Simplify ancestorsFull

Author: Kate Osborn

internal/mode/static/state/graph/backend_tls_policy.go

@@ -1,17 +1,13 @@
 package graph
 
 import (
-	"errors"
 	"fmt"
 
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	v1 "sigs.k8s.io/gateway-api/apis/v1"
 	"sigs.k8s.io/gateway-api/apis/v1alpha3"
 
 	"github.com/nginxinc/nginx-gateway-fabric/internal/framework/conditions"
-	"github.com/nginxinc/nginx-gateway-fabric/internal/framework/kinds"
 	staticConds "github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/conditions"
 )
 
@@ -45,12 +41,8 @@ func processBackendTLSPolicies(
 	processedBackendTLSPolicies := make(map[types.NamespacedName]*BackendTLSPolicy, len(backendTLSPolicies))
 	for nsname, backendTLSPolicy := range backendTLSPolicies {
 		var caCertRef types.NamespacedName
-		valid, ignored, conds := validateBackendTLSPolicy(
-			backendTLSPolicy,
-			configMapResolver,
-			ctlrName,
-			gateway,
-		)
+
+		valid, ignored, conds := validateBackendTLSPolicy(backendTLSPolicy, configMapResolver, ctlrName)
 
 		if valid && !ignored && backendTLSPolicy.Spec.Validation.CACertificateRefs != nil {
 			caCertRef = types.NamespacedName{
@@ -77,14 +69,16 @@ func validateBackendTLSPolicy(
 	backendTLSPolicy *v1alpha3.BackendTLSPolicy,
 	configMapResolver *configMapResolver,
 	ctlrName string,
-	gateway *Gateway,
 ) (valid, ignored bool, conds []conditions.Condition) {
 	valid = true
 	ignored = false
-	if err := validateAncestorMaxCount(backendTLSPolicy, ctlrName, gateway); err != nil {
+
+	// FIXME (kate-osborn): https://github.com/nginxinc/nginx-gateway-fabric/issues/1987
+	if ancestorsFull(backendTLSPolicy.Status.Ancestors, ctlrName) {
 		valid = false
 		ignored = true
 	}
+
 	if err := validateBackendTLSHostname(backendTLSPolicy); err != nil {
 		valid = false
 		conds = append(conds, staticConds.NewPolicyInvalid(fmt.Sprintf("invalid hostname: %s", err.Error())))
@@ -115,17 +109,6 @@ func validateBackendTLSPolicy(
 	return valid, ignored, conds
 }
 
-func validateAncestorMaxCount(backendTLSPolicy *v1alpha3.BackendTLSPolicy, ctlrName string, gateway *Gateway) error {
-	ancestorRef := createParentReference(v1.GroupName, kinds.Gateway, client.ObjectKeyFromObject(gateway.Source))
-
-	if ancestorsFull(backendTLSPolicy.Status.Ancestors, ancestorRef, ctlrName) {
-		// FIXME (kate-osborn): https://github.com/nginxinc/nginx-gateway-fabric/issues/1987
-		return errors.New("too many ancestors, cannot attach a new Gateway")
-	}
-
-	return nil
-}
-
 func validateBackendTLSHostname(btp *v1alpha3.BackendTLSPolicy) error {
 	h := string(btp.Spec.Validation.Hostname)
 

internal/mode/static/state/graph/backend_tls_policy_test.go

@@ -397,16 +397,7 @@ func TestValidateBackendTLSPolicy(t *testing.T) {
 		t.Run(test.name, func(t *testing.T) {
 			g := NewWithT(t)
 
-			gateway := &Gateway{
-				Source: &gatewayv1.Gateway{ObjectMeta: metav1.ObjectMeta{Name: "gateway", Namespace: "test"}},
-			}
-
-			valid, ignored, conds := validateBackendTLSPolicy(
-				test.tlsPolicy,
-				configMapResolver,
-				"test",
-				gateway,
-			)
+			valid, ignored, conds := validateBackendTLSPolicy(test.tlsPolicy, configMapResolver, "test")
 
 			g.Expect(valid).To(Equal(test.isValid))
 			g.Expect(ignored).To(Equal(test.ignored))

internal/mode/static/state/graph/policies.go

@@ -101,7 +101,7 @@ func attachPolicyToRoute(policy *Policy, route *L7Route, ctlrName string) {
 	}
 
