fix: shutdown-manager not respecting security context of container spec #4938
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com>
Dean-Coakley
force-pushed
the
fix-security-context-shudown-manager
branch
from
5b13980 to
34a52bf
Compare
|
@Dean-Coakley And run |
|
@zhaohuabing Are there some prerequisites, or do you have suggestions on how to resolve?: $ golangci-lint version
golangci-lint has version 1.59.1 built with go1.22.3 from 1a55854a on 2024-06-09T18:08:33Z
$ go version
go version go1.23.3 linux/amd64$ make gen-check
make[1]: Entering directory '/home/dean/go/src/github.com/dean-coakley/envoy-gateway'
===========> Running go.mod.tidy ...
go mod tidy -compat=1.23
go: github.com/envoyproxy/gateway/internal/troubleshoot imports
github.com/replicatedhq/troubleshoot/pkg/collect imports
github.com/replicatedhq/troubleshoot/pkg/debug imports
github.com/spf13/viper imports
github.com/spf13/viper/internal/encoding/toml imports
github.com/pelletier/go-toml/v2: mkdir /home/dean/go/pkg/mod/github.com/pelletier/go-toml: permission denied
make[1]: *** [tools/make/golang.mk:81: go.mod.tidy] Error 1
make[1]: Leaving directory '/home/dean/go/src/github.com/dean-coakley/envoy-gateway'
make: *** [Makefile:18: _run] Error 2$ sudo make gen-check
make[1]: Entering directory '/home/dean/go/src/github.com/dean-coakley/envoy-gateway'
/bin/bash: line 1: go: command not found
/bin/bash: line 1: go: command not found
/bin/bash: line 1: go: command not found
===========> Running go.mod.tidy ...
go mod tidy -compat=1.23
/bin/bash: line 1: go: command not found
make[1]: *** [tools/make/golang.mk:81: go.mod.tidy] Error 127
make[1]: Leaving directory '/home/dean/go/src/github.com/dean-coakley/envoy-gateway'
make: *** [Makefile:18: _run] Error 2 |
Can you try |
|
My
|
trfs lib is missing try |
Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com>
Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com>
Dean-Coakley
force-pushed
the
fix-security-context-shudown-manager
branch
from
269ec5d to
10f2e31
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #4938 +/- ##
==========================================
- Coverage 66.34% 66.31% -0.04%
==========================================
Files 209 209
Lines 32035 32038 +3
==========================================
- Hits 21254 21246 -8
- Misses 9524 9533 +9
- Partials 1257 1259 +2 ☔ View full report in Codecov by Sentry. |
zhaohuabing
pushed a commit
to zhaohuabing/gateway
that referenced
this pull request
Jan 13, 2025
…ec (envoyproxy#4938) * Fix shutdown-manager not respecting security context of container spec Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> * Update securityContext testdata Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> * Lint with gci Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> --------- Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> (cherry picked from commit 43621b4) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
zhaohuabing
added a commit
that referenced
this pull request
Jan 14, 2025
* fix: nil pointer error (#5000) * fix: nil pointer error Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> (cherry picked from commit 10a31f1) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: store one copy of HTTPRoute Extension Filters (#5002) * fix: store one copy of HTTPRoute Extension Filters Signed-off-by: Guy Daich <guy.daich@sap.com> * fix code review comments Signed-off-by: Guy Daich <guy.daich@sap.com> * check if httproutefilter crd exists Signed-off-by: Guy Daich <guy.daich@sap.com> --------- Signed-off-by: Guy Daich <guy.daich@sap.com> (cherry picked from commit 2a5ecaf) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: enable ipv4 compat mode for dual stack cluster support (#5018) enable ipv4 compat mode for dual stack cluster support Signed-off-by: Will Tekulve <tekulve.will@gmail.com> (cherry picked from commit e028254) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: explicitly set ip family and family policy in gateway spec (#5019) * explicitly set ip family and family policy Signed-off-by: Will Tekulve <tekulve.will@gmail.com> * add TestService cases Signed-off-by: Will Tekulve <tekulve.will@gmail.com> (cherry picked from commit 4d5d3f0) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: check before setting cookie TTL in sessionPersistence (#5026) * Check before setting Cookie TTL in Session Persistence Fixes a null ptr exception when the cookie ttl is nil but was being accessed without checking if its valid or not Signed-off-by: Arko Dasgupta <arko@tetrate.io> * simplify logic Signed-off-by: Arko Dasgupta <arko@tetrate.io> (cherry picked from commit dff0531) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: dont shift listener ports for Standalone mode (#5027) * fix: dont shift listener ports for Standalone mode Fixes: #4981 Signed-off-by: Arko Dasgupta <arko@tetrate.io> * test Signed-off-by: Arko Dasgupta <arko@tetrate.io> * fix lint Signed-off-by: Arko Dasgupta <arko@tetrate.io> --------- Signed-off-by: Arko Dasgupta <arko@tetrate.io> (cherry picked from commit 84f2ad2) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: shutdown-manager not respecting security context of container spec (#4938) * Fix shutdown-manager not respecting security context of container spec Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> * Update securityContext testdata Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> * Lint with gci Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> --------- Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> (cherry picked from commit 43621b4) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix: use tls config from BTP when connecting to the OIDC provider's well-known endpoint. (#4857) * add e2e test for OIDC provider with TLS Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * delete file Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix lint Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * use TLS config from BTLPolicy to fetch auth endpoint Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * refactor Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * update release note Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * update release note Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix test Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> * fix lint Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> (cherry picked from commit 3a39c35) Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: Will Tekulve <tekulve.will@gmail.com> Signed-off-by: Arko Dasgupta <arko@tetrate.io> Signed-off-by: Dean Coakley <dean.s.coakley@gmail.com> Signed-off-by: Huabing (Robin) Zhao <zhaohuabing@gmail.com> Co-authored-by: Guy Daich <guy.daich@sap.com> Co-authored-by: Will Tekulve <tekulvw@users.noreply.github.com> Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> Co-authored-by: Dean Coakley <dean.s.coakley@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
Fixes setting custom security context in container spec
Which issue(s) this PR fixes:
Fixes #4881
Release Notes: Yes