Skip to content

Commit

Permalink
Added some comments to explain the validation being performed.
Browse files Browse the repository at this point in the history
Signed-off-by: Lior Okman <[email protected]>
  • Loading branch information
liorokman committed Mar 28, 2024
1 parent dc31dfe commit bc70ce9
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions internal/gatewayapi/clienttrafficpolicy.go
Original file line number Diff line number Diff line change
Expand Up @@ -328,8 +328,14 @@ func validatePortOverlapForClientTrafficPolicy(l *ListenerContext, xds *ir.Xds,

// IR must exist since we're past validation
if httpIR != nil {
// Get a list of all other non-TLS listeners on this Gateway that share a port with
// the listener in question.
if sameListeners := listenersWithSameHTTPPort(xds, httpIR); len(sameListeners) != 0 {
if attachedToGateway {
// If this policy is attached to an entire gateway and the mergeGateways feature
// is turned on, validate that all the listeners affected by this policy originated
// from the same Gateway resource. The name of the Gateway from which this listener
// originated is part of the listener's name by construction.
gatewayName := irListenerName[0:strings.LastIndex(irListenerName, "/")]
conflictingListeners := []string{}
for _, currName := range sameListeners {
Expand All @@ -341,6 +347,8 @@ func validatePortOverlapForClientTrafficPolicy(l *ListenerContext, xds *ir.Xds,
return fmt.Errorf("affects additional listeners: %s", strings.Join(conflictingListeners, ", "))
}
} else {
// If this policy is attached to a specific listener, any other listeners in the list
// would be affected by this policy but should not be, so this policy can't be accepted.
return fmt.Errorf("affects additional listeners: %s", strings.Join(sameListeners, ", "))
}
}
Expand Down

0 comments on commit bc70ce9

Please sign in to comment.