Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Add policy conflict to dnspolicy validation #995

Merged

Conversation

mikenairn
Copy link
Member

Updates the dnspolicies validator task to check for polices with conflicting target refs, only one policy can currently target a specific gateway or listener. Uses the same logic as TLS, first policy created is given preference over any created later.

Some other small changes to align DNSPolicy and TLSPolicy.

@@ -191,7 +191,7 @@ func (p *TLSPolicy) GetRulesHostnames() []string {
return make([]string, 0)
}

// DEPRECATED: Use GetTargetRefs instead
// Deprecated: kuadrant.Policy.
Copy link
Member Author

@mikenairn mikenairn Nov 8, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Deprecated:" seems to be the correct way to do this in Go https://go.dev/wiki/Deprecated, linter will fail if this is used anywhere.

We can likely remove all these soon anyway, if not already.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, they all are in #992

}

return nil
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are pretty much copied from the TLSPolicy, we should probably look at making generic functions that can be used by both.

Updates the dnspolicies validator task to check for polices with
conflicting target refs, only one policy can currently target a specific
gateway or listener. Uses the same logic as TLS, first policy created is
given preference over any created later.

Some other small changes to align DNSPolicy and TLSPolicy.

Signed-off-by: Michael Nairn <[email protected]>
@mikenairn mikenairn force-pushed the dnspolicy_validation_policy_conflict branch from e40b44b to 3ca2c69 Compare November 8, 2024 18:23
@maleck13 maleck13 merged commit 20ba1a9 into Kuadrant:main Nov 10, 2024
26 checks passed
@mikenairn mikenairn deleted the dnspolicy_validation_policy_conflict branch November 11, 2024 07:56
maleck13 pushed a commit that referenced this pull request Nov 13, 2024
Updates the dnspolicies validator task to check for polices with
conflicting target refs, only one policy can currently target a specific
gateway or listener. Uses the same logic as TLS, first policy created is
given preference over any created later.

Some other small changes to align DNSPolicy and TLSPolicy.

Signed-off-by: Michael Nairn <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants