sink_0 connect_timeout: 0.250s diff --git a/internal/xds/bootstrap/testdata/render/otel-metrics.yaml b/internal/xds/bootstrap/testdata/render/otel-metrics.yaml index bf2c2693d82..5dd7fa34727 100644 --- a/internal/xds/bootstrap/testdata/render/otel-metrics.yaml +++ b/internal/xds/bootstrap/testdata/render/otel-metrics.yaml @@ -37,34 +37,6 @@ stats_sinks: envoy_grpc: cluster_name: otel_metric_sink_0 static_resources: - listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 - address: - socket_address: - address: '0.0.0.0' - port_value: 19001 - protocol: TCP - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http - normalize_path: true - route_config: - name: local_route - http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - name: otel_metric_sink_0 connect_timeout: 0.250s diff --git a/internal/xds/bootstrap/testdata/render/with-max-heap-size-bytes.yaml b/internal/xds/bootstrap/testdata/render/with-max-heap-size-bytes.yaml index 2dc4b923909..0ada82fe1af 100644 --- a/internal/xds/bootstrap/testdata/render/with-max-heap-size-bytes.yaml +++ b/internal/xds/bootstrap/testdata/render/with-max-heap-size-bytes.yaml @@ -31,7 +31,7 @@ dynamic_resources: resource_api_version: V3 static_resources: listeners: - - name: envoy-gateway-proxy-ready-0.0.0.0-19001 + - name: envoy-gateway-proxy-stats-0.0.0.0-19001 address: socket_address: address: '0.0.0.0' @@ -42,7 +42,7 @@ static_resources: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: eg-ready-http + stat_prefix: eg-stats-http normalize_path: true route_config: name: local_route @@ -59,14 +59,6 @@ static_resources: route: cluster: prometheus_stats http_filters: - - name: envoy.filters.http.health_check - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck - pass_through_mode: false - headers: - - name: ":path" - string_match: - exact: /ready - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router diff --git a/internal/xds/bootstrap/util.go b/internal/xds/bootstrap/util.go index 701da1f102a..71bfc33a5a3 100644 --- a/internal/xds/bootstrap/util.go +++ b/internal/xds/bootstrap/util.go @@ -16,7 +16,6 @@ import ( "github.com/envoyproxy/gateway/internal/ir" "github.com/envoyproxy/gateway/internal/utils/jsonpatch" "github.com/envoyproxy/gateway/internal/utils/proto" - _ "github.com/envoyproxy/gateway/internal/xds/extensions" // DON'T REMOVE: import of all extensions ) // ApplyBootstrapConfig applies the bootstrap config to the default bootstrap config and return the result config. diff --git a/internal/xds/bootstrap/validate.go b/internal/xds/bootstrap/validate.go index 5e08db72957..aa2dfc01312 100644 --- a/internal/xds/bootstrap/validate.go +++ b/internal/xds/bootstrap/validate.go @@ -15,7 +15,6 @@ import ( egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1" "github.com/envoyproxy/gateway/internal/utils/proto" - _ "github.com/envoyproxy/gateway/internal/xds/extensions" // DON'T REMOVE: import of all extensions ) func fetchAndPatchBootstrap(boostrapConfig *egv1a1.ProxyBootstrap) (*bootstrapv3.Bootstrap, *bootstrapv3.Bootstrap, error) { diff --git a/internal/xds/filters/testdata/healthcheck.yaml b/internal/xds/filters/testdata/healthcheck.yaml new file mode 100644 index 00000000000..69e096a9f04 --- /dev/null +++ b/internal/xds/filters/testdata/healthcheck.yaml @@ -0,0 +1,8 @@ +name: envoy.filters.http.health_check +typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + pass_through_mode: false + headers: + - name: ":path" + string_match: + exact: test_path diff --git a/internal/xds/filters/wellknown.go b/internal/xds/filters/wellknown.go index 524b932fe56..336c1278fd7 100644 --- a/internal/xds/filters/wellknown.go +++ b/internal/xds/filters/wellknown.go @@ -6,10 +6,13 @@ package filters import ( + routev3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" grpcstats "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_stats/v3" grpcweb "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_web/v3" + healthcheck "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/health_check/v3" httprouter "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3" hcm "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" + matcherv3 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" "github.com/envoyproxy/go-control-plane/pkg/wellknown" "google.golang.org/protobuf/types/known/wrapperspb" @@ -48,7 +51,7 @@ func init() { } func GenerateRouterFilter(enableEnvoyHeaders bool) (*hcm.HttpFilter, error) { - any, err := protocov.ToAnyWithValidation(&httprouter.Router{ + anyCfg, err := protocov.ToAnyWithValidation(&httprouter.Router{ SuppressEnvoyHeaders: !enableEnvoyHeaders, }) if err != nil { @@ -57,7 +60,34 @@ func GenerateRouterFilter(enableEnvoyHeaders bool) (*hcm.HttpFilter, error) { return &hcm.HttpFilter{ Name: wellknown.Router, ConfigType: &hcm.HttpFilter_TypedConfig{ - TypedConfig: any, + TypedConfig: anyCfg, + }, + }, nil +} + +func GenerateHealthCheckFilter(checkPath string) (*hcm.HttpFilter, error) { + anyCfg, err := protocov.ToAnyWithValidation(&healthcheck.HealthCheck{ + PassThroughMode: &wrapperspb.BoolValue{Value: false}, + Headers: []*routev3.HeaderMatcher{ + { + Name: ":path", + HeaderMatchSpecifier: &routev3.HeaderMatcher_StringMatch{ + StringMatch: &matcherv3.StringMatcher{ + MatchPattern: &matcherv3.StringMatcher_Exact{ + Exact: checkPath, + }, + }, + }, + }, + }, + }) + if err != nil { + return nil, err + } + return &hcm.HttpFilter{ + Name: wellknown.HealthCheck, + ConfigType: &hcm.HttpFilter_TypedConfig{ + TypedConfig: anyCfg, }, }, nil } diff --git a/internal/xds/filters/wellknown_test.go b/internal/xds/filters/wellknown_test.go new file mode 100644 index 00000000000..41b5a30633c --- /dev/null +++ b/internal/xds/filters/wellknown_test.go @@ -0,0 +1,37 @@ +// Copyright Envoy Gateway Authors +// SPDX-License-Identifier: Apache-2.0 +// The full text of the Apache license is available in the LICENSE file at +// the root of the repo. + +package filters + +import ( + "os" + "path" + "testing" + + hcm "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" + "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/require" + "google.golang.org/protobuf/testing/protocmp" + + "github.com/envoyproxy/gateway/internal/utils/proto" +) + +func TestGenerateHealthCheckFilter(t *testing.T) { + got, err := GenerateHealthCheckFilter("test_path") + require.NoError(t, err) + + b := readTestData(t, "healthcheck.yaml") + expected := &hcm.HttpFilter{} + err = proto.FromYAML(b, expected) + require.NoError(t, err) + + require.Empty(t, cmp.Diff(expected, got, protocmp.Transform())) +} + +func readTestData(t *testing.T, filename string) []byte { + data, err := os.ReadFile(path.Join("testdata", filename)) + require.NoError(t, err) + return data +} diff --git a/internal/xds/translator/jsonpatch.go b/internal/xds/translator/jsonpatch.go index 8a56ed689e4..c8b2a7141a7 100644 --- a/internal/xds/translator/jsonpatch.go +++ b/internal/xds/translator/jsonpatch.go @@ -26,10 +26,6 @@ import ( "github.com/envoyproxy/gateway/internal/xds/types" ) -const ( - EmptyPath = "" -) - type typedName struct { Type string Name string diff --git a/internal/xds/translator/listener_ready.go b/internal/xds/translator/listener_ready.go new file mode 100644 index 00000000000..689f6178263 --- /dev/null +++ b/internal/xds/translator/listener_ready.go @@ -0,0 +1,104 @@ +// Copyright Envoy Gateway Authors +// SPDX-License-Identifier: Apache-2.0 +// The full text of the Apache license is available in the LICENSE file at +// the root of the repo. + +package translator + +import ( + "fmt" + + corev3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" + listenerv3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" + routev3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" + hcmv3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" + "github.com/envoyproxy/go-control-plane/pkg/wellknown" + + egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1" + "github.com/envoyproxy/gateway/internal/ir" + "github.com/envoyproxy/gateway/internal/utils/protocov" + "github.com/envoyproxy/gateway/internal/xds/bootstrap" + "github.com/envoyproxy/gateway/internal/xds/filters" +) + +func buildReadyListener(ready *ir.ReadyListener) (*listenerv3.Listener, error) { + ipv4Compact := false + if ready.IPFamily == egv1a1.IPv6 || ready.IPFamily == egv1a1.DualStack { + ipv4Compact = true + } + hcmFilters := make([]*hcmv3.HttpFilter, 0, 3) + healthcheckFilter, err := filters.GenerateHealthCheckFilter(bootstrap.EnvoyReadinessPath) + if err != nil { + return nil, err + } + hcmFilters = append(hcmFilters, healthcheckFilter) + + router, err := filters.GenerateRouterFilter(false) + if err != nil { + return nil, err + } + hcmFilters = append(hcmFilters, router) + + hcm := &hcmv3.HttpConnectionManager{ + StatPrefix: "eg-ready-http", + RouteSpecifier: &hcmv3.HttpConnectionManager_RouteConfig{ + RouteConfig: &routev3.RouteConfiguration{ + Name: "ready_route", + VirtualHosts: []*routev3.VirtualHost{ + { + Name: "ready_route", + Domains: []string{"*"}, + Routes: []*routev3.Route{ + { + Match: &routev3.RouteMatch{ + PathSpecifier: &routev3.RouteMatch_Prefix{ + Prefix: "/", // match all + }, + }, + Action: &routev3.Route_DirectResponse{ + DirectResponse: &routev3.DirectResponseAction{ + Status: 500, // you should not trigger this, healthcheck filter take care of it + }, + }, + }, + }, + }, + }, + }, + }, + HttpFilters: hcmFilters, + } + + hcmAny, err := protocov.ToAnyWithValidation(hcm) + if err != nil { + return nil, err + } + + return &listenerv3.Listener{ + Name: fmt.Sprintf("envoy-gateway-proxy-ready-%s-%d", ready.Address, ready.Port), + Address: &corev3.Address{ + Address: &corev3.Address_SocketAddress{ + SocketAddress: &corev3.SocketAddress{ + Address: ready.Address, + PortSpecifier: &corev3.SocketAddress_PortValue{ + PortValue: ready.Port, + }, + Protocol: corev3.SocketAddress_TCP, + Ipv4Compat: ipv4Compact, + }, + }, + }, + FilterChains: []*listenerv3.FilterChain{ + { + Filters: []*listenerv3.Filter{ + { + Name: wellknown.HTTPConnectionManager, + ConfigType: &listenerv3.Filter_TypedConfig{ + TypedConfig: hcmAny, + }, + }, + }, + }, + }, + }, nil +} diff --git a/internal/xds/translator/listener_ready_test.go b/internal/xds/translator/listener_ready_test.go new file mode 100644 index 00000000000..ec522ad7bb3 --- /dev/null +++ b/internal/xds/translator/listener_ready_test.go @@ -0,0 +1,86 @@ +// Copyright Envoy Gateway Authors +// SPDX-License-Identifier: Apache-2.0 +// The full text of the Apache license is available in the LICENSE file at +// the root of the repo. + +package translator + +import ( + "os" + "path" + "testing" + + listenerv3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" + "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/require" + "google.golang.org/protobuf/testing/protocmp" + + egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1" + "github.com/envoyproxy/gateway/internal/ir" + "github.com/envoyproxy/gateway/internal/utils/proto" +) + +func TestBuildReadyListener(t *testing.T) { + cases := []struct { + name string + ready *ir.ReadyListener + }{ + { + name: "ipv4", + ready: &ir.ReadyListener{ + IPFamily: egv1a1.IPv4, + Address: "0.0.0.0", + Port: 19001, + Path: "/ready", + }, + }, + { + name: "ipv6", + ready: &ir.ReadyListener{ + IPFamily: egv1a1.IPv6, + Address: "::", + Port: 19001, + Path: "/ready", + }, + }, + { + name: "dual", + ready: &ir.ReadyListener{ + IPFamily: egv1a1.DualStack, + Address: "::", + Port: 19001, + Path: "/ready", + }, + }, + } + + for _, tc := range cases { + t.Run(tc.name, func(t *testing.T) { + got, err := buildReadyListener(tc.ready) + if err != nil { + t.Errorf("unexpected error: %v", err) + } + + if *overrideTestData { + data, err := proto.ToYAML(got) + require.NoError(t, err) + err = os.WriteFile(path.Join("testdata", "readylistener", tc.name+".yaml"), data, 0o600) + require.NoError(t, err) + return + } + + data := readTestData(t, "readylistener", tc.name) + expected := &listenerv3.Listener{} + err = proto.FromYAML(data, expected) + require.NoError(t, err) + + require.Empty(t, cmp.Diff(expected, got, protocmp.Transform())) + }) + } +} + +func readTestData(t *testing.T, testName, caseName string) []byte { + data, err := os.ReadFile(path.Join("testdata", testName, caseName+".yaml")) + require.NoError(t, err) + return data +} diff --git a/internal/xds/translator/testdata/in/xds-ir/ready.yaml b/internal/xds/translator/testdata/in/xds-ir/ready.yaml new file mode 100644 index 00000000000..27b8e13e803 --- /dev/null +++ b/internal/xds/translator/testdata/in/xds-ir/ready.yaml @@ -0,0 +1,6 @@ +readyListener: + address: 0.0.0.0 + ipFamily: IPv4 + path: /ready + port: 19001 + prometheusEnabled: true diff --git a/internal/xds/translator/testdata/out/xds-ir/ready.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ready.clusters.yaml new file mode 100644 index 00000000000..fe51488c706 --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/ready.clusters.yaml @@ -0,0 +1 @@ +[] diff --git a/internal/xds/translator/testdata/out/xds-ir/ready.endpoints.yaml b/internal/xds/translator/testdata/out/xds-ir/ready.endpoints.yaml new file mode 100644 index 00000000000..fe51488c706 --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/ready.endpoints.yaml @@ -0,0 +1 @@ +[] diff --git a/internal/xds/translator/testdata/out/xds-ir/ready.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ready.listeners.yaml new file mode 100644 index 00000000000..5ac3ac46673 --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/ready.listeners.yaml @@ -0,0 +1,35 @@ +- address: + socketAddress: + address: 0.0.0.0 + portValue: 19001 + filterChains: + - filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http + name: envoy-gateway-proxy-ready-0.0.0.0-19001 diff --git a/internal/xds/translator/testdata/out/xds-ir/ready.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/ready.routes.yaml new file mode 100644 index 00000000000..fe51488c706 --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/ready.routes.yaml @@ -0,0 +1 @@ +[] diff --git a/internal/xds/translator/testdata/readylistener/dual.yaml b/internal/xds/translator/testdata/readylistener/dual.yaml new file mode 100644 index 00000000000..2f14f1dc44f --- /dev/null +++ b/internal/xds/translator/testdata/readylistener/dual.yaml @@ -0,0 +1,36 @@ +address: + socketAddress: + address: '::' + ipv4Compat: true + portValue: 19001 +filterChains: +- filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http +name: envoy-gateway-proxy-ready-::-19001 diff --git a/internal/xds/translator/testdata/readylistener/ipv4.yaml b/internal/xds/translator/testdata/readylistener/ipv4.yaml new file mode 100644 index 00000000000..7997a85e70a --- /dev/null +++ b/internal/xds/translator/testdata/readylistener/ipv4.yaml @@ -0,0 +1,35 @@ +address: + socketAddress: + address: 0.0.0.0 + portValue: 19001 +filterChains: +- filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http +name: envoy-gateway-proxy-ready-0.0.0.0-19001 diff --git a/internal/xds/translator/testdata/readylistener/ipv6.yaml b/internal/xds/translator/testdata/readylistener/ipv6.yaml new file mode 100644 index 00000000000..2f14f1dc44f --- /dev/null +++ b/internal/xds/translator/testdata/readylistener/ipv6.yaml @@ -0,0 +1,36 @@ +address: + socketAddress: + address: '::' + ipv4Compat: true + portValue: 19001 +filterChains: +- filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + httpFilters: + - name: envoy.filters.http.health_check + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck + headers: + - name: :path + stringMatch: + exact: /ready + passThroughMode: false + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + routeConfig: + name: ready_route + virtualHosts: + - domains: + - '*' + name: ready_route + routes: + - directResponse: + status: 500 + match: + prefix: / + statPrefix: eg-ready-http +name: envoy-gateway-proxy-ready-::-19001 diff --git a/internal/xds/translator/translator.go b/internal/xds/translator/translator.go index 071f929c63e..bfd0a17054f 100644 --- a/internal/xds/translator/translator.go +++ b/internal/xds/translator/translator.go @@ -89,6 +89,10 @@ func (t *Translator) Translate(xdsIR *ir.Xds) (*types.ResourceVersionTable, erro // to collect all errors and reflect them in the status of the CRDs. var errs error + if err := t.processHTTPReadyListenerXdsTranslation(tCtx, xdsIR.ReadyListener); err != nil { + errs = errors.Join(errs, err) + } + if err := t.processHTTPListenerXdsTranslation( tCtx, xdsIR.HTTP, xdsIR.AccessLog, xdsIR.Tracing, xdsIR.Metrics); err != nil { errs = errors.Join(errs, err) @@ -259,6 +263,23 @@ func clearAllRoutes(hcm *hcmv3.HttpConnectionManager) { } } +func (t *Translator) processHTTPReadyListenerXdsTranslation(tCtx *types.ResourceVersionTable, ready *ir.ReadyListener) error { + // If there is no ready listener, return early. + // TODO: update all testcases to use the new ReadyListener field + if ready == nil { + return nil + } + l, err := buildReadyListener(ready) + if err != nil { + return err + } + err = tCtx.AddXdsResource(resourcev3.ListenerType, l) + if err != nil { + return err + } + return nil +} + func (t *Translator) processHTTPListenerXdsTranslation( tCtx *types.ResourceVersionTable, httpListeners []*ir.HTTPListener, diff --git a/release-notes/current.yaml b/release-notes/current.yaml index bd0d5ebcf5f..f036c6a8752 100644 --- a/release-notes/current.yaml +++ b/release-notes/current.yaml @@ -2,6 +2,7 @@ date: Pending # Changes that are expected to cause an incompatibility with previous versions, such as deletions or modifications to existing APIs. breaking changes: | + Use a dedicated listener port(19003) for envoy proxy readiness # Updates addressing vulnerabilities, security flaws, or compliance requirements. security updates: | diff --git a/site/content/en/latest/install/install-helm.md b/site/content/en/latest/install/install-helm.md index 16975efc84d..2fbb015327d 