Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion internal/events/event.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (
)

// EventBatch is a batch of events to be handled at once.
// FIXME(pleshakov): think about how to avoid using an interface{} here
type EventBatch []interface{}

// UpsertEvent represents upserting a resource.
Expand Down
3 changes: 3 additions & 0 deletions internal/events/handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ func (h *EventHandlerImpl) updateNginx(ctx context.Context, conf dataplane.Confi
// Write all secrets (nuke and pave).
// This will remove all secrets in the secrets directory before writing the requested secrets.
// FIXME(kate-osborn): We may want to rethink this approach in the future and write and remove secrets individually.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/561
err := h.cfg.SecretMemoryManager.WriteAllRequestedSecrets()
if err != nil {
return err
Expand Down Expand Up @@ -124,6 +125,7 @@ func (h *EventHandlerImpl) propagateUpsert(e *UpsertEvent) {
h.cfg.Processor.CaptureUpsertChange(r)
case *apiv1.Secret:
// FIXME(kate-osborn): need to handle certificate rotation
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/553
h.cfg.SecretStore.Upsert(r)
case *discoveryV1.EndpointSlice:
h.cfg.Processor.CaptureUpsertChange(r)
Expand All @@ -144,6 +146,7 @@ func (h *EventHandlerImpl) propagateDelete(e *DeleteEvent) {
h.cfg.Processor.CaptureDeleteChange(e.Type, e.NamespacedName)
case *apiv1.Secret:
// FIXME(kate-osborn): make sure that affected servers are updated
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/553
h.cfg.SecretStore.Delete(e.NamespacedName)
case *discoveryV1.EndpointSlice:
h.cfg.Processor.CaptureDeleteChange(e.Type, e.NamespacedName)
Expand Down
2 changes: 1 addition & 1 deletion internal/events/loop.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
// (2) A reload can have side-effects for the data plane traffic.
// FIXME(pleshakov): better document the side effects and how to prevent and mitigate them.
// So when the EventLoop have 100 saved events, it is better to process them at once rather than one by one.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/551
type EventLoop struct {
handler EventHandler
preparer FirstEventBatchPreparer
Expand Down Expand Up @@ -113,7 +114,6 @@ func (el *EventLoop) Start(ctx context.Context) error {
// Add the event to the current batch.
el.nextBatch = append(el.nextBatch, e)

// FIXME(pleshakov): Log more details about the event like resource GVK and ns/name.
el.logger.Info(
"added an event to the next batch",
"type", fmt.Sprintf("%T", e),
Expand Down
7 changes: 2 additions & 5 deletions internal/manager/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -138,11 +138,8 @@ func Start(cfg config.Config) error {
GatewayClassName: cfg.GatewayClassName,
Client: mgr.GetClient(),
PodIP: cfg.PodIP,
// FIXME(pleshakov) Make sure each component:
// (1) Has a dedicated named logger.
// (2) Get it from the Manager (the WithName is done here for all components).
Logger: cfg.Logger.WithName("statusUpdater"),
Clock: status.NewRealClock(),
Logger: cfg.Logger.WithName("statusUpdater"),
Clock: status.NewRealClock(),
})

eventHandler := events.NewEventHandlerImpl(events.EventHandlerConfig{
Expand Down
4 changes: 2 additions & 2 deletions internal/nginx/config/servers.go
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@ func createLocations(pathRules []dataplane.PathRule, listenerPort int) []http.Lo
// FIXME(pleshakov): Ensure dataplane.Configuration -related types don't include v1beta1 types, so that
// we don't need to make any assumptions like above here. After fixing this, ensure that there is a test
// for checking the imported Webhook validation catches the case above.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/660

// RequestRedirect and proxying are mutually exclusive.
if r.Filters.RequestRedirect != nil {
Expand All @@ -146,6 +147,7 @@ func createLocations(pathRules []dataplane.PathRule, listenerPort int) []http.Lo
if len(matches) > 0 {
// FIXME(sberman): De-dupe matches and associated locations
// so we don't need nginx/njs to perform unnecessary matching.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/662
b, err := json.Marshal(matches)
if err != nil {
// panic is safe here because we should never fail to marshal the match unless we constructed it incorrectly.
Expand Down Expand Up @@ -244,7 +246,6 @@ func createHTTPMatch(match v1beta1.HTTPRouteMatch, redirectPath string) httpMatc
headers := make([]string, 0, len(match.Headers))
headerNames := make(map[string]struct{})

