chore: extract reverse proxy from pkg/gateway into pkg/edge (Phase 2)#46
Merged
Conversation
Closes the original Phase 2 from #37. With observability primitives now in pkg/observability (#44), the L7 reverse proxy and its TLS-cert helper can finally leave pkg/gateway without circular imports. Moved verbatim into pkg/edge: - proxy.go: ProxyRoute, ProxyServer, ServicePorts, BuildRoutes, BuildRoutesWithPorts, NewProxyServer{,WithOpts}, StartProxy{,WithOpts}, ProxyOpts, plus all internal handlers (logProxyRequest, proxyToWithOpts, addCORSHeaders, rewriteResponseBody, isWebSocketUpgrade, proxyWebSocket, statusRecorder). - certs.go: CertPair, EnsureCerts, all OS trust helpers, file/PEM I/O. - proxy_test.go and certs_test.go. Internal references to RequestLog / RequestStats / RequestBroadcaster / RequestEntry / GenerateTraceID updated to import from pkg/observability directly (no longer go through gateway aliases). pkg/gateway/proxy.go and pkg/gateway/certs.go shrink to type aliases + forwarder functions so external callers (cmd/gateway/main.go and any historical importers) continue to compile. cmd/gateway/main.go migrated to import pkg/edge directly — edge is the canonical home now. The gateway aliases stay in place for safety. Test sweep green except the same pre-existing pkg/platform/store testcontainers/Docker failure that's been failing on every PR in this branch (Docker not running on this machine; reproduces on origin/main). Closes #45 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Viridian-Inc
added a commit
that referenced
this pull request
May 2, 2026
Last remaining brand-leak in non-test Go: tools/cloudmock-dns owned the helper that reads domain config from a Pulumi YAML, with the field name "Autotend" even when the value defaulted to cloudmock.app. Rename to Primary to match the rest of the codebase post-#36/#38/#42/#46. - domainConfig.Autotend → Primary; all call sites updated. - parsePulumiConfig accepts "primary" as the canonical YAML key, falls back to "autotend" for backwards compat with existing autotend-infra Pulumi configs that still pass that key. - sortedDomains pair key updated from "cloudmock" (which was duplicated for both rows) to "primary" for the primary entry. - Three new test cases: - TestParsePulumiConfig_LegacyAutotendKey — verifies the alias works. - TestParsePulumiConfig_PrimaryWinsOverLegacy — verifies precedence when both are set. - Existing TestParsePulumiConfig updated to use the new "primary" key. The remaining "autotend" mentions in non-test Go (a parser example comment in pkg/iac and the alias-justification comment in pkg/gateway/proxy.go) are accurate descriptive context for historical input shapes / importers — left as-is. Closes #49 Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes the original Phase 2 from #37. With observability primitives now in `pkg/observability` (#44), the L7 reverse proxy and its TLS-cert helper can finally leave `pkg/gateway` without circular imports.
Moved verbatim into `pkg/edge`:
Internal references to `RequestLog`/`RequestStats`/`RequestBroadcaster`/`RequestEntry`/`GenerateTraceID` updated to import from `pkg/observability` directly (no longer go through gateway aliases).
`pkg/gateway/proxy.go` and `pkg/gateway/certs.go` shrink to type aliases + forwarder functions so historical importers continue to compile. `cmd/gateway/main.go` migrated to import `pkg/edge` directly.
Closes #45.
Behavior
Zero behavioral change. Wire format on `/api/proxy/routes` is byte-identical, route matching is identical, TLS cert lifecycle is identical.
Status of the original three-way split
`pkg/gateway` now owns just the AWS API mock handler + IAM middleware + the `LoggingMiddleware` that wraps it. The package name finally describes what it does.
Test plan
Out of scope
🤖 Generated with Claude Code