From ad84ac6b8e3064cf52a929c16bccd0d05bbd9197 Mon Sep 17 00:00:00 2001 From: Maksym Vavilov <37799801+makslion@users.noreply.github.com> Date: Thu, 23 May 2024 14:38:52 +0100 Subject: [PATCH] use correct status type when enforcing policy (#594) --- controllers/authpolicy_controller_test.go | 67 ++++++------- controllers/dnspolicy_controller_test.go | 4 +- controllers/dnspolicy_status.go | 2 +- controllers/helper_test.go | 1 + ...dor_cluster_envoyfilter_controller_test.go | 7 +- ...ate_limiting_wasmplugin_controller_test.go | 71 ++++++-------- .../ratelimitpolicy_controller_test.go | 47 +++++----- controllers/ratelimitpolicy_status_test.go | 2 + controllers/target_status_controller_test.go | 94 ++++++++++--------- controllers/tlspolicy_status_test.go | 4 +- .../apimachinery_status_conditions.go | 4 +- 11 files changed, 151 insertions(+), 152 deletions(-) diff --git a/controllers/authpolicy_controller_test.go b/controllers/authpolicy_controller_test.go index 2bba584c5..9b6ce92f3 100644 --- a/controllers/authpolicy_controller_test.go +++ b/controllers/authpolicy_controller_test.go @@ -28,11 +28,6 @@ import ( "github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant" ) -const ( - testGatewayName = "toystore-gw" - testHTTPRouteName = "toystore-route" -) - var _ = Describe("AuthPolicy controller", Ordered, func() { const ( testTimeOut = SpecTimeout(2 * time.Minute) @@ -53,7 +48,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { BeforeEach(func(ctx SpecContext) { testNamespace = CreateNamespaceWithContext(ctx) - gateway := testBuildBasicGateway(testGatewayName, testNamespace) + gateway := testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) @@ -78,7 +73,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", - Name: testHTTPRouteName, + Name: TestHTTPRouteName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, Defaults: &api.AuthPolicyCommonSpec{ @@ -94,7 +89,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Context("Basic HTTPRoute", func() { BeforeEach(func(ctx SpecContext) { - route := testBuildBasicHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com"}) + route := testBuildBasicHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com"}) err := k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) @@ -105,7 +100,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName policy.Spec.CommonSpec().AuthScheme.Authentication["apiKey"].ApiKey.Selector.MatchLabels["admin"] = "yes" }) @@ -117,7 +112,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, policy)).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -154,7 +149,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { }, testTimeOut) It("Attaches policy to a Gateway with hostname in listeners", func(ctx SpecContext) { - gatewayName := fmt.Sprintf("%s-with-hostnames", testGatewayName) + gatewayName := fmt.Sprintf("%s-with-hostnames", TestGatewayName) gateway := testBuildBasicGateway(gatewayName, testNamespace) Expect(gateway.Spec.Listeners).To(HaveLen(1)) // Set hostname @@ -164,7 +159,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) - routeName := fmt.Sprintf("%s-with-hostnames", testHTTPRouteName) + routeName := fmt.Sprintf("%s-with-hostnames", TestHTTPRouteName) route := testBuildBasicHttpRoute(routeName, gatewayName, testNamespace, []string{"*.api.example.com"}) err = k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) @@ -207,7 +202,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, policy)).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -253,7 +248,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, routePolicy)).WithContext(ctx).Should(BeTrue()) // create second (policyless) httproute - otherRoute := testBuildBasicHttpRoute("policyless-route", testGatewayName, testNamespace, []string{"*.other"}) + otherRoute := testBuildBasicHttpRoute("policyless-route", TestGatewayName, testNamespace, []string{"*.other"}) otherRoute.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { Matches: []gatewayapiv1.HTTPRouteMatch{ @@ -272,7 +267,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName }) err = k8sClient.Create(ctx, gwPolicy) @@ -283,7 +278,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, gwPolicy)).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, gwPolicy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, gwPolicy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -348,7 +343,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { }).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, &secv1beta1resources.AuthorizationPolicy{}) logf.Log.V(1).Info("Fetching Istio's AuthorizationPolicy", "key", iapKey.String(), "error", err) @@ -392,7 +387,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { return condition != nil && condition.Reason == string(kuadrant.PolicyReasonUnknown) && strings.Contains(condition.Message, "cannot match any route rules, check for invalid route selectors in the policy") }).WithContext(ctx).Should(BeTrue()) - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -429,7 +424,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Expect(err).ToNot(HaveOccurred()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, &secv1beta1resources.AuthorizationPolicy{}) logf.Log.V(1).Info("Fetching Istio's AuthorizationPolicy", "key", iapKey.String(), "error", err) @@ -691,7 +686,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Context("Complex HTTPRoute with multiple rules and hostnames", func() { BeforeEach(func(ctx SpecContext) { - route := testBuildMultipleRulesHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com", "*.admin.toystore.com"}) + route := testBuildMultipleRulesHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com", "*.admin.toystore.com"}) err := k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) @@ -707,7 +702,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, policy)).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -802,7 +797,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, policy)).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -898,7 +893,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Eventually(isAuthPolicyAcceptedAndEnforced(ctx, policy)).