Skip to content

Commit

Permalink
[release/v0.6] Cherry-pick fixes into v0.6 (#2150)
Browse files Browse the repository at this point in the history
* Fix TestE2E/RateLimitBasedJwtClaims test (#2097)

* Revert "Skip RateLimitBasedJwtClaimsTest test (#2096)"

This reverts commit ef7a2a4.

fix e2e test

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>

* fix XValidation

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>

---------

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
(cherry picked from commit f301527)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* add a newer PR reference in rc release docs (#2101)

Signed-off-by: Arko Dasgupta <arko@tetrate.io>
(cherry picked from commit fae8cd8)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: panic when using nil xdsRouteAction (#2104)

Signed-off-by: bitliu <bitliu@tencent.com>
(cherry picked from commit 77445de)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* remove cors, jwt, rl assignment from route translator (#2105)

All the translations and assignments now happen in the policy
translators

Signed-off-by: Arko Dasgupta <arko@tetrate.io>
(cherry picked from commit d65ab59)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: use lowercases of eg admin config fields (#2107)

(cherry picked from commit ef5e450)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: testGatewayClassWithParamRef e2e test flaky (#2114)

(cherry picked from commit 4047268)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* build(deps): bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 (#2118)

Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/yaml@v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit bf93a4e)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* build(deps): bump github.com/bufbuild/buf from 1.27.1 to 1.27.2 in /tools/src/buf (#2121)

build(deps): bump github.com/bufbuild/buf in /tools/src/buf

Bumps [github.com/bufbuild/buf](https://github.com/bufbuild/buf) from 1.27.1 to 1.27.2.
- [Release notes](https://github.com/bufbuild/buf/releases)
- [Changelog](https://github.com/bufbuild/buf/blob/main/CHANGELOG.md)
- [Commits](bufbuild/buf@v1.27.1...v1.27.2)

---
updated-dependencies:
- dependency-name: github.com/bufbuild/buf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit 58146ff)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#2117)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit d1cbf5e)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* build(deps): bump envoyproxy/toolshed from actions-v0.0.25 to 0.1.2 (#2116)

Bumps [envoyproxy/toolshed](https://github.com/envoyproxy/toolshed) from actions-v0.0.25 to 0.1.2. This release includes the previously tagged commit.
- [Release notes](https://github.com/envoyproxy/toolshed/releases)
- [Commits](envoyproxy/toolshed@actions-v0.0.25...actions-v0.1.2)

---
updated-dependencies:
- dependency-name: envoyproxy/toolshed
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit 7b6344d)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* build(deps): bump actions/setup-node from 3 to 4 (#2115)

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit 5523099)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* chore: add more EnvoyProxy cases (#2120)

Signed-off-by: zirain <zirain2009@gmail.com>
(cherry picked from commit 268a6ef)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* build(deps): bump github.com/golangci/golangci-lint from 1.55.0 to 1.55.1 in /tools/src/golangci-lint (#2119)

build(deps): bump github.com/golangci/golangci-lint

Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.55.0 to 1.55.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v1.55.0...v1.55.1)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit be86295)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* feat: CEL Validation in BackendTrafficPolicy (#2110)

* feat: CEL Validation in BackendTrafficPolicy

Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>

* leastRequest with consistentHash nil test

Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>

---------

Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
(cherry picked from commit b45ae24)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* e2e: eg controlplane metrics (#2106)

* e2e: eg controlplane metrics

Signed-off-by: zirain <zirain2009@gmail.com>

* update

Signed-off-by: zirain <zirain2009@gmail.com>

* update

Signed-off-by: zirain <zirain2009@gmail.com>

* update name

Signed-off-by: zirain <zirain2009@gmail.com>

* rename

Signed-off-by: zirain <zirain2009@gmail.com>

* wait more

Signed-off-by: zirain <zirain2009@gmail.com>

* add comment

Signed-off-by: zirain <zirain2009@gmail.com>

* update

Signed-off-by: zirain <zirain2009@gmail.com>

---------

Signed-off-by: zirain <zirain2009@gmail.com>
(cherry picked from commit 046a593)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* chore: fix http2_protocol_options  warning message (#2048)

chore:fix http2_protocol_options warning message

Signed-off-by: zhaonan <zhaonan06@corp.netease.com>
(cherry picked from commit 179d265)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix Failed to update SecurityPolicy status (#2128)

fix #2127

Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
(cherry picked from commit 57e1aec)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: add missing status equal for SecurityPolicy (#2134)

(cherry picked from commit 71c09f2)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix jwt doc (#2135)

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
(cherry picked from commit df1e209)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Bump Gateway API to v1.0.0 (#2142)

