Collapse informer event handlers into the informer collection. (openservicemesh#4953)

This contains changes to the events.PubSubMessage to split the type
and kind into the k8s object, and update/delete/added methods.

This allows the informer to dynamically infer each message type.

Signed-off-by: Sean Teeling <[email protected]>

Author: steeling

cmd/osm-controller/osm-controller.go

@@ -257,7 +257,7 @@ func main() {
 	}
 
 	// Create and start the ADS gRPC service
-	xdsServer := ads.NewADSServer(meshCatalog, proxyRegistry, cfg.IsDebugServerEnabled(), osmNamespace, cfg, certManager, k8sClient, msgBroker)
+	xdsServer := ads.NewADSServer(meshCatalog, proxyRegistry, cfg.GetMeshConfig().Spec.Observability.EnableDebugServer, osmNamespace, cfg, certManager, k8sClient, msgBroker)
 	if err := xdsServer.Start(ctx, cancel, constants.ADSServerPort, adsCert); err != nil {
 		events.GenericEventRecorder().FatalEvent(err, events.InitializationError, "Error initializing ADS server")
 	}

pkg/catalog/egress.go

@@ -27,7 +27,7 @@ const (
 
 // GetEgressTrafficPolicy returns the Egress traffic policy associated with the given service identity
 func (mc *MeshCatalog) GetEgressTrafficPolicy(serviceIdentity identity.ServiceIdentity) (*trafficpolicy.EgressTrafficPolicy, error) {
-	if !mc.configurator.GetFeatureFlags().EnableEgressPolicy {
+	if !mc.configurator.GetMeshConfig().Spec.FeatureFlags.EnableEgressPolicy {
 		return nil, nil
 	}
 

pkg/catalog/egress_test.go

@@ -452,7 +452,11 @@ func TestGetEgressTrafficPolicy(t *testing.T) {
 				policyController: mockPolicyController,
 			}
 
-			mockCfg.EXPECT().GetFeatureFlags().Return(configv1alpha2.FeatureFlags{EnableEgressPolicy: true}).Times(1)
+			mockCfg.EXPECT().GetMeshConfig().Return(configv1alpha2.MeshConfig{
+				Spec: configv1alpha2.MeshConfigSpec{
+					FeatureFlags: configv1alpha2.FeatureFlags{EnableEgressPolicy: true},
+				},
+			}).Times(1)
 
 			actual, err := mc.GetEgressTrafficPolicy(testSourceIdentity)
 			assert.Equal(tc.expectError, err != nil)

pkg/catalog/endpoint.go

@@ -14,7 +14,7 @@ func (mc *MeshCatalog) ListAllowedUpstreamEndpointsForService(downstreamIdentity
 		return nil
 	}
 
-	if mc.configurator.IsPermissiveTrafficPolicyMode() {
+	if mc.configurator.GetMeshConfig().Spec.Traffic.EnablePermissiveTrafficPolicyMode {
 		return outboundEndpoints
 	}
 

pkg/catalog/endpoint_test.go

@@ -13,6 +13,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	testclient "k8s.io/client-go/kubernetes/fake"
 
+	"github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
 	"github.com/openservicemesh/osm/pkg/compute"
 	"github.com/openservicemesh/osm/pkg/configurator"
 	"github.com/openservicemesh/osm/pkg/constants"
@@ -150,7 +151,13 @@ func TestListAllowedUpstreamEndpointsForService(t *testing.T) {
 				configurator:   mockConfigurator,
 			}
 
-			mockConfigurator.EXPECT().IsPermissiveTrafficPolicyMode().Return(tc.permissiveMode).AnyTimes()
+			mockConfigurator.EXPECT().GetMeshConfig().Return(v1alpha2.MeshConfig{
+				Spec: v1alpha2.MeshConfigSpec{
+					Traffic: v1alpha2.TrafficSpec{
+						EnablePermissiveTrafficPolicyMode: tc.permissiveMode,
+					},
+				},
+			}).AnyTimes()
 
 			for svc, endpoints := range tc.outboundServiceEndpoints {
 				mockProvider.EXPECT().ListEndpointsForService(svc).Return(endpoints).AnyTimes()

pkg/catalog/helpers_test.go

@@ -13,6 +13,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	testclient "k8s.io/client-go/kubernetes/fake"
 
