From 2c08f77f51e82be1ceea26b066ccdf5383f521c7 Mon Sep 17 00:00:00 2001 From: Mark S Date: Thu, 30 May 2024 14:26:10 -0400 Subject: [PATCH 01/15] refactor: preliminary name changes to make route types generic Signed-off-by: Mark S --- Cargo.lock | 229 +++++++++--------- policy-controller/core/src/inbound.rs | 2 +- policy-controller/core/src/lib.rs | 2 +- policy-controller/core/src/outbound.rs | 2 +- .../core/src/{http_route.rs => routes.rs} | 0 policy-controller/grpc/src/inbound.rs | 12 +- policy-controller/grpc/src/lib.rs | 2 +- policy-controller/grpc/src/outbound.rs | 14 +- .../grpc/src/{http_route.rs => routes.rs} | 150 ++++++------ policy-controller/k8s/index/src/http_route.rs | 52 ++-- .../index/src/inbound/authorization_policy.rs | 2 +- .../k8s/index/src/inbound/http_route.rs | 2 +- .../k8s/index/src/inbound/index.rs | 2 +- .../src/inbound/tests/authorization_policy.rs | 8 +- .../index/src/inbound/tests/http_routes.rs | 2 +- .../k8s/index/src/outbound/index.rs | 2 +- .../index/src/outbound/tests/http_routes.rs | 2 +- policy-controller/k8s/status/src/index.rs | 2 +- .../k8s/status/src/resource_id.rs | 2 +- .../k8s/status/src/tests/http_routes.rs | 2 +- policy-controller/src/admission.rs | 2 +- 21 files changed, 253 insertions(+), 240 deletions(-) rename policy-controller/core/src/{http_route.rs => routes.rs} (100%) rename policy-controller/grpc/src/{http_route.rs => routes.rs} (54%) diff --git a/Cargo.lock b/Cargo.lock index 98879de1f17e9..351fe43941c82 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -97,7 +97,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -108,7 +108,7 @@ checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -199,9 +199,9 @@ checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" [[package]] name = "base64" -version = "0.22.0" +version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "bitflags" @@ -211,9 +211,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.4.0" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" +checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" [[package]] name = "block-buffer" @@ -264,7 +264,7 @@ dependencies = [ "iana-time-zone", "num-traits", "serde", - "windows-targets 0.52.0", + "windows-targets 0.52.5", ] [[package]] @@ -296,7 +296,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -370,7 +370,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -381,7 +381,7 @@ checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" dependencies = [ "darling_core", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -550,7 +550,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -631,7 +631,7 @@ dependencies = [ "futures-sink", "futures-util", "http", - "indexmap 2.2.3", + "indexmap 2.2.6", "slab", "tokio", "tokio-util", @@ -646,9 +646,9 @@ checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "hashbrown" -version = "0.14.3" +version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" dependencies = [ "ahash", "allocator-api2", @@ -842,12 +842,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.3" +version = "2.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "233cf39063f058ea2caae4091bf4a3ef70a653afbc026f5c4a4135d114e3c177" +checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" dependencies = [ "equivalent", - "hashbrown 0.14.3", + "hashbrown 0.14.5", ] [[package]] @@ -906,9 +906,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.58" +version = "0.3.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3fac17f7123a73ca62df411b1bf727ccc805daa070338fda671c86dac1bdc27" +checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" dependencies = [ "wasm-bindgen", ] @@ -1046,7 +1046,7 @@ dependencies = [ "proc-macro2", "quote", "serde_json", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1060,7 +1060,7 @@ dependencies = [ "backoff", "derivative", "futures", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "json-patch", "k8s-openapi", "kube-client", @@ -1461,7 +1461,7 @@ version = "0.10.64" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "cfg-if", "foreign-types", "libc", @@ -1478,7 +1478,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1544,7 +1544,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "windows-targets 0.52.0", + "windows-targets 0.52.5", ] [[package]] @@ -1553,7 +1553,7 @@ version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" dependencies = [ - "base64 0.22.0", + "base64 0.22.1", "serde", ] @@ -1594,7 +1594,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1625,7 +1625,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1667,7 +1667,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "731e0d9356b0c25f16f33b5be79b1c57b562f141ebfcdb0ad8ac2c13a24293b4" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "hex", "lazy_static", "procfs-core", @@ -1680,7 +1680,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2d3554923a69f4ce04c4a754260c338f505ce22642d3830e049a399fc2059a29" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "hex", ] @@ -1704,7 +1704,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1727,7 +1727,7 @@ dependencies = [ "itertools", "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1771,9 +1771,9 @@ dependencies = [ [[package]] name = "rand_core" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ "getrandom", ] @@ -1784,7 +1784,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", ] [[package]] @@ -1795,8 +1795,8 @@ checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.4.4", - "regex-syntax 0.8.2", + "regex-automata 0.4.6", + "regex-syntax 0.8.3", ] [[package]] @@ -1810,13 +1810,13 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.4" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b7fa1134405e2ec9353fd416b17f8dacd46c473d7d3fd1cf202706a14eb792a" +checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.2", + "regex-syntax 0.8.3", ] [[package]] @@ -1827,9 +1827,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "regex-syntax" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" +checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" [[package]] name = "ring" @@ -1858,7 +1858,7 @@ version = "0.38.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "errno", "libc", "linux-raw-sys", @@ -1950,7 +1950,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1981,11 +1981,11 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.10.0" +version = "2.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "770452e37cad93e0a50d5abc3990d2bc351c36d0328f86cefec2f2fb206eaef6" +checksum = "c627723fd09706bacdb5cf41499e95098555af3c3c29d014dc3c458ef6be11c0" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.5.0", "core-foundation", "core-foundation-sys", "libc", @@ -2029,7 +2029,7 @@ checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2040,7 +2040,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2060,7 +2060,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.2.3", + "indexmap 2.2.6", "itoa", "ryu", "serde", @@ -2157,9 +2157,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.48" +version = "2.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" +checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5" dependencies = [ "proc-macro2", "quote", @@ -2189,7 +2189,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2254,7 +2254,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2396,7 +2396,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "61c5bb1d698276a2443e5ecfabc1008bf15a36c12e6a7176e7bf089ea9131140" dependencies = [ "base64 0.21.7", - "bitflags 2.4.0", + "bitflags 2.5.0", "bytes", "futures-core", "futures-util", @@ -2442,7 +2442,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2619,9 +2619,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c53b543413a17a202f4be280a7e5c62a1c69345f5de525ee64f8cfdbc954994" +checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2629,24 +2629,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5491a68ab4500fa6b4d726bd67408630c3dbe9c4fe7bda16d5c82a1fd8c7340a" +checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" dependencies = [ "bumpalo", - "lazy_static", "log", + "once_cell", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.66", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c441e177922bc58f1e12c022624b6216378e5febc2f0533e41ba443d505b80aa" +checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2654,22 +2654,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d94ac45fcf608c1f45ef53e748d35660f168490c10b23704c7779ab8f5c3048" +checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.66", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a89911bd99e5f3659ec4acf9c4d93b0a90fe4a2a11f15328472058edc5261be" +checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" [[package]] name = "winapi" @@ -2695,11 +2695,11 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.51.0" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b81650771e76355778637954dc9d7eb8d991cd89ad64ba26f21eeb3c22d8d836" +checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" dependencies = [ - "windows-targets 0.48.2", + "windows-targets 0.52.5", ] [[package]] @@ -2708,7 +2708,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets 0.48.2", + "windows-targets 0.48.5", ] [[package]] @@ -2717,37 +2717,38 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.0", + "windows-targets 0.52.5", ] [[package]] name = "windows-targets" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1eeca1c172a285ee6c2c84c341ccea837e7c01b12fbb2d0fe3c9e550ce49ec8" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" dependencies = [ "windows_aarch64_gnullvm 0.48.5", - "windows_aarch64_msvc 0.48.2", - "windows_i686_gnu 0.48.2", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", "windows_i686_msvc 0.48.5", - "windows_x86_64_gnu 0.48.2", + "windows_x86_64_gnu 0.48.5", "windows_x86_64_gnullvm 0.48.5", - "windows_x86_64_msvc 0.48.2", + "windows_x86_64_msvc 0.48.5", ] [[package]] name = "windows-targets" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" dependencies = [ - "windows_aarch64_gnullvm 0.52.0", - "windows_aarch64_msvc 0.52.0", - "windows_i686_gnu 0.52.0", - "windows_i686_msvc 0.52.0", - "windows_x86_64_gnu 0.52.0", - "windows_x86_64_gnullvm 0.52.0", - "windows_x86_64_msvc 0.52.0", + "windows_aarch64_gnullvm 0.52.5", + "windows_aarch64_msvc 0.52.5", + "windows_i686_gnu 0.52.5", + "windows_i686_gnullvm", + "windows_i686_msvc 0.52.5", + "windows_x86_64_gnu 0.52.5", + "windows_x86_64_gnullvm 0.52.5", + "windows_x86_64_msvc 0.52.5", ] [[package]] @@ -2758,33 +2759,39 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" +checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" [[package]] name = "windows_aarch64_msvc" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "571d8d4e62f26d4932099a9efe89660e8bd5087775a2ab5cdd8b747b811f1058" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" +checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" [[package]] name = "windows_i686_gnu" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2229ad223e178db5fbbc8bd8d3835e51e566b8474bfca58d2e6150c48bb723cd" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.0" +version = "0.52.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" +checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" [[package]] name = "windows_i686_msvc" @@ -2794,21 +2801,21 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" +checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" [[package]] name = "windows_x86_64_gnu" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea99ff3f8b49fb7a8e0d305e5aec485bd068c2ba691b6e277d29eaeac945868a" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" +checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" [[package]] name = "windows_x86_64_gnullvm" @@ -2818,21 +2825,21 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" +checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" [[package]] name = "windows_x86_64_msvc" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d419259aba16b663966e29e6d7c6ecfa0bb8425818bb96f6f1f3c3eb71a6e7b9" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" +checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" [[package]] name = "zerocopy" @@ -2851,7 +2858,7 @@ checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] diff --git a/policy-controller/core/src/inbound.rs b/policy-controller/core/src/inbound.rs index 9be4bd6a5f844..a2eb4cff58b5e 100644 --- a/policy-controller/core/src/inbound.rs +++ b/policy-controller/core/src/inbound.rs @@ -1,5 +1,5 @@ use crate::{ - http_route::{ + routes::{ FailureInjectorFilter, GroupKindName, HeaderModifierFilter, HostMatch, HttpRouteMatch, PathMatch, RequestRedirectFilter, }, diff --git a/policy-controller/core/src/lib.rs b/policy-controller/core/src/lib.rs index 22020d7aa4792..67eec7fd7e990 100644 --- a/policy-controller/core/src/lib.rs +++ b/policy-controller/core/src/lib.rs @@ -1,7 +1,7 @@ #![deny(warnings, rust_2018_idioms)] #![forbid(unsafe_code)] -pub mod http_route; +pub mod routes; mod identity_match; pub mod inbound; mod network_match; diff --git a/policy-controller/core/src/outbound.rs b/policy-controller/core/src/outbound.rs index e5162c2317169..18070e7499df9 100644 --- a/policy-controller/core/src/outbound.rs +++ b/policy-controller/core/src/outbound.rs @@ -1,4 +1,4 @@ -use crate::http_route::{ +use crate::routes::{ GroupKindNamespaceName, HeaderModifierFilter, HostMatch, HttpRouteMatch, RequestRedirectFilter, }; use ahash::AHashMap as HashMap; diff --git a/policy-controller/core/src/http_route.rs b/policy-controller/core/src/routes.rs similarity index 100% rename from policy-controller/core/src/http_route.rs rename to policy-controller/core/src/routes.rs diff --git a/policy-controller/grpc/src/inbound.rs b/policy-controller/grpc/src/inbound.rs index 966237ab02493..c1ba6274d0872 100644 --- a/policy-controller/grpc/src/inbound.rs +++ b/policy-controller/grpc/src/inbound.rs @@ -1,4 +1,4 @@ -use crate::{http_route, workload::Workload}; +use crate::{routes, workload::Workload}; use futures::prelude::*; use linkerd2_proxy_api::{ self as api, @@ -382,14 +382,14 @@ fn to_http_route( let hosts = hostnames .into_iter() - .map(http_route::convert_host_match) + .map(routes::convert_host_match) .collect(); let rules = rules .into_iter() .map( |HttpRouteRule { matches, filters }| proto::http_route::Rule { - matches: matches.into_iter().map(http_route::convert_match).collect(), + matches: matches.into_iter().map(routes::http::convert_match).collect(), filters: filters.into_iter().filter_map(convert_filter).collect(), }, ) @@ -413,13 +413,13 @@ fn convert_filter(filter: Filter) -> Option { let kind = match filter { Filter::FailureInjector(f) => Some(Kind::FailureInjector( - http_route::convert_failure_injector_filter(f), + routes::http::convert_failure_injector_filter(f), )), Filter::RequestHeaderModifier(f) => Some(Kind::RequestHeaderModifier( - http_route::convert_request_header_modifier_filter(f), + routes::convert_request_header_modifier_filter(f), )), Filter::ResponseHeaderModifier(_) => None, - Filter::RequestRedirect(f) => Some(Kind::Redirect(http_route::convert_redirect_filter(f))), + Filter::RequestRedirect(f) => Some(Kind::Redirect(routes::convert_redirect_filter(f))), }; kind.map(|kind| proto::http_route::Filter { kind: Some(kind) }) diff --git a/policy-controller/grpc/src/lib.rs b/policy-controller/grpc/src/lib.rs index 834a814729b4c..dd665b0792e31 100644 --- a/policy-controller/grpc/src/lib.rs +++ b/policy-controller/grpc/src/lib.rs @@ -1,7 +1,7 @@ #![deny(warnings, rust_2018_idioms)] #![forbid(unsafe_code)] -mod http_route; +mod routes; pub mod inbound; pub mod outbound; diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index 517d7cd0543bb..ac9d90dab2ff9 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -1,4 +1,4 @@ -use crate::{http_route, workload}; +use crate::{routes, workload}; use futures::prelude::*; use linkerd2_proxy_api::{ self as api, destination, @@ -9,7 +9,7 @@ use linkerd2_proxy_api::{ }, }; use linkerd_policy_controller_core::{ - http_route::GroupKindNamespaceName, + routes::GroupKindNamespaceName, outbound::{ Backend, DiscoverOutboundPolicy, Filter, HttpRoute, HttpRouteRule, OutboundDiscoverTarget, OutboundPolicy, OutboundPolicyStream, @@ -316,7 +316,7 @@ fn convert_outbound_http_route( let hosts = hostnames .into_iter() - .map(http_route::convert_host_match) + .map(routes::convert_host_match) .collect(); let rules = rules @@ -351,7 +351,7 @@ fn convert_outbound_http_route( ) }; outbound::http_route::Rule { - matches: matches.into_iter().map(http_route::convert_match).collect(), + matches: matches.into_iter().map(routes::http::convert_match).collect(), backends: Some(outbound::http_route::Distribution { kind: Some(dist) }), filters: filters.into_iter().map(convert_filter).collect(), request_timeout: request_timeout @@ -598,12 +598,12 @@ fn convert_filter(filter: Filter) -> outbound::http_route::Filter { outbound::http_route::Filter { kind: Some(match filter { Filter::RequestHeaderModifier(f) => { - Kind::RequestHeaderModifier(http_route::convert_request_header_modifier_filter(f)) + Kind::RequestHeaderModifier(routes::convert_request_header_modifier_filter(f)) } Filter::ResponseHeaderModifier(f) => { - Kind::ResponseHeaderModifier(http_route::convert_response_header_modifier_filter(f)) + Kind::ResponseHeaderModifier(routes::convert_response_header_modifier_filter(f)) } - Filter::RequestRedirect(f) => Kind::Redirect(http_route::convert_redirect_filter(f)), + Filter::RequestRedirect(f) => Kind::Redirect(routes::convert_redirect_filter(f)), }), } } diff --git a/policy-controller/grpc/src/http_route.rs b/policy-controller/grpc/src/routes.rs similarity index 54% rename from policy-controller/grpc/src/http_route.rs rename to policy-controller/grpc/src/routes.rs index 4b55b045c42dc..335ad7a086f98 100644 --- a/policy-controller/grpc/src/http_route.rs +++ b/policy-controller/grpc/src/routes.rs @@ -1,7 +1,7 @@ use linkerd2_proxy_api::{http_route as proto, http_types}; -use linkerd_policy_controller_core::http_route::{ - FailureInjectorFilter, HeaderMatch, HeaderModifierFilter, HostMatch, HttpRouteMatch, PathMatch, - PathModifier, QueryParamMatch, RequestRedirectFilter, +use linkerd_policy_controller_core::routes::{ + FailureInjectorFilter, HeaderMatch, HeaderModifierFilter, HostMatch, + HttpRouteMatch, PathMatch, PathModifier, QueryParamMatch, RequestRedirectFilter, }; pub(crate) fn convert_host_match(h: HostMatch) -> proto::HostMatch { @@ -17,75 +17,6 @@ pub(crate) fn convert_host_match(h: HostMatch) -> proto::HostMatch { } } -pub(crate) fn convert_match( - HttpRouteMatch { - headers, - path, - query_params, - method, - }: HttpRouteMatch, -) -> proto::HttpRouteMatch { - let headers = headers - .into_iter() - .map(|hm| match hm { - HeaderMatch::Exact(name, value) => proto::HeaderMatch { - name: name.to_string(), - value: Some(proto::header_match::Value::Exact(value.as_bytes().to_vec())), - }, - HeaderMatch::Regex(name, re) => proto::HeaderMatch { - name: name.to_string(), - value: Some(proto::header_match::Value::Regex(re.to_string())), - }, - }) - .collect(); - - let