gateway-api: Add required labels and annotations

[ upstream commit 5e6e4af ] This commit is to add the required label gateway-name e.g. `gateway.networking.k8s.io/gateway-name`, and propagate all labels and annotations from spec.infrastructure in all generated resources. The main goal is to conform with below GEP. Relates: kubernetes-sigs/gateway-api#1757 Signed-off-by: Tam Mach <tam.mach@cilium.io>
cilium · Aug 7, 2024 · b03dd36 · b03dd36
1 parent 6a41260
commit b03dd36
Show file tree

Hide file tree

Showing 4 changed files with 105 additions and 45 deletions.
diff --git a/operator/pkg/gateway-api/gateway.go b/operator/pkg/gateway-api/gateway.go
@@ -29,6 +29,7 @@ import (
 )
 
 const (
+	// Deprecated: owningGatewayLabel will be removed later in favour of gatewayNameLabel
 	owningGatewayLabel = "io.cilium.gateway/owning-gateway"
 
 	lastTransitionTime = "LastTransitionTime"

diff --git a/operator/pkg/model/translation/gateway-api/translator.go b/operator/pkg/model/translation/gateway-api/translator.go
@@ -20,7 +20,9 @@ var _ translation.Translator = (*gatewayAPITranslator)(nil)
 
 const (
 	ciliumGatewayPrefix = "cilium-gateway-"
-	owningGatewayLabel  = "io.cilium.gateway/owning-gateway"
+	// Deprecated: owningGatewayLabel will be removed later in favour of gatewayNameLabel
+	owningGatewayLabel = "io.cilium.gateway/owning-gateway"
+	gatewayNameLabel   = "gateway.networking.k8s.io/gateway-name"
 )
 
 type gatewayAPITranslator struct {
@@ -84,33 +86,27 @@ func (t *gatewayAPITranslator) Translate(m *model.Model) (*ciliumv2.CiliumEnvoyC
 		return nil, nil, nil, err
 	}
 
-	// Set the owner reference to the CEC object.
-	cec.OwnerReferences = []metav1.OwnerReference{
-		{
-			APIVersion: owner.Group + "/" + owner.Version,
-			Kind:       owner.Kind,
-			Name:       owner.Name,
-			UID:        types.UID(owner.UID),
-			Controller: model.AddressOf(true),
-		},
-	}
-
-	allLabels, allAnnotations := map[string]string{}, map[string]string{}
+	var allLabels, allAnnotations map[string]string
 	// Merge all the labels and annotations from the listeners.
 	// Normally, the labels and annotations are the same for all the listeners having same gateway.
 	for _, l := range listeners {
 		allAnnotations = mergeMap(allAnnotations, l.GetAnnotations())
 		allLabels = mergeMap(allLabels, l.GetLabels())
 	}
 
+	if err = decorateCEC(cec, owner, allLabels, allAnnotations); err != nil {
+		return nil, nil, nil, err
+	}
+
+	ep := getEndpoints(*source, allLabels, allAnnotations)
 	lbSvc := getService(source, ports, allLabels, allAnnotations, t.externalTrafficPolicy)
 
 	if t.hostNetworkEnabled {
 		lbSvc.Spec.Type = corev1.ServiceTypeClusterIP
 		lbSvc.Spec.ExternalTrafficPolicy = corev1.ServiceExternalTrafficPolicy("")
 	}
 
-	return cec, lbSvc, getEndpoints(*source), err
+	return cec, lbSvc, ep, err
 }
 
 func getService(resource *model.FullyQualifiedResource, allPorts []uint32, labels, annotations map[string]string, externalTrafficPolicy string) *corev1.Service {
@@ -128,11 +124,16 @@ func getService(resource *model.FullyQualifiedResource, allPorts []uint32, label
 		})
 	}
 
+	shortenName := model.Shorten(resource.Name)
+
 	return &corev1.Service{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:        model.Shorten(ciliumGatewayPrefix + resource.Name),
-			Namespace:   resource.Namespace,
-			Labels:      mergeMap(map[string]string{owningGatewayLabel: model.Shorten(resource.Name)}, labels),
+			Name:      model.Shorten(ciliumGatewayPrefix + resource.Name),
+			Namespace: resource.Namespace,
+			Labels: mergeMap(map[string]string{
+				owningGatewayLabel: shortenName,
+				gatewayNameLabel:   shortenName,
+			}, labels),
 			Annotations: annotations,
 			OwnerReferences: []metav1.OwnerReference{
 				{
@@ -152,12 +153,18 @@ func getService(resource *model.FullyQualifiedResource, allPorts []uint32, label
 	}
 }
 
-func getEndpoints(resource model.FullyQualifiedResource) *corev1.Endpoints {
+func getEndpoints(resource model.FullyQualifiedResource, labels, annotations map[string]string) *corev1.Endpoints {
+	shortedName := model.Shorten(resource.Name)
+
 	return &corev1.Endpoints{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      model.Shorten(ciliumGatewayPrefix + resource.Name),
 			Namespace: resource.Namespace,
-			Labels:    map[string]string{owningGatewayLabel: model.Shorten(resource.Name)},
+			Labels: mergeMap(map[string]string{
+				owningGatewayLabel: shortedName,
+				gatewayNameLabel:   shortedName,
+			}, labels),
+			Annotations: annotations,
 			OwnerReferences: []metav1.OwnerReference{
 				{
 					APIVersion: gatewayv1beta1.GroupVersion.String(),
@@ -180,6 +187,32 @@ func getEndpoints(resource model.FullyQualifiedResource) *corev1.Endpoints {
 	}
 }
 
