fix: missing updating status of GatewayAPI resources (#305)

Signed-off-by: Lin Yang <[email protected]>
flomesh-io · Jul 15, 2024 · 6ab02d9 · 6ab02d9
1 parent dfb5347
commit 6ab02d9
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 114 deletions.
diff --git a/pkg/controllers/gateway/v1/gateway_controller.go b/pkg/controllers/gateway/v1/gateway_controller.go
@@ -31,6 +31,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/flomesh-io/fsm/pkg/gateway/status"
+
 	"github.com/flomesh-io/fsm/pkg/gateway/status/gw"
 
 	gwtypes "github.com/flomesh-io/fsm/pkg/gateway/types"
@@ -51,8 +53,6 @@ import (
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/utils/ptr"
 
-	"github.com/flomesh-io/fsm/pkg/gateway/status"
-
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 
 	"github.com/flomesh-io/fsm/pkg/version"
@@ -182,22 +182,9 @@ func (r *gatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 	}
 
 	if r.compute(gateway) {
-		update := gw.NewGatewayStatusUpdate(
-			gateway,
-			&gateway.ObjectMeta,
-			&gateway.TypeMeta,
-			&gateway.Status,
-		)
-
-		if result, err := r.computeGatewayStatus(ctx, gateway, update); err != nil || result.RequeueAfter > 0 || result.Requeue {
+		if result, err := r.computeGatewayStatus(ctx, gateway); err != nil || result.RequeueAfter > 0 || result.Requeue {
 			return result, err
 		}
-
-		r.fctx.StatusUpdater.Send(status.Update{
-			Resource:       &gwv1.Gateway{},
-			NamespacedName: client.ObjectKeyFromObject(gateway),
-			Mutator:        update,
-		})
 	}
 
 	r.fctx.GatewayEventHandler.OnAdd(gateway, false)
@@ -214,18 +201,33 @@ func (r *gatewayReconciler) compute(gateway *gwv1.Gateway) bool {
 		return true
 	}
 
-	if !metautil.IsStatusConditionTrue(gateway.Status.Conditions, string(gwv1.GatewayConditionProgrammed)) {
+	if !gwutils.IsProgrammedGateway(gateway) {
 		return true
 	}
 
-	if !metautil.IsStatusConditionTrue(gateway.Status.Conditions, string(gwv1.GatewayConditionAccepted)) {
+	if !gwutils.IsAcceptedGateway(gateway) {
 		return true
 	}
 
 	return !cmp.Equal(old.spec, gateway.Spec)
 }
 
-func (r *gatewayReconciler) computeGatewayStatus(ctx context.Context, gateway *gwv1.Gateway, update *gw.GatewayStatusUpdate) (ctrl.Result, error) {
+func (r *gatewayReconciler) computeGatewayStatus(ctx context.Context, gateway *gwv1.Gateway) (ctrl.Result, error) {
+	update := gw.NewGatewayStatusUpdate(
+		gateway,
+		&gateway.ObjectMeta,
+		&gateway.TypeMeta,
+		&gateway.Status,
+	)
+
+	defer func() {
+		r.fctx.StatusUpdater.Send(status.Update{
+			Resource:       &gwv1.Gateway{},
+			NamespacedName: client.ObjectKeyFromObject(gateway),
+			Mutator:        update,
+		})
+	}()
+
 	// 1. compute listener status & accepted status
 	r.computeListenerStatus(ctx, gateway, update)
 

diff --git a/pkg/gateway/processor/v2/backend_tls_policy.go b/pkg/gateway/processor/v2/backend_tls_policy.go
@@ -2,7 +2,6 @@ package v2
 
 import (
 	"fmt"
-	"strings"
 
 	fgwv2 "github.com/flomesh-io/fsm/pkg/gateway/fgw"
 
@@ -49,14 +48,6 @@ func (p *BackendTLSPolicyProcessor) Process(route client.Object, routeParentRef
 		return
 	}
 
-	hostname := string(policy.Spec.Validation.Hostname)
-	if err := gwutils.IsValidHostname(hostname); err != nil {
-		return
-	}
-	if strings.Contains(hostname, "*") {
-		return
-	}
-
 	p2 := p.getOrCreateBackendTLSPolicy(policy)
 	if p2 == nil {
 		return

diff --git a/pkg/gateway/status/routes/processor.go b/pkg/gateway/status/routes/processor.go
@@ -307,8 +307,26 @@ func (p *RouteStatusProcessor) computeBackendTLSPolicyStatus(route client.Object
 	)
 
 	ancestorStatus := psu.StatusUpdateFor(routeParentRef)
-	hostname := string(policy.Spec.Validation.Hostname)
 
+	defer func() {
+		p.statusUpdater.Send(status.Update{
+			Resource:       psu.GetResource(),
+			NamespacedName: psu.GetFullName(),
+			Mutator:        psu,
+		})
+	}()
+
+	if policy.Spec.Validation.WellKnownCACertificates != nil && *policy.Spec.Validation.WellKnownCACertificates != "" {
+		ancestorStatus.AddCondition(
+			gwv1alpha2.PolicyConditionAccepted,
+			metav1.ConditionFalse,
+			gwv1alpha2.PolicyReasonInvalid,
+			".spec.validation.wellKnownCACertificates is unsupported.",
+		)
+		return
+	}
+
+	hostname := string(policy.Spec.Validation.Hostname)
 	if err := gwutils.IsValidHostname(hostname); err != nil {
 		ancestorStatus.AddCondition(
 			gwv1alpha2.PolicyConditionAccepted,
@@ -351,12 +369,6 @@ func (p *RouteStatusProcessor) computeBackendTLSPolicyStatus(route client.Object
 			fmt.Sprintf("Policy is accepted for ancestor %s/%s", gwutils.NamespaceDerefOr(routeParentRef.Namespace, route.GetNamespace()), routeParentRef.Name),
 		)
 	}
-
-	p.statusUpdater.Send(status.Update{
-		Resource:       psu.GetResource(),
-		NamespacedName: psu.GetFullName(),
-		Mutator:        psu,
-	})
 }
 
 func (p *RouteStatusProcessor) computeBackendLBPolicyStatus(route client.Object, backendRef gwv1.BackendObjectReference, _ *fgwv2.ServicePortName, routeParentRef gwv1.ParentReference) {
@@ -380,6 +392,13 @@ func (p *RouteStatusProcessor) computeBackendLBPolicyStatus(route client.Object,
 	)
 
 	ancestorStatus := psu.StatusUpdateFor(routeParentRef)
+	defer func() {
+		p.statusUpdater.Send(status.Update{
+			Resource:       psu.GetResource(),
+			NamespacedName: psu.GetFullName(),
+			Mutator:        psu,
+		})
+	}()
 
 	if !ancestorStatus.ConditionExists(gwv1alpha2.PolicyConditionAccepted) {
 		ancestorStatus.AddCondition(
@@ -389,12 +408,6 @@ func (p *RouteStatusProcessor) computeBackendLBPolicyStatus(route client.Object,
 			fmt.Sprintf("Policy is accepted for ancestor %s/%s", gwutils.NamespaceDerefOr(routeParentRef.Namespace, route.GetNamespace()), routeParentRef.Name),
 		)
 	}
-
-	p.statusUpdater.Send(status.Update{
-		Resource:       psu.GetResource(),
-		NamespacedName: psu.GetFullName(),
-		Mutator:        psu,
-	})
 }
 
 func (p *RouteStatusProcessor) computeHealthCheckPolicyStatus(route client.Object, backendRef gwv1.BackendObjectReference, svcPort *fgwv2.ServicePortName, routeParentRef gwv1.ParentReference) {
@@ -419,6 +432,13 @@ func (p *RouteStatusProcessor) computeHealthCheckPolicyStatus(route client.Objec
 	)
 
 	ancestorStatus := psu.StatusUpdateFor(routeParentRef)
+	defer func() {
+		p.statusUpdater.Send(status.Update{
+			Resource:       psu.GetResource(),
+			NamespacedName: psu.GetFullName(),
+			Mutator:        psu,
+		})
+	}()
 