path = path.map(|path| proto::PathMatch { - kind: Some(match path { - PathMatch::Exact(path) => proto::path_match::Kind::Exact(path), - PathMatch::Prefix(prefix) => proto::path_match::Kind::Prefix(prefix), - PathMatch::Regex(regex) => proto::path_match::Kind::Regex(regex.to_string()), - }), - }); - - let query_params = query_params - .into_iter() - .map(|qpm| match qpm { - QueryParamMatch::Exact(name, value) => proto::QueryParamMatch { - name, - value: Some(proto::query_param_match::Value::Exact(value)), - }, - QueryParamMatch::Regex(name, re) => proto::QueryParamMatch { - name, - value: Some(proto::query_param_match::Value::Regex(re.to_string())), - }, - }) - .collect(); - - proto::HttpRouteMatch { - headers, - path, - query_params, - method: method.map(Into::into), - } -} - -pub(crate) fn convert_failure_injector_filter( - FailureInjectorFilter { - status, - message, - ratio, - }: FailureInjectorFilter, -) -> proto::HttpFailureInjector { - proto::HttpFailureInjector { - status: u32::from(status.as_u16()), - message, - ratio: Some(proto::Ratio { - numerator: ratio.numerator, - denominator: ratio.denominator, - }), - } -} - pub(crate) fn convert_request_header_modifier_filter( HeaderModifierFilter { add, set, remove }: HeaderModifierFilter, ) -> proto::RequestHeaderModifier { @@ -160,3 +91,78 @@ pub(crate) fn convert_redirect_filter( status: u32::from(status.unwrap_or_default().as_u16()), } } + +pub(crate) mod http { + use super::{ + proto, FailureInjectorFilter, HeaderMatch, HttpRouteMatch, PathMatch, QueryParamMatch, + }; + + pub(crate) fn convert_match( + HttpRouteMatch { + headers, + path, + query_params, + method, + }: HttpRouteMatch, + ) -> proto::HttpRouteMatch { + let headers = headers + .into_iter() + .map(|hm| match hm { + HeaderMatch::Exact(name, value) => proto::HeaderMatch { + name: name.to_string(), + value: Some(proto::header_match::Value::Exact(value.as_bytes().to_vec())), + }, + HeaderMatch::Regex(name, re) => proto::HeaderMatch { + name: name.to_string(), + value: Some(proto::header_match::Value::Regex(re.to_string())), + }, + }) + .collect(); + + let path = path.map(|path| proto::PathMatch { + kind: Some(match path { + PathMatch::Exact(path) => proto::path_match::Kind::Exact(path), + PathMatch::Prefix(prefix) => proto::path_match::Kind::Prefix(prefix), + PathMatch::Regex(regex) => proto::path_match::Kind::Regex(regex.to_string()), + }), + }); + + let query_params = query_params + .into_iter() + .map(|qpm| match qpm { + QueryParamMatch::Exact(name, value) => proto::QueryParamMatch { + name, + value: Some(proto::query_param_match::Value::Exact(value)), + }, + QueryParamMatch::Regex(name, re) => proto::QueryParamMatch { + name, + value: Some(proto::query_param_match::Value::Regex(re.to_string())), + }, + }) + .collect(); + + proto::HttpRouteMatch { + headers, + path, + query_params, + method: method.map(Into::into), + } + } + + pub(crate) fn convert_failure_injector_filter( + FailureInjectorFilter { + status, + message, + ratio, + }: FailureInjectorFilter, + ) -> proto::HttpFailureInjector { + proto::HttpFailureInjector { + status: u32::from(status.as_u16()), + message, + ratio: Some(proto::Ratio { + numerator: ratio.numerator, + denominator: ratio.denominator, + }), + } + } +} diff --git a/policy-controller/k8s/index/src/http_route.rs b/policy-controller/k8s/index/src/http_route.rs index c25b9be464f8a..f4d1eccdd26ae 100644 --- a/policy-controller/k8s/index/src/http_route.rs +++ b/policy-controller/k8s/index/src/http_route.rs @@ -1,7 +1,7 @@ use anyhow::{anyhow, bail, Result}; use k8s_gateway_api as api; use kube::{Resource, ResourceExt}; -use linkerd_policy_controller_core::http_route::{self, GroupKindName, GroupKindNamespaceName}; +use linkerd_policy_controller_core::routes::{self, GroupKindName, GroupKindNamespaceName}; use linkerd_policy_controller_k8s_api::policy; use std::num::NonZeroU16; @@ -61,7 +61,7 @@ pub fn try_match( query_params, method, }: api::HttpRouteMatch, -) -> Result { +) -> Result { let path = path.map(path_match).transpose()?; let headers = headers @@ -78,10 +78,10 @@ pub fn try_match( let method = method .as_deref() - .map(http_route::Method::try_from) + .map(routes::Method::try_from) .transpose()?; - Ok(http_route::HttpRouteMatch { + Ok(routes::HttpRouteMatch { path, headers, query_params, @@ -89,23 +89,23 @@ pub fn try_match( }) } -pub fn path_match(path_match: api::HttpPathMatch) -> Result { +pub fn path_match(path_match: api::HttpPathMatch) -> Result { match path_match { api::HttpPathMatch::Exact { value } | api::HttpPathMatch::PathPrefix { value } if !value.starts_with('/') => { Err(anyhow!("HttpPathMatch paths must be absolute (begin with `/`); {value:?} is not an absolute path")) } - api::HttpPathMatch::Exact { value } => Ok(http_route::PathMatch::Exact(value)), - api::HttpPathMatch::PathPrefix { value } => Ok(http_route::PathMatch::Prefix(value)), + api::HttpPathMatch::Exact { value } => Ok(routes::PathMatch::Exact(value)), + api::HttpPathMatch::PathPrefix { value } => Ok(routes::PathMatch::Prefix(value)), api::HttpPathMatch::RegularExpression { value } => value .parse() - .map(http_route::PathMatch::Regex) + .map(routes::PathMatch::Regex) .map_err(Into::into), } } -pub fn host_match(hostname: api::Hostname) -> http_route::HostMatch { +pub fn host_match(hostname: api::Hostname) -> routes::HostMatch { if hostname.starts_with("*.") { let mut reverse_labels = hostname .split('.') @@ -113,41 +113,41 @@ pub fn host_match(hostname: api::Hostname) -> http_route::HostMatch { .map(|label| label.to_string()) .collect::>(); reverse_labels.reverse(); - http_route::HostMatch::Suffix { reverse_labels } + routes::HostMatch::Suffix { reverse_labels } } else { - http_route::HostMatch::Exact(hostname) + routes::HostMatch::Exact(hostname) } } -pub fn header_match(header_match: api::HttpHeaderMatch) -> Result { +pub fn header_match(header_match: api::HttpHeaderMatch) -> Result { match header_match { - api::HttpHeaderMatch::Exact { name, value } => Ok(http_route::HeaderMatch::Exact( + api::HttpHeaderMatch::Exact { name, value } => Ok(routes::HeaderMatch::Exact( name.parse()?, value.parse()?, )), api::HttpHeaderMatch::RegularExpression { name, value } => Ok( - http_route::HeaderMatch::Regex(name.parse()?, value.parse()?), + routes::HeaderMatch::Regex(name.parse()?, value.parse()?), ), } } pub fn query_param_match( query_match: api::HttpQueryParamMatch, -) -> Result { +) -> Result { match query_match { api::HttpQueryParamMatch::Exact { name, value } => { - Ok(http_route::QueryParamMatch::Exact(name, value)) + Ok(routes::QueryParamMatch::Exact(name, value)) } api::HttpQueryParamMatch::RegularExpression { name, value } => { - Ok(http_route::QueryParamMatch::Regex(name, value.parse()?)) + Ok(routes::QueryParamMatch::Regex(name, value.parse()?)) } } } pub fn header_modifier( api::HttpRequestHeaderFilter { set, add, remove }: api::HttpRequestHeaderFilter, -) -> Result { - Ok(http_route::HeaderModifierFilter { +) -> Result { + Ok(routes::HeaderModifierFilter { add: add .into_iter() .flatten() @@ -161,7 +161,7 @@ pub fn header_modifier( remove: remove .into_iter() .flatten() - .map(http_route::HeaderName::try_from) + .map(routes::HeaderName::try_from) .collect::>()?, }) } @@ -174,19 +174,19 @@ pub fn req_redirect( port, status_code, }: api::HttpRequestRedirectFilter, -) -> Result { - Ok(http_route::RequestRedirectFilter { +) -> Result { + Ok(routes::RequestRedirectFilter { scheme: scheme.as_deref().map(TryInto::try_into).transpose()?, host: hostname, path: path.map(path_modifier).transpose()?, port: port.and_then(|p| NonZeroU16::try_from(p).ok()), status: status_code - .map(http_route::StatusCode::try_from) + .map(routes::StatusCode::try_from) .transpose()?, }) } -fn path_modifier(path_modifier: api::HttpPathModifier) -> Result { +fn path_modifier(path_modifier: api::HttpPathModifier) -> Result { use api::HttpPathModifier::*; match path_modifier { ReplaceFullPath { @@ -201,11 +201,11 @@ fn path_modifier(path_modifier: api::HttpPathModifier) -> Result { - Ok(http_route::PathModifier::Full(replace_full_path)) + Ok(routes::PathModifier::Full(replace_full_path)) } ReplacePrefixMatch { replace_prefix_match, - } => Ok(http_route::PathModifier::Prefix(replace_prefix_match)), + } => Ok(routes::PathModifier::Prefix(replace_prefix_match)), } } diff --git a/policy-controller/k8s/index/src/inbound/authorization_policy.rs b/policy-controller/k8s/index/src/inbound/authorization_policy.rs index ca061b5fe495f..b0ed3b3bdf04a 100644 --- a/policy-controller/k8s/index/src/inbound/authorization_policy.rs +++ b/policy-controller/k8s/index/src/inbound/authorization_policy.rs @@ -1,5 +1,5 @@ use anyhow::Result; -use linkerd_policy_controller_core::http_route::GroupKindName; +use linkerd_policy_controller_core::routes::GroupKindName; use linkerd_policy_controller_k8s_api::{ self as k8s, policy::{LocalTargetRef, NamespacedTargetRef}, diff --git a/policy-controller/k8s/index/src/inbound/http_route.rs b/policy-controller/k8s/index/src/inbound/http_route.rs index ad326ccb8e615..ec44df0ec0e6f 100644 --- a/policy-controller/k8s/index/src/inbound/http_route.rs +++ b/policy-controller/k8s/index/src/inbound/http_route.rs @@ -2,7 +2,7 @@ use crate::http_route; use ahash::AHashMap as HashMap; use anyhow::{bail, Error, Result}; use k8s_gateway_api as api; -use linkerd_policy_controller_core::http_route::{HttpRouteMatch, Method}; +use linkerd_policy_controller_core::routes::{HttpRouteMatch, Method}; use linkerd_policy_controller_core::inbound::{Filter, HttpRoute, HttpRouteRule}; use linkerd_policy_controller_core::POLICY_CONTROLLER_NAME; use linkerd_policy_controller_k8s_api::{ diff --git a/policy-controller/k8s/index/src/inbound/index.rs b/policy-controller/k8s/index/src/inbound/index.rs index c8a1b47e45d12..c65ac615f973b 100644 --- a/policy-controller/k8s/index/src/inbound/index.rs +++ b/policy-controller/k8s/index/src/inbound/index.rs @@ -18,7 +18,7 @@ use crate::{ use ahash::{AHashMap as HashMap, AHashSet as HashSet}; use anyhow::{anyhow, bail, Result}; use linkerd_policy_controller_core::{ - http_route::{GroupKindName, HttpRouteMatch, Method, PathMatch}, + routes::{GroupKindName, HttpRouteMatch, Method, PathMatch}, inbound::{ AuthorizationRef, ClientAuthentication, ClientAuthorization, HttpRoute, HttpRouteRef, HttpRouteRule, InboundServer, ProxyProtocol, ServerRef, diff --git a/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs b/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs index 6fc4224aa582b..567fe48c4d8ab 100644 --- a/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs +++ b/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs @@ -1,6 +1,6 @@ use super::*; use k8s_openapi::apimachinery::pkg::apis::meta::v1 as metav1; -use linkerd_policy_controller_core::{http_route, inbound}; +use linkerd_policy_controller_core::{routes, inbound}; #[test] fn links_authorization_policy_with_mtls_name() { @@ -362,14 +362,14 @@ fn authorization_policy_prevents_index_deletion() { reference: ServerRef::Server("srv-8080".to_string()), authorizations: Default::default(), protocol: ProxyProtocol::Http1, - http_routes: hashmap!(HttpRouteRef::Linkerd(http_route::GroupKindName{ + http_routes: hashmap!(HttpRouteRef::Linkerd(routes::GroupKindName{ group: "policy.linkerd.io".into(), kind: "HTTPRoute".into(), name: "route-foo".into(), }) => HttpRoute { rules: vec![inbound::HttpRouteRule { - matches: vec![http_route::HttpRouteMatch { - path: Some(http_route::PathMatch::Prefix("/foo".to_string())), + matches: vec![routes::HttpRouteMatch { + path: Some(routes::PathMatch::Prefix("/foo".to_string())), headers: vec![], query_params: vec![], method: None, diff --git a/policy-controller/k8s/index/src/inbound/tests/http_routes.rs b/policy-controller/k8s/index/src/inbound/tests/http_routes.rs index d5f3a5f20f1f5..95bd6c686d66c 100644 --- a/policy-controller/k8s/index/src/inbound/tests/http_routes.rs +++ b/policy-controller/k8s/index/src/inbound/tests/http_routes.rs @@ -1,7 +1,7 @@ use super::*; use crate::http_route::gkn_for_linkerd_http_route; use linkerd_policy_controller_core::{ - http_route::{HttpRouteMatch, Method, PathMatch}, + routes::{HttpRouteMatch, Method, PathMatch}, POLICY_CONTROLLER_NAME, }; diff --git a/policy-controller/k8s/index/src/outbound/index.rs b/policy-controller/k8s/index/src/outbound/index.rs index ee23bf4d849e5..b5b4a2da2ad5d 100644 --- a/policy-controller/k8s/index/src/outbound/index.rs +++ b/policy-controller/k8s/index/src/outbound/index.rs @@ -7,7 +7,7 @@ use ahash::AHashMap as HashMap; use anyhow::{bail, ensure, Result}; use k8s_gateway_api::{BackendObjectReference, HttpBackendRef, ParentReference}; use linkerd_policy_controller_core::{ - http_route::GroupKindNamespaceName, + routes::GroupKindNamespaceName, outbound::{ Backend, Backoff, FailureAccrual, Filter, HttpRoute, HttpRouteRule, OutboundPolicy, WeightedService, diff --git a/policy-controller/k8s/index/src/outbound/tests/http_routes.rs b/policy-controller/k8s/index/src/outbound/tests/http_routes.rs index 4861b67fd4dc8..3d515a341d1e4 100644 --- a/policy-controller/k8s/index/src/outbound/tests/http_routes.rs +++ b/policy-controller/k8s/index/src/outbound/tests/http_routes.rs @@ -1,7 +1,7 @@ use k8s_gateway_api::BackendRef; use kube::Resource; use linkerd_policy_controller_core::{ - http_route::GroupKindNamespaceName, + routes::GroupKindNamespaceName, outbound::{Backend, WeightedService}, POLICY_CONTROLLER_NAME, }; diff --git a/policy-controller/k8s/status/src/index.rs b/policy-controller/k8s/status/src/index.rs index 8892c269403a7..75d47ed1fef4e 100644 --- a/policy-controller/k8s/status/src/index.rs +++ b/policy-controller/k8s/status/src/index.rs @@ -8,7 +8,7 @@ use chrono::offset::Utc; use chrono::DateTime; use k8s::{NamespaceResourceScope, Resource}; use kubert::lease::Claim; -use linkerd_policy_controller_core::{http_route::GroupKindName, POLICY_CONTROLLER_NAME}; +use linkerd_policy_controller_core::{routes::GroupKindName, POLICY_CONTROLLER_NAME}; use linkerd_policy_controller_k8s_api::{self as k8s, gateway, ResourceExt}; use parking_lot::RwLock; use prometheus_client::{ diff --git a/policy-controller/k8s/status/src/resource_id.rs b/policy-controller/k8s/status/src/resource_id.rs index a3036323d1705..001d3dcd71999 100644 --- a/policy-controller/k8s/status/src/resource_id.rs +++ b/policy-controller/k8s/status/src/resource_id.rs @@ -1,4 +1,4 @@ -use linkerd_policy_controller_core::http_route::GroupKindName; +use linkerd_policy_controller_core::routes::GroupKindName; #[derive(Clone, Debug, Eq, Hash, PartialEq)] pub struct ResourceId { diff --git a/policy-controller/k8s/status/src/tests/http_routes.rs b/policy-controller/k8s/status/src/tests/http_routes.rs index 19fde10a18d19..04fd70719100f 100644 --- a/policy-controller/k8s/status/src/tests/http_routes.rs +++ b/policy-controller/k8s/status/src/tests/http_routes.rs @@ -6,7 +6,7 @@ use crate::{ use gateway::{BackendObjectReference, BackendRef, HttpBackendRef, ParentReference}; use k8s::{Resource, ResourceExt}; use kubert::index::IndexNamespacedResource; -use linkerd_policy_controller_core::{http_route::GroupKindName, POLICY_CONTROLLER_NAME}; +use linkerd_policy_controller_core::{routes::GroupKindName, POLICY_CONTROLLER_NAME}; use linkerd_policy_controller_k8s_api::{self as k8s, gateway, policy::server::Port}; use std::sync::Arc; use tokio::sync::{mpsc, watch}; diff --git a/policy-controller/src/admission.rs b/policy-controller/src/admission.rs index 06ceafbb3c970..76fa39e1e4944 100644 --- a/policy-controller/src/admission.rs +++ b/policy-controller/src/admission.rs @@ -451,7 +451,7 @@ fn validate_match( let _ = path.map(http_route::path_match).transpose()?; let _ = method .as_deref() - .map(core::http_route::Method::try_from) + .map(core::routes::Method::try_from) .transpose()?; for q in query_params.into_iter().flatten() { From b6dbafc4d1b5fc0ad1c98f5abae4d408234632b2 Mon Sep 17 00:00:00 2001 From: Mark S Date: Thu, 30 May 2024 15:16:06 -0400 Subject: [PATCH 02/15] style: cargo fmt Signed-off-by: Mark S --- policy-controller/core/src/inbound.rs | 4 +-- policy-controller/core/src/lib.rs | 2 +- policy-controller/grpc/src/inbound.rs | 5 +++- policy-controller/grpc/src/outbound.rs | 7 ++++-- policy-controller/grpc/src/routes.rs | 4 +-- policy-controller/k8s/index/src/http_route.rs | 25 +++++++------------ .../k8s/index/src/inbound/http_route.rs | 2 +- .../k8s/index/src/inbound/index.rs | 2 +- .../src/inbound/tests/authorization_policy.rs | 2 +- .../k8s/index/src/outbound/index.rs | 2 +- .../index/src/outbound/tests/http_routes.rs | 2 +- 11 files changed, 28 insertions(+), 29 deletions(-) diff --git a/policy-controller/core/src/inbound.rs b/policy-controller/core/src/inbound.rs index a2eb4cff58b5e..7f128a5082922 100644 --- a/policy-controller/core/src/inbound.rs +++ b/policy-controller/core/src/inbound.rs @@ -1,10 +1,10 @@ use crate::{ + identity_match::IdentityMatch, + network_match::NetworkMatch, routes::{ FailureInjectorFilter, GroupKindName, HeaderModifierFilter, HostMatch, HttpRouteMatch, PathMatch, RequestRedirectFilter, }, - identity_match::IdentityMatch, - network_match::NetworkMatch, }; use ahash::AHashMap as HashMap; use anyhow::Result; diff --git a/policy-controller/core/src/lib.rs b/policy-controller/core/src/lib.rs index 67eec7fd7e990..11479bdcca31b 100644 --- a/policy-controller/core/src/lib.rs +++ b/policy-controller/core/src/lib.rs @@ -1,11 +1,11 @@ #![deny(warnings, rust_2018_idioms)] #![forbid(unsafe_code)] -pub mod routes; mod identity_match; pub mod inbound; mod network_match; pub mod outbound; +pub mod routes; pub use self::{identity_match::IdentityMatch, network_match::NetworkMatch}; pub use ipnet::{IpNet, Ipv4Net, Ipv6Net}; diff --git a/policy-controller/grpc/src/inbound.rs b/policy-controller/grpc/src/inbound.rs index c1ba6274d0872..036ddf6cc6e75 100644 --- a/policy-controller/grpc/src/inbound.rs +++ b/policy-controller/grpc/src/inbound.rs @@ -389,7 +389,10 @@ fn to_http_route( .into_iter() .map( |HttpRouteRule { matches, filters }| proto::http_route::Rule { - matches: matches.into_iter().map(routes::http::convert_match).collect(), + matches: matches + .into_iter() + .map(routes::http::convert_match) + .collect(), filters: filters.into_iter().filter_map(convert_filter).collect(), }, ) diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index ac9d90dab2ff9..b7ab0c9436635 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -9,11 +9,11 @@ use linkerd2_proxy_api::{ }, }; use linkerd_policy_controller_core::{ - routes::GroupKindNamespaceName, outbound::{ Backend, DiscoverOutboundPolicy, Filter, HttpRoute, HttpRouteRule, OutboundDiscoverTarget, OutboundPolicy, OutboundPolicyStream, }, + routes::GroupKindNamespaceName, }; use std::{net::SocketAddr, num::NonZeroU16, str::FromStr, sync::Arc, time}; @@ -351,7 +351,10 @@ fn convert_outbound_http_route( ) }; outbound::http_route::Rule { - matches: matches.into_iter().map(routes::http::convert_match).collect(), + matches: matches + .into_iter() + .map(routes::http::convert_match) + .collect(), backends: Some(outbound::http_route::Distribution { kind: Some(dist) }), filters: filters.into_iter().map(convert_filter).collect(), request_timeout: request_timeout diff --git a/policy-controller/grpc/src/routes.rs b/policy-controller/grpc/src/routes.rs index 335ad7a086f98..d3b82c415c2e0 100644 --- a/policy-controller/grpc/src/routes.rs +++ b/policy-controller/grpc/src/routes.rs @@ -1,7 +1,7 @@ use linkerd2_proxy_api::{http_route as proto, http_types}; use linkerd_policy_controller_core::routes::{ - FailureInjectorFilter, HeaderMatch, HeaderModifierFilter, HostMatch, - HttpRouteMatch, PathMatch, PathModifier, QueryParamMatch, RequestRedirectFilter, + FailureInjectorFilter, HeaderMatch, HeaderModifierFilter, HostMatch, HttpRouteMatch, PathMatch, + PathModifier, QueryParamMatch, RequestRedirectFilter, }; pub(crate) fn convert_host_match(h: HostMatch) -> proto::HostMatch { diff --git a/policy-controller/k8s/index/src/http_route.rs b/policy-controller/k8s/index/src/http_route.rs index f4d1eccdd26ae..199d6e5617a16 100644 --- a/policy-controller/k8s/index/src/http_route.rs +++ b/policy-controller/k8s/index/src/http_route.rs @@ -121,19 +121,16 @@ pub fn host_match(hostname: api::Hostname) -> routes::HostMatch { pub fn header_match(header_match: api::HttpHeaderMatch) -> Result { match header_match { - api::HttpHeaderMatch::Exact { name, value } => Ok(routes::HeaderMatch::Exact( - name.parse()?, - value.parse()?, - )), - api::HttpHeaderMatch::RegularExpression { name, value } => Ok( - routes::HeaderMatch::Regex(name.parse()?, value.parse()?), - ), + api::HttpHeaderMatch::Exact { name, value } => { + Ok(routes::HeaderMatch::Exact(name.parse()?, value.parse()?)) + } + api::HttpHeaderMatch::RegularExpression { name, value } => { + Ok(routes::HeaderMatch::Regex(name.parse()?, value.parse()?)) + } } } -pub fn query_param_match( - query_match: api::HttpQueryParamMatch, -) -> Result { +pub fn query_param_match(query_match: api::HttpQueryParamMatch) -> Result { match query_match { api::HttpQueryParamMatch::Exact { name, value } => { Ok(routes::QueryParamMatch::Exact(name, value)) @@ -180,9 +177,7 @@ pub fn req_redirect( host: hostname, path: path.map(path_modifier).transpose()?, port: port.and_then(|p| NonZeroU16::try_from(p).ok()), - status: status_code - .map(routes::StatusCode::try_from) - .transpose()?, + status: status_code.map(routes::StatusCode::try_from).transpose()?, }) } @@ -200,9 +195,7 @@ fn path_modifier(path_modifier: api::HttpPathModifier) -> Result { - Ok(routes::PathModifier::Full(replace_full_path)) - } + ReplaceFullPath { replace_full_path } => Ok(routes::PathModifier::Full(replace_full_path)), ReplacePrefixMatch { replace_prefix_match, } => Ok(routes::PathModifier::Prefix(replace_prefix_match)), diff --git a/policy-controller/k8s/index/src/inbound/http_route.rs b/policy-controller/k8s/index/src/inbound/http_route.rs index ec44df0ec0e6f..37b521d1ee300 100644 --- a/policy-controller/k8s/index/src/inbound/http_route.rs +++ b/policy-controller/k8s/index/src/inbound/http_route.rs @@ -2,8 +2,8 @@ use crate::http_route; use ahash::AHashMap as HashMap; use anyhow::{bail, Error, Result}; use k8s_gateway_api as api; -use linkerd_policy_controller_core::routes::{HttpRouteMatch, Method}; use linkerd_policy_controller_core::inbound::{Filter, HttpRoute, HttpRouteRule}; +use linkerd_policy_controller_core::routes::{HttpRouteMatch, Method}; use linkerd_policy_controller_core::POLICY_CONTROLLER_NAME; use linkerd_policy_controller_k8s_api::{ self as k8s, gateway, diff --git a/policy-controller/k8s/index/src/inbound/index.rs b/policy-controller/k8s/index/src/inbound/index.rs index c65ac615f973b..d7771dff6dd55 100644 --- a/policy-controller/k8s/index/src/inbound/index.rs +++ b/policy-controller/k8s/index/src/inbound/index.rs @@ -18,11 +18,11 @@ use crate::{ use ahash::{AHashMap as HashMap, AHashSet as HashSet}; use anyhow::{anyhow, bail, Result}; use linkerd_policy_controller_core::{ - routes::{GroupKindName, HttpRouteMatch, Method, PathMatch}, inbound::{ AuthorizationRef, ClientAuthentication, ClientAuthorization, HttpRoute, HttpRouteRef, HttpRouteRule, InboundServer, ProxyProtocol, ServerRef, }, + routes::{GroupKindName, HttpRouteMatch, Method, PathMatch}, IdentityMatch, Ipv4Net, Ipv6Net, NetworkMatch, }; use linkerd_policy_controller_k8s_api::{ diff --git a/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs b/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs index 567fe48c4d8ab..42a3554d106ff 100644 --- a/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs +++ b/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs @@ -1,6 +1,6 @@ use super::*; use k8s_openapi::apimachinery::pkg::apis::meta::v1 as metav1; -use linkerd_policy_controller_core::{routes, inbound}; +use linkerd_policy_controller_core::{inbound, routes}; #[test] fn links_authorization_policy_with_mtls_name() { diff --git a/policy-controller/k8s/index/src/outbound/index.rs b/policy-controller/k8s/index/src/outbound/index.rs index b5b4a2da2ad5d..0f14bb229a688 100644 --- a/policy-controller/k8s/index/src/outbound/index.rs +++ b/policy-controller/k8s/index/src/outbound/index.rs @@ -7,11 +7,11 @@ use ahash::AHashMap as HashMap; use anyhow::{bail, ensure, Result}; use k8s_gateway_api::{BackendObjectReference, HttpBackendRef, ParentReference}; use linkerd_policy_controller_core::{ - routes::GroupKindNamespaceName, outbound::{ Backend, Backoff, FailureAccrual, Filter, HttpRoute, HttpRouteRule, OutboundPolicy, WeightedService, }, + routes::GroupKindNamespaceName, }; use linkerd_policy_controller_k8s_api::{policy as api, ResourceExt, Service, Time}; use parking_lot::RwLock; diff --git a/policy-controller/k8s/index/src/outbound/tests/http_routes.rs b/policy-controller/k8s/index/src/outbound/tests/http_routes.rs index 3d515a341d1e4..bc9cd76bf46f8 100644 --- a/policy-controller/k8s/index/src/outbound/tests/http_routes.rs +++ b/policy-controller/k8s/index/src/outbound/tests/http_routes.rs @@ -1,8 +1,8 @@ use k8s_gateway_api::BackendRef; use kube::Resource; use linkerd_policy_controller_core::{ - routes::GroupKindNamespaceName, outbound::{Backend, WeightedService}, + routes::GroupKindNamespaceName, POLICY_CONTROLLER_NAME, }; use tracing::Level; From c0533464362e64f274b4468ca210def5fb56a0b0 Mon Sep 17 00:00:00 2001 From: Mark S Date: Thu, 30 May 2024 15:17:37 -0400 Subject: [PATCH 03/15] revert: revert lock changes Signed-off-by: Mark S --- Cargo.lock | 229 ++++++++++++++++++++++++++--------------------------- 1 file changed, 111 insertions(+), 118 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 351fe43941c82..98879de1f17e9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -97,7 +97,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -108,7 +108,7 @@ checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -199,9 +199,9 @@ checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" [[package]] name = "base64" -version = "0.22.1" +version = "0.22.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" [[package]] name = "bitflags" @@ -211,9 +211,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.5.0" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" [[package]] name = "block-buffer" @@ -264,7 +264,7 @@ dependencies = [ "iana-time-zone", "num-traits", "serde", - "windows-targets 0.52.5", + "windows-targets 0.52.0", ] [[package]] @@ -296,7 +296,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -370,7 +370,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -381,7 +381,7 @@ checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" dependencies = [ "darling_core", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -550,7 +550,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -631,7 +631,7 @@ dependencies = [ "futures-sink", "futures-util", "http", - "indexmap 2.2.6", + "indexmap 2.2.3", "slab", "tokio", "tokio-util", @@ -646,9 +646,9 @@ checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "hashbrown" -version = "0.14.5" +version = "0.14.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" +checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" dependencies = [ "ahash", "allocator-api2", @@ -842,12 +842,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.6" +version = "2.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +checksum = "233cf39063f058ea2caae4091bf4a3ef70a653afbc026f5c4a4135d114e3c177" dependencies = [ "equivalent", - "hashbrown 0.14.5", + "hashbrown 0.14.3", ] [[package]] @@ -906,9 +906,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.69" +version = "0.3.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" +checksum = "c3fac17f7123a73ca62df411b1bf727ccc805daa070338fda671c86dac1bdc27" dependencies = [ "wasm-bindgen", ] @@ -1046,7 +1046,7 @@ dependencies = [ "proc-macro2", "quote", "serde_json", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1060,7 +1060,7 @@ dependencies = [ "backoff", "derivative", "futures", - "hashbrown 0.14.5", + "hashbrown 0.14.3", "json-patch", "k8s-openapi", "kube-client", @@ -1461,7 +1461,7 @@ version = "0.10.64" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "cfg-if", "foreign-types", "libc", @@ -1478,7 +1478,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1544,7 +1544,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "windows-targets 0.52.5", + "windows-targets 0.52.0", ] [[package]] @@ -1553,7 +1553,7 @@ version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" dependencies = [ - "base64 0.22.1", + "base64 0.22.0", "serde", ] @@ -1594,7 +1594,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1625,7 +1625,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1667,7 +1667,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "731e0d9356b0c25f16f33b5be79b1c57b562f141ebfcdb0ad8ac2c13a24293b4" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "hex", "lazy_static", "procfs-core", @@ -1680,7 +1680,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2d3554923a69f4ce04c4a754260c338f505ce22642d3830e049a399fc2059a29" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "hex", ] @@ -1704,7 +1704,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1727,7 +1727,7 @@ dependencies = [ "itertools", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1771,9 +1771,9 @@ dependencies = [ [[package]] name = "rand_core" -version = "0.6.4" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" dependencies = [ "getrandom", ] @@ -1784,7 +1784,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", ] [[package]] @@ -1795,8 +1795,8 @@ checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.4.6", - "regex-syntax 0.8.3", + "regex-automata 0.4.4", + "regex-syntax 0.8.2", ] [[package]] @@ -1810,13 +1810,13 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.6" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea" +checksum = "3b7fa1134405e2ec9353fd416b17f8dacd46c473d7d3fd1cf202706a14eb792a" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.3", + "regex-syntax 0.8.2", ] [[package]] @@ -1827,9 +1827,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "regex-syntax" -version = "0.8.3" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" +checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" [[package]] name = "ring" @@ -1858,7 +1858,7 @@ version = "0.38.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "errno", "libc", "linux-raw-sys", @@ -1950,7 +1950,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1981,11 +1981,11 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.11.0" +version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c627723fd09706bacdb5cf41499e95098555af3c3c29d014dc3c458ef6be11c0" +checksum = "770452e37cad93e0a50d5abc3990d2bc351c36d0328f86cefec2f2fb206eaef6" dependencies = [ - "bitflags 2.5.0", + "bitflags 1.3.2", "core-foundation", "core-foundation-sys", "libc", @@ -2029,7 +2029,7 @@ checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2040,7 +2040,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2060,7 +2060,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.2.6", + "indexmap 2.2.3", "itoa", "ryu", "serde", @@ -2157,9 +2157,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.66" +version = "2.0.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5" +checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" dependencies = [ "proc-macro2", "quote", @@ -2189,7 +2189,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2254,7 +2254,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2396,7 +2396,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "61c5bb1d698276a2443e5ecfabc1008bf15a36c12e6a7176e7bf089ea9131140" dependencies = [ "base64 0.21.7", - "bitflags 2.5.0", + "bitflags 2.4.0", "bytes", "futures-core", "futures-util", @@ -2442,7 +2442,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2619,9 +2619,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" +checksum = "7c53b543413a17a202f4be280a7e5c62a1c69345f5de525ee64f8cfdbc954994" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2629,24 +2629,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" +checksum = "5491a68ab4500fa6b4d726bd67408630c3dbe9c4fe7bda16d5c82a1fd8c7340a" dependencies = [ "bumpalo", + "lazy_static", "log", - "once_cell", "proc-macro2", "quote", - "syn 2.0.66", + "syn 1.0.109", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" +checksum = "c441e177922bc58f1e12c022624b6216378e5febc2f0533e41ba443d505b80aa" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2654,22 +2654,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" +checksum = "7d94ac45fcf608c1f45ef53e748d35660f168490c10b23704c7779ab8f5c3048" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 1.0.109", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" +checksum = "6a89911bd99e5f3659ec4acf9c4d93b0a90fe4a2a11f15328472058edc5261be" [[package]] name = "winapi" @@ -2695,11 +2695,11 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.52.0" +version = "0.51.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" +checksum = "b81650771e76355778637954dc9d7eb8d991cd89ad64ba26f21eeb3c22d8d836" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.48.2", ] [[package]] @@ -2708,7 +2708,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets 0.48.5", + "windows-targets 0.48.2", ] [[package]] @@ -2717,38 +2717,37 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.52.0", ] [[package]] name = "windows-targets" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +checksum = "d1eeca1c172a285ee6c2c84c341ccea837e7c01b12fbb2d0fe3c9e550ce49ec8" dependencies = [ "windows_aarch64_gnullvm 0.48.5", - "windows_aarch64_msvc 0.48.5", - "windows_i686_gnu 0.48.5", + "windows_aarch64_msvc 0.48.2", + "windows_i686_gnu 0.48.2", "windows_i686_msvc 0.48.5", - "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnu 0.48.2", "windows_x86_64_gnullvm 0.48.5", - "windows_x86_64_msvc 0.48.5", + "windows_x86_64_msvc 0.48.2", ] [[package]] name = "windows-targets" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" dependencies = [ - "windows_aarch64_gnullvm 0.52.5", - "windows_aarch64_msvc 0.52.5", - "windows_i686_gnu 0.52.5", - "windows_i686_gnullvm", - "windows_i686_msvc 0.52.5", - "windows_x86_64_gnu 0.52.5", - "windows_x86_64_gnullvm 0.52.5", - "windows_x86_64_msvc 0.52.5", + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", ] [[package]] @@ -2759,39 +2758,33 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" [[package]] name = "windows_aarch64_msvc" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" +checksum = "571d8d4e62f26d4932099a9efe89660e8bd5087775a2ab5cdd8b747b811f1058" [[package]] name = "windows_aarch64_msvc" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" [[package]] name = "windows_i686_gnu" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" +checksum = "2229ad223e178db5fbbc8bd8d3835e51e566b8474bfca58d2e6150c48bb723cd" [[package]] name = "windows_i686_gnu" -version = "0.52.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" - -[[package]] -name = "windows_i686_gnullvm" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" [[package]] name = "windows_i686_msvc" @@ -2801,21 +2794,21 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" [[package]] name = "windows_x86_64_gnu" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" +checksum = "ea99ff3f8b49fb7a8e0d305e5aec485bd068c2ba691b6e277d29eaeac945868a" [[package]] name = "windows_x86_64_gnu" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" [[package]] name = "windows_x86_64_gnullvm" @@ -2825,21 +2818,21 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" [[package]] name = "windows_x86_64_msvc" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" +checksum = "d419259aba16b663966e29e6d7c6ecfa0bb8425818bb96f6f1f3c3eb71a6e7b9" [[package]] name = "windows_x86_64_msvc" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" [[package]] name = "zerocopy" @@ -2858,7 +2851,7 @@ checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] From b397fe8ec138949086e54c60cea85568cbe9239a Mon Sep 17 00:00:00 2001 From: Mark S Date: Thu, 30 May 2024 17:13:17 -0400 Subject: [PATCH 04/15] refactor: generalize outbound route types Signed-off-by: Mark S --- Cargo.lock | 231 +++++------ policy-controller/core/src/outbound.rs | 73 +++- policy-controller/core/src/routes.rs | 15 +- policy-controller/grpc/Cargo.toml | 3 +- policy-controller/grpc/src/outbound.rs | 185 +++++---- policy-controller/k8s/index/Cargo.toml | 1 - .../index/src/inbound/authorization_policy.rs | 2 +- .../k8s/index/src/inbound/http_route.rs | 33 +- .../k8s/index/src/inbound/index.rs | 13 +- .../src/inbound/tests/authorization_policy.rs | 5 +- .../index/src/inbound/tests/http_routes.rs | 11 +- policy-controller/k8s/index/src/lib.rs | 4 +- .../k8s/index/src/outbound/index.rs | 379 +++++++++++------- .../k8s/index/src/outbound/tests.rs | 2 +- .../k8s/index/src/outbound/tests/routes.rs | 1 + .../tests/{http_routes.rs => routes/http.rs} | 39 +- policy-controller/k8s/index/src/routes.rs | 82 ++++ .../src/{http_route.rs => routes/http.rs} | 99 +---- policy-controller/src/admission.rs | 19 +- 19 files changed, 718 insertions(+), 479 deletions(-) create mode 100644 policy-controller/k8s/index/src/outbound/tests/routes.rs rename policy-controller/k8s/index/src/outbound/tests/{http_routes.rs => routes/http.rs} (85%) create mode 100644 policy-controller/k8s/index/src/routes.rs rename policy-controller/k8s/index/src/{http_route.rs => routes/http.rs} (58%) diff --git a/Cargo.lock b/Cargo.lock index 98879de1f17e9..8ca9ca86f5dac 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -97,7 +97,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -108,7 +108,7 @@ checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -199,9 +199,9 @@ checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" [[package]] name = "base64" -version = "0.22.0" +version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "bitflags" @@ -211,9 +211,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.4.0" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" +checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" [[package]] name = "block-buffer" @@ -264,7 +264,7 @@ dependencies = [ "iana-time-zone", "num-traits", "serde", - "windows-targets 0.52.0", + "windows-targets 0.52.5", ] [[package]] @@ -296,7 +296,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -370,7 +370,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -381,7 +381,7 @@ checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" dependencies = [ "darling_core", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -550,7 +550,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -631,7 +631,7 @@ dependencies = [ "futures-sink", "futures-util", "http", - "indexmap 2.2.3", + "indexmap 2.2.6", "slab", "tokio", "tokio-util", @@ -646,9 +646,9 @@ checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "hashbrown" -version = "0.14.3" +version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" dependencies = [ "ahash", "allocator-api2", @@ -842,12 +842,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.3" +version = "2.