(cherry picked from commit 3dd0ee7)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Enable HTTPRouteRewritePath test (#2112)

* Enable HTTPRouteRewritePath test

Fixes: #2004

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix prefix match

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* make testdata

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix path match

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* rm trailing /

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* sort on path match type

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* make testdata

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* temp var

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix url rewrite

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

---------

Signed-off-by: Arko Dasgupta <arko@tetrate.io>
(cherry picked from commit 2b3bc9f)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* helm: remove kube-rbac-proxy and update metrics service (#2108)

(cherry picked from commit 0c5b054)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* doc: user doc for CORS (#2137)

* cors docs

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>

* address comments

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>

---------

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
(cherry picked from commit d0dc987)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix(ci): bump go version to 1.21 (#2144)

* fix(ci): bump go version to 1.21

Signed-off-by: bitliu <bitliu@tencent.com>

* update

Signed-off-by: bitliu <bitliu@tencent.com>

---------

Signed-off-by: bitliu <bitliu@tencent.com>
(cherry picked from commit 6e81fb3)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* conformance: Enable HTTPRouteBackendProtocolH2C conformance test (#2136)

* nit

Signed-off-by: zirain <zirain2009@gmail.com>

* build Cluster depends on route type and service appProtocol

Signed-off-by: zirain <zirain2009@gmail.com>

* enable HTTPRouteBackendProtocolH2C conformance test

Signed-off-by: zirain <zirain2009@gmail.com>

* lint

Signed-off-by: zirain <zirain2009@gmail.com>

* fix

Signed-off-by: zirain <zirain2009@gmail.com>

* address comment

Signed-off-by: zirain <zirain2009@gmail.com>

* move to package internal/ir

Signed-off-by: zirain <zirain2009@gmail.com>

---------

Signed-off-by: zirain <zirain2009@gmail.com>
(cherry picked from commit 6d532c1)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* Fix attachedRoutes computation (#2085)

* Fix attachedRoutes computation

* Fixes: #2077
* Fixes: #1916

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* make testdata

Signed-off-by: Arko Dasgupta <arko@tetrate.io>

---------

Signed-off-by: Arko Dasgupta <arko@tetrate.io>
(cherry picked from commit 93a12e7)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix comments in loadbalancer api (#2145)

Signed-off-by: zhaonan <zhaonan06@corp.netease.com>
(cherry picked from commit 77bcb3c)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix(docs): incorrect quickstart links (#2146)

Signed-off-by: bitliu <bitliu@tencent.com>
(cherry picked from commit defed57)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

* fix: null pointer when CORS maxAge is not specified (#2133)

fix nullpointer

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
(cherry picked from commit 35c4fea)
Signed-off-by: Arko Dasgupta <arko@tetrate.io>

---------

Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
Signed-off-by: Arko Dasgupta <arko@tetrate.io>
Signed-off-by: bitliu <bitliu@tencent.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: slayer321 <sachin.maurya7666@gmail.com>
Signed-off-by: zhaonan <zhaonan06@corp.netease.com>
Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com>
Co-authored-by: Xunzhuo <bitliu@tencent.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: zirain <zirain2009@gmail.com>
Co-authored-by: Sachin Maurya <57769917+slayer321@users.noreply.github.com>
Co-authored-by: tmsnan <zhaonan06@corp.netease.com>
  • Loading branch information
7 people authored Nov 1, 2023
1 parent a77eabc commit c62a470
Show file tree
Hide file tree
Showing 270 changed files with 1,053 additions and 563 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/docs.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
extended: true

- name: Setup Node
uses: actions/setup-node@v3
uses: actions/setup-node@v4
with:
node-version: '18'

Expand Down
1 change: 1 addition & 0 deletions .github/workflows/latest_release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: ./tools/github-actions/setup-deps

- name: Generate Release Manifests
run: make generate-manifests IMAGE=envoyproxy/gateway-dev TAG=latest OUTPUT_DIR=release-artifacts
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/retest.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,6 @@ jobs:
pull-requests: write
actions: write
steps:
- uses: envoyproxy/toolshed/gh-actions/retest@actions-v0.0.25
- uses: envoyproxy/toolshed/gh-actions/retest@actions-v0.1.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
4 changes: 2 additions & 2 deletions api/v1alpha1/envoygateway_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -445,11 +445,11 @@ type EnvoyGatewayAdmin struct {
// EnableDumpConfig defines if enable dump config in Envoy Gateway logs.
//
// +optional
EnableDumpConfig bool
EnableDumpConfig bool `json:"enableDumpConfig,omitempty"`
// EnablePprof defines if enable pprof in Envoy Gateway Admin Server.
//
// +optional
EnablePprof bool
EnablePprof bool `json:"enablePprof,omitempty"`
}

