From 10f2b77bbbbfdeaa1c890397ec975b3676a213b6 Mon Sep 17 00:00:00 2001 From: izturn <44051386+izturn@users.noreply.github.com> Date: Thu, 1 Aug 2024 21:44:04 +0800 Subject: [PATCH 01/12] update envoy version in Makefile to v1.31.0 (#6594) Signed-off-by: gang.liu --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 57cdc9a8ffb..bff74428fef 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ IMAGE := $(REGISTRY)/$(PROJECT) SRCDIRS := ./cmd ./internal ./apis LOCAL_BOOTSTRAP_CONFIG = localenvoyconfig.yaml SECURE_LOCAL_BOOTSTRAP_CONFIG = securelocalenvoyconfig.yaml -ENVOY_IMAGE = docker.io/envoyproxy/envoy:v1.30.4 +ENVOY_IMAGE = docker.io/envoyproxy/envoy:v1.31.0 GATEWAY_API_VERSION ?= $(shell grep "sigs.k8s.io/gateway-api" go.mod | awk '{print $$2}') # Used to supply a local Envoy docker container an IP to connect to that is running From ebfca9efc0e8a36744085e209190d62e4ca72b7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 08:27:42 -0600 Subject: [PATCH 02/12] build(deps): bump github.com/cert-manager/cert-manager (#6590) Bumps [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) from 1.15.1 to 1.15.2. - [Release notes](https://github.com/cert-manager/cert-manager/releases) - [Changelog](https://github.com/cert-manager/cert-manager/blob/master/RELEASE.md) - [Commits](https://github.com/cert-manager/cert-manager/compare/v1.15.1...v1.15.2) --- updated-dependencies: - dependency-name: github.com/cert-manager/cert-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index bbb2bc0571f..67f66d9ea07 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 github.com/alecthomas/kingpin/v2 v2.4.0 github.com/bombsimon/logrusr/v4 v4.1.0 - github.com/cert-manager/cert-manager v1.15.1 + github.com/cert-manager/cert-manager v1.15.2 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc github.com/distribution/reference v0.6.0 github.com/envoyproxy/go-control-plane v0.12.1-0.20240111020705-5401a878d8bb diff --git a/go.sum b/go.sum index bb6c1fe134f..7eb4401257a 100644 --- a/go.sum +++ b/go.sum @@ -70,8 +70,8 @@ github.com/campoy/embedmd v1.0.0/go.mod h1:oxyr9RCiSXg0M3VJ3ks0UGfp98BpSSGr0kpiX github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= -github.com/cert-manager/cert-manager v1.15.1 h1:HSG4k2GlJ2YgTLkZfQzrArNaQpM9+ehDDg550IxAD94= -github.com/cert-manager/cert-manager v1.15.1/go.mod h1:p98JoGv3J9JhdKU9ngsj2EhWGI6/GlU7kpjWu5lf2js= +github.com/cert-manager/cert-manager v1.15.2 h1:Mjbvc+FjYeg2928xy7bcS+c+ARxyqBcXM9QypOg1/Uo= +github.com/cert-manager/cert-manager v1.15.2/go.mod h1:stBge/DTvrhfQMB/93+Y62s+gQgZBsfL1o0C/4AL/mI= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chigopher/pathlib v0.19.1 h1:RoLlUJc0CqBGwq239cilyhxPNLXTK+HXoASGyGznx5A= From eb3a2663cda8ba5992be5728059bab15b3747c95 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 08:27:59 -0600 Subject: [PATCH 03/12] build(deps): bump docker/setup-buildx-action from 3.5.0 to 3.6.1 (#6591) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.5.0 to 3.6.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/aa33708b10e362ff993539393ff100fa93ed6a27...988b5a0280414f521da01fcc63a27aeeb4b104db) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build_main.yaml | 2 +- .github/workflows/build_tag.yaml | 2 +- .github/workflows/prbuild.