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, policy.Spec.TargetRef), Namespace: testNamespace} iap := &secv1beta1resources.AuthorizationPolicy{} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, iap) @@ -1105,11 +1100,11 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { // check policy status Eventually(assertAcceptedCondFalseAndEnforcedCondNil(ctx, policy, string(gatewayapiv1alpha2.PolicyReasonTargetNotFound), - fmt.Sprintf("AuthPolicy target %s was not found", testHTTPRouteName))).WithContext(ctx).Should(BeTrue()) + fmt.Sprintf("AuthPolicy target %s was not found", TestHTTPRouteName))).WithContext(ctx).Should(BeTrue()) }, testTimeOut) It("Conflict reason", func(ctx SpecContext) { - route := testBuildBasicHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com"}) + route := testBuildBasicHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com"}) err := k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) @@ -1141,7 +1136,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy := policyFactory(func(policy *api.AuthPolicy) { policy.Namespace = otherNamespace // create the policy in a different namespace than the target policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(testGatewayName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) policy.Spec.TargetRef.Namespace = ptr.To(gatewayapiv1.Namespace(testNamespace)) }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) @@ -1176,7 +1171,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { } BeforeEach(func(ctx SpecContext) { - route := testBuildBasicHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com"}) + route := testBuildBasicHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com"}) err := k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) @@ -1223,7 +1218,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName }) err = k8sClient.Create(ctx, gwPolicy) @@ -1237,7 +1232,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { fmt.Sprintf("AuthPolicy is overridden by [%s/%s]", testNamespace, routePolicy.Name))).WithContext(ctx).Should(BeTrue()) // check istio authorizationpolicy - iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(testGatewayName, gwPolicy.Spec.TargetRef), Namespace: testNamespace} + iapKey := types.NamespacedName{Name: istioAuthorizationPolicyName(TestGatewayName, gwPolicy.Spec.TargetRef), Namespace: testNamespace} Eventually(func() bool { err := k8sClient.Get(ctx, iapKey, &secv1beta1resources.AuthorizationPolicy{}) logf.Log.V(1).Info("Fetching Istio's AuthorizationPolicy", "key", iapKey.String(), "error", err) @@ -1252,7 +1247,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { }).WithContext(ctx).Should(BeTrue()) // GW Policy should go back to being enforced when a HTTPRoute with no AP attached becomes available - route2 := testBuildBasicHttpRoute("route2", testGatewayName, testNamespace, []string{"*.carstore.com"}) + route2 := testBuildBasicHttpRoute("route2", TestGatewayName, testNamespace, []string{"*.carstore.com"}) err = k8sClient.Create(ctx, route2) Expect(err).ToNot(HaveOccurred()) @@ -1263,7 +1258,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { Context("AuthPolicies configured with overrides", func() { BeforeEach(func(ctx SpecContext) { - route := testBuildBasicHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com"}) + route := testBuildBasicHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com"}) err := k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) @@ -1274,7 +1269,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName policy.Spec.Overrides = &api.AuthPolicyCommonSpec{} policy.Spec.Defaults = nil policy.Spec.Overrides.AuthScheme = testBasicAuthScheme() @@ -1311,7 +1306,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName policy.Spec.Overrides = &api.AuthPolicyCommonSpec{} policy.Spec.Defaults = nil policy.Spec.Overrides.AuthScheme = testBasicAuthScheme() @@ -1341,7 +1336,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName policy.Spec.Overrides = &api.AuthPolicyCommonSpec{} policy.Spec.Defaults = nil policy.Spec.Overrides.AuthScheme = testBasicAuthScheme() @@ -1378,7 +1373,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName policy.Spec.CommonSpec().AuthScheme.Authentication["apiKey"].ApiKey.Selector.MatchLabels["admin"] = "yes" }) @@ -1424,7 +1419,7 @@ var _ = Describe("AuthPolicy controller", Ordered, func() { policy.Name = "gw-auth" policy.Spec.TargetRef.Group = gatewayapiv1.GroupName policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = testGatewayName + policy.Spec.TargetRef.Name = TestGatewayName policy.Spec.Overrides = &api.AuthPolicyCommonSpec{} policy.Spec.Defaults = nil policy.Spec.Overrides.AuthScheme = testBasicAuthScheme() diff --git a/controllers/dnspolicy_controller_test.go b/controllers/dnspolicy_controller_test.go index 62ecc0d0e..07ae37d14 100644 --- a/controllers/dnspolicy_controller_test.go +++ b/controllers/dnspolicy_controller_test.go @@ -344,9 +344,9 @@ var _ = Describe("DNSPolicy controller", func() { }), MatchFields(IgnoreExtras, Fields{ "Type": Equal(string(kuadrant.PolicyConditionEnforced)), - "Status": Equal(metav1.ConditionTrue), + "Status": Equal(metav1.ConditionFalse), "Reason": Equal(string(kuadrant.PolicyReasonEnforced)), - "Message": Equal("DNSPolicy has been successfully enforced"), + "Message": Equal("DNSPolicy has been partially enforced"), })), ) }, TestTimeoutMedium, time.Second).Should(Succeed()) diff --git a/controllers/dnspolicy_status.go b/controllers/dnspolicy_status.go index c2b6857fd..8ccc1f825 100644 --- a/controllers/dnspolicy_status.go +++ b/controllers/dnspolicy_status.go @@ -115,7 +115,7 @@ func (r *DNSPolicyReconciler) enforcedCondition(recordsList *kuadrantdnsv1alpha1 controlled = true // if at least one record not ready the policy is not enforced for _, condition := range record.Status.Conditions { - if condition.Type == string(v1alpha2.PolicyConditionAccepted) && condition.Status == metav1.ConditionFalse { + if condition.Type == string(kuadrantdnsv1alpha1.ConditionTypeReady) && condition.Status == metav1.ConditionFalse { return