// EnvoyGatewayAdminAddress defines the Envoy Gateway Admin Address configuration.
Expand Down
4 changes: 3 additions & 1 deletion api/v1alpha1/loadbalancer_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ package v1alpha1

// LoadBalancer defines the load balancer policy to be applied.
// +union
//
// +kubebuilder:validation:XValidation:rule="self.type == 'ConsistentHash' ? has(self.consistentHash) : !has(self.consistentHash)",message="If LoadBalancer type is consistentHash, consistentHash field needs to be set."
type LoadBalancer struct {
// Type decides the type of Load Balancer policy.
// Valid RateLimitType values are
// Valid LoadBalancerType values are
// "ConsistentHash",
// "LeastRequest",
// "Random",
Expand Down
2 changes: 1 addition & 1 deletion api/v1alpha1/securitypolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ type SecurityPolicy struct {
// SecurityPolicySpec defines the desired state of SecurityPolicy.
type SecurityPolicySpec struct {
// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
// +kubebuilder:validation:XValidation:rule="self.kind == 'Gateway'", message="this policy can only have a targetRef.kind of Gateway"
// +kubebuilder:validation:XValidation:rule="self.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute']", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute"
// +kubebuilder:validation:XValidation:rule="!has(self.sectionName)",message="this policy does not yet support the sectionName field"
//
// TargetRef is the name of the Gateway resource this policy
Expand Down
18 changes: 9 additions & 9 deletions charts/gateway-helm/crds/gatewayapi-crds.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
labels:
Expand Down Expand Up @@ -509,7 +509,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: gatewayclasses.gateway.networking.k8s.io
Expand Down Expand Up @@ -1009,7 +1009,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: gateways.gateway.networking.k8s.io
Expand Down Expand Up @@ -2817,7 +2817,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: grpcroutes.gateway.networking.k8s.io
Expand Down Expand Up @@ -4547,7 +4547,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: httproutes.gateway.networking.k8s.io
Expand Down Expand Up @@ -9509,7 +9509,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: referencegrants.gateway.networking.k8s.io
Expand Down Expand Up @@ -9798,7 +9798,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: tcproutes.gateway.networking.k8s.io
Expand Down Expand Up @@ -10439,7 +10439,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: tlsroutes.gateway.networking.k8s.io
Expand Down Expand Up @@ -11129,7 +11129,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466
gateway.networking.k8s.io/bundle-version: v1.0.0-rc2
gateway.networking.k8s.io/bundle-version: v1.0.0
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: udproutes.gateway.networking.k8s.io
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,8 @@ spec:
type: object
type:
description: Type decides the type of Load Balancer policy. Valid
RateLimitType values are "ConsistentHash", "LeastRequest", "Random",
"RoundRobin",
LoadBalancerType values are "ConsistentHash", "LeastRequest",
"Random", "RoundRobin",
enum:
- ConsistentHash
- LeastRequest
Expand All @@ -74,6 +74,11 @@ spec:
required:
- type
type: object
x-kubernetes-validations:
- message: If LoadBalancer type is consistentHash, consistentHash
field needs to be set.
rule: 'self.type == ''ConsistentHash'' ? has(self.consistentHash)
: !has(self.consistentHash)'
rateLimit:
description: RateLimit allows the user to limit the number of incoming
requests to a predefined value based on attributes within the traffic
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -238,8 +238,8 @@ spec:
x-kubernetes-validations:
- message: this policy can only have a targetRef.group of gateway.networking.k8s.io
rule: self.group == 'gateway.networking.k8s.io'
- message: this policy can only have a targetRef.kind of Gateway
rule: self.kind == 'Gateway'
- message: this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute
rule: self.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute']
- message: this policy does not yet support the sectionName field
rule: '!has(self.sectionName)'
required:
Expand Down
1 change: 1 addition & 0 deletions charts/gateway-helm/templates/_rbac.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ resources:
- envoypatchpolicies/status
- clienttrafficpolicies/status
- backendtrafficpolicies/status
- securitypolicies/status
verbs:
- update
{{- end }}
Expand Down
17 changes: 0 additions & 17 deletions charts/gateway-helm/templates/envoy-gateway-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,23 +71,6 @@ spec:
- mountPath: /certs
name: certs
readOnly: true
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=0
env:
- name: KUBERNETES_CLUSTER_DOMAIN
value: {{ .Values.kubernetesClusterDomain }}
image: {{ .Values.deployment.kubeRbacProxy.image.repository }}:{{ .Values.deployment.kubeRbacProxy.image.tag | default .Chart.AppVersion }}
imagePullPolicy: {{ .Values.deployment.kubeRbacProxy.imagePullPolicy }}
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
protocol: TCP
resources: {{- toYaml .Values.deployment.kubeRbacProxy.resources | nindent 10
}}
securityContext:
runAsNonRoot: true
serviceAccountName: envoy-gateway
Expand Down
12 changes: 0 additions & 12 deletions charts/gateway-helm/templates/metrics-reader-rbac.yaml

This file was deleted.

