// reference was not dropped or status changed.
func (p *Process) handlePersistentRelease(reason processStatus) processStatus {
	if p.mode != modeHandle {
		panic("handlePersistentRelease called in invalid mode")
	}

	for {
		refs := p.state.Load()
		status := processStatus(refs & processStatusMask)
		if status != statusOK {

`, t)
	checkPath(server.URL+"/healthz/poststarthook/delegate-post-start-hook", http.StatusOK, `ok`, t)
	checkPath(server.URL+"/healthz/poststarthook/wrapping-post-start-hook", http.StatusOK, `ok`, t)
	checkPath(server.URL+"/foo", http.StatusForbidden, ``, t)
	checkPath(server.URL+"/bar", http.StatusUnauthorized, ``, t)
}

				// This root certificate can validate the server cert presented by the echoboot server instance.
				{
					name:            "simple",
					statusCode:      http.StatusOK,
					credentialToUse: strings.TrimSuffix(credName, "-cacert"),
					useGateway:      true,
				},
				// Use CA certificate stored as k8s secret with different issuing CA as server's CA.

			result = &metav1.Status{
				Status: metav1.StatusSuccess,
				Code:   http.StatusOK,
				Details: &metav1.StatusDetails{
					Kind: scope.Kind.Kind,
				},
			}
		}

		span.AddEvent("About to write a response")
		defer span.AddEvent("Writing http response done")
		transformResponseObject(ctx, scope, req, w, http.StatusOK, outputMediaType, result)
	}

	s.mutex.Lock()
	if err != nil {
		w.WriteHeader(http.StatusServiceUnavailable)

		log.Warnf("Envoy proxy is NOT ready: %s", err.Error())
		s.lastProbeSuccessful = false
	} else {
		w.WriteHeader(http.StatusOK)

		if !s.lastProbeSuccessful {
			log.Info("Envoy proxy is ready")
		}
		s.lastProbeSuccessful = true
	}
	s.mutex.Unlock()
}

func (s *Server) isReady() error {

						lastError = errors.WithMessagef(err, "%s /healthz check failed", comp.name)
						return false, nil
					}

					defer func() {
						_ = resp.Body.Close()
					}()
					if resp.StatusCode != http.StatusOK {
						lastError = errors.Errorf("%s /healthz check failed with status: %d", comp.name, resp.StatusCode)
						return false, nil
					}

					return true, nil
				})
			if err != nil {

	}

	rec := httptest.NewRecorder()
	adminTestBed.router.ServeHTTP(rec, req)

	resp, _ := io.ReadAll(rec.Body)
	if rec.Code != http.StatusOK {
		t.Errorf("Expected to receive %d status code but received %d. Body (%s)",
			http.StatusOK, rec.Code, string(resp))
	}

	result := &serviceResult{}
	if err := json.Unmarshal(resp, result); err != nil {
		t.Error(err)
	}
	_ = result

		epLog.Warn("websocket-echo read failed: " + err.Error())
		return
	}

	body := bytes.Buffer{}
	h.addResponsePayload(r, &body)
	body.Write(message)

	echo.StatusCodeField.Write(&body, strconv.Itoa(http.StatusOK))

	// pong
	err = c.WriteMessage(mt, body.Bytes())
	if err != nil {
		writeError(&body, "websocket-echo write failed: "+err.Error())
		return
	}
}

// nolint: interfacer

			expectedRespStatus: http.StatusOK,
			lifecycleResponse:  []byte(``),
			errorResponse:      APIErrorResponse{},
			shouldPass:         true,
		},
		{
			method:             http.MethodGet,
			accessKey:          creds.AccessKey,

					credentialToUse:  credNameGeneric,
					from:             apps.Ns1.A,
					drSelector:       "a",
					authorizeSidecar: true,
					expectedResponse: ingressutil.ExpectedResponse{
						StatusCode: http.StatusOK,
					},
				},
				// Mutual TLS origination from an unauthorized sidecar to https endpoint
				// This will result in a 503 with the UH flag because the cluster will
				// stay warming until a valid secret is sent.