From 804e621625c59121202b5460e58d64e15273d92c Mon Sep 17 00:00:00 2001 From: Tharsanan1 Date: Mon, 5 Jan 2026 14:00:15 +0530 Subject: [PATCH 1/3] test: add Helm upgrade verification for Gateway --- .github/workflows/operator-integration-test.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/operator-integration-test.yml b/.github/workflows/operator-integration-test.yml index 9a23a2013..d7d028f77 100644 --- a/.github/workflows/operator-integration-test.yml +++ b/.github/workflows/operator-integration-test.yml @@ -1094,6 +1094,23 @@ jobs: echo "Updated JWT API invocation test passed (correctly rejected)!" + - name: Test Gateway Helm Upgrade + run: | + echo "Updating ConfigMap to trigger Helm Upgrade..." + kubectl get configmap test-gateway-config -o jsonpath='{.data.values\.yaml}' > values.yaml + + # Replace annotations to trigger upgrade + sed -i 's/annotations: {}/annotations: {helm-upgrade-test: "true"}/g' values.yaml + + kubectl create configmap test-gateway-config --from-file=values.yaml=values.yaml --dry-run=client -o yaml | kubectl apply -f - + + echo "Waiting for deployment update..." + # Give the operator a moment to detect and start the upgrade + sleep 5 + kubectl wait --for=jsonpath='{.metadata.annotations.helm-upgrade-test}=true' deployment/test-gateway-gateway-router --timeout=180s + + echo "Helm upgrade verified." + - name: Multi-namespace API test run: | echo "Creating namespace test-ns..." From 81a1bd13af2f4d68c6e6e98f2b298ac475fa5e70 Mon Sep 17 00:00:00 2001 From: Tharsanan1 Date: Mon, 5 Jan 2026 14:29:00 +0530 Subject: [PATCH 2/3] fix: enhance Helm upgrade verification and ensure deployment stability --- .github/workflows/operator-integration-test.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/operator-integration-test.yml b/.github/workflows/operator-integration-test.yml index d7d028f77..ba8ff57e9 100644 --- a/.github/workflows/operator-integration-test.yml +++ b/.github/workflows/operator-integration-test.yml @@ -1109,7 +1109,15 @@ jobs: sleep 5 kubectl wait --for=jsonpath='{.metadata.annotations.helm-upgrade-test}=true' deployment/test-gateway-gateway-router --timeout=180s - echo "Helm upgrade verified." + echo "Deployment metadata updated. Waiting for rollout to complete..." + + # Wait for the deployments to finish rolling out to ensure stability + kubectl rollout status deployment/test-gateway-gateway-controller --timeout=300s + kubectl rollout status deployment/test-gateway-gateway-router --timeout=300s + # Policy engine might also be updated if it had empty annotations + kubectl rollout status deployment/test-gateway-gateway-policy-engine --timeout=300s || true + + echo "Helm upgrade and rollout verified." - name: Multi-namespace API test run: | From 065fea9625043dcd28c686cd35ad595772dc38a4 Mon Sep 17 00:00:00 2001 From: Tharsanan1 Date: Mon, 5 Jan 2026 14:52:34 +0530 Subject: [PATCH 3/3] fix: enhance Helm upgrade verification and add health check for Gateway Controller --- .../workflows/operator-integration-test.yml | 25 +++++++++++++++++-- .../internal/controller/restapi_controller.go | 11 ++++++++ 2 files changed, 34 insertions(+), 2 deletions(-) diff --git a/.github/workflows/operator-integration-test.yml b/.github/workflows/operator-integration-test.yml index ba8ff57e9..2e55849e1 100644 --- a/.github/workflows/operator-integration-test.yml +++ b/.github/workflows/operator-integration-test.yml @@ -1114,10 +1114,31 @@ jobs: # Wait for the deployments to finish rolling out to ensure stability kubectl rollout status deployment/test-gateway-gateway-controller --timeout=300s kubectl rollout status deployment/test-gateway-gateway-router --timeout=300s - # Policy engine might also be updated if it had empty annotations kubectl rollout status deployment/test-gateway-gateway-policy-engine --timeout=300s || true - echo "Helm upgrade and rollout verified." + echo "Waiting for Gateway CR to be Programmed..." + kubectl wait --for=condition=Programmed gateway/test-gateway --timeout=180s + + echo "Gateway rollout complete. Verifying Controller health..." + # Give it a moment to stabilize + sleep 20 + + # Port forward the new controller to check health + kubectl port-forward svc/test-gateway-gateway-controller 9091:9090 & + PF_PID=$! + sleep 5 + + HEALTH_STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:9091/health) + echo "Controller Health Status: $HEALTH_STATUS" + + kill $PF_PID || true + + if [ "$HEALTH_STATUS" != "200" ]; then + echo "Gateway Controller is not healthy after upgrade!" + exit 1 + fi + + echo "Helm upgrade, rollout, and health check verified." - name: Multi-namespace API test run: | diff --git a/kubernetes/gateway-operator/internal/controller/restapi_controller.go b/kubernetes/gateway-operator/internal/controller/restapi_controller.go index 3ab9f2a3f..cdc298de8 100644 --- a/kubernetes/gateway-operator/internal/controller/restapi_controller.go +++ b/kubernetes/gateway-operator/internal/controller/restapi_controller.go @@ -296,6 +296,17 @@ func (r *RestApiReconciler) processDeployment( retryCount := 0 if hasExisting && existingEntry.Generation == generation { retryCount = existingEntry.RetryCount + + // Respect backoff if set + if !existingEntry.NextRetryTime.IsZero() { + wait := time.Until(existingEntry.NextRetryTime) + if wait > 0 { + r.Logger.Info("Waiting for backoff", + zap.String("api", apiConfig.Name), + zap.Duration("wait", wait)) + return ctrl.Result{RequeueAfter: wait}, nil + } + } } // Update tracker to Processing