add external traffic policy for gw2 gw params

[kevin-shelaga]

Description

When using the Kubernetes Gateway API, the provisioned proxy service external traffic policy is now configurable via the GatewayParameters fields spec.kube.service.externalTrafficPolicy

This values can also be set on the default GatewayParameters during install/upgrade using the Helm value kubeGateway.gatewayParameters.glooGateway.service.externalTrafficPolicy

API changes

Added fields to GatewayParameters:

spec.kube.service.externalTrafficPolicy

Code changes

Update gw params to expose external traffic policy
Add test

Context

Fixes kgateway-dev#9879

Users need to be able to change the external traffic policy so that source client IPs are preserved for features like WAF and ext auth.

Testing steps

helm unit tests
deployer unit tests
deployer e2e test

Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
  BOT NOTES:
  resolves Ability to set "externalTrafficPolicy" in "GatewayParameters" kgateway-dev/kgateway#9879

[solo-changelog-bot]

Issues linked to changelog:
kgateway-dev#9879

[github-actions]

Visit the preview URL for this PR (updated for commit d946524):

https://gloo-edge--pr10420-gw2-externaltrafficp-9joq07l1.web.app

_{(expires Sat, 04 Jan 2025 12:20:15 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: 77c2b86e287749579b7ff9cadb81e099042ef677}

[danehans]

The Kubernetes Tests / End-to-End (cluster-two) job is failing due to:

=== RUN   TestK8sGateway/RouteOptions/TestConfigureInvalidRouteOptionsWithTargetRef
httproute.gateway.networking.k8s.io/httproute1 created
routeoption.gateway.solo.io/bad-rto-targetref created
=== NAME  TestK8sGateway
    status.go:73: 
        Timed out after 20.000s.
        The function passed to Eventually failed at /home/runner/work/gloo/gloo/test/kubernetes/testutils/assertions/status.go:72 with:
        have matcher for namespace k8s-gw-test which is not found

Rerunning job.

[kevin-shelaga]

Those 2 failures look like a flake @jenshu @danehans

[danehans]

The following e2e is related to this PR is failing:

=== RUN   TestK8sGatewayAws/Deployer/TestConfigureProxiesFromGatewayParameters
namespace/nginx created
service/nginx created
configmap/nginx-conf created
pod/nginx created
gatewayparameters.gateway.gloo.solo.io/gw-params-custom created
gateway.gateway.networking.k8s.io/gw created
httproute.gateway.networking.k8s.io/example-route created
gatewayparameters.gateway.gloo.solo.io/gw-params created
=== NAME  TestK8sGatewayAws
    suite.go:145: 
        Expected
            <v1.ServiceExternalTrafficPolicy>: Cluster
        to equal
            <v1.ServiceExternalTrafficPolicy>: Local
namespace "nginx" deleted
service "nginx" deleted
configmap "nginx-conf" deleted
pod "nginx" deleted

[danehans]

@kevin-shelaga PTAL at my review feedback and e2e failure.

[danehans]

In general we want default values to be explicitly represented in our APIs (xref).

[danehans]

Since ExternalTrafficPolicy accepts opaque strings, it's important to include a test case for an unintended value. If this test case is not included, please create a tracker issue and xref it.

[kevin-shelaga]

check for/test invalid values: #10540