+	"github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
 	tresorFake "github.com/openservicemesh/osm/pkg/certificate/providers/tresor/fake"
 	kubeFake "github.com/openservicemesh/osm/pkg/compute/kube/fake"
 	"github.com/openservicemesh/osm/pkg/configurator"
@@ -124,8 +125,13 @@ func newFakeMeshCatalogForRoutes(t *testing.T, testParams testParams) *MeshCatal
 	mockKubeController.EXPECT().IsMonitoredNamespace(tests.BookbuyerService.Namespace).Return(true).AnyTimes()
 	mockKubeController.EXPECT().ListMonitoredNamespaces().Return(listExpectedNs, nil).AnyTimes()
 
-	mockConfigurator.EXPECT().IsPermissiveTrafficPolicyMode().Return(testParams.permissiveMode).AnyTimes()
-	mockConfigurator.EXPECT().GetConfigResyncInterval().Return(time.Duration(0)).AnyTimes()
+	mockConfigurator.EXPECT().GetMeshConfig().Return(v1alpha2.MeshConfig{
+		Spec: v1alpha2.MeshConfigSpec{
+			Traffic: v1alpha2.TrafficSpec{
+				EnablePermissiveTrafficPolicyMode: testParams.permissiveMode,
+			},
+		},
+	}).AnyTimes()
 
 	mockMeshSpec.EXPECT().ListTrafficTargets().Return([]*access.TrafficTarget{&tests.TrafficTarget, &tests.BookstoreV2TrafficTarget}).AnyTimes()
 	mockMeshSpec.EXPECT().ListHTTPTrafficSpecs().Return([]*specs.HTTPRouteGroup{&tests.HTTPRouteGroup}).AnyTimes()

pkg/catalog/inbound_traffic_policies.go

@@ -32,7 +32,7 @@ func (mc *MeshCatalog) GetInboundMeshTrafficPolicy(upstreamIdentity identity.Ser
 	var trafficTargets []*access.TrafficTarget
 	routeConfigPerPort := make(map[int][]*trafficpolicy.InboundTrafficPolicy)
 
-	permissiveMode := mc.configurator.IsPermissiveTrafficPolicyMode()
+	permissiveMode := mc.configurator.GetMeshConfig().Spec.Traffic.EnablePermissiveTrafficPolicyMode
 	if !permissiveMode {
 		// Pre-computing the list of TrafficTarget optimizes to avoid repeated
 		// cache lookups for each upstream service.

pkg/catalog/inbound_traffic_policies_test.go

@@ -15,6 +15,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+	"github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
 	policyv1alpha1 "github.com/openservicemesh/osm/pkg/apis/policy/v1alpha1"
 	tresorFake "github.com/openservicemesh/osm/pkg/certificate/providers/tresor/fake"
 	"github.com/openservicemesh/osm/pkg/constants"
@@ -2170,7 +2171,13 @@ func TestGetInboundMeshTrafficPolicy(t *testing.T) {
 			}
 
 			mockPolicyController.EXPECT().GetUpstreamTrafficSetting(gomock.Any()).Return(tc.upstreamTrafficSetting).AnyTimes()
-			mockCfg.EXPECT().IsPermissiveTrafficPolicyMode().Return(tc.permissiveMode)
+			mockCfg.EXPECT().GetMeshConfig().Return(v1alpha2.MeshConfig{
+				Spec: v1alpha2.MeshConfigSpec{
+					Traffic: v1alpha2.TrafficSpec{
+						EnablePermissiveTrafficPolicyMode: tc.permissiveMode,
+					},
+				},
+			}).AnyTimes()
 			mockMeshSpec.EXPECT().ListTrafficTargets(gomock.Any()).Return(tc.trafficTargets).AnyTimes()
 			mockMeshSpec.EXPECT().ListHTTPTrafficSpecs().Return(tc.httpRouteGroups).AnyTimes()
 			tc.prepare(mockMeshSpec, tc.trafficSplits)