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_main.yaml b/.github/workflows/build_main.yaml index d0f2e263a89..f380fbda486 100644 --- a/.github/workflows/build_main.yaml +++ b/.github/workflows/build_main.yaml @@ -21,7 +21,7 @@ jobs: with: persist-credentials: false - name: Set up Docker Buildx - uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 with: version: latest - name: Log in to GHCR diff --git a/.github/workflows/build_tag.yaml b/.github/workflows/build_tag.yaml index d6f1842b710..582266c345f 100644 --- a/.github/workflows/build_tag.yaml +++ b/.github/workflows/build_tag.yaml @@ -31,7 +31,7 @@ jobs: with: persist-credentials: false - name: Set up Docker Buildx - uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 with: version: latest - name: Log in to GHCR diff --git a/.github/workflows/prbuild.yaml b/.github/workflows/prbuild.yaml index 674e9ff4006..cf0d91f92a9 100644 --- a/.github/workflows/prbuild.yaml +++ b/.github/workflows/prbuild.yaml @@ -103,7 +103,7 @@ jobs: with: persist-credentials: false - name: Set up Docker Buildx - uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0 + uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 with: version: latest - name: Build image From baeeb3fb6ddeca999fd860f0989076718872a5e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 08:28:22 -0600 Subject: [PATCH 04/12] build(deps): bump github.com/onsi/gomega from 1.34.0 to 1.34.1 (#6592) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.34.0 to 1.34.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.34.0...v1.34.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 16 ++++++++-------- go.sum | 32 ++++++++++++++++---------------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/go.mod b/go.mod index 67f66d9ea07..eb9f777afac 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 github.com/onsi/ginkgo/v2 v2.19.1 - github.com/onsi/gomega v1.34.0 + github.com/onsi/gomega v1.34.1 github.com/projectcontour/yages v0.1.0 github.com/prometheus/client_golang v1.19.1 github.com/prometheus/client_model v0.6.1 @@ -120,17 +120,17 @@ require ( github.com/subosito/gotenv v1.4.2 // indirect github.com/tsaarni/x500dn v1.0.0 // indirect github.com/xhit/go-str2duration/v2 v2.1.0 // indirect - golang.org/x/crypto v0.24.0 // indirect - golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect + golang.org/x/crypto v0.25.0 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/image v0.18.0 // indirect - golang.org/x/mod v0.17.0 // indirect - golang.org/x/net v0.26.0 // indirect + golang.org/x/mod v0.19.0 // indirect + golang.org/x/net v0.27.0 // indirect golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.21.0 // indirect - golang.org/x/term v0.21.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/term v0.22.0 // indirect golang.org/x/text v0.16.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect + golang.org/x/tools v0.23.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 // indirect gopkg.in/inf.v0 v0.9.1 // indirect diff --git a/go.sum b/go.sum index 7eb4401257a..da78b607a45 100644 --- a/go.sum +++ b/go.sum @@ -306,8 +306,8 @@ github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/ginkgo/v2 v2.19.1 h1:QXgq3Z8Crl5EL1WBAC98A5sEBHARrAJNzAmMxzLcRF0= github.com/onsi/ginkgo/v2 v2.19.1/go.mod h1:O3DtEWQkPa/F7fBMgmZQKKsluAy8pd3rEQdrjkPb9zA= -github.com/onsi/gomega v1.34.0 h1:eSSPsPNp6ZpsG8X1OVmOTxig+CblTc4AxpPBykhe2Os= -github.com/onsi/gomega v1.34.0/go.mod h1:MIKI8c+f+QLWk+hxbePD4i0LMJSExPaZOVfkoex4cAo= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= @@ -413,8 +413,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= -golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -425,8 +425,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM= -golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ= @@ -452,8 +452,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -486,8 +486,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= -golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= +golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -553,11 +553,11 @@ golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= -golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA= -golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -624,8 +624,8 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= +golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 8d46632237f9f0a50bf8ea357bd2fe9bca3addcc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 08:29:39 -0600 Subject: [PATCH 05/12] build(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 (#6589) Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/a4f60bb28d35aeee14e6880718e0c85ff1882e64...aaa42aa0628b4ae2578232a66b541047968fac86) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/prbuild.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prbuild.yaml b/.github/workflows/prbuild.yaml index cf0d91f92a9..c0cb7c740fe 100644 --- a/.github/workflows/prbuild.yaml +++ b/.github/workflows/prbuild.yaml @@ -27,7 +27,7 @@ jobs: with: persist-credentials: false - name: golangci-lint - uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1 + uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0 with: version: v1.56.2 args: --build-tags=e2e,conformance,tools,gcp,oidc,none --out-format=colored-line-number From bdee0a4df0bb77f4b731d1819a2852433675944d Mon Sep 17 00:00:00 2001 From: Steve Kriss Date: Thu, 1 Aug 2024 08:59:05 -0600 Subject: [PATCH 06/12] remove unused Makefile variables (#6595) Removes ENVOY_IMAGE, SRCDIRS, LOCAL_BOOTSTRAP_CONFIG and SECURE_LOCAL_BOOTSTRAP_CONFIG. Signed-off-by: Steve Kriss --- Makefile | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Makefile b/Makefile index bff74428fef..0159e911f2a 100644 --- a/Makefile +++ b/Makefile @@ -3,10 +3,6 @@ PROJECT = contour MODULE = github.com/$(ORG)/$(PROJECT) REGISTRY ?= ghcr.io/projectcontour IMAGE := $(REGISTRY)/$(PROJECT) -SRCDIRS := ./cmd ./internal ./apis -LOCAL_BOOTSTRAP_CONFIG = localenvoyconfig.yaml -SECURE_LOCAL_BOOTSTRAP_CONFIG = securelocalenvoyconfig.yaml -ENVOY_IMAGE = docker.io/envoyproxy/envoy:v1.31.0 GATEWAY_API_VERSION ?= $(shell grep "sigs.k8s.io/gateway-api" go.mod | awk '{print $$2}') # Used to supply a local Envoy docker container an IP to connect to that is running From 87eeac8c21df3070122de2a033d32c16e9e004d8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Aug 2024 09:20:19 -0600 Subject: [PATCH 07/12] build(deps): bump actions/upload-artifact in the artifact-actions group (#6603) Bumps the artifact-actions group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/upload-artifact` from 4.3.4 to 4.3.5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/0b2256b8c012f0828dc542b3febcab082c67f72b...89ef406dd8d7e03cfd12d9e0a4a378f454709029) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: artifact-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build_tag.yaml | 2 +- .github/workflows/openssf-scorecard.yaml | 2 +- .github/workflows/prbuild.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_tag.yaml b/.github/workflows/build_tag.yaml index 582266c345f..5094cbf1d14 100644 --- a/.github/workflows/build_tag.yaml +++ b/.github/workflows/build_tag.yaml @@ -84,7 +84,7 @@ jobs: export CONTOUR_E2E_IMAGE="ghcr.io/projectcontour/contour:$(git describe --tags)" make setup-kind-cluster run-gateway-conformance cleanup-kind - name: Upload gateway conformance report - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 with: name: gateway-conformance-report path: gateway-conformance-report/projectcontour-contour-*.yaml diff --git a/.github/workflows/openssf-scorecard.yaml b/.github/workflows/openssf-scorecard.yaml index 01060d4a550..0b7672b9fcf 