Skip to content

Commit

Permalink
Merge branch 'main' into egctl-status-policy
Browse files Browse the repository at this point in the history
  • Loading branch information
shawnh2 authored Apr 23, 2024
2 parents 3a50f08 + 5bc4941 commit 52f3ede
Show file tree
Hide file tree
Showing 469 changed files with 17,604 additions and 1,323 deletions.
24 changes: 12 additions & 12 deletions .github/workflows/build_and_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps
# Generate the install manifests first so it can checked
# for errors while running `make -k lint`
Expand All @@ -31,21 +31,21 @@ jobs:
gen-check:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps
- run: make -k gen-check

license-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps
- run: make -k licensecheck

coverage-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

# test
Expand All @@ -63,14 +63,14 @@ jobs:
runs-on: ubuntu-latest
needs: [lint, gen-check, license-check, coverage-test]
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

- name: Build EG Multiarch Binaries
run: make build-multiarch PLATFORMS="linux_amd64 linux_arm64"

- name: Upload EG Binaries
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
with:
name: envoy-gateway
path: bin/
Expand All @@ -82,11 +82,11 @@ jobs:
matrix:
version: [ v1.26.14, v1.27.11, v1.28.7, v1.29.2 ]
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

- name: Download EG Binaries
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5
with:
name: envoy-gateway
path: bin/
Expand All @@ -110,11 +110,11 @@ jobs:
matrix:
version: [ v1.26.14, v1.27.11, v1.28.7, v1.29.2 ]
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

- name: Download EG Binaries
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5
with:
name: envoy-gateway
path: bin/
Expand All @@ -135,11 +135,11 @@ jobs:
runs-on: ubuntu-latest
needs: [conformance-test, e2e-test]
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

- name: Download EG Binaries
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5
with:
name: envoy-gateway
path: bin/
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/cherrypick.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,17 +6,19 @@ on:
types: ["closed"]

permissions:
pull-requests: write
contents: write
contents: read

jobs:
cherry_pick_release_v1_0:
permissions:
pull-requests: write
contents: write
runs-on: ubuntu-22.04
name: Cherry pick into release-v1.0
if: ${{ contains(github.event.pull_request.labels.*.name, 'cherrypick/release-v1.0') && github.event.pull_request.merged == true }}
steps:
- name: Checkout
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
- name: Cherry pick into release/v1.0
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,18 +32,18 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

- name: Initialize CodeQL
uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
uses: github/codeql-action/init@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1
with:
languages: ${{ matrix.language }}

- name: Autobuild
uses: github/codeql-action/autobuild@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
uses: github/codeql-action/autobuild@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
uses: github/codeql-action/analyze@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1
with:
category: "/language:${{matrix.language}}"
4 changes: 2 additions & 2 deletions .github/workflows/docs.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Check out code
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
ref: ${{ github.event.pull_request.head.sha }}

Expand All @@ -48,7 +48,7 @@ jobs:
contents: write
steps:
- name: Git checkout
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
submodules: true
ref: ${{ github.event.pull_request.head.sha }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/experimental_conformance.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
matrix:
version: [ v1.26.14, v1.27.11, v1.28.7, v1.29.2 ]
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

# gateway api experimental conformance
Expand All @@ -32,7 +32,7 @@ jobs:
run: make experimental-conformance

- name: Upload Conformance Report
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
with:
name: conformance-report-k8s-${{ matrix.version }}
path: ./test/conformance/conformance-report-k8s-${{ matrix.version }}.yaml
2 changes: 1 addition & 1 deletion .github/workflows/latest_release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
permissions:
contents: write
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: ./tools/github-actions/setup-deps

- name: Generate Release Manifests
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
permissions:
contents: write
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3

- name: Extract Release Tag and Commit SHA
id: vars
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:

steps:
- name: "Checkout code"
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
persist-credentials: false

Expand All @@ -33,13 +33,13 @@ jobs:
publish_results: true

- name: "Upload artifact"
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
with:
name: SARIF file
path: results.sarif
retention-days: 5

- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
uses: github/codeql-action/upload-sarif@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1
with:
sarif_file: results.sarif
6 changes: 3 additions & 3 deletions api/v1alpha1/backendtrafficpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,8 @@ const (
// +kubebuilder:object:root=true
// +kubebuilder:resource:categories=envoy-gateway,shortName=btp
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[?(@.type=="Accepted")].reason`
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
//

// BackendTrafficPolicy allows the user to configure the behavior of the connection
// between the Envoy Proxy listener and the backend service.
type BackendTrafficPolicy struct {
Expand All @@ -34,7 +33,7 @@ type BackendTrafficPolicy struct {
Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
}

// spec defines the desired state of BackendTrafficPolicy.
// BackendTrafficPolicySpec defines the desired state of BackendTrafficPolicy.
type BackendTrafficPolicySpec struct {
// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
// +kubebuilder:validation:XValidation:rule="self.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute']", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
Expand Down Expand Up @@ -100,6 +99,7 @@ type BackendTrafficPolicySpec struct {
}

// +kubebuilder:object:root=true

// BackendTrafficPolicyList contains a list of BackendTrafficPolicy resources.
type BackendTrafficPolicyList struct {
metav1.TypeMeta `json:",inline"`
Expand Down
50 changes: 39 additions & 11 deletions api/v1alpha1/clienttrafficpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
package v1alpha1

import (
"k8s.io/apimachinery/pkg/api/resource"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
gwapiv1a2 "sigs.k8s.io/gateway-api/apis/v1alpha2"
)
Expand All @@ -18,7 +19,6 @@ const (
// +kubebuilder:object:root=true
// +kubebuilder:resource:categories=envoy-gateway,shortName=ctp
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[?(@.type=="Accepted")].reason`
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`

// ClientTrafficPolicy allows the user to configure the behavior of the connection
Expand Down Expand Up @@ -63,10 +63,6 @@ type ClientTrafficPolicySpec struct {
//
// +optional
ClientIPDetection *ClientIPDetectionSettings `json:"clientIPDetection,omitempty"`
// HTTP3 provides HTTP/3 configuration on the listener.
//
// +optional
HTTP3 *HTTP3Settings `json:"http3,omitempty"`
// TLS settings configure TLS termination settings with the downstream client.
//
// +optional
Expand All @@ -75,10 +71,6 @@ type ClientTrafficPolicySpec struct {
//
// +optional
Path *PathSettings `json:"path,omitempty"`
// HTTP1 provides HTTP/1 configuration on the listener.
//
// +optional
HTTP1 *HTTP1Settings `json:"http1,omitempty"`
// HeaderSettings provides configuration for header management.
//
// +optional
Expand All @@ -91,9 +83,21 @@ type ClientTrafficPolicySpec struct {
//
// +optional
Connection *Connection `json:"connection,omitempty"`
// HTTP1 provides HTTP/1 configuration on the listener.
//
// +optional
HTTP1 *HTTP1Settings `json:"http1,omitempty"`
// HTTP2 provides HTTP/2 configuration on the listener.
//
// +optional
HTTP2 *HTTP2Settings `json:"http2,omitempty"`
// HTTP3 provides HTTP/3 configuration on the listener.
//
// +optional
HTTP3 *HTTP3Settings `json:"http3,omitempty"`
}

// HeaderSettings providess configuration options for headers on the listener.
// HeaderSettings provides configuration options for headers on the listener.
type HeaderSettings struct {
// EnableEnvoyHeaders configures Envoy Proxy to add the "X-Envoy-" headers to requests
// and responses.
Expand Down Expand Up @@ -151,7 +155,7 @@ type XForwardedForSettings struct {
NumTrustedHops *uint32 `json:"numTrustedHops,omitempty"`
}

// CustomHeader provides configuration for determining the client IP address for a request based on
// CustomHeaderExtensionSettings provides configuration for determining the client IP address for a request based on
// a trusted custom HTTP header. This uses the the custom_header original IP detection extension.
// Refer to https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/http/original_ip_detection/custom_header/v3/custom_header.proto
// for more details.
Expand Down Expand Up @@ -200,6 +204,30 @@ type HTTP10Settings struct {
UseDefaultHost *bool `json:"useDefaultHost,omitempty"`
}

// HTTP2Settings provides HTTP/2 configuration on the listener.
type HTTP2Settings struct {
// InitialStreamWindowSize sets the initial window size for HTTP/2 streams.
// If not set, the default value is 64 KiB(64*1024).
//
// +kubebuilder:validation:XValidation:rule="type(self) == string ? self.matches(r\"^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$\") : type(self) == int",message="initialStreamWindowSize must be of the format \"^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$\""
// +optional
InitialStreamWindowSize *resource.Quantity `json:"initialStreamWindowSize,omitempty"`

// InitialConnectionWindowSize sets the initial window size for HTTP/2 connections.
// If not set, the default value is 1 MiB.
//
// +kubebuilder:validation:XValidation:rule="type(self) == string ? self.matches(r\"^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$\") : type(self) == int",message="initialConnectionWindowSize must be of the format \"^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$\""
// +optional
InitialConnectionWindowSize *resource.Quantity `json:"initialConnectionWindowSize,omitempty"`

// MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.
// If not set, the default value is 100.
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// +optional
MaxConcurrentStreams *uint32 `json:"maxConcurrentStreams,omitempty"`
}

const (
// PolicyConditionOverridden indicates whether the policy has
// completely attached to all the sections within the target or not.
Expand Down
7 changes: 4 additions & 3 deletions api/v1alpha1/envoyextensionypolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ const (
// +kubebuilder:object:root=true
// +kubebuilder:resource:shortName=eep
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[?(@.type=="Accepted")].reason`
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`

// EnvoyExtensionPolicy allows the user to configure various envoy extensibility options for the Gateway.
Expand Down Expand Up @@ -46,15 +45,17 @@ type EnvoyExtensionPolicySpec struct {
// TargetRef
TargetRef gwapiv1a2.PolicyTargetReferenceWithSectionName `json:"targetRef"`

// WASM is a list of Wasm extensions to be loaded by the Gateway.
// Wasm is a list of Wasm extensions to be loaded by the Gateway.
// Order matters, as the extensions will be loaded in the order they are
// defined in this list.
//
// +optional
WASM []Wasm `json:"wasm,omitempty"`
Wasm []Wasm `json:"wasm,omitempty"`

// ExtProc is an ordered list of external processing filters
// that should added to the envoy filter chain
//
// +optional
ExtProc []ExtProc `json:"extProc,omitempty"`
}

Expand Down
13 changes: 11 additions & 2 deletions api/v1alpha1/envoyproxy_helpers.go
Original file line number Diff line number Diff line change
Expand Up @@ -70,11 +70,20 @@ func (r *EnvoyProxyProvider) GetEnvoyProxyKubeProvider() *EnvoyProxyKubernetesPr
return r.Kubernetes
}

if r.Kubernetes.EnvoyDeployment == nil {
// if EnvoyDeployment and EnvoyDaemonSet are both nil, use EnvoyDeployment
if r.Kubernetes.EnvoyDeployment == nil && r.Kubernetes.EnvoyDaemonSet == nil {
r.Kubernetes.EnvoyDeployment = DefaultKubernetesDeployment(DefaultEnvoyProxyImage)
}

r.Kubernetes.EnvoyDeployment.defaultKubernetesDeploymentSpec(DefaultEnvoyProxyImage)
// if use EnvoyDeployment, set default values
if r.Kubernetes.EnvoyDeployment != nil {
r.Kubernetes.EnvoyDeployment.defaultKubernetesDeploymentSpec(DefaultEnvoyProxyImage)
}

// if use EnvoyDaemonSet, set default values
if r.Kubernetes.EnvoyDaemonSet != nil {
r.Kubernetes.EnvoyDaemonSet.defaultKubernetesDaemonSetSpec(DefaultEnvoyProxyImage)
}

if r.Kubernetes.EnvoyService == nil {
r.Kubernetes.EnvoyService = DefaultKubernetesService()
Expand Down
Loading

0 comments on commit 52f3ede

Please sign in to comment.