pkg/catalog/outbound_traffic_policies.go

@@ -53,7 +53,7 @@ func (mc *MeshCatalog) GetOutboundMeshTrafficPolicy(downstreamIdentity identity.
 		clusterConfigForServicePort := &trafficpolicy.MeshClusterConfig{
 			Name:                          meshSvc.EnvoyClusterName(),
 			Service:                       meshSvc,
-			EnableEnvoyActiveHealthChecks: mc.configurator.GetFeatureFlags().EnableEnvoyActiveHealthChecks,
+			EnableEnvoyActiveHealthChecks: mc.configurator.GetMeshConfig().Spec.FeatureFlags.EnableEnvoyActiveHealthChecks,
 			UpstreamTrafficSetting: mc.policyController.GetUpstreamTrafficSetting(
 				policy.UpstreamTrafficSettingGetOpt{MeshService: &meshSvc}),
 		}
@@ -144,7 +144,7 @@ func (mc *MeshCatalog) GetOutboundMeshTrafficPolicy(downstreamIdentity identity.
 // ListOutboundServicesForIdentity list the services the given service account is allowed to initiate outbound connections to
 // Note: ServiceIdentity must be in the format "name.namespace" [https://github.com/openservicemesh/osm/issues/3188]
 func (mc *MeshCatalog) ListOutboundServicesForIdentity(serviceIdentity identity.ServiceIdentity) []service.MeshService {
-	if mc.configurator.IsPermissiveTrafficPolicyMode() {
+	if mc.configurator.GetMeshConfig().Spec.Traffic.EnablePermissiveTrafficPolicyMode {
 		return mc.ListServices()
 	}
 

pkg/catalog/outbound_traffic_policies_test.go

@@ -12,7 +12,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 
-	configv1alpha2 "github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
+	"github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
 	policyv1alpha1 "github.com/openservicemesh/osm/pkg/apis/policy/v1alpha1"
 	"github.com/openservicemesh/osm/pkg/compute"
 	"github.com/openservicemesh/osm/pkg/compute/kube"
@@ -594,8 +594,14 @@ func TestGetOutboundMeshTrafficPolicy(t *testing.T) {
 			}
 
 			// Mock calls to k8s client caches
-			mockCfg.EXPECT().IsPermissiveTrafficPolicyMode().Return(tc.permissiveMode).AnyTimes()
-			mockCfg.EXPECT().GetFeatureFlags().Return(configv1alpha2.FeatureFlags{}).AnyTimes()
+			mockCfg.EXPECT().GetMeshConfig().Return(v1alpha2.MeshConfig{
+				Spec: v1alpha2.MeshConfigSpec{
+					Traffic: v1alpha2.TrafficSpec{
+						EnablePermissiveTrafficPolicyMode: tc.permissiveMode,
+					},
+				},
+			}).AnyTimes()
+
 			mockProvider.EXPECT().ListServices().Return(allMeshServices).AnyTimes()
 			mockMeshSpec.EXPECT().ListTrafficTargets().Return(trafficTargets).AnyTimes()
 			// Mock conditional traffic split for service

pkg/catalog/retry.go

@@ -9,7 +9,7 @@ import (
 // getRetryPolicy returns the RetryPolicySpec for the given downstream identity and upstream service
 // TODO: Add support for wildcard destinations
 func (mc *MeshCatalog) getRetryPolicy(downstreamIdentity identity.ServiceIdentity, upstreamSvc service.MeshService) *v1alpha1.RetryPolicySpec {
-	if !mc.configurator.GetFeatureFlags().EnableRetryPolicy {
+	if !mc.configurator.GetMeshConfig().Spec.FeatureFlags.EnableRetryPolicy {
 		log.Trace().Msgf("Retry policy flag not enabled")
 		return nil
 	}

pkg/catalog/retry_test.go

@@ -231,7 +231,13 @@ func TestGetRetryPolicy(t *testing.T) {
 		t.Run(tc.name, func(t *testing.T) {
 			assert := tassert.New(t)
 
-			mockCfg.EXPECT().GetFeatureFlags().Return(v1alpha2.FeatureFlags{EnableRetryPolicy: tc.retryPolicyFlag}).Times(1)
+			mockCfg.EXPECT().GetMeshConfig().Return(
+				v1alpha2.MeshConfig{
+					Spec: v1alpha2.MeshConfigSpec{
+						FeatureFlags: v1alpha2.FeatureFlags{EnableRetryPolicy: tc.retryPolicyFlag},
+					},
+				},
+			).AnyTimes()
 			mockPolicyController.EXPECT().ListRetryPolicies(gomock.Any()).Return(tc.retryCRDs).Times(1)
 
 			res := mc.getRetryPolicy(retrySrc, tc.destSvc)

pkg/catalog/traffictarget.go

@@ -29,7 +29,7 @@ func (mc *MeshCatalog) ListOutboundServiceIdentities(downstream identity.Service
 func (mc *MeshCatalog) ListInboundTrafficTargetsWithRoutes(upstream identity.ServiceIdentity) ([]trafficpolicy.TrafficTargetWithRoutes, error) {
 	var trafficTargets []trafficpolicy.TrafficTargetWithRoutes
 