100644 --- a/site/content/en/latest/install/install-helm.md +++ b/site/content/en/latest/install/install-helm.md @@ -130,20 +130,22 @@ These are the ports used by Envoy Gateway and the managed Envoy Proxy. ### Envoy Gateway -| Envoy Gateway | Address | Port | Configurable | -|:----------------------:|:---------:|:------:| :------: | -| Xds EnvoyProxy Server | 0.0.0.0 | 18000 | No | -| Xds RateLimit Server | 0.0.0.0 | 18001 | No | -| Admin Server | 127.0.0.1 | 19000 | Yes | -| Metrics Server | 0.0.0.0 | 19001 | No | -| Health Check | 127.0.0.1 | 8081 | No | +| Envoy Gateway | Address | Port | Configurable | +| :-------------------: | :-------: | :---: | :----------: | +| Xds EnvoyProxy Server | 0.0.0.0 | 18000 | No | +| Xds RateLimit Server | 0.0.0.0 | 18001 | No | +| Admin Server | 127.0.0.1 | 19000 | Yes | +| Metrics Server | 0.0.0.0 | 19001 | No | +| Health Check | 127.0.0.1 | 8081 | No | ### EnvoyProxy -| Envoy Proxy | Address | Port | -|:---------------------------------:|:-----------:| :-----: | -| Admin Server | 127.0.0.1 | 19000 | -| Heath Check | 0.0.0.0 | 19001 | +| Envoy Proxy | Address | Port | +| :--------------: | :-------: | :---: | +| Admin Server | 127.0.0.1 | 19000 | +| Stats | 0.0.0.0 | 19001 | +| Shutdown Manager | 0.0.0.0 | 19002 | +| Readiness | 0.0.0.0 | 19003 | {{% alert title="Next Steps" color="warning" %}} Envoy Gateway should now be successfully installed and running. To experience more abilities of Envoy Gateway, refer to [Tasks](../tasks). diff --git a/tools/make/kube.mk b/tools/make/kube.mk index 37a1c67ec15..397d3d28f7f 100644 --- a/tools/make/kube.mk +++ b/tools/make/kube.mk @@ -187,6 +187,9 @@ else --run-test $(E2E_RUN_TEST) endif +run-e2e-upgrade: + go test $(E2E_TEST_ARGS) ./test/e2e/upgrade --gateway-class=upgrade --debug=true --cleanup-base-resources=$(E2E_CLEANUP) + .PHONY: run-resilience run-resilience: ## Run resilience tests @$(LOG_TARGET) From 6409fa388a47d9e7e46b34688e2c193804c3e036 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 12 Feb 2025 15:19:56 +0800 Subject: [PATCH 08/11] build(deps): bump github.com/docker/docker from 27.5.0+incompatible to 27.5.1+incompatible (#5242) build(deps): bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.5.0+incompatible to 27.5.1+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/compare/v27.5.0...v27.5.1) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 1e7bccefe71..685f17f014b 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc github.com/docker/cli v27.5.1+incompatible - github.com/docker/docker v27.5.0+incompatible + github.com/docker/docker v27.5.1+incompatible github.com/dominikbraun/graph v0.23.0 github.com/envoyproxy/go-control-plane v0.13.4 github.com/envoyproxy/go-control-plane/contrib v1.32.3 diff --git a/go.sum b/go.sum index 14b901efb7b..08d5c65526f 100644 --- a/go.sum +++ b/go.sum @@ -192,8 +192,8 @@ github.com/docker/cli v27.5.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvM github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v27.5.0+incompatible h1:um++2NcQtGRTz5eEgO6aJimo6/JxrTXC941hd05JO6U= -github.com/docker/docker v27.5.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v27.5.1+incompatible h1:4PYU5dnBYqRQi0294d1FBECqT9ECWeQAIfE8q4YnPY8= +github.com/docker/docker v27.5.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo= github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= From 2594882bf369b83e285b141608325e0e88b10708 Mon Sep 17 00:00:00 2001 From: zirain Date: Wed, 12 Feb 2025 16:50:13 +0800 Subject: [PATCH 09/11] chore: read go version from gomod (#5262) --- tools/github-actions/setup-deps/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/github-actions/setup-deps/action.yaml b/tools/github-actions/setup-deps/action.yaml index 3171c901e4c..7b93b1a1f82 100644 --- a/tools/github-actions/setup-deps/action.yaml +++ b/tools/github-actions/setup-deps/action.yaml @@ -8,5 +8,5 @@ runs: run: sudo apt-get install libbtrfs-dev -y - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.0.1 with: - go-version: 1.23.x + go-version-file: go.mod cache: true From 4f01d3fdb4726c723e1e0e2fc87b2a34ae4ad089 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 12 Feb 2025 16:52:27 +0800 Subject: [PATCH 10/11] build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 (#5244) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.8 to 3.28.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/dd746615b3b9d728a6a37ca2045b68ca76d4841a...9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d26e933b080..c08a6eb0b43 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -36,14 +36,14 @@ jobs: - uses: ./tools/github-actions/setup-deps - name: Initialize CodeQL - uses: github/codeql-action/init@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/autobuild@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 10fbaa3b449..c098731e931 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -40,6 +40,6 @@ jobs: retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: sarif_file: results.sarif From 7146fe841f3c2aa97dbbd2344fdb34a76ae81335 Mon Sep 17 00:00:00 2001 From: sh2 Date: Wed, 12 Feb 2025 20:58:41 +0800 Subject: [PATCH 11/11] feat: add defaulter for gateway-api resources loading from file (#5232) * add defaulter that can set default values for our crd Signed-off-by: shawnh2 * resolve conflicts Signed-off-by: shawnh2 * add gateway schema defaulter while loading resources and fix all existing tests Signed-off-by: shawnh2 * add load test for all supported kind resources Signed-off-by: shawnh2 * fix lint Signed-off-by: shawnh2 --------- Signed-off-by: shawnh2 Co-authored-by: zirain --- go.mod | 10 +- go.sum | 15 + .../translate/out/backend-endpoint.all.yaml | 12 +- .../translate/out/default-resources.all.yaml | 50 ++- .../out/echo-gateway-api.cluster.yaml | 11 +- .../translate/out/echo-gateway-api.route.json | 11 +- .../translate/out/invalid-envoyproxy.all.yaml | 54 ++- .../translate/out/quickstart.all.yaml | 11 +- .../out/rejected-http-route.route.yaml | 11 +- .../translate/out/valid-envoyproxy.all.yaml | 56 ++- internal/gatewayapi/resource/defaulter.go | 270 +++++++++++++ .../gatewayapi/resource/defaulter_test.go | 157 ++++++++ internal/gatewayapi/resource/load.go | 13 +- internal/gatewayapi/resource/load_test.go | 43 +++ .../resource/testdata/all-resources.in.yaml | 231 +++++++++++ .../resource/testdata/all-resources.out.yaml | 360 ++++++++++++++++++ .../resource/testdata/schema/crd.yaml | 79 ++++ .../provider/file/testdata/resources.all.yaml | 10 +- release-notes/current.yaml | 1 + tools/make/golang.mk | 1 + 20 files changed, 1363 insertions(+), 43 deletions(-) create mode 100644 internal/gatewayapi/resource/defaulter.go create mode 100644 internal/gatewayapi/resource/defaulter_test.go create mode 100644 internal/gatewayapi/resource/testdata/all-resources.in.yaml create mode 100644 internal/gatewayapi/resource/testdata/all-resources.out.yaml create mode 100644 internal/gatewayapi/resource/testdata/schema/crd.yaml diff --git a/go.mod b/go.mod index 685f17f014b..f2ec7ba1d44 100644 --- a/go.mod +++ b/go.mod @@ -27,6 +27,9 @@ require ( github.com/go-logfmt/logfmt v0.6.0 github.com/go-logr/logr v1.4.2 github.com/go-logr/zapr v1.3.0 + github.com/go-openapi/spec v0.21.0 + github.com/go-openapi/strfmt v0.23.0 + github.com/go-openapi/validate v0.24.0 github.com/golang/protobuf v1.5.4 github.com/google/cel-go v0.22.1 github.com/google/go-cmp v0.6.0 @@ -69,6 +72,7 @@ require ( k8s.io/cli-runtime v0.32.1 k8s.io/client-go v0.32.1 k8s.io/klog/v2 v2.130.1 + k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 k8s.io/kubectl v0.32.1 k8s.io/utils v0.0.0-20241210054802-24370beab758 sigs.k8s.io/controller-runtime v0.20.1 @@ -139,8 +143,11 @@ require ( github.com/go-gorp/gorp/v3 v3.1.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.3.0 // indirect + github.com/go-openapi/analysis v0.23.0 // indirect + github.com/go-openapi/errors v0.22.0 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/loads v0.22.0 // indirect github.com/go-openapi/swag v0.23.0 // indirect github.com/go-redis/redis/v7 v7.4.1 // indirect github.com/go-sql-driver/mysql v1.8.1 // indirect @@ -211,6 +218,7 @@ require ( github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect + github.com/oklog/ulid v1.3.1 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0 // indirect github.com/opencontainers/runtime-spec v1.2.0 // indirect @@ -257,6 +265,7 @@ require ( go.etcd.io/etcd/api/v3 v3.5.16 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.16 // indirect go.etcd.io/etcd/client/v3 v3.5.16 // indirect + go.mongodb.org/mongo-driver v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect @@ -282,7 +291,6 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/apiserver v0.32.1 // indirect k8s.io/component-base v0.32.1 // indirect - k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect k8s.io/metrics v0.32.1 // indirect oras.land/oras-go v1.2.6 // indirect periph.io/x/host/v3 v3.8.2 // indirect diff --git a/go.sum b/go.sum index 08d5c65526f..673998ea42a 100644 --- a/go.sum +++ b/go.sum @@ -293,9 +293,13 @@ github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpR github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= +github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU= +github.com/go-openapi/analysis v0.23.0/go.mod h1:9mz9ZWaSlV8TvjQHLl2mUW2PbZtemkE8yA5v22ohupo= github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= +github.com/go-openapi/errors v0.22.0 h1:c4xY/OLxUBSTiepAg3j/MHuAv5mJhnf53LLMWFB+u/w= +github.com/go-openapi/errors v0.22.0/go.mod h1:J3DmZScxCDufmIMsdOuDHxJbdOGC0xtUynjIx092vXE= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= @@ -315,6 +319,8 @@ github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= +github.com/go-openapi/loads v0.22.0 h1:ECPGd4jX1U6NApCGG1We+uEozOAvXvJSF4nnwHZ8Aco= +github.com/go-openapi/loads v0.22.0/go.mod h1:yLsaTCS92mnSAZX5WWoxszLj0u+Ojl+Zs5Stn1oF+rs= github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= @@ -323,10 +329,14 @@ github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsd github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/spec v0.21.0 h1:LTVzPc3p/RzRnkQqLRndbAzjY0d0BCL72A6j3CdL9ZY= +github.com/go-openapi/spec v0.21.0/go.mod h1:78u6VdPw81XU44qEWGhtr982gJ5BWg2c0I5XwVMotYk= github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= +github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c= +github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= @@ -337,6 +347,8 @@ github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= github.com/go-openapi/validate v0.19.5/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4= +github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58= +github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ= github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI= github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= github.com/go-redis/redis/v7 v7.4.1 h1:PASvf36gyUpr2zdOUS/9Zqc80GbM+9BDyiJSJDDOrTI= @@ -634,6 +646,7 @@ github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/ohler55/ojg v1.26.1 h1:J5TaLmVEuvnpVH7JMdT1QdbpJU545Yp6cKiCO4aQILc= github.com/ohler55/ojg v1.26.1/go.mod h1:gQhDVpQLqrmnd2eqGAvJtn+NfKoYJbe/A4Sj3/Vro4o= +github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -890,6 +903,8 @@ go.etcd.io/etcd/server/v3 v3.5.16/go.mod h1:ynhyZZpdDp1Gq49jkUg5mfkDWZwXnn3eIqCq go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= +go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80= +go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= diff --git a/internal/cmd/egctl/testdata/translate/out/backend-endpoint.all.yaml b/internal/cmd/egctl/testdata/translate/out/backend-endpoint.all.yaml index d3f3ed2c771..0841f848773 100644 --- a/internal/cmd/egctl/testdata/translate/out/backend-endpoint.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/backend-endpoint.all.yaml @@ -40,7 +40,10 @@ gateways: spec: gatewayClassName: eg listeners: - - name: http + - allowedRoutes: + namespaces: + from: Same + name: http port: 80 protocol: HTTP status: @@ -78,12 +81,15 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: gateway.envoyproxy.io kind: Backend name: backend + weight: 1 matches: - path: type: PathPrefix @@ -103,4 +109,6 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg diff --git a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml index 0963e89f94a..d05242b7006 100644 --- a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml @@ -202,13 +202,22 @@ gateways: spec: gatewayClassName: eg listeners: - - name: tcp + - allowedRoutes: + namespaces: + from: Same + name: tcp port: 1234 protocol: TCP - - name: udp + - allowedRoutes: + namespaces: + from: Same + name: udp port: 1234 protocol: UDP - - hostname: foo.com + - allowedRoutes: + namespaces: + from: Same + hostname: foo.com name: tls-passthrough port: 8443 protocol: TLS @@ -218,6 +227,8 @@ gateways: kinds: - group: gateway.networking.k8s.io kind: HTTPRoute + namespaces: + from: Same name: http port: 80 protocol: HTTP @@ -225,6 +236,8 @@ gateways: kinds: - group: gateway.networking.k8s.io kind: GRPCRoute + namespaces: + from: Same name: grpc port: 8080 protocol: HTTP @@ -345,7 +358,9 @@ grpcRoutes: hostnames: - www.grpc-example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: grpc rules: - backendRefs: @@ -358,6 +373,7 @@ grpcRoutes: - method: method: DoThing service: com.example.Things + type: Exact status: parents: - conditions: @@ -373,6 +389,8 @@ grpcRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: grpc httpRoutes: @@ -385,7 +403,9 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: "" @@ -412,6 +432,8 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg tcpRoutes: - kind: TCPRoute @@ -421,7 +443,9 @@ tcpRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: tcp rules: - backendRefs: @@ -445,6 +469,8 @@ tcpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: tcp tlsRoutes: @@ -455,7 +481,9 @@ tlsRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: tls-passthrough rules: - backendRefs: @@ -479,6 +507,8 @@ tlsRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: tls-passthrough udpRoutes: @@ -489,7 +519,9 @@ udpRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: udp rules: - backendRefs: @@ -513,6 +545,8 @@ udpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: udp xds: diff --git a/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.cluster.yaml b/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.cluster.yaml index de5d16949be..8d819d61200 100644 --- a/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.cluster.yaml +++ b/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.cluster.yaml @@ -22,7 +22,10 @@ gateways: spec: gatewayClassName: eg listeners: - - name: http + - allowedRoutes: + namespaces: + from: Same + name: http port: 80 protocol: HTTP status: @@ -60,7 +63,9 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: "" @@ -87,6 +92,8 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg xds: envoy-gateway-system/eg: diff --git a/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.route.json b/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.route.json index f069c670afb..cb22c731eac 100644 --- a/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.route.json +++ b/internal/cmd/egctl/testdata/translate/out/echo-gateway-api.route.json @@ -35,7 +35,12 @@ { "name": "http", "port": 80, - "protocol": "HTTP" + "protocol": "HTTP", + "allowedRoutes": { + "namespaces": { + "from": "Same" + } + } } ] }, @@ -93,6 +98,8 @@ "spec": { "parentRefs": [ { + "group": "gateway.networking.k8s.io", + "kind": "Gateway", "name": "eg" } ], @@ -125,6 +132,8 @@ "parents": [ { "parentRef": { + "group": "gateway.networking.k8s.io", + "kind": "Gateway", "name": "eg" }, "controllerName": "gateway.envoyproxy.io/gatewayclass-controller", diff --git a/internal/cmd/egctl/testdata/translate/out/invalid-envoyproxy.all.yaml b/internal/cmd/egctl/testdata/translate/out/invalid-envoyproxy.all.yaml index bd4ac1d198d..b51220df310 100644 --- a/internal/cmd/egctl/testdata/translate/out/invalid-envoyproxy.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/invalid-envoyproxy.all.yaml @@ -18,7 +18,9 @@ envoyProxyForGatewayClass: socket_address: address: 127.0.0.1 port_value: 19000 - logging: {} + logging: + level: + default: warn status: {} gatewayClass: kind: GatewayClass @@ -49,13 +51,22 @@ gateways: spec: gatewayClassName: eg listeners: - - name: tcp + - allowedRoutes: + namespaces: + from: Same + name: tcp port: 1234 protocol: TCP - - name: udp + - allowedRoutes: + namespaces: + from: Same + name: udp port: 1234 protocol: UDP - - hostname: foo.com + - allowedRoutes: + namespaces: + from: Same + hostname: foo.com name: tls-passthrough port: 8443 protocol: TLS @@ -65,6 +76,8 @@ gateways: kinds: - group: gateway.networking.k8s.io kind: HTTPRoute + namespaces: + from: Same name: http port: 80 protocol: HTTP @@ -72,6 +85,8 @@ gateways: kinds: - group: gateway.networking.k8s.io kind: GRPCRoute + namespaces: + from: Same name: grpc port: 8080 protocol: HTTP @@ -192,7 +207,9 @@ grpcRoutes: hostnames: - www.grpc-example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: grpc rules: - backendRefs: @@ -205,6 +222,7 @@ grpcRoutes: - method: method: DoThing service: com.example.Things + type: Exact status: parents: - conditions: @@ -220,6 +238,8 @@ grpcRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: grpc httpRoutes: @@ -232,7 +252,9 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: "" @@ -259,6 +281,8 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg tcpRoutes: - kind: TCPRoute @@ -268,7 +292,9 @@ tcpRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: tcp rules: - backendRefs: @@ -292,6 +318,8 @@ tcpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: tcp tlsRoutes: @@ -302,7 +330,9 @@ tlsRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: tls-passthrough rules: - backendRefs: @@ -326,6 +356,8 @@ tlsRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: tls-passthrough udpRoutes: @@ -336,7 +368,9 @@ udpRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: udp rules: - backendRefs: @@ -360,5 +394,7 @@ udpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: udp diff --git a/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml b/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml index 84a0ebc0f6d..696d00a2559 100644 --- a/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/quickstart.all.yaml @@ -7,7 +7,10 @@ gateways: spec: gatewayClassName: eg listeners: - - name: http + - allowedRoutes: + namespaces: + from: Same + name: http port: 80 protocol: HTTP status: @@ -45,7 +48,9 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: "" @@ -72,6 +77,8 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg infraIR: envoy-gateway-system/eg: diff --git a/internal/cmd/egctl/testdata/translate/out/rejected-http-route.route.yaml b/internal/cmd/egctl/testdata/translate/out/rejected-http-route.route.yaml index 18e5910acc2..cff3a5f3354 100644 --- a/internal/cmd/egctl/testdata/translate/out/rejected-http-route.route.yaml +++ b/internal/cmd/egctl/testdata/translate/out/rejected-http-route.route.yaml @@ -22,7 +22,10 @@ gateways: spec: gatewayClassName: eg listeners: - - name: tls + - allowedRoutes: + namespaces: + from: Same + name: tls port: 8443 protocol: TLS status: @@ -53,7 +56,9 @@ httpRoutes: namespace: envoy-gateway-system spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: "" @@ -80,4 +85,6 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg diff --git a/internal/cmd/egctl/testdata/translate/out/valid-envoyproxy.all.yaml b/internal/cmd/egctl/testdata/translate/out/valid-envoyproxy.all.yaml index fe1b452f291..7ba42aa75e0 100644 --- a/internal/cmd/egctl/testdata/translate/out/valid-envoyproxy.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/valid-envoyproxy.all.yaml @@ -5,12 +5,16 @@ envoyProxyForGatewayClass: name: example namespace: default spec: - logging: {} + logging: + level: + default: warn provider: kubernetes: envoyService: annotations: custom1: svc-annotation1 + externalTrafficPolicy: Local + type: LoadBalancer type: Kubernetes status: {} gatewayClass: @@ -42,13 +46,22 @@ gateways: spec: gatewayClassName: eg listeners: - - name: tcp + - allowedRoutes: + namespaces: + from: Same + name: tcp port: 1234 protocol: TCP - - name: udp + - allowedRoutes: + namespaces: + from: Same + name: udp port: 1234 protocol: UDP - - hostname: foo.com + - allowedRoutes: + namespaces: + from: Same + hostname: foo.com name: tls-passthrough port: 8443 protocol: TLS @@ -58,6 +71,8 @@ gateways: kinds: - group: gateway.networking.k8s.io kind: HTTPRoute + namespaces: + from: Same name: http port: 80 protocol: HTTP @@ -65,6 +80,8 @@ gateways: kinds: - group: gateway.networking.k8s.io kind: GRPCRoute + namespaces: + from: Same name: grpc port: 8080 protocol: HTTP @@ -185,7 +202,9 @@ grpcRoutes: hostnames: - www.grpc-example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: grpc rules: - backendRefs: @@ -198,6 +217,7 @@ grpcRoutes: - method: method: DoThing service: com.example.Things + type: Exact status: parents: - conditions: @@ -213,6 +233,8 @@ grpcRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: grpc httpRoutes: @@ -225,7 +247,9 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: "" @@ -252,6 +276,8 @@ httpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg tcpRoutes: - kind: TCPRoute @@ -261,7 +287,9 @@ tcpRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: tcp rules: - backendRefs: @@ -285,6 +313,8 @@ tcpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: tcp tlsRoutes: @@ -295,7 +325,9 @@ tlsRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: tls-passthrough rules: - backendRefs: @@ -319,6 +351,8 @@ tlsRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: tls-passthrough udpRoutes: @@ -329,7 +363,9 @@ udpRoutes: namespace: default spec: parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg sectionName: udp rules: - backendRefs: @@ -353,5 +389,7 @@ udpRoutes: type: ResolvedRefs controllerName: gateway.envoyproxy.io/gatewayclass-controller parentRef: + group: gateway.networking.k8s.io + kind: Gateway name: eg sectionName: udp diff --git a/internal/gatewayapi/resource/defaulter.go b/internal/gatewayapi/resource/defaulter.go new file mode 100644 index 00000000000..9a380c48e1e --- /dev/null +++ b/internal/gatewayapi/resource/defaulter.go @@ -0,0 +1,270 @@ +// Copyright Envoy Gateway Authors +// SPDX-License-Identifier: Apache-2.0 +// The full text of the Apache license is available in the LICENSE file at +// the root of the repo. + +package resource + +import ( + "encoding/json" + "errors" + "fmt" + "path" + "sort" + "strings" + + gospec "github.com/go-openapi/spec" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/validate" + "github.com/go-openapi/validate/post" + "golang.org/x/exp/maps" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/client-go/openapi" + "k8s.io/kube-openapi/pkg/spec3" + kubespec "k8s.io/kube-openapi/pkg/validation/spec" + "sigs.k8s.io/kubectl-validate/pkg/openapiclient" + "sigs.k8s.io/kubectl-validate/pkg/utils" + "sigs.k8s.io/kubectl-validate/pkg/validator" +) + +// This file contains code derived from kubectl-validate, +// https://github.com/kubernetes-sigs/kubectl-validate +// from the source file +// https://github.com/kubernetes-sigs/kubectl-validate/blob/main/pkg/validator/validator.go +// and is provided here subject to the following: +// Copyright Project kubectl-validate Authors +// SPDX-License-Identifier: Apache-2.0 +// +// The Defaulter in this file is derived from Validator in kubectl-validate, +// since the Validator field `validatorCache` is not exposed and we would like +// to use the parsed schema for our CRD from it, we build this Defaulter that +// meets our needs. +// TODO: remove this file once can directly get schema from the Validator in kubectl-validate. + +var gatewaySchemaDefaulter, _ = newDefaulter(openapiclient.NewLocalCRDFiles(gatewayCRDsFS)) + +// Defaulter can set default values for crd object according to their schema. +type Defaulter struct { + gvs map[string]openapi.GroupVersion + schemaCache map[schema.GroupVersionKind]*kubespec.Schema +} + +func newDefaulter(client openapi.Client) (*Defaulter, error) { + gvs, err := client.Paths() + if err != nil { + return nil, err + } + + return &Defaulter{ + gvs: gvs, + schemaCache: map[schema.GroupVersionKind]*kubespec.Schema{}, + }, nil +} + +// ApplyDefault applies default values for input object, and return the object with default values. +func (d *Defaulter) ApplyDefault(obj *unstructured.Unstructured) (*unstructured.Unstructured, error) { + if obj == nil || obj.Object == nil { + return nil, fmt.Errorf("passed object cannot be nil") + } + + // shallow copy input object, this method can modify apiVersion, kind, or metadata. + obj = &unstructured.Unstructured{Object: maps.Clone(obj.UnstructuredContent())} + // deep copy metadata object. + obj.Object["metadata"] = runtime.DeepCopyJSONValue(obj.Object["metadata"]) + gvk := obj.GroupVersionKind() + schema, err := d.parseSchema(gvk) + if err != nil { + return nil, fmt.Errorf("failed to retrieve validator: %w", err) + } + + // convert kube-openapi spec to go-openapi spec via JSON format. + schemaBytes, err := schema.MarshalJSON() + if err != nil { + return nil, fmt.Errorf("failed to marshal schema: %w", err) + } + var goSchema gospec.Schema + err = goSchema.UnmarshalJSON(schemaBytes) + if err != nil { + return nil, fmt.Errorf("failed to unmarshal schema: %w", err) + } + + v := validate.NewSchemaValidator(&goSchema, nil, "", strfmt.Default) + rs := v.Validate(obj.Object) + post.ApplyDefaults(rs) + // convert output object into unstructured one. + output, ok := rs.Data().