kuadrant.EnforcedCondition(dnsPolicy, nil, false) } } diff --git a/controllers/helper_test.go b/controllers/helper_test.go index 223065bfa..a276abb2d 100644 --- a/controllers/helper_test.go +++ b/controllers/helper_test.go @@ -55,6 +55,7 @@ const ( TestListenerNameTwo = "test-listener-2" TestIPAddressOne = "172.0.0.1" TestIPAddressTwo = "172.0.0.2" + TestHTTPRouteName = "toystore-route" ) func ApplyKuadrantCR(namespace string) { diff --git a/controllers/limitador_cluster_envoyfilter_controller_test.go b/controllers/limitador_cluster_envoyfilter_controller_test.go index 8065b3c12..398292a8c 100644 --- a/controllers/limitador_cluster_envoyfilter_controller_test.go +++ b/controllers/limitador_cluster_envoyfilter_controller_test.go @@ -31,9 +31,8 @@ var _ = Describe("Limitador Cluster EnvoyFilter controller", Ordered, func() { var ( testNamespace string kuadrantInstallationNS string - gwName = "toystore-gw" rlpName = "toystore-rlp" - efName = fmt.Sprintf("kuadrant-ratelimiting-cluster-%s", gwName) + efName = fmt.Sprintf("kuadrant-ratelimiting-cluster-%s", TestGatewayName) ) BeforeAll(func(ctx SpecContext) { @@ -47,7 +46,7 @@ var _ = Describe("Limitador Cluster EnvoyFilter controller", Ordered, func() { beforeEachCallback := func(ctx SpecContext) { testNamespace = CreateNamespaceWithContext(ctx) - gateway := testBuildBasicGateway(gwName, testNamespace) + gateway := testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) @@ -102,7 +101,7 @@ var _ = Describe("Limitador Cluster EnvoyFilter controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ diff --git a/controllers/rate_limiting_wasmplugin_controller_test.go b/controllers/rate_limiting_wasmplugin_controller_test.go index 77a6fa283..afc635a75 100644 --- a/controllers/rate_limiting_wasmplugin_controller_test.go +++ b/controllers/rate_limiting_wasmplugin_controller_test.go @@ -70,12 +70,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { var ( routeName = "toystore-route" rlpName = "toystore-rlp" - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -85,7 +84,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { It("Simple RLP targeting HTTPRoute creates wasmplugin", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -178,7 +177,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { It("Full featured RLP targeting HTTPRoute creates wasmplugin", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.toystore.acme.com", "api.toystore.io"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.toystore.acme.com", "api.toystore.io"}) httpRoute.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { Matches: []gatewayapiv1.HTTPRouteMatch{ @@ -392,7 +391,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { It("Simple RLP targeting Gateway parented by one HTTPRoute creates wasmplugin", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -407,7 +406,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -483,12 +482,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Context("RLP targeting HTTPRoute-less Gateway", func() { var ( rlpName = "toystore-rlp" - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -507,7 +505,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -545,12 +543,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { var ( routeName = "toystore-route" rlpName = "toystore-rlp" - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -560,7 +557,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { It("When the gateway does not have more policies, the wasmplugin resource is not created", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -634,7 +631,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { ) // create httproute B - httpRouteB := testBuildBasicHttpRoute(routeBName, gwName, testNamespace, []string{"*.b.example.com"}) + httpRouteB := testBuildBasicHttpRoute(routeBName, TestGatewayName, testNamespace, []string{"*.b.example.com"}) err := k8sClient.Create(ctx, httpRouteB) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteB))).WithContext(ctx).Should(BeTrue()) @@ -649,7 +646,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -672,7 +669,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Eventually(assertPolicyIsAcceptedAndEnforced(ctx, rlpAKey)).WithContext(ctx).Should(BeTrue()) // create httproute C - httpRouteC := testBuildBasicHttpRoute(routeCName, gwName, testNamespace, []string{"*.c.example.com"}) + httpRouteC := testBuildBasicHttpRoute(routeCName, TestGatewayName, testNamespace, []string{"*.c.example.com"}) httpRouteC.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { Matches: []gatewayapiv1.HTTPRouteMatch{ @@ -808,13 +805,12 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { var ( routeName = "route-a" rlpName = "rlp-a" - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway gwBName = "gw-b" ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -847,7 +843,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -870,7 +866,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Expect(testRLPEnforcedCondition(ctx, rlpKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy has encountered some issues: no free routes to enforce policy")) // create Route A -> Gw A - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err = k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -1041,7 +1037,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Eventually(testGatewayIsReady(gwB)).WithContext(ctx).Should(BeTrue()) // create Route A -> Gw A - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err = k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -1265,12 +1261,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Context("RLP switches targetRef from one route A to another route B", func() { var ( - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -1300,7 +1295,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { // // create Route A -> Gw A on *.a.example.com // - httpRouteA := testBuildBasicHttpRoute(routeAName, gwName, testNamespace, []string{"*.a.example.com"}) + httpRouteA := testBuildBasicHttpRoute(routeAName, TestGatewayName, testNamespace, []string{"*.a.example.com"}) // GET /routeA httpRouteA.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { @@ -1322,7 +1317,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { // // create Route B -> Gw A on *.b.example.com // - httpRouteB := testBuildBasicHttpRoute(routeBName, gwName, testNamespace, []string{"*.b.example.com"}) + httpRouteB := testBuildBasicHttpRoute(routeBName, TestGatewayName, testNamespace, []string{"*.b.example.com"}) // GET /routeB httpRouteB.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { @@ -1525,12 +1520,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Context("Free Route gets dedicated RLP", func() { var ( - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -1559,7 +1553,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { // // create Route A -> Gw A on *.a.example.com // - httpRouteA := testBuildBasicHttpRoute(routeAName, gwName, testNamespace, []string{"*.a.example.com"}) + httpRouteA := testBuildBasicHttpRoute(routeAName, TestGatewayName, testNamespace, []string{"*.a.example.com"}) // GET /routeA httpRouteA.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { @@ -1588,7 +1582,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -1785,12 +1779,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Context("New free route on a Gateway with RLP", func() { var ( - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -1822,7 +1815,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { // // create Route A -> Gw A on *.a.example.com // - httpRouteA := testBuildBasicHttpRoute(routeAName, gwName, testNamespace, []string{"*.a.example.com"}) + httpRouteA := testBuildBasicHttpRoute(routeAName, TestGatewayName, testNamespace, []string{"*.a.example.com"}) // GET /routeA httpRouteA.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { @@ -1851,7 +1844,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, RateLimitPolicyCommonSpec: kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -1977,7 +1970,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { // // create Route B -> Gw A on *.b.example.com // - httpRouteB := testBuildBasicHttpRoute(routeBName, gwName, testNamespace, []string{"*.b.example.com"}) + httpRouteB := testBuildBasicHttpRoute(routeBName, TestGatewayName, testNamespace, []string{"*.b.example.com"}) // GET /routeB httpRouteB.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { @@ -2104,7 +2097,6 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { Context("Gateway with hostname in listener", func() { var ( - gwName = "toystore-gw" routeName = "toystore-route" rlpName = "rlp-a" gateway *gatewayapiv1.Gateway @@ -2112,7 +2104,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) gateway.Spec.Listeners[0].Hostname = ptr.To(gatewayapiv1.Hostname(gwHostname)) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) @@ -2124,7 +2116,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { It("RLP with hostnames in route selector targeting hostname less HTTPRoute creates wasmplugin", func(ctx SpecContext) { // create httproute var emptyRouteHostnames []string - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, emptyRouteHostnames) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, emptyRouteHostnames) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -2225,12 +2217,11 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { routeName = "toystore-route" gwRLPName = "gw-rlp" routeRLPName = "route-rlp" - gwName = "toystore-gw" gateway *gatewayapiv1.Gateway ) beforeEachCallback := func(ctx SpecContext) { - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) err := k8sClient.Create(ctx, gateway) Expect(err).ToNot(HaveOccurred()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -2282,7 +2273,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { It("Limit key shifts correctly from Gateway RLP default -> Route RLP -> Gateway RLP overrides", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) Expect(k8sClient.Create(ctx, httpRoute)).To(Succeed()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -2296,7 +2287,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, Defaults: &kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ diff --git a/controllers/ratelimitpolicy_controller_test.go b/controllers/ratelimitpolicy_controller_test.go index ba462503a..afa0765a2 100644 --- a/controllers/ratelimitpolicy_controller_test.go +++ b/controllers/ratelimitpolicy_controller_test.go @@ -35,7 +35,6 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { testNamespace string kuadrantInstallationNS string routeName = "toystore-route" - gwName = "toystore-gw" rlpName = "toystore-rlp" gateway *gatewayapiv1.Gateway ) @@ -99,7 +98,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { beforeEachCallback := func(ctx SpecContext) { testNamespace = CreateNamespaceWithContext(ctx) - gateway = testBuildBasicGateway(gwName, testNamespace) + gateway = testBuildBasicGateway(TestGatewayName, testNamespace) Expect(k8sClient.Create(ctx, gateway)).To(Succeed()) Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) @@ -122,7 +121,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { Context("RLP targeting HTTPRoute", func() { It("Creates all the resources for a basic HTTPRoute and RateLimitPolicy", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -163,7 +162,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { })) // Check gateway back references - gwKey := client.ObjectKey{Name: gwName, Namespace: testNamespace} + gwKey := client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace} existingGateway := &gatewayapiv1.Gateway{} Eventually(func(g Gomega) { err = k8sClient.Get(ctx, gwKey, existingGateway) @@ -181,7 +180,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { Context("RLP targeting Gateway", func() { It("Creates all the resources for a basic Gateway and RateLimitPolicy", func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -200,7 +199,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(TestGatewayName), }, Defaults: &kuadrantv1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]kuadrantv1beta2.Limit{ @@ -264,7 +263,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // create ratelimitpolicy rlp := policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gwName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) }) err := k8sClient.Create(ctx, rlp) Expect(err).ToNot(HaveOccurred()) @@ -323,14 +322,14 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // GW policy defaults are overridden and not enforced when Route has their own policy attached // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) Expect(k8sClient.Create(ctx, httpRoute)).To(Succeed()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) // create GW RLP gwRLP = policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gwName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) }) Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed()) gwRLPKey := client.ObjectKey{Name: gwRLP.Name, Namespace: testNamespace} @@ -385,7 +384,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { When("Free route is created", func() { It("Gateway policy should now be enforced", func(ctx SpecContext) { - route2 := testBuildBasicHttpRoute("route2", gwName, testNamespace, []string{"*.car.com"}) + route2 := testBuildBasicHttpRoute("route2", TestGatewayName, testNamespace, []string{"*.car.com"}) Expect(k8sClient.Create(ctx, route2)).To(Succeed()) Eventually(testRLPIsEnforced(ctx, client.ObjectKeyFromObject(gwRLP))).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -402,7 +401,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { It("Explicit defaults - no underlying routes to enforce policy", func(ctx SpecContext) { gwRLP := policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gwName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) }) Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed()) @@ -414,7 +413,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { It("Implicit defaults - no underlying routes to enforce policy", func(ctx SpecContext) { gwRLP := policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gwName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) policy.Spec.RateLimitPolicyCommonSpec = *policy.Spec.Defaults.DeepCopy() policy.Spec.Defaults = nil }) @@ -432,13 +431,13 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { BeforeEach(func(ctx SpecContext) { // create httproute - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) Expect(k8sClient.Create(ctx, httpRoute)).To(Succeed()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) gwRLP = policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gwName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) policy.Spec.Overrides = policy.Spec.Defaults.DeepCopy() policy.Spec.Defaults = nil }) @@ -564,7 +563,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // Create GW RLP with defaults gwRLP = policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gwName) + policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) }) Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed()) gwRLPKey := client.ObjectKeyFromObject(gwRLP) @@ -707,7 +706,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { }, testTimeOut) It("Conflict reason", func(ctx SpecContext) { - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) Expect(k8sClient.Create(ctx, httpRoute)).To(Succeed()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -764,7 +763,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { } BeforeEach(func(ctx SpecContext) { - route := testBuildBasicHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com"}) + route := testBuildBasicHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com"}) Expect(k8sClient.Create(ctx, route)).To(Succeed()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) }) @@ -817,7 +816,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // RLP A -> Route B // create httproute A - httpRouteA := testBuildBasicHttpRoute(routeAName, gwName, testNamespace, []string{"*.a.example.com"}) + httpRouteA := testBuildBasicHttpRoute(routeAName, TestGatewayName, testNamespace, []string{"*.a.example.com"}) err := k8sClient.Create(ctx, httpRouteA) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteA))).WithContext(ctx).Should(BeTrue()) @@ -847,7 +846,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // To RLP A -> Route B // create httproute B - httpRouteB := testBuildBasicHttpRoute(routeBName, gwName, testNamespace, []string{"*.b.example.com"}) + httpRouteB := testBuildBasicHttpRoute(routeBName, TestGatewayName, testNamespace, []string{"*.b.example.com"}) err = k8sClient.Create(ctx, httpRouteB) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteB))).WithContext(ctx).Should(BeTrue()) @@ -974,13 +973,13 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // RLP B -> Route B // create httproute A - httpRouteA := testBuildBasicHttpRoute(routeAName, gwName, testNamespace, []string{"*.a.example.com"}) + httpRouteA := testBuildBasicHttpRoute(routeAName, TestGatewayName, testNamespace, []string{"*.a.example.com"}) err := k8sClient.Create(ctx, httpRouteA) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteA))).WithContext(ctx).Should(BeTrue()) // create httproute B - httpRouteB := testBuildBasicHttpRoute(routeBName, gwName, testNamespace, []string{"*.b.example.com"}) + httpRouteB := testBuildBasicHttpRoute(routeBName, TestGatewayName, testNamespace, []string{"*.b.example.com"}) err = k8sClient.Create(ctx, httpRouteB) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteB))).WithContext(ctx).Should(BeTrue()) @@ -1068,7 +1067,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // RLP A // create httproute A - httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.example.com"}) + httpRoute := testBuildBasicHttpRoute(routeName, TestGatewayName, testNamespace, []string{"*.example.com"}) err := k8sClient.Create(ctx, httpRoute) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRoute))).WithContext(ctx).Should(BeTrue()) @@ -1128,7 +1127,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // RLP B -> Route A // create httproute A - httpRouteA := testBuildBasicHttpRoute(routeAName, gwName, testNamespace, []string{"*.a.example.com"}) + httpRouteA := testBuildBasicHttpRoute(routeAName, TestGatewayName, testNamespace, []string{"*.a.example.com"}) err := k8sClient.Create(ctx, httpRouteA) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteA))).WithContext(ctx).Should(BeTrue()) @@ -1175,7 +1174,7 @@ var _ = Describe("RateLimitPolicy controller", Ordered, func() { // RLP A was the older owner of route A, and wiil be the new owner of route B // create httproute B - httpRouteB := testBuildBasicHttpRoute(routeBName, gwName, testNamespace, []string{"*.b.example.com"}) + httpRouteB := testBuildBasicHttpRoute(routeBName, TestGatewayName, testNamespace, []string{"*.b.example.com"}) err = k8sClient.Create(ctx, httpRouteB) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(httpRouteB))).WithContext(ctx).Should(BeTrue()) diff --git a/controllers/ratelimitpolicy_status_test.go b/controllers/ratelimitpolicy_status_test.go index d869c9f26..effc0c93b 100644 --- a/controllers/ratelimitpolicy_status_test.go +++ b/controllers/ratelimitpolicy_status_test.go @@ -1,3 +1,5 @@ +//go:build unit + package controllers import ( diff --git a/controllers/target_status_controller_test.go b/controllers/target_status_controller_test.go index e2db1ce93..610ec2832 100644 --- a/controllers/target_status_controller_test.go +++ b/controllers/target_status_controller_test.go @@ -51,7 +51,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { testNamespace = CreateNamespaceWithContext(ctx) // create gateway - gateway := testBuildBasicGateway(testGatewayName, testNamespace, func(gateway *gatewayapiv1.Gateway) { + gateway := testBuildBasicGateway(TestGatewayName, testNamespace, func(gateway *gatewayapiv1.Gateway) { gateway.Spec.Listeners = []gatewayapiv1.Listener{{ Name: gatewayapiv1.SectionName("test-listener-toystore-com"), Hostname: ptr.To(gatewayapiv1.Hostname("*.toystore.com")), @@ -65,7 +65,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(testGatewayIsReady(gateway)).WithContext(ctx).Should(BeTrue()) // create application - route := testBuildBasicHttpRoute(testHTTPRouteName, testGatewayName, testNamespace, []string{"*.toystore.com"}) + route := testBuildBasicHttpRoute(TestHTTPRouteName, TestGatewayName, testNamespace, []string{"*.toystore.com"}) err = k8sClient.Create(ctx, route) Expect(err).ToNot(HaveOccurred()) Eventually(testRouteIsAccepted(client.ObjectKeyFromObject(route))).WithContext(ctx).Should(BeTrue()) @@ -91,7 +91,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { if err != nil { return false } - routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) + routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) if !found { return false } @@ -105,7 +105,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { if err != nil { return false } - routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) + routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) if !found { return false } @@ -150,7 +150,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", - Name: testHTTPRouteName, + Name: TestHTTPRouteName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, Defaults: &v1beta2.AuthPolicyCommonSpec{ @@ -206,7 +206,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { return policyAcceptedAndTargetsAffected(ctx, routePolicy1)() && - !isAuthPolicyAccepted(ctx, routePolicy2)() && !routeAffected(ctx, testHTTPRouteName, policyAffectedCondition, client.ObjectKeyFromObject(routePolicy2)) + !isAuthPolicyAccepted(ctx, routePolicy2)() && !routeAffected(ctx, TestHTTPRouteName, policyAffectedCondition, client.ObjectKeyFromObject(routePolicy2)) }).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -224,8 +224,8 @@ var _ = Describe("Target status reconciler", Ordered, func() { Expect(k8sClient.Create(ctx, routePolicy2)).To(Succeed()) Eventually(func() bool { - return !isAuthPolicyAccepted(ctx, routePolicy1)() && routeNotAffected(ctx, testHTTPRouteName, policyAffectedCondition, client.ObjectKeyFromObject(routePolicy1)) && - !isAuthPolicyAccepted(ctx, routePolicy2)() && !routeAffected(ctx, testHTTPRouteName, policyAffectedCondition, client.ObjectKeyFromObject(routePolicy2)) + return !isAuthPolicyAccepted(ctx, routePolicy1)() && routeNotAffected(ctx, TestHTTPRouteName, policyAffectedCondition, client.ObjectKeyFromObject(routePolicy1)) && + !isAuthPolicyAccepted(ctx, routePolicy2)() && !routeAffected(ctx, TestHTTPRouteName, policyAffectedCondition, client.ObjectKeyFromObject(routePolicy2)) }).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -238,11 +238,11 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { // route is not affected by the policy route := &gatewayapiv1.HTTPRoute{} - err := k8sClient.Get(ctx, client.ObjectKey{Name: testHTTPRouteName, Namespace: testNamespace}, route) + err := k8sClient.Get(ctx, client.ObjectKey{Name: TestHTTPRouteName, Namespace: testNamespace}, route) if err != nil { return false } - routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) + routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) return !found || meta.IsStatusConditionFalse(routeParentStatus.Conditions, policyAffectedCondition) }).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -253,12 +253,12 @@ var _ = Describe("Target status reconciler", Ordered, func() { policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: testGatewayName, + Name: TestGatewayName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), } }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) - Eventually(policyAcceptedAndTargetsAffected(ctx, policy, testHTTPRouteName)).WithContext(ctx).Should(BeTrue()) + Eventually(policyAcceptedAndTargetsAffected(ctx, policy, TestHTTPRouteName)).WithContext(ctx).Should(BeTrue()) }, testTimeOut) It("removes PolicyAffected status condition from the targeted gateway and routes when the policy is deleted", func(ctx SpecContext) { @@ -267,7 +267,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: testGatewayName, + Name: TestGatewayName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), } }) @@ -278,17 +278,17 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { // gateway and route not affected by the policy gateway := &gatewayapiv1.Gateway{} - err := k8sClient.Get(ctx, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, gateway) + err := k8sClient.Get(ctx, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, gateway) if err != nil || meta.IsStatusConditionTrue(gateway.Status.Conditions, policyAffectedCondition) { return false } route := &gatewayapiv1.HTTPRoute{} - err = k8sClient.Get(ctx, client.ObjectKey{Name: testHTTPRouteName, Namespace: testNamespace}, route) + err = k8sClient.Get(ctx, client.ObjectKey{Name: TestHTTPRouteName, Namespace: testNamespace}, route) if err != nil { return false } - routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) + routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) return !found || meta.IsStatusConditionFalse(routeParentStatus.Conditions, policyAffectedCondition) }).