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "233cf39063f058ea2caae4091bf4a3ef70a653afbc026f5c4a4135d114e3c177" +checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" dependencies = [ "equivalent", - "hashbrown 0.14.3", + "hashbrown 0.14.5", ] [[package]] @@ -906,9 +906,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.58" +version = "0.3.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3fac17f7123a73ca62df411b1bf727ccc805daa070338fda671c86dac1bdc27" +checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" dependencies = [ "wasm-bindgen", ] @@ -1046,7 +1046,7 @@ dependencies = [ "proc-macro2", "quote", "serde_json", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1060,7 +1060,7 @@ dependencies = [ "backoff", "derivative", "futures", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "json-patch", "k8s-openapi", "kube-client", @@ -1221,6 +1221,7 @@ dependencies = [ "futures", "http", "hyper", + "itertools", "linkerd-policy-controller-core", "linkerd2-proxy-api", "maplit", @@ -1258,7 +1259,6 @@ dependencies = [ "chrono", "futures", "http", - "k8s-gateway-api", "k8s-openapi", "kube", "kubert", @@ -1461,7 +1461,7 @@ version = "0.10.64" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "cfg-if", "foreign-types", "libc", @@ -1478,7 +1478,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1544,7 +1544,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "windows-targets 0.52.0", + "windows-targets 0.52.5", ] [[package]] @@ -1553,7 +1553,7 @@ version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" dependencies = [ - "base64 0.22.0", + "base64 0.22.1", "serde", ] @@ -1594,7 +1594,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1625,7 +1625,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1667,7 +1667,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "731e0d9356b0c25f16f33b5be79b1c57b562f141ebfcdb0ad8ac2c13a24293b4" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "hex", "lazy_static", "procfs-core", @@ -1680,7 +1680,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2d3554923a69f4ce04c4a754260c338f505ce22642d3830e049a399fc2059a29" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "hex", ] @@ -1704,7 +1704,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1727,7 +1727,7 @@ dependencies = [ "itertools", "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1771,9 +1771,9 @@ dependencies = [ [[package]] name = "rand_core" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ "getrandom", ] @@ -1784,7 +1784,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", ] [[package]] @@ -1795,8 +1795,8 @@ checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.4.4", - "regex-syntax 0.8.2", + "regex-automata 0.4.6", + "regex-syntax 0.8.3", ] [[package]] @@ -1810,13 +1810,13 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.4" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b7fa1134405e2ec9353fd416b17f8dacd46c473d7d3fd1cf202706a14eb792a" +checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.2", + "regex-syntax 0.8.3", ] [[package]] @@ -1827,9 +1827,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "regex-syntax" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" +checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" [[package]] name = "ring" @@ -1858,7 +1858,7 @@ version = "0.38.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" dependencies = [ - "bitflags 2.4.0", + "bitflags 2.5.0", "errno", "libc", "linux-raw-sys", @@ -1950,7 +1950,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -1981,11 +1981,11 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.10.0" +version = "2.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "770452e37cad93e0a50d5abc3990d2bc351c36d0328f86cefec2f2fb206eaef6" +checksum = "c627723fd09706bacdb5cf41499e95098555af3c3c29d014dc3c458ef6be11c0" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.5.0", "core-foundation", "core-foundation-sys", "libc", @@ -2029,7 +2029,7 @@ checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2040,7 +2040,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2060,7 +2060,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.2.3", + "indexmap 2.2.6", "itoa", "ryu", "serde", @@ -2157,9 +2157,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.48" +version = "2.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" +checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5" dependencies = [ "proc-macro2", "quote", @@ -2189,7 +2189,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2254,7 +2254,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2396,7 +2396,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "61c5bb1d698276a2443e5ecfabc1008bf15a36c12e6a7176e7bf089ea9131140" dependencies = [ "base64 0.21.7", - "bitflags 2.4.0", + "bitflags 2.5.0", "bytes", "futures-core", "futures-util", @@ -2442,7 +2442,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] @@ -2619,9 +2619,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c53b543413a17a202f4be280a7e5c62a1c69345f5de525ee64f8cfdbc954994" +checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2629,24 +2629,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5491a68ab4500fa6b4d726bd67408630c3dbe9c4fe7bda16d5c82a1fd8c7340a" +checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" dependencies = [ "bumpalo", - "lazy_static", "log", + "once_cell", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.66", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c441e177922bc58f1e12c022624b6216378e5febc2f0533e41ba443d505b80aa" +checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2654,22 +2654,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d94ac45fcf608c1f45ef53e748d35660f168490c10b23704c7779ab8f5c3048" +checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.66", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.81" +version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a89911bd99e5f3659ec4acf9c4d93b0a90fe4a2a11f15328472058edc5261be" +checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" [[package]] name = "winapi" @@ -2695,11 +2695,11 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.51.0" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b81650771e76355778637954dc9d7eb8d991cd89ad64ba26f21eeb3c22d8d836" +checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" dependencies = [ - "windows-targets 0.48.2", + "windows-targets 0.52.5", ] [[package]] @@ -2708,7 +2708,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets 0.48.2", + "windows-targets 0.48.5", ] [[package]] @@ -2717,37 +2717,38 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.0", + "windows-targets 0.52.5", ] [[package]] name = "windows-targets" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1eeca1c172a285ee6c2c84c341ccea837e7c01b12fbb2d0fe3c9e550ce49ec8" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" dependencies = [ "windows_aarch64_gnullvm 0.48.5", - "windows_aarch64_msvc 0.48.2", - "windows_i686_gnu 0.48.2", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", "windows_i686_msvc 0.48.5", - "windows_x86_64_gnu 0.48.2", + "windows_x86_64_gnu 0.48.5", "windows_x86_64_gnullvm 0.48.5", - "windows_x86_64_msvc 0.48.2", + "windows_x86_64_msvc 0.48.5", ] [[package]] name = "windows-targets" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" dependencies = [ - "windows_aarch64_gnullvm 0.52.0", - "windows_aarch64_msvc 0.52.0", - "windows_i686_gnu 0.52.0", - "windows_i686_msvc 0.52.0", - "windows_x86_64_gnu 0.52.0", - "windows_x86_64_gnullvm 0.52.0", - "windows_x86_64_msvc 0.52.0", + "windows_aarch64_gnullvm 0.52.5", + "windows_aarch64_msvc 0.52.5", + "windows_i686_gnu 0.52.5", + "windows_i686_gnullvm", + "windows_i686_msvc 0.52.5", + "windows_x86_64_gnu 0.52.5", + "windows_x86_64_gnullvm 0.52.5", + "windows_x86_64_msvc 0.52.5", ] [[package]] @@ -2758,33 +2759,39 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" +checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" [[package]] name = "windows_aarch64_msvc" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "571d8d4e62f26d4932099a9efe89660e8bd5087775a2ab5cdd8b747b811f1058" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" +checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" [[package]] name = "windows_i686_gnu" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2229ad223e178db5fbbc8bd8d3835e51e566b8474bfca58d2e6150c48bb723cd" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" +checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" [[package]] name = "windows_i686_msvc" @@ -2794,21 +2801,21 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" +checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" [[package]] name = "windows_x86_64_gnu" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea99ff3f8b49fb7a8e0d305e5aec485bd068c2ba691b6e277d29eaeac945868a" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" +checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" [[package]] name = "windows_x86_64_gnullvm" @@ -2818,21 +2825,21 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" +checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" [[package]] name = "windows_x86_64_msvc" -version = "0.48.2" +version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d419259aba16b663966e29e6d7c6ecfa0bb8425818bb96f6f1f3c3eb71a6e7b9" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.0" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" +checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" [[package]] name = "zerocopy" @@ -2851,7 +2858,7 @@ checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.48", + "syn 2.0.66", ] [[package]] diff --git a/policy-controller/core/src/outbound.rs b/policy-controller/core/src/outbound.rs index 18070e7499df9..7322437ced127 100644 --- a/policy-controller/core/src/outbound.rs +++ b/policy-controller/core/src/outbound.rs @@ -1,5 +1,6 @@ use crate::routes::{ - GroupKindNamespaceName, HeaderModifierFilter, HostMatch, HttpRouteMatch, RequestRedirectFilter, + FailureInjectorFilter, GroupKindNamespaceName, HeaderModifierFilter, HostMatch, HttpRouteMatch, + RequestRedirectFilter, }; use ahash::AHashMap as HashMap; use anyhow::Result; @@ -26,9 +27,19 @@ pub struct OutboundDiscoverTarget { pub source_namespace: String, } +#[derive(Clone, Debug, PartialEq, Eq)] +pub enum TypedOutboundRoute { + Http(OutboundRoute), +} + +#[derive(Clone, Debug, PartialEq, Eq)] +pub enum OutboundRouteCollection { + Http(HashMap>), +} + #[derive(Clone, Debug, PartialEq)] pub struct OutboundPolicy { - pub http_routes: HashMap, + pub routes: Option, pub authority: String, pub name: String, pub namespace: String, @@ -38,18 +49,18 @@ pub struct OutboundPolicy { } #[derive(Clone, Debug, PartialEq, Eq)] -pub struct HttpRoute { +pub struct OutboundRoute { pub hostnames: Vec, - pub rules: Vec, + pub rules: Vec>, - /// This is required for ordering returned `HttpRoute`s by their creation - /// timestamp. + /// This is required for ordering returned routes + /// by their creation timestamp. pub creation_timestamp: Option>, } #[derive(Clone, Debug, PartialEq, Eq)] -pub struct HttpRouteRule { - pub matches: Vec, +pub struct OutboundRouteRule { + pub matches: Vec, pub backends: Vec, pub request_timeout: Option, pub backend_request_timeout: Option, @@ -98,4 +109,50 @@ pub enum Filter { RequestHeaderModifier(HeaderModifierFilter), ResponseHeaderModifier(HeaderModifierFilter), RequestRedirect(RequestRedirectFilter), + FailureInjector(FailureInjectorFilter), +} + +// === impl TypedOutboundRoute === + +impl From> for TypedOutboundRoute { + fn from(route: OutboundRoute) -> Self { + Self::Http(route) + } +} + +// === impl OutboundRouteCollection === + +impl OutboundRouteCollection { + pub fn is_empty(&self) -> bool { + match self { + Self::Http(routes) => routes.is_empty(), + } + } + + pub fn for_gknn(gknn: &GroupKindNamespaceName) -> Option { + match gknn.kind.as_ref() { + "HTTPRoute" => Some(Self::Http(Default::default())), + _ => None, + } + } + + pub fn remove(&mut self, key: &GroupKindNamespaceName) { + match self { + Self::Http(routes) => { + routes.remove(key); + } + } + } + + pub fn insert>( + &mut self, + key: GroupKindNamespaceName, + route: Route, + ) -> Result> { + match (self, route.into()) { + (Self::Http(routes), TypedOutboundRoute::Http(route)) => { + Ok(routes.insert(key, route).map(Into::into)) + } + } + } } diff --git a/policy-controller/core/src/routes.rs b/policy-controller/core/src/routes.rs index d3ff09cf3871c..41cbf7ae3bae4 100644 --- a/policy-controller/core/src/routes.rs +++ b/policy-controller/core/src/routes.rs @@ -1,4 +1,5 @@ use anyhow::Result; + pub use http::{ header::{HeaderName, HeaderValue}, uri::Scheme, @@ -8,7 +9,6 @@ use regex::Regex; use std::{borrow::Cow, num::NonZeroU16}; #[derive(Clone, Debug, Hash, PartialEq, Eq)] - pub struct GroupKindName { pub group: Cow<'static, str>, pub kind: Cow<'static, str>, @@ -126,6 +126,19 @@ impl GroupKindName { } } +// === impl HttpRouteMatch === + +impl Default for HttpRouteMatch { + fn default() -> Self { + Self { + method: None, + headers: vec![], + query_params: vec![], + path: Some(PathMatch::Prefix("/".to_string())), + } + } +} + // === impl PathMatch === impl PartialEq for PathMatch { diff --git a/policy-controller/grpc/Cargo.toml b/policy-controller/grpc/Cargo.toml index edc30ded5d9f7..690bfe3a7d643 100644 --- a/policy-controller/grpc/Cargo.toml +++ b/policy-controller/grpc/Cargo.toml @@ -11,6 +11,7 @@ async-trait = "0.1" http = "0.2" drain = "0.1" hyper = { version = "0.14", features = ["http2", "server", "tcp"] } +itertools = "^0.12" futures = { version = "0.3", default-features = false } linkerd-policy-controller-core = { path = "../core" } maplit = "1" @@ -23,4 +24,4 @@ serde_json = "1" [dependencies.linkerd2-proxy-api] version = "0.13" -features = ["inbound", "outbound"] +features = ["inbound", "outbound", "grpc-route"] diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index b7ab0c9436635..b6a8f67928d8e 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -1,5 +1,6 @@ use crate::{routes, workload}; use futures::prelude::*; +use itertools::Itertools; use linkerd2_proxy_api::{ self as api, destination, meta::{metadata, Metadata}, @@ -8,10 +9,11 @@ use linkerd2_proxy_api::{ outbound_policies_server::{OutboundPolicies, OutboundPoliciesServer}, }, }; +use linkerd_policy_controller_core::routes::HttpRouteMatch; use linkerd_policy_controller_core::{ outbound::{ - Backend, DiscoverOutboundPolicy, Filter, HttpRoute, HttpRouteRule, OutboundDiscoverTarget, - OutboundPolicy, OutboundPolicyStream, + Backend, DiscoverOutboundPolicy, Filter, OutboundDiscoverTarget, OutboundPolicy, + OutboundPolicyStream, OutboundRoute, OutboundRouteCollection, OutboundRouteRule, }, routes::GroupKindNamespaceName, }; @@ -190,7 +192,7 @@ fn response_stream(drain: drain::Watch, mut rx: OutboundPolicyStream) -> BoxWatc // If the server starts shutting down, close the stream so that it doesn't hold the // server open. - _ = (&mut shutdown) => { + _ = &mut shutdown => { return; } } @@ -202,80 +204,84 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy { let backend = default_backend(&outbound); let kind = if outbound.opaque { - linkerd2_proxy_api::outbound::proxy_protocol::Kind::Opaque( - outbound::proxy_protocol::Opaque { - routes: vec![default_outbound_opaq_route(backend)], - }, - ) + outbound::proxy_protocol::Kind::Opaque(outbound::proxy_protocol::Opaque { + routes: vec![default_outbound_opaq_route(backend)], + }) } else { - let mut http_routes = outbound.http_routes.into_iter().collect::>(); - http_routes.sort_by(|(a_name, a_route), (b_name, b_route)| { - let by_ts = match (&a_route.creation_timestamp, &b_route.creation_timestamp) { - (Some(a_ts), Some(b_ts)) => a_ts.cmp(b_ts), - (None, None) => std::cmp::Ordering::Equal, - // Routes with timestamps are preferred over routes without. - (Some(_), None) => return std::cmp::Ordering::Less, - (None, Some(_)) => return std::cmp::Ordering::Greater, - }; - by_ts.then_with(|| a_name.name.cmp(&b_name.name)) + let accrual = outbound.accrual.map(|accrual| outbound::FailureAccrual { + kind: Some(match accrual { + linkerd_policy_controller_core::outbound::FailureAccrual::Consecutive { + max_failures, + backoff, + } => outbound::failure_accrual::Kind::ConsecutiveFailures( + outbound::failure_accrual::ConsecutiveFailures { + max_failures, + backoff: Some(outbound::ExponentialBackoff { + min_backoff: convert_duration("min_backoff", backoff.min_penalty), + max_backoff: convert_duration("max_backoff", backoff.max_penalty), + jitter_ratio: backoff.jitter, + }), + }, + ), + }), }); - let mut http_routes: Vec<_> = http_routes - .into_iter() - .map(|(gknn, route)| convert_outbound_http_route(gknn, route, backend.clone())) - .collect(); + match outbound.routes { + None => { + let routes = vec![default_outbound_http_route(backend.clone())]; + + outbound::proxy_protocol::Kind::Detect(outbound::proxy_protocol::Detect { + timeout: Some( + time::Duration::from_secs(10) + .try_into() + .expect("failed to convert detect timeout to protobuf"), + ), + opaque: Some(outbound::proxy_protocol::Opaque { + routes: vec![default_outbound_opaq_route(backend)], + }), + http1: Some(outbound::proxy_protocol::Http1 { + routes: routes.clone(), + failure_accrual: accrual.clone(), + }), + http2: Some(outbound::proxy_protocol::Http2 { + routes, + failure_accrual: accrual, + }), + }) + } + Some(OutboundRouteCollection::Http(routes)) => { + let mut routes = routes + .into_iter() + .sorted_by(timestamp_then_name) + .map(|(gknn, route)| convert_outbound_http_route(gknn, route, backend.clone())) + .collect::>(); - if http_routes.is_empty() { - http_routes = vec![default_outbound_http_route(backend.clone())]; - } + if routes.is_empty() { + routes = vec![default_outbound_http_route(backend.clone())]; + } - let accrual = - outbound - .accrual - .map(|accrual| linkerd2_proxy_api::outbound::FailureAccrual { - kind: Some(match accrual { - linkerd_policy_controller_core::outbound::FailureAccrual::Consecutive { - max_failures, - backoff, - } => outbound::failure_accrual::Kind::ConsecutiveFailures( - outbound::failure_accrual::ConsecutiveFailures { - max_failures, - backoff: Some(outbound::ExponentialBackoff { - min_backoff: convert_duration( - "min_backoff", - backoff.min_penalty, - ), - max_backoff: convert_duration( - "max_backoff", - backoff.max_penalty, - ), - jitter_ratio: backoff.jitter, - }), - }, - ), + // TODO(the-wondersmith): determine what (if any) contracts + // would need to be updated if we return `Kind::Http` here + outbound::proxy_protocol::Kind::Detect(outbound::proxy_protocol::Detect { + timeout: Some( + time::Duration::from_secs(10) + .try_into() + .expect("failed to convert detect timeout to protobuf"), + ), + opaque: Some(outbound::proxy_protocol::Opaque { + routes: vec![default_outbound_opaq_route(backend)], }), - }); - - linkerd2_proxy_api::outbound::proxy_protocol::Kind::Detect( - outbound::proxy_protocol::Detect { - timeout: Some( - time::Duration::from_secs(10) - .try_into() - .expect("failed to convert detect timeout to protobuf"), - ), - opaque: Some(outbound::proxy_protocol::Opaque { - routes: vec![default_outbound_opaq_route(backend)], - }), - http1: Some(outbound::proxy_protocol::Http1 { - routes: http_routes.clone(), - failure_accrual: accrual.clone(), - }), - http2: Some(outbound::proxy_protocol::Http2 { - routes: http_routes, - failure_accrual: accrual, - }), - }, - ) + http1: Some(outbound::proxy_protocol::Http1 { + routes: routes.clone(), + failure_accrual: accrual.clone(), + }), + http2: Some(outbound::proxy_protocol::Http2 { + routes, + failure_accrual: accrual, + }), + }) + } + } }; let metadata = Metadata { @@ -295,13 +301,31 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy { } } +fn timestamp_then_name( + (left_id, left_route): &(GroupKindNamespaceName, OutboundRoute), + (right_id, right_route): &(GroupKindNamespaceName, OutboundRoute), +) -> std::cmp::Ordering { + let by_ts = match ( + &left_route.creation_timestamp, + &right_route.creation_timestamp, + ) { + (Some(left_ts), Some(right_ts)) => left_ts.cmp(right_ts), + (None, None) => std::cmp::Ordering::Equal, + // Routes with timestamps are preferred over routes without. + (Some(_), None) => return std::cmp::Ordering::Less, + (None, Some(_)) => return std::cmp::Ordering::Greater, + }; + + by_ts.then_with(|| left_id.name.cmp(&right_id.name)) +} + fn convert_outbound_http_route( gknn: GroupKindNamespaceName, - HttpRoute { + OutboundRoute { hostnames, rules, creation_timestamp: _, - }: HttpRoute, + }: OutboundRoute, backend: outbound::Backend, ) -> outbound::HttpRoute { let metadata = Some(Metadata { @@ -322,7 +346,7 @@ fn convert_outbound_http_route( let rules = rules .into_iter() .map( - |HttpRouteRule { + |OutboundRouteRule { matches, backends, request_timeout, @@ -356,7 +380,7 @@ fn convert_outbound_http_route( .map(routes::http::convert_match) .collect(), backends: Some(outbound::http_route::Distribution { kind: Some(dist) }), - filters: filters.into_iter().map(convert_filter).collect(), + filters: filters.into_iter().map(convert_to_http_filter).collect(), request_timeout: request_timeout .and_then(|d| convert_duration("request timeout", d)), } @@ -399,7 +423,11 @@ fn convert_http_backend( } Backend::Service(svc) => { if svc.exists { - let filters = svc.filters.into_iter().map(convert_filter).collect(); + let filters = svc + .filters + .into_iter() + .map(convert_to_http_filter) + .collect(); outbound::http_route::WeightedRouteBackend { weight: svc.weight, backend: Some(outbound::http_route::RouteBackend { @@ -595,7 +623,7 @@ fn convert_duration(name: &'static str, duration: time::Duration) -> Option outbound::http_route::Filter { +fn convert_to_http_filter(filter: Filter) -> outbound::http_route::Filter { use outbound::http_route::filter::Kind; outbound::http_route::Filter { @@ -607,6 +635,9 @@ fn convert_filter(filter: Filter) -> outbound::http_route::Filter { Kind::ResponseHeaderModifier(routes::convert_response_header_modifier_filter(f)) } Filter::RequestRedirect(f) => Kind::Redirect(routes::convert_redirect_filter(f)), + Filter::FailureInjector(f) => { + Kind::FailureInjector(routes::http::convert_failure_injector_filter(f)) + } }), } } diff --git a/policy-controller/k8s/index/Cargo.toml b/policy-controller/k8s/index/Cargo.toml index b024213c71c09..24e724e4be3b7 100644 --- a/policy-controller/k8s/index/Cargo.toml +++ b/policy-controller/k8s/index/Cargo.toml @@ -10,7 +10,6 @@ ahash = "0.8" anyhow = "1" futures = { version = "0.3", default-features = false } http = "0.2" -k8s-gateway-api = "0.15" kube = { version = "0.87.1", default-features = false, features = [ "client", "derive", diff --git a/policy-controller/k8s/index/src/inbound/authorization_policy.rs b/policy-controller/k8s/index/src/inbound/authorization_policy.rs index b0ed3b3bdf04a..0598c25fef784 100644 --- a/policy-controller/k8s/index/src/inbound/authorization_policy.rs +++ b/policy-controller/k8s/index/src/inbound/authorization_policy.rs @@ -1,7 +1,7 @@ use anyhow::Result; use linkerd_policy_controller_core::routes::GroupKindName; use linkerd_policy_controller_k8s_api::{ - self as k8s, + self as k8s, gateway as k8s_gateway_api, policy::{LocalTargetRef, NamespacedTargetRef}, ServiceAccount, }; diff --git a/policy-controller/k8s/index/src/inbound/http_route.rs b/policy-controller/k8s/index/src/inbound/http_route.rs index 37b521d1ee300..812e077b7ed46 100644 --- a/policy-controller/k8s/index/src/inbound/http_route.rs +++ b/policy-controller/k8s/index/src/inbound/http_route.rs @@ -1,12 +1,13 @@ -use crate::http_route; use ahash::AHashMap as HashMap; use anyhow::{bail, Error, Result}; use k8s_gateway_api as api; -use linkerd_policy_controller_core::inbound::{Filter, HttpRoute, HttpRouteRule}; -use linkerd_policy_controller_core::routes::{HttpRouteMatch, Method}; -use linkerd_policy_controller_core::POLICY_CONTROLLER_NAME; +use linkerd_policy_controller_core::{ + inbound::{Filter, HttpRoute, HttpRouteRule}, + routes::{HttpRouteMatch, Method}, + POLICY_CONTROLLER_NAME, +}; use linkerd_policy_controller_k8s_api::{ - self as k8s, gateway, + self as k8s, gateway, gateway as k8s_gateway_api, policy::{httproute as policy, Server}, }; use std::fmt; @@ -64,7 +65,7 @@ impl TryFrom for RouteBinding { .hostnames .into_iter() .flatten() - .map(http_route::host_match) + .map(crate::routes::http::host_match) .collect(); let rules = route @@ -110,7 +111,7 @@ impl TryFrom for RouteBinding { .hostnames .into_iter() .flatten() - .map(http_route::host_match) + .map(crate::routes::http::host_match) .collect(); let rules = route @@ -169,18 +170,18 @@ impl RouteBinding { method, }: api::HttpRouteMatch, ) -> Result { - let path = path.map(http_route::path_match).transpose()?; + let path = path.map(crate::routes::http::path_match).transpose()?; let headers = headers .into_iter() .flatten() - .map(http_route::header_match) + .map(crate::routes::http::header_match) .collect::>()?; let query_params = query_params .into_iter() .flatten() - .map(http_route::query_param_match) + .map(crate::routes::http::query_param_match) .collect::>()?; let method = method.as_deref().map(Method::try_from).transpose()?; @@ -218,19 +219,19 @@ impl RouteBinding { api::HttpRouteFilter::RequestHeaderModifier { request_header_modifier, } => { - let filter = http_route::header_modifier(request_header_modifier)?; + let filter = crate::routes::http::header_modifier(request_header_modifier)?; Filter::RequestHeaderModifier(filter) } api::HttpRouteFilter::ResponseHeaderModifier { response_header_modifier, } => { - let filter = http_route::header_modifier(response_header_modifier)?; + let filter = crate::routes::http::header_modifier(response_header_modifier)?; Filter::ResponseHeaderModifier(filter) } api::HttpRouteFilter::RequestRedirect { request_redirect } => { - let filter = http_route::req_redirect(request_redirect)?; + let filter = crate::routes::http::req_redirect(request_redirect)?; Filter::RequestRedirect(filter) } @@ -252,19 +253,19 @@ impl RouteBinding { policy::HttpRouteFilter::RequestHeaderModifier { request_header_modifier, } => { - let filter = http_route::header_modifier(request_header_modifier)?; + let filter = crate::routes::http::header_modifier(request_header_modifier)?; Filter::RequestHeaderModifier(filter) } policy::HttpRouteFilter::ResponseHeaderModifier { response_header_modifier, } => { - let filter = http_route::header_modifier(response_header_modifier)?; + let filter = crate::routes::http::header_modifier(response_header_modifier)?; Filter::ResponseHeaderModifier(filter) } policy::HttpRouteFilter::RequestRedirect { request_redirect } => { - let filter = http_route::req_redirect(request_redirect)?; + let filter = crate::routes::http::req_redirect(request_redirect)?; Filter::RequestRedirect(filter) } }; diff --git a/policy-controller/k8s/index/src/inbound/index.rs b/policy-controller/k8s/index/src/inbound/index.rs index d7771dff6dd55..e48cd651bb9a1 100644 --- a/policy-controller/k8s/index/src/inbound/index.rs +++ b/policy-controller/k8s/index/src/inbound/index.rs @@ -11,8 +11,8 @@ use super::{ server, server_authorization, workload, }; use crate::{ - http_route::{gkn_for_gateway_http_route, gkn_for_linkerd_http_route, gkn_for_resource}, ports::{PortHasher, PortMap, PortSet}, + routes::{ExplicitGKN, ImpliedGKN}, ClusterInfo, DefaultPolicy, }; use ahash::{AHashMap as HashMap, AHashSet as HashSet}; @@ -26,7 +26,8 @@ use linkerd_policy_controller_core::{ IdentityMatch, Ipv4Net, Ipv6Net, NetworkMatch, }; use linkerd_policy_controller_k8s_api::{ - self as k8s, policy::server::Port, policy::server::Selector, ResourceExt, + self as k8s, gateway as k8s_gateway_api, policy::server::Port, policy::server::Selector, + ResourceExt, }; use parking_lot::RwLock; use std::{ @@ -271,7 +272,7 @@ impl Index { { let ns = route.namespace().expect("HttpRoute must have a namespace"); let name = route.name_unchecked(); - let gkn = gkn_for_resource(&route); + let gkn = route.gkn(); let _span = info_span!("apply", %ns, %name).entered(); let route_binding = match route.try_into() { @@ -300,7 +301,7 @@ impl Index { for route in routes.into_iter() { let namespace = route.namespace().expect("HttpRoute must be namespaced"); let name = route.name_unchecked(); - let gkn = gkn_for_resource(&route); + let gkn = route.gkn(); let route_binding = match route.try_into() { Ok(binding) => binding, Err(error) => { @@ -853,7 +854,7 @@ impl kubert::index::IndexNamespacedResource for Index { } fn delete(&mut self, ns: String, name: String) { - let gkn = gkn_for_linkerd_http_route(name); + let gkn = name.gkn::(); self.delete_route(ns, gkn) } @@ -872,7 +873,7 @@ impl kubert::index::IndexNamespacedResource for Inde } fn delete(&mut self, ns: String, name: String) { - let gkn = gkn_for_gateway_http_route(name); + let gkn = name.gkn::(); self.delete_route(ns, gkn) } diff --git a/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs b/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs index 42a3554d106ff..00c289ea64995 100644 --- a/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs +++ b/policy-controller/k8s/index/src/inbound/tests/authorization_policy.rs @@ -1,6 +1,7 @@ use super::*; use k8s_openapi::apimachinery::pkg::apis::meta::v1 as metav1; use linkerd_policy_controller_core::{inbound, routes}; +use linkerd_policy_controller_k8s_api::gateway as k8s_gateway_api; #[test] fn links_authorization_policy_with_mtls_name() { @@ -329,12 +330,12 @@ fn authorization_policy_prevents_index_deletion() { test.index.write().apply(net_authn.clone()); // Now we delete the server, and HTTPRoute. - >::delete( + >::delete( &mut test.index.write(), "ns-0".to_string(), "srv-8080".to_string(), ); - >::delete( + >::delete( &mut test.index.write(), "ns-0".to_string(), "route-foo".to_string(), diff --git a/policy-controller/k8s/index/src/inbound/tests/http_routes.rs b/policy-controller/k8s/index/src/inbound/tests/http_routes.rs index 95bd6c686d66c..f34b92af47244 100644 --- a/policy-controller/k8s/index/src/inbound/tests/http_routes.rs +++ b/policy-controller/k8s/index/src/inbound/tests/http_routes.rs @@ -1,9 +1,10 @@ use super::*; -use crate::http_route::gkn_for_linkerd_http_route; +use crate::routes::ExplicitGKN; use linkerd_policy_controller_core::{ routes::{HttpRouteMatch, Method, PathMatch}, POLICY_CONTROLLER_NAME, }; +use linkerd_policy_controller_k8s_api::policy; const POLICY_API_GROUP: &str = "policy.linkerd.io"; @@ -55,9 +56,9 @@ fn route_attaches_to_server() { assert!(rx .borrow_and_update() .http_routes - .contains_key(&HttpRouteRef::Linkerd(gkn_for_linkerd_http_route( - "route-foo".to_string() - )))); + .contains_key(&HttpRouteRef::Linkerd( + "route-foo".gkn::() + ))); // Create authz policy. test.index.write().apply(mk_authorization_policy( @@ -74,7 +75,7 @@ fn route_attaches_to_server() { assert!(rx.has_changed().unwrap()); assert!(rx.borrow().http_routes - [&HttpRouteRef::Linkerd(gkn_for_linkerd_http_route("route-foo".to_string()))] + [&HttpRouteRef::Linkerd("route-foo".gkn::())] .authorizations .contains_key(&AuthorizationRef::AuthorizationPolicy( "authz-foo".to_string() diff --git a/policy-controller/k8s/index/src/lib.rs b/policy-controller/k8s/index/src/lib.rs index fae5f8132cc2a..6a87177871eca 100644 --- a/policy-controller/k8s/index/src/lib.rs +++ b/policy-controller/k8s/index/src/lib.rs @@ -7,7 +7,7 @@ //! objects. //! - Each `Server` selects over pods in the same namespace. //! - Each `ServerAuthorization` selects over `Server` instances in the same namespace. When a -//! `ServerAuthorization` is updated, we find all of the `Server` instances it selects and update +//! `ServerAuthorization` is updated, we find all the `Server` instances it selects and update //! their authorizations and publishes these updates on the server's broadcast channel. //! //! ```text @@ -25,10 +25,10 @@ mod cluster_info; mod defaults; -pub mod http_route; pub mod inbound; pub mod outbound; pub mod ports; +pub mod routes; pub use cluster_info::ClusterInfo; pub use defaults::DefaultPolicy; diff --git a/policy-controller/k8s/index/src/outbound/index.rs b/policy-controller/k8s/index/src/outbound/index.rs index 0f14bb229a688..7047274074eea 100644 --- a/policy-controller/k8s/index/src/outbound/index.rs +++ b/policy-controller/k8s/index/src/outbound/index.rs @@ -1,19 +1,21 @@ use crate::{ - http_route::{self, gkn_for_gateway_http_route, gkn_for_linkerd_http_route, HttpRouteResource}, ports::{ports_annotation, PortSet}, + routes::{self, ExplicitGKN, RouteResource}, ClusterInfo, }; use ahash::AHashMap as HashMap; use anyhow::{bail, ensure, Result}; -use k8s_gateway_api::{BackendObjectReference, HttpBackendRef, ParentReference}; use linkerd_policy_controller_core::{ outbound::{ - Backend, Backoff, FailureAccrual, Filter, HttpRoute, HttpRouteRule, OutboundPolicy, - WeightedService, + Backend, Backoff, FailureAccrual, Filter, OutboundPolicy, OutboundRoute, + OutboundRouteCollection, OutboundRouteRule, TypedOutboundRoute, WeightedService, }, - routes::GroupKindNamespaceName, + routes::{GroupKindNamespaceName, HttpRouteMatch}, +}; +use linkerd_policy_controller_k8s_api::{ + gateway::{self as k8s_gateway_api, BackendObjectReference, HttpBackendRef, ParentReference}, + policy as linkerd_k8s_api, ResourceExt, Service, Time, }; -use linkerd_policy_controller_k8s_api::{policy as api, ResourceExt, Service, Time}; use parking_lot::RwLock; use std::{hash::Hash, net::IpAddr, num::NonZeroU16, sync::Arc, time}; use tokio::sync::watch; @@ -50,7 +52,7 @@ struct Namespace { service_port_routes: HashMap, /// Stores the route resources (by service name) that do not /// explicitly target a port. - service_routes: HashMap>, + service_routes: HashMap, namespace: Arc, } @@ -81,17 +83,26 @@ struct ServiceRoutes { struct RoutesWatch { opaque: bool, accrual: Option, - routes: HashMap, + routes: Option, watch: watch::Sender, } -impl kubert::index::IndexNamespacedResource for Index { - fn apply(&mut self, route: api::HttpRoute) { - self.apply(HttpRouteResource::Linkerd(route)) +#[inline] +fn default_collection_for(route: &TypedOutboundRoute) -> OutboundRouteCollection { + match route { + TypedOutboundRoute::Http(_) => OutboundRouteCollection::Http(Default::default()), + } +} + +impl kubert::index::IndexNamespacedResource for Index { + fn apply(&mut self, route: linkerd_k8s_api::HttpRoute) { + self.apply(RouteResource::LinkerdHttp(route)) } fn delete(&mut self, namespace: String, name: String) { - let gknn = gkn_for_linkerd_http_route(name).namespaced(namespace); + let gknn = name + .gkn::() + .namespaced(namespace); tracing::debug!(?gknn, "deleting route"); for ns_index in self.namespaces.by_ns.values_mut() { ns_index.delete(&gknn); @@ -101,12 +112,13 @@ impl kubert::index::IndexNamespacedResource for Index { impl kubert::index::IndexNamespacedResource for Index { fn apply(&mut self, route: k8s_gateway_api::HttpRoute) { - self.apply(HttpRouteResource::Gateway(route)) + self.apply(RouteResource::GatewayHttp(route)) } fn delete(&mut self, namespace: String, name: String) { - let gknn = gkn_for_gateway_http_route(name).namespaced(namespace); - tracing::debug!(?gknn, "deleting route"); + let gknn = name + .gkn::() + .namespaced(namespace); for ns_index in self.namespaces.by_ns.values_mut() { ns_index.delete(&gknn); } @@ -209,18 +221,23 @@ impl Index { .by_ns .entry(service_namespace.clone()) .or_insert_with(|| Namespace { + namespace: Arc::new(service_namespace.to_string()), service_routes: Default::default(), service_port_routes: Default::default(), - namespace: Arc::new(service_namespace.to_string()), }); + let key = ServicePort { service: service_name, port: service_port, }; + tracing::debug!(?key, "subscribing to service port"); + let routes = ns.service_routes_or_default(key, &self.namespaces.cluster_info, &self.service_info); + let watch = routes.watch_for_ns_or_default(source_namespace); + Ok(watch.watch.subscribe()) } @@ -228,27 +245,30 @@ impl Index { self.services_by_ip.get(&addr).cloned() } - fn apply(&mut self, route: HttpRouteResource) { + fn apply(&mut self, route: RouteResource) { tracing::debug!(name = route.name(), "indexing route"); for parent_ref in route.inner().parent_refs.iter().flatten() { if !is_parent_service(parent_ref) { continue; } + if !route_accepted_by_service(route.status(), &parent_ref.name) { continue; } + let ns = parent_ref .namespace .clone() .unwrap_or_else(|| route.namespace()); + self.namespaces .by_ns .entry(ns.clone()) .or_insert_with(|| Namespace { + namespace: Arc::new(ns), service_routes: Default::default(), service_port_routes: Default::default(), - namespace: Arc::new(ns), }) .apply( route.clone(), @@ -269,34 +289,40 @@ impl Index { impl Namespace { fn apply( &mut self, - route: HttpRouteResource, + route: RouteResource, parent_ref: &ParentReference, cluster_info: &ClusterInfo, service_info: &HashMap, ) { tracing::debug!(?route); + let outbound_route = match self.convert_route(route.clone(), cluster_info, service_info) { Ok(route) => route, Err(error) => { - tracing::error!