 	curAncestorStatus := policy.Source.GetPolicyStatus().Ancestors
-	if ancestorsFull(curAncestorStatus, ancestor.Ancestor, ctlrName) {
+	if ancestorsFull(curAncestorStatus, ctlrName) {
 		// FIXME (kate-osborn): https://github.com/nginxinc/nginx-gateway-fabric/issues/1987
 		return
 	}
@@ -136,7 +136,7 @@ func attachPolicyToGateway(
 	}
 
 	curAncestorStatus := policy.Source.GetPolicyStatus().Ancestors
-	if ancestorsFull(curAncestorStatus, ancestor.Ancestor, ctlrName) {
+	if ancestorsFull(curAncestorStatus, ctlrName) {
 		// FIXME (kate-osborn): https://github.com/nginxinc/nginx-gateway-fabric/issues/1987
 		return
 	}

internal/mode/static/state/graph/policy_ancestor.go

@@ -4,56 +4,27 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	v1 "sigs.k8s.io/gateway-api/apis/v1"
 	"sigs.k8s.io/gateway-api/apis/v1alpha2"
-
-	"github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers"
 )
 
 const maxAncestors = 16
 
 func ancestorsFull(
 	ancestors []v1alpha2.PolicyAncestorStatus,
-	newAncestor v1.ParentReference,
 	ctlrName string,
 ) bool {
 	if len(ancestors) < maxAncestors {
 		return false
 	}
 
-	status := v1alpha2.PolicyAncestorStatus{AncestorRef: newAncestor, ControllerName: v1.GatewayController(ctlrName)}
-
 	for _, ancestor := range ancestors {
-		if ancestorStatusEqual(ancestor, status) {
+		if string(ancestor.ControllerName) == ctlrName {
 			return false
 		}
 	}
 
 	return true
 }
 
-func ancestorStatusEqual(curStatus v1alpha2.PolicyAncestorStatus, newStatus v1alpha2.PolicyAncestorStatus) bool {
-	if curStatus.ControllerName != newStatus.ControllerName {
-		return false
-	}
-
-	if !helpers.EqualPointers(curStatus.AncestorRef.Group, newStatus.AncestorRef.Group) {
-		return false
-	}
-
-	if !helpers.EqualPointers(curStatus.AncestorRef.Kind, newStatus.AncestorRef.Kind) {
-		return false
-	}
-
-	if curStatus.AncestorRef.Name != newStatus.AncestorRef.Name {
-		return false
-	}
-
-	if !helpers.EqualPointers(curStatus.AncestorRef.Namespace, newStatus.AncestorRef.Namespace) {
-		return false
-	}
-
-	return true
-}
-
 func createParentReference(
 	group v1.Group,
 	kind v1.Kind,

internal/mode/static/state/graph/policy_ancestor_test.go

@@ -6,25 +6,14 @@ import (
 	. "github.com/onsi/gomega"
 	v1 "sigs.k8s.io/gateway-api/apis/v1"
 	"sigs.k8s.io/gateway-api/apis/v1alpha2"
-
-	"github.com/nginxinc/nginx-gateway-fabric/internal/framework/helpers"
-	"github.com/nginxinc/nginx-gateway-fabric/internal/framework/kinds"
 )
 
 func TestAncestorsFull(t *testing.T) {
-	ns := "test"
-
 	createCurStatus := func(numAncestors int, ctlrName string) []v1alpha2.PolicyAncestorStatus {
 		statuses := make([]v1alpha2.PolicyAncestorStatus, 0, numAncestors)
 
 		for i := 0; i < numAncestors; i++ {
 			statuses = append(statuses, v1alpha2.PolicyAncestorStatus{
-				AncestorRef: v1.ParentReference{
-					Group:     helpers.GetPointer[v1.Group](v1.GroupName),
-					Kind:      helpers.GetPointer[v1.Kind](kinds.Gateway),
-					Namespace: (*v1.Namespace)(&ns),
-					Name:      "name",
-				},
 				ControllerName: v1.GatewayController(ctlrName),
 			})
 		}
@@ -33,169 +22,33 @@ func TestAncestorsFull(t *testing.T) {
 	}
 
