Skip to content

Remove TrueField type in CORS #3895

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

shaneutt
Copy link
Member

@shaneutt shaneutt commented Jul 1, 2025

What type of PR is this?
/kind feature
/kind bug

Which issue(s) this PR fixes:
Implements the fix discuseed in #3841, and fixes #3841.

Does this PR introduce a user-facing change?:

Users of the experimental CORS `AllowCredentials` field can now specify false. The underlying API specification type has changed from a enum of type boolean to just a boolean, so users deploying `HTTPRoutes` via libraries will need to adjust for the change in types.

@shaneutt shaneutt requested review from kflynn and JoelSpeed July 1, 2025 19:11
@k8s-ci-robot
Copy link
Contributor

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/feature Categorizes issue or PR as related to a new feature. kind/bug Categorizes issue or PR as related to a bug. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Jul 1, 2025
@k8s-ci-robot k8s-ci-robot requested review from mlavacca and robscott July 1, 2025 19:11
@k8s-ci-robot k8s-ci-robot added kind/gep PRs related to Gateway Enhancement Proposal(GEP) approved Indicates a PR has been approved by an approver from all required OWNERS files. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jul 1, 2025
@shaneutt shaneutt added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. kind/gep PRs related to Gateway Enhancement Proposal(GEP) labels Jul 1, 2025
@shaneutt shaneutt moved this to Review in Release v1.4.0 Jul 1, 2025
@shaneutt shaneutt added this to the v1.4.0 milestone Jul 1, 2025
@shaneutt shaneutt added the v1.4-release/subtask This indicates a subtask of a feature, bug, or smaller issue for the v1.4 release. label Jul 1, 2025
@shaneutt shaneutt requested a review from EyalPazz July 1, 2025 19:16
@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jul 1, 2025
Comment on lines +1368 to +1370
// When set to false the gateway will omit the header
// `Access-Control-Allow-Credentials` entirely (this is the standard CORS
// behavior).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While in the previous versions of this feature we actually only provided true, here we can also provide false, so i'm thinking that maybe we'll need to add a test that makes sure that setting it to false actually omits it (in the gateway implementation itself), just out of thought that maybe existing implementations take the value (if exists), that in the past could have only been true

Copy link
Member Author

@shaneutt shaneutt Jul 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, sounds good. I am in no position at the moment to test an implementation with CORS support in order to develop this however, so we should throw up a follow-up issue to track additional testing needed for CORS and link that as a sub-task of #1767. Since you seem to be very clear on it, would you mind creating that issue and linking it here, and I can link it as a sub-task?

@k8s-triage-robot
Copy link

Unknown CLA label state. Rechecking for CLA labels.

Send feedback to sig-contributor-experience at kubernetes/community.

/check-cla
/easycla

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jul 1, 2025
@shaneutt shaneutt force-pushed the cors-allowed-bool branch from 883e087 to a162726 Compare July 2, 2025 13:30
@k8s-ci-robot k8s-ci-robot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/gep PRs related to Gateway Enhancement Proposal(GEP) labels Jul 2, 2025
@shaneutt shaneutt requested review from EyalPazz and kflynn July 2, 2025 13:34
@shaneutt shaneutt removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 2, 2025
@shaneutt shaneutt marked this pull request as ready for review July 2, 2025 13:37
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jul 2, 2025
@k8s-ci-robot k8s-ci-robot requested a review from gcs278 July 2, 2025 13:37
Copy link
Contributor

@kflynn kflynn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, holding for other LGTMs though.

/lgtm
/hold

type: CORS
```

In this case, the gateway will not include the
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it worth discussing how this would be mostly useful as a way to override a default? or not so much?

Copy link
Member Author

@shaneutt shaneutt Jul 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would you mind writing up a Github suggestion here, to better detail what you're thinking?

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 2, 2025
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 2, 2025
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kflynn, shaneutt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 2, 2025
@k8s-ci-robot
Copy link
Contributor

New changes are detected. LGTM label has been removed.

@shaneutt shaneutt force-pushed the cors-allowed-bool branch from 67ef279 to 77dcf18 Compare July 2, 2025 15:13
@shaneutt shaneutt force-pushed the cors-allowed-bool branch from 77dcf18 to 0cc5643 Compare July 2, 2025 15:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. kind/bug Categorizes issue or PR as related to a bug. kind/feature Categorizes issue or PR as related to a new feature. kind/gep PRs related to Gateway Enhancement Proposal(GEP) ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. v1.4-release/subtask This indicates a subtask of a feature, bug, or smaller issue for the v1.4 release.
Projects
Status: Review
Development

Successfully merging this pull request may close these issues.

The boolean "TrueField" introduced for CORS can cause generator issues
6 participants