-
Notifications
You must be signed in to change notification settings - Fork 591
/
l4route_atc.go
36 lines (29 loc) · 1.6 KB
/
l4route_atc.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
package translators
import (
"github.com/samber/lo"
"github.com/kong/kubernetes-ingress-controller/v2/internal/dataplane/kongstate"
"github.com/kong/kubernetes-ingress-controller/v2/internal/dataplane/parser/atc"
)
// ApplyExpressionToL4KongRoute convert route flavor from traditional to expressions
// against protocols, snis and dest ports.
func ApplyExpressionToL4KongRoute(r *kongstate.Route) {
matchers := []atc.Matcher{}
sniMatcher := sniMatcherFromSNIs(lo.Map(r.Route.SNIs, func(item *string, _ int) string { return *item }))
matchers = append(matchers, sniMatcher)
// TODO(rodman10): replace with helper function.
portMatchers := make([]atc.Matcher, 0, len(r.Destinations))
// (and (or sources) (or destinations))
// Kong route sources and destinations support IP criteria, but Gateway API routes do not (Listeners apply to all IPs
// assigned to a Gateway) and neither do our TCPIngress and UDPIngress CRs (we simply never added an IP field).
// If we multiplex multiple Gateways (with different assigned IPs) onto a single Kong instance, we would need to add
// IP criteria for full compliance. We already break this rule for HTTP Listeners, since Kong HTTP routes do not
// support sources and destinations.
//
// Neither GWAPI Routes nor TCP/UDPIngress support sources either, so this only adds destinations.
for _, dst := range r.Destinations {
portMatchers = append(portMatchers, atc.NewPredicate(atc.FieldNetDstPort, atc.OpEqual, atc.IntLiteral(*dst.Port)))
}
matchers = append(matchers, atc.Or(portMatchers...))
r.ExpressionRoutes = true
atc.ApplyExpression(&r.Route, atc.And(matchers...), 1)
}