(%error, "failed to convert HttpRoute"); + tracing::error!(%error, "failed to convert route"); return; } }; + tracing::debug!(?outbound_route); let port = parent_ref.port.and_then(NonZeroU16::new); + if let Some(port) = port { let service_port = ServicePort { port, service: parent_ref.name.clone(), }; + tracing::debug!( ?service_port, route = route.name(), "inserting route for service" ); + let service_routes = self.service_routes_or_default(service_port, cluster_info, service_info); + service_routes.apply(route.gknn(), outbound_route); } else { // If the parent_ref doesn't include a port, apply this route @@ -308,42 +334,56 @@ impl Namespace { } }, ); + // Also add the route to the list of routes that target the // Service without specifying a port. self.service_routes .entry(parent_ref.name.clone()) - .or_default() - .insert(route.gknn(), outbound_route); + .or_insert_with(|| default_collection_for(&outbound_route)) + .insert(route.gknn(), outbound_route) + .map_err(|error| tracing::warn!(?error)) + .transpose(); } } fn reindex_services(&mut self, service_info: &HashMap) { + let update_service = |backend: &mut Backend| { + if let Backend::Service(svc) = backend { + let service_ref = ServiceRef { + name: svc.name.clone(), + namespace: svc.namespace.clone(), + }; + svc.exists = service_info.contains_key(&service_ref); + } + }; + for routes in self.service_port_routes.values_mut() { - for routes in routes.watches_by_ns.values_mut() { - for route in routes.routes.values_mut() { - for rule in route.rules.iter_mut() { - for backend in rule.backends.iter_mut() { - if let Backend::Service(svc) = backend { - let service_ref = ServiceRef { - name: svc.name.clone(), - namespace: svc.namespace.clone(), - }; - svc.exists = service_info.contains_key(&service_ref); - } + for watch in routes.watches_by_ns.values_mut() { + if let Some(collection) = watch.routes.as_mut() { + match collection { + OutboundRouteCollection::Http(routes) => { + routes + .values_mut() + .flat_map(|route| route.rules.iter_mut()) + .flat_map(|rule| rule.backends.iter_mut()) + .for_each(update_service); } } + + watch.send_if_modified(); } - routes.send_if_modified(); } } } fn update_service(&mut self, name: String, service: &ServiceInfo) { tracing::debug!(?name, ?service, "updating service"); + for (svc_port, svc_routes) in self.service_port_routes.iter_mut() { if svc_port.service != name { continue; } + let opaque = service.opaque_ports.contains(&svc_port.port); svc_routes.update_service(opaque, service.accrual); @@ -354,9 +394,11 @@ impl Namespace { for service in self.service_port_routes.values_mut() { service.delete(gknn); } - for routes in self.service_routes.values_mut() { + + self.service_routes.retain(|_, routes| { routes.remove(gknn); - } + !routes.is_empty() + }); } fn service_routes_or_default( @@ -370,57 +412,38 @@ impl Namespace { .or_insert_with(|| { let authority = cluster.service_dns_authority(&self.namespace, &sp.service, sp.port); + let service_ref = ServiceRef { name: sp.service.clone(), namespace: self.namespace.to_string(), }; + let (opaque, accrual) = match service_info.get(&service_ref) { Some(svc) => (svc.opaque_ports.contains(&sp.port), svc.accrual), None => (false, None), }; - // The HttpRoutes which target this Service but don't specify - // a port apply to all ports. Therefore we include them. - let routes = self - .service_routes - .get(&sp.service) - .cloned() - .unwrap_or_default(); + // The routes which target this Service but don't specify + // a port apply to all ports. Therefore, we include them. + let routes = self.service_routes.get(&sp.service).cloned(); let mut service_routes = ServiceRoutes { opaque, accrual, authority, - namespace: self.namespace.clone(), - name: sp.service, port: sp.port, + name: sp.service, + namespace: self.namespace.clone(), watches_by_ns: Default::default(), }; - // Producer routes are routes in the same namespace as their - // parent service. Consumer routes are routes in other - // namespaces. - let (producer_routes, consumer_routes): (Vec<_>, Vec<_>) = routes - .into_iter() - .partition(|(gknn, _route)| *gknn.namespace == *self.namespace); - for (gknn, route) in consumer_routes { - // Consumer routes should only apply to watches from the - // consumer namespace. - let watch = service_routes.watch_for_ns_or_default(gknn.namespace.to_string()); - watch.routes.insert(gknn, route); - } - for (gknn, route) in producer_routes { - // Insert the route into the producer namespace. - let watch = service_routes.watch_for_ns_or_default(gknn.namespace.to_string()); - watch.routes.insert(gknn.clone(), route.clone()); - // Producer routes apply to clients in all namespaces, so - // apply it to watches for all other namespaces too. - for (ns, watch) in service_routes.watches_by_ns.iter_mut() { - if ns != &gknn.namespace { - watch.routes.insert(gknn.clone(), route.clone()); - } + match routes { + None => {} + Some(OutboundRouteCollection::Http(routes)) => { + service_routes + .insert_producer_and_consumer_routes(routes, self.namespace.as_str()); } - } + }; service_routes }) @@ -428,18 +451,18 @@ impl Namespace { fn convert_route( &self, - route: HttpRouteResource, + route: RouteResource, cluster: &ClusterInfo, service_info: &HashMap, - ) -> Result { + ) -> Result { match route { - HttpRouteResource::Linkerd(route) => { + RouteResource::LinkerdHttp(route) => { let hostnames = route .spec .hostnames .into_iter() .flatten() - .map(http_route::host_match) + .map(routes::http::host_match) .collect(); let rules = route @@ -452,19 +475,19 @@ impl Namespace { let creation_timestamp = route.metadata.creation_timestamp.map(|Time(t)| t); - Ok(HttpRoute { + Ok(TypedOutboundRoute::Http(OutboundRoute { hostnames, rules, creation_timestamp, - }) + })) } - HttpRouteResource::Gateway(route) => { + RouteResource::GatewayHttp(route) => { let hostnames = route .spec .hostnames .into_iter() .flatten() - .map(http_route::host_match) + .map(routes::http::host_match) .collect(); let rules = route @@ -472,31 +495,31 @@ impl Namespace { .rules .into_iter() .flatten() - .map(|r| self.convert_gateway_rule(r, cluster, service_info)) + .map(|r| self.convert_gateway_http_rule(r, cluster, service_info)) .collect::>()?; let creation_timestamp = route.metadata.creation_timestamp.map(|Time(t)| t); - Ok(HttpRoute { + Ok(TypedOutboundRoute::Http(OutboundRoute { hostnames, rules, creation_timestamp, - }) + })) } } } fn convert_linkerd_rule( &self, - rule: api::httproute::HttpRouteRule, + rule: linkerd_k8s_api::httproute::HttpRouteRule, cluster: &ClusterInfo, service_info: &HashMap, - ) -> Result { + ) -> Result> { let matches = rule .matches .into_iter() .flatten() - .map(http_route::try_match) + .map(routes::http::try_match) .collect::>()?; let backends = rule @@ -524,21 +547,20 @@ impl Namespace { Some(timeout) }); - let backend_request_timeout = - rule.timeouts - .as_ref() - .and_then(|timeouts: &api::httproute::HttpRouteTimeouts| { - let timeout = time::Duration::from(timeouts.backend_request?); + let backend_request_timeout = rule.timeouts.as_ref().and_then( + |timeouts: &linkerd_k8s_api::httproute::HttpRouteTimeouts| { + let timeout = time::Duration::from(timeouts.backend_request?); - // zero means "no timeout", per GEP-1742 - if timeout == time::Duration::from_nanos(0) { - return None; - } + // zero means "no timeout", per GEP-1742 + if timeout == time::Duration::from_nanos(0) { + return None; + } - Some(timeout) - }); + Some(timeout) + }, + ); - Ok(HttpRouteRule { + Ok(OutboundRouteRule { matches, backends, request_timeout, @@ -547,17 +569,17 @@ impl Namespace { }) } - fn convert_gateway_rule( + fn convert_gateway_http_rule( &self, rule: k8s_gateway_api::HttpRouteRule, cluster: &ClusterInfo, service_info: &HashMap, - ) -> Result { + ) -> Result> { let matches = rule .matches .into_iter() .flatten() - .map(http_route::try_match) + .map(routes::http::try_match) .collect::>()?; let backends = rule @@ -574,7 +596,7 @@ impl Namespace { .map(convert_gateway_filter) .collect::>()?; - Ok(HttpRouteRule { + Ok(OutboundRouteRule { matches, backends, request_timeout: None, @@ -584,12 +606,13 @@ impl Namespace { } } -fn convert_backend( +fn convert_backend>( ns: &str, - backend: HttpBackendRef, + backend: BackendRef, cluster: &ClusterInfo, services: &HashMap, ) -> Option { + let backend = backend.into(); let filters = backend.filters; let backend = backend.backend_ref?; if !is_backend_service(&backend.inner) { @@ -653,48 +676,51 @@ fn convert_backend( })) } -fn convert_linkerd_filter(filter: api::httproute::HttpRouteFilter) -> Result { +fn convert_linkerd_filter(filter: linkerd_k8s_api::httproute::HttpRouteFilter) -> Result { let filter = match filter { - api::httproute::HttpRouteFilter::RequestHeaderModifier { + linkerd_k8s_api::httproute::HttpRouteFilter::RequestHeaderModifier { request_header_modifier, } => { - let filter = http_route::header_modifier(request_header_modifier)?; + let filter = routes::http::header_modifier(request_header_modifier)?; Filter::RequestHeaderModifier(filter) } - api::httproute::HttpRouteFilter::ResponseHeaderModifier { + linkerd_k8s_api::httproute::HttpRouteFilter::ResponseHeaderModifier { response_header_modifier, } => { - let filter = http_route::header_modifier(response_header_modifier)?; + let filter = routes::http::header_modifier(response_header_modifier)?; Filter::RequestHeaderModifier(filter) } - api::httproute::HttpRouteFilter::RequestRedirect { request_redirect } => { - let filter = http_route::req_redirect(request_redirect)?; + linkerd_k8s_api::httproute::HttpRouteFilter::RequestRedirect { request_redirect } => { + let filter = routes::http::req_redirect(request_redirect)?; Filter::RequestRedirect(filter) } }; Ok(filter) } -fn convert_gateway_filter(filter: k8s_gateway_api::HttpRouteFilter) -> Result { +fn convert_gateway_filter>( + filter: RouteFilter, +) -> Result { + let filter = filter.into(); let filter = match filter { k8s_gateway_api::HttpRouteFilter::RequestHeaderModifier { request_header_modifier, } => { - let filter = http_route::header_modifier(request_header_modifier)?; + let filter = routes::http::header_modifier(request_header_modifier)?; Filter::RequestHeaderModifier(filter) } k8s_gateway_api::HttpRouteFilter::ResponseHeaderModifier { response_header_modifier, } => { - let filter = http_route::header_modifier(response_header_modifier)?; + let filter = routes::http::header_modifier(response_header_modifier)?; Filter::ResponseHeaderModifier(filter) } k8s_gateway_api::HttpRouteFilter::RequestRedirect { request_redirect } => { - let filter = http_route::req_redirect(request_redirect)?; + let filter = routes::http::req_redirect(request_redirect)?; Filter::RequestRedirect(filter) } k8s_gateway_api::HttpRouteFilter::RequestMirror { .. } => { @@ -760,51 +786,52 @@ fn is_service(group: Option<&str>, kind: &str) -> bool { impl ServiceRoutes { fn watch_for_ns_or_default(&mut self, namespace: String) -> &mut RoutesWatch { // The routes from the producer namespace apply to watches in all - // namespaces so we copy them. + // namespaces, so we copy them. let routes = self .watches_by_ns .get(self.namespace.as_ref()) - .map(|watch| watch.routes.clone()) - .unwrap_or_default(); + .and_then(|watch| watch.routes.clone()); + self.watches_by_ns.entry(namespace).or_insert_with(|| { let (sender, _) = watch::channel(OutboundPolicy { - http_routes: routes.clone(), - authority: self.authority.clone(), - name: self.name.to_string(), - namespace: self.namespace.to_string(), port: self.port, opaque: self.opaque, accrual: self.accrual, + routes: routes.clone(), + name: self.name.to_string(), + authority: self.authority.clone(), + namespace: self.namespace.to_string(), }); + RoutesWatch { - opaque: self.opaque, - accrual: self.accrual, routes, watch: sender, + opaque: self.opaque, + accrual: self.accrual, } }) } - fn apply(&mut self, gknn: GroupKindNamespaceName, route: HttpRoute) { + fn apply(&mut self, gknn: GroupKindNamespaceName, route: TypedOutboundRoute) { if *gknn.namespace == *self.namespace { // This is a producer namespace route. let watch = self.watch_for_ns_or_default(gknn.namespace.to_string()); - watch.routes.insert(gknn.clone(), route.clone()); - watch.send_if_modified(); + + watch.insert_route(gknn.clone(), route.clone()); + // Producer routes apply to clients in all namespaces, so // apply it to watches for all other namespaces too. - for (ns, watch) in self.watches_by_ns.iter_mut() { - if ns != &gknn.namespace { - watch.routes.insert(gknn.clone(), route.clone()); - watch.send_if_modified(); - } - } + self.watches_by_ns + .iter_mut() + .filter(|(ns, _)| ns != &gknn.namespace.as_ref()) + .for_each(|(_, ns_watch)| { + ns_watch.insert_route(gknn.clone(), route.clone()); + }); } else { // This is a consumer namespace route and should only apply to // watches from that namespace. let watch = self.watch_for_ns_or_default(gknn.namespace.to_string()); - watch.routes.insert(gknn, route); - watch.send_if_modified(); + watch.insert_route(gknn, route); } } @@ -819,9 +846,45 @@ impl ServiceRoutes { } fn delete(&mut self, gknn: &GroupKindNamespaceName) { - for watch in self.watches_by_ns.values_mut() { - watch.routes.remove(gknn); - watch.send_if_modified(); + self.watches_by_ns.values_mut().for_each(|watch| { + watch.remove_route(gknn); + }); + } + + fn insert_producer_and_consumer_routes>( + &mut self, + routes: HashMap, + namespace: &str, + ) { + // Producer routes are routes in the same namespace as + // their parent service. Consumer routes are routes in + // other namespaces. + let (producer_routes, consumer_routes): (Vec<_>, Vec<_>) = routes + .into_iter() + .partition(|(gknn, _)| gknn.namespace.as_ref() == namespace); + + for (consumer_gknn, consumer_route) in consumer_routes { + // Consumer routes should only apply to watches from the + // consumer namespace. + let consumer_watch = self.watch_for_ns_or_default(consumer_gknn.namespace.to_string()); + + consumer_watch.insert_route(consumer_gknn.clone(), consumer_route.clone()); + } + + for (producer_gknn, producer_route) in producer_routes { + // Insert the route into the producer namespace. + let producer_watch = self.watch_for_ns_or_default(producer_gknn.namespace.to_string()); + + producer_watch.insert_route(producer_gknn.clone(), producer_route.clone()); + + // Producer routes apply to clients in all namespaces, so + // apply it to watches for all other namespaces too. + self.watches_by_ns + .iter_mut() + .filter(|(namespace, _)| namespace.as_str() != producer_gknn.namespace.as_ref()) + .for_each(|(_, watch)| { + watch.insert_route(producer_gknn.clone(), producer_route.clone()) + }); } } } @@ -830,21 +893,63 @@ impl RoutesWatch { fn send_if_modified(&mut self) { self.watch.send_if_modified(|policy| { let mut modified = false; - if self.routes != policy.http_routes { - policy.http_routes = self.routes.clone(); + + if self.routes != policy.routes { + policy.routes = self.routes.clone(); modified = true; } + if self.opaque != policy.opaque { policy.opaque = self.opaque; modified = true; } + if self.accrual != policy.accrual { policy.accrual = self.accrual; modified = true; } + modified }); } + + fn insert_route>( + &mut self, + gknn: GroupKindNamespaceName, + route: Route, + ) { + match &mut self.routes { + Some(routes) => { + routes + .insert(gknn, route) + .map_err(|error| tracing::warn!(?error)) + .transpose(); + } + None => { + let route = route.into(); + let mut routes = default_collection_for(&route); + routes + .insert(gknn, route) + .map_err(|error| tracing::warn!(?error)) + .transpose(); + self.routes = Some(routes); + } + }; + + self.send_if_modified(); + } + + fn remove_route(&mut self, gknn: &GroupKindNamespaceName) { + if let Some(routes) = &mut self.routes { + routes.remove(gknn); + + if routes.is_empty() { + self.routes = None; + } + } + + self.send_if_modified(); + } } fn parse_accrual_config( @@ -917,7 +1022,7 @@ fn parse_duration(s: &str) -> Result { "m" => 1000 * 60, "h" => 1000 * 60 * 60, "d" => 1000 * 60 * 60 * 24, - _ => anyhow::bail!( + _ => bail!( "invalid duration unit {} (expected one of 'ms', 's', 'm', 'h', or 'd')", unit ), diff --git a/policy-controller/k8s/index/src/outbound/tests.rs b/policy-controller/k8s/index/src/outbound/tests.rs index 28f8a096bc0e0..552eaf05d1be4 100644 --- a/policy-controller/k8s/index/src/outbound/tests.rs +++ b/policy-controller/k8s/index/src/outbound/tests.rs @@ -10,7 +10,7 @@ use linkerd_policy_controller_core::IpNet; use linkerd_policy_controller_k8s_api::{self as k8s}; use tokio::time; -mod http_routes; +mod routes; struct TestConfig { index: SharedIndex, diff --git a/policy-controller/k8s/index/src/outbound/tests/routes.rs b/policy-controller/k8s/index/src/outbound/tests/routes.rs new file mode 100644 index 0000000000000..8074a0f70766b --- /dev/null +++ b/policy-controller/k8s/index/src/outbound/tests/routes.rs @@ -0,0 +1 @@ +mod http; diff --git a/policy-controller/k8s/index/src/outbound/tests/http_routes.rs b/policy-controller/k8s/index/src/outbound/tests/routes/http.rs similarity index 85% rename from policy-controller/k8s/index/src/outbound/tests/http_routes.rs rename to policy-controller/k8s/index/src/outbound/tests/routes/http.rs index bc9cd76bf46f8..1c7f1304ad078 100644 --- a/policy-controller/k8s/index/src/outbound/tests/http_routes.rs +++ b/policy-controller/k8s/index/src/outbound/tests/routes/http.rs @@ -1,21 +1,23 @@ -use k8s_gateway_api::BackendRef; use kube::Resource; use linkerd_policy_controller_core::{ - outbound::{Backend, WeightedService}, + outbound::{Backend, OutboundRouteCollection, WeightedService}, routes::GroupKindNamespaceName, POLICY_CONTROLLER_NAME, }; +use linkerd_policy_controller_k8s_api::gateway::BackendRef; use tracing::Level; -use super::*; +use super::super::*; #[test] fn backend_service() { tracing_subscriber::fmt() .with_max_level(Level::TRACE) - .init(); + .try_init() + .ok(); let test = TestConfig::default(); + // Create apex service. let apex = mk_service("ns", "apex", 8080); test.index.write().apply(apex); @@ -38,7 +40,12 @@ fn backend_service() { { let policy = rx.borrow_and_update(); let backend = policy - .http_routes + .routes + .as_ref() + .map(|routes| match routes { + OutboundRouteCollection::Http(routes) => routes, + }) + .unwrap() .get(&GroupKindNamespaceName { group: k8s::policy::HttpRoute::group(&()), kind: k8s::policy::HttpRoute::kind(&()), @@ -52,10 +59,13 @@ fn backend_service() { .backends .first() .expect("backend should exist"); + let exists = match backend { + Backend::Invalid { .. } => &false, Backend::Service(WeightedService { exists, .. }) => exists, - _ => panic!("backend should be a service"), + _ => panic!("backend should be a service, but got {backend:?}"), }; + // Backend should not exist. assert!(!exists); } @@ -68,7 +78,12 @@ fn backend_service() { { let policy = rx.borrow_and_update(); let backend = policy - .http_routes + .routes + .as_ref() + .map(|routes| match routes { + OutboundRouteCollection::Http(routes) => routes, + }) + .unwrap() .get(&GroupKindNamespaceName { group: k8s::policy::HttpRoute::group(&()), kind: k8s::policy::HttpRoute::kind(&()), @@ -82,10 +97,12 @@ fn backend_service() { .backends .first() .expect("backend should exist"); + let exists = match backend { Backend::Service(WeightedService { exists, .. }) => exists, - _ => panic!("backend should be a service"), + backend => panic!("backend should be a service, but got {:?}", backend), }; + // Backend should exist. assert!(exists); } @@ -146,8 +163,8 @@ fn mk_route( timeouts: None, }]), }, - status: Some(k8s::policy::httproute::HttpRouteStatus { - inner: k8s::gateway::RouteStatus { + status: Some(HttpRouteStatus { + inner: RouteStatus { parents: vec![k8s::gateway::RouteParentStatus { parent_ref: ParentReference { group: Some("core".to_string()), @@ -159,7 +176,7 @@ fn mk_route( }, controller_name: POLICY_CONTROLLER_NAME.to_string(), conditions: vec![k8s::Condition { - last_transition_time: k8s::Time(chrono::DateTime::::MIN_UTC), + last_transition_time: Time(chrono::DateTime::::MIN_UTC), message: "".to_string(), observed_generation: None, reason: "Accepted".to_string(), diff --git a/policy-controller/k8s/index/src/routes.rs b/policy-controller/k8s/index/src/routes.rs new file mode 100644 index 0000000000000..1c9d07ad7227b --- /dev/null +++ b/policy-controller/k8s/index/src/routes.rs @@ -0,0 +1,82 @@ +use linkerd_policy_controller_core::routes::{GroupKindName, GroupKindNamespaceName}; +use linkerd_policy_controller_k8s_api::{gateway as api, policy, Resource, ResourceExt}; + +pub mod http; + +#[derive(Debug, Clone)] +pub(crate) enum RouteResource { + LinkerdHttp(policy::HttpRoute), + GatewayHttp(api::HttpRoute), +} + +impl RouteResource { + pub(crate) fn name(&self) -> String { + match self { + RouteResource::LinkerdHttp(route) => route.name_unchecked(), + RouteResource::GatewayHttp(route) => route.name_unchecked(), + } + } + + pub(crate) fn namespace(&self) -> String { + match self { + RouteResource::LinkerdHttp(route) => { + route.namespace().expect("HttpRoute must have a namespace") + } + RouteResource::GatewayHttp(route) => { + route.namespace().expect("HttpRoute must have a namespace") + } + } + } + + pub(crate) fn inner(&self) -> &api::CommonRouteSpec { + match self { + RouteResource::LinkerdHttp(route) => &route.spec.inner, + RouteResource::GatewayHttp(route) => &route.spec.inner, + } + } + + pub(crate) fn status(&self) -> Option<&api::RouteStatus> { + match self { + RouteResource::LinkerdHttp(route) => route.status.as_ref().map(|status| &status.inner), + RouteResource::GatewayHttp(route) => route.status.as_ref().map(|status| &status.inner), + } + } + + pub(crate) fn gknn(&self) -> GroupKindNamespaceName { + match self { + RouteResource::LinkerdHttp(route) => route + .gkn() + .namespaced(route.namespace().expect("Route must have namespace")), + RouteResource::GatewayHttp(route) => route + .gkn() + .namespaced(route.namespace().expect("Route must have namespace")), + } + } +} + +pub trait ExplicitGKN { + fn gkn>(&self) -> GroupKindName; +} +pub trait ImpliedGKN { + fn gkn(&self) -> GroupKindName; +} + +impl> ImpliedGKN for R { + fn gkn(&self) -> GroupKindName { + let (kind, group, name) = ( + Self::kind(&()), + Self::group(&()), + self.name_unchecked().into(), + ); + + GroupKindName { group, kind, name } + } +} + +impl ExplicitGKN for str { + fn gkn>(&self) -> GroupKindName { + let (kind, group, name) = (R::kind(&()), R::group(&()), self.to_string().into()); + + GroupKindName { group, kind, name } + } +} diff --git a/policy-controller/k8s/index/src/http_route.rs b/policy-controller/k8s/index/src/routes/http.rs similarity index 58% rename from policy-controller/k8s/index/src/http_route.rs rename to policy-controller/k8s/index/src/routes/http.rs index 199d6e5617a16..d01839f6f566a 100644 --- a/policy-controller/k8s/index/src/http_route.rs +++ b/policy-controller/k8s/index/src/routes/http.rs @@ -1,59 +1,8 @@ use anyhow::{anyhow, bail, Result}; -use k8s_gateway_api as api; -use kube::{Resource, ResourceExt}; -use linkerd_policy_controller_core::routes::{self, GroupKindName, GroupKindNamespaceName}; -use linkerd_policy_controller_k8s_api::policy; +use linkerd_policy_controller_core::routes; +use linkerd_policy_controller_k8s_api::gateway as api; use std::num::NonZeroU16; -#[derive(Debug, Clone)] -pub(crate) enum HttpRouteResource { - Linkerd(linkerd_policy_controller_k8s_api::policy::HttpRoute), - Gateway(api::HttpRoute), -} - -impl HttpRouteResource { - pub(crate) fn name(&self) -> String { - match self { - HttpRouteResource::Linkerd(route) => route.name_unchecked(), - HttpRouteResource::Gateway(route) => route.name_unchecked(), - } - } - - pub(crate) fn namespace(&self) -> String { - match self { - HttpRouteResource::Linkerd(route) => { - route.namespace().expect("HttpRoute must have a namespace") - } - HttpRouteResource::Gateway(route) => { - route.namespace().expect("HttpRoute must have a namespace") - } - } - } - - pub(crate) fn inner(&self) -> &api::CommonRouteSpec { - match self { - HttpRouteResource::Linkerd(route) => &route.spec.inner, - HttpRouteResource::Gateway(route) => &route.spec.inner, - } - } - - pub(crate) fn status(&self) -> Option<&api::RouteStatus> { - match self { - HttpRouteResource::Linkerd(route) => route.status.as_ref().map(|status| &status.inner), - HttpRouteResource::Gateway(route) => route.status.as_ref().map(|status| &status.inner), - } - } - - pub(crate) fn gknn(&self) -> GroupKindNamespaceName { - match self { - HttpRouteResource::Linkerd(route) => gkn_for_resource(route) - .namespaced(route.namespace().expect("Route must have namespace")), - HttpRouteResource::Gateway(route) => gkn_for_resource(route) - .namespaced(route.namespace().expect("Route must have namespace")), - } - } -} - pub fn try_match( api::HttpRouteMatch { path, @@ -91,18 +40,18 @@ pub fn try_match( pub fn path_match(path_match: api::HttpPathMatch) -> Result { match path_match { - api::HttpPathMatch::Exact { value } | api::HttpPathMatch::PathPrefix { value } - if !value.starts_with('/') => + api::HttpPathMatch::Exact { value } | api::HttpPathMatch::PathPrefix { value } + if !value.starts_with('/') => { Err(anyhow!("HttpPathMatch paths must be absolute (begin with `/`); {value:?} is not an absolute path")) } - api::HttpPathMatch::Exact { value } => Ok(routes::PathMatch::Exact(value)), - api::HttpPathMatch::PathPrefix { value } => Ok(routes::PathMatch::Prefix(value)), - api::HttpPathMatch::RegularExpression { value } => value - .parse() - .map(routes::PathMatch::Regex) - .map_err(Into::into), - } + api::HttpPathMatch::Exact { value } => Ok(routes::PathMatch::Exact(value)), + api::HttpPathMatch::PathPrefix { value } => Ok(routes::PathMatch::Prefix(value)), + api::HttpPathMatch::RegularExpression { value } => value + .parse() + .map(routes::PathMatch::Regex) + .map_err(Into::into), + } } pub fn host_match(hostname: api::Hostname) -> routes::HostMatch { @@ -201,29 +150,3 @@ fn path_modifier(path_modifier: api::HttpPathModifier) -> Result Ok(routes::PathModifier::Prefix(replace_prefix_match)), } } - -pub(crate) fn gkn_for_resource(t: &T) -> GroupKindName -where - T: kube::Resource, -{ - let kind = T::kind(&()); - let group = T::group(&()); - let name = t.name_unchecked().into(); - GroupKindName { group, kind, name } -} - -pub(crate) fn gkn_for_linkerd_http_route(name: String) -> GroupKindName { - GroupKindName { - group: policy::HttpRoute::group(&()), - kind: policy::HttpRoute::kind(&()), - name: name.into(), - } -} - -pub(crate) fn gkn_for_gateway_http_route(name: String) -> GroupKindName { - GroupKindName { - group: api::HttpRoute::group(&()), - kind: api::HttpRoute::kind(&()), - name: name.into(), - } -} diff --git a/policy-controller/src/admission.rs b/policy-controller/src/admission.rs index 76fa39e1e4944..ec7e0da047346 100644 --- a/policy-controller/src/admission.rs +++ b/policy-controller/src/admission.rs @@ -439,7 +439,6 @@ impl Validate for Admission { } } -use index::http_route; fn validate_match( httproute::HttpRouteMatch { path, @@ -448,18 +447,18 @@ fn validate_match( method, }: httproute::HttpRouteMatch, ) -> Result<()> { - let _ = path.map(http_route::path_match).transpose()?; + let _ = path.map(index::routes::http::path_match).transpose()?; let _ = method .as_deref() .map(core::routes::Method::try_from) .transpose()?; for q in query_params.into_iter().flatten() { - http_route::query_param_match(q)?; + index::routes::http::query_param_match(q)?; } for h in headers.into_iter().flatten() { - http_route::header_match(h)?; + index::routes::http::header_match(h)?; } Ok(()) @@ -472,12 +471,12 @@ impl Validate for Admission { match filter { httproute::HttpRouteFilter::RequestHeaderModifier { request_header_modifier, - } => http_route::header_modifier(request_header_modifier).map(|_| ()), + } => index::routes::http::header_modifier(request_header_modifier).map(|_| ()), httproute::HttpRouteFilter::ResponseHeaderModifier { response_header_modifier, - } => http_route::header_modifier(response_header_modifier).map(|_| ()), + } => index::routes::http::header_modifier(response_header_modifier).map(|_| ()), httproute::HttpRouteFilter::RequestRedirect { request_redirect } => { - http_route::req_redirect(request_redirect).map(|_| ()) + index::routes::http::req_redirect(request_redirect).map(|_| ()) } } } @@ -545,12 +544,12 @@ impl Validate for Admission { match filter { k8s_gateway_api::HttpRouteFilter::RequestHeaderModifier { request_header_modifier, - } => http_route::header_modifier(request_header_modifier).map(|_| ()), + } => index::routes::http::header_modifier(request_header_modifier).map(|_| ()), k8s_gateway_api::HttpRouteFilter::ResponseHeaderModifier { response_header_modifier, - } => http_route::header_modifier(response_header_modifier).map(|_| ()), + } => index::routes::http::header_modifier(response_header_modifier).map(|_| ()), k8s_gateway_api::HttpRouteFilter::RequestRedirect { request_redirect } => { - http_route::req_redirect(request_redirect).map(|_| ()) + index::routes::http::req_redirect(request_redirect).map(|_| ()) } k8s_gateway_api::HttpRouteFilter::RequestMirror { .. } => Ok(()), k8s_gateway_api::HttpRouteFilter::URLRewrite { .. } => Ok(()), From be3301196fe8e70799151fc75657294243637e0a Mon Sep 17 00:00:00 2001 From: Mark S Date: Mon, 3 Jun 2024 15:08:21 -0400 Subject: [PATCH 05/15] revert(deps): revert lockfile changes Signed-off-by: Mark S --- Cargo.lock | 231 ++++++++++++++++++++++++++--------------------------- 1 file changed, 112 insertions(+), 119 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4060957edb927..3708d6a12cc85 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -97,7 +97,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -108,7 +108,7 @@ checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -199,9 +199,9 @@ checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" [[package]] name = "base64" -version = "0.22.1" +version = "0.22.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" [[package]] name = "bitflags" @@ -211,9 +211,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.5.0" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" [[package]] name = "block-buffer" @@ -264,7 +264,7 @@ dependencies = [ "iana-time-zone", "num-traits", "serde", - "windows-targets 0.52.5", + "windows-targets 0.52.0", ] [[package]] @@ -296,7 +296,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -370,7 +370,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -381,7 +381,7 @@ checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" dependencies = [ "darling_core", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -550,7 +550,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -631,7 +631,7 @@ dependencies = [ "futures-sink", "futures-util", "http", - "indexmap 2.2.6", + "indexmap 2.2.3", "slab", "tokio", "tokio-util", @@ -646,9 +646,9 @@ checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "hashbrown" -version = "0.14.5" +version = "0.14.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" +checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" dependencies = [ "ahash", "allocator-api2", @@ -842,12 +842,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.6" +version = "2.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +checksum = "233cf39063f058ea2caae4091bf4a3ef70a653afbc026f5c4a4135d114e3c177" dependencies = [ "equivalent", - "hashbrown 0.14.5", + "hashbrown 0.14.3", ] [[package]] @@ -906,9 +906,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.69" +version = "0.3.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d" +checksum = "c3fac17f7123a73ca62df411b1bf727ccc805daa070338fda671c86dac1bdc27" dependencies = [ "wasm-bindgen", ] @@ -1046,7 +1046,7 @@ dependencies = [ "proc-macro2", "quote", "serde_json", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1060,7 +1060,7 @@ dependencies = [ "backoff", "derivative", "futures", - "hashbrown 0.14.5", + "hashbrown 0.14.3", "json-patch", "k8s-openapi", "kube-client", @@ -1221,7 +1221,6 @@ dependencies = [ "futures", "http", "hyper", - "itertools", "linkerd-policy-controller-core", "linkerd2-proxy-api", "maplit", @@ -1259,6 +1258,7 @@ dependencies = [ "chrono", "futures", "http", + "k8s-gateway-api", "k8s-openapi", "kube", "kubert", @@ -1461,7 +1461,7 @@ version = "0.10.64" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "cfg-if", "foreign-types", "libc", @@ -1478,7 +1478,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1544,7 +1544,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "windows-targets 0.52.5", + "windows-targets 0.52.0", ] [[package]] @@ -1553,7 +1553,7 @@ version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" dependencies = [ - "base64 0.22.1", + "base64 0.22.0", "serde", ] @@ -1594,7 +1594,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1625,7 +1625,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1667,7 +1667,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "731e0d9356b0c25f16f33b5be79b1c57b562f141ebfcdb0ad8ac2c13a24293b4" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "hex", "lazy_static", "procfs-core", @@ -1680,7 +1680,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2d3554923a69f4ce04c4a754260c338f505ce22642d3830e049a399fc2059a29" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "hex", ] @@ -1704,7 +1704,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1727,7 +1727,7 @@ dependencies = [ "itertools", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1771,9 +1771,9 @@ dependencies = [ [[package]] name = "rand_core" -version = "0.6.4" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" dependencies = [ "getrandom", ] @@ -1784,7 +1784,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", ] [[package]] @@ -1795,8 +1795,8 @@ checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.4.6", - "regex-syntax 0.8.3", + "regex-automata 0.4.4", + "regex-syntax 0.8.2", ] [[package]] @@ -1810,13 +1810,13 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.6" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea" +checksum = "3b7fa1134405e2ec9353fd416b17f8dacd46c473d7d3fd1cf202706a14eb792a" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.3", + "regex-syntax 0.8.2", ] [[package]] @@ -1827,9 +1827,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "regex-syntax" -version = "0.8.3" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" +checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" [[package]] name = "ring" @@ -1858,7 +1858,7 @@ version = "0.38.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.4.0", "errno", "libc", "linux-raw-sys", @@ -1950,7 +1950,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -1981,11 +1981,11 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.11.0" +version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c627723fd09706bacdb5cf41499e95098555af3c3c29d014dc3c458ef6be11c0" +checksum = "770452e37cad93e0a50d5abc3990d2bc351c36d0328f86cefec2f2fb206eaef6" dependencies = [ - "bitflags 2.5.0", + "bitflags 1.3.2", "core-foundation", "core-foundation-sys", "libc", @@ -2029,7 +2029,7 @@ checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2040,7 +2040,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2060,7 +2060,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.2.6", + "indexmap 2.2.3", "itoa", "ryu", "serde", @@ -2157,9 +2157,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.66" +version = "2.0.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5" +checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" dependencies = [ "proc-macro2", "quote", @@ -2189,7 +2189,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2254,7 +2254,7 @@ checksum = "5f5ae998a069d4b5aba8ee9dad856af7d520c3699e6159b185c2acd48155d39a" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2396,7 +2396,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "61c5bb1d698276a2443e5ecfabc1008bf15a36c12e6a7176e7bf089ea9131140" dependencies = [ "base64 0.21.7", - "bitflags 2.5.0", + "bitflags 2.4.0", "bytes", "futures-core", "futures-util", @@ -2442,7 +2442,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] @@ -2619,9 +2619,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" +checksum = "7c53b543413a17a202f4be280a7e5c62a1c69345f5de525ee64f8cfdbc954994" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2629,24 +2629,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da" +checksum = "5491a68ab4500fa6b4d726bd67408630c3dbe9c4fe7bda16d5c82a1fd8c7340a" dependencies = [ "bumpalo", + "lazy_static", "log", - "once_cell", "proc-macro2", "quote", - "syn 2.0.66", + "syn 1.0.109", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726" +checksum = "c441e177922bc58f1e12c022624b6216378e5febc2f0533e41ba443d505b80aa" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2654,22 +2654,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" +checksum = "7d94ac45fcf608c1f45ef53e748d35660f168490c10b23704c7779ab8f5c3048" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 1.0.109", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.92" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" +checksum = "6a89911bd99e5f3659ec4acf9c4d93b0a90fe4a2a11f15328472058edc5261be" [[package]] name = "winapi" @@ -2695,11 +2695,11 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.52.0" +version = "0.51.