Merge branch v2.11 into v3.6

2026-06-18 19:38:23 +03:00 · 2026-05-07 16:59:08 +02:00
parent 8c7634bcde 36a565a599
commit fc482fda97
7 changed files with 68 additions and 35 deletions
@@ -639,14 +639,16 @@ func (c configBuilder) loadServers(svc traefikv1alpha1.LoadBalancerSpec) ([]dyna
 func (c configBuilder) nameAndService(ctx context.Context, parentNamespace string, service traefikv1alpha1.LoadBalancerSpec) (string, *dynamic.Service, error) {
 	svcCtx := log.Ctx(ctx).With().Str(logs.ServiceName, service.Name).Logger().WithContext(ctx)

-	service = *service.DeepCopy()
-	service.Namespace = namespaceOrParentNamespace(service.Namespace, parentNamespace)
+	if !strings.Contains(service.Name, providerNamespaceSeparator) {
+		service = *service.DeepCopy()
+		service.Namespace = namespaceOrParentNamespace(service.Namespace, parentNamespace)

-	if !isNamespaceAllowed(c.allowCrossNamespace, parentNamespace, service.Namespace) {
-		return "", nil, fmt.Errorf("service %s/%s not in the parent resource namespace %s", service.Namespace, service.Name, parentNamespace)
+		if !isNamespaceAllowed(c.allowCrossNamespace, parentNamespace, service.Namespace) {
+			return "", nil, fmt.Errorf("service %s/%s not in the parent resource namespace %s", service.Namespace, service.Name, parentNamespace)
+		}
 	}

-	if !isCrossProviderNamespaceAllowed(c.crossProviderNamespaces, service.Namespace) {
+	if !isCrossProviderNamespaceAllowed(c.crossProviderNamespaces, parentNamespace) && strings.Contains(service.Name, providerNamespaceSeparator) {
 		return "", nil, fmt.Errorf("service %q reference is not allowed: namespace %q is not in crossProviderNamespaces", service.Name, parentNamespace)
 	}

@@ -1684,12 +1684,13 @@ func TestLoadIngressRouteTCPs(t *testing.T) {

 func TestLoadIngressRoutes(t *testing.T) {
 	testCases := []struct {
-		desc                string
-		ingressClass        string
-		paths               []string
-		expected            *dynamic.Configuration
-		allowCrossNamespace bool
-		allowEmptyServices  bool
+		desc                    string
+		ingressClass            string
+		paths                   []string
+		expected                *dynamic.Configuration
+		allowCrossNamespace     bool
+		allowEmptyServices      bool
+		crossProviderNamespaces []string
 	}{
 		{
 			desc: "Empty",
@@ -1975,9 +1976,10 @@ func TestLoadIngressRoutes(t *testing.T) {
 			},
 		},
 		{
-			desc:                "Simple Ingress Route with middleware crossprovider",
-			allowCrossNamespace: true,
-			paths:               []string{"services.yml", "with_middleware_cross_provider.yml"},
+			desc:                    "Simple Ingress Route with middleware crossprovider",
+			crossProviderNamespaces: []string{"default"},
+			allowCrossNamespace:     true,
+			paths:                   []string{"services.yml", "with_middleware_cross_provider.yml"},
 			expected: &dynamic.Configuration{
 				UDP: &dynamic.UDPConfiguration{
 					Routers:  map[string]*dynamic.UDPRouter{},
@@ -5806,6 +5808,7 @@ func TestLoadIngressRoutes(t *testing.T) {
 				AllowCrossNamespace:       test.allowCrossNamespace,
 				AllowExternalNameServices: true,
 				AllowEmptyServices:        test.allowEmptyServices,
+				CrossProviderNamespaces:   test.crossProviderNamespaces,
 			}

 			conf := p.loadConfigurationFromCRD(t.Context(), client)
@@ -5104,9 +5104,9 @@ func TestLoadTLSRoutes(t *testing.T) {
 				},
 				TCP: &dynamic.TCPConfiguration{
 					Routers: map[string]*dynamic.TCPRouter{
-						"tcproute-default-tcp-app-1-gw-default-my-gateway-ep-tls-0-e3b0c44298fc1c149afb": {
+						"tlsroute-default-tls-app-1-gw-default-my-gateway-ep-tls-0-e3b0c44298fc1c149afb": {
 							EntryPoints: []string{"tls"},
-							Service:     "tcproute-default-tcp-app-1-gw-default-my-gateway-ep-tls-0-e3b0c44298fc1c149afb-wrr",
+							Service:     "tlsroute-default-tls-app-1-gw-default-my-gateway-ep-tls-0-e3b0c44298fc1c149afb-wrr",
 							Rule:        `HostSNI("*")`,
 							RuleSyntax:  "default",
 							TLS:         &dynamic.RouterTCPTLSConfig{},
@@ -5114,7 +5114,7 @@ func TestLoadTLSRoutes(t *testing.T) {
 					},
 					Middlewares: map[string]*dynamic.TCPMiddleware{},
 					Services: map[string]*dynamic.TCPService{
-						"tcproute-default-tcp-app-1-gw-default-my-gateway-ep-tls-0-e3b0c44298fc1c149afb-wrr": {
+						"tlsroute-default-tls-app-1-gw-default-my-gateway-ep-tls-0-e3b0c44298fc1c149afb-wrr": {
 							Weighted: &dynamic.TCPWeightedRoundRobin{
 								Services: []dynamic.TCPWRRService{
 									{