diff --git a/internal/gatewayapi/status/policy.go b/internal/gatewayapi/status/policy.go index 5009fd246f..f96f44c479 100644 --- a/internal/gatewayapi/status/policy.go +++ b/internal/gatewayapi/status/policy.go @@ -6,10 +6,7 @@ package status import ( - "cmp" - "fmt" - "slices" - "strings" + "sort" "time" gocmp "github.com/google/go-cmp/cmp" @@ -20,10 +17,6 @@ import ( egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1" ) -const ( - conditionMessageMaxLength = 32768 -) - type PolicyResolveError struct { Reason gwapiv1a2.PolicyConditionReason Message string @@ -113,22 +106,31 @@ func TruncatePolicyAncestors(policyStatus *gwapiv1a2.PolicyStatus, controllerNam // we need to truncate policy ancestor status due to the item limit (max 16). // so we are choosing to preserve the 16 most important ancestors. // negative polarity (Conflicted, Overridden...) should be clearly indicated to the user. - slices.SortStableFunc(policyStatus.Ancestors, func(a, b gwapiv1a2.PolicyAncestorStatus) int { - if r := cmp.Compare(sortRankForPolicyAncestor(a), sortRankForPolicyAncestor(b)); r != 0 { - return r + sort.Slice(policyStatus.Ancestors, func(i, j int) bool { + a, b := policyStatus.Ancestors[i], policyStatus.Ancestors[j] + aRank := sortRankForPolicyAncestor(a) + bRank := sortRankForPolicyAncestor(b) + + if aRank != bRank { + return aRank < bRank + } + // First compare by namespace, then by name + aNamespace := "" + if a.AncestorRef.Namespace != nil { + aNamespace = string(*a.AncestorRef.Namespace) + } + bNamespace := "" + if b.AncestorRef.Namespace != nil { + bNamespace = string(*b.AncestorRef.Namespace) } - return strings.Compare(string(a.AncestorRef.Name), string(b.AncestorRef.Name)) + + if aNamespace != bNamespace { + return aNamespace < bNamespace + } + return string(a.AncestorRef.Name) < string(b.AncestorRef.Name) }) - aggregated := make([]string, len(policyStatus.Ancestors)-16) - for i, ancestor := range policyStatus.Ancestors[16:] { - aggregated[i] = string(ancestor.AncestorRef.Name) - } - aggregatedMessage := fmt.Sprintf("Ancestors have been aggregated because the number of policy ancestors exceeds 16. "+ - "The aggregated ancestors: %s", strings.Join(aggregated, ", ")) - if len(aggregatedMessage) > conditionMessageMaxLength { - aggregatedMessage = aggregatedMessage[:conditionMessageMaxLength] - } + aggregatedMessage := "Ancestors have been truncated because the number of policy ancestors exceeds 16." policyStatus.Ancestors = policyStatus.Ancestors[:16] SetConditionForPolicyAncestor(policyStatus, diff --git a/internal/gatewayapi/testdata/backendtlspolicy-status-conditions-truncated.out.yaml b/internal/gatewayapi/testdata/backendtlspolicy-status-conditions-truncated.out.yaml index 21c0b7cb87..36bfddefab 100644 --- a/internal/gatewayapi/testdata/backendtlspolicy-status-conditions-truncated.out.yaml +++ b/internal/gatewayapi/testdata/backendtlspolicy-status-conditions-truncated.out.yaml @@ -179,8 +179,8 @@ backendTLSPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -365,8 +365,8 @@ backendTLSPolicies: status: "False" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated diff --git a/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions-truncated.out.yaml b/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions-truncated.out.yaml index 543a9435eb..5584b666eb 100644 --- a/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions-truncated.out.yaml +++ b/internal/gatewayapi/testdata/backendtrafficpolicy-status-conditions-truncated.out.yaml @@ -213,8 +213,8 @@ backendTrafficPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-7, gateway-8' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -440,8 +440,8 @@ backendTrafficPolicies: status: "False" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -651,8 +651,8 @@ backendTrafficPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions-truncated.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions-truncated.out.yaml index b053bf086f..a4ebdc689a 100644 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions-truncated.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-status-conditions-truncated.out.yaml @@ -255,8 +255,8 @@ envoyExtensionPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -533,8 +533,8 @@ envoyExtensionPolicies: status: "False" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated diff --git a/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions-truncated.out.yaml b/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions-truncated.out.yaml index ef6f102ee2..50381d2715 100644 --- a/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions-truncated.out.yaml +++ b/internal/gatewayapi/testdata/envoyextensionpolicy-status-conditions-truncated.out.yaml @@ -213,8 +213,8 @@ envoyExtensionPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-7, gateway-8' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -440,8 +440,8 @@ envoyExtensionPolicies: status: "False" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -651,8 +651,8 @@ envoyExtensionPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated diff --git a/internal/gatewayapi/testdata/securitypolicy-status-conditions-truncated.out.yaml b/internal/gatewayapi/testdata/securitypolicy-status-conditions-truncated.out.yaml index fe6b02f656..3206690129 100644 --- a/internal/gatewayapi/testdata/securitypolicy-status-conditions-truncated.out.yaml +++ b/internal/gatewayapi/testdata/securitypolicy-status-conditions-truncated.out.yaml @@ -1960,8 +1960,8 @@ securityPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-7, gateway-8' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -2187,8 +2187,8 @@ securityPolicies: status: "False" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated @@ -2398,8 +2398,8 @@ securityPolicies: status: "True" type: Accepted - lastTransitionTime: null - message: 'Ancestors have been aggregated because the number of policy ancestors - exceeds 16. The aggregated ancestors: gateway-8, gateway-9' + message: Ancestors have been truncated because the number of policy ancestors + exceeds 16. reason: Aggregated status: "True" type: Aggregated