Kuadrant · eguzki · Apr 5, 2024 · Oct 2, 2023 · Feb 27, 2024 · Mar 4, 2024
diff --git a/api/v1beta2/ratelimitpolicy_types.go b/api/v1beta2/ratelimitpolicy_types.go
@@ -26,6 +26,7 @@ import (
 	gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1"
 	gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2"
 
+	kuadrantgatewayapi "github.com/kuadrant/kuadrant-operator/pkg/library/gatewayapi"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
 )
@@ -189,6 +190,8 @@ type RateLimitPolicy struct {
 	Status RateLimitPolicyStatus `json:"status,omitempty"`
 }
 
+var _ kuadrantgatewayapi.Policy = &RateLimitPolicy{}
+
 func (r *RateLimitPolicy) Validate() error {
 	if r.Spec.TargetRef.Namespace != nil && string(*r.Spec.TargetRef.Namespace) != r.Namespace {
 		return fmt.Errorf("invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", *r.Spec.TargetRef.Namespace)

diff --git a/controllers/authpolicy_authconfig.go b/controllers/authpolicy_authconfig.go
@@ -93,7 +93,7 @@ func (r *AuthPolicyReconciler) desiredAuthConfig(ctx context.Context, ap *api.Au
 		}
 		if len(rules) == 0 {
 			logger.V(1).Info("no httproutes attached to the targeted gateway, skipping authorino authconfig for the gateway authpolicy")
-			common.TagObjectToDelete(authConfig)
+			utils.TagObjectToDelete(authConfig)
 			r.OverriddenPolicyMap.SetOverriddenPolicy(ap)
 			return authConfig, nil
 		}

diff --git a/controllers/authpolicy_controller.go b/controllers/authpolicy_controller.go
@@ -17,16 +17,15 @@ import (
 	api "github.com/kuadrant/kuadrant-operator/api/v1beta2"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/mappers"
-	reconcilerutils "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
-	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 )
 
 const authPolicyFinalizer = "authpolicy.kuadrant.io/finalizer"
 
 // AuthPolicyReconciler reconciles a AuthPolicy object
 type AuthPolicyReconciler struct {
 	*reconcilers.BaseReconciler
-	TargetRefReconciler reconcilerutils.TargetRefReconciler
+	TargetRefReconciler reconcilers.TargetRefReconciler
 	// OverriddenPolicyMap tracks the overridden policies to report their status.
 	OverriddenPolicyMap *kuadrant.OverriddenPolicyMap
 }
@@ -64,7 +63,7 @@ func (r *AuthPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl.Requ
 	markedForDeletion := ap.GetDeletionTimestamp() != nil
 
 	// fetch the target network object
-	targetNetworkObject, err := reconcilerutils.FetchTargetRefObject(ctx, r.Client(), ap.GetTargetRef(), ap.Namespace)
+	targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), ap.GetTargetRef(), ap.Namespace)
 	if err != nil {
 		if !markedForDeletion {
 			if apierrors.IsNotFound(err) {
@@ -155,7 +154,7 @@ func (r *AuthPolicyReconciler) reconcileResources(ctx context.Context, ap *api.A
 	}
 
 	// reconcile based on gateway diffs
-	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
+	gatewayDiffObj, err := reconcilers.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
 	if err != nil {
 		return err
 	}
@@ -179,7 +178,7 @@ func (r *AuthPolicyReconciler) reconcileResources(ctx context.Context, ap *api.A
 
 func (r *AuthPolicyReconciler) deleteResources(ctx context.Context, ap *api.AuthPolicy, targetNetworkObject client.Object) error {
 	// delete based on gateway diffs
-	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
+	gatewayDiffObj, err := reconcilers.ComputeGatewayDiffs(ctx, r.Client(), ap, targetNetworkObject)
 	if err != nil {
 		return err
 	}

diff --git a/controllers/authpolicy_istio_authorizationpolicy.go b/controllers/authpolicy_istio_authorizationpolicy.go
@@ -19,6 +19,8 @@ import (
 
