Skip to content

e2e: add test for watched namespace#8786

Draft
zhaohuabing wants to merge 2 commits intoenvoyproxy:mainfrom
zhaohuabing:watch-namespace-e2e
Draft

e2e: add test for watched namespace#8786
zhaohuabing wants to merge 2 commits intoenvoyproxy:mainfrom
zhaohuabing:watch-namespace-e2e

Conversation

@zhaohuabing
Copy link
Copy Markdown
Member

@zhaohuabing zhaohuabing commented Apr 19, 2026

This PR adds an e2e test for "watched namespaces" are specified.

The test verifies that EG correctly reconciles resources in the envoy-gateway-system namespace even when that namespace is not explicitly included in the watched namespaces.

It turns out envoy-gateway-system namespace needs to be explicitly configured in the watched namespaces in the current controller logic. I'm not sure if this is a bug or intended behavior, we can address this later if we want to implicitly include envoy-gateway-system namespace.

This test is required to ensure that the #8764 doesn't break the "watched namespaces" mode.

@zhaohuabing zhaohuabing requested a review from a team as a code owner April 19, 2026 00:36
@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 19, 2026

Deploy Preview for cerulean-figolla-1f9435 canceled.

Name Link
🔨 Latest commit 8dbbebf
🔍 Latest deploy log https://app.netlify.com/projects/cerulean-figolla-1f9435/deploys/69e4a2d27f888d0008655f65

@zhaohuabing zhaohuabing marked this pull request as draft April 19, 2026 00:36
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d00e0984ca

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +15 to +19
namespaces:
- gateway-conformance-infra
- gateway-preserve-case-backend
- gateway-upgrade-infra
- listenerset-tls-termination-secret
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Add controller namespace to watched namespace list

This watch.namespaces list omits envoy-gateway-system, but in Namespaces watch mode Envoy Gateway constrains its cache to exactly the listed namespaces (internal/provider/kubernetes/kubernetes.go:197-201). The infra manager still reads/manages control-plane resources in the controller namespace (internal/infrastructure/kubernetes/infra.go:71-73), and ratelimit reconciliation specifically does GetUID for envoy-gateway Service/Deployment/ServiceAccount there (internal/infrastructure/kubernetes/ratelimit_infra.go:26-47), so the new watch-namespaces profile can fail reconciliation unless envoy-gateway-system is included; the same omission appears in test/config/helm/watch-namespaces.yaml.

Useful? React with 👍 / 👎.

@zhaohuabing zhaohuabing force-pushed the watch-namespace-e2e branch from d00e098 to 8da04fe Compare April 19, 2026 00:43
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 19, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.35%. Comparing base (d80fb5b) to head (8dbbebf).

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #8786   +/-   ##
=======================================
  Coverage   74.35%   74.35%           
=======================================
  Files         245      245           
  Lines       38847    38847           
=======================================
  Hits        28883    28883           
  Misses       7963     7963           
  Partials     2001     2001           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
@zhaohuabing zhaohuabing force-pushed the watch-namespace-e2e branch from 8da04fe to f33a03f Compare April 19, 2026 02:19
Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com>
@zhaohuabing zhaohuabing marked this pull request as ready for review April 20, 2026 06:22
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8dbbebff2f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@@ -0,0 +1 @@
# the watch-namespaces configuration is applied via test/config/envoy-gateaway-config/watch-namespaces.yaml
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Populate watch-namespaces Helm profile

watch-namespaces is added to conformance matrices, but this profile's Helm values file is effectively empty, so those jobs still deploy Envoy Gateway with default settings instead of provider.kubernetes.watch.type=Namespaces. In our make targets, conformance paths (conformance/experimental-conformance) only consume test/config/helm/<profile>.yaml during kube-deploy and do not apply test/config/envoy-gateaway-config/<profile>.yaml, so these new matrix entries do not exercise watched-namespace mode and can miss regressions they are intended to catch.

Useful? React with 👍 / 👎.

@zhaohuabing zhaohuabing marked this pull request as draft April 20, 2026 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant