Merged
Conversation
✅ Deploy Preview for cerulean-figolla-1f9435 canceled.
|
Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #8267 +/- ##
=======================================
Coverage 73.80% 73.81%
=======================================
Files 241 241
Lines 36609 36602 -7
=======================================
- Hits 27019 27017 -2
+ Misses 7684 7679 -5
Partials 1906 1906 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
0b7eb4e to
11be11c
Compare
11be11c to
d6f5ca4
Compare
Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
d6f5ca4 to
de88d63
Compare
zirain
approved these changes
Feb 13, 2026
Contributor
|
hey @zhaohuabing thanks for flagging this, can we raise a first class revert PR with using cc @rudrakhp |
Member
Author
This PR only reverts the Secret part in ##8045, the transform for ConfigMap is kept as it is - the API key auth only uses Secrets. |
Contributor
Sometimes we pick the first key from ConfigMaps even if it's not the well known key, so we'll need to revert the complete change |
Member
@arkodg this is already handled in #8045
@zhaohuabing PS: Ok I see from the E2E, that key is dynamically determined by the request headers, so fallback to first key is not enough here. Makes sense to revert it for secrets. I don't think we have such a case for ConfigMaps. |
rudrakhp
approved these changes
Feb 15, 2026
arkodg
approved these changes
Feb 15, 2026
Inode1
pushed a commit
to Inode1/gateway
that referenced
this pull request
Feb 23, 2026
* add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
antonio-mazzini
pushed a commit
to antonio-mazzini/gateway
that referenced
this pull request
Mar 5, 2026
* add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
cnvergence
pushed a commit
to cnvergence/gateway
that referenced
this pull request
Mar 11, 2026
* add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
cnvergence
pushed a commit
to cnvergence/gateway
that referenced
this pull request
Mar 11, 2026
* add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
cnvergence
pushed a commit
to cnvergence/gateway
that referenced
this pull request
Mar 11, 2026
* add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
cnvergence
pushed a commit
to cnvergence/gateway
that referenced
this pull request
Mar 11, 2026
* add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com>
jukie
pushed a commit
that referenced
this pull request
Mar 12, 2026
* api: make ConnectionLimit.Value optional (#8478) * api: make ConnectionLimit.Value optional Signed-off-by: Felipe Sabadini Facina <fsabadini@hotmail.com> * release-notes: add entry for ConnectionLimit.Value optional Signed-off-by: Felipe Sabadini Facina <fsabadini@hotmail.com> * fix: add CEL rule to require value when closeDelay is set Signed-off-by: Felipe Sabadini Facina <fsabadini@hotmail.com> --------- Signed-off-by: Felipe Sabadini Facina <fsabadini@hotmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix up release notes Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: aggregate xRoute/xPolicy statuses across GWCs in gateway-api runner (#8387) * fix: aggregate xRoute/xPolicy statuses across GWCs in gateway-api runner Signed-off-by: y-rabie <youssef.rabie@procore.com> * polish Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * add e2e test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * release note Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * truncate policy status & add tests Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * update Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * update Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: y-rabie <youssef.rabie@procore.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: y-rabie <youssef.rabie@procore.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: active health check respect endpoint hostname (#8452) revert unrelated changes Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: exclude unmanaged route parents from xPolicy status ancestors (#8321) * add test for mixed managed and unmanaged Gateway parents Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix the policy status when the targeting routes have managed and unmanged Gateway parents Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: add ownerReferences to ratelimit ConfigMap and HPA (#8358) Signed-off-by: Tejasriram Parvathaneni <tejaparvathaneni90@gmail.com> Co-authored-by: Karol Szwaj <karol.szwaj@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: computeHosts doesn't work when listener and route both wildcard (#8186) * fix: computeHosts doesn't work when listener and route both wildcard Signed-off-by: zirain <zirain2009@gmail.com> * remove skipped tests Signed-off-by: zirain <zirain2009@gmail.com> * Update internal/gatewayapi/helpers.go Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> --------- Signed-off-by: zirain <zirain2009@gmail.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: fixed local object reference resolution from parent in merged BackendTrafficPolicies (#8210) Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: XListenerSet allows route from same namespace (#8226) Previously, using allowedRoutes/Same for an XListenerSet with an xRoute in the same namespace would return an error. Now it properly allows xRoutes from the same namespace. Signed-off-by: Kris Hicks <khicks@nvidia.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix: API key auth (#8267) * add test for multiple keys Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> * revert secret transform Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * fix gen-check Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * add release notes Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> * add release notes for envoy proxy image Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> --------- Signed-off-by: Felipe Sabadini Facina <fsabadini@hotmail.com> Signed-off-by: Karol Szwaj <karol.szwaj@gmail.com> Signed-off-by: y-rabie <youssef.rabie@procore.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Tejasriram Parvathaneni <tejaparvathaneni90@gmail.com> Signed-off-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Signed-off-by: Kris Hicks <khicks@nvidia.com> Co-authored-by: Felipe Sabadini Facina <fsabadini@hotmail.com> Co-authored-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: y-rabie <youssef.rabie@procore.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Tejasriram Parvathaneni <tejaparvathaneni90@gmail.com> Co-authored-by: Rudrakh Panigrahi <rudrakh97@gmail.com> Co-authored-by: Kris Hicks <khicks@nvidia.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR reverts the Secrets transform in #8045 since the keys in API key auth secrets are not fixed. An e2e test is also added to prevent regression.
fixes: #8227
release note: yes