Conversation
* emitters * touch up * Grammar and some more responsibilities for Emitters. * Update docs/emitters.md Co-authored-by: Lior Lieberman <liorlib7+riskified@gmail.com> * more specific scope * out of scope * Apply suggestions from code review Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com> Co-authored-by: Nick Young <inocuo@gmail.com> * common layer --------- Co-authored-by: Lior Lieberman <liorlib7+riskified@gmail.com> Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com> Co-authored-by: Nick Young <inocuo@gmail.com>
* WIP * initial emitter impl Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com> * Fix tests * remove bad docs (add them later) * comments * remove empty file * naming and emitter cli arg * update comments * remove unused nginx stff * use correct interface. * add common emitter * move gce to a dedicated emitter * remove unused code * gce unit tests * lint * copyright dates * lint * Comments on emitters * Fix linting * rename to gceServiceIR * Revert copyright dates for moved files * rename to standard * fix comments * add underscore to package names * commetns for common emitter usage * change common to utils for (better name)) * lint --------- Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
We have a read operation on a shared map without using a mutex in CreateNotificationTables. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
* implement header manipulation for nginxingress * pr comments * fmt * fmt * fmt * fmt * add TODOs * fix mege from master * fmt * Update pkg/i2gw/providers/ingressnginx/headers.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> * continue instead of panic * Update pkg/i2gw/providers/ingressnginx/headers_test.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> * Update pkg/i2gw/providers/ingressnginx/annotations.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> * Update pkg/i2gw/providers/ingressnginx/headers.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> * Update pkg/i2gw/providers/ingressnginx/utils.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> --------- Co-authored-by: Steven Jin <stevenjin8@gmail.com>
* Update changelog for 0.5.0 * update references to 0.5.0
* non-regex rewrites * handle regex paths * non-nil map * fix tests * lint * lint and test
* non-regex rewrites * handle regex paths * non-nil map * ssl redirect * some fixes * fix tests * lint * Better bool parsing
…tes-sigs#302) Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
* feat: support route rule name Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: test output Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
* Add some reviewers * Remove Kota
* migrate golangci-lint v2 Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: gosec lint Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: govet lint Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: testifylint Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: staticcheck Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * update go version in workflow Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * revert timeout Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
* Add k8s clients Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add logger interface Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add CRD helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add Helm helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add namespace helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add dummy app helpers We need a dummy workload so that ingresses and gateways have some service to send test traffic to. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add helper for installing Istio Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add helpers for Kong Kong is both an ingress controller and a GWAPI implementation. Add helpers for both. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add GWAPI helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add port forwarding helpers We use port forwarding to reach ingress controllers and gateways in an infrastructure-agnostic way during testing. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add ingress-nginx helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add helper for creating ingresses Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add resource manager To be able to run multiple test cases concurrently on the same cluster, some resources must be shared. For example, CRDs are cluster-level rather than namespace-scoped. In addition, deploying multiple instances of an ingress controller or GWAPI implementation wastes time and resources even in cases where it's technically possible to do so. To address these concerns, we add a resource manager. This construct allows efficient and thread-safe sharing of resources. A shared resource is created on first usage, returned on subsequent attempts to acquire the resources and cleaned up when no users remain. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add verifier interface and httpGetVerifier implementation Verifiers are used to ensure ingress and GWAPI resources process traffic according to expectations. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add main test logic Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add some initial test cases Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add Make targets for e2e Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add README for e2e tests Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Install kind to ./bin We can't use sudo on CI. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Use builder pattern for ingresses in test cases This allows for more compact test case definitions and fewer indentation levels. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Centralize retry logic Rather than implementing bespoke retry logic across the code base, implement generic retry helpers and reuse them. This also extracts the retry logic out of verifiers for a better separation of concerns. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Use ingress2gateway binary Call the binary instead of running Go code directly. This simulates actual customer usage better and works around concurrency issues caused by multiple test cases executing in parallel. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> --------- Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
* feat: support route rule name Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * feat: body size parse in ingress nginx provider Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * feat: body size emission in envoy gateway provider Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add notifications Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * update byte regex Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add CODEOWNERS Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * address comments in provider Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * address comments in emitter Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: setting nil in IR Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix boilerplate lint Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
* feat: Implement PR1 Infrastructure and Standard CORS support * refactor(gce): rename upsell to update and fix duplicate * Address review comments: delete gce_converter, add --allow-alpha-gw-api flag * fix(gce): unconditionally set GatewayClassName to gke-l7-global-external-managed * fix(ingressnginx): improve cors-max-age parsing validation * feat: make GCE GatewayClassName configurable via flag * Update pkg/i2gw/emitter_intermediate/intermediate_representation.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> * Fix build error by removing usage of removed Gce field * feat(gce): implement conditional logic for --gce-gateway-class-name * refactor: Move CORS filtering from common emitter to standard emitter * chore: revert GCE and GatewayClassName changes to focus on CORS * Cleanup: remove implicit emitter flag association * Address PR comments: Refactor CORS to CommonEmitter and cleanup * Revert standard.go to match main branch * Revert conversion.go to match main branch * Fix gosec lint errors from cors changes --------- Co-authored-by: Steven Jin <stevenjin8@gmail.com>
