refactor: reuse xPolicy status methods for backendTLSPolicy (envoypro…

…xy#2950) reuse xPolicy status func for backendTLSPolicy Signed-off-by: shawnh2 <shawnhxh@outlook.com> Co-authored-by: zirain <zirain2009@gmail.com>
ShyunnY · Apr 1, 2024 · 3c98f16 · 3c98f16
1 parent 5938516
commit 3c98f16
Show file tree

Hide file tree

Showing 7 changed files with 25 additions and 64 deletions.
diff --git a/internal/gatewayapi/backendtlspolicy.go b/internal/gatewayapi/backendtlspolicy.go
@@ -9,7 +9,6 @@ import (
 	"fmt"
 
 	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/ptr"
 	gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"
 	gwapiv1a2 "sigs.k8s.io/gateway-api/apis/v1alpha2"
@@ -30,19 +29,17 @@ func (t *Translator) processBackendTLSPolicy(
 
 	policy := getBackendTLSPolicy(resources.BackendTLSPolicies, backendRef, backendNamespace)
 
-	ancestor := gwapiv1a2.PolicyAncestorStatus{
-		AncestorRef:    parent,
-		ControllerName: gwapiv1.GatewayController(t.GatewayControllerName),
+	ancestorRefs := []gwapiv1a2.ParentReference{
+		parent,
 	}
 
 	if err != nil {
-		status.SetBackendTLSPolicyCondition(
-			policy,
-			ancestor,
-			gwapiv1a2.PolicyConditionAccepted,
-			metav1.ConditionFalse,
-			gwapiv1a2.PolicyReasonInvalid,
-			status.Error2ConditionMsg(err))
+		status.SetTranslationErrorForPolicyAncestors(&policy.Status,
+			ancestorRefs,
+			t.GatewayControllerName,
+			policy.Generation,
+			status.Error2ConditionMsg(err),
+		)
 		return nil
 	}
 
@@ -67,25 +64,21 @@ func (t *Translator) processBackendTLSPolicy(
 			},
 			resources.ReferenceGrants,
 		) {
-			status.SetBackendTLSPolicyCondition(
-				policy,
-				ancestor,
-				gwapiv1a2.PolicyConditionAccepted,
-				metav1.ConditionFalse,
-				gwapiv1a2.PolicyReasonInvalid,
-				fmt.Sprintf("target ref to %s %s/%s not permitted by any ReferenceGrant",
-					backendRefKind, backendNamespace, backendRef.Name))
+			err = fmt.Errorf("target ref to %s %s/%s not permitted by any ReferenceGrant",
+				backendRefKind, backendNamespace, backendRef.Name)
+
+			status.SetTranslationErrorForPolicyAncestors(&policy.Status,
+				ancestorRefs,
+				t.GatewayControllerName,
+				policy.Generation,
+				status.Error2ConditionMsg(err),
+			)
 			return nil
 		}
 	}
 
-	status.SetBackendTLSPolicyCondition(
-		policy,
-		ancestor,
-		gwapiv1a2.PolicyConditionAccepted,
-		metav1.ConditionTrue,
-		gwapiv1a2.PolicyReasonAccepted,
-		"BackendTLSPolicy is Accepted")
+	status.SetAcceptedForPolicyAncestors(&policy.Status, ancestorRefs, t.GatewayControllerName)
+
 	return tlsBundle
 }
 

diff --git a/internal/gatewayapi/testdata/backendtlspolicy-ca-only.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-ca-only.out.yaml
@@ -26,7 +26,7 @@ backendTLSPolicies:
         sectionName: http
       conditions:
       - lastTransitionTime: null
-        message: BackendTLSPolicy is Accepted
+        message: Policy has been accepted.
         reason: Accepted
         status: "True"
         type: Accepted

diff --git a/internal/gatewayapi/testdata/backendtlspolicy-default-ns.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-default-ns.out.yaml
@@ -25,7 +25,7 @@ backendTLSPolicies:
         sectionName: http
       conditions:
       - lastTransitionTime: null
-        message: BackendTLSPolicy is Accepted
+        message: Policy has been accepted.
         reason: Accepted
         status: "True"
         type: Accepted

diff --git a/internal/gatewayapi/testdata/backendtlspolicy-system-truststore.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-system-truststore.out.yaml
@@ -22,7 +22,7 @@ backendTLSPolicies:
         sectionName: http
       conditions:
       - lastTransitionTime: null
-        message: BackendTLSPolicy is Accepted
+        message: Policy has been accepted.
         reason: Accepted
         status: "True"
         type: Accepted

diff --git a/internal/gatewayapi/testdata/backendtlspolicy-without-referencegrant.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-without-referencegrant.out.yaml
@@ -26,7 +26,7 @@ backendTLSPolicies:
         sectionName: http
       conditions:
       - lastTransitionTime: null
-        message: target ref to Service backends/http-backend not permitted by any
+        message: Target ref to Service backends/http-backend not permitted by any
           ReferenceGrant
         reason: Invalid
         status: "False"

diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-with-backendtlspolicy.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-with-backendtlspolicy.out.yaml
@@ -27,7 +27,7 @@ backendTLSPolicies:
         namespace: default
       conditions:
       - lastTransitionTime: null
-        message: BackendTLSPolicy is Accepted
+        message: Policy has been accepted.
         reason: Accepted
         status: "True"
         type: Accepted
@@ -59,7 +59,7 @@ backendTLSPolicies:
         namespace: default
       conditions:
       - lastTransitionTime: null
-        message: BackendTLSPolicy is Accepted
+        message: Policy has been accepted.
         reason: Accepted
         status: "True"
         type: Accepted

diff --git a/internal/status/backendtlspolicy.go b/internal/status/backendtlspolicy.go