Open
Conversation
Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
lukas016
reviewed
Mar 18, 2026
lukas016
reviewed
Mar 18, 2026
lukas016
reviewed
Mar 18, 2026
lukas016
reviewed
Mar 18, 2026
lukas016
reviewed
Mar 18, 2026
…tion logic Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
…lm selection logic" This reverts commit e50aa2d.
Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR expands Gateway Realm configuration from single url/issuerUrl fields to multi-value urls/issuerUrls, and adds optional Zone-level DTC (Dynamic Traffic Control) support by creating an additional “dtc” Gateway Realm when configured.
Changes:
- Update
RealmSpecand Gateway Realm CRD to useurls[]/issuerUrls[]and adjust route creation to build downstreams for all Realm URLs. - Add
spec.gateway.dtcUrlto Zones and create/update a DTC Gateway Realm (name: dtc) during Zone reconciliation. - Update generated deepcopy code, CRDs, and tests across modules to reflect the new RealmSpec fields and DTC behavior.
Reviewed changes
Copilot reviewed 19 out of 19 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| gateway/internal/handler/realm/routes.go | Build Route downstreams from all realm.spec.urls instead of a single URL. |
| gateway/internal/features/suite_test.go | Update mock Realm to new Urls/IssuerUrls fields. |
| gateway/internal/features/builder_ratelimiting_test.go | Update RealmSpec usage in rate limiting tests. |
| gateway/internal/controller/realm_controller_test.go | Update RealmSpec usage in controller tests. |
| gateway/config/crd/bases/gateway.cp.ei.telekom.de_realms.yaml | CRD schema changes: urls[] / issuerUrls[] required with minItems=1. |
| gateway/api/v1/zz_generated.deepcopy.go | Deepcopy updated for new RealmSpec slices. |
| gateway/api/v1/realm_types.go | RealmSpec updated + AsUpstream/AsDownstream updated for list fields. |
| event/internal/handler/util/callback_route_test.go | Update RealmSpec usage in event callback route tests. |
| event/internal/handler/eventexposure/handler_test.go | Update RealmSpec usage in event exposure handler tests. |
| event/internal/handler/eventconfig/handler_test.go | Update RealmSpec usage in event config handler tests. |
| api/internal/handler/util_proxy_route_test.go | Update RealmSpec usage in API proxy route tests. |
| api/internal/controller/remoteapisubscription_controller_test.go | Update test realm setup to set Spec.Urls. |
| api/internal/controller/apiexposure_controller_test.go | Update RealmSpec usage in API exposure tests. |
| admin/internal/handler/zone/handler.go | Add DTC realm creation + adapt issuer access to IssuerUrls[0] and gateway realm spec updates. |
| admin/internal/handler/util/naming/naming.go | Add naming helper for DTC gateway realm. |
| admin/internal/controller/zone_controller_test.go | Add/extend tests for DTC realm behavior and updated RealmSpec expectations. |
| admin/config/crd/bases/admin.cp.ei.telekom.de_zones.yaml | Add spec.gateway.dtcUrl and status.dtcGatewayRealm. |
| admin/api/v1/zz_generated.deepcopy.go | Deepcopy updated for new DtcUrl and DtcGatewayRealm. |
| admin/api/v1/zone_types.go | Add GatewayConfig.DtcUrl and ZoneStatus.DtcGatewayRealm. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
ron96g
requested changes
Mar 24, 2026
Member
ron96g
left a comment
ron96g
left a comment
There was a problem hiding this comment.
Looks good so far. I already have plans in mind to overengineer this to the moon so maybe you have to stop me but please verify the comments.
| // Urls is the list of Gateway URLs that this realm should accept traffic from | ||
| // +listType=set | ||
| // +kubebuilder:validation:MinItems=1 | ||
| Urls []string `json:"urls"` |
Member
There was a problem hiding this comment.
Check via regex or URL pattern. Same for the issuerUrls
Member
There was a problem hiding this comment.
why not "+kubebuilder:validation:Format=uri"?
| return route, errors.Wrapf(err, "failed to parse URL: %s", realmUrl) | ||
| } | ||
|
|
||
| downstreams = append(downstreams, gatewayv1.Downstream{ |
Member
There was a problem hiding this comment.
How are multiple downstream handled in the Route creation? Is this actually supported? See KongClient.CreateOrReplaceRoute
Contributor
Author
There was a problem hiding this comment.
updated the logic to support multiple downstreams. hosts and paths are de-duplicated before sent to kong. will need to test it properly, but so far it looks ok
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…d. hosts and issuers are de-duplicated Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
…by the scoped client Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
Co-authored-by: Björn Kottner <BjoernKarma@users.noreply.github.com> Co-authored-by: Ismael Garba <iagarba@users.noreply.github.com> Co-authored-by: Stefan Siber <stefan-ctrl@users.noreply.github.com> Co-authored-by: Ron Gummich <ron96g@users.noreply.github.com>
ron96g
reviewed
Mar 30, 2026
| DefaultConsumers: []string{}, | ||
| Urls: []string{handlingContext.Zone.Spec.Gateway.Url}, | ||
| IssuerUrls: []string{urls.ForGatewayRealm(handlingContext.Zone.Spec.IdentityProvider.Url, realmName)}, | ||
| DefaultConsumers: []string{"gateway"}, |
Member
There was a problem hiding this comment.
DefaultConsumers should no longer be pre-filled and are added only if required by meshing
ron96g
reviewed
Mar 30, 2026
| Gateway: types.ObjectRefFromObject(gateway), | ||
| Urls: dtcUrls, | ||
| IssuerUrls: issuerUrls, | ||
| DefaultConsumers: []string{"gateway"}, |
ron96g
reviewed
Mar 30, 2026
| // Paths are deduplicated while maintaining order (first occurrence wins). | ||
| func (g *Route) GetPaths() []string { | ||
| seen := make(map[string]bool) | ||
| paths := make([]string, 0, len(g.Spec.Downstreams)) |
Member
There was a problem hiding this comment.
In praxis this will probably result in mostly over-sized slices as the path will remain the same and only the hosts are different. But personally, I think its okay for now
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.