* feat: Add support for use-regex annotation * Address review comments * style: fix gofmt in regex_test.go
* implement header manipulation for nginxingress * pr comments * fmt * fmt * fmt * fmt * add TODOs * fix mege from master * fmt * Update pkg/i2gw/providers/ingressnginx/headers.go Co-authored-by: Steven Jin <stevenjin8@gmail.com> * timeouts * timeouts * add warning for timeouts * lint * Lint * refactor timeout IR * update tests * lint --------- Co-authored-by: eladmotola <eladmotola95@gmail.com> Co-authored-by: eladmotola <43670376+eladmotola@users.noreply.github.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
* added canary by header * fixed providerir import * added warning message for unsupported canary annotations * update test_parseCanaryConfig for canary by header * fix default to zero test * lint * added tests for parsing headers from canary config * set weights when no isWeight or isHeader * remove weight from header backened * moved to seperate annotations folder * fixed ruleBackendSources to update for canary by header * add never header match for canary-by-header with no custom value * add canary and non-canary backend sources to always rule * fixed errors in canary file
…#330) * Add k8s clients Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add logger interface Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add CRD helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add Helm helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add namespace helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add dummy app helpers We need a dummy workload so that ingresses and gateways have some service to send test traffic to. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add helper for installing Istio Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add helpers for Kong Kong is both an ingress controller and a GWAPI implementation. Add helpers for both. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add GWAPI helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add port forwarding helpers We use port forwarding to reach ingress controllers and gateways in an infrastructure-agnostic way during testing. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add ingress-nginx helpers Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add helper for creating ingresses Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add resource manager To be able to run multiple test cases concurrently on the same cluster, some resources must be shared. For example, CRDs are cluster-level rather than namespace-scoped. In addition, deploying multiple instances of an ingress controller or GWAPI implementation wastes time and resources even in cases where it's technically possible to do so. To address these concerns, we add a resource manager. This construct allows efficient and thread-safe sharing of resources. A shared resource is created on first usage, returned on subsequent attempts to acquire the resources and cleaned up when no users remain. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add verifier interface and httpGetVerifier implementation Verifiers are used to ensure ingress and GWAPI resources process traffic according to expectations. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add main test logic Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add some initial test cases Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add Make targets for e2e Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Add README for e2e tests Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Install kind to ./bin We can't use sudo on CI. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Use builder pattern for ingresses in test cases This allows for more compact test case definitions and fewer indentation levels. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Centralize retry logic Rather than implementing bespoke retry logic across the code base, implement generic retry helpers and reuse them. This also extracts the retry logic out of verifiers for a better separation of concerns. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Use ingress2gateway binary Call the binary instead of running Go code directly. This simulates actual customer usage better and works around concurrency issues caused by multiple test cases executing in parallel. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Canary tests * Path rewrite * Verify TLS Ingresses and TLS redirects * touchup * touchup * lint * lint * use regex body verifier * random canary host * CORS tests * move to module * Use monthly CRD and move packages * Review * lints * review * lint * remove unecessary host * comments --------- Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> Co-authored-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
* Include ingress name in verifier logs It's hard to know which ingress is being verified in test cases with multiple ingresses. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> * Resolve hosts outside verifiers This makes the verifier logs more informative and less confusing. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com> --------- Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
* kgateway emitter Signed-off-by: omar <omar.hammami@solo.io> * remove test and fix year Signed-off-by: omar <omar.hammami@solo.io> * add puertomontt as owner Signed-off-by: omar <omar.hammami@solo.io> * remove from owners Signed-off-by: omar <omar.hammami@solo.io> * e2e test Signed-off-by: omar <omar.hammami@solo.io> * address feedback Signed-off-by: omar <omar.hammami@solo.io> * add emitter to testCase Signed-off-by: omar <omar.hammami@solo.io> * update test Signed-off-by: omar <omar.hammami@solo.io> * remove periods Signed-off-by: omar <omar.hammami@solo.io> * remove unused code Signed-off-by: omar <omar.hammami@solo.io> * go mod changes Signed-off-by: omar <omar.hammami@solo.io> --------- Signed-off-by: omar <omar.hammami@solo.io>
* feat: ip source range in ingress nginx provider Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * feat: ip source range in envoy gateway emitter Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * tweak: buffer ir handling Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * fix: security policy spec Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * update: simplify auth logic Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com>
The current code results in things like 'foo.example.comxxxxx'. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
small updates to test files: backend protocol, load balance, ssl redirect, basic Signed-off-by: omar <omar.hammami@solo.io>
update session affinity / regex test files Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Collaborator
Author
|
TODO: figure out timeouts |
Signed-off-by: omar <omar.hammami@solo.io>
Signed-off-by: omar <omar.hammami@solo.io>
Collaborator
Author
|
TODO: move to upstream e2e |
Collaborator
Author
|
TODO: check backend tls |
Open
Collaborator
xref #106 |
danehans
approved these changes
Mar 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
17 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
merge with upstream
Notes:
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Does this PR introduce a user-facing change?: