refactor: align with some common conventions

Signed-off-by: KevFan <[email protected]>

controllers/cert_manager_installed.go

@@ -0,0 +1,37 @@
+package controllers
+
+import (
+	"context"
+	"sync"
+
+	"github.com/kuadrant/policy-machinery/controller"
+	"github.com/kuadrant/policy-machinery/machinery"
+	"k8s.io/apimachinery/pkg/api/meta"
+
+	kuadrantgatewayapi "github.com/kuadrant/kuadrant-operator/pkg/library/gatewayapi"
+)
+
+const IsCertManagerInstalledKey = "IsCertManagerInstalled"
+
+func NewIsCertManagerInstalledReconciler(restMapper meta.RESTMapper) IsCertManagerInstalledReconciler {
+	return IsCertManagerInstalledReconciler{
+		restMapper: restMapper,
+	}
+}
+
+type IsCertManagerInstalledReconciler struct {
+	restMapper meta.RESTMapper
+}
+
+func (t IsCertManagerInstalledReconciler) Check(ctx context.Context, _ []controller.ResourceEvent, _ *machinery.Topology, _ error, s *sync.Map) error {
+	logger := controller.LoggerFromContext(ctx).WithName("IsCertManagerInstalledReconciler").WithName("Reconcile")
+	isCertManagerInstalled, err := kuadrantgatewayapi.IsCertManagerInstalled(t.restMapper, logger)
+
+	if err != nil {
+		logger.Error(err, "error checking IsCertManagerInstalled")
+	}
+
+	s.Store(IsCertManagerInstalledKey, isCertManagerInstalled)
+
+	return nil
+}

controllers/state_of_the_world.go

@@ -104,6 +104,7 @@ func NewPolicyMachineryController(manager ctrlruntime.Manager, client *dynamic.D
 			kuadrantv1beta1.LinkKuadrantToGatewayClasses,
 			kuadrantv1beta1.LinkKuadrantToLimitador,
 		),
+		controller.WithReconcile(buildReconciler(client, manager.GetRESTMapper())),
 	}
 
 	ok, err := kuadrantgatewayapi.IsGatewayAPIInstalled(manager.GetRESTMapper())
@@ -203,8 +204,6 @@ func NewPolicyMachineryController(manager ctrlruntime.Manager, client *dynamic.D
 		controllerOpts = append(controllerOpts, certManagerControllerOpts()...)
 	}
 
-	controllerOpts = append(controllerOpts, controller.WithReconcile(buildReconciler(client, manager.GetRESTMapper())))
-
 	return controller.NewController(controllerOpts...)
 }
 
@@ -214,7 +213,7 @@ func buildReconciler(client *dynamic.DynamicClient, restMapper meta.RESTMapper)
 			Precondition: NewEventLogger().Log,
 			Tasks: []controller.ReconcileFunc{
 				NewTopologyFileReconciler(client, operatorNamespace).Reconcile,
-				NewIsCertManagerInstalledTask(restMapper).Reconcile,
+				NewIsCertManagerInstalledReconciler(restMapper).Check,
 			},
 		}).Run,
 		Tasks: []controller.ReconcileFunc{

controllers/tlspolicy_links.go → controllers/tls_workflow.go

@@ -1,15 +1,35 @@
 package controllers
 
 import (
+	"github.com/cert-manager/cert-manager/pkg/apis/certmanager"
 	certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
 	"github.com/kuadrant/policy-machinery/controller"
 	"github.com/kuadrant/policy-machinery/machinery"
 	"github.com/samber/lo"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/dynamic"
 	gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"
 
 	kuadrantv1alpha1 "github.com/kuadrant/kuadrant-operator/api/v1alpha1"
 )
 
+var (
+	CertManagerCertificatesResource  = certmanagerv1.SchemeGroupVersion.WithResource("certificates")
+	CertManagerIssuersResource       = certmanagerv1.SchemeGroupVersion.WithResource("issuers")
+	CertMangerClusterIssuersResource = certmanagerv1.SchemeGroupVersion.WithResource("clusterissuers")
+
+	CertManagerCertificateKind   = schema.GroupKind{Group: certmanager.GroupName, Kind: certmanagerv1.CertificateKind}
+	CertManagerIssuerKind        = schema.GroupKind{Group: certmanager.GroupName, Kind: certmanagerv1.IssuerKind}
+	CertManagerClusterIssuerKind = schema.GroupKind{Group: certmanager.GroupName, Kind: certmanagerv1.ClusterIssuerKind}
+)
+
+func NewTLSPolicyWorkflow(client *dynamic.DynamicClient) *controller.Workflow {
+	return &controller.Workflow{
+		Precondition:  NewValidateTLSPoliciesValidatorReconciler().Validate,
+		Postcondition: NewTLSPolicyStatusUpdaterReconciler(client).UpdateStatus,
+	}
+}
+
 func LinkGatewayToCertificateFunc(objs controller.Store) machinery.LinkFunc {
 	gateways := lo.Map(objs.FilterByGroupKind(machinery.GatewayGroupKind), controller.ObjectAs[*gwapiv1.Gateway])
 

