fix: fix bug in hostname overlap detection by rudrakhp · Pull Request #6332 · envoyproxy/gateway

rudrakhp · 2025-06-17T09:28:02Z

What type of PR is this?

fix: fix bug in hostname overlap detection

Which issue(s) this PR fixes:

Fixes #6321

Release Notes: Yes/No

codecov · 2025-06-17T09:36:36Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 70.64%. Comparing base (e7f58d2) to head (2dfbc4e).
Report is 54 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6332      +/-   ##
==========================================
- Coverage   70.67%   70.64%   -0.03%     
==========================================
  Files         220      220              
  Lines       36954    36959       +5     
==========================================
- Hits        26116    26110       -6     
- Misses       9304     9312       +8     
- Partials     1534     1537       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

arkodg

LGTM thanks !

zirain · 2025-06-17T23:48:29Z

need a release note for backport?

Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com>

rudrakhp · 2025-06-18T04:36:43Z

Added release note

rudrakhp · 2025-06-18T06:06:58Z

/retest

fix bug in hostname overlap detection Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> (cherry picked from commit e78e268) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* fix(translator): ext-proc full duplex streamed trailers and validation (#6323) * fix ext proc validation and trailer management for full duplex streamed mode Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * feat: disable automountServiceAccountToken for proxy and ratelimit (#6364) Signed-off-by: Jeff Davis <mr.jefedavis@gmail.com> * bugfix: make EnvoyPatchPolicy able to replace telemetry cluster (#6367) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * feat: add validation of section name for Gateway listener (#6343) * add validation of section name Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * update error status reason Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * refactor: define as function of validate section name for gateway listener Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix: add configMap indexers for EEP reconciler (#6369) Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: use buildEndpointType for access and tracing (#6370) Signed-off-by: zirain <zirain2009@gmail.com> * fix: default accesslog not working (#6441) * fix default accesslog Signed-off-by: zirain <zirain2009@gmail.com> * release notes Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * chore: fix cve (#6446) * fix cve Signed-off-by: zirain <zirain2009@gmail.com> * lint Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> * fix: Do not set backendRequestTimeout when Retries are set (#6421) * fix: Do not set backendRequestTimeout when Retries are set Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> * fix: update comment Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> --------- Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> * gatewayapi: don't append gwcResource if there's invalid GatewayClass (#6379) * gatewayapi: don't process gloabal resources when acceptedGateways is 0 Signed-off-by: zirain <zirain2009@gmail.com> * update Signed-off-by: zirain <zirain2009@gmail.com> * fix test Signed-off-by: zirain <zirain2009@gmail.com> * don't skip gateways Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix testdata Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix k8s provider controller Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix: retry reconcile on transient errors during reconcile (#6299) * fix: add isTransientError helper to classify retryable errors Introduces isTransientError to detect transient Kubernetes errors and enable proper reconciliation retries. Signed-off-by: Patryk Rostkowski <patrostkowski@gmail.com> handle errors from processing BackendRefs Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> handle errors from processing ConfigMap Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * skip invalid GatewayClass Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * address comment Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * handle all transient errors Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * don't skip failed GCs Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Patryk Rostkowski <patrostkowski@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit 71ce56f) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix: fix bug in hostname overlap detection (#6332) fix bug in hostname overlap detection Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> (cherry picked from commit e78e268) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix telemetry with host port not working (#6460) Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit c0a2ce7) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * bugfix: BackendTlsPolicy should not reference across namespace (#6309) * bugfix: BackendTlsPolicy should not reference across namespace Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit 9925189) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> Signed-off-by: Jeff Davis <mr.jefedavis@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> Signed-off-by: Patryk Rostkowski <patrostkowski@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: Guy Daich <guy.daich@sap.com> Co-authored-by: Jeff Davis <mr.jefedavis@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com> Co-authored-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Co-authored-by: Sudipto Baral <sudiptobaral.me@gmail.com> Co-authored-by: Patryk Rostkowski <48490105+patrostkowski@users.noreply.github.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>

