Skip to content

feat: EnvoyPatchPolicy support targetRefs#8713

Open
zirain wants to merge 11 commits intoenvoyproxy:mainfrom
zirain:epp-multi-targetrefs
Open

feat: EnvoyPatchPolicy support targetRefs#8713
zirain wants to merge 11 commits intoenvoyproxy:mainfrom
zirain:epp-multi-targetrefs

Conversation

@zirain
Copy link
Copy Markdown
Member

@zirain zirain commented Apr 10, 2026

xref: #8623

  • add targetRefs to EnvoyPatchPolicy
  • add warning condition if still using spec.targetRef

@zirain zirain requested a review from a team as a code owner April 10, 2026 08:02
@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 10, 2026

Deploy Preview for cerulean-figolla-1f9435 canceled.

Name Link
🔨 Latest commit 3036432
🔍 Latest deploy log https://app.netlify.com/projects/cerulean-figolla-1f9435/deploys/69e5924622f55f0008c9114c

@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 10, 2026

Codecov Report

❌ Patch coverage is 85.91549% with 30 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.32%. Comparing base (d80fb5b) to head (5c2d13c).

Files with missing lines Patch % Lines
internal/xds/runner/runner.go 57.14% 17 Missing and 7 partials ⚠️
internal/gatewayapi/envoypatchpolicy.go 98.33% 1 Missing and 1 partial ⚠️
internal/gatewayapi/status/envoypatchpolicy.go 92.00% 2 Missing ⚠️
internal/xds/translator/jsonpatch.go 83.33% 1 Missing and 1 partial ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #8713      +/-   ##
==========================================
- Coverage   74.35%   74.32%   -0.03%     
==========================================
  Files         245      245              
  Lines       38847    38987     +140     
==========================================
+ Hits        28883    28979      +96     
- Misses       7963     7995      +32     
- Partials     2001     2013      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@zirain zirain added this to the v1.8.0-rc.1 Release milestone Apr 11, 2026
@zirain
Copy link
Copy Markdown
Member Author

zirain commented Apr 14, 2026

@codex review

Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 75527614e2

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread internal/xds/translator/jsonpatch.go
Comment thread internal/gatewayapi/envoypatchpolicy.go
@zirain
Copy link
Copy Markdown
Member Author

zirain commented Apr 14, 2026

@codex review

Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f26683595c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread internal/xds/runner/runner.go Outdated
zirain added 6 commits April 14, 2026 20:14
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com>
@zirain zirain force-pushed the epp-multi-targetrefs branch from f266835 to f7983f5 Compare April 14, 2026 12:20
zirain added 2 commits April 16, 2026 11:58
Signed-off-by: zirain <zirain2009@gmail.com>
@arkodg
Copy link
Copy Markdown
Contributor

arkodg commented Apr 19, 2026

@codex review

Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 6a5bcf3f2c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread internal/xds/runner/runner.go Outdated
Comment on lines +428 to +430
} else {
// Keep existing ancestor that wasn't updated
mergedAncestors = append(mergedAncestors, existingStatus.Ancestors[i])
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Drop stale ancestors when targetRefs are removed

The merge branch preserves any existingStatus.Ancestors entry that is missing from the newly translated status (else path here), which makes ancestor status sticky across updates. If a policy previously targeted two Gateways and later removes one targetRef, the removed target is no longer emitted in the new translation, but this code keeps it forever, so users continue to see outdated attachment/condition state. The merged result should prune ancestors absent from the latest status (or gate retention by generation) instead of always carrying them forward.

Useful? React with 👍 / 👎.

Comment thread internal/gatewayapi/envoypatchpolicy.go Outdated
Name: string(refName),
}
irKey = t.IRKey(gatewayNN)
ancestorRef = getAncestorRefForPolicy(gatewayNN, nil)
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Build ancestorRef from the actual target before validation

For non-merged mode, ancestorRef is derived with getAncestorRefForPolicy before validating targetRef.Group/Kind, so every entry is normalized to a Gateway ancestor even when the input ref is invalid. With targetRefs, an invalid and a valid ref that share the same name can collide on the same ancestor: the invalid one sets Accepted=False, and the valid one then cannot flip it to accepted because the accepted condition already exists. This produces incorrect status (rejected) even when patches were successfully applied to the valid target.

Useful? React with 👍 / 👎.

zirain added 3 commits April 19, 2026 20:25
Signed-off-by: zirain <zirain2009@gmail.com>
Signed-off-by: zirain <zirain2009@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants