Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: ports in GatewayConfiguration can be adjusted, enable integration case verifying DataPlane's NetworkPolicies... #1308

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

fix: ports in GatewayConfiguration can be adjusted, enable integration case verifying DataPlane's NetworkPolicies... #1308

wants to merge 1 commit into from

Conversation

programmer04
Copy link
Member

@programmer04 programmer04 commented Mar 6, 2025
edited
Loading

What this PR does / why we need it:

Enable verifying DataPlane's NetworkPolicies get updated after customizing kong proxy listen port through GatewayConfiguration case from TestGatewayDataPlaneNetworkPolicy, because it was declared as resolved

Simple enablement leads to failing test case due to (controller logs, the same message is set in Gateway status):

2025-03-12T15:17:45+01:00	ERROR	gateway	failed to provision dataplane	{"error": "failed patching the dataplane 9b1ebbcd-19ee-4eff-9d0b-d29eef842338-7vhb2: dataplanes.gateway-operator.konghq.com \"9b1ebbcd-19ee-4eff-9d0b-d29eef842338-7vhb2\" is forbidden: ValidatingAdmissionPolicy 'ports.dataplane.gateway-operator.konghq.com' with binding 'binding-ports.dataplane.gateway-operator.konghq.com' denied request: Each port from spec.network.services.ingress.ports has to have an accompanying port in KONG_PORT_MAPS env"}
github.com/kong/gateway-operator/controller/pkg/log.Error
	/Users/jakub.warczarek@konghq.com/Documents/work/gateway-operator/controller/pkg/log/log.go:33
github.com/kong/gateway-operator/controller/gateway.(*Reconciler).Reconcile

PR Readiness Checklist:

Complete these before marking the PR as ready to review:

  • the CHANGELOG.md release notes have been updated to reflect significant changes

@programmer04 programmer04 added this to the KGO v1.5.x milestone Mar 6, 2025
@programmer04 programmer04 self-assigned this Mar 6, 2025
@programmer04 programmer04 requested a review from a team as a code owner March 6, 2025 21:31
@programmer04 programmer04 enabled auto-merge March 6, 2025 21:31
@programmer04 programmer04 marked this pull request as draft March 6, 2025 21:52
auto-merge was automatically disabled March 6, 2025 21:52

Pull request was converted to draft

@programmer04 programmer04 removed this from the KGO v1.5.x milestone Mar 11, 2025
@programmer04 programmer04 changed the title chore(tests): enable integration case verifying DataPlane's NetworkPolicies... fix: ports in GatewayConfiguration can be adjusted, enable integration case verifying DataPlane's NetworkPolicies... Mar 13, 2025
@programmer04 programmer04 added this to the KGO v1.6.x milestone Mar 13, 2025
@programmer04 programmer04 force-pushed the en-integ branch 2 times, most recently from 89e73ea to ef59e99 Compare March 13, 2025 12:25
@programmer04 programmer04 marked this pull request as ready for review March 13, 2025 12:42
@programmer04 programmer04 enabled auto-merge March 13, 2025 12:42
pmalek
pmalek previously approved these changes Mar 14, 2025
View reviewed changes
@pmalek
Copy link
Member

pmalek commented Mar 14, 2025

The test seems to have failed once again : https://github.com/Kong/gateway-operator/actions/runs/13853410632/job/38764918949#step:5:6823 😢

    test_gateway.go:805: 
        	Error Trace:	/home/runner/work/gateway-operator/gateway-operator/test/integration/test_gateway.go:805
        	Error:      	Condition never satisfied
        	Test:       	TestIntegration/TestGatewayDataPlaneNetworkPolicy/verifying_DataPlane's_NetworkPolicies_get_updated_after_customizing_kong_proxy_listen_port_through_GatewayConfiguration
        	Messages:   	NetworkPolicy didn't get updated with port 8555 after a corresponding change to GatewayConfiguration
    test_gateway.go:811: DataPlane's NetworkPolicies
    test_gateway.go:813: v1.NetworkPolicy{
            TypeMeta:   v1.TypeMeta{},
            ObjectMeta: v1.ObjectMeta{
                Name:                       "7dbd1a62-4048-4c0d-b4cd-9476ba14a6ce-d9ctw-limit-admin-apimrg48",
                GenerateName:               "7dbd1a62-4048-4c0d-b4cd-9476ba14a6ce-d9ctw-limit-admin-api-",
                Namespace:                  "21cce4f8-1371-4f75-b10a-621f00567bce",
                SelfLink:                   "",
                UID:                        "749c19a7-19e0-4b20-8865-8d1d6964e44d",
                ResourceVersion:            "9220",
                Generation:                 2,
                CreationTimestamp:          time.Date(2025, time.March, 14, 9, 25, 1, 0, time.Local),
                DeletionTimestamp:          (*v1.Time)(nil),
                DeletionGracePeriodSeconds: (*int64)(nil),
                Labels:                     {"gateway-operator.konghq.com/managed-by":"gateway"},
                Annotations:                {},
                OwnerReferences:            {
                    {
                        APIVersion:         "gateway.networking.k8s.io/v1",
                        Kind:               "Gateway",
                        Name:               "7dbd1a62-4048-4c0d-b4cd-9476ba14a6ce",
                        UID:                "150697d8-a61e-439c-9e3e-27c720de9530",
                        Controller:         &bool(true),
                        BlockOwnerDeletion: (*bool)(nil),
                    },
                },
                Finalizers:    nil,
                ManagedFields: {
                    {
                        Manager:    "gateway-operator",
                        Operation:  "Update",
                        APIVersion: "networking.k8s.io/v1",
                        Time:       time.Date(2025, time.March, 14, 9, 25, 2, 0, time.Local),
                        FieldsType: "FieldsV1",
                        FieldsV1:   &v1.FieldsV1{
                            Raw: {0x7b, 0x22, 0x66, 0x3a, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x3a, 0x7b, 0x22, 0x66, 0x3a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x3a, 0x7b, 0x7d, 0x2c, 0x22, 0x66, 0x3a, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x22, 0x3a, 0x7b, 0x22, 0x2e, 0x22, 0x3a, 0x7b, 0x7d, 0x2c, 0x22, 0x66, 0x3a, 0x67, 0x61, 0x74, 0x65, 0x77, 0x61, 0x79, 0x2d, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x2e, 0x6b, 0x6f, 0x6e, 0x67, 0x68, 0x71, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x64, 0x2d, 0x62, 0x79, 0x22, 0x3a, 0x7b, 0x7d, 0x7d, 0x2c, 0x22, 0x66, 0x3a, 0x6f, 0x77, 0x6e, 0x65, 0x72, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x22, 0x3a, 0x7b, 0x22, 0x2e, 0x22, 0x3a, 0x7b, 0x7d, 0x2c, 0x22, 0x6b, 0x3a, 0x7b, 0x5c, 0x22, 0x75, 0x69, 0x64, 0x5c, 0x22, 0x3a, 0x5c, 0x22, 0x31, 0x35, 0x30, 0x36, 0x39, 0x37, 0x64, 0x38, 0x2d, 0x61, 0x36, 0x31, 0x65, 0x2d, 0x34, 0x33, 0x39, 0x63, 0x2d, 0x39, 0x65, 0x33, 0x65, 0x2d, 0x32, 0x37, 0x63, 0x37, 0x32, 0x30, 0x64, 0x65, 0x39, 0x35, 0x33, 0x30, 0x5c, 0x22, 0x7d, 0x22, 0x3a, 0x7b, 0x7d, 0x7d, 0x7d, 0x2c, 0x22, 0x66, 0x3a, 0x73, 0x70, 0x65, 0x63, 0x22, 0x3a, 0x7b, 0x22, 0x66, 0x3a, 0x69, 0x6e, 0x67, 0x72, 0x65, 0x73, 0x73, 0x22, 0x3a, 0x7b, 0x7d, 0x2c, 0x22, 0x66, 0x3a, 0x70, 0x6f, 0x64, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x22, 0x3a, 0x7b, 0x7d, 0x2c, 0x22, 0x66, 0x3a, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x54, 0x79, 0x70, 0x65, 0x73, 0x22, 0x3a, 0x7b, 0x7d, 0x7d, 0x7d},
                        },
                        Subresource: "",
                    },
                },
            },
            Spec: v1.NetworkPolicySpec{
                PodSelector: v1.LabelSelector{
                    MatchLabels:      {"app":"7dbd1a62-4048-4c0d-b4cd-9476ba14a6ce-d9ctw"},
                    MatchExpressions: nil,
                },
                Ingress: {
                    {
                        Ports: {
                            {
                                Protocol: &"TCP",
                                Port:     &intstr.IntOrString{Type:0, IntVal:8444, StrVal:""},
                                EndPort:  (*int32)(nil),
                            },
                        },
                        From: {
                            {
                                PodSelector: &v1.LabelSelector{
                                    MatchLabels:      {"app":"7dbd1a62-4048-4c0d-b4cd-9476ba14a6ce-9ld6q"},
                                    MatchExpressions: nil,
                                },
                                NamespaceSelector: &v1.LabelSelector{
                                    MatchLabels:      {"kubernetes.io/metadata.name":"21cce4f8-1371-4f75-b10a-621f00567bce"},
                                    MatchExpressions: nil,
                                },
                                IPBlock: (*v1.IPBlock)(nil),
                            },
                        },
                    },
                    {
                        Ports: {
                            {
                                Protocol: &"TCP",
                                Port:     &intstr.IntOrString{Type:0, IntVal:8005, StrVal:""},
                                EndPort:  (*int32)(nil),
                            },
                            {
                                Protocol: &"TCP",
                                Port:     &intstr.IntOrString{Type:0, IntVal:8999, StrVal:""},
                                EndPort:  (*int32)(nil),
                            },
                        },
                        From: nil,
                    },
                    {
                        Ports: {
                            {
                                Protocol: &"TCP",
                                Port:     &intstr.IntOrString{Type:0, IntVal:8100, StrVal:""},
                                EndPort:  (*int32)(nil),
                            },
                        },
                        From: nil,
                    },
                },
                Egress:      nil,
                PolicyTypes: {"Ingress"},
            },
        }
    test_gateway.go:823: 
        	Error Trace:	/home/runner/work/gateway-operator/gateway-operator/test/integration/test_gateway.go:823
        	Error:      	Condition never satisfied
        	Test:       	TestIntegration/TestGatewayDataPlaneNetworkPolicy/verifying_DataPlane's_NetworkPolicies_get_updated_after_customizing_kong_proxy_listen_port_through_GatewayConfiguration

@pmalek pmalek disabled auto-merge March 14, 2025 09:33
@pmalek pmalek dismissed their stale review March 14, 2025 09:34

Relevant test failed

@programmer04 programmer04 removed this from the KGO v1.6.x milestone Mar 14, 2025
@programmer04 programmer04 enabled auto-merge March 18, 2025 09:58
@programmer04
Copy link
Member Author

@pmalek since it has been re-runed here a couple of times, also I did it locally and I couldn't get the mentioned error. I agree that there is some flakiness in this test, but I'm leaning towards merging it as it is. This PR fixes an actual bug, it is beneficial to release it in KGO 1.6, WDYT?

@programmer04 programmer04 added this to the KGO v1.6.x milestone Mar 18, 2025
@pmalek
Copy link
Member

pmalek commented Mar 18, 2025

@pmalek since it has been re-runed here a couple of times, also I did it locally and I couldn't get the mentioned error. I agree that there is some flakiness in this test, but I'm leaning towards merging it as it is. This PR fixes an actual bug, it is beneficial to release it in KGO 1.6, WDYT?

In such case I propose to withdraw the removal of t.Skip() call, solve that separately and to "just" fix the issue in this PR.

@programmer04 programmer04 marked this pull request as draft March 19, 2025 12:46
auto-merge was automatically disabled March 19, 2025 12:46

Pull request was converted to draft

@programmer04
fix: ports in GatewayConfiguration can be adjusted, enable integrat…
f798eef 
…ion case `verifying DataPlane's NetworkPolicies...`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pmalek pmalek pmalek left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@programmer04 programmer04

Labels
area/maintenance area/tests
Projects
None yet
Milestone
KGO v1.6.x
Development

Successfully merging this pull request may close these issues.
2 participants
@programmer04 @pmalek