(map[string]interface{}) + if !ok { + return nil, fmt.Errorf("failed to convert output object") + } + + return &unstructured.Unstructured{Object: output}, nil +} + +func (d *Defaulter) parseSchema(gvk schema.GroupVersionKind) (*kubespec.Schema, error) { + if existing, ok := d.schemaCache[gvk]; ok { + return existing, nil + } + + // Otherwise, fetch the open API schema for this GV and do the above + // Lookup gvk in client + // Guess the rest mapping since we don't have a rest mapper for the target + // cluster + gvPath := "apis/" + gvk.Group + "/" + gvk.Version + if len(gvk.Group) == 0 { + gvPath = "api/" + gvk.Version + } + gvFetcher, exists := d.gvs[gvPath] + if !exists { + return nil, fmt.Errorf("failed to locate OpenAPI spec for GV: %v", gvk.GroupVersion()) + } + + documentBytes, err := gvFetcher.Schema("application/json") + if err != nil { + return nil, fmt.Errorf("error fetching openapi at path %s: %w", gvPath, err) + } + + openapiSpec := spec3.OpenAPI{} + if err := json.Unmarshal(documentBytes, &openapiSpec); err != nil { + return nil, fmt.Errorf("error parsing openapi spec: %w", err) + } + + // Apply our transformations to workaround known k8s schema deficiencies + for name, def := range openapiSpec.Components.Schemas { + //!TODO: would be useful to know which version of k8s each schema is believed + // to come from. + openapiSpec.Components.Schemas[name] = validator.ApplySchemaPatches(0, gvk.GroupVersion(), name, def) + } + + // Remove all references/indirection. + // This is kinda hacky because we still do allow recursive schemas via + // pointer trickery. + // No need for stack/queue approach since we mutate same dictionary/slice instances + // destructively. + // Replaces subschemas that contain refs with copy of the thing they refer to + // !TODO validate that no cyces are created by this process. If so, do not + // allow structural schema creation via JSON + // !TODO: track unresolved references? + // !TODO: Once Declarative Validation for native types lands we will be + // able to validate against the spec.Schema directly rather than + // StructuralSchema, so this will be able to be removed + var referenceErrors []error + for name, def := range openapiSpec.Components.Schemas { + // This hack only works because top level schemas never have references + // so we can reliably copy them knowing they won't change and pointer-share + // their subfields. The only schemas being modified here should be sub-fields. + openapiSpec.Components.Schemas[name] = utils.VisitSchema(name, def, utils.PreorderVisitor(func(ctx utils.VisitingContext, sch *kubespec.Schema) (*kubespec.Schema, bool) { + defName := sch.Ref.String() + + if len(sch.AllOf) == 1 && len(sch.AllOf[0].Ref.String()) > 0 { + // SPECIAL CASE + // OpenAPIV3 does not support having Refs in schemas with fields like + // Description, Default filled in. So k8s stuffs the Ref into a standalone + // AllOf in these cases. + // But structural schema doesn't like schemas that specify fields inside AllOf + // SO in the case of + // Properties + // -> AllOf + // -> Ref + defName = sch.AllOf[0].Ref.String() + } + + if len(defName) == 0 { + // Nothing to do for no references + return sch, true + } + + defName = path.Base(defName) + resolved, ok := openapiSpec.Components.Schemas[defName] + if !ok { + // Can't resolve schema. This is an error. + var path []string + for cursor := &ctx; cursor != nil; cursor = cursor.Parent { + if len(cursor.Key) == 0 { + path = append(path, fmt.Sprint(cursor.Index)) + } else { + path = append(path, cursor.Key) + } + } + sort.Stable(sort.Reverse(sort.StringSlice(path))) + referenceErrors = append(referenceErrors, fmt.Errorf("cannot resolve reference %v in %v.%v", defName, name, strings.Join(path, "."))) + return sch, true + } + + resolvedCopy := *resolved + + if sch.Default != nil { + resolvedCopy.Default = sch.Default + } + + // NOTE: No way to tell if field overrides nullable + // or if it is unset. Right now if the referred schema is + // nullable we will resolve to a nullable schema. + // There are no upstream schemas where nullable is used as a field + // level override, so we will assume `false` means `unset`. + // But this should be fixed in kube-openapi. + resolvedCopy.Nullable = resolvedCopy.Nullable || sch.Nullable + + if len(sch.Type) > 0 { + resolvedCopy.Type = sch.Type + } + + if len(sch.Description) > 0 { + resolvedCopy.Description = sch.Description + } + + newExtensions := kubespec.Extensions{} + for k, v := range resolvedCopy.Extensions { + newExtensions.Add(k, v) + } + for k, v := range sch.Extensions { + newExtensions.Add(k, v) + } + if len(newExtensions) > 0 { + resolvedCopy.Extensions = newExtensions + } + + // Don't explore children. This was a reference node and shares + // pointers with its schema which will be traversed in this loop. + return &resolvedCopy, false + })) + } + + if len(referenceErrors) > 0 { + return nil, errors.Join(referenceErrors...) + } + + namespaced := sets.New[schema.GroupVersionKind]() + if openapiSpec.Paths != nil { + for path, pathInfo := range openapiSpec.Paths.Paths { + for _, gvk := range utils.ExtractPathGVKs(pathInfo) { + if !namespaced.Has(gvk) { + if strings.Contains(path, "namespaces/{namespace}") { + namespaced.Insert(gvk) + } + } + } + } + } + + for _, def := range openapiSpec.Components.Schemas { + gvks := utils.ExtractExtensionGVKs(def.Extensions) + if len(gvks) == 0 { + continue + } + + for _, specGVK := range gvks { + d.schemaCache[specGVK] = def + } + } + + // Check again to see if the desired GVK was added to the spec cache. + // If so, create validator for it + if existing, ok := d.schemaCache[gvk]; ok { + return existing, nil + } + + return nil, fmt.Errorf("kind %v not found in %v groupversion", gvk.Kind, gvk.GroupVersion()) +} diff --git a/internal/gatewayapi/resource/defaulter_test.go b/internal/gatewayapi/resource/defaulter_test.go new file mode 100644 index 00000000000..79014e95201 --- /dev/null +++ b/internal/gatewayapi/resource/defaulter_test.go @@ -0,0 +1,157 @@ +// Copyright Envoy Gateway Authors +// SPDX-License-Identifier: Apache-2.0 +// The full text of the Apache license is available in the LICENSE file at +// the root of the repo. + +package resource + +import ( + "os" + "testing" + + "github.com/stretchr/testify/require" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "sigs.k8s.io/kubectl-validate/pkg/openapiclient" +) + +func TestApplyDefault(t *testing.T) { + defaulter, err := newDefaulter(openapiclient.NewLocalCRDFiles(os.DirFS("testdata/schema"))) + require.NoError(t, err) + + testCases := []struct { + name string + error bool + input map[string]interface{} + expect map[string]interface{} + }{ + { + name: "empty object with nested field", + input: map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "TestCR", + "metadata": map[string]interface{}{ + "name": "test-cr", + "namespace": "default", + }, + "spec": map[string]interface{}{ + "objectField": map[string]interface{}{}, + }, + }, + expect: map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "TestCR", + "metadata": map[string]interface{}{ + "name": "test-cr", + "namespace": "default", + }, + "spec": map[string]interface{}{ + "stringField": "defaultString", + "integerField": 42., + "floatField": 3.14, + "booleanField": true, + "enumField": "option1", + "objectField": map[string]interface{}{ + "nestedString": "nestedDefault", + "nestedInteger": 10., + }, + "mapField": map[string]interface{}{ + "key1": "value1", + "key2": "value2", + }, + }, + }, + error: false, + }, + { + name: "empty object without nested field", + input: map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "TestCR", + "metadata": map[string]interface{}{ + "name": "test-cr", + "namespace": "default", + }, + "spec": map[string]interface{}{}, + }, + expect: map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "TestCR", + "metadata": map[string]interface{}{ + "name": "test-cr", + "namespace": "default", + }, + "spec": map[string]interface{}{ + "stringField": "defaultString", + "integerField": 42., + "floatField": 3.14, + "booleanField": true, + "enumField": "option1", + "mapField": map[string]interface{}{ + "key1": "value1", + "key2": "value2", + }, + }, + }, + error: false, + }, + { + name: "object with few field unset", + input: map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "TestCR", + "metadata": map[string]interface{}{ + "name": "test-cr", + "namespace": "default", + }, + "spec": map[string]interface{}{ + "stringField": "exampleString", + "booleanField": false, + "objectField": map[string]interface{}{ + "nestedString": "nestedExample", + }, + }, + }, + expect: map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "TestCR", + "metadata": map[string]interface{}{ + "name": "test-cr", + "namespace": "default", + }, + "spec": map[string]interface{}{ + "stringField": "exampleString", + "integerField": 42., + "floatField": 3.14, + "booleanField": false, + "enumField": "option1", + "objectField": map[string]interface{}{ + "nestedString": "nestedExample", + "nestedInteger": 10., + }, + "mapField": map[string]interface{}{ + "key1": "value1", + "key2": "value2", + }, + }, + }, + error: false, + }, + { + name: "nil input", + input: nil, + error: true, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + got, err := defaulter.ApplyDefault(&unstructured.Unstructured{Object: tc.input}) + if tc.error { + require.Error(t, err) + } else { + require.NoError(t, err) + require.Equal(t, tc.expect, got.Object) + } + }) + } +} diff --git a/internal/gatewayapi/resource/load.go b/internal/gatewayapi/resource/load.go index 7c87ffb7918..3229aabe458 100644 --- a/internal/gatewayapi/resource/load.go +++ b/internal/gatewayapi/resource/load.go @@ -45,11 +45,9 @@ func LoadResourcesFromYAMLBytes(yamlBytes []byte, addMissingResources bool) (*Re // loadKubernetesYAMLToResources converts a Kubernetes YAML string into GatewayAPI Resources. // TODO: add support for kind: // - EnvoyExtensionPolicy (gateway.envoyproxy.io/v1alpha1) -// - HTTPRouteFilter (gateway.envoyproxy.io/v1alpha1) // - BackendLPPolicy (gateway.networking.k8s.io/v1alpha2) // - BackendTLSPolicy (gateway.networking.k8s.io/v1alpha3) // - ReferenceGrant (gateway.networking.k8s.io/v1alpha2) -// - TLSRoute (gateway.networking.k8s.io/v1alpha2) func loadKubernetesYAMLToResources(input []byte, addMissingResources bool) (*Resources, error) { resources := NewResources() var useDefaultNamespace bool @@ -64,7 +62,7 @@ func loadKubernetesYAMLToResources(input []byte, addMissingResources bool) (*Res return err } - un := unstructured.Unstructured{Object: obj} + un := &unstructured.Unstructured{Object: obj} gvk := un.GroupVersionKind() name, namespace := un.GetName(), un.GetNamespace() if len(namespace) == 0 { @@ -72,11 +70,16 @@ func loadKubernetesYAMLToResources(input []byte, addMissingResources bool) (*Res namespace = config.DefaultNamespace } - // Perform local validation for gateway-api related resources only. + // Perform local validation and apply default values for gateway-api related resources only. if gvk.Group == egv1a1.GroupName || gvk.Group == gwapiv1.GroupName { if err = defaultValidator.Validate(yamlByte); err != nil { return fmt.Errorf("local validation error: %w", err) } + + un, err = gatewaySchemaDefaulter.ApplyDefault(un) + if err != nil { + return fmt.Errorf("failed to apply default values for %s/%s: %w", un.GetKind(), un.GetName(), err) + } } requiredNamespaceMap.Insert(namespace) @@ -84,7 +87,7 @@ func loadKubernetesYAMLToResources(input []byte, addMissingResources bool) (*Res if err != nil { return err } - err = combinedScheme.Convert(&un, kobj, nil) + err = combinedScheme.Convert(un, kobj, nil) if err != nil { return err } diff --git a/internal/gatewayapi/resource/load_test.go b/internal/gatewayapi/resource/load_test.go index df3629251e9..534730608e6 100644 --- a/internal/gatewayapi/resource/load_test.go +++ b/internal/gatewayapi/resource/load_test.go @@ -6,12 +6,22 @@ package resource import ( + "flag" + "fmt" + "os" + "path/filepath" "testing" + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" "github.com/stretchr/testify/require" "sigs.k8s.io/yaml" + + "github.com/envoyproxy/gateway/internal/utils/file" ) +var overrideTestData = flag.Bool("override-testdata", true, "if override the test output data.") + func TestIterYAMLBytes(t *testing.T) { inputs := `test: foo1 --- @@ -37,3 +47,36 @@ test: foo3 require.NoError(t, err) require.ElementsMatch(t, names, []string{"foo1", "foo2", "foo3"}) } + +func TestLoadAllSupportedResourcesFromYAMLBytes(t *testing.T) { + inFile := requireTestDataFile(t, "all-resources", "in") + got, err := loadKubernetesYAMLToResources(inFile, true) + require.NoError(t, err) + + if *overrideTestData { + out, err := yaml.Marshal(got) + require.NoError(t, err) + require.NoError(t, file.Write(string(out), filepath.Join("testdata", "all-resources.out.yaml"))) + } + + want := &Resources{} + outFile := requireTestDataFile(t, "all-resources", "out") + mustUnmarshal(t, outFile, want) + + opts := []cmp.Option{ + cmpopts.IgnoreFields(Resources{}, "serviceMap"), + cmpopts.EquateEmpty(), + } + require.Empty(t, cmp.Diff(want, got, opts...)) +} + +func requireTestDataFile(t *testing.T, name, ioType string) []byte { + t.Helper() + content, err := os.ReadFile(filepath.Join("testdata", fmt.Sprintf("%s.%s.yaml", name, ioType))) + require.NoError(t, err) + return content +} + +func mustUnmarshal(t *testing.T, val []byte, out interface{}) { + require.NoError(t, yaml.UnmarshalStrict(val, out, yaml.DisallowUnknownFields)) +} diff --git a/internal/gatewayapi/resource/testdata/all-resources.in.yaml b/internal/gatewayapi/resource/testdata/all-resources.in.yaml new file mode 100644 index 00000000000..733660178e4 --- /dev/null +++ b/internal/gatewayapi/resource/testdata/all-resources.in.yaml @@ -0,0 +1,231 @@ +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: EnvoyProxy +metadata: + name: example + namespace: default +spec: + provider: + type: Kubernetes + kubernetes: + envoyService: + annotations: + custom1: svc-annotation1 +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: GatewayClass +metadata: + name: eg +spec: + controllerName: gateway.envoyproxy.io/gatewayclass-controller +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + name: eg +spec: + gatewayClassName: eg + listeners: + - name: http + protocol: HTTP + port: 80 +--- +apiVersion: gateway.networking.k8s.io/v1alpha2 +kind: TCPRoute +metadata: + name: backend + namespace: default +spec: + parentRefs: + - name: eg + sectionName: tcp + rules: + - backendRefs: + - name: backend + port: 3000 +--- +apiVersion: gateway.networking.k8s.io/v1alpha2 +kind: UDPRoute +metadata: + name: backend + namespace: default +spec: + parentRefs: + - name: eg + sectionName: udp + rules: + - backendRefs: + - name: backend + port: 3000 +--- +apiVersion: gateway.networking.k8s.io/v1alpha2 +kind: TLSRoute +metadata: + name: backend + namespace: default +spec: + parentRefs: + - name: eg + sectionName: tls-passthrough + rules: + - backendRefs: + - name: backend + port: 3000 +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: backend + namespace: default +spec: + parentRefs: + - name: eg + hostnames: + - "www.example.com" + rules: + - backendRefs: + - name: providedBackend + port: 8000 +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: GRPCRoute +metadata: + name: backend + namespace: default +spec: + parentRefs: + - name: eg + sectionName: grpc + hostnames: + - "www.grpc-example.com" + rules: + - matches: + - method: + service: com.example.Things + method: DoThing + headers: + - name: com.example.Header + value: foobar + backendRefs: + - name: providedBackend + port: 9000 +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: EnvoyPatchPolicy +metadata: + name: ratelimit-patch-policy + namespace: default +spec: + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: eg + type: JSONPatch + jsonPatches: + - type: "type.googleapis.com/envoy.config.listener.v3.Listener" + # The listener name is of the form // + name: default/eg/http + operation: + op: add + path: "/default_filter_chain/filters/0/typed_config/http_filters/0" + value: + name: "envoy.filters.http.ratelimit" + typed_config: + "@type": "type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimit" + domain: "eag-ratelimit" + failure_mode_deny: true + timeout: 1s + rate_limit_service: + grpc_service: + envoy_grpc: + cluster_name: rate-limit-cluster + transport_api_version: V3 +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: SecurityPolicy +metadata: + name: jwt-example +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: backend + apiKeyAuth: + credentialRefs: + - name: foobar + extractFrom: + - headers: + - foobar + jwt: + providers: + - name: example + remoteJWKS: + uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/jwt/jwks.json +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: BackendTrafficPolicy +metadata: + name: cookie-lb-policy + namespace: gateway-conformance-infra +spec: + targetRefs: + - group: gateway.networking.k8s.io + kind: HTTPRoute + name: cookie-lb-route + loadBalancer: + type: ConsistentHash + consistentHash: + type: Cookie + cookie: + name: "Lb-Test-Cookie" + ttl: 60s + attributes: + SameSite: Strict + retry: + retryOn: + httpStatusCodes: + - 200 + - 404 + healthCheck: + active: + type: HTTP + http: + path: "/" + method: GET + circuitBreaker: + maxRequestsPerConnection: 123 +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: ClientTrafficPolicy +metadata: + name: client-timeout + namespace: gateway-conformance-infra +spec: + targetRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: same-namespace + timeout: + http: + requestReceivedTimeout: 50ms +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: HTTPRouteFilter +metadata: + name: direct-response-inline + namespace: default +spec: + directResponse: + contentType: text/plain + body: + type: Inline + inline: "OK" +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: Backend +metadata: + name: backend +spec: + endpoints: + - ip: + address: 0.0.0.0 + port: 4321 diff --git a/internal/gatewayapi/resource/testdata/all-resources.out.yaml b/internal/gatewayapi/resource/testdata/all-resources.out.yaml new file mode 100644 index 00000000000..162b782ab23 --- /dev/null +++ b/internal/gatewayapi/resource/testdata/all-resources.out.yaml @@ -0,0 +1,360 @@ +backendTrafficPolicies: +- kind: BackendTrafficPolicy + metadata: + creationTimestamp: null + name: cookie-lb-policy + namespace: gateway-conformance-infra + spec: + circuitBreaker: + maxConnections: 1024 + maxParallelRequests: 1024 + maxParallelRetries: 1024 + maxPendingRequests: 1024 + maxRequestsPerConnection: 123 + healthCheck: + active: + healthyThreshold: 1 + http: + method: GET + path: / + interval: 3s + timeout: 1s + type: HTTP + unhealthyThreshold: 3 + loadBalancer: + consistentHash: + cookie: + attributes: + SameSite: Strict + name: Lb-Test-Cookie + ttl: 1m0s + tableSize: 65537 + type: Cookie + type: ConsistentHash + retry: + numRetries: 2 + retryOn: + httpStatusCodes: + - 200 + - 404 + targetRefs: + - group: gateway.networking.k8s.io + kind: HTTPRoute + name: cookie-lb-route + status: + ancestors: null +backends: +- kind: Backend + metadata: + creationTimestamp: null + name: backend + namespace: envoy-gateway-system + spec: + endpoints: + - ip: + address: 0.0.0.0 + port: 4321 + status: {} +clientTrafficPolicies: +- kind: ClientTrafficPolicy + metadata: + creationTimestamp: null + name: client-timeout + namespace: gateway-conformance-infra + spec: + targetRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: same-namespace + timeout: + http: + requestReceivedTimeout: 50ms + status: + ancestors: null +envoyPatchPolicies: +- kind: EnvoyPatchPolicy + metadata: + creationTimestamp: null + name: ratelimit-patch-policy + namespace: default + spec: + jsonPatches: + - name: default/eg/http + operation: + op: add + path: /default_filter_chain/filters/0/typed_config/http_filters/0 + value: + name: envoy.filters.http.ratelimit + typed_config: + '@type': type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimit + domain: eag-ratelimit + failure_mode_deny: true + rate_limit_service: + grpc_service: + envoy_grpc: + cluster_name: rate-limit-cluster + transport_api_version: V3 + timeout: 1s + type: type.googleapis.com/envoy.config.listener.v3.Listener + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: eg + type: JSONPatch + status: + ancestors: null +envoyProxyForGatewayClass: + kind: EnvoyProxy + metadata: + creationTimestamp: null + name: example + namespace: default + spec: + logging: + level: + default: warn + provider: + kubernetes: + envoyService: + annotations: + custom1: svc-annotation1 + externalTrafficPolicy: Local + type: LoadBalancer + type: Kubernetes + status: {} +gatewayClass: + kind: GatewayClass + metadata: + creationTimestamp: null + name: eg + namespace: envoy-gateway-system + spec: + controllerName: gateway.envoyproxy.io/gatewayclass-controller + status: {} +gateways: +- kind: Gateway + metadata: + creationTimestamp: null + name: eg + namespace: envoy-gateway-system + spec: + gatewayClassName: eg + listeners: + - allowedRoutes: + namespaces: + from: Same + name: http + port: 80 + protocol: HTTP + status: {} +grpcRoutes: +- kind: GRPCRoute + metadata: + creationTimestamp: null + name: backend + namespace: default + spec: + hostnames: + - www.grpc-example.com + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: eg + sectionName: grpc + rules: + - backendRefs: + - group: "" + kind: Service + name: providedBackend + port: 9000 + weight: 1 + matches: + - headers: + - name: com.example.Header + type: Exact + value: foobar + method: + method: DoThing + service: com.example.Things + type: Exact + status: + parents: null +httpFilters: +- apiVersion: gateway.envoyproxy.io/v1alpha1 + kind: HTTPRouteFilter + metadata: + creationTimestamp: null + name: direct-response-inline + namespace: default + spec: + directResponse: + body: + inline: OK + type: Inline + contentType: text/plain +httpRoutes: +- kind: HTTPRoute + metadata: + creationTimestamp: null + name: backend + namespace: default + spec: + hostnames: + - www.example.com + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: eg + rules: + - backendRefs: + - group: "" + kind: Service + name: providedBackend + port: 8000 + weight: 1 + matches: + - path: + type: PathPrefix + value: / + status: + parents: null +namespaces: +- metadata: + creationTimestamp: null + name: envoy-gateway-system + spec: {} + status: {} +- metadata: + creationTimestamp: null + name: default + spec: {} + status: {} +- metadata: + creationTimestamp: null + name: gateway-conformance-infra + spec: {} + status: {} +securityPolicies: +- kind: SecurityPolicy + metadata: + creationTimestamp: null + name: jwt-example + namespace: envoy-gateway-system + spec: + apiKeyAuth: + credentialRefs: + - group: "" + kind: Secret + name: foobar + extractFrom: + - headers: + - foobar + jwt: + providers: + - name: example + remoteJWKS: + uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/jwt/jwks.json + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: backend + status: + ancestors: null +services: +- metadata: + creationTimestamp: null + name: backend + namespace: default + spec: + clusterIP: 1.2.3.4 + ports: + - name: TCP-3000 + port: 3000 + protocol: TCP + targetPort: 0 + - name: UDP-3000 + port: 3000 + protocol: UDP + targetPort: 0 + status: + loadBalancer: {} +- metadata: + creationTimestamp: null + name: providedBackend + namespace: default + spec: + clusterIP: 1.2.3.4 + ports: + - name: TCP-8000 + port: 8000 + protocol: TCP + targetPort: 0 + - name: TCP-9000 + port: 9000 + protocol: TCP + targetPort: 0 + status: + loadBalancer: {} +tcpRoutes: +- kind: TCPRoute + metadata: + creationTimestamp: null + name: backend + namespace: default + spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: eg + sectionName: tcp + rules: + - backendRefs: + - group: "" + kind: Service + name: backend + port: 3000 + weight: 1 + status: + parents: null +tlsRoutes: +- kind: TLSRoute + metadata: + creationTimestamp: null + name: backend + namespace: default + spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: eg + sectionName: tls-passthrough + rules: + - backendRefs: + - group: "" + kind: Service + name: backend + port: 3000 + weight: 1 + status: + parents: null +udpRoutes: +- kind: UDPRoute + metadata: + creationTimestamp: null + name: backend + namespace: default + spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: eg + sectionName: udp + rules: + - backendRefs: + - group: "" + kind: Service + name: backend + port: 3000 + weight: 1 + status: + parents: null diff --git a/internal/gatewayapi/resource/testdata/schema/crd.yaml b/internal/gatewayapi/resource/testdata/schema/crd.yaml new file mode 100644 index 00000000000..69c42f323ea --- /dev/null +++ b/internal/gatewayapi/resource/testdata/schema/crd.yaml @@ -0,0 +1,79 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: testcrs.example.com +spec: + group: example.com + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + stringField: + type: string + default: "defaultString" + minLength: 3 + maxLength: 10 + integerField: + type: integer + default: 42 + minimum: 0 + maximum: 100 + floatField: + type: number + default: 3.14 + minimum: 0.0 + maximum: 10.0 + booleanField: + type: boolean + default: true + enumField: + type: string + enum: + - option1 + - option2 + - option3 + default: "option1" + arrayField: + type: array + items: + type: string + minItems: 1 + maxItems: 5 + objectField: + type: object + properties: + nestedString: + type: string + default: "nestedDefault" + nestedInteger: + type: integer + default: 10 + minimum: 1 + maximum: 20 + required: + - nestedString + mapField: + type: object + additionalProperties: + type: string + default: + key1: "value1" + key2: "value2" + required: + - stringField + - integerField + - booleanField + scope: Namespaced + names: + plural: testcrs + singular: testcr + kind: TestCR + shortNames: + - tc diff --git a/internal/provider/file/testdata/resources.all.yaml b/internal/provider/file/testdata/resources.all.yaml index 079647dc6c0..19d93d0c2b9 100644 --- a/internal/provider/file/testdata/resources.all.yaml +++ b/internal/provider/file/testdata/resources.all.yaml @@ -28,7 +28,10 @@ gateways: spec: gatewayClassName: eg listeners: - - name: http + - allowedRoutes: + namespaces: + from: Same + name: http port: 8888 protocol: HTTP status: {} @@ -42,12 +45,15 @@ httpRoutes: hostnames: - www.example.com parentRefs: - - name: eg + - group: gateway.networking.k8s.io + kind: Gateway + name: eg rules: - backendRefs: - group: gateway.envoyproxy.io kind: Backend name: backend + weight: 1 matches: - path: type: PathPrefix diff --git a/release-notes/current.yaml b/release-notes/current.yaml index f036c6a8752..892ad239ddb 100644 --- a/release-notes/current.yaml +++ b/release-notes/current.yaml @@ -11,6 +11,7 @@ security updates: | new features: | Added support for configuring maxUnavailable in KubernetesPodDisruptionBudgetSpec Added support for percentage-based request mirroring + Add defaulter for gateway-api resources loading from file to be able to set default values. bug fixes: | diff --git a/tools/make/golang.mk b/tools/make/golang.mk index 4f4dce00faa..36531fed65d 100644 --- a/tools/make/golang.mk +++ b/tools/make/golang.mk @@ -53,6 +53,7 @@ go.testdata.complete: ## Override test ouputdata go test -timeout 30s github.com/envoyproxy/gateway/internal/infrastructure/kubernetes/proxy --override-testdata=true go test -timeout 30s github.com/envoyproxy/gateway/internal/xds/bootstrap --override-testdata=true go test -timeout 60s github.com/envoyproxy/gateway/internal/gatewayapi --override-testdata=true + go test -timeout 60s github.com/envoyproxy/gateway/internal/gatewayapi/resource --override-testdata=true .PHONY: go.test.coverage go.test.coverage: go.test.cel ## Run go unit and integration tests in GitHub Actions