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" +checksum = "b81650771e76355778637954dc9d7eb8d991cd89ad64ba26f21eeb3c22d8d836" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.48.2", ] [[package]] @@ -2708,7 +2708,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets 0.48.5", + "windows-targets 0.48.2", ] [[package]] @@ -2717,38 +2717,37 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.52.0", ] [[package]] name = "windows-targets" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +checksum = "d1eeca1c172a285ee6c2c84c341ccea837e7c01b12fbb2d0fe3c9e550ce49ec8" dependencies = [ "windows_aarch64_gnullvm 0.48.5", - "windows_aarch64_msvc 0.48.5", - "windows_i686_gnu 0.48.5", + "windows_aarch64_msvc 0.48.2", + "windows_i686_gnu 0.48.2", "windows_i686_msvc 0.48.5", - "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnu 0.48.2", "windows_x86_64_gnullvm 0.48.5", - "windows_x86_64_msvc 0.48.5", + "windows_x86_64_msvc 0.48.2", ] [[package]] name = "windows-targets" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" dependencies = [ - "windows_aarch64_gnullvm 0.52.5", - "windows_aarch64_msvc 0.52.5", - "windows_i686_gnu 0.52.5", - "windows_i686_gnullvm", - "windows_i686_msvc 0.52.5", - "windows_x86_64_gnu 0.52.5", - "windows_x86_64_gnullvm 0.52.5", - "windows_x86_64_msvc 0.52.5", + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", ] [[package]] @@ -2759,39 +2758,33 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" [[package]] name = "windows_aarch64_msvc" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" +checksum = "571d8d4e62f26d4932099a9efe89660e8bd5087775a2ab5cdd8b747b811f1058" [[package]] name = "windows_aarch64_msvc" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" [[package]] name = "windows_i686_gnu" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" +checksum = "2229ad223e178db5fbbc8bd8d3835e51e566b8474bfca58d2e6150c48bb723cd" [[package]] name = "windows_i686_gnu" -version = "0.52.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" - -[[package]] -name = "windows_i686_gnullvm" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" [[package]] name = "windows_i686_msvc" @@ -2801,21 +2794,21 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" [[package]] name = "windows_x86_64_gnu" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" +checksum = "ea99ff3f8b49fb7a8e0d305e5aec485bd068c2ba691b6e277d29eaeac945868a" [[package]] name = "windows_x86_64_gnu" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" [[package]] name = "windows_x86_64_gnullvm" @@ -2825,21 +2818,21 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" [[package]] name = "windows_x86_64_msvc" -version = "0.48.5" +version = "0.48.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" +checksum = "d419259aba16b663966e29e6d7c6ecfa0bb8425818bb96f6f1f3c3eb71a6e7b9" [[package]] name = "windows_x86_64_msvc" -version = "0.52.5" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" [[package]] name = "zerocopy" @@ -2858,7 +2851,7 @@ checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.48", ] [[package]] From acf610213aff2ebbeffcaf7214e9cfa0d5604ade Mon Sep 17 00:00:00 2001 From: Mark S Date: Mon, 3 Jun 2024 15:11:54 -0400 Subject: [PATCH 06/15] revert(deps): revert dep changes Signed-off-by: Mark S --- policy-controller/grpc/Cargo.toml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/policy-controller/grpc/Cargo.toml b/policy-controller/grpc/Cargo.toml index 690bfe3a7d643..edc30ded5d9f7 100644 --- a/policy-controller/grpc/Cargo.toml +++ b/policy-controller/grpc/Cargo.toml @@ -11,7 +11,6 @@ async-trait = "0.1" http = "0.2" drain = "0.1" hyper = { version = "0.14", features = ["http2", "server", "tcp"] } -itertools = "^0.12" futures = { version = "0.3", default-features = false } linkerd-policy-controller-core = { path = "../core" } maplit = "1" @@ -24,4 +23,4 @@ serde_json = "1" [dependencies.linkerd2-proxy-api] version = "0.13" -features = ["inbound", "outbound", "grpc-route"] +features = ["inbound", "outbound"] From 229d8928e7e1303364e061ef8559e33506461bc7 Mon Sep 17 00:00:00 2001 From: Mark S Date: Mon, 3 Jun 2024 16:21:41 -0400 Subject: [PATCH 07/15] chore(deps): fix bad lockfile update Signed-off-by: Mark S --- Cargo.lock | 2 +- policy-controller/grpc/Cargo.toml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3708d6a12cc85..5bb39517c3188 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1221,6 +1221,7 @@ dependencies = [ "futures", "http", "hyper", + "itertools", "linkerd-policy-controller-core", "linkerd2-proxy-api", "maplit", @@ -1258,7 +1259,6 @@ dependencies = [ "chrono", "futures", "http", - "k8s-gateway-api", "k8s-openapi", "kube", "kubert", diff --git a/policy-controller/grpc/Cargo.toml b/policy-controller/grpc/Cargo.toml index edc30ded5d9f7..0c625132701f2 100644 --- a/policy-controller/grpc/Cargo.toml +++ b/policy-controller/grpc/Cargo.toml @@ -10,8 +10,9 @@ async-stream = "0.3" async-trait = "0.1" http = "0.2" drain = "0.1" -hyper = { version = "0.14", features = ["http2", "server", "tcp"] } futures = { version = "0.3", default-features = false } +hyper = { version = "0.14", features = ["http2", "server", "tcp"] } +itertools = "0.12" linkerd-policy-controller-core = { path = "../core" } maplit = "1" prost-types = "0.12.6" From 584fd1b82cfd819e46df5833ef1eff055d0b129d Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 09:47:38 -0400 Subject: [PATCH 08/15] style: consolidate imports from same crate Signed-off-by: Mark S --- policy-controller/grpc/src/outbound.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index b6a8f67928d8e..2ed3e1742fd41 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -9,13 +9,12 @@ use linkerd2_proxy_api::{ outbound_policies_server::{OutboundPolicies, OutboundPoliciesServer}, }, }; -use linkerd_policy_controller_core::routes::HttpRouteMatch; use linkerd_policy_controller_core::{ outbound::{ Backend, DiscoverOutboundPolicy, Filter, OutboundDiscoverTarget, OutboundPolicy, OutboundPolicyStream, OutboundRoute, OutboundRouteCollection, OutboundRouteRule, }, - routes::GroupKindNamespaceName, + routes::{GroupKindNamespaceName, HttpRouteMatch}, }; use std::{net::SocketAddr, num::NonZeroU16, str::FromStr, sync::Arc, time}; From c90c5fd75966d65805af7bb0304697b7d54468d5 Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 10:12:09 -0400 Subject: [PATCH 09/15] chore: remove resolved todo Signed-off-by: Mark S --- policy-controller/grpc/src/outbound.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index 2ed3e1742fd41..a7c05800b59d7 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -259,8 +259,6 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy { routes = vec![default_outbound_http_route(backend.clone())]; } - // TODO(the-wondersmith): determine what (if any) contracts - // would need to be updated if we return `Kind::Http` here outbound::proxy_protocol::Kind::Detect(outbound::proxy_protocol::Detect { timeout: Some( time::Duration::from_secs(10) From fb040c9b13c0ce723d83d5f1558e613bbacf481f Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 10:30:33 -0400 Subject: [PATCH 10/15] style: revert `for_each` calls back to explicit for loops Signed-off-by: Mark S --- policy-controller/k8s/index/src/outbound/index.rs | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/policy-controller/k8s/index/src/outbound/index.rs b/policy-controller/k8s/index/src/outbound/index.rs index 7047274074eea..a7143f921412b 100644 --- a/policy-controller/k8s/index/src/outbound/index.rs +++ b/policy-controller/k8s/index/src/outbound/index.rs @@ -821,12 +821,13 @@ impl ServiceRoutes { // Producer routes apply to clients in all namespaces, so // apply it to watches for all other namespaces too. - self.watches_by_ns + for (_, ns_watch) in self + .watches_by_ns .iter_mut() .filter(|(ns, _)| ns != &gknn.namespace.as_ref()) - .for_each(|(_, ns_watch)| { - ns_watch.insert_route(gknn.clone(), route.clone()); - }); + { + ns_watch.insert_route(gknn.clone(), route.clone()); + } } else { // This is a consumer namespace route and should only apply to // watches from that namespace. @@ -846,9 +847,9 @@ impl ServiceRoutes { } fn delete(&mut self, gknn: &GroupKindNamespaceName) { - self.watches_by_ns.values_mut().for_each(|watch| { + for watch in self.watches_by_ns.values_mut() { watch.remove_route(gknn); - }); + } } fn insert_producer_and_consumer_routes>( From ac269f062a4b4430074b1c89045979aa75d0a806 Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 16:14:55 -0400 Subject: [PATCH 11/15] refactor: add Empty variant to OutboundRouteType Signed-off-by: Mark S --- policy-controller/core/src/outbound.rs | 37 ++++++++--- policy-controller/grpc/src/outbound.rs | 4 +- .../k8s/index/src/outbound/index.rs | 66 ++++++------------- .../index/src/outbound/tests/routes/http.rs | 10 ++- 4 files changed, 52 insertions(+), 65 deletions(-) diff --git a/policy-controller/core/src/outbound.rs b/policy-controller/core/src/outbound.rs index 7322437ced127..b3655273821c7 100644 --- a/policy-controller/core/src/outbound.rs +++ b/policy-controller/core/src/outbound.rs @@ -32,14 +32,16 @@ pub enum TypedOutboundRoute { Http(OutboundRoute), } -#[derive(Clone, Debug, PartialEq, Eq)] +#[derive(Clone, Debug, Default, PartialEq, Eq)] pub enum OutboundRouteCollection { + #[default] + Empty, Http(HashMap>), } #[derive(Clone, Debug, PartialEq)] pub struct OutboundPolicy { - pub routes: Option, + pub routes: OutboundRouteCollection, pub authority: String, pub name: String, pub namespace: String, @@ -125,23 +127,24 @@ impl From> for TypedOutboundRoute { impl OutboundRouteCollection { pub fn is_empty(&self) -> bool { match self { + Self::Empty => true, Self::Http(routes) => routes.is_empty(), } } - pub fn for_gknn(gknn: &GroupKindNamespaceName) -> Option { - match gknn.kind.as_ref() { - "HTTPRoute" => Some(Self::Http(Default::default())), - _ => None, - } - } - pub fn remove(&mut self, key: &GroupKindNamespaceName) { match self { + Self::Empty => { + return; + } Self::Http(routes) => { routes.remove(key); } } + + if self.is_empty() { + let _ = std::mem::replace(self, Self::Empty); + } } pub fn insert>( @@ -149,10 +152,24 @@ impl OutboundRouteCollection { key: GroupKindNamespaceName, route: Route, ) -> Result> { - match (self, route.into()) { + let route = route.into(); + + if matches!(self, Self::Empty) { + let _ = std::mem::replace( + self, + match &route { + TypedOutboundRoute::Http(_) => Self::Http(Default::default()), + }, + ); + } + + match (self, route) { (Self::Http(routes), TypedOutboundRoute::Http(route)) => { Ok(routes.insert(key, route).map(Into::into)) } + (Self::Empty, _) => { + anyhow::bail!("cannot insert a route into an uninitialized route collection") + } } } } diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index a7c05800b59d7..02a4cd057b16b 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -226,7 +226,7 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy { }); match outbound.routes { - None => { + OutboundRouteCollection::Empty => { let routes = vec![default_outbound_http_route(backend.clone())]; outbound::proxy_protocol::Kind::Detect(outbound::proxy_protocol::Detect { @@ -248,7 +248,7 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy { }), }) } - Some(OutboundRouteCollection::Http(routes)) => { + OutboundRouteCollection::Http(routes) => { let mut routes = routes .into_iter() .sorted_by(timestamp_then_name) diff --git a/policy-controller/k8s/index/src/outbound/index.rs b/policy-controller/k8s/index/src/outbound/index.rs index a7143f921412b..aaf123b6dc177 100644 --- a/policy-controller/k8s/index/src/outbound/index.rs +++ b/policy-controller/k8s/index/src/outbound/index.rs @@ -83,17 +83,10 @@ struct ServiceRoutes { struct RoutesWatch { opaque: bool, accrual: Option, - routes: Option, + routes: OutboundRouteCollection, watch: watch::Sender, } -#[inline] -fn default_collection_for(route: &TypedOutboundRoute) -> OutboundRouteCollection { - match route { - TypedOutboundRoute::Http(_) => OutboundRouteCollection::Http(Default::default()), - } -} - impl kubert::index::IndexNamespacedResource for Index { fn apply(&mut self, route: linkerd_k8s_api::HttpRoute) { self.apply(RouteResource::LinkerdHttp(route)) @@ -339,7 +332,7 @@ impl Namespace { // Service without specifying a port. self.service_routes .entry(parent_ref.name.clone()) - .or_insert_with(|| default_collection_for(&outbound_route)) + .or_default() .insert(route.gknn(), outbound_route) .map_err(|error| tracing::warn!(?error)) .transpose(); @@ -359,19 +352,17 @@ impl Namespace { for routes in self.service_port_routes.values_mut() { for watch in routes.watches_by_ns.values_mut() { - if let Some(collection) = watch.routes.as_mut() { - match collection { - OutboundRouteCollection::Http(routes) => { - routes - .values_mut() - .flat_map(|route| route.rules.iter_mut()) - .flat_map(|rule| rule.backends.iter_mut()) - .for_each(update_service); - } + match &mut watch.routes { + OutboundRouteCollection::Empty => {} + OutboundRouteCollection::Http(routes) => { + routes + .values_mut() + .flat_map(|route| route.rules.iter_mut()) + .flat_map(|rule| rule.backends.iter_mut()) + .for_each(update_service); } - - watch.send_if_modified(); } + watch.send_if_modified(); } } } @@ -438,7 +429,7 @@ impl Namespace { }; match routes { - None => {} + None | Some(OutboundRouteCollection::Empty) => {} Some(OutboundRouteCollection::Http(routes)) => { service_routes .insert_producer_and_consumer_routes(routes, self.namespace.as_str()); @@ -790,7 +781,8 @@ impl ServiceRoutes { let routes = self .watches_by_ns .get(self.namespace.as_ref()) - .and_then(|watch| watch.routes.clone()); + .map(|watch| watch.routes.clone()) + .unwrap_or_default(); self.watches_by_ns.entry(namespace).or_insert_with(|| { let (sender, _) = watch::channel(OutboundPolicy { @@ -919,36 +911,16 @@ impl RoutesWatch { gknn: GroupKindNamespaceName, route: Route, ) { - match &mut self.routes { - Some(routes) => { - routes - .insert(gknn, route) - .map_err(|error| tracing::warn!(?error)) - .transpose(); - } - None => { - let route = route.into(); - let mut routes = default_collection_for(&route); - routes - .insert(gknn, route) - .map_err(|error| tracing::warn!(?error)) - .transpose(); - self.routes = Some(routes); - } - }; + self.routes + .insert(gknn, route) + .map_err(|error| tracing::warn!(?error)) + .transpose(); self.send_if_modified(); } fn remove_route(&mut self, gknn: &GroupKindNamespaceName) { - if let Some(routes) = &mut self.routes { - routes.remove(gknn); - - if routes.is_empty() { - self.routes = None; - } - } - + self.routes.remove(gknn); self.send_if_modified(); } } diff --git a/policy-controller/k8s/index/src/outbound/tests/routes/http.rs b/policy-controller/k8s/index/src/outbound/tests/routes/http.rs index 1c7f1304ad078..6ad80286f164c 100644 --- a/policy-controller/k8s/index/src/outbound/tests/routes/http.rs +++ b/policy-controller/k8s/index/src/outbound/tests/routes/http.rs @@ -39,11 +39,10 @@ fn backend_service() { { let policy = rx.borrow_and_update(); - let backend = policy - .routes - .as_ref() + let backend = Some(&policy.routes) .map(|routes| match routes { OutboundRouteCollection::Http(routes) => routes, + _ => panic!("expected http route collection"), }) .unwrap() .get(&GroupKindNamespaceName { @@ -77,11 +76,10 @@ fn backend_service() { { let policy = rx.borrow_and_update(); - let backend = policy - .routes - .as_ref() + let backend = Some(&policy.routes) .map(|routes| match routes { OutboundRouteCollection::Http(routes) => routes, + _ => panic!("expected http route collection"), }) .unwrap() .get(&GroupKindNamespaceName { From 153e35027b5172df5081ab2929e3e1ca84e04cae Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 19:03:06 -0400 Subject: [PATCH 12/15] perf: improve implementation of `insert` and `remove` Signed-off-by: Mark S --- policy-controller/core/src/outbound.rs | 34 +++++++++----------------- 1 file changed, 11 insertions(+), 23 deletions(-) diff --git a/policy-controller/core/src/outbound.rs b/policy-controller/core/src/outbound.rs index b3655273821c7..4f5cb40c36be0 100644 --- a/policy-controller/core/src/outbound.rs +++ b/policy-controller/core/src/outbound.rs @@ -126,25 +126,19 @@ impl From> for TypedOutboundRoute { impl OutboundRouteCollection { pub fn is_empty(&self) -> bool { - match self { - Self::Empty => true, - Self::Http(routes) => routes.is_empty(), - } + matches!(self, Self::Empty) } pub fn remove(&mut self, key: &GroupKindNamespaceName) { match self { - Self::Empty => { - return; - } + Self::Empty => {} Self::Http(routes) => { routes.remove(key); + if routes.is_empty() { + *self = Self::Empty; + } } } - - if self.is_empty() { - let _ = std::mem::replace(self, Self::Empty); - } } pub fn insert>( @@ -154,22 +148,16 @@ impl OutboundRouteCollection { ) -> Result> { let route = route.into(); - if matches!(self, Self::Empty) { - let _ = std::mem::replace( - self, - match &route { - TypedOutboundRoute::Http(_) => Self::Http(Default::default()), - }, - ); - } - match (self, route) { + (this @ Self::Empty, TypedOutboundRoute::Http(route)) => { + let mut routes = HashMap::default(); + let inserted = routes.insert(key, route).map(Into::into); + *this = Self::Http(routes); + Ok(inserted) + } (Self::Http(routes), TypedOutboundRoute::Http(route)) => { Ok(routes.insert(key, route).map(Into::into)) } - (Self::Empty, _) => { - anyhow::bail!("cannot insert a route into an uninitialized route collection") - } } } } From ad46e786a687ea8cd3efe54ee9d4614ecc380e7b Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 19:13:51 -0400 Subject: [PATCH 13/15] perf: remove unnecessary emptiness check Signed-off-by: Mark S --- policy-controller/grpc/src/outbound.rs | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/policy-controller/grpc/src/outbound.rs b/policy-controller/grpc/src/outbound.rs index 02a4cd057b16b..41adb37b50656 100644 --- a/policy-controller/grpc/src/outbound.rs +++ b/policy-controller/grpc/src/outbound.rs @@ -249,16 +249,12 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy { }) } OutboundRouteCollection::Http(routes) => { - let mut routes = routes + let routes = routes .into_iter() .sorted_by(timestamp_then_name) .map(|(gknn, route)| convert_outbound_http_route(gknn, route, backend.clone())) .collect::>(); - if routes.is_empty() { - routes = vec![default_outbound_http_route(backend.clone())]; - } - outbound::proxy_protocol::Kind::Detect(outbound::proxy_protocol::Detect { timeout: Some( time::Duration::from_secs(10) From 817907cebacb0e27bcda28e6d1dbd0dd88bfec19 Mon Sep 17 00:00:00 2001 From: Mark S Date: Tue, 4 Jun 2024 19:16:49 -0400 Subject: [PATCH 14/15] style: revert change to filter vs if in ServiceRoutes::apply Signed-off-by: Mark S --- policy-controller/k8s/index/src/outbound/index.rs | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/policy-controller/k8s/index/src/outbound/index.rs b/policy-controller/k8s/index/src/outbound/index.rs index aaf123b6dc177..e36c65150d495 100644 --- a/policy-controller/k8s/index/src/outbound/index.rs +++ b/policy-controller/k8s/index/src/outbound/index.rs @@ -813,12 +813,10 @@ impl ServiceRoutes { // Producer routes apply to clients in all namespaces, so // apply it to watches for all other namespaces too. - for (_, ns_watch) in self - .watches_by_ns - .iter_mut() - .filter(|(ns, _)| ns != &gknn.namespace.as_ref()) - { - ns_watch.insert_route(gknn.clone(), route.clone()); + for (ns, ns_watch) in self.watches_by_ns.iter_mut() { + if ns != &gknn.namespace { + ns_watch.insert_route(gknn.clone(), route.clone()); + } } } else { // This is a consumer namespace route and should only apply to From 259fc2c4f965d39f482e70f63b851054d193e53c Mon Sep 17 00:00:00 2001 From: Mark S Date: Wed, 5 Jun 2024 12:55:33 -0400 Subject: [PATCH 15/15] bump Signed-off-by: Mark S