Add translation for GKE Security Policy by sawsa307 · Pull Request #191 · kubernetes-sigs/ingress2gateway

sawsa307 · 2024-09-11T18:54:46Z

What type of PR is this?
/kind feature

What this PR does / why we need it:
Adding a new feature for GKE Ingress and Gateway conversion.

Which issue(s) this PR fixes:
Adding more feature for #87.

Does this PR introduce a user-facing change?:

Ingress2gateway now supports translating Cloud Armor security policy on GKE Ingress to GCPBackendPolicy on GKE Gateway.

sawsa307 · 2024-09-11T18:55:23Z

/assign @robscott
/assign @LiorLieberman

spencerhance · 2024-09-11T19:05:52Z

/assign @spencerhance

spencerhance

Can we move all the sessionaffinity changes into a separate PR?

sawsa307 · 2024-09-12T05:34:38Z

Can we move all the sessionaffinity changes into a separate PR?

All changes related to session affinity are refactors, are you suggesting put refactor into its own PR and the new feature security policy in another? @spencerhance

spencerhance · 2024-09-12T17:12:12Z

Can we move all the sessionaffinity changes into a separate PR?

All changes related to session affinity are refactors, are you suggesting put refactor into its own PR and the new feature security policy in another? Spencer Hance

Yes that would be great. I know this PR isn't huge but generally decoupling refactors from new feature implementations helps reviewers (and git blame). My recommendation would be a PR to refactor SessionAffinity and then a PR for SecurityPolicy implementation.

spencerhance · 2024-09-14T18:32:58Z

@sawsa307 Can you ping me after you rebase and i'll take another look?

sawsa307 · 2024-09-14T20:33:00Z

I just did the rebase, please let me know if there is any other question, thanks! @spencerhance

spencerhance

/lgtm
/approve

Thanks!

k8s-ci-robot · 2024-09-17T08:03:02Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: LiorLieberman, sawsa307, spencerhance

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [LiorLieberman]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

* Convert security policy into IR * Add Security Policy conversion.

k8s-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Sep 11, 2024

k8s-ci-robot requested review from Xunzhuo and levikobi September 11, 2024 18:54

k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Sep 11, 2024

sawsa307 temporarily deployed to release September 11, 2024 18:54 — with GitHub Actions Inactive

k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Sep 11, 2024

k8s-ci-robot assigned LiorLieberman and robscott Sep 11, 2024

sawsa307 force-pushed the gke-security-policy branch from 4102fc4 to c447c71 Compare September 11, 2024 18:58

sawsa307 temporarily deployed to release September 11, 2024 18:59 — with GitHub Actions Inactive

k8s-ci-robot assigned spencerhance Sep 11, 2024

sawsa307 force-pushed the gke-security-policy branch from c447c71 to 9bb6d71 Compare September 11, 2024 19:31

sawsa307 temporarily deployed to release September 11, 2024 19:31 — with GitHub Actions Inactive

sawsa307 force-pushed the gke-security-policy branch from 9bb6d71 to 3fcb656 Compare September 11, 2024 19:56

sawsa307 temporarily deployed to release September 11, 2024 19:57 — with GitHub Actions Inactive

sawsa307 force-pushed the gke-security-policy branch from 3fcb656 to f6ee19f Compare September 11, 2024 19:58

sawsa307 temporarily deployed to release September 11, 2024 19:58 — with GitHub Actions Inactive

spencerhance reviewed Sep 12, 2024

View reviewed changes

sawsa307 force-pushed the gke-security-policy branch from f6ee19f to 6599f9c Compare September 12, 2024 17:55

sawsa307 temporarily deployed to release September 12, 2024 17:55 — with GitHub Actions Inactive

sawsa307 force-pushed the gke-security-policy branch from 6599f9c to 525d180 Compare September 12, 2024 18:00

sawsa307 temporarily deployed to release September 12, 2024 18:01 — with GitHub Actions Inactive

sawsa307 force-pushed the gke-security-policy branch from 525d180 to 36ec5f2 Compare September 12, 2024 18:03

sawsa307 temporarily deployed to release September 12, 2024 18:03 — with GitHub Actions Inactive

sawsa307 force-pushed the gke-security-policy branch from 36ec5f2 to aee7145 Compare September 12, 2024 20:01

sawsa307 temporarily deployed to release September 12, 2024 20:01 — with GitHub Actions Inactive

sawsa307 force-pushed the gke-security-policy branch from aee7145 to 825bd31 Compare September 12, 2024 20:28

sawsa307 temporarily deployed to release September 12, 2024 20:28 — with GitHub Actions Inactive

k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Sep 13, 2024

sawsa307 added 2 commits September 14, 2024 20:31

Convert security policy into IR

2e1aa23

Add Security Policy conversion.

f1bed7d

sawsa307 force-pushed the gke-security-policy branch from 825bd31 to f1bed7d Compare September 14, 2024 20:32

k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Sep 14, 2024

sawsa307 temporarily deployed to release September 14, 2024 20:32 — with GitHub Actions Inactive

sawsa307 requested a review from spencerhance September 14, 2024 20:32

spencerhance approved these changes Sep 14, 2024

View reviewed changes

k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 14, 2024

This was referenced Sep 16, 2024

Refactor GCE test code #193

Merged

Add translation for GKE Custom health check #194

Merged

LiorLieberman approved these changes Sep 17, 2024

View reviewed changes

k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 17, 2024

k8s-ci-robot merged commit 7403f0f into kubernetes-sigs:main Sep 17, 2024

rajashish pushed a commit to rajashish/ingress2gateway1 that referenced this pull request Feb 21, 2026

Add translation for GKE Security Policy (kubernetes-sigs#191)

9860afe

* Convert security policy into IR * Add Security Policy conversion.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add translation for GKE Security Policy#191

Add translation for GKE Security Policy#191
k8s-ci-robot merged 2 commits intokubernetes-sigs:mainfrom
sawsa307:gke-security-policy

sawsa307 commented Sep 11, 2024

Uh oh!

sawsa307 commented Sep 11, 2024

Uh oh!

spencerhance commented Sep 11, 2024

Uh oh!

spencerhance left a comment

Uh oh!

sawsa307 commented Sep 12, 2024

Uh oh!

spencerhance commented Sep 12, 2024

Uh oh!

spencerhance commented Sep 14, 2024

Uh oh!

sawsa307 commented Sep 14, 2024

Uh oh!

spencerhance left a comment

Uh oh!

k8s-ci-robot commented Sep 17, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

Conversation

sawsa307 commented Sep 11, 2024

Uh oh!

sawsa307 commented Sep 11, 2024

Uh oh!

spencerhance commented Sep 11, 2024

Uh oh!

spencerhance left a comment

Choose a reason for hiding this comment

Uh oh!

sawsa307 commented Sep 12, 2024

Uh oh!

spencerhance commented Sep 12, 2024

Uh oh!

spencerhance commented Sep 14, 2024

Uh oh!

sawsa307 commented Sep 14, 2024

Uh oh!

spencerhance left a comment

Choose a reason for hiding this comment

Uh oh!

k8s-ci-robot commented Sep 17, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants