diff --git a/.github/workflows/license-scan.yml b/.github/workflows/license-scan.yml index 649f27fe979..834515bbeb0 100644 --- a/.github/workflows/license-scan.yml +++ b/.github/workflows/license-scan.yml @@ -23,4 +23,5 @@ jobs: scan-args: |- --skip-git --experimental-licenses=Apache-2.0,BSD-2-Clause,BSD-2-Clause-FreeBSD,BSD-3-Clause,MIT,ISC,Python-2.0,PostgreSQL,X11,Zlib + --config tools/osv-scanner/license-scan-config.yaml ./ diff --git a/site/content/en/docs/tasks/operations/customize-envoyproxy.md b/site/content/en/docs/tasks/operations/customize-envoyproxy.md index 55ea32557c7..9c5ab5fe177 100644 --- a/site/content/en/docs/tasks/operations/customize-envoyproxy.md +++ b/site/content/en/docs/tasks/operations/customize-envoyproxy.md @@ -720,12 +720,12 @@ spec: {{% /tab %}} {{< /tabpane >}} -You can use [egctl translate][] +You can use [egctl x translate][] to get the default xDS Bootstrap configuration used by Envoy Gateway. After applying the config, the bootstrap config will be overridden by the new config you provided. Any errors in the configuration will be surfaced as status within the `GatewayClass` resource. -You can also validate this configuration using [egctl translate][]. +You can also validate this configuration using [egctl x translate][]. ## Customize EnvoyProxy Horizontal Pod Autoscaler @@ -1043,6 +1043,53 @@ spec: {{% /tab %}} {{< /tabpane >}} +## Customize EnvoyProxy IP Family + +You can customize the IP family configuration for EnvoyProxy via the EnvoyProxy Config. +This allows the Envoy Proxy fleet to serve external clients over IPv4 as well as IPv6. + +The below configuration sets the `ipFamily` to `DualStack` to allow ingressing IPv4 as well as IPv6 traffic. + +**Note**: Envoy Gateway relies on the [Service](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) spec of the BackendRef resource (linked to xRoutes) to decide which type of IP addresses to use to route to them. + +{{< tabpane text=true >}} +{{% tab header="Apply from stdin" %}} + +```shell +cat <}} + +After applying the config, the EnvoyProxy deployment will be configured to use the specified IP family. When set to `DualStack`, both IPv4 and IPv6 networking will be enabled. + +**Note**: Your cluster must support the selected IP family configuration. For DualStack support, ensure your Kubernetes cluster is properly configured for dual-stack networking. + [Gateway API documentation]: https://gateway-api.sigs.k8s.io/ [EnvoyProxy]: ../../../api/extension_types#envoyproxy -[egctl translate]: ../egctl/#validating-gateway-api-configuration +[egctl x translate]: ../operations/egctl#egctl-experimental-translate \ No newline at end of file diff --git a/site/content/en/latest/tasks/operations/customize-envoyproxy.md b/site/content/en/latest/tasks/operations/customize-envoyproxy.md index 55ea32557c7..9c5ab5fe177 100644 --- a/site/content/en/latest/tasks/operations/customize-envoyproxy.md +++ b/site/content/en/latest/tasks/operations/customize-envoyproxy.md @@ -720,12 +720,12 @@ spec: {{% /tab %}} {{< /tabpane >}} -You can use [egctl translate][] +You can use [egctl x translate][] to get the default xDS Bootstrap configuration used by Envoy Gateway. After applying the config, the bootstrap config will be overridden by the new config you provided. Any errors in the configuration will be surfaced as status within the `GatewayClass` resource. -You can also validate this configuration using [egctl translate][]. +You can also validate this configuration using [egctl x translate][]. ## Customize EnvoyProxy Horizontal Pod Autoscaler @@ -1043,6 +1043,53 @@ spec: {{% /tab %}} {{< /tabpane >}} +## Customize EnvoyProxy IP Family + +You can customize the IP family configuration for EnvoyProxy via the EnvoyProxy Config. +This allows the Envoy Proxy fleet to serve external clients over IPv4 as well as IPv6. + +The below configuration sets the `ipFamily` to `DualStack` to allow ingressing IPv4 as well as IPv6 traffic. + +**Note**: Envoy Gateway relies on the [Service](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) spec of the BackendRef resource (linked to xRoutes) to decide which type of IP addresses to use to route to them. + +{{< tabpane text=true >}} +{{% tab header="Apply from stdin" %}} + +```shell +cat <}} + +After applying the config, the EnvoyProxy deployment will be configured to use the specified IP family. When set to `DualStack`, both IPv4 and IPv6 networking will be enabled. + +**Note**: Your cluster must support the selected IP family configuration. For DualStack support, ensure your Kubernetes cluster is properly configured for dual-stack networking. + [Gateway API documentation]: https://gateway-api.sigs.k8s.io/ [EnvoyProxy]: ../../../api/extension_types#envoyproxy -[egctl translate]: ../egctl/#validating-gateway-api-configuration +[egctl x translate]: ../operations/egctl#egctl-experimental-translate \ No newline at end of file diff --git a/site/content/en/v1.2/tasks/operations/customize-envoyproxy.md b/site/content/en/v1.2/tasks/operations/customize-envoyproxy.md index 55ea32557c7..9c5ab5fe177 100644 --- a/site/content/en/v1.2/tasks/operations/customize-envoyproxy.md +++ b/site/content/en/v1.2/tasks/operations/customize-envoyproxy.md @@ -720,12 +720,12 @@ spec: {{% /tab %}} {{< /tabpane >}} -You can use [egctl translate][] +You can use [egctl x translate][] to get the default xDS Bootstrap configuration used by Envoy Gateway. After applying the config, the bootstrap config will be overridden by the new config you provided. Any errors in the configuration will be surfaced as status within the `GatewayClass` resource. -You can also validate this configuration using [egctl translate][]. +You can also validate this configuration using [egctl x translate][]. ## Customize EnvoyProxy Horizontal Pod Autoscaler @@ -1043,6 +1043,53 @@ spec: {{% /tab %}} {{< /tabpane >}} +## Customize EnvoyProxy IP Family + +You can customize the IP family configuration for EnvoyProxy via the EnvoyProxy Config. +This allows the Envoy Proxy fleet to serve external clients over IPv4 as well as IPv6. + +The below configuration sets the `ipFamily` to `DualStack` to allow ingressing IPv4 as well as IPv6 traffic. + +**Note**: Envoy Gateway relies on the [Service](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) spec of the BackendRef resource (linked to xRoutes) to decide which type of IP addresses to use to route to them. + +{{< tabpane text=true >}} +{{% tab header="Apply from stdin" %}} + +```shell +cat <}} + +After applying the config, the EnvoyProxy deployment will be configured to use the specified IP family. When set to `DualStack`, both IPv4 and IPv6 networking will be enabled. + +**Note**: Your cluster must support the selected IP family configuration. For DualStack support, ensure your Kubernetes cluster is properly configured for dual-stack networking. + [Gateway API documentation]: https://gateway-api.sigs.k8s.io/ [EnvoyProxy]: ../../../api/extension_types#envoyproxy -[egctl translate]: ../egctl/#validating-gateway-api-configuration +[egctl x translate]: ../operations/egctl#egctl-experimental-translate \ No newline at end of file diff --git a/osv-scanner.toml b/tools/osv-scanner/license-scan-config.toml similarity index 96% rename from osv-scanner.toml rename to tools/osv-scanner/license-scan-config.toml index 9d5626b71ec..79a579ff7f8 100644 --- a/osv-scanner.toml +++ b/tools/osv-scanner/license-scan-config.toml @@ -1,3 +1,8 @@ +# Ignore vulnerabilities on license scan +[[PackageOverrides]] +ecosystem = "Go" +vulnerability.ignore = true + [[PackageOverrides]] name = "github.com/AdaLogics/go-fuzz-headers" version = "0.0.0-20230811130428-ced1acdcaa24"