100644 --- a/.github/workflows/openssf-scorecard.yaml +++ b/.github/workflows/openssf-scorecard.yaml @@ -32,7 +32,7 @@ jobs: results_format: sarif publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/prbuild.yaml b/.github/workflows/prbuild.yaml index c0cb7c740fe..c30be2337fc 100644 --- a/.github/workflows/prbuild.yaml +++ b/.github/workflows/prbuild.yaml @@ -112,7 +112,7 @@ jobs: run: | make multiarch-build - name: Upload image - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 with: name: image path: image/contour-*.tar From 4f6d7907bf2412ad47a2dec550411fe15bd2871f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Aug 2024 09:22:10 -0600 Subject: [PATCH 08/12] build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#6599) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.21.0 to 0.22.0. - [Commits](https://github.com/golang/oauth2/compare/v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index eb9f777afac..0e5c11bc439 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,7 @@ require ( github.com/tsaarni/certyaml v0.9.3 github.com/vektra/mockery/v2 v2.43.2 go.uber.org/automaxprocs v1.5.3 - golang.org/x/oauth2 v0.21.0 + golang.org/x/oauth2 v0.22.0 gonum.org/v1/plot v0.14.0 google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157 google.golang.org/grpc v1.65.0 diff --git a/go.sum b/go.sum index da78b607a45..430ae0f0a94 100644 --- a/go.sum +++ b/go.sum @@ -497,8 +497,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= -golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From d59d534bd702184a9425f6b79b53699e54ba8713 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Aug 2024 09:22:29 -0600 Subject: [PATCH 09/12] build(deps): bump github.com/vektra/mockery/v2 from 2.43.2 to 2.44.1 (#6598) Bumps [github.com/vektra/mockery/v2](https://github.com/vektra/mockery) from 2.43.2 to 2.44.1. - [Release notes](https://github.com/vektra/mockery/releases) - [Changelog](https://github.com/vektra/mockery/blob/master/docs/changelog.md) - [Commits](https://github.com/vektra/mockery/compare/v2.43.2...v2.44.1) --- updated-dependencies: - dependency-name: github.com/vektra/mockery/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 0e5c11bc439..8ab2c3250ad 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.9.0 github.com/tsaarni/certyaml v0.9.3 - github.com/vektra/mockery/v2 v2.43.2 + github.com/vektra/mockery/v2 v2.44.1 go.uber.org/automaxprocs v1.5.3 golang.org/x/oauth2 v0.22.0 gonum.org/v1/plot v0.14.0 diff --git a/go.sum b/go.sum index 430ae0f0a94..84c5d5a54f0 100644 --- a/go.sum +++ b/go.sum @@ -380,8 +380,8 @@ github.com/tsaarni/certyaml v0.9.3 h1:m8HHbuUzWVUOmv8IQU9HgVZZ8r5ICExKm++54DJKCs github.com/tsaarni/certyaml v0.9.3/go.mod h1:hhuU1qYr5re488geArUP4gZWqMUMqGlj4HA2qUyGYLk= github.com/tsaarni/x500dn v1.0.0 h1:LvaWTkqRpse4VHBhB5uwf3wytokK4vF9IOyNAEyiA+U= github.com/tsaarni/x500dn v1.0.0/go.mod h1:QaHa3EcUKC4dfCAZmj8+ZRGLKukWgpGv9H3oOCsAbcE= -github.com/vektra/mockery/v2 v2.43.2 h1:OdivAsQL/uoQ55UnTt25tliRI8kaj5j6caHk9xaAUD0= -github.com/vektra/mockery/v2 v2.43.2/go.mod h1:XNTE9RIu3deGAGQRVjP1VZxGpQNm0YedZx4oDs3prr8= +github.com/vektra/mockery/v2 v2.44.1 h1:lfvocO3HklLp68gezPBVaHl+5rKXloGCO7eTEXh71dA= +github.com/vektra/mockery/v2 v2.44.1/go.mod h1:XNTE9RIu3deGAGQRVjP1VZxGpQNm0YedZx4oDs3prr8= github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8Ydu2Bstc= github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= From 829d0f3c9804c9b56d2e6ad4bd6d137b90c7c8c8 Mon Sep 17 00:00:00 2001 From: "gang.liu" Date: Thu, 8 Aug 2024 17:36:56 +0800 Subject: [PATCH 10/12] customize the cert's lifetime Signed-off-by: gang.liu --- .../v1alpha1/contourdeployment.go | 7 +++ examples/contour/01-crds.yaml | 7 +++ examples/render/contour-deployment.yaml | 7 +++ .../render/contour-gateway-provisioner.yaml | 7 +++ examples/render/contour-gateway.yaml | 7 +++ examples/render/contour.yaml | 7 +++ internal/provisioner/controller/gateway.go | 5 +++ .../provisioner/controller/gateway_test.go | 43 +++++++++++++++++++ internal/provisioner/model/model.go | 5 +++ internal/provisioner/objects/secret/secret.go | 2 +- .../docs/main/config/api-reference.html | 14 ++++++ 11 files changed, 110 insertions(+), 1 deletion(-) diff --git a/apis/projectcontour/v1alpha1/contourdeployment.go b/apis/projectcontour/v1alpha1/contourdeployment.go index b430c2c1ff1..2da9eae7ddd 100644 --- a/apis/projectcontour/v1alpha1/contourdeployment.go +++ b/apis/projectcontour/v1alpha1/contourdeployment.go @@ -140,6 +140,13 @@ type ContourSettings struct { // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=42 DisabledFeatures []contour_v1.Feature `json:"disabledFeatures,omitempty"` + + // CertLifetime is the number of days for which certificates will be valid. + // defaults to 365. + // + // +kubebuilder:validation:Minimum=0 + // +optional + CertLifetime uint32 `json:"certLifetime,omitempty" yaml:"certLifetime,omitempty"` } // DeploymentSettings contains settings for Deployment resources. diff --git a/examples/contour/01-crds.yaml b/examples/contour/01-crds.yaml index 0beece5bc51..f7b9cebc12b 100644 --- a/examples/contour/01-crds.yaml +++ b/examples/contour/01-crds.yaml @@ -1416,6 +1416,13 @@ spec: and associated resources, including things like replica count for the Deployment, and node placement constraints for the pods. properties: + certLifetime: + description: |- + CertLifetime is the number of days for which certificates will be valid. + defaults to 365. + format: int32 + minimum: 0 + type: integer deployment: description: Deployment describes the settings for running contour as a `Deployment`. diff --git a/examples/render/contour-deployment.yaml b/examples/render/contour-deployment.yaml index 1e085adae27..ba96f2e30e5 100644 --- a/examples/render/contour-deployment.yaml +++ b/examples/render/contour-deployment.yaml @@ -1636,6 +1636,13 @@ spec: and associated resources, including things like replica count for the Deployment, and node placement constraints for the pods. properties: + certLifetime: + description: |- + CertLifetime is the number of days for which certificates will be valid. + defaults to 365. + format: int32 + minimum: 0 + type: integer deployment: description: Deployment describes the settings for running contour as a `Deployment`. diff --git a/examples/render/contour-gateway-provisioner.yaml b/examples/render/contour-gateway-provisioner.yaml index b3633a2e0cd..cdb1fe65f3f 100644 --- a/examples/render/contour-gateway-provisioner.yaml +++ b/examples/render/contour-gateway-provisioner.yaml @@ -1427,6 +1427,13 @@ spec: and associated resources, including things like replica count for the Deployment, and node placement constraints for the pods. properties: + certLifetime: + description: |- + CertLifetime is the number of days for which certificates will be valid. + defaults to 365. + format: int32 + minimum: 0 + type: integer deployment: description: Deployment describes the settings for running contour as a `Deployment`. diff --git a/examples/render/contour-gateway.yaml b/examples/render/contour-gateway.yaml index 0db31e989d5..d36cd03c2bc 100644 --- a/examples/render/contour-gateway.yaml +++ b/examples/render/contour-gateway.yaml @@ -1452,6 +1452,13 @@ spec: and associated resources, including things like replica count for the Deployment, and node placement constraints for the pods. properties: + certLifetime: + description: |- + CertLifetime is the number of days for which certificates will be valid. + defaults to 365. + format: int32 + minimum: 0 + type: integer deployment: description: Deployment describes the settings for running contour as a `Deployment`. diff --git a/examples/render/contour.yaml b/examples/render/contour.yaml index d78bac68c7b..23372c5ba44 100644 --- a/examples/render/contour.yaml +++ b/examples/render/contour.yaml @@ -1636,6 +1636,13 @@ spec: and associated resources, including things like replica count for the Deployment, and node placement constraints for the pods. properties: + certLifetime: + description: |- + CertLifetime is the number of days for which certificates will be valid. + defaults to 365. + format: int32 + minimum: 0 + type: integer deployment: description: Deployment describes the settings for running contour as a `Deployment`. diff --git a/internal/provisioner/controller/gateway.go b/internal/provisioner/controller/gateway.go index b1daaf114d1..ac36c173dd0 100644 --- a/internal/provisioner/controller/gateway.go +++ b/internal/provisioner/controller/gateway.go @@ -262,6 +262,11 @@ func (r *gatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct for k, v := range contourParams.PodAnnotations { contourModel.Spec.ContourPodAnnotations[k] = v } + + if contourParams.CertLifetime > 0 { + contourModel.Spec.CertLifetime = contourParams.CertLifetime + } + } if gatewayClassParams.Spec.Envoy != nil { diff --git a/internal/provisioner/controller/gateway_test.go b/internal/provisioner/controller/gateway_test.go index 908ab1094c8..677269d0b52 100644 --- a/internal/provisioner/controller/gateway_test.go +++ b/internal/provisioner/controller/gateway_test.go @@ -15,7 +15,10 @@ package controller import ( "context" + "crypto/x509" + "encoding/pem" "testing" + "time" "github.com/go-logr/logr" "github.com/stretchr/testify/assert" @@ -1396,6 +1399,32 @@ func TestGatewayReconcile(t *testing.T) { } }, }, + "The generated certificates' lifetime is specified": { + gatewayClass: reconcilableGatewayClassWithParams("gatewayclass-1", controller), + gatewayClassParams: &contour_v1alpha1.ContourDeployment{ + ObjectMeta: meta_v1.ObjectMeta{ + Namespace: "projectcontour", + Name: "gatewayclass-1-params", + }, + Spec: contour_v1alpha1.ContourDeploymentSpec{ + Contour: &contour_v1alpha1.ContourSettings{ + CertLifetime: 123, + }, + }, + }, + gateway: makeGateway(), + assertions: func(t *testing.T, r *gatewayReconciler, _ *gatewayapi_v1.Gateway, _ error) { + s := &core_v1.Secret{ + ObjectMeta: meta_v1.ObjectMeta{ + Namespace: "gateway-1", + Name: "contourcert-gateway-1", + }, + } + + require.NoError(t, r.client.Get(context.Background(), keyFor(s), s)) + verifyCert(t, s.Data["ca.crt"], 123) + }, + }, } for name, tc := range tests { @@ -1451,3 +1480,17 @@ func assertEnvoyServiceLoadBalancerIP(t *testing.T, gateway *gatewayapi_v1.Gatew // Verify expected Spec.LoadBalancerIP. assert.Equal(t, want, envoyService.Spec.LoadBalancerIP) } + +func verifyCert(t *testing.T, certPEM []byte, day int) { + block, _ := pem.Decode(certPEM) + if block == nil { + require.FailNow(t, "decode certificate from PEM form is failed") + } + + cert, err := x509.ParseCertificate(block.Bytes) + require.NoError(t, err, "parse certificate is failed") + + if cert.NotAfter.After(time.Now().AddDate(0, 0, day)) { + require.FailNow(t, "certificate is not valid") + } +} diff --git a/internal/provisioner/model/model.go b/internal/provisioner/model/model.go index ea713299bff..28ec1af5f7d 100644 --- a/internal/provisioner/model/model.go +++ b/internal/provisioner/model/model.go @@ -79,6 +79,7 @@ func Default(namespace, name string) *Contour { ResourceAnnotations: map[string]string{}, EnvoyPodAnnotations: map[string]string{}, ContourPodAnnotations: map[string]string{}, + CertLifetime: 365, }, } } @@ -257,6 +258,10 @@ type ContourSpec struct { // DisabledFeatures defines an array of resources that will be ignored by // contour reconciler. DisabledFeatures []contour_v1.Feature + + // CertLifetime is the number of days for which certificates will be valid. + // default to 365 + CertLifetime uint32 } func NamespacesToStrings(ns []contour_v1.Namespace) []string { diff --git a/internal/provisioner/objects/secret/secret.go b/internal/provisioner/objects/secret/secret.go index ef248a908ba..5a458417506 100644 --- a/internal/provisioner/objects/secret/secret.go +++ b/internal/provisioner/objects/secret/secret.go @@ -44,7 +44,7 @@ func EnsureXDSSecrets(ctx context.Context, cli client.Client, contour *model.Con certs, err := certs.GenerateCerts( &certs.Configuration{ - Lifetime: 365, + Lifetime: uint(contour.Spec.CertLifetime), Namespace: contour.Namespace, }, ) diff --git a/site/content/docs/main/config/api-reference.html b/site/content/docs/main/config/api-reference.html index 57bc87795fd..dad2186f9cf 100644 --- a/site/content/docs/main/config/api-reference.html +++ b/site/content/docs/main/config/api-reference.html @@ -6408,6 +6408,20 @@

ContourSettings contour reconciler.

+ + +certLifetime +
+ +uint32 + + + +(Optional) +

CertLifetime is the number of days for which certificates will be valid. +defaults to 365.

+ +

CustomTag From ab53343b05a7291a5a4378551f03178dd17ead97 Mon Sep 17 00:00:00 2001 From: "gang.liu" Date: Thu, 8 Aug 2024 18:25:29 +0800 Subject: [PATCH 11/12] add changelog Signed-off-by: gang.liu --- changelogs/unreleased/6604-izturn-minor.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changelogs/unreleased/6604-izturn-minor.md diff --git a/changelogs/unreleased/6604-izturn-minor.md b/changelogs/unreleased/6604-izturn-minor.md new file mode 100644 index 00000000000..152fb070292 --- /dev/null +++ b/changelogs/unreleased/6604-izturn-minor.md @@ -0,0 +1,4 @@ + +## Customize the certificate's lifetime + +customize the number of days for which certificates will be valid. defaults to 365. \ No newline at end of file From 1f6b1ea580b5bb07ced1ddb978dd8e227606e3df Mon Sep 17 00:00:00 2001 From: "gang.liu" Date: Thu, 8 Aug 2024 18:32:18 +0800 Subject: [PATCH 12/12] make lint happy Signed-off-by: gang.liu --- internal/provisioner/controller/gateway_test.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/internal/provisioner/controller/gateway_test.go b/internal/provisioner/controller/gateway_test.go index 677269d0b52..f22e4170b14 100644 --- a/internal/provisioner/controller/gateway_test.go +++ b/internal/provisioner/controller/gateway_test.go @@ -1484,13 +1484,19 @@ func assertEnvoyServiceLoadBalancerIP(t *testing.T, gateway *gatewayapi_v1.Gatew func verifyCert(t *testing.T, certPEM []byte, day int) { block, _ := pem.Decode(certPEM) if block == nil { - require.FailNow(t, "decode certificate from PEM form is failed") + require.FailNow(t, "decode the certificate from PEM form is failed") + return + } + + if block.Bytes == nil { + require.FailNow(t, "the certificate is empty") + return } cert, err := x509.ParseCertificate(block.Bytes) - require.NoError(t, err, "parse certificate is failed") + require.NoError(t, err, "parse the certificate is failed") if cert.NotAfter.After(time.Now().AddDate(0, 0, day)) { - require.FailNow(t, "certificate is not valid") + require.FailNow(t, "the certificate is not valid") } }