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -298,8 +298,8 @@ var _ = Describe("Target status reconciler", Ordered, func() { Expect(k8sClient.Create(ctx, routePolicy)).To(Succeed()) Eventually(policyAcceptedAndTargetsAffected(ctx, routePolicy)).WithContext(ctx).Should(BeTrue()) - otherRouteName := testHTTPRouteName + "-other" - otherRoute := testBuildBasicHttpRoute(otherRouteName, testGatewayName, testNamespace, []string{"other.toystore.com"}) + otherRouteName := TestHTTPRouteName + "-other" + otherRoute := testBuildBasicHttpRoute(otherRouteName, TestGatewayName, testNamespace, []string{"other.toystore.com"}) Expect(k8sClient.Create(ctx, otherRoute)).To(Succeed()) gatewayPolicy := policyFactory(func(policy *v1beta2.AuthPolicy) { @@ -307,7 +307,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: testGatewayName, + Name: TestGatewayName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), } }) @@ -321,7 +321,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { // remove route policy and check if the gateway policy has been rolled out to the status of the newly non-targeted route Expect(k8sClient.Delete(ctx, routePolicy)).To(Succeed()) - Eventually(policyAcceptedAndTargetsAffected(ctx, gatewayPolicy, otherRouteName, testHTTPRouteName)).WithContext(ctx).Should(BeTrue()) + Eventually(policyAcceptedAndTargetsAffected(ctx, gatewayPolicy, otherRouteName, TestHTTPRouteName)).WithContext(ctx).Should(BeTrue()) }, testTimeOut) }) @@ -343,7 +343,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", - Name: gatewayapiv1.ObjectName(testHTTPRouteName), + Name: gatewayapiv1.ObjectName(TestHTTPRouteName), }, Defaults: &v1beta2.RateLimitPolicyCommonSpec{ Limits: map[string]v1beta2.Limit{ @@ -391,11 +391,11 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { // route is not affected by the policy route := &gatewayapiv1.HTTPRoute{} - err := k8sClient.Get(ctx, client.ObjectKey{Name: testHTTPRouteName, Namespace: testNamespace}, route) + err := k8sClient.Get(ctx, client.ObjectKey{Name: TestHTTPRouteName, Namespace: testNamespace}, route) if err != nil { return false } - routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) + routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) return !found || meta.IsStatusConditionFalse(routeParentStatus.Conditions, policyAffectedCondition) }).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -406,12 +406,12 @@ var _ = Describe("Target status reconciler", Ordered, func() { policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: testGatewayName, + Name: TestGatewayName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), } }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) - Eventually(policyAcceptedAndTargetsAffected(ctx, policy, testHTTPRouteName)).WithContext(ctx).Should(BeTrue()) + Eventually(policyAcceptedAndTargetsAffected(ctx, policy, TestHTTPRouteName)).WithContext(ctx).Should(BeTrue()) }, testTimeOut) It("removes PolicyAffected status condition from the targeted gateway and routes when the policy is deleted", func(ctx SpecContext) { @@ -420,7 +420,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: testGatewayName, + Name: TestGatewayName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), } }) @@ -431,17 +431,17 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { // gateway and route not affected by the policy gateway := &gatewayapiv1.Gateway{} - err := k8sClient.Get(ctx, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, gateway) + err := k8sClient.Get(ctx, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, gateway) if err != nil || meta.IsStatusConditionTrue(gateway.Status.Conditions, policyAffectedCondition) { return false } route := &gatewayapiv1.HTTPRoute{} - err = k8sClient.Get(ctx, client.ObjectKey{Name: testHTTPRouteName, Namespace: testNamespace}, route) + err = k8sClient.Get(ctx, client.ObjectKey{Name: TestHTTPRouteName, Namespace: testNamespace}, route) if err != nil { return false } - routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) + routeParentStatus, found := utils.Find(route.Status.RouteStatus.Parents, findRouteParentStatusFunc(route, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, kuadrant.ControllerName)) return !found || meta.IsStatusConditionFalse(routeParentStatus.Conditions, policyAffectedCondition) }).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -451,8 +451,8 @@ var _ = Describe("Target status reconciler", Ordered, func() { Expect(k8sClient.Create(ctx, routePolicy)).To(Succeed()) Eventually(policyAcceptedAndTargetsAffected(ctx, routePolicy)).WithContext(ctx).Should(BeTrue()) - otherRouteName := testHTTPRouteName + "-other" - otherRoute := testBuildBasicHttpRoute(otherRouteName, testGatewayName, testNamespace, []string{"other.toystore.com"}) + otherRouteName := TestHTTPRouteName + "-other" + otherRoute := testBuildBasicHttpRoute(otherRouteName, TestGatewayName, testNamespace, []string{"other.toystore.com"}) Expect(k8sClient.Create(ctx, otherRoute)).To(Succeed()) gatewayPolicy := policyFactory(func(policy *v1beta2.RateLimitPolicy) { @@ -460,7 +460,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", - Name: testGatewayName, + Name: TestGatewayName, Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), } }) @@ -474,7 +474,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { // remove route policy and check if the gateway policy has been rolled out to the status of the newly non-targeted route