18 changes: 3 additions & 15 deletions charts/gateway-helm/values.tmpl.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,6 @@ deployment:
requests:
cpu: 100m
memory: 256Mi
kubeRbacProxy:
image:
repository: gcr.io/kubebuilder/kube-rbac-proxy
tag: v0.14.1
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 5m
memory: 64Mi
ports:
- name: grpc
port: 18000
Expand All @@ -49,10 +37,10 @@ config:

envoyGatewayMetricsService:
ports:
- name: https
port: 8443
- name: http
port: 19001
protocol: TCP
targetPort: https
targetPort: 19001

createNamespace: false

Expand Down
2 changes: 1 addition & 1 deletion examples/kubernetes/jwt/grpc-jwt.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ spec:
providers:
- name: example
remoteJWKS:
uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/authn/jwks.json
uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/jwt/jwks.json
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: GRPCRoute
Expand Down
2 changes: 1 addition & 1 deletion examples/kubernetes/jwt/jwt.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ spec:
providers:
- name: example
remoteJWKS:
uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/authn/jwks.json
uri: https://raw.githubusercontent.com/envoyproxy/gateway/main/examples/kubernetes/jwt/jwks.json
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
Expand Down
32 changes: 16 additions & 16 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/envoyproxy/gateway

go 1.20
go 1.21

require (
github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4
Expand All @@ -9,7 +9,7 @@ require (
github.com/envoyproxy/ratelimit v1.4.1-0.20230427142404-e2a87f41d3a7
github.com/evanphx/json-patch/v5 v5.7.0
github.com/go-logfmt/logfmt v0.6.0
github.com/go-logr/logr v1.2.4
github.com/go-logr/logr v1.3.0
github.com/go-logr/zapr v1.2.4
github.com/gogo/protobuf v1.3.2
github.com/golang/protobuf v1.5.3
Expand All @@ -31,7 +31,7 @@ require (
go.opentelemetry.io/otel/sdk/metric v1.19.0
go.opentelemetry.io/proto/otlp v1.0.0
go.uber.org/zap v1.26.0
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e
golang.org/x/exp v0.0.0-20231006140011-7918f672742d
google.golang.org/grpc v1.59.0
google.golang.org/protobuf v1.31.0
gopkg.in/yaml.v3 v3.0.1
Expand All @@ -41,10 +41,10 @@ require (
k8s.io/cli-runtime v0.28.3
k8s.io/client-go v0.28.3
k8s.io/kubectl v0.28.3
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
sigs.k8s.io/controller-runtime v0.16.3
sigs.k8s.io/gateway-api v1.0.0-rc2
sigs.k8s.io/yaml v1.3.0
sigs.k8s.io/gateway-api v1.0.0
sigs.k8s.io/yaml v1.4.0
)

require (
Expand All @@ -67,14 +67,14 @@ require (
github.com/chai2010/gettext-go v1.0.2 // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/envoyproxy/protoc-gen-validate v1.0.2 // indirect
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
github.com/evanphx/json-patch v5.7.0+incompatible // indirect
github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect
github.com/go-errors/errors v1.4.2 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonpointer v0.20.0 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/go-openapi/swag v0.22.4 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/btree v1.0.1 // indirect
github.com/google/gnostic-models v0.6.8 // indirect
Expand All @@ -83,7 +83,7 @@ require (
github.com/google/uuid v1.3.1 // indirect
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/imdario/mergo v0.3.16 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
Expand All @@ -102,32 +102,32 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_golang v1.17.0
github.com/prometheus/client_model v0.5.0 // indirect
github.com/prometheus/procfs v0.11.1 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/tsaarni/x500dn v1.0.0 // indirect
github.com/xlab/treeprint v1.2.0 // indirect
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/net v0.17.0 // indirect
golang.org/x/oauth2 v0.12.0 // indirect
golang.org/x/oauth2 v0.13.0 // indirect
golang.org/x/sys v0.13.0 // indirect
golang.org/x/term v0.13.0 // indirect
golang.org/x/text v0.13.0 // indirect
golang.org/x/time v0.3.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
k8s.io/component-base v0.28.3 // indirect
k8s.io/klog/v2 v2.100.1 // indirect
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
sigs.k8s.io/mcs-api v0.1.0
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect
)
Loading

0 comments on commit c62a470

Please sign in to comment.