Use port from json body and go.mod replace

Signed-off-by: Daneyon Hansen <daneyon.hansen@solo.io>

Author: danehans

conformance/resources/base.yaml

@@ -77,7 +77,7 @@ spec:
     spec:
       containers:
       - name: echoserver
-        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20240412-v1.0.0-394-g40c666fd
+        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20251106-v1.3.0-263-g47c3435c
         ports:
         - containerPort: 3000
         readinessProbe:
@@ -121,7 +121,7 @@ spec:
     spec:
       containers:
       - name: echoserver
-        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20240412-v1.0.0-394-g40c666fd
+        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20251106-v1.3.0-263-g47c3435c
         ports:
         - containerPort: 3000
         readinessProbe:
@@ -360,7 +360,7 @@ spec:
     spec:
       containers:
       - name: echoserver-3000
-        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20240412-v1.0.0-394-g40c666fd
+        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20251106-v1.3.0-263-g47c3435c
         ports:
         - containerPort: 3000
         readinessProbe:
@@ -390,7 +390,7 @@ spec:
             fieldRef:
               fieldPath: status.podIP
       - name: echoserver-3002
-        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20240412-v1.0.0-394-g40c666fd
+        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20251106-v1.3.0-263-g47c3435c
         ports:
         - containerPort: 3002
         readinessProbe:
@@ -420,7 +420,7 @@ spec:
             fieldRef:
               fieldPath: status.podIP
       - name: echoserver-3004
-        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20240412-v1.0.0-394-g40c666fd
+        image: gcr.io/k8s-staging-gateway-api/echo-basic:v20251106-v1.3.0-263-g47c3435c
         ports:
         - containerPort: 3004
         readinessProbe:

conformance/tests/gateway_following_epp_routing_dp.go

@@ -208,38 +208,37 @@ func assertTrafficOnlyReachesToExpectedPodsDP(
 			if err := gwhttp.CompareRoundTrip(t, &r, cReq, cRes, expected); err != nil {
 				return fmt.Errorf("expectation failed: %w", err)
 			}
-			// Enforce no leakage to non-selected pods (ports/ranks are internal).
+			// Enforce no leakage to non-selected pods.
 			if !slices.Contains(expectedPodNames, cReq.Pod) {
 				return fmt.Errorf("unexpected pod %q (expected one of %v)", cReq.Pod, expectedPodNames)
 			}
 
-			// Validate X-Echo-HTTP-Port vs EPP intent for the pod's IP.
-			portHdr := getHeaderValue(cRes.Headers, "X-Echo-HTTP-Port") // Header set by backend echo server
-			if portHdr == "" {
-				return errors.New("missing X-Echo-HTTP-Port response header")
+			// Validate httpPort from JSON response body vs EPP intent.
+			if cReq.HTTPPort == "" {
+				return errors.New("missing httpPort in echo JSON body response")
 			}
 			ip := podNameToIP[cReq.Pod]
 			allowed, ok := ipToAllowedPorts[ip]
 			if !ok {
 				return fmt.Errorf("pod %q (IP %s) not present in EPP selection", cReq.Pod, ip)
 			}
 			if len(allowed) > 0 {
-				if _, ok := allowed[portHdr]; !ok {
-					return fmt.Errorf("unexpected X-Echo-HTTP-Port %q for IP %s (allowed: %v)", portHdr, ip, keys(allowed))
+				if _, ok := allowed[cReq.HTTPPort]; !ok {
+					return fmt.Errorf("unexpected httpPort %q for IP %s (allowed: %v)", cReq.HTTPPort, ip, keys(allowed))
 				}
 			} else {
-				if _, ok := dpPorts[portHdr]; !ok {
-					return fmt.Errorf("unexpected X-Echo-HTTP-Port %q for IP %s (expected one of DP ports %v)", portHdr, ip, keys(dpPorts))
+				if _, ok := dpPorts[cReq.HTTPPort]; !ok {
+					return fmt.Errorf("unexpected httpPort %q for IP %s (expected one of ports %v)", cReq.HTTPPort, ip, keys(dpPorts))
 				}
 			}
 
 			return nil
 		})
 	}
 	if err := g.Wait(); err != nil {
-		t.Fatalf("Requests were not confined to expected pods (DP) or failed port-header checks: %v", err)
+		t.Fatalf("Requests were not confined to expected pods or failed port checks: %v", err)
 	}
-	t.Logf("DP traffic restricted to %v and port header validated against EPP selection", expectedPodNames)
+	t.Logf("Traffic restricted to %v and httpPort validated against EPP selection", expectedPodNames)
 }
 
 type portSet map[string]struct{}
@@ -258,19 +257,8 @@ func keys(m portSet) []string {
 	return out
 }
 
