diff --git a/.github/workflows/build_and_test.yaml b/.github/workflows/build_and_test.yaml index ff5102d2100..c98d69a2684 100644 --- a/.github/workflows/build_and_test.yaml +++ b/.github/workflows/build_and_test.yaml @@ -93,7 +93,6 @@ jobs: - name: Run Conformance Tests env: KIND_NODE_TAG: ${{ matrix.version }} - CONFORMANCE_UNIQUE_PORTS: false IMAGE_PULL_POLICY: IfNotPresent run: make conformance @@ -122,7 +121,6 @@ jobs: - name: Run E2E Tests env: KIND_NODE_TAG: ${{ matrix.version }} - CONFORMANCE_UNIQUE_PORTS: false IMAGE_PULL_POLICY: IfNotPresent run: make e2e diff --git a/charts/gateway-helm/crds/gatewayapi-crds.yaml b/charts/gateway-helm/crds/gatewayapi-crds.yaml index 3e8507a5bcd..478c46ff96e 100644 --- a/charts/gateway-helm/crds/gatewayapi-crds.yaml +++ b/charts/gateway-helm/crds/gatewayapi-crds.yaml @@ -24,7 +24,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: gatewayclasses.gateway.networking.k8s.io @@ -459,7 +459,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: gateways.gateway.networking.k8s.io @@ -1898,7 +1898,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: grpcroutes.gateway.networking.k8s.io @@ -3399,7 +3399,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: httproutes.gateway.networking.k8s.io @@ -3976,8 +3976,17 @@ spec: port: description: "Port is the port to be used in the value of the `Location` header in the - response. \n When empty, the Gateway Listener - port is used. \n Implementations SHOULD NOT + response. \n If no port is specified, the + redirect port MUST be derived using the following + rules: \n * If redirect scheme is not-empty, + the redirect port MUST be the well-known port + associated with the redirect scheme. Specifically + \"http\" to port 80 and \"https\" to port + 443. If the redirect scheme does not have + a well-known port, the listener port of the + Gateway SHOULD be used. * If redirect scheme + is empty, the redirect port MUST be the Gateway + Listener port. \n Implementations SHOULD NOT add the port number in the 'Location' header in the following cases: \n * A Location header that will use HTTP (whether that is determined @@ -3994,8 +4003,11 @@ spec: description: "Scheme is the scheme to be used in the value of the `Location` header in the response. When empty, the scheme of the request - is used. \n Note that values may be added - to this enum, implementations must ensure + is used. \n Scheme redirects can affect the + port of the redirect, for more information, + refer to the documentation for the port field + of this filter. \n Note that values may be + added to this enum, implementations must ensure that unknown values will not cause a crash. \n Unknown values here must result in the implementation setting the Accepted Condition @@ -4617,16 +4629,24 @@ spec: type: object port: description: "Port is the port to be used in the value - of the `Location` header in the response. \n When - empty, the Gateway Listener port is used. \n Implementations - SHOULD NOT add the port number in the 'Location' - header in the following cases: \n * A Location header - that will use HTTP (whether that is determined via - the Listener protocol or the Scheme field) _and_ - use port 80. * A Location header that will use HTTPS - (whether that is determined via the Listener protocol - or the Scheme field) _and_ use port 443. \n Support: - Extended" + of the `Location` header in the response. \n If + no port is specified, the redirect port MUST be + derived using the following rules: \n * If redirect + scheme is not-empty, the redirect port MUST be the + well-known port associated with the redirect scheme. + Specifically \"http\" to port 80 and \"https\" to + port 443. If the redirect scheme does not have a + well-known port, the listener port of the Gateway + SHOULD be used. * If redirect scheme is empty, the + redirect port MUST be the Gateway Listener port. + \n Implementations SHOULD NOT add the port number + in the 'Location' header in the following cases: + \n * A Location header that will use HTTP (whether + that is determined via the Listener protocol or + the Scheme field) _and_ use port 80. * A Location + header that will use HTTPS (whether that is determined + via the Listener protocol or the Scheme field) _and_ + use port 443. \n Support: Extended" format: int32 maximum: 65535 minimum: 1 @@ -4635,7 +4655,10 @@ spec: description: "Scheme is the scheme to be used in the value of the `Location` header in the response. When empty, the scheme of the request is used. \n - Note that values may be