fix(kuma-cp): skip creating MeshGateways without proper attachmenet

[jakubdyszkiewicz]

Summary

In http route controller we convert API Gateway's HTTPRoute to Kuma's MeshGatewayRoute.

HTTP route looks like this

apiVersion: gateway.networking.k8s.io/v1alpha2
kind: HTTPRoute
metadata:
  name: echo
  namespace: kuma-demo
spec:
  parentRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: kuma
  rules:
  - backendRefs:
    - group: ""
      kind: Service
      name: demo-app
      port: 5000
      weight: 1
    matches:
    - path:
        type: PathPrefix
        value: /

We can only consider HTTPRoute valid if it has a valid parentsRef. See case attachment.Allowed: in this file.

The problem was that I used this HTTPRoute with this Gateway

apiVersion: gateway.networking.k8s.io/v1alpha2
kind: Gateway
metadata:
  name: kuma
  namespace: default
spec:
  gatewayClassName: kuma
  listeners:
  - name: proxy
    port: 8080
    protocol: HTTP

HTTPRoute cannot be attached to this Gateway because it's in different namespace. The attachment was computed correctly case attachment.NotPermitted:. However, we successfully converted MeshGatewayRoute anyways, but without selectors. Then, we were trying to create it which resulted in error because we have static validators on empty selectors in MeshGatewayRoute.

Solution?
Only convert when there is an attachment - an extra if I added

Bonus notes:
To reference HTTPRoute cross namespace I had to add this

apiVersion: gateway.networking.k8s.io/v1alpha2
kind: Gateway
metadata:
  name: kuma
  namespace: default
spec:
  gatewayClassName: kuma
  listeners:
  - name: proxy
    port: 8080
    protocol: HTTP
    allowedRoutes: # <- this
      namespaces:
        from: All

Issues resolved

No issues reported. I noticed this when I was testing Gateway API.

Documentation

No docs.

Testing

No tests yet as this is bigger story for Gateway API :(

• Unit tests
• E2E tests
• Manual testing on Universal
• Manual testing on Kubernetes

Backwards compatibility

- [ ] Update UPGRADE.md with any steps users will need to take when upgrading.
- [ ] Add backport-to-stable label if the code follows our backporting policy

Changelog: fix(gateway): skip creating MeshGateways without proper attachment

[codecov-commenter]

Codecov Report

Merging #4011 (5b7b5c8) into master (ccf957b) will decrease coverage by 0.03%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##           master    #4011      +/-   ##
==========================================
- Coverage   56.03%   56.00%   -0.04%     
==========================================
  Files         919      919              
  Lines       55097    55097              
==========================================
- Hits        30875    30858      -17     
- Misses      21782    21797      +15     
- Partials     2440     2442       +2     

Impacted Files	Coverage Δ
...8s/controllers/gatewayapi/http_route_controller.go	0.00% <0.00%> (ø)
pkg/core/resources/store/customizable_store.go	55.55% <0.00%> (-22.23%)	⬇️
pkg/core/runtime/component/component.go	81.13% <0.00%> (-7.55%)	⬇️
pkg/core/tokens/default_signing_key.go	66.66% <0.00%> (-5.56%)	⬇️
pkg/kds/reconcile/reconciler.go	79.48% <0.00%> (-5.13%)	⬇️
...s/authn/api-server/tokens/admin_token_bootstrap.go	78.00% <0.00%> (-4.00%)	⬇️
pkg/mads/server/server.go	82.40% <0.00%> (-2.78%)	⬇️
pkg/core/resources/manager/cache.go	83.11% <0.00%> (-2.60%)	⬇️
pkg/defaults/components.go	88.88% <0.00%> (+3.70%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ec67368...5b7b5c8. Read the comment docs.