-	if mc.configurator.IsPermissiveTrafficPolicyMode() {
+	if mc.configurator.GetMeshConfig().Spec.Traffic.EnablePermissiveTrafficPolicyMode {
 		return nil, nil
 	}
 

pkg/catalog/traffictarget_test.go

@@ -849,8 +849,7 @@ func TestListInboundTrafficTargetsWithRoutes(t *testing.T) {
 				meshSpec:     mockMeshSpec,
 				configurator: mockCfg,
 			}
-
-			mockCfg.EXPECT().IsPermissiveTrafficPolicyMode().Return(false).AnyTimes()
+			mockCfg.EXPECT().GetMeshConfig().AnyTimes()
 
 			// Mock TrafficTargets returned by MeshSpec, should return all TrafficTargets relevant for this test
 			mockMeshSpec.EXPECT().ListTrafficTargets().Return(tc.trafficTargets).AnyTimes()

pkg/certificate/providers/certmanager/certificate_manager_test.go

@@ -4,7 +4,6 @@ import (
 	"crypto/rand"
 	"crypto/x509"
 	"testing"
-	"time"
 
 	tassert "github.com/stretchr/testify/assert"
 
@@ -33,8 +32,7 @@ var (
 )
 
 const (
-	validity = 1 * time.Hour
-	keySize  = 2048
+	keySize = 2048
 )
 
 func TestCertificateFromCertificateRequest(t *testing.T) {
@@ -53,7 +51,7 @@ func TestCertificateFromCertificateRequest(t *testing.T) {
 	rootKey, err := certificate.DecodePEMPrivateKey(rootKeyPEM)
 	assert.Nil(err)
 
-	mockConfigurator.EXPECT().GetServiceCertValidityPeriod().Return(validity).AnyTimes()
+	mockConfigurator.EXPECT().GetMeshConfig().AnyTimes()
 
 	cm, err := New(
 		fakeClient,

pkg/certificate/providers/config.go

@@ -24,6 +24,7 @@ import (
 	"github.com/openservicemesh/osm/pkg/constants"
 	"github.com/openservicemesh/osm/pkg/k8s/informers"
 	"github.com/openservicemesh/osm/pkg/messaging"
+	"github.com/openservicemesh/osm/pkg/utils"
 )
 
 const (
@@ -54,7 +55,7 @@ func NewCertificateManager(ctx context.Context, kubeClient kubernetes.Interface,
 		MRCProviderGenerator: MRCProviderGenerator{
 			kubeClient:      kubeClient,
 			kubeConfig:      kubeConfig,
-			KeyBitSize:      cfg.GetCertKeyBitSize(),
+			KeyBitSize:      utils.GetCertKeyBitSize(cfg.GetMeshConfig()),
 			caExtractorFunc: getCA,
 		},
 		mrc: &v1alpha2.MeshRootCertificate{
@@ -76,7 +77,13 @@ func NewCertificateManager(ctx context.Context, kubeClient kubernetes.Interface,
 		mrcClient.MRCProviderGenerator.DefaultVaultToken = vaultOption.VaultToken
 	}
 
-	return certificate.NewManager(ctx, mrcClient, cfg.GetServiceCertValidityPeriod, cfg.GetIngressGatewayCertValidityPeriod, checkInterval)
+	return certificate.NewManager(
+		ctx,
+		mrcClient,
+		func() time.Duration { return utils.GetServiceCertValidityPeriod(cfg.GetMeshConfig()) },
+		func() time.Duration { return utils.GetIngressGatewayCertValidityPeriod(cfg.GetMeshConfig()) },
+		checkInterval,
+	)
 }
 
 // NewCertificateManagerFromMRC returns a new certificate manager.
@@ -90,7 +97,7 @@ func NewCertificateManagerFromMRC(ctx context.Context, kubeClient kubernetes.Int
 		MRCProviderGenerator: MRCProviderGenerator{
 			kubeClient:      kubeClient,
 			kubeConfig:      kubeConfig,
-			KeyBitSize:      cfg.GetCertKeyBitSize(),
+			KeyBitSize:      utils.GetCertKeyBitSize(cfg.GetMeshConfig()),
 			caExtractorFunc: getCA,
 		},
 		informerCollection: ic,
@@ -100,7 +107,13 @@ func NewCertificateManagerFromMRC(ctx context.Context, kubeClient kubernetes.Int
 		mrcClient.MRCProviderGenerator.DefaultVaultToken = vaultOption.VaultToken
 	}
 