added to this enum, implementations + Scheme redirects can affect the port of the redirect, + for more information, refer to the documentation + for the port field of this filter. \n Note that + values may be added to this enum, implementations must ensure that unknown values will not cause a crash. \n Unknown values here must result in the implementation setting the Accepted Condition for @@ -5871,8 +5894,17 @@ spec: port: description: "Port is the port to be used in the value of the `Location` header in the - response. \n When empty, the Gateway Listener - port is used. \n Implementations SHOULD NOT + response. \n If no port is specified, the + redirect port MUST be derived using the following + rules: \n * If redirect scheme is not-empty, + the redirect port MUST be the well-known port + associated with the redirect scheme. Specifically + \"http\" to port 80 and \"https\" to port + 443. If the redirect scheme does not have + a well-known port, the listener port of the + Gateway SHOULD be used. * If redirect scheme + is empty, the redirect port MUST be the Gateway + Listener port. \n Implementations SHOULD NOT add the port number in the 'Location' header in the following cases: \n * A Location header that will use HTTP (whether that is determined @@ -5889,8 +5921,11 @@ spec: description: "Scheme is the scheme to be used in the value of the `Location` header in the response. When empty, the scheme of the request - is used. \n Note that values may be added - to this enum, implementations must ensure + is used. \n Scheme redirects can affect the + port of the redirect, for more information, + refer to the documentation for the port field + of this filter. \n Note that values may be + added to this enum, implementations must ensure that unknown values will not cause a crash. \n Unknown values here must result in the implementation setting the Accepted Condition @@ -6512,16 +6547,24 @@ spec: type: object port: description: "Port is the port to be used in the value - of the `Location` header in the response. \n When - empty, the Gateway Listener port is used. \n Implementations - SHOULD NOT add the port number in the 'Location' - header in the following cases: \n * A Location header - that will use HTTP (whether that is determined via - the Listener protocol or the Scheme field) _and_ - use port 80. * A Location header that will use HTTPS - (whether that is determined via the Listener protocol - or the Scheme field) _and_ use port 443. \n Support: - Extended" + of the `Location` header in the response. \n If + no port is specified, the redirect port MUST be + derived using the following rules: \n * If redirect + scheme is not-empty, the redirect port MUST be the + well-known port associated with the redirect scheme. + Specifically \"http\" to port 80 and \"https\" to + port 443. If the redirect scheme does not have a + well-known port, the listener port of the Gateway + SHOULD be used. * If redirect scheme is empty, the + redirect port MUST be the Gateway Listener port. + \n Implementations SHOULD NOT add the port number + in the 'Location' header in the following cases: + \n * A Location header that will use HTTP (whether + that is determined via the Listener protocol or + the Scheme field) _and_ use port 80. * A Location + header that will use HTTPS (whether that is determined + via the Listener protocol or the Scheme field) _and_ + use port 443. \n Support: Extended" format: int32 maximum: 65535 minimum: 1 @@ -6530,7 +6573,10 @@ spec: description: "Scheme is the scheme to be used in the value of the `Location` header in the response. When empty, the scheme of the request is used. \n - Note that values may be added to this enum, implementations + Scheme redirects can affect the port of the redirect, + for more information, refer to the documentation + for the port field of this filter. \n Note that + values may be added to this enum, implementations must ensure that unknown values will not cause a crash. \n Unknown values here must result in the implementation setting the Accepted Condition for @@ -7222,7 +7268,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: referencegrants.gateway.networking.k8s.io @@ -7504,7 +7550,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: tcproutes.gateway.networking.k8s.io @@ -8034,7 +8080,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: tlsroutes.gateway.networking.k8s.io @@ -8613,7 +8659,7 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1923 - gateway.networking.k8s.io/bundle-version: v0.7.0-rc1 + gateway.networking.k8s.io/bundle-version: v0.7.0 gateway.networking.k8s.io/channel: experimental creationTimestamp: null name: udproutes.gateway.networking.k8s.io @@ -9204,7 +9250,7 @@ spec: spec: containers: - name: webhook - image: registry.k8s.io/gateway-api/admission-server:v0.7.0-rc1 + image: registry.k8s.io/gateway-api/admission-server:v0.7.0 imagePullPolicy: Always args: - -logtostderr diff --git a/go.mod b/go.mod index 6f479e3a4c4..071c3a96464 100644 --- a/go.mod +++ b/go.mod @@ -30,7 +30,7 @@ require ( k8s.io/kubectl v0.27.2 k8s.io/utils v0.0.0-20230209194617-a36077c30491 sigs.k8s.io/controller-runtime v0.15.0-beta.0 - sigs.k8s.io/gateway-api v0.7.0-rc1 + sigs.k8s.io/gateway-api v0.7.0 sigs.k8s.io/yaml v1.3.0 ) diff --git a/go.sum b/go.sum index 08119710b38..89d38892652 100644 --- a/go.sum +++ b/go.sum @@ -653,8 +653,8 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/controller-runtime v0.15.0-beta.0 h1:pkhYMops8jZrVuI0kBHeF6q9UVu1JljIGGG4Ox5ZJmk= sigs.k8s.io/controller-runtime v0.15.0-beta.0/go.mod h1:YUTa+du31rqOu4mJaijiuhGFax9ecCJgO/v0/yW09gE= -sigs.k8s.io/gateway-api v0.7.0-rc1 h1:dVUmLp5W4QBv9diU99ULf9n5v/incEmdVU98rkSa+7Y= -sigs.k8s.io/gateway-api v0.7.0-rc1/go.mod h1:Xv0+ZMxX0lu1nSSDIIPEfbVztgNZ+3cfiYrJsa2Ooso= +sigs.k8s.io/gateway-api v0.7.0 h1:/mG8yyJNBifqvuVLW5gwlI4CQs0NR/5q4BKUlf1bVdY= +sigs.k8s.io/gateway-api v0.7.0/go.mod h1:Xv0+ZMxX0lu1nSSDIIPEfbVztgNZ+3cfiYrJsa2Ooso= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.13.2 h1:kejWfLeJhUsTGioDoFNJET5LQe/ajzXhJGYoU+pJsiA= diff --git a/test/conformance/conformance_test.go b/test/conformance/conformance_test.go index e0e2b0ab340..22b1f143c0b 100644 --- a/test/conformance/conformance_test.go +++ b/test/conformance/conformance_test.go @@ -22,8 +22,6 @@ import ( "sigs.k8s.io/gateway-api/conformance/utils/suite" ) -var useUniquePorts = flag.Bool("use-unique-ports", true, "whether to use unique ports") - func TestGatewayAPIConformance(t *testing.T) { flag.Parse() @@ -36,32 +34,15 @@ func TestGatewayAPIConformance(t *testing.T) { require.NoError(t, v1alpha2.AddToScheme(client.Scheme())) require.NoError(t, v1beta1.AddToScheme(client.Scheme())) - validUniqueListenerPorts := []v1alpha2.PortNumber{ - v1alpha2.PortNumber(int32(80)), - v1alpha2.PortNumber(int32(81)), - v1alpha2.PortNumber(int32(82)), - v1alpha2.PortNumber(int32(83)), - } - - if !*useUniquePorts { - validUniqueListenerPorts = []v1alpha2.PortNumber{} - } - cSuite := suite.New(suite.Options{ - Client: client, - GatewayClassName: *flags.GatewayClassName, - Debug: *flags.ShowDebug, - CleanupBaseResources: *flags.CleanupBaseResources, - ValidUniqueListenerPorts: validUniqueListenerPorts, - SupportedFeatures: suite.AllFeatures, - ExemptFeatures: suite.MeshCoreFeatures, + Client: client, + GatewayClassName: *flags.GatewayClassName, + Debug: *flags.ShowDebug, + CleanupBaseResources: *flags.CleanupBaseResources, + SupportedFeatures: suite.AllFeatures, + ExemptFeatures: suite.MeshCoreFeatures, SkipTests: []string{ - // Remove once https://github.com/envoyproxy/gateway/issues/993 is fixed - tests.HTTPRouteRedirectPath.ShortName, - // Remove once https://github.com/envoyproxy/gateway/issues/992 is fixed - tests.HTTPRouteRedirectHostAndStatus.ShortName, - // Remove once https://github.com/envoyproxy/gateway/issues/994 is fixed - tests.HTTPRouteRedirectScheme.ShortName, + tests.HTTPRouteRedirectPortAndScheme.ShortName, }, }) cSuite.Setup(t) diff --git a/tools/make/kube.mk b/tools/make/kube.mk index 9a13f2930da..ce86a92b29b 100644 --- a/tools/make/kube.mk +++ b/tools/make/kube.mk @@ -6,8 +6,6 @@ GATEWAY_API_VERSION ?= $(shell go list -m -f '{{.Version}}' sigs.k8s.io/gateway- GATEWAY_RELEASE_URL ?= https://github.com/kubernetes-sigs/gateway-api/releases/download/${GATEWAY_API_VERSION}/experimental-install.yaml -CONFORMANCE_UNIQUE_PORTS ?= true - WAIT_TIMEOUT ?= 15m # Set Kubernetes Resources Directory Path @@ -132,7 +130,7 @@ run-conformance: ## Run Gateway API conformance. kubectl wait --timeout=$(WAIT_TIMEOUT) -n envoy-gateway-system deployment/envoy-gateway --for=condition=Available kubectl wait --timeout=$(WAIT_TIMEOUT) -n gateway-system job/gateway-api-admission --for=condition=Complete kubectl apply -f test/config/gatewayclass.yaml - go test -v -tags conformance ./test/conformance --gateway-class=envoy-gateway --debug=true --use-unique-ports=$(CONFORMANCE_UNIQUE_PORTS) + go test -v -tags conformance ./test/conformance --gateway-class=envoy-gateway --debug=true .PHONY: delete-cluster delete-cluster: $(tools/kind) ## Delete kind cluster.