Adding sdk changes for header appending functionality

[O-sura]

Purpose

Adds the SDK and engine related modifications required for providing the header appending functionality

• Related to: [Task]: Kubernetes Gateway API Conformance for APIP K8s Operator #2103

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• gateway/gateway-runtime/policy-engine/go.sum is excluded by !**/*.sum

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4c80e2a2-e16e-4153-b48d-3a770964c43e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The PR introduces HeadersToAppend map[string][]string to all four policy engine result types (RequestHeaderResult, RequestBodyResult, ResponseHeaderResult, ResponseBodyResult) and updates their mapping functions to copy and accumulate append values from final policy actions. In the translator, a new addAppendHeaderOps helper normalizes header keys to lowercase and records per-value append operations, replacing inline handling at all request and response translation call sites. buildHeaderMutationFromOps is updated to set the deprecated wrapperspb.Bool(true) on append HeaderValueOption entries, as Envoy ext_proc ignores append_action and requires this field. The SDK core dependency is bumped to v0.2.15, and analytics-header-filter and jwt-auth policy versions are incremented in the build manifest.

Suggested Reviewers

• RakhithaRR
• Tharsanan1
• VirajSalaka
• malinthaprasan
• AnuGayan

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description addresses the Purpose section with a clear explanation and issue reference, but lacks most other required template sections (Goals, Approach, User stories, Documentation, Automation tests, Security checks, Samples, Related PRs, Test environment).	Complete the description by adding Goals, Approach, test coverage details, documentation links, security verification checks, and test environment information as specified in the repository template.
Docstring Coverage	⚠️ Warning	Docstring coverage is 70.59% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: adding SDK modifications to support header appending functionality across multiple files.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Validation Results

Dependency name: github.com/wso2/api-platform/sdk/core
Version: v0.2.15 (was v0.2.14)
Approved: ❌ No - Module not found in dependency registry

---

Next Steps

1. Review the validation failures listed above
2. Check if dependencies are in the approved dependency list
3. Options to resolve:
   • Remove the unapproved dependencies from this PR
   • OR submit a PR to add these dependencies to the approved list in engineering-governance
4. Once resolved, push changes to re-run validation

This PR is blocked until all dependencies are approved.

⚠️ Please verify the scope of the dependencies usage is necessary

[github-actions]

Dependency Validation Results

Dependency name: github.com/wso2/api-platform/sdk/core
Version: v0.2.15 (was v0.2.14)
Approved: ❌ No - Module not found in dependency registry

---

Next Steps

1. Review the validation failures listed above
2. Check if dependencies are in the approved dependency list
3. Options to resolve:
   • Remove the unapproved dependencies from this PR
   • OR submit a PR to add these dependencies to the approved list in engineering-governance
4. Once resolved, push changes to re-run validation

This PR is blocked until all dependencies are approved.

⚠️ Please verify the scope of the dependencies usage is necessary

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@gateway/build-manifest.yaml`:
- Line 10: The manifest version update at Line 10 for api-key-auth to v1.0.4
appears inconsistent with the release objective. Review the intended scope of
this release to determine which components should be bumped, then ensure all
affected component versions in the manifest are updated consistently. If the
objective is to bump analytics-header-filter and jwt-auth, verify that these
components have their versions updated and that api-key-auth remains at its
current version, or if api-key-auth should indeed be bumped, confirm that
analytics-header-filter and jwt-auth are also updated to maintain the
name|version alignment contract required by the policy loader.

In `@gateway/gateway-runtime/policy-engine/go.mod`:
- Line 19: The go.sum file is out of sync with the go.mod file after bumping
github.com/wso2/api-platform/sdk/core from v0.2.14 to v0.2.15. The go.sum file
still contains only the v0.2.14 hashes but is missing entries for v0.2.15, which
is required since multiple files in the policy-engine depend on types from the
sdk/core package. Run `go mod tidy` in the gateway/gateway-runtime/policy-engine
directory to synchronize go.mod and go.sum, which will update the checksums to
match the v0.2.15 version requirement.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 5c2c9db3-a918-4eab-8ba7-7eaf6dd2d76d

📥 Commits

Reviewing files that changed from the base of the PR and between ccf8c24 and f3466f4.

📒 Files selected for processing (5)

• gateway/build-manifest.yaml
• gateway/gateway-runtime/policy-engine/go.mod
• gateway/gateway-runtime/policy-engine/internal/kernel/translator.go
• gateway/gateway-runtime/policy-engine/internal/kernel/translator_test.go
• gateway/gateway-runtime/policy-engine/pkg/engine/types.go

[github-actions]

Dependency Validation Results

Dependency name: github.com/wso2/api-platform/sdk/core
Version: v0.2.15 (was v0.2.14)
Approved: ❌ No - Module not found in dependency registry

---

Next Steps

1. Review the validation failures listed above
2. Check if dependencies are in the approved dependency list
3. Options to resolve:
   • Remove the unapproved dependencies from this PR
   • OR submit a PR to add these dependencies to the approved list in engineering-governance
4. Once resolved, push changes to re-run validation

This PR is blocked until all dependencies are approved.

⚠️ Please verify the scope of the dependencies usage is necessary