make gen

Signed-off-by: Karol Szwaj <[email protected]>

Author: cnvergence

internal/infrastructure/kubernetes/proxy/resource.go

@@ -308,7 +308,7 @@ func expectedContainerVolumeMounts(containerSpec *egv1a1.KubernetesContainerSpec
 }
 
 // expectedVolumes returns expected proxy deployment volumes.
-func expectedVolumes(name string, gatewayNamespacedMode bool, pod *egv1a1.KubernetesPodSpec, controllerNamespace string, dnsDomain string) []corev1.Volume {
+func expectedVolumes(name string, gatewayNamespacedMode bool, pod *egv1a1.KubernetesPodSpec, controllerNamespace, dnsDomain string) []corev1.Volume {
 	var volumes []corev1.Volume
 	certsVolume := corev1.Volume{
 		Name: "certs",

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/component-level.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/custom.yaml

@@ -33,7 +33,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default-env.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/disable-prometheus.yaml

@@ -28,7 +28,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/extension-env.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/override-labels-and-annotations.yaml

@@ -41,7 +41,6 @@ spec:
         label1: value1-override
         label2: value2
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/patch-daemonset.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/shutdown-manager.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/volumes.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-annotations.yaml

@@ -37,7 +37,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-concurrency.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-extra-args.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-image-pull-secrets.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-name.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-node-selector.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/daemonsets/with-topology-spread-constraints.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/bootstrap.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/component-level.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/custom.yaml

@@ -38,7 +38,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/custom_with_initcontainers.yaml

@@ -38,7 +38,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/default-env.yaml

@@ -37,7 +37,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/default.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/disable-prometheus.yaml

@@ -32,7 +32,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/dual-stack.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/extension-env.yaml

@@ -37,7 +37,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/gateway-namespace-mode.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: true
       containers:
       - args:
         - --service-cluster default
@@ -248,7 +247,7 @@ spec:
             - name: jwt-sa-bearer
               generic_secret:
                 secret:
-                  filename: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+                  filename: "/var/run/secrets/token/sa-token"
           overload_manager:
             refresh_interval: 0.25s
             resource_monitors:
@@ -341,6 +340,9 @@ spec:
           readOnly: true
         - mountPath: /sds
           name: sds
+        - mountPath: /var/run/secrets/token
+          name: sa-token
+          readOnly: true
       - args:
         - envoy
         - shutdown-manager
@@ -419,6 +421,14 @@ spec:
       serviceAccountName: envoy-default-37a8eec1
       terminationGracePeriodSeconds: 360
       volumes:
+      - name: sa-token
+        projected:
+          defaultMode: 420
+          sources:
+          - serviceAccountToken:
+              audience: envoy-gateway.envoy-gateway-system.svc.cluster.local
+              expirationSeconds: 3600
+              path: sa-token
       - configMap:
           defaultMode: 420
           items:

internal/infrastructure/kubernetes/proxy/testdata/deployments/ipv6.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/override-labels-and-annotations.yaml

@@ -45,7 +45,6 @@ spec:
         label1: value1-override
         label2: value2
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/patch-deployment.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/shutdown-manager.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/volumes.yaml

@@ -37,7 +37,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-annotations.yaml

@@ -41,7 +41,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-concurrency.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-empty-memory-limits.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-extra-args.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-image-pull-secrets.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-name.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-node-selector.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/infrastructure/kubernetes/proxy/testdata/deployments/with-topology-spread-constraints.yaml

@@ -36,7 +36,6 @@ spec:
         gateway.envoyproxy.io/owning-gateway-name: default
         gateway.envoyproxy.io/owning-gateway-namespace: default
     spec:
-      automountServiceAccountToken: false
       containers:
       - args:
         - --service-cluster default

internal/xds/server/kubejwt/jwtinterceptor.go

@@ -26,7 +26,7 @@ type JWTAuthInterceptor struct {
 }
 
 // NewJWTAuthInterceptor initializes a new JWTAuthInterceptor.
-func NewJWTAuthInterceptor(clientset *kubernetes.Clientset, issuer string, audience string, cache cache.SnapshotCacheWithCallbacks) *JWTAuthInterceptor {
+func NewJWTAuthInterceptor(clientset *kubernetes.Clientset, issuer, audience string, cache cache.SnapshotCacheWithCallbacks) *JWTAuthInterceptor {
 	return &JWTAuthInterceptor{
 		clientset: clientset,
 		issuer:    issuer,