Expect(k8sClient.Delete(ctx, routePolicy)).To(Succeed()) - Eventually(policyAcceptedAndTargetsAffected(ctx, gatewayPolicy, otherRouteName, testHTTPRouteName)).WithContext(ctx).Should(BeTrue()) + Eventually(policyAcceptedAndTargetsAffected(ctx, gatewayPolicy, otherRouteName, TestHTTPRouteName)).WithContext(ctx).Should(BeTrue()) }, testTimeOut) }) @@ -483,7 +483,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { // policyFactory builds a standards DNSPolicy object that targets the test gateway by default, with the given mutate functions applied policyFactory := func(mutateFns ...func(policy *v1alpha1.DNSPolicy)) *v1alpha1.DNSPolicy { - policy := v1alpha1.NewDNSPolicy("test-dns-policy", testNamespace).WithTargetGateway(testGatewayName).WithRoutingStrategy(v1alpha1.SimpleRoutingStrategy) + policy := v1alpha1.NewDNSPolicy("test-dns-policy", testNamespace).WithTargetGateway(TestGatewayName).WithRoutingStrategy(v1alpha1.SimpleRoutingStrategy) for _, mutateFn := range mutateFns { mutateFn(policy) } @@ -499,15 +499,21 @@ var _ = Describe("Target status reconciler", Ordered, func() { return meta.IsStatusConditionTrue(policy.Status.Conditions, string(gatewayapiv1alpha2.PolicyConditionAccepted)) } + isDNSPolicyEnforced := func(ctx context.Context, policyKey client.ObjectKey) bool { + policy := &v1alpha1.DNSPolicy{} + err := k8sClient.Get(ctx, policyKey, policy) + if err != nil { + return false + } + return meta.IsStatusConditionTrue(policy.Status.Conditions, string(kuadrant.PolicyConditionEnforced)) + } + // policyAcceptedAndTargetsAffected returns an assertion function that checks if a DNSPolicy is accepted // and the statuses of its target object has been all updated as affected by the policy policyAcceptedAndTargetsAffected := func(ctx context.Context, policy *v1alpha1.DNSPolicy) func() bool { return func() bool { policyKey := client.ObjectKeyFromObject(policy) - if !isDNSPolicyAccepted(ctx, policyKey) { - return false - } - return targetsAffected(ctx, policyKey, policyAffectedCondition, policy.Spec.TargetRef) + return isDNSPolicyAccepted(ctx, policyKey) && targetsAffected(ctx, policyKey, policyAffectedCondition, policy.Spec.TargetRef) } } @@ -525,6 +531,8 @@ var _ = Describe("Target status reconciler", Ordered, func() { It("adds PolicyAffected status condition to the targeted gateway", func(ctx SpecContext) { policy := policyFactory() Expect(k8sClient.Create(ctx, policy)).To(Succeed()) + // policy should not be enforced since DNS Record is not ready because of the missing secret on the MZ + Eventually(isDNSPolicyEnforced(ctx, client.ObjectKeyFromObject(policy))).ShouldNot(BeTrue()) Eventually(policyAcceptedAndTargetsAffected(ctx, policy)).WithContext(ctx).Should(BeTrue()) }, testTimeOut) @@ -538,11 +546,11 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { gateway := &gatewayapiv1.Gateway{} - err := k8sClient.Get(ctx, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, gateway) + err := k8sClient.Get(ctx, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, gateway) if err != nil { return false } - condition := meta.FindStatusCondition(gateway.Status.Conditions, testGatewayName) + condition := meta.FindStatusCondition(gateway.Status.Conditions, TestGatewayName) return condition == nil || !strings.Contains(condition.Message, policyKey.String()) || condition.Status == metav1.ConditionFalse }) }, testTimeOut) @@ -556,7 +564,7 @@ var _ = Describe("Target status reconciler", Ordered, func() { // policyFactory builds a standards TLSPolicy object that targets the test gateway by default, with the given mutate functions applied policyFactory := func(mutateFns ...func(policy *v1alpha1.TLSPolicy)) *v1alpha1.TLSPolicy { - policy := v1alpha1.NewTLSPolicy("test-tls-policy", testNamespace).WithTargetGateway(testGatewayName).WithIssuerRef(*issuerRef) + policy := v1alpha1.NewTLSPolicy("test-tls-policy", testNamespace).WithTargetGateway(TestGatewayName).WithIssuerRef(*issuerRef) for _, mutateFn := range mutateFns { mutateFn(policy) } @@ -612,11 +620,11 @@ var _ = Describe("Target status reconciler", Ordered, func() { Eventually(func() bool { gateway := &gatewayapiv1.Gateway{} - err := k8sClient.Get(ctx, client.ObjectKey{Name: testGatewayName, Namespace: testNamespace}, gateway) + err := k8sClient.Get(ctx, client.ObjectKey{Name: TestGatewayName, Namespace: testNamespace}, gateway) if err != nil { return false } - condition := meta.FindStatusCondition(gateway.Status.Conditions, testGatewayName) + condition := meta.FindStatusCondition(gateway.Status.Conditions, TestGatewayName) return condition == nil || !strings.Contains(condition.Message, policyKey.String()) || condition.Status == metav1.ConditionFalse }) }, testTimeOut) diff --git a/controllers/tlspolicy_status_test.go b/controllers/tlspolicy_status_test.go index f0b738ea0..8980984f7 100644 --- a/controllers/tlspolicy_status_test.go +++ b/controllers/tlspolicy_status_test.go @@ -1,3 +1,5 @@ +//go:build unit + package controllers import ( @@ -28,8 +30,8 @@ func TestTLSPolicyReconciler_enforcedCondition(t *testing.T) { ns = "default" tlsPolicyName = "kuadrant-tls-policy" issuerName = "kuadrant-issuer" - gwName = "kuadrant-gateway" certificateName = "kuadrant-certifcate" + gwName = "kuadrant-gateway" ) scheme := runtime.NewScheme() diff --git a/pkg/library/kuadrant/apimachinery_status_conditions.go b/pkg/library/kuadrant/apimachinery_status_conditions.go index fb0822ac5..b6d8e8065 100644 --- a/pkg/library/kuadrant/apimachinery_status_conditions.go +++ b/pkg/library/kuadrant/apimachinery_status_conditions.go @@ -107,12 +107,14 @@ func AcceptedCondition(p Policy, err error) *metav1.Condition { func EnforcedCondition(policy Policy, err PolicyError, allSubresourcesReady bool) *metav1.Condition { // Enforced message := fmt.Sprintf("%s has been successfully enforced", policy.Kind()) + status := metav1.ConditionTrue if !allSubresourcesReady { message = fmt.Sprintf("%s has been partially enforced", policy.Kind()) + status = metav1.ConditionFalse } cond := &metav1.Condition{ Type: string(PolicyConditionEnforced), - Status: metav1.ConditionTrue, + Status: status, Reason: string(PolicyReasonEnforced), Message: message, }