Skip to content

ServiceExport with ExportedPorts now respects TargetGroupPolicy protocol settings #854

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

ServiceExport with ExportedPorts now respects TargetGroupPolicy protocol settings #854

wants to merge 2 commits into from
+542 −3

Conversation

@rlymbur
Copy link
Contributor

@rlymbur rlymbur commented Dec 1, 2025

What type of PR is this?

Bug

Which issue does this PR fix:

#853

What does this PR do / Why do we need it:

This PR fixes a bug where ServiceExport resources with the exportedPorts field were ignoring protocol and protocolVersion settings from TargetGroupPolicy. The target groups were always created using the default protocol inferred from the routeType field, preventing users from configuring HTTPS or other non-default protocols.

Changes made:

  1. Modified buildTargetGroupForExportedPort method to parse and apply protocol/protocolVersion from TargetGroupPolicy

Why we need this:

  • Enables HTTPS communication between VPC Lattice and backend pods for ServiceExport

If an issue # is not available please add repro steps and logs from aws-gateway-controller showing the issue:

N/A

Testing done on this change:

Yes, additional unit and integration tests added.

Automation added to e2e:

Yes - Added comprehensive integration test suite in test/suites/integration/targetgrouppolicy_serviceexport_test.go:

  • TargetGroupPolicy ServiceExport with ExportedPorts Integration Tests
  • Multiple test cases covering protocol override scenarios
  • Tests verify actual VPC Lattice target group configuration

Will this PR introduce any new dependencies?:

No. This PR only modifies existing code logic without adding new dependencies, APIs, or external calls.

Will this break upgrades or downgrades. Has updating a running cluster been tested?:

No breaking changes. This fix maintains full backward compatibility.

Does this PR introduce any user-facing change?:

Yes - Users can now configure protocol overrides for ServiceExport with exportedPorts using TargetGroupPolicy.

Fix: ServiceExport with exportedPorts now correctly respects TargetGroupPolicy protocol and protocolVersion settings. Previously, protocol settings were ignored and target groups were always created with the default protocol from routeType. This fix enables HTTPS and other protocol configurations for ServiceExport resources.

Do all end-to-end tests successfully pass when running make e2e-test?:

Yes, all tests pass including the new integration tests for this fix.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@rlymbur rlymbur self-assigned this Dec 1, 2025
@rlymbur rlymbur added the bug Something isn't working label Dec 1, 2025
@rlymbur rlymbur enabled auto-merge December 1, 2025 22:14
@rlymbur rlymbur requested a review from SinghVikram97 December 1, 2025 22:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SinghVikram97 SinghVikram97 Awaiting requested review from SinghVikram97

At least 1 approving review is required to merge this pull request.

Assignees

@rlymbur rlymbur

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rlymbur