From 9fb951c4eec8f363aa1f81429ecd04cce293ae62 Mon Sep 17 00:00:00 2001 From: upodroid Date: Fri, 3 Apr 2026 15:46:13 +0300 Subject: [PATCH] start using images from registry.k8s.io --- Makefile | 2 +- conformance/base/manifests.yaml | 812 +++++++++--------- conformance/mesh/manifests.yaml | 140 +-- ...ateway-tls-backend-client-certificate.yaml | 2 +- 4 files changed, 478 insertions(+), 478 deletions(-) diff --git a/Makefile b/Makefile index 3be68eff0f..b3c5395457 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ export GO111MODULE=on # The registry to push container images to. -export REGISTRY ?= gcr.io/k8s-staging-gateway-api +export REGISTRY ?= us-central1-docker.pkg.dev/k8s-staging-images/gateway-api # These are overridden by cloudbuild.yaml when run by Prow. diff --git a/conformance/base/manifests.yaml b/conformance/base/manifests.yaml index 454dd45009..a3fe9e8fec 100644 --- a/conformance/base/manifests.yaml +++ b/conformance/base/manifests.yaml @@ -21,12 +21,12 @@ metadata: spec: gatewayClassName: "{GATEWAY_CLASS_NAME}" listeners: - - name: http - port: 80 - protocol: HTTP - allowedRoutes: - namespaces: - from: Same + - name: http + port: 80 + protocol: HTTP + allowedRoutes: + namespaces: + from: Same --- apiVersion: gateway.networking.k8s.io/v1beta1 kind: Gateway @@ -36,57 +36,57 @@ metadata: spec: gatewayClassName: "{GATEWAY_CLASS_NAME}" listeners: - - name: https - port: 443 - protocol: HTTPS - allowedRoutes: - namespaces: - from: Same - tls: - certificateRefs: - - group: "" - kind: Secret - name: tls-validity-checks-certificate - namespace: gateway-conformance-infra - - name: https-with-hostname - port: 443 - hostname: second-example.org - protocol: HTTPS - allowedRoutes: - namespaces: - from: Same - tls: - certificateRefs: - - group: "" - kind: Secret - name: tls-validity-checks-certificate - namespace: gateway-conformance-infra - - name: https-with-wildcard-hostname - port: 443 - hostname: "*.wildcard.org" - protocol: HTTPS - allowedRoutes: - namespaces: - from: Same - tls: - certificateRefs: - - group: "" - kind: Secret - name: tls-validity-checks-certificate - namespace: gateway-conformance-infra - - name: https-with-hostname-matching-wildcard - port: 443 - hostname: "fourth-example.wildcard.org" - protocol: HTTPS - allowedRoutes: - namespaces: - from: Same - tls: - certificateRefs: - - group: "" - kind: Secret - name: tls-validity-checks-certificate - namespace: gateway-conformance-infra + - name: https + port: 443 + protocol: HTTPS + allowedRoutes: + namespaces: + from: Same + tls: + certificateRefs: + - group: "" + kind: Secret + name: tls-validity-checks-certificate + namespace: gateway-conformance-infra + - name: https-with-hostname + port: 443 + hostname: second-example.org + protocol: HTTPS + allowedRoutes: + namespaces: + from: Same + tls: + certificateRefs: + - group: "" + kind: Secret + name: tls-validity-checks-certificate + namespace: gateway-conformance-infra + - name: https-with-wildcard-hostname + port: 443 + hostname: "*.wildcard.org" + protocol: HTTPS + allowedRoutes: + namespaces: + from: Same + tls: + certificateRefs: + - group: "" + kind: Secret + name: tls-validity-checks-certificate + namespace: gateway-conformance-infra + - name: https-with-hostname-matching-wildcard + port: 443 + hostname: "fourth-example.wildcard.org" + protocol: HTTPS + allowedRoutes: + namespaces: + from: Same + tls: + certificateRefs: + - group: "" + kind: Secret + name: tls-validity-checks-certificate + namespace: gateway-conformance-infra --- apiVersion: gateway.networking.k8s.io/v1beta1 kind: Gateway @@ -96,12 +96,12 @@ metadata: spec: gatewayClassName: "{GATEWAY_CLASS_NAME}" listeners: - - name: http - port: 80 - protocol: HTTP - allowedRoutes: - namespaces: - from: All + - name: http + port: 80 + protocol: HTTP + allowedRoutes: + namespaces: + from: All --- apiVersion: gateway.networking.k8s.io/v1beta1 kind: Gateway @@ -111,15 +111,15 @@ metadata: spec: gatewayClassName: "{GATEWAY_CLASS_NAME}" listeners: - - name: http - port: 80 - protocol: HTTP - allowedRoutes: - namespaces: - from: Selector - selector: - matchLabels: - gateway-conformance: backend + - name: http + port: 80 + protocol: HTTP + allowedRoutes: + namespaces: + from: Selector + selector: + matchLabels: + gateway-conformance: backend --- apiVersion: v1 kind: Service @@ -130,20 +130,20 @@ spec: selector: app: infra-backend-v1 ports: - - name: first-port - protocol: TCP - port: 8080 - targetPort: 3000 - - name: second-port - protocol: TCP - appProtocol: kubernetes.io/h2c - port: 8081 - targetPort: 3001 - - name: third-port - protocol: TCP - appProtocol: kubernetes.io/ws - port: 8082 - targetPort: 3000 + - name: first-port + protocol: TCP + port: 8080 + targetPort: 3000 + - name: second-port + protocol: TCP + appProtocol: kubernetes.io/h2c + port: 8081 + targetPort: 3001 + - name: third-port + protocol: TCP + appProtocol: kubernetes.io/ws + port: 8082 + targetPort: 3000 --- apiVersion: apps/v1 kind: Deployment @@ -163,21 +163,21 @@ spec: app: infra-backend-v1 spec: containers: - - name: infra-backend-v1 - # Originally from https://github.com/kubernetes-sigs/ingress-controller-conformance/tree/master/images/echoserver - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m + - name: infra-backend-v1 + # Originally from https://github.com/kubernetes-sigs/ingress-controller-conformance/tree/master/images/echoserver + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -188,9 +188,9 @@ spec: selector: app: infra-backend-v2 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 + - protocol: TCP + port: 8080 + targetPort: 3000 --- apiVersion: apps/v1 kind: Deployment @@ -210,20 +210,20 @@ spec: app: infra-backend-v2 spec: containers: - - name: infra-backend-v2 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m + - name: infra-backend-v2 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -234,9 +234,9 @@ spec: selector: app: infra-backend-v3 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 + - protocol: TCP + port: 8080 + targetPort: 3000 --- apiVersion: apps/v1 kind: Deployment @@ -256,20 +256,20 @@ spec: app: infra-backend-v3 spec: containers: - - name: infra-backend-v3 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m + - name: infra-backend-v3 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -280,9 +280,9 @@ spec: selector: app: tls-backend ports: - - protocol: TCP - port: 443 - targetPort: 8443 + - protocol: TCP + port: 443 + targetPort: 8443 --- apiVersion: apps/v1 kind: Deployment @@ -302,36 +302,36 @@ spec: app: tls-backend spec: containers: - - name: tls-backend - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - volumeMounts: - - name: secret-volume - mountPath: /etc/secret-volume - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TLS_SERVER_CERT - value: /etc/secret-volume/crt - - name: TLS_SERVER_PRIVKEY - value: /etc/secret-volume/key - resources: - requests: - cpu: 10m + - name: tls-backend + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + volumeMounts: + - name: secret-volume + mountPath: /etc/secret-volume + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TLS_SERVER_CERT + value: /etc/secret-volume/crt + - name: TLS_SERVER_PRIVKEY + value: /etc/secret-volume/key + resources: + requests: + cpu: 10m volumes: - - name: secret-volume - secret: - secretName: tls-checks-certificate - items: - - key: tls.crt - path: crt - - key: tls.key - path: key + - name: secret-volume + secret: + secretName: tls-checks-certificate + items: + - key: tls.crt + path: crt + - key: tls.key + path: key --- apiVersion: v1 kind: Service @@ -342,9 +342,9 @@ spec: selector: app: tls-backend-2 ports: - - protocol: TCP - port: 443 - targetPort: 8443 + - protocol: TCP + port: 443 + targetPort: 8443 --- apiVersion: apps/v1 kind: Deployment @@ -364,36 +364,36 @@ spec: app: tls-backend-2 spec: containers: - - name: tls-backend-2 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - volumeMounts: - - name: secret-volume - mountPath: /etc/secret-volume - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TLS_SERVER_CERT - value: /etc/secret-volume/crt - - name: TLS_SERVER_PRIVKEY - value: /etc/secret-volume/key - resources: - requests: - cpu: 10m + - name: tls-backend-2 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + volumeMounts: + - name: secret-volume + mountPath: /etc/secret-volume + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TLS_SERVER_CERT + value: /etc/secret-volume/crt + - name: TLS_SERVER_PRIVKEY + value: /etc/secret-volume/key + resources: + requests: + cpu: 10m volumes: - - name: secret-volume - secret: - secretName: tls-checks-certificate - items: - - key: tls.crt - path: crt - - key: tls.key - path: key + - name: secret-volume + secret: + secretName: tls-checks-certificate + items: + - key: tls.crt + path: crt + - key: tls.key + path: key --- apiVersion: v1 kind: Namespace @@ -411,9 +411,9 @@ spec: selector: app: tls-backend ports: - - protocol: TCP - port: 443 - targetPort: 8443 + - protocol: TCP + port: 443 + targetPort: 8443 --- apiVersion: apps/v1 kind: Deployment @@ -433,36 +433,36 @@ spec: app: tls-backend spec: containers: - - name: tls-backend - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - volumeMounts: - - name: secret-volume - mountPath: /etc/secret-volume - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TLS_SERVER_CERT - value: /etc/secret-volume/crt - - name: TLS_SERVER_PRIVKEY - value: /etc/secret-volume/key - resources: - requests: - cpu: 10m + - name: tls-backend + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + volumeMounts: + - name: secret-volume + mountPath: /etc/secret-volume + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TLS_SERVER_CERT + value: /etc/secret-volume/crt + - name: TLS_SERVER_PRIVKEY + value: /etc/secret-volume/key + resources: + requests: + cpu: 10m volumes: - - name: secret-volume - secret: - secretName: tls-passthrough-checks-certificate - items: - - key: tls.crt - path: crt - - key: tls.key - path: key + - name: secret-volume + secret: + secretName: tls-passthrough-checks-certificate + items: + - key: tls.crt + path: crt + - key: tls.key + path: key --- apiVersion: v1 kind: Service @@ -473,9 +473,9 @@ spec: selector: app: app-backend-v1 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 + - protocol: TCP + port: 8080 + targetPort: 3000 --- apiVersion: apps/v1 kind: Deployment @@ -495,20 +495,20 @@ spec: app: app-backend-v1 spec: containers: - - name: app-backend-v1 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m + - name: app-backend-v1 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -519,9 +519,9 @@ spec: selector: app: app-backend-v2 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 + - protocol: TCP + port: 8080 + targetPort: 3000 --- apiVersion: apps/v1 kind: Deployment @@ -541,20 +541,20 @@ spec: app: app-backend-v2 spec: containers: - - name: app-backend-v2 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m + - name: app-backend-v2 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Namespace @@ -572,9 +572,9 @@ spec: selector: app: web-backend ports: - - protocol: TCP - port: 8080 - targetPort: 3000 + - protocol: TCP + port: 8080 + targetPort: 3000 --- apiVersion: apps/v1 kind: Deployment @@ -594,20 +594,20 @@ spec: app: web-backend spec: containers: - - name: web-backend - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m + - name: web-backend + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -618,10 +618,10 @@ spec: selector: app: grpc-infra-backend-v1 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 - appProtocol: kubernetes.io/h2c + - protocol: TCP + port: 8080 + targetPort: 3000 + appProtocol: kubernetes.io/h2c --- apiVersion: apps/v1 kind: Deployment @@ -641,22 +641,22 @@ spec: app: grpc-infra-backend-v1 spec: containers: - - name: grpc-infra-backend-v1 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GRPC_ECHO_SERVER - value: "1" - resources: - requests: - cpu: 10m + - name: grpc-infra-backend-v1 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: GRPC_ECHO_SERVER + value: "1" + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -667,10 +667,10 @@ spec: selector: app: grpc-infra-backend-v2 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 - appProtocol: kubernetes.io/h2c + - protocol: TCP + port: 8080 + targetPort: 3000 + appProtocol: kubernetes.io/h2c --- apiVersion: apps/v1 kind: Deployment @@ -690,22 +690,22 @@ spec: app: grpc-infra-backend-v2 spec: containers: - - name: grpc-infra-backend-v2 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GRPC_ECHO_SERVER - value: "1" - resources: - requests: - cpu: 10m + - name: grpc-infra-backend-v2 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: GRPC_ECHO_SERVER + value: "1" + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -716,10 +716,10 @@ spec: selector: app: grpc-infra-backend-v3 ports: - - protocol: TCP - port: 8080 - targetPort: 3000 - appProtocol: kubernetes.io/h2c + - protocol: TCP + port: 8080 + targetPort: 3000 + appProtocol: kubernetes.io/h2c --- apiVersion: apps/v1 kind: Deployment @@ -739,22 +739,22 @@ spec: app: grpc-infra-backend-v3 spec: containers: - - name: grpc-infra-backend-v3 - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GRPC_ECHO_SERVER - value: "1" - resources: - requests: - cpu: 10m + - name: grpc-infra-backend-v3 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: GRPC_ECHO_SERVER + value: "1" + resources: + requests: + cpu: 10m --- apiVersion: v1 kind: Service @@ -765,10 +765,10 @@ metadata: app: udp spec: ports: - - name: udp-dns - port: 53 - protocol: UDP - targetPort: 53 + - name: udp-dns + port: 53 + protocol: UDP + targetPort: 53 selector: app: udp --- @@ -789,27 +789,27 @@ spec: app: udp spec: containers: - - args: - - -conf - - /root/Corefile - image: registry.k8s.io/coredns/coredns:v1.12.2 - imagePullPolicy: IfNotPresent - name: coredns - securityContext: - allowPrivilegeEscalation: false - capabilities: - add: - - NET_BIND_SERVICE - drop: - - ALL - volumeMounts: - - mountPath: /root - name: conf - volumes: - - configMap: - defaultMode: 420 + - args: + - -conf + - /root/Corefile + image: registry.k8s.io/coredns/coredns:v1.12.2 + imagePullPolicy: IfNotPresent name: coredns - name: conf + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + volumeMounts: + - mountPath: /root + name: conf + volumes: + - configMap: + defaultMode: 420 + name: coredns + name: conf --- apiVersion: v1 kind: ConfigMap @@ -836,14 +836,14 @@ spec: selector: app: tcp-backend ports: - - name: echo-tcp-plain - protocol: TCP - port: 3000 - targetPort: 3000 - - name: echo-tcp-tls - protocol: TCP - port: 8443 - targetPort: 8443 + - name: echo-tcp-plain + protocol: TCP + port: 3000 + targetPort: 3000 + - name: echo-tcp-tls + protocol: TCP + port: 8443 + targetPort: 8443 --- apiVersion: apps/v1 kind: Deployment @@ -863,37 +863,37 @@ spec: app: tcp-backend spec: containers: - - name: tcp-backend - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 - resources: - requests: - cpu: 10m - volumeMounts: - - name: secret-volume - mountPath: /etc/secret-volume - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TLS_SERVER_CERT - value: /etc/secret-volume/crt - - name: TLS_SERVER_PRIV_KEY - value: /etc/secret-volume/key - - name: TCP_ECHO_SERVER - value: "1" + - name: tcp-backend + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 + resources: + requests: + cpu: 10m + volumeMounts: + - name: secret-volume + mountPath: /etc/secret-volume + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TLS_SERVER_CERT + value: /etc/secret-volume/crt + - name: TLS_SERVER_PRIV_KEY + value: /etc/secret-volume/key + - name: TCP_ECHO_SERVER + value: "1" volumes: - - name: secret-volume - secret: - # certificate issued with hostname abc.example.com - secretName: tls-passthrough-checks-certificate - items: - - key: tls.crt - path: crt - - key: tls.key - path: key + - name: secret-volume + secret: + # certificate issued with hostname abc.example.com + secretName: tls-passthrough-checks-certificate + items: + - key: tls.crt + path: crt + - key: tls.key + path: key --- diff --git a/conformance/mesh/manifests.yaml b/conformance/mesh/manifests.yaml index 5725d145c8..c6597f4bf4 100644 --- a/conformance/mesh/manifests.yaml +++ b/conformance/mesh/manifests.yaml @@ -25,17 +25,17 @@ spec: version: v1 spec: containers: - - name: echo - image: gcr.io/k8s-staging-gateway-api/echo-advanced:v20240412-v1.0.0-394-g40c666fd - imagePullPolicy: IfNotPresent - args: - - --tcp=9090 - - --port=8080 - - --grpc=7070 - - --port=8443 - - --tls=8443 - - --crt=/cert.crt - - --key=/cert.key + - name: echo + image: registry.k8s.io/gateway-api/echo-advanced:v1.5.1 + imagePullPolicy: IfNotPresent + args: + - --tcp=9090 + - --port=8080 + - --grpc=7070 + - --port=8443 + - --tls=8443 + - --crt=/cert.crt + - --key=/cert.key --- apiVersion: v1 kind: Service @@ -47,21 +47,21 @@ spec: app: echo version: v1 ports: - - name: http - port: 80 - appProtocol: http - targetPort: 8080 - - name: http-alt - port: 8080 - appProtocol: http - - name: https - port: 443 - targetPort: 8443 - - name: tcp - port: 9090 - - name: grpc - port: 7070 - appProtocol: grpc + - name: http + port: 80 + appProtocol: http + targetPort: 8080 + - name: http-alt + port: 8080 + appProtocol: http + - name: https + port: 443 + targetPort: 8443 + - name: tcp + port: 9090 + - name: grpc + port: 7070 + appProtocol: grpc --- apiVersion: apps/v1 kind: Deployment @@ -82,17 +82,17 @@ spec: version: v2 spec: containers: - - name: echo - image: gcr.io/k8s-staging-gateway-api/echo-advanced:v20240412-v1.0.0-394-g40c666fd - imagePullPolicy: IfNotPresent - args: - - --tcp=9090 - - --port=8080 - - --grpc=7070 - - --port=8443 - - --tls=8443 - - --crt=/cert.crt - - --key=/cert.key + - name: echo + image: registry.k8s.io/gateway-api/echo-advanced:v1.5.1 + imagePullPolicy: IfNotPresent + args: + - --tcp=9090 + - --port=8080 + - --grpc=7070 + - --port=8443 + - --tls=8443 + - --crt=/cert.crt + - --key=/cert.key --- apiVersion: v1 kind: Service @@ -104,21 +104,21 @@ spec: app: echo version: v2 ports: - - name: http - port: 80 - appProtocol: http - targetPort: 8080 - - name: http-alt - port: 8080 - appProtocol: http - - name: https - port: 443 - targetPort: 8443 - - name: tcp - port: 9090 - - name: grpc - port: 7070 - appProtocol: grpc + - name: http + port: 80 + appProtocol: http + targetPort: 8080 + - name: http-alt + port: 8080 + appProtocol: http + - name: https + port: 443 + targetPort: 8443 + - name: tcp + port: 9090 + - name: grpc + port: 7070 + appProtocol: grpc --- apiVersion: v1 kind: Service @@ -129,21 +129,21 @@ spec: selector: app: echo ports: - - name: http - port: 80 - appProtocol: http - targetPort: 8080 - - name: http-alt - port: 8080 - appProtocol: http - - name: https - port: 443 - targetPort: 8443 - - name: tcp - port: 9090 - - name: grpc - port: 7070 - appProtocol: grpc + - name: http + port: 80 + appProtocol: http + targetPort: 8080 + - name: http-alt + port: 8080 + appProtocol: http + - name: https + port: 443 + targetPort: 8443 + - name: tcp + port: 9090 + - name: grpc + port: 7070 + appProtocol: grpc --- apiVersion: v1 kind: Namespace @@ -171,6 +171,6 @@ spec: version: v1 spec: containers: - - name: echo - image: gcr.io/k8s-staging-gateway-api/echo-advanced:v20240412-v1.0.0-394-g40c666fd - imagePullPolicy: IfNotPresent + - name: echo + image: registry.k8s.io/gateway-api/echo-advanced:v1.5.1 + imagePullPolicy: IfNotPresent diff --git a/conformance/tests/gateway-tls-backend-client-certificate.yaml b/conformance/tests/gateway-tls-backend-client-certificate.yaml index 5f73967f27..854789f5f4 100644 --- a/conformance/tests/gateway-tls-backend-client-certificate.yaml +++ b/conformance/tests/gateway-tls-backend-client-certificate.yaml @@ -92,7 +92,7 @@ spec: spec: containers: - name: tls-backend-with-client-cert-validation - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20260204-monthly-2026.01-60-g28382302 + image: registry.k8s.io/gateway-api/echo-basic:v1.5.1 volumeMounts: - name: secret-volume mountPath: /etc/secret-volume