 	api "github.com/kuadrant/kuadrant-operator/api/v1beta2"
 	"github.com/kuadrant/kuadrant-operator/pkg/common"
+	kuadrantistioutils "github.com/kuadrant/kuadrant-operator/pkg/istio"
+	kuadrantgatewayapi "github.com/kuadrant/kuadrant-operator/pkg/library/gatewayapi"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
@@ -93,7 +95,7 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap
 		},
 		Spec: istiosecurity.AuthorizationPolicy{
 			Action:   istiosecurity.AuthorizationPolicy_CUSTOM,
-			Selector: common.IstioWorkloadSelectorFromGateway(ctx, r.Client(), gateway),
+			Selector: kuadrantistioutils.WorkloadSelectorFromGateway(ctx, r.Client(), gateway),
 			ActionDetail: &istiosecurity.AuthorizationPolicy_Provider{
 				Provider: &istiosecurity.AuthorizationPolicy_ExtensionProvider{
 					Name: KuadrantExtAuthProviderName,
@@ -114,7 +116,7 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap
 	case *gatewayapiv1.HTTPRoute:
 		route = obj
 		if len(route.Spec.Hostnames) > 0 {
-			routeHostnames = common.FilterValidSubdomains(gwHostnames, route.Spec.Hostnames)
+			routeHostnames = kuadrantgatewayapi.FilterValidSubdomains(gwHostnames, route.Spec.Hostnames)
 		} else {
 			routeHostnames = gwHostnames
 		}
@@ -133,7 +135,7 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap
 		}
 		if len(rules) == 0 {
 			logger.V(1).Info("no httproutes attached to the targeted gateway, skipping istio authorizationpolicy for the gateway authpolicy")
-			common.TagObjectToDelete(iap)
+			utils.TagObjectToDelete(iap)
 			return iap, nil
 		}
 		route = &gatewayapiv1.HTTPRoute{

diff --git a/controllers/dnshealthcheckprobe_eventmapper.go b/controllers/dnshealthcheckprobe_eventmapper.go
@@ -9,9 +9,9 @@ import (
 
 	kuadrantdnsv1alpha1 "github.com/kuadrant/dns-operator/api/v1alpha1"
 
-	"github.com/kuadrant/kuadrant-operator/pkg/common"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/mappers"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
 )
 
 var _ mappers.EventMapper = &DNSHealthCheckProbeEventMapper{}
@@ -35,11 +35,11 @@ func (m *DNSHealthCheckProbeEventMapper) MapToPolicy(obj client.Object, policyKi
 
 	requests := make([]reconcile.Request, 0)
 
-	policyName := common.GetLabel(probe, policyKind.DirectReferenceAnnotationName())
+	policyName := utils.GetLabel(probe, policyKind.DirectReferenceAnnotationName())
 	if policyName == "" {
 		return requests
 	}
-	policyNamespace := common.GetLabel(probe, fmt.Sprintf("%s-namespace", policyKind.DirectReferenceAnnotationName()))
+	policyNamespace := utils.GetLabel(probe, fmt.Sprintf("%s-namespace", policyKind.DirectReferenceAnnotationName()))
 	if policyNamespace == "" {
 		return requests
 	}

diff --git a/controllers/dnspolicy_controller.go b/controllers/dnspolicy_controller.go
@@ -39,8 +39,7 @@ import (
 	"github.com/kuadrant/kuadrant-operator/api/v1alpha1"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/mappers"
-	reconcilerutils "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
-	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 )
 
 const (
@@ -53,7 +52,7 @@ type DNSPolicyRefsConfig struct{}
 // DNSPolicyReconciler reconciles a DNSPolicy object
 type DNSPolicyReconciler struct {
 	*reconcilers.BaseReconciler
-	TargetRefReconciler reconcilerutils.TargetRefReconciler
+	TargetRefReconciler reconcilers.TargetRefReconciler
 	dnsHelper           dnsHelper
 }
 
@@ -87,7 +86,7 @@ func (r *DNSPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (
 
 	markedForDeletion := dnsPolicy.GetDeletionTimestamp() != nil
 
-	targetNetworkObject, err := reconcilerutils.FetchTargetRefObject(ctx, r.Client(), dnsPolicy.GetTargetRef(), dnsPolicy.Namespace)
+	targetNetworkObject, err := reconcilers.FetchTargetRefObject(ctx, r.Client(), dnsPolicy.GetTargetRef(), dnsPolicy.Namespace)
 	if err != nil {
 		if !markedForDeletion {
 			if apierrors.IsNotFound(err) {
@@ -149,7 +148,7 @@ func (r *DNSPolicyReconciler) reconcileResources(ctx context.Context, dnsPolicy
 	dnsPolicy.Default()
 
 	// reconcile based on gateway diffs
-	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), dnsPolicy, targetNetworkObject)
+	gatewayDiffObj, err := reconcilers.ComputeGatewayDiffs(ctx, r.Client(), dnsPolicy, targetNetworkObject)
 	if err != nil {
 		return err
 	}
@@ -206,7 +205,7 @@ func (r *DNSPolicyReconciler) deleteResources(ctx context.Context, dnsPolicy *v1
 		}
 	}
 