controllers/tlspolicies_validator.go

@@ -0,0 +1,96 @@
+package controllers
+
+import (
+	"context"
+	"errors"
+	"sync"
+
+	"github.com/kuadrant/policy-machinery/controller"
+	"github.com/kuadrant/policy-machinery/machinery"
+	"github.com/samber/lo"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/utils/ptr"
+
+	kuadrantv1alpha1 "github.com/kuadrant/kuadrant-operator/api/v1alpha1"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
+)
+
+func NewValidateTLSPoliciesValidatorReconciler() *ValidateTLSPoliciesValidatorReconciler {
+	return &ValidateTLSPoliciesValidatorReconciler{}
+}
+
+type ValidateTLSPoliciesValidatorReconciler struct{}
+
+func (t *ValidateTLSPoliciesValidatorReconciler) Subscription() *controller.Subscription {
+	return &controller.Subscription{
+		Events: []controller.ResourceEventMatcher{
+			{Kind: &machinery.GatewayGroupKind},
+			{Kind: &kuadrantv1alpha1.TLSPolicyKind, EventType: ptr.To(controller.CreateEvent)},
+			{Kind: &kuadrantv1alpha1.TLSPolicyKind, EventType: ptr.To(controller.UpdateEvent)},
+			{Kind: &CertManagerCertificateKind},
+			{Kind: &CertManagerIssuerKind},
+			{Kind: &CertManagerClusterIssuerKind},
+		},
+		ReconcileFunc: t.Validate,
+	}
+}
+
+func (t *ValidateTLSPoliciesValidatorReconciler) Validate(ctx context.Context, _ []controller.ResourceEvent, topology *machinery.Topology, _ error, s *sync.Map) error {
+	logger := controller.LoggerFromContext(ctx).WithName("ValidateTLSPolicyTask").WithName("Reconcile")
+
+	// Get all TLS Policies
+	policies := lo.FilterMap(topology.Policies().Items(), func(item machinery.Policy, index int) (*kuadrantv1alpha1.TLSPolicy, bool) {
+		p, ok := item.(*kuadrantv1alpha1.TLSPolicy)
+		return p, ok
+	})
+
+	// Get all gateways
+	gws := lo.FilterMap(topology.Targetables().Items(), func(item machinery.Targetable, index int) (*machinery.Gateway, bool) {
+		gw, ok := item.(*machinery.Gateway)
+		return gw, ok
+	})
+
+	isCertManagerInstalled := false
+	installed, ok := s.Load(IsCertManagerInstalledKey)
+	if ok {
+		isCertManagerInstalled = installed.(bool)
+	} else {
+		logger.V(1).Error(errors.New("isCertManagerInstalled was not found in sync map, defaulting to false"), "sync map error")
+	}
+
+	for _, policy := range policies {
+		if policy.DeletionTimestamp != nil {
+			logger.V(1).Info("tls policy is marked for deletion, skipping", "name", policy.Name, "namespace", policy.Namespace)
+			continue
+		}
+
+		if !isCertManagerInstalled {
+			s.Store(TLSPolicyAcceptedKey(policy.GetUID()), kuadrant.NewErrDependencyNotInstalled("Cert Manager"))
+			continue
+		}
+
+		// TODO: This should be only one target ref for now, but what should happen if multiple target refs is supported in the future?
+		targetRefs := policy.GetTargetRefs()
+		for _, targetRef := range targetRefs {
+			// Find gateway defined by target ref
+			_, ok := lo.Find(gws, func(item *machinery.Gateway) bool {
+				if item.GetName() == targetRef.GetName() && item.GetNamespace() == targetRef.GetNamespace() {
+					return true
+				}
+				return false
+			})
+
+			// Can't find gateway target ref
+			if !ok {
+				logger.V(1).Info("tls policy cannot find target ref", "name", policy.Name, "namespace", policy.Namespace)
+				s.Store(TLSPolicyAcceptedKey(policy.GetUID()), kuadrant.NewErrTargetNotFound(policy.Kind(), policy.GetTargetRef(), apierrors.NewNotFound(kuadrantv1alpha1.TLSPoliciesResource.GroupResource(), policy.GetName())))
+				continue
+			}
+
+			logger.V(1).Info("tls policy found target ref", "name", policy.Name, "namespace", policy.Namespace)
+			s.Store(TLSPolicyAcceptedKey(policy.GetUID()), nil)
+		}
+	}
+
+	return nil
+}