-	return certificate.NewManager(ctx, mrcClient, cfg.GetServiceCertValidityPeriod, cfg.GetIngressGatewayCertValidityPeriod, checkInterval)
+	return certificate.NewManager(
+		ctx,
+		mrcClient,
+		func() time.Duration { return utils.GetServiceCertValidityPeriod(cfg.GetMeshConfig()) },
+		func() time.Duration { return utils.GetIngressGatewayCertValidityPeriod(cfg.GetMeshConfig()) },
+		checkInterval,
+	)
 }
 
 // GetCertIssuerForMRC returns a certificate.Issuer generated from the provided MRC.

pkg/certificate/providers/config_test.go

@@ -30,10 +30,8 @@ import (
 func TestGetCertificateManager(t *testing.T) {
 	mockCtrl := gomock.NewController(t)
 	mockConfigurator := configurator.NewMockConfigurator(mockCtrl)
+	mockConfigurator.EXPECT().GetMeshConfig().AnyTimes()
 
-	mockConfigurator.EXPECT().IsDebugServerEnabled().Return(false).AnyTimes()
-	mockConfigurator.EXPECT().GetCertKeyBitSize().Return(2048).AnyTimes()
-	mockConfigurator.EXPECT().GetServiceCertValidityPeriod().Return(1 * time.Hour).AnyTimes()
 	type testCase struct {
 		name        string
 		expectError bool
@@ -163,10 +161,7 @@ func TestGetCertificateManager(t *testing.T) {
 func TestGetCertificateManagerFromMRC(t *testing.T) {
 	mockCtrl := gomock.NewController(t)
 	mockConfigurator := configurator.NewMockConfigurator(mockCtrl)
-
-	mockConfigurator.EXPECT().IsDebugServerEnabled().Return(false).AnyTimes()
-	mockConfigurator.EXPECT().GetCertKeyBitSize().Return(2048).AnyTimes()
-	mockConfigurator.EXPECT().GetServiceCertValidityPeriod().Return(1 * time.Hour).AnyTimes()
+	mockConfigurator.EXPECT().GetMeshConfig().AnyTimes()
 
 	type testCase struct {
 		name        string

pkg/configurator/client.go

@@ -84,8 +84,20 @@ func (c *Client) metricsHandler() cache.ResourceEventHandlerFuncs {
 			// Ensure metrics reflect however the rest of the control plane
 			// handles when the MeshConfig doesn't exist. If this happens not to
 			// be the "real" MeshConfig, handleMetrics() will simply ignore it.
-			config.Spec.FeatureFlags = c.GetFeatureFlags()
+			config.Spec.FeatureFlags = c.GetMeshConfig().Spec.FeatureFlags
 			handleMetrics(config)
 		},
 	}
 }
+
+// The functions in this file implement the configurator.Configurator interface
+
+// GetMeshConfig returns the MeshConfig resource corresponding to the control plane
+func (c *Client) GetMeshConfig() configv1alpha2.MeshConfig {
+	return c.getMeshConfig()
+}
+
+// GetOSMNamespace returns the namespace in which the OSM controller pod resides.
+func (c *Client) GetOSMNamespace() string {
+	return c.osmNamespace
+}

pkg/configurator/client_test.go

@@ -4,13 +4,13 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	tassert "github.com/stretchr/testify/assert"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+	configv1alpha2 "github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
 	fakeConfig "github.com/openservicemesh/osm/pkg/gen/client/config/clientset/versioned/fake"
 	"github.com/openservicemesh/osm/pkg/k8s/informers"
 	"github.com/openservicemesh/osm/pkg/metricsstore"
-
-	configv1alpha2 "github.com/openservicemesh/osm/pkg/apis/config/v1alpha2"
 )
 
 const (
@@ -99,3 +99,13 @@ func TestMetricsHandler(t *testing.T) {
 	a.True(metricsstore.DefaultMetricsStore.Contains(`osm_feature_flag_enabled{feature_flag="enableRetryPolicy"} 0` + "\n"))
 	a.True(metricsstore.DefaultMetricsStore.Contains(`osm_feature_flag_enabled{feature_flag="enableSnapshotCacheMode"} 0` + "\n"))
 }
+
+func TestGetMeshConfigCacheKey(t *testing.T) {
+	c := Client{
+		meshConfigName: "configName",
+		osmNamespace:   "namespaceName",
+	}
+	expected := "namespaceName/configName"
+	actual := c.getMeshConfigCacheKey()
+	tassert.Equal(t, expected, actual)
+}