Skip to content

[feat i2g]add feature flag for ingress plan annotation#4722

Closed
shuqz wants to merge 1 commit into
kubernetes-sigs:mainfrom
shuqz:ingress-dry-run
Closed

[feat i2g]add feature flag for ingress plan annotation#4722
shuqz wants to merge 1 commit into
kubernetes-sigs:mainfrom
shuqz:ingress-dry-run

Conversation

@shuqz
Copy link
Copy Markdown
Collaborator

@shuqz shuqz commented May 2, 2026
edited
Loading

Description

  • Adds the IngressPlanAnnotation feature gate, which writes the controller's serialized model stack JSON to the alb.ingress.kubernetes.io/dry-run-plan annotation on ingress resources after each reconcile. for group ingresses, it will only be added to member[0] with lowest group order (instead of writing same model to all member ingress)
  • in migration tool, for gateway generated from group ingress, add a new annotation to it gateway.k8s.aws/ingress-plan-holder: member[0]'s namespaced name, this will be used later in in-cluster console for model comparison. with this, console can use kubectl to quickly looks up specific ingress and its ingress dry-run-plan annotation

Checklist

  • Added tests that cover your change (if possible)
  • Added/modified documentation as required (such as the README.md, or the docs directory)
  • Manually tested
    example generate gateway from group ingress:
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
  name: aws-alb
spec:
  controllerName: gateway.k8s.aws/alb
---
apiVersion: gateway.k8s.aws/v1beta1
kind: LoadBalancerConfiguration
metadata:
  name: my-app-grp-lb-1a6182c3bf
  namespace: plan-test
spec:
  scheme: internet-facing
  tags:
    gateway.k8s.aws/migrated-from: ingress-group/my-app
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  annotations:
    gateway.k8s.aws/ingress-plan-holder: plan-test/api-ingress
  name: my-app-grp-gw-9da8858351
  namespace: plan-test
spec:
  gatewayClassName: aws-alb
  infrastructure:
    parametersRef:
      group: gateway.k8s.aws
      kind: LoadBalancerConfiguration
      name: my-app-grp-lb-1a6182c3bf
  listeners:
  - name: http-80
    port: 80
    protocol: HTTP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: api-ingr-route-bd3a879b19
  namespace: plan-test
spec:
  hostnames:
  - api.example.com
  parentRefs:
  - name: my-app-grp-gw-9da8858351
  rules:
  - backendRefs:
    - name: api-server
      port: 8080
    matches:
    - path:
        type: PathPrefix
        value: /api
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: web-ingr-route-02dc49184b
  namespace: plan-test
spec:
  hostnames:
  - www.example.com
  parentRefs:
  - name: my-app-grp-gw-9da8858351
  rules:
  - backendRefs:
    - name: web-server
      port: 80
    matches:
    - path:
        type: PathPrefix
        value: /
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: default-route-3f8e26c68d
  namespace: plan-test
spec:
  parentRefs:
  - name: my-app-grp-gw-9da8858351
  rules:
  - backendRefs:
    - name: web-server
      port: 80
    matches:
    - path:
        type: PathPrefix
        value: /
---
apiVersion: gateway.k8s.aws/v1beta1
kind: TargetGroupConfiguration
metadata:
  name: api-serv-tg-confi-e0b76e6463
  namespace: plan-test
spec:
  defaultConfiguration:
    tags:
      gateway.k8s.aws/migrated-from: ingress/plan-test/api-ingress
    targetType: ip
  targetReference:
    name: api-server
---
apiVersion: gateway.k8s.aws/v1beta1
kind: TargetGroupConfiguration
metadata:
  name: web-serv-tg-confi-b70f37291f
  namespace: plan-test
spec:
  defaultConfiguration:
    tags:
      gateway.k8s.aws/migrated-from: ingress/plan-test/web-ingress
    targetType: ip
  targetReference:
    name: web-server

example generated gateway from single ingress

apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
  name: aws-alb
spec:
  controllerName: gateway.k8s.aws/alb
---
apiVersion: gateway.k8s.aws/v1beta1
kind: LoadBalancerConfiguration
metadata:
  name: standalo-lb-confi-440712d9a1
  namespace: plan-test
spec:
  scheme: internet-facing
  tags:
    gateway.k8s.aws/migrated-from: ingress/plan-test/standalone-ingress
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: standalo-gateway-d1df646478
  namespace: plan-test
spec:
  gatewayClassName: aws-alb
  infrastructure:
    parametersRef:
      group: gateway.k8s.aws
      kind: LoadBalancerConfiguration
      name: standalo-lb-confi-440712d9a1
  listeners:
  - name: http-80
    port: 80
    protocol: HTTP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: standalo-route-6a7e65150d
  namespace: plan-test
spec:
  hostnames:
  - standalone.example.com
  parentRefs:
  - name: standalo-gateway-d1df646478
  rules:
  - backendRefs:
    - name: web-server
      port: 80
    matches:
    - path:
        type: PathPrefix
        value: /
---
apiVersion: gateway.k8s.aws/v1beta1
kind: TargetGroupConfiguration
metadata:
  name: web-serv-tg-confi-b70f37291f
  namespace: plan-test
spec:
  defaultConfiguration:
    tags:
      gateway.k8s.aws/migrated-from: ingress/plan-test/standalone-ingress
    targetType: ip
  targetReference:
    name: web-server
  • Made sure the title of the PR is a good description that can go into the release notes

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

  • Backfilled missing tests for code in same general area 🎉
  • Refactored something and made the world a better place 🌟

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label May 2, 2026
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented May 2, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: shuqz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels May 2, 2026
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented May 2, 2026

Codecov Report

❌ Patch coverage is 67.50000% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 56.13%. Comparing base (22cdb42) to head (8befc33).
⚠️ Report is 8 commits behind head on main.

Files with missing lines Patch % Lines
pkg/ingress2gateway/translate/translate.go 76.00% 5 Missing and 1 partial ⚠️
controllers/ingress/group_controller.go 0.00% 4 Missing ⚠️
controllers/ingress/dryrun.go 80.00% 1 Missing and 1 partial ⚠️
pkg/config/feature_gates.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4722      +/-   ##
==========================================
+ Coverage   56.09%   56.13%   +0.03%     
==========================================
  Files         388      389       +1     
  Lines       30932    30987      +55     
==========================================
+ Hits        17352    17395      +43     
- Misses      12566    12578      +12     
  Partials     1014     1014

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

shraddhabang
shraddhabang reviewed May 5, 2026
View reviewed changes
Comment thread pkg/ingress2gateway/translate/translate.go
// controller writes the dry-run-plan annotation to. This is Members[0] after sorting
// by group.order (default 0), with ties broken by lexical namespace/name — the same
// logic used by the ingress controller's group loader.
func findPlanHolder(members []networking.Ingress) string {
Copy link
Copy Markdown
Collaborator

@shraddhabang shraddhabang May 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you write unit tests for this?

@shuqz
Copy link
Copy Markdown
Collaborator Author

shuqz commented May 7, 2026

closed in favor of #4728

@shuqz shuqz closed this May 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shraddhabang shraddhabang shraddhabang left review comments

@zac-nixon zac-nixon Awaiting requested review from zac-nixon

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@shuqz @k8s-ci-robot @codecov-commenter @shraddhabang