Target ref (#691)

* Add TargetRef to AuthPolicy and Fix Formatting and Integration Tests - Added TargetRef to AuthPolicy to specify the target reference. - Replaced the gateway object with the gateway wrapped inside the gatewayWrapper. - Fixed various errors and improved code formatting. - Resolved issues with Istio integration tests. This commit consolidates multiple changes made during the development process, improving the stability and functionality of the AuthPolicy controller and related tests. --------- Co-authored-by: dlaw4608 <dlawton032@gmail.com>
Kuadrant · Jun 17, 2024 · d2e301b · d2e301b
1 parent eabd231
commit d2e301b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/controllers/authpolicy_istio_authorizationpolicy.go b/controllers/authpolicy_istio_authorizationpolicy.go
@@ -94,8 +94,8 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap
 			Labels:    istioAuthorizationPolicyLabels(client.ObjectKeyFromObject(gateway), client.ObjectKeyFromObject(ap)),
 		},
 		Spec: istiosecurity.AuthorizationPolicy{
-			Action:   istiosecurity.AuthorizationPolicy_CUSTOM,
-			Selector: kuadrantistioutils.WorkloadSelectorFromGateway(ctx, r.Client(), gateway),
+			Action:    istiosecurity.AuthorizationPolicy_CUSTOM,
+			TargetRef: kuadrantistioutils.PolicyTargetRefFromGateway(gateway),
 			ActionDetail: &istiosecurity.AuthorizationPolicy_Provider{
 				Provider: &istiosecurity.AuthorizationPolicy_ExtensionProvider{
 					Name: KuadrantExtAuthProviderName,

diff --git a/tests/istio/authpolicy_controller_authorizationpolicy_test.go b/tests/istio/authpolicy_controller_authorizationpolicy_test.go
@@ -123,6 +123,11 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() {
 				logf.Log.V(1).Info("Fetching Istio's AuthorizationPolicy", "key", iapKey.String(), "error", err)
 				return err == nil
 			}).WithContext(ctx).Should(BeTrue())
+
+			// has the correct target ref
+			Expect(iap.Spec.TargetRef.Group).To(Equal("gateway.networking.k8s.io"))
+			Expect(iap.Spec.TargetRef.Kind).To(Equal("Gateway"))
+			Expect(iap.Spec.TargetRef.Name).To(Equal(TestGatewayName))
 			Expect(iap.Spec.Rules).To(HaveLen(1))
 			Expect(iap.Spec.Rules[0].To).To(HaveLen(1))
 			Expect(iap.Spec.Rules[0].To[0].Operation).ShouldNot(BeNil())
@@ -167,6 +172,11 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() {
 				logf.Log.V(1).Info("Fetching Istio's AuthorizationPolicy", "key", iapKey.String(), "error", err)
 				return err == nil
 			}).WithContext(ctx).Should(BeTrue())
+
+			// has the correct target ref
+			Expect(iap.Spec.TargetRef.Group).To(Equal("gateway.networking.k8s.io"))
+			Expect(iap.Spec.TargetRef.Kind).To(Equal("Gateway"))
+			Expect(iap.Spec.TargetRef.Name).To(Equal(TestGatewayName))
 			Expect(iap.Spec.Rules).To(HaveLen(1))
 			Expect(iap.Spec.Rules[0].To).To(HaveLen(1))
 			Expect(iap.Spec.Rules[0].To[0].Operation).ShouldNot(BeNil())