 	tests := []struct {
-		newAncestor v1.ParentReference
-		name        string
-		curStatus   []v1alpha2.PolicyAncestorStatus
-		expFull     bool
+		name      string
+		curStatus []v1alpha2.PolicyAncestorStatus
+		expFull   bool
 	}{
 		{
 			name:      "not full",
 			curStatus: createCurStatus(15, "controller"),
-			newAncestor: v1.ParentReference{
-				Group:     helpers.GetPointer[v1.Group](v1.GroupName),
-				Kind:      helpers.GetPointer[v1.Kind](kinds.Gateway),
-				Namespace: (*v1.Namespace)(&ns),
-				Name:      "name",
-			},
-			expFull: false,
+			expFull:   false,
 		},
 		{
 			name:      "full; ancestor does not exist in current status",
 			curStatus: createCurStatus(16, "controller"),
-			newAncestor: v1.ParentReference{
-				Group:     helpers.GetPointer[v1.Group](v1.GroupName),
-				Kind:      helpers.GetPointer[v1.Kind](kinds.Gateway),
-				Namespace: (*v1.Namespace)(&ns),
-				Name:      "name",
-			},
-			expFull: true,
+			expFull:   true,
 		},
 		{
 			name:      "full, but ancestor does exist in current status",
 			curStatus: createCurStatus(16, "nginx-gateway"),
-			newAncestor: v1.ParentReference{
-				Group:     helpers.GetPointer[v1.Group](v1.GroupName),
-				Kind:      helpers.GetPointer[v1.Kind](kinds.Gateway),
-				Namespace: (*v1.Namespace)(&ns),
-				Name:      "name",
-			},
-			expFull: false,
+			expFull:   false,
 		},
 	}
 
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
 			g := NewWithT(t)
 
-			full := ancestorsFull(test.curStatus, test.newAncestor, "nginx-gateway")
+			full := ancestorsFull(test.curStatus, "nginx-gateway")
 			g.Expect(full).To(Equal(test.expFull))
 		})
 	}
 }
-
-func TestAncestorStatusExists(t *testing.T) {
-	getStatus := func() v1alpha2.PolicyAncestorStatus {
-		ns := "test"
-
-		return v1alpha2.PolicyAncestorStatus{
-			AncestorRef: v1.ParentReference{
-				Group:     helpers.GetPointer[v1.Group](v1.GroupName),
-				Kind:      helpers.GetPointer[v1.Kind](kinds.Gateway),
-				Namespace: (*v1.Namespace)(&ns),
-				Name:      "name",
-			},
-			ControllerName: "nginx-gateway",
-		}
-	}
-
-	type modFunc func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus
-
-	getModifiedStatus := func(mod modFunc) v1alpha2.PolicyAncestorStatus {
-		return mod(getStatus())
-	}
-
-	tests := []struct {
-		name      string
-		curStatus v1alpha2.PolicyAncestorStatus
-		newStatus v1alpha2.PolicyAncestorStatus
-		expEqual  bool
-	}{
-		{
-			name:      "equal",
-			curStatus: getStatus(),
-			newStatus: getStatus(),
-			expEqual:  true,
-		},
-		{
-			name:      "different controller name",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.ControllerName = "not-ours"
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name:      "different groups; one nil",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.AncestorRef.Group = nil
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name:      "different groups",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.AncestorRef.Group = helpers.GetPointer[v1.Group]("DiffGroup")
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name:      "different kinds; one nil",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.AncestorRef.Kind = nil
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name:      "different kinds",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.AncestorRef.Kind = helpers.GetPointer[v1.Kind](kinds.HTTPRoute)
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name:      "different names",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.AncestorRef.Name = "diff-name"
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name:      "different namespaces; one nil",
-			curStatus: getStatus(),
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				s.AncestorRef.Namespace = nil
-				return s
-			}),
-			expEqual: false,
-		},
-		{
-			name: "different namespaces",
-			newStatus: getModifiedStatus(func(s v1alpha2.PolicyAncestorStatus) v1alpha2.PolicyAncestorStatus {
-				diffNs := "diff"
-				s.AncestorRef.Namespace = (*v1.Namespace)(&diffNs)
-				return s
-			}),
-			expEqual: false,
-		},
-	}
-
-	for _, test := range tests {
-		t.Run(test.name, func(t *testing.T) {
-			g := NewWithT(t)
-
-			equal := ancestorStatusEqual(test.curStatus, test.newStatus)
-			g.Expect(equal).To(Equal(test.expEqual))
-		})
-	}
-}