-// getHeaderValue is a case-insensitive header lookup on headers using the key.
-func getHeaderValue(headers map[string][]string, key string) string {
-	for k, v := range headers {
-		if strings.EqualFold(k, key) && len(v) > 0 {
-			return v[0]
-		}
-	}
-	return ""
-}
-
-// buildEPPHeader builds the test EPP header (HeaderTestEppEndPointSelectionKey) from ip->ports.
-// Empty portSet => emit just "IP". Non-empty => emit "IP:port" for each port.
-// Sorted for determinism.
+// buildEPPHeader builds the test EPP header from ip->ports. AN empty portSet => emit just "IP".
+// A non-empty => emit "IP:port" for each port. Sorted for determinism.
 func buildEPPHeader(ipToPorts map[string]portSet) string {
 	ips := make([]string, 0, len(ipToPorts))
 	for ip := range ipToPorts {

go.mod

@@ -36,11 +36,13 @@ require (
 	sigs.k8s.io/controller-runtime v0.22.4
 	// Update the CONTROLLER_TOOLS_VERSION in Makefile when bumping controller-tools.
 	sigs.k8s.io/controller-tools v0.19.0
-	sigs.k8s.io/gateway-api v1.4.0
+	sigs.k8s.io/gateway-api v1.3.1-0.20251106052652-079e4774d76b
 	sigs.k8s.io/structured-merge-diff/v6 v6.3.0
 	sigs.k8s.io/yaml v1.6.0
 )
 
+require github.com/go-logr/zapr v1.3.0
+
 require (
 	cel.dev/expr v0.24.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
@@ -61,7 +63,6 @@ require (
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.9.0 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.2 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.1 // indirect
@@ -108,14 +109,14 @@ require (
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	golang.org/x/crypto v0.43.0 // indirect
 	golang.org/x/exp v0.0.0-20250808145144-a408d31f581a // indirect
-	golang.org/x/mod v0.28.0 // indirect
+	golang.org/x/mod v0.29.0 // indirect
 	golang.org/x/net v0.46.0 // indirect
 	golang.org/x/oauth2 v0.32.0 // indirect
 	golang.org/x/sys v0.37.0 // indirect
 	golang.org/x/term v0.36.0 // indirect
 	golang.org/x/text v0.30.0 // indirect
 	golang.org/x/time v0.13.0 // indirect
-	golang.org/x/tools v0.37.0 // indirect
+	golang.org/x/tools v0.38.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20250929231259-57b25ae835d4 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250922171735-9219d122eba9 // indirect

go.sum

@@ -311,8 +311,8 @@ golang.org/x/exp v0.0.0-20250808145144-a408d31f581a h1:Y+7uR/b1Mw2iSXZ3G//1haIiS
 golang.org/x/exp v0.0.0-20250808145144-a408d31f581a/go.mod h1:rT6SFzZ7oxADUDx58pcaKFTcZ+inxAa9fTrYx/uVYwg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
-golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
+golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
+golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -343,8 +343,8 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE=
-golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w=
+golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
+golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
 golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnpsEAGHaNy0n/rJM=
 golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY=
 golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM=
@@ -409,8 +409,8 @@ sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327U
 sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8=
 sigs.k8s.io/controller-tools v0.19.0 h1:OU7jrPPiZusryu6YK0jYSjPqg8Vhf8cAzluP9XGI5uk=
 sigs.k8s.io/controller-tools v0.19.0/go.mod h1:y5HY/iNDFkmFla2CfQoVb2AQXMsBk4ad84iR1PLANB0=
-sigs.k8s.io/gateway-api v1.4.0 h1:ZwlNM6zOHq0h3WUX2gfByPs2yAEsy/EenYJB78jpQfQ=
-sigs.k8s.io/gateway-api v1.4.0/go.mod h1:AR5RSqciWP98OPckEjOjh2XJhAe2Na4LHyXD2FUY7Qk=
+sigs.k8s.io/gateway-api v1.3.1-0.20251106052652-079e4774d76b h1:CoVExRHGK0xoewqKEtip+CXa/PPIxiEKeNJaKdEz5o0=
+sigs.k8s.io/gateway-api v1.3.1-0.20251106052652-079e4774d76b/go.mod h1:eEYVpDGr0WPqR/35ZTBIWWpwKL7uUzOqlT92mmv3fus=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=