// FIXME(kate-osborn): For now we only support type "Exact".
for _, h := range match.Headers {
if *h.Type == v1beta1.HeaderMatchExact {
// duplicate header names are not permitted by the spec
Expand All @@ -262,7 +263,6 @@ func createHTTPMatch(match v1beta1.HTTPRouteMatch, redirectPath string) httpMatc
if match.QueryParams != nil {
params := make([]string, 0, len(match.QueryParams))

// FIXME(kate-osborn): For now we only support type "Exact".
for _, p := range match.QueryParams {
if *p.Type == v1beta1.QueryParamMatchExact {
params = append(params, createQueryParamKeyValString(p))
Expand Down
1 change: 1 addition & 0 deletions internal/nginx/config/upstreams_template.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package config

// FIXME(kate-osborn): Dynamically calculate upstream zone size based on the number of upstreams.
// 512k will support up to 648 upstream servers.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/483
var upstreamsTemplateText = `
{{ range $u := . }}
upstream {{ $u.Name }} {
Expand Down
4 changes: 2 additions & 2 deletions internal/nginx/config/validation/http_njs_match.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ func (HTTPNJSMatchValidator) ValidatePathInMatch(path string) error {
return errors.New(msg)
}

// FIXME(pleshakov): This is temporary until https://github.com/nginxinc/nginx-kubernetes-gateway/issues/428
// is fixed.
// FIXME(pleshakov): This function will no longer be
// needed once https://github.com/nginxinc/nginx-kubernetes-gateway/issues/428 is fixed.
// That's because the location path gets into the set directive in the location block.
// Example: set $http_matches "[{\"redirectPath\":\"/coffee_route0\" ...
// Where /coffee is tha path.
Expand Down
1 change: 1 addition & 0 deletions internal/nginx/runtime/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ func (m *ManagerImpl) Reload(ctx context.Context) error {
// FIXME(pleshakov)
// (1) ensure the reload actually happens.
// (2) ensure that in case of an error, the error message can be seen by the admins.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/664

// for now, to prevent a subsequent reload starting before the in-flight reload finishes, we simply sleep.
// Fixing (1) will make the sleep unnecessary.
Expand Down
1 change: 0 additions & 1 deletion internal/state/change_processor.go
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,6 @@ func NewChangeProcessorImpl(cfg ChangeProcessorConfig) *ChangeProcessorImpl {
}
}

// FIXME(pleshakov)
// Currently, changes (upserts/delete) trigger rebuilding of the configuration, even if the change doesn't change
// the configuration or the statuses of the resources. For example, a change in a Gateway resource that doesn't
// belong to the NGINX Gateway or an HTTPRoute that doesn't belong to any of the Gateways of the NGINX Gateway.
Expand Down
11 changes: 3 additions & 8 deletions internal/state/dataplane/configuration.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ const (
// Configuration is an intermediate representation of dataplane configuration.
type Configuration struct {
// HTTPServers holds all HTTPServers.
// FIXME(pleshakov) We assume that all servers are HTTP and listen on port 80.
// We assume that all servers are HTTP and listen on port 80.
HTTPServers []VirtualServer
// SSLServers holds all SSLServers.
// FIXME(kate-osborn) We assume that all SSL servers listen on port 443.
// We assume that all SSL servers listen on port 443.
SSLServers []VirtualServer
// Upstreams holds all unique Upstreams.
Upstreams []Upstream
Expand Down Expand Up @@ -87,8 +87,6 @@ type MatchRule struct {
// Filters holds the filters for the MatchRule.
Filters Filters
// Source is the corresponding HTTPRoute resource.
// FIXME(pleshakov): Consider referencing only the parts needed for the config generation rather than
// the entire resource.
Source *v1beta1.HTTPRoute
// BackendGroup is the group of Backends that the rule routes to.
BackendGroup BackendGroup
Expand Down Expand Up @@ -135,7 +133,6 @@ func (r *MatchRule) GetMatch() v1beta1.HTTPRouteMatch {
}

// BuildConfiguration builds the Configuration from the Graph.
// FIXME(pleshakov) For now we only handle paths with prefix matches. Handle exact and regex matches
func BuildConfiguration(ctx context.Context, g *graph.Graph, resolver resolver.ServiceResolver) Configuration {
if g.GatewayClass == nil || !g.GatewayClass.Valid {
return Configuration{}
Expand Down Expand Up @@ -372,8 +369,6 @@ func (hpr *hostPathRules) buildServers() []VirtualServer {
hostname := getListenerHostname(l.Source.Hostname)
// Generate a 404 ssl server block for listeners with no routes or listeners with wildcard (match-all) routes.
// This server overrides the default ssl server.
// FIXME(kate-osborn): when we support regex hostnames (e.g. *.example.com)
// we will have to modify this check to catch regex hostnames.
if len(l.Routes) == 0 || hostname == wildcardHostname {
s := VirtualServer{
Hostname: hostname,
Expand Down Expand Up @@ -503,7 +498,7 @@ func convertPathType(pathType v1beta1.PathMatchType) PathType {

// listenerHostnameMoreSpecific returns true if host1 is more specific than host2 (using length).
//
// FIXME(sberman): Since the only caller of this function specifies listener hostnames that are both
// Since the only caller of this function specifies listener hostnames that are both
// bound to the same route hostname, this function assumes that host1 and host2 match, either
// exactly or as a substring.
//
Expand Down
2 changes: 1 addition & 1 deletion internal/state/graph/gateway_listener.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import (
)

// Listener represents a Listener of the Gateway resource.
// FIXME(pleshakov) For now, we only support HTTP and HTTPS listeners.
// For now, we only support HTTP and HTTPS listeners.
type Listener struct {
// Source holds the source of the Listener from the Gateway resource.
Source v1beta1.Listener
Expand Down
10 changes: 2 additions & 8 deletions internal/state/graph/httproute.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,6 @@ type ParentRefAttachmentStatus struct {
// Route represents an HTTPRoute.
type Route struct {
// Source is the source resource of the Route.
// FIXME(pleshakov)
// For now, we assume that the source is only HTTPRoute.
// Later we can support more types - TLSRoute, TCPRoute and UDPRoute.
Source *v1beta1.HTTPRoute
// ParentRefs includes ParentRefs with NKG Gateways only.
ParentRefs []ParentRef
Expand Down Expand Up @@ -231,7 +228,7 @@ func buildRoute(

if atLeastOneValid {
// FIXME(pleshakov): Partial validity for HTTPRoute rules is not defined in the Gateway API spec yet.
// See https://github.com/kubernetes-sigs/gateway-api/issues/1696
// See https://github.com/nginxinc/nginx-kubernetes-gateway/issues/485
msg = "Some rules are invalid: " + msg
r.Conditions = append(r.Conditions, conditions.NewTODO(msg))
} else {
Expand Down Expand Up @@ -311,9 +308,6 @@ func bindRouteToListeners(r *Route, gw *Gateway) {
// tryToAttachRouteToListeners tries to attach the route to the listeners that match the parentRef and the hostnames.
// If it succeeds in attaching at least one listener it will return true and the condition will be empty.
// If it fails to attach the route, it will return false and the failure condition.
// FIXME(pleshakov)
// For now, let's do simple matching.
// However, we need to also support wildcard matching.
func tryToAttachRouteToListeners(
refStatus *ParentRefAttachmentStatus,
sectionName *v1beta1.SectionName,
Expand All @@ -324,7 +318,7 @@ func tryToAttachRouteToListeners(

if !listenerExists {
// FIXME(pleshakov): Add a proper condition once it is available in the Gateway API.
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/306
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/665
return conditions.NewTODO("listener is not found"), false
}

Expand Down
1 change: 1 addition & 0 deletions internal/state/secrets/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ type FileManager interface {
}

// FIXME(kate-osborn): Is it necessary to make this concurrent-safe?
// https://github.com/nginxinc/nginx-kubernetes-gateway/issues/441
type SecretDiskMemoryManagerImpl struct {
requestedSecrets map[types.NamespacedName]requestedSecret
secretStore SecretStore
Expand Down