Kubeconform can't validate gateway after 1.1.0 changes

[davem-git]

Description: We validate all of our workloads with kubeconform . It can take custom CDR which we have a script that generates it from finding all the CDR's in our workload directly. This used to work fine, it generated a validation for gateway. With the upgrade of v.1.1.0 it and the addition of https://github.com/envoyproxy/gateway/pull/4020/files#diff-85e94dab8d1c67629c15c4000ac7bcf1eb1a4c55f006ee5afc1d9c6ce69872d1R28-R31. this validation now fails.

When I generate the json validation from the CDR., it misses this. I can verify this is expected by looking at the CDR

https://github.com/envoyproxy/gateway/blob/release/v1.1.0/charts/gateway-helm/crds/gatewayapi-crds.yaml#L1219-L1478

its not in there. I do see it v1beta below, however, that's not what I'm using and it still works when I deploy it. And for some reason that isn't generating it for me either.

Is there some compatibility setup allowing me to use the feature even if it's not supported in the CDR?

gateway_v1.json gateway_v1beta1.json

Repro steps:

Include sample requests, environment, etc. All data and inputs run kubeconform on the deployment yaml files, and select CustomResourceDefinition -schema-location and select the scheme-location

Note: If there are privacy concerns, sanitize the data prior to

Environment:

gateway 1.1.0 proxy whatever comes with it

Logs:

stdin - Gateway gateway-envoy is invalid: problem validating schema. Check JSON formatting: jsonschema: '/spec/infrastructure' does not validate with file:///home/runner/work//tools/crd_json_schemas/gateway_v1.json#/properties/spec/properties/infrastructure/additionalProperties: additionalProperties 'parametersRef' not allowed

[davem-git]

we use https://github.com/instrumenta/openapi2jsonschema. to generate the schema you can do it for all of the CDR

[zirain]

is it a kubeconform issue rather than EGs? see https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.GatewayInfrastructure

[davem-git]

I don't think so. We generate that file from EG cdr. We don't use a global one. When you look at the cdr you can see it missing that part from the v1 section

[zirain]

Gateway CRD is directly copied from Gateway API project.

[davem-git]

How is parametersRef supported in 1.1.0 then? That's not something EG added?

[arkodg]

How is parametersRef supported in 1.1.0 then? That's not something EG added?

EG only implemented the API, the API field is added by upstream https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1beta1.Gateway

[davem-git]

I see that it's only on the website for experimental CDR. Though I tried copying that locally and it still didn't fix the problem

https://github.com/kubernetes-sigs/gateway-api/blob/v1.1.0/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml#L207-L220

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had activity in the last 30 days.