+func decorateCEC(cec *ciliumv2.CiliumEnvoyConfig, resource *model.FullyQualifiedResource, labels, annotations map[string]string) error {
+	if cec == nil || resource == nil {
+		return fmt.Errorf("CEC or resource can't be nil")
+	}
+
+	// Set the owner reference to the CEC object.
+	cec.OwnerReferences = []metav1.OwnerReference{
+		{
+			APIVersion: resource.Group + "/" + resource.Version,
+			Kind:       resource.Kind,
+			Name:       resource.Name,
+			UID:        types.UID(resource.UID),
+			Controller: model.AddressOf(true),
+		},
+	}
+
+	if cec.Labels == nil {
+		cec.Labels = make(map[string]string)
+	}
+	cec.Labels = mergeMap(cec.Labels, labels)
+	cec.Labels[gatewayNameLabel] = model.Shorten(resource.Name)
+	cec.Annotations = mergeMap(cec.Annotations, annotations)
+
+	return nil
+}
+
 func mergeMap(left, right map[string]string) map[string]string {
 	if left == nil {
 		return right

diff --git a/operator/pkg/model/translation/gateway-api/translator_fixture_test.go b/operator/pkg/model/translation/gateway-api/translator_fixture_test.go
@@ -257,7 +257,8 @@ var basicHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-my-gateway",
 		Namespace: "default",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "my-gateway",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -319,7 +320,8 @@ var basicHTTPListenersCiliumEnvoyConfigWithXff = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-my-gateway",
 		Namespace: "default",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "my-gateway",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -382,7 +384,8 @@ func basicHostPortHTTPListenersCiliumEnvoyConfig(address string, port uint32, no
 			Name:      "cilium-gateway-my-gateway",
 			Namespace: "default",
 			Labels: map[string]string{
-				"cilium.io/use-original-source-address": "false",
+				"cilium.io/use-original-source-address":  "false",
+				"gateway.networking.k8s.io/gateway-name": "my-gateway",
 			},
 			OwnerReferences: []metav1.OwnerReference{
 				{
@@ -478,7 +481,8 @@ var basicTLSListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-my-gateway",
 		Namespace: "default",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "my-gateway",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -598,7 +602,8 @@ var simpleSameNamespaceHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyCon
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -723,7 +728,8 @@ var backendProtocolEnabledH2CHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEn
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -815,7 +821,8 @@ var crossNamespaceHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-backend-namespaces",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "backend-namespaces",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -920,7 +927,8 @@ var exactPathMatchingHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfi
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -1138,7 +1146,8 @@ var headerMatchingHTTPCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -1451,7 +1460,8 @@ var hostnameIntersectionHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyCo
 		Name:      "cilium-gateway-httproute-hostname-intersection",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "httproute-hostname-intersection",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -1705,7 +1715,8 @@ var listenerHostNameMatchingCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-httproute-listener-hostname-matching",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "httproute-listener-hostname-matching",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -1873,7 +1884,8 @@ var matchingAcrossHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -2054,7 +2066,8 @@ var matchingHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -2245,7 +2258,8 @@ var queryParamMatchingHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConf
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -2444,7 +2458,8 @@ var methodMatchingHTTPListenersHTTPListenersCiliumEnvoyConfig = &ciliumv2.Cilium
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -2688,7 +2703,8 @@ var requestHeaderModifierHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyC
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -3177,7 +3193,8 @@ var backendRefsRequestHeaderModifierHTTPListenersCiliumEnvoyConfig = &ciliumv2.C
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -3838,7 +3855,8 @@ var backendRefsResponseHeaderModifierHTTPListenersCiliumEnvoyConfig = &ciliumv2.
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -4238,7 +4256,8 @@ var requestRedirectHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -4419,7 +4438,8 @@ var requestRedirectWithMultiHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnv
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -4693,7 +4713,8 @@ var responseHeaderModifierHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoy
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -4939,7 +4960,8 @@ var rewriteHostHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -5164,7 +5186,8 @@ var rewritePathHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{
@@ -5390,7 +5413,8 @@ var mirrorHTTPListenersCiliumEnvoyConfig = &ciliumv2.CiliumEnvoyConfig{
 		Name:      "cilium-gateway-same-namespace",
 		Namespace: "gateway-conformance-infra",
 		Labels: map[string]string{
-			"cilium.io/use-original-source-address": "false",
+			"cilium.io/use-original-source-address":  "false",
+			"gateway.networking.k8s.io/gateway-name": "same-namespace",
 		},
 		OwnerReferences: []metav1.OwnerReference{
 			{

diff --git a/operator/pkg/model/translation/gateway-api/translator_test.go b/operator/pkg/model/translation/gateway-api/translator_test.go
@@ -556,7 +556,8 @@ func Test_getService(t *testing.T) {
 					Name:      "cilium-gateway-test-long-long-long-long-long-long-lo-8tfth549c6",
 					Namespace: "default",
 					Labels: map[string]string{
-						owningGatewayLabel: "test-long-long-long-long-long-long-long-long-long-lo-4bftbgh5ht",
+						owningGatewayLabel:                       "test-long-long-long-long-long-long-long-long-long-lo-4bftbgh5ht",
+						"gateway.networking.k8s.io/gateway-name": "test-long-long-long-long-long-long-long-long-long-lo-4bftbgh5ht",
 					},
 					OwnerReferences: []metav1.OwnerReference{
 						{
@@ -599,7 +600,8 @@ func Test_getService(t *testing.T) {
 					Name:      "cilium-gateway-test-externaltrafficpolicy-local",
 					Namespace: "default",
 					Labels: map[string]string{
-						owningGatewayLabel: "test-externaltrafficpolicy-local",
+						owningGatewayLabel:                       "test-externaltrafficpolicy-local",
+						"gateway.networking.k8s.io/gateway-name": "test-externaltrafficpolicy-local",
 					},
 					OwnerReferences: []metav1.OwnerReference{
 						{