-	gatewayDiffObj, err := reconcilerutils.ComputeGatewayDiffs(ctx, r.Client(), dnsPolicy, targetNetworkObject)
+	gatewayDiffObj, err := reconcilers.ComputeGatewayDiffs(ctx, r.Client(), dnsPolicy, targetNetworkObject)
 	if err != nil {
 		return err
 	}
@@ -220,7 +219,7 @@ func (r *DNSPolicyReconciler) deleteResources(ctx context.Context, dnsPolicy *v1
 	return r.updateGatewayCondition(ctx, metav1.Condition{Type: DNSPolicyAffected}, gatewayDiffObj)
 }
 
-func (r *DNSPolicyReconciler) updateGatewayCondition(ctx context.Context, condition metav1.Condition, gatewayDiff *reconcilerutils.GatewayDiffs) error {
+func (r *DNSPolicyReconciler) updateGatewayCondition(ctx context.Context, condition metav1.Condition, gatewayDiff *reconcilers.GatewayDiffs) error {
 	// update condition if needed
 	gatewayDiffs := append(gatewayDiff.GatewaysWithValidPolicyRef, gatewayDiff.GatewaysMissingPolicyRef...)
 	for i, gw := range gatewayDiffs {

diff --git a/controllers/gateway_kuadrant_controller.go b/controllers/gateway_kuadrant_controller.go
@@ -31,7 +31,7 @@ import (
 
 	kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
-	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 )
 
 // GatewayKuadrantReconciler reconciles Gateway object with kuadrant metadata

diff --git a/controllers/helper_test.go b/controllers/helper_test.go
@@ -16,7 +16,6 @@ import (
 	certmanmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
 	"github.com/google/uuid"
 	. "github.com/onsi/gomega"
-
 	istioclientgoextensionv1alpha1 "istio.io/client-go/pkg/apis/extensions/v1alpha1"
 	corev1 "k8s.io/api/core/v1"
 	v1 "k8s.io/api/core/v1"
@@ -38,7 +37,7 @@ import (
 
 	kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1"
 	kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2"
-	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
+	kuadrantgatewayapi "github.com/kuadrant/kuadrant-operator/pkg/library/gatewayapi"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
 )
 
@@ -309,26 +308,32 @@ func testRouteIsAccepted(routeKey client.ObjectKey) func() bool {
 	return func() bool {
 		route := &gatewayapiv1.HTTPRoute{}
 		err := k8sClient.Get(context.Background(), routeKey, route)
-		return err == nil && kuadrant.IsHTTPRouteAccepted(route)
+
+		if err != nil {
+			logf.Log.V(1).Info("httpRoute not read", "route", routeKey, "error", err)
+			return false
+		}
+
+		if !kuadrantgatewayapi.IsHTTPRouteAccepted(route) {
+			logf.Log.V(1).Info("httpRoute not accepted", "route", routeKey)
+			return false
+		}
+
+		return true
 	}
 }
 
 func testGatewayIsReady(gateway *gatewayapiv1.Gateway) func() bool {
 	return func() bool {
 		existingGateway := &gatewayapiv1.Gateway{}
 		err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway)
-		return err == nil && meta.IsStatusConditionTrue(existingGateway.Status.Conditions, string(gatewayapiv1.GatewayConditionProgrammed))
-	}
-}
-
-func testRLPIsAccepted(rlpKey client.ObjectKey) func() bool {
-	return func() bool {
-		existingRLP := &kuadrantv1beta2.RateLimitPolicy{}
-		err := k8sClient.Get(context.Background(), rlpKey, existingRLP)
 		if err != nil {
+			logf.Log.V(1).Info("gateway not read", "gateway", client.ObjectKeyFromObject(gateway), "error", err)
 			return false
 		}
-		if !meta.IsStatusConditionTrue(existingRLP.Status.Conditions, string(gatewayapiv1alpha2.PolicyConditionAccepted)) {
+
+		if !meta.IsStatusConditionTrue(existingGateway.Status.Conditions, string(gatewayapiv1.GatewayConditionProgrammed)) {
+			logf.Log.V(1).Info("gateway not programmed", "gateway", client.ObjectKeyFromObject(gateway))
 			return false
 		}
 
@@ -341,6 +346,7 @@ func testWasmPluginIsAvailable(key client.ObjectKey) func() bool {
 		wp := &istioclientgoextensionv1alpha1.WasmPlugin{}
 		err := k8sClient.Get(context.Background(), key, wp)
 		if err != nil {
+			logf.Log.V(1).Info("wasmplugin not read", "key", key, "error", err)
 			return false
 		}
 
@@ -354,6 +360,23 @@ func testWasmPluginIsAvailable(key client.ObjectKey) func() bool {
 	}
 }
 
+func testRLPIsAccepted(rlpKey client.ObjectKey) func() bool {
+	return func() bool {
+		existingRLP := &kuadrantv1beta2.RateLimitPolicy{}
+		err := k8sClient.Get(context.Background(), rlpKey, existingRLP)
+		if err != nil {
+			logf.Log.V(1).Info("ratelimitpolicy not read", "rlp", rlpKey, "error", err)
+			return false
+		}
+		if !meta.IsStatusConditionTrue(existingRLP.Status.Conditions, string(gatewayapiv1alpha2.PolicyConditionAccepted)) {
+			logf.Log.V(1).Info("ratelimitpolicy not available", "rlp", rlpKey)
+			return false
+		}
+
+		return true
+	}
+}
+
 // DNS
 
 func testBuildManagedZone(name, ns, domainName string) *kuadrantdnsv1alpha1.ManagedZone {

diff --git a/controllers/httprouteparentrefs_eventmapper.go b/controllers/httprouteparentrefs_eventmapper.go
@@ -10,6 +10,7 @@ import (
 	gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1"
 
 	api "github.com/kuadrant/kuadrant-operator/api/v1beta2"
+	kuadrantgatewayapi "github.com/kuadrant/kuadrant-operator/pkg/library/gatewayapi"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
 )
 
@@ -65,7 +66,7 @@ func (m *HTTPRouteParentRefsEventMapper) mapToPolicyRequest(obj client.Object, p
 		}
 		for _, policy := range policies.GetItems() {
 			targetRef := policy.GetTargetRef()
-			if !kuadrant.IsTargetRefGateway(targetRef) {
+			if !kuadrantgatewayapi.IsTargetRefGateway(targetRef) {
 				continue
 			}
 			targetRefNamespace := targetRef.Namespace

diff --git a/controllers/kuadrant_controller.go b/controllers/kuadrant_controller.go
@@ -30,7 +30,6 @@ import (
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/utils/env"
 	istiov1alpha1 "maistra.io/istio-operator/api/v1alpha1"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -45,8 +44,8 @@ import (
 	"github.com/kuadrant/kuadrant-operator/pkg/istio"
 	"github.com/kuadrant/kuadrant-operator/pkg/kuadranttools"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
 	"github.com/kuadrant/kuadrant-operator/pkg/log"
-	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
 )
 
 const (
@@ -58,7 +57,6 @@ const (
 // KuadrantReconciler reconciles a Kuadrant object
 type KuadrantReconciler struct {
 	*reconcilers.BaseReconciler
-	Scheme *runtime.Scheme
 }
 
 //+kubebuilder:rbac:groups=kuadrant.io,resources=kuadrants,verbs=get;list;watch;create;update;patch;delete

diff --git a/controllers/limitador_cluster_envoyfilter_controller.go b/controllers/limitador_cluster_envoyfilter_controller.go
@@ -38,7 +38,8 @@ import (
 	"github.com/kuadrant/kuadrant-operator/pkg/common"
 	kuadrantistioutils "github.com/kuadrant/kuadrant-operator/pkg/istio"
 	"github.com/kuadrant/kuadrant-operator/pkg/library/kuadrant"
-	"github.com/kuadrant/kuadrant-operator/pkg/reconcilers"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers"
+	"github.com/kuadrant/kuadrant-operator/pkg/library/utils"
 )
 
 // LimitadorClusterEnvoyFilterReconciler reconciles a EnvoyFilter object with limitador's cluster
@@ -116,7 +117,7 @@ func (r *LimitadorClusterEnvoyFilterReconciler) desiredRateLimitingClusterEnvoyF
 		},
 		Spec: istioapinetworkingv1alpha3.EnvoyFilter{
 			WorkloadSelector: &istioapinetworkingv1alpha3.WorkloadSelector{
-				Labels: common.IstioWorkloadSelectorFromGateway(ctx, r.Client(), gw).MatchLabels,
+				Labels: kuadrantistioutils.WorkloadSelectorFromGateway(ctx, r.Client(), gw).MatchLabels,
 			},
 			ConfigPatches: nil,
 		},
@@ -127,7 +128,7 @@ func (r *LimitadorClusterEnvoyFilterReconciler) desiredRateLimitingClusterEnvoyF
 	logger.V(1).Info("desiredRateLimitingClusterEnvoyFilter", "rlpRefs", rlpRefs)
 
 	if len(rlpRefs) < 1 {
-		common.TagObjectToDelete(ef)
+		utils.TagObjectToDelete(ef)
 		return ef, nil
 	}