 	if gwutils.HasAccessToBackendTargetRef(p.client, policy, targetRef, ancestorStatus) {
 		ancestorStatus.AddCondition(
@@ -428,12 +448,6 @@ func (p *RouteStatusProcessor) computeHealthCheckPolicyStatus(route client.Objec
 			fmt.Sprintf("Policy is accepted for ancestor %s/%s", gwutils.NamespaceDerefOr(routeParentRef.Namespace, route.GetNamespace()), routeParentRef.Name),
 		)
 	}
-
-	p.statusUpdater.Send(status.Update{
-		Resource:       psu.GetResource(),
-		NamespacedName: psu.GetFullName(),
-		Mutator:        psu,
-	})
 }
 
 func (p *RouteStatusProcessor) computeRetryPolicyStatus(route client.Object, backendRef gwv1.BackendObjectReference, svcPort *fgwv2.ServicePortName, routeParentRef gwv1.ParentReference) {
@@ -458,6 +472,13 @@ func (p *RouteStatusProcessor) computeRetryPolicyStatus(route client.Object, bac
 	)
 
 	ancestorStatus := psu.StatusUpdateFor(routeParentRef)
+	defer func() {
+		p.statusUpdater.Send(status.Update{
+			Resource:       psu.GetResource(),
+			NamespacedName: psu.GetFullName(),
+			Mutator:        psu,
+		})
+	}()
 
 	if gwutils.HasAccessToBackendTargetRef(p.client, policy, targetRef, ancestorStatus) {
 		ancestorStatus.AddCondition(
@@ -467,12 +488,6 @@ func (p *RouteStatusProcessor) computeRetryPolicyStatus(route client.Object, bac
 			fmt.Sprintf("Policy is accepted for ancestor %s/%s", gwutils.NamespaceDerefOr(routeParentRef.Namespace, route.GetNamespace()), routeParentRef.Name),
 		)
 	}
-
-	p.statusUpdater.Send(status.Update{
-		Resource:       psu.GetResource(),
-		NamespacedName: psu.GetFullName(),
-		Mutator:        psu,
-	})
 }
 
 func (p *RouteStatusProcessor) backendRefToServicePortName(route client.Object, backendRef gwv1.BackendObjectReference, rps status.RouteParentStatusObject) *fgwv2.ServicePortName {

diff --git a/pkg/gateway/status/status.go b/pkg/gateway/status/status.go
@@ -16,6 +16,8 @@ package status
 import (
 	"context"
 
+	extv1alpha1 "github.com/flomesh-io/fsm/pkg/apis/extension/v1alpha1"
+
 	gwv1alpha3 "sigs.k8s.io/gateway-api/apis/v1alpha3"
 
 	gwpav1alpha2 "github.com/flomesh-io/fsm/pkg/apis/policyattachment/v1alpha2"
@@ -166,15 +168,11 @@ func (u *UpdateWriter) Send(update Update) {
 //	TCPRoute
 //	UDPRoute
 //	GRPCRoute
-//  AccessControlPolicy
-//  RateLimitPolicy
-//  FaultInjectionPolicy
-//  SessionStickyPolicy
-//  CircuitBreakingPolicy
-//  LoadBalancerPolicy
+//  Filter
+//  BackendLBPolicy
+//  BackendTLSPolicy
 //  HealthCheckPolicy
 //  RetryPolicy
-//  UpstreamTLSPolicy
 
 //gocyclo:ignore
 func isStatusEqual(objA, objB interface{}) bool {
@@ -246,60 +244,12 @@ func isStatusEqual(objA, objB interface{}) bool {
 				return true
 			}
 		}
-		//case *gwpav1alpha1.AccessControlPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.AccessControlPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.RateLimitPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.RateLimitPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.FaultInjectionPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.FaultInjectionPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.SessionStickyPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.SessionStickyPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.CircuitBreakingPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.CircuitBreakingPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.LoadBalancerPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.LoadBalancerPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.HealthCheckPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.HealthCheckPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.RetryPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.RetryPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
-		//case *gwpav1alpha1.UpstreamTLSPolicy:
-		//	if b, ok := objB.(*gwpav1alpha1.UpstreamTLSPolicy); ok {
-		//		if cmp.Equal(a.Status, b.Status, opts) {
-		//			return true
-		//		}
-		//	}
+	case *extv1alpha1.Filter:
+		if b, ok := objB.(*extv1alpha1.Filter); ok {
+			if cmp.Equal(a.Status, b.Status, opts) {
+				return true
+			}
+		}
 	}
 
 	return false