* fix(translator): ext-proc full duplex streamed trailers and validation (envoyproxy#6323) * fix ext proc validation and trailer management for full duplex streamed mode Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * feat: disable automountServiceAccountToken for proxy and ratelimit (envoyproxy#6364) Signed-off-by: Jeff Davis <mr.jefedavis@gmail.com> * bugfix: make EnvoyPatchPolicy able to replace telemetry cluster (envoyproxy#6367) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * feat: add validation of section name for Gateway listener (envoyproxy#6343) * add validation of section name Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * update error status reason Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * refactor: define as function of validate section name for gateway listener Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix: add configMap indexers for EEP reconciler (envoyproxy#6369) Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> * fix: use buildEndpointType for access and tracing (envoyproxy#6370) Signed-off-by: zirain <zirain2009@gmail.com> * fix: default accesslog not working (envoyproxy#6441) * fix default accesslog Signed-off-by: zirain <zirain2009@gmail.com> * release notes Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * chore: fix cve (envoyproxy#6446) * fix cve Signed-off-by: zirain <zirain2009@gmail.com> * lint Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> * fix: Do not set backendRequestTimeout when Retries are set (envoyproxy#6421) * fix: Do not set backendRequestTimeout when Retries are set Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> * fix: update comment Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> --------- Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> * gatewayapi: don't append gwcResource if there's invalid GatewayClass (envoyproxy#6379) * gatewayapi: don't process gloabal resources when acceptedGateways is 0 Signed-off-by: zirain <zirain2009@gmail.com> * update Signed-off-by: zirain <zirain2009@gmail.com> * fix test Signed-off-by: zirain <zirain2009@gmail.com> * don't skip gateways Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix testdata Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix k8s provider controller Signed-off-by: shawnh2 <shawnhxh@outlook.com> * fix: retry reconcile on transient errors during reconcile (envoyproxy#6299) * fix: add isTransientError helper to classify retryable errors Introduces isTransientError to detect transient Kubernetes errors and enable proper reconciliation retries. Signed-off-by: Patryk Rostkowski <patrostkowski@gmail.com> handle errors from processing BackendRefs Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> handle errors from processing ConfigMap Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * skip invalid GatewayClass Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * address comment Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * handle all transient errors Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * don't skip failed GCs Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Patryk Rostkowski <patrostkowski@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit 71ce56f) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix: fix bug in hostname overlap detection (envoyproxy#6332) fix bug in hostname overlap detection Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> (cherry picked from commit e78e268) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix telemetry with host port not working (envoyproxy#6460) Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit c0a2ce7) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * bugfix: BackendTlsPolicy should not reference across namespace (envoyproxy#6309) * bugfix: BackendTlsPolicy should not reference across namespace Signed-off-by: zirain <zirain2009@gmail.com> (cherry picked from commit 9925189) Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com> Signed-off-by: Jeff Davis <mr.jefedavis@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Signed-off-by: sudipto baral <sudiptobaral.me@gmail.com> Signed-off-by: Patryk Rostkowski <patrostkowski@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: Guy Daich <guy.daich@sap.com> Co-authored-by: Jeff Davis <mr.jefedavis@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com> Co-authored-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Co-authored-by: Sudipto Baral <sudiptobaral.me@gmail.com> Co-authored-by: Patryk Rostkowski <48490105+patrostkowski@users.noreply.github.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: shawnh2 <shawnhxh@outlook.com>

rudrakhp marked this pull request as ready for review June 17, 2025 09:34

rudrakhp requested a review from a team as a code owner June 17, 2025 09:34

rudrakhp requested a review from a team June 17, 2025 09:34

arkodg previously approved these changes Jun 17, 2025

View reviewed changes

arkodg requested review from a team and zhaohuabing June 17, 2025 18:22

zirain previously approved these changes Jun 17, 2025

View reviewed changes

fix bug in hostname overlap detection

2dfbc4e

Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com>

rudrakhp dismissed stale reviews from zirain and arkodg via 2dfbc4e June 18, 2025 04:36

rudrakhp requested review from arkodg and zirain June 18, 2025 04:36

arkodg approved these changes Jun 18, 2025

View reviewed changes

arkodg requested review from a team June 18, 2025 13:40

zirain approved these changes Jun 18, 2025

View reviewed changes

arkodg merged commit e78e268 into envoyproxy:main Jun 18, 2025
43 of 47 checks passed

arkodg added the cherrypick/release-v1.4.2 label Jul 3, 2025

BrewTestBot mentioned this pull request Aug 8, 2025

egctl 1.5.0 Homebrew/homebrew-core#232799

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: fix bug in hostname overlap detection#6332

fix: fix bug in hostname overlap detection#6332
arkodg merged 1 commit intoenvoyproxy:mainfrom
rudrakhp:subdomain_overlap_bug

rudrakhp commented Jun 17, 2025

Uh oh!

codecov bot commented Jun 17, 2025 •

edited

Loading

Uh oh!

arkodg left a comment

Uh oh!

zirain commented Jun 17, 2025

Uh oh!

rudrakhp commented Jun 18, 2025

Uh oh!

rudrakhp commented Jun 18, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

rudrakhp commented Jun 17, 2025

Uh oh!

codecov bot commented Jun 17, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

arkodg left a comment

Choose a reason for hiding this comment

Uh oh!

zirain commented Jun 17, 2025

Uh oh!

rudrakhp commented Jun 18, 2025

Uh oh!

rudrakhp commented Jun 18, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

codecov bot commented Jun 17, 2025 •

edited

Loading