Skip to content

Commit

Permalink
fix: get all gateways events for tlspolicy
Browse files Browse the repository at this point in the history
  • Loading branch information
KevFan committed Jun 28, 2024
1 parent b352f6c commit 21e0a1c
Show file tree
Hide file tree
Showing 14 changed files with 56 additions and 18 deletions.
4 changes: 4 additions & 0 deletions api/v1alpha1/dnspolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,10 @@ func (p *DNSPolicy) List(ctx context.Context, c client.Client, namespace string)
return policies
}

func (p *DNSPolicy) TargetProgrammedGatewaysOnly() bool {
return true
}

func (p *DNSPolicy) PolicyClass() kuadrantgatewayapi.PolicyClass {
return kuadrantgatewayapi.DirectPolicy
}
Expand Down
4 changes: 4 additions & 0 deletions api/v1alpha1/tlspolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,10 @@ func (p *TLSPolicy) List(ctx context.Context, c client.Client, namespace string)
return policies
}

func (p *TLSPolicy) TargetProgrammedGatewaysOnly() bool {
return false
}

func (p *TLSPolicy) PolicyClass() kuadrantgatewayapi.PolicyClass {
return kuadrantgatewayapi.DirectPolicy
}
Expand Down
4 changes: 4 additions & 0 deletions api/v1beta2/authpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,10 @@ func (ap *AuthPolicy) List(ctx context.Context, c client.Client, namespace strin
return policies
}

func (ap *AuthPolicy) TargetProgrammedGatewaysOnly() bool {
return true
}

func (ap *AuthPolicy) PolicyClass() kuadrantgatewayapi.PolicyClass {
return kuadrantgatewayapi.InheritedPolicy
}
Expand Down
4 changes: 4 additions & 0 deletions api/v1beta2/ratelimitpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -288,6 +288,10 @@ func (r *RateLimitPolicy) List(ctx context.Context, c client.Client, namespace s
return policies
}

func (r *RateLimitPolicy) TargetProgrammedGatewaysOnly() bool {
return true
}

func (r *RateLimitPolicy) PolicyClass() kuadrantgatewayapi.PolicyClass {
return kuadrantgatewayapi.InheritedPolicy
}
Expand Down
4 changes: 2 additions & 2 deletions controllers/authpolicy_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func (r *AuthPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl.Requ
markedForDeletion := ap.GetDeletionTimestamp() != nil

// fetch the target network object
targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), ap.GetTargetRef(), ap.Namespace, true)
targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), ap.GetTargetRef(), ap.Namespace, ap.TargetProgrammedGatewaysOnly())
if err != nil {
if !markedForDeletion {
if apierrors.IsNotFound(err) {
Expand Down Expand Up @@ -186,7 +186,7 @@ func (r *AuthPolicyReconciler) reconcileResources(ctx context.Context, ap *api.A
return err
}

refNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), ref.GetTargetRef(), ref.Namespace, true)
refNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), ref.GetTargetRef(), ref.Namespace, ap.TargetProgrammedGatewaysOnly())
if err != nil {
return err
}
Expand Down
2 changes: 1 addition & 1 deletion controllers/dnspolicy_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func (r *DNSPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (

markedForDeletion := dnsPolicy.GetDeletionTimestamp() != nil

targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), dnsPolicy.GetTargetRef(), dnsPolicy.Namespace, true)
targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), dnsPolicy.GetTargetRef(), dnsPolicy.Namespace, dnsPolicy.TargetProgrammedGatewaysOnly())
if err != nil {
if !markedForDeletion {
if apierrors.IsNotFound(err) {
Expand Down
2 changes: 1 addition & 1 deletion controllers/ratelimitpolicy_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ func (r *RateLimitPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl
markedForDeletion := rlp.GetDeletionTimestamp() != nil

// fetch the target network object
targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), rlp.GetTargetRef(), rlp.Namespace, true)
targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), rlp.GetTargetRef(), rlp.Namespace, rlp.TargetProgrammedGatewaysOnly())
if err != nil {
if !markedForDeletion {
if apierrors.IsNotFound(err) {
Expand Down
2 changes: 1 addition & 1 deletion controllers/tlspolicy_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func (r *TLSPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (

markedForDeletion := tlsPolicy.GetDeletionTimestamp() != nil

targetReferenceObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), tlsPolicy.GetTargetRef(), tlsPolicy.Namespace, false)
targetReferenceObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), tlsPolicy.GetTargetRef(), tlsPolicy.Namespace, tlsPolicy.TargetProgrammedGatewaysOnly())
log.V(3).Info("TLSPolicyReconciler targetReferenceObject", "targetReferenceObject", targetReferenceObject)
if err != nil {
if !markedForDeletion {
Expand Down
33 changes: 22 additions & 11 deletions pkg/library/gatewayapi/topology.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,10 +84,11 @@ func (h httpRouteDAGNode) ID() string {
}

type topologyOptions struct {
gateways []*gatewayapiv1.Gateway
routes []*gatewayapiv1.HTTPRoute
policies []Policy
logger logr.Logger
gateways []*gatewayapiv1.Gateway
routes []*gatewayapiv1.HTTPRoute
policies []Policy
logger logr.Logger
programmedGatewaysOnly bool
}

