add conversion code from state to graph

Author: sarthyparty

internal/framework/kinds/kinds.go

@@ -19,6 +19,8 @@ const (
 	HTTPRoute = "HTTPRoute"
 	// GRPCRoute is the GRPCRoute kind.
 	GRPCRoute = "GRPCRoute"
+	// TLSRoute is the TLSRoute kind.
+	TLSRoute = "TLSRoute"
 )
 
 // NGINX Gateway Fabric kinds.

internal/mode/static/state/graph/backend_refs.go

@@ -16,7 +16,7 @@ import (
 	staticConds "github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/conditions"
 )
 
-// BackendRef is an internal representation of a backendRef in an HTTP/GRPCRoute.
+// BackendRef is an internal representation of a backendRef in an HTTP/GRPC/TLSRoute.
 type BackendRef struct {
 	// BackendTLSPolicy is the BackendTLSPolicy of the Service which is referenced by the backendRef.
 	BackendTLSPolicy *BackendTLSPolicy

internal/mode/static/state/graph/gateway_listener.go

@@ -62,7 +62,7 @@ func buildListeners(
 }
 
 type listenerConfiguratorFactory struct {
-	http, https, unsupportedProtocol *listenerConfigurator
+	http, https, tls, unsupportedProtocol *listenerConfigurator
 }
 
 func (f *listenerConfiguratorFactory) getConfiguratorForListener(l v1.Listener) *listenerConfigurator {
@@ -71,6 +71,8 @@ func (f *listenerConfiguratorFactory) getConfiguratorForListener(l v1.Listener)
 		return f.http
 	case v1.HTTPSProtocolType:
 		return f.https
+	case v1.TLSProtocolType:
+		return f.tls
 	default:
 		return f.unsupportedProtocol
 	}
@@ -122,6 +124,15 @@ func newListenerConfiguratorFactory(
 				createExternalReferencesForTLSSecretsResolver(gw.Namespace, secretResolver, refGrantResolver),
 			},
 		},
+		tls: &listenerConfigurator{
+			validators: []listenerValidator{
+				validateListenerAllowedRouteKind,
+				validateListenerLabelSelector,
+				validateListenerHostname,
+			},
+			conflictResolvers:          []listenerConflictResolver{},
+			externalReferenceResolvers: []listenerExternalReferenceResolver{},
+		},
 	}
 }
 
@@ -185,6 +196,7 @@ func (c *listenerConfigurator) configure(listener v1.Listener) *Listener {
 		Conditions:                conds,
 		AllowedRouteLabelSelector: allowedRouteSelector,
 		Routes:                    make(map[RouteKey]*L7Route),
+		L4Routes:                  make(map[L4RouteKey]*L4Route),
 		Valid:                     valid,
 		Attachable:                attachable,
 		SupportedKinds:            supportedKinds,
@@ -196,7 +208,8 @@ func (c *listenerConfigurator) configure(listener v1.Listener) *Listener {
 
 	// resolvers might add different conditions to the listener, so we run them all.
 
-	for _, resolver := range c.conflictResolvers {
+	for _, resolver := range c.
+		conflictResolvers {
 		resolver(l)
 	}
 
@@ -231,37 +244,74 @@ func getAndValidateListenerSupportedKinds(listener v1.Listener) (
 	[]v1.RouteGroupKind,
 ) {
 	if listener.AllowedRoutes == nil || listener.AllowedRoutes.Kinds == nil {
-		return nil, []v1.RouteGroupKind{
-			{
-				Kind: kinds.HTTPRoute,
-			},
+		switch listener.Protocol {
+		case v1.HTTPProtocolType, v1.HTTPSProtocolType:
+			return nil, []v1.RouteGroupKind{
+				{
+					Kind: kinds.HTTPRoute,
+				},
+				{
+					Kind: kinds.GRPCRoute,
+				},
+			}
+		case v1.TLSProtocolType:
+			return nil, []v1.RouteGroupKind{
+				{
+					Kind: kinds.TLSRoute,
+				},
+			}
+		default:
+			return nil, []v1.RouteGroupKind{
+				{
+					Kind: kinds.HTTPRoute,
+				},
+				{
+					Kind: kinds.GRPCRoute,
+				},
+			}
 		}
 	}
 	var conds []conditions.Condition
 
 	supportedKinds := make([]v1.RouteGroupKind, 0, len(listener.AllowedRoutes.Kinds))
 
-	validHTTPProtocolRouteKind := func(kind v1.RouteGroupKind) bool {
-		if kind.Kind != v1.Kind(kinds.HTTPRoute) && kind.Kind != v1.Kind(kinds.GRPCRoute) {
+	validProtocolRouteKind := func(kind v1.RouteGroupKind, validKinds []v1.Kind) bool {
+		matchedKind := false
+		for _, k := range validKinds {
+			if k == kind.Kind {
+				matchedKind = true
+				break
+			}
+		}
+		if !matchedKind {
 			return false
 		}
-		if kind.Group == nil || *kind.Group != v1.GroupName {
+		if kind.Group != nil && *kind.Group != v1.GroupName {
 			return false
 		}
 		return true
 	}
 
-	switch listener.Protocol {
-	case v1.HTTPProtocolType, v1.HTTPSProtocolType:
+	validateProtocolRouteKinds := func(validKinds []v1.Kind) {
 		for _, kind := range listener.AllowedRoutes.Kinds {
-			if !validHTTPProtocolRouteKind(kind) {
+			if !validProtocolRouteKind(kind, validKinds) {
 				msg := fmt.Sprintf("Unsupported route kind \"%s/%s\"", *kind.Group, kind.Kind)
 				conds = append(conds, staticConds.NewListenerInvalidRouteKinds(msg)...)
 				continue
 			}
 			supportedKinds = append(supportedKinds, kind)
 		}
 	}
+
+	switch listener.Protocol {
+	case v1.HTTPProtocolType, v1.HTTPSProtocolType:
+		validKinds := []v1.Kind{kinds.GRPCRoute, kinds.HTTPRoute}
+		validateProtocolRouteKinds(validKinds)
+
+	case v1.TLSProtocolType:
+		validKinds := []v1.Kind{kinds.TLSRoute}
+		validateProtocolRouteKinds(validKinds)
+	}
 	return conds, supportedKinds
 }
 

internal/mode/static/state/graph/gateway_listener_test.go

@@ -356,6 +356,9 @@ func TestGetAndValidateListenerSupportedKinds(t *testing.T) {
 				{
 					Kind: kinds.HTTPRoute,
 				},
+				{
+					Kind: kinds.GRPCRoute,
+				},
 			},
 		},
 		{