All Httproutes fail when Secret with Basic Auth has invalid length

[mwiede]

Description:
Basically I get the same issue like it was described in #5581

Repro steps:
I am using the demo described in https://gateway.envoyproxy.io/docs/tasks/security/basic-auth/ but
instead of creating the secret by htpasswd I was using Helms sha1sumfunction.
But the issue I see is, that only because one HttpRoute with SecurityPolicy referencing a secret with basic auth credentials, the whole Gateway routing fails and I receive 502 Bad Gateway for all routes.

I would have expected, that only the one route referencing the problematic secrets fails.

Note: If there are privacy concerns, sanitize the data prior to
sharing.

Environment:

docker.io/envoyproxy/envoy:distroless-v1.36.3
docker.io/envoyproxy/gateway:v1.6.2

Logs:

Include the access logs and the Envoy logs.

[2026-01-23 09:48:13.556][1][warning][config] [source/extensions/config_subscription/grpc/grpc_subscription_impl.cc:138] gRPC config for type.googleapis.com/envoy.config.listener.v3.Listener rejected: Error adding/updating listener(s) kube-envoy-gateway/eg/https: basic auth: invalid htpasswd format, invalid SHA hash length

[zirain]

cc @zhaohuabing

[arkodg]

cc @Xunzhuo

[zhaohuabing]

Unfortunately, this is another case of Envoy code-based validation that cannot be validated by the XDS validation in EG xDS translator.