// TopologyOpts allows to manipulate topologyOptions.
Expand Down Expand Up @@ -117,10 +118,17 @@ func WithPolicies(policies []Policy) TopologyOpts {
}
}

func WithProgrammedGatewaysOnly(programmedGatewaysOnly bool) TopologyOpts {
return func(o *topologyOptions) {
o.programmedGatewaysOnly = programmedGatewaysOnly
}
}

func NewTopology(opts ...TopologyOpts) (*Topology, error) {
// defaults
o := &topologyOptions{
logger: logr.Discard(),
logger: logr.Discard(),
programmedGatewaysOnly: true,
}

for _, opt := range opts {
Expand All @@ -140,7 +148,7 @@ func NewTopology(opts ...TopologyOpts) (*Topology, error) {

graph := dag.NewDAG(typeIndexer)

gatewayDAGNodes := buildGatewayDAGNodes(o.gateways, o.policies)
gatewayDAGNodes := buildGatewayDAGNodes(o.gateways, o.policies, o.programmedGatewaysOnly)

routeDAGNodes := buildHTTPRouteDAGNodes(o.routes, o.policies)

Expand Down Expand Up @@ -199,12 +207,15 @@ func buildDAGEdges(gateways []gatewayDAGNode, routes []httpRouteDAGNode) []edge
return edges
}

func buildGatewayDAGNodes(gateways []*gatewayapiv1.Gateway, policies []Policy) []gatewayDAGNode {
programmedGateways := utils.Filter(gateways, func(g *gatewayapiv1.Gateway) bool {
return meta.IsStatusConditionTrue(g.Status.Conditions, string(gatewayapiv1.GatewayConditionProgrammed))
})
func buildGatewayDAGNodes(gateways []*gatewayapiv1.Gateway, policies []Policy, programmedGatewaysOnly bool) []gatewayDAGNode {
targetedGateways := gateways
if programmedGatewaysOnly {
targetedGateways = utils.Filter(gateways, func(g *gatewayapiv1.Gateway) bool {
return meta.IsStatusConditionTrue(g.Status.Conditions, string(gatewayapiv1.GatewayConditionProgrammed))
})
}

return utils.Map(programmedGateways, func(g *gatewayapiv1.Gateway) gatewayDAGNode {
return utils.Map(targetedGateways, func(g *gatewayapiv1.Gateway) gatewayDAGNode {
// Compute attached policies
attachedPolicies := utils.Filter(policies, func(p Policy) bool {
group := p.GetTargetRef().Group
Expand Down
1 change: 1 addition & 0 deletions pkg/library/gatewayapi/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ type Policy interface {
Kind() string
BackReferenceAnnotationName() string
DirectReferenceAnnotationName() string
TargetProgrammedGatewaysOnly() bool
}

type PolicyStatus interface {
Expand Down
3 changes: 3 additions & 0 deletions pkg/library/gatewayapi/types_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,9 @@ func (p *TestPolicy) GetStatus() PolicyStatus {
return &p.Status
}

func (p *TestPolicy) TargetProgrammedGatewaysOnly() bool {
return true
}
func (p *TestPolicy) DeepCopyObject() runtime.Object {
if c := p.DeepCopy(); c != nil {
return c
Expand Down
4 changes: 4 additions & 0 deletions pkg/library/kuadrant/test_utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@ func (_ *FakePolicy) PolicyClass() kuadrantgatewayapi.PolicyClass {
return kuadrantgatewayapi.DirectPolicy
}

func (p *FakePolicy) TargetProgrammedGatewaysOnly() bool {
return true
}

type FakePolicyStatus struct{}

func (s *FakePolicyStatus) GetConditions() []metav1.Condition {
Expand Down
1 change: 1 addition & 0 deletions pkg/library/mappers/gateway.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ func (m *gatewayEventMapper) MapToPolicy(ctx context.Context, obj client.Object,
kuadrantgatewayapi.WithRoutes(utils.Map(routeList.Items, ptr.To[gatewayapiv1.HTTPRoute])),
kuadrantgatewayapi.WithPolicies(policies),
kuadrantgatewayapi.WithLogger(logger),
kuadrantgatewayapi.WithProgrammedGatewaysOnly(policyKind.TargetProgrammedGatewaysOnly()),
)
if err != nil {
logger.V(1).Error(err, "unable to build topology for gateway")
Expand Down
6 changes: 4 additions & 2 deletions tests/common/tlspolicy/tlspolicy_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -421,12 +421,14 @@ var _ = Describe("TLSPolicy controller", func() {
//confirm a certificate has been deleted
Eventually(func() error {
certificateList := &certmanv1.CertificateList{}
Expect(k8sClient.List(ctx, certificateList, &client.ListOptions{Namespace: testNamespace})).To(BeNil())
if err := k8sClient.List(ctx, certificateList, &client.ListOptions{Namespace: testNamespace}); err != nil {
return err
}
if len(certificateList.Items) != 2 {
return fmt.Errorf("expected 2 certificates, found: %v", len(certificateList.Items))
}
return nil
}, time.Second*120, time.Second).Should(BeNil())
}, tests.TimeoutMedium, time.Second).Should(BeNil())
})

It("should delete all tls certificates when tls policy is removed even if gateway is already removed", func() {
Expand Down

0 comments on commit 21e0a1c

Please sign in to comment.