Reconcile authorino spec from kuadrant CR

api/v1beta1/kuadrant_types.go

@@ -35,14 +35,25 @@ type KuadrantSpec struct {
 
 type AuthorinoSpec struct {
 	EvaluatorCacheSize *int                          `json:"evaluatorCacheSize,omitempty"`
-	Listener           *authorinov1beta1.Listener    `json:"listener,omitempty"`
+	Listener           *AuthorinoListener            `json:"listener,omitempty"`
 	Metrics            *authorinov1beta1.Metrics     `json:"metrics,omitempty"`
 	OIDCServer         *authorinov1beta1.OIDCServer  `json:"oidcServer,omitempty"`
 	Replicas           *int32                        `json:"replicas,omitempty"`
 	Tracing            *authorinov1beta1.Tracing     `json:"tracing,omitempty"`
 	Volumes            *authorinov1beta1.VolumesSpec `json:"volumes,omitempty"`
 }
 
+type AuthorinoListener struct {
+	// Port numbers of the GRPC and HTTP auth interfaces.
+	Ports *authorinov1beta1.Ports `json:"ports,omitempty"`
+	// TLS configuration of the auth service (GRPC and HTTP interfaces).
+	Tls *authorinov1beta1.Tls `json:"tls"`
+	// Timeout of the auth service (GRPC and HTTP interfaces), in milliseconds.
+	Timeout *int `json:"timeout,omitempty"`
+	// Maximum payload (request body) size for the auth service (HTTP interface), in bytes.
+	MaxHttpRequestBodySize *int `json:"maxHttpRequestBodySize,omitempty"`
+}
+
 // KuadrantStatus defines the observed state of Kuadrant
 type KuadrantStatus struct {
 	// ObservedGeneration reflects the generation of the most recently observed spec.

config/crd/bases/kuadrant.io_kuadrants.yaml

@@ -53,11 +53,6 @@ spec:
                         description: Maximum payload (request body) size for the auth
                           service (HTTP interface), in bytes.
                         type: integer
-                      port:
-                        description: 'Port number of the GRPC interface. DEPRECATED:
-                          use ''ports.grpc'' instead.'
-                        format: int32
-                        type: integer
                       ports:
                         description: Port numbers of the GRPC and HTTP auth interfaces.
                         properties:

controllers/kuadrant_controller.go

@@ -19,7 +19,7 @@ package controllers
 import (
 	"context"
 	"encoding/json"
-
+	"github.com/kuadrant/kuadrant-operator/pkg/kuadranttools"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/utils/env"
 
@@ -493,38 +493,71 @@ func (r *KuadrantReconciler) reconcileLimitador(ctx context.Context, kObj *kuadr
 }
 
 func (r *KuadrantReconciler) reconcileAuthorino(ctx context.Context, kObj *kuadrantv1beta1.Kuadrant) error {
-	tmpFalse := false
-	authorino := &authorinov1beta1.Authorino{
-		TypeMeta: metav1.TypeMeta{
-			Kind:       "Authorino",
-			APIVersion: "operator.authorino.kuadrant.io/v1beta1",
-		},
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "authorino",
-			Namespace: kObj.Namespace,
-		},
-		Spec: authorinov1beta1.AuthorinoSpec{
-			ClusterWide:            true,
-			SupersedingHostSubsets: true,
-			Listener: authorinov1beta1.Listener{
-				Tls: authorinov1beta1.Tls{
-					Enabled: &tmpFalse,
+	authorinoKey := client.ObjectKey{Name: common.AuthorinoName, Namespace: kObj.Namespace}
+	authorino := &authorinov1beta1.Authorino{}
+	err := r.Client().Get(ctx, authorinoKey, authorino)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			tmpFalse := false
+			authorino = &authorinov1beta1.Authorino{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "Authorino",
+					APIVersion: "operator.authorino.kuadrant.io/v1beta1",
 				},
-			},
-			OIDCServer: authorinov1beta1.OIDCServer{
-				Tls: authorinov1beta1.Tls{
-					Enabled: &tmpFalse,
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      common.AuthorinoName,
+					Namespace: kObj.Namespace,
 				},
-			},
-		},
+				Spec: authorinov1beta1.AuthorinoSpec{
+					ClusterWide:            true,
+					SupersedingHostSubsets: true,
+					Listener: authorinov1beta1.Listener{
+						Tls: authorinov1beta1.Tls{
+							Enabled: &tmpFalse,
+						},
+					},
+					OIDCServer: authorinov1beta1.OIDCServer{
+						Tls: authorinov1beta1.Tls{
+							Enabled: &tmpFalse,
+						},
+					},
+				},
+			}
+		} else {
+			return err
+		}
+	}
+
+	if kObj.Spec.Authorino != nil {
+		if kObj.Spec.Authorino.EvaluatorCacheSize != nil {
+			authorino.Spec.EvaluatorCacheSize = kObj.Spec.Authorino.EvaluatorCacheSize
+		}
+		if kObj.Spec.Authorino.Metrics != nil {
+			authorino.Spec.Metrics = *kObj.Spec.Authorino.Metrics
+		}
+		if kObj.Spec.Authorino.Replicas != nil {
+			authorino.Spec.Replicas = kObj.Spec.Authorino.Replicas
+		}
+		if kObj.Spec.Authorino.Tracing != nil {
+			authorino.Spec.Tracing = *kObj.Spec.Authorino.Tracing
+		}
+		if kObj.Spec.Authorino.OIDCServer != nil {
+			authorino.Spec.OIDCServer = *kObj.Spec.Authorino.OIDCServer
+		}
+		if kObj.Spec.Authorino.Listener != nil {
+			authorino.Spec.Listener = kuadranttools.MapListenerSpec(&authorino.Spec.Listener, *kObj.Spec.Authorino.Listener)
+		}
+		if kObj.Spec.Authorino.Volumes != nil {
+			authorino.Spec.Volumes = *kObj.Spec.Authorino.Volumes
+		}
 	}
 
-	err := r.SetOwnerReference(kObj, authorino)
+	err = r.SetOwnerReference(kObj, authorino)
 	if err != nil {
 		return err
 	}
 
-	return r.ReconcileResource(ctx, &authorinov1beta1.Authorino{}, authorino, reconcilers.CreateOnlyMutator)
+	return r.ReconcileResource(ctx, &authorinov1beta1.Authorino{}, authorino, kuadranttools.AuthorinoMutator)
 }
 
 // SetupWithManager sets up the controller with the Manager.

pkg/common/common.go

@@ -36,6 +36,7 @@ const (
 	KuadrantNamespaceLabel             = "kuadrant.io/namespace"
 	NamespaceSeparator                 = '/'
 	LimitadorName                      = "limitador"
+	AuthorinoName                      = "authorino"
 )
 
 type KuadrantPolicy interface {

pkg/kuadranttools/authorino_tools.go

@@ -0,0 +1,70 @@
+package kuadranttools
+
+import (
+	"fmt"
+	authorinov1beta1 "github.com/kuadrant/authorino-operator/api/v1beta1"
+	"github.com/kuadrant/kuadrant-operator/api/v1beta1"
+	"reflect"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+func AuthorinoMutator(existingObj, desiredObj client.Object) (bool, error) {
+	update := false
+	existing, ok := existingObj.(*authorinov1beta1.Authorino)
+	if !ok {
+		return false, fmt.Errorf("existingObj %T is not a *authorinoauthorinov1beta1.Authorino", existingObj)
+	}
+	desired, ok := desiredObj.(*authorinov1beta1.Authorino)
+	if !ok {
+		return false, fmt.Errorf("desiredObj %T is not a *authorinoauthorinov1beta1.Authorino", desiredObj)
+	}
+
+	existingSpec := authorinoSpecSubSet(existing.Spec)
+	desiredSpec := authorinoSpecSubSet(desired.Spec)
+
+	if !reflect.DeepEqual(existingSpec, desiredSpec) {
+		update = true
+		existing.Spec.EvaluatorCacheSize = desiredSpec.EvaluatorCacheSize
+		existing.Spec.Listener = desiredSpec.Listener
+		existing.Spec.Metrics = desiredSpec.Metrics
+		existing.Spec.OIDCServer = desiredSpec.OIDCServer
+		existing.Spec.Replicas = desiredSpec.Replicas
+		existing.Spec.Tracing = desiredSpec.Tracing
+		existing.Spec.Volumes = desiredSpec.Volumes
+	}
+	return update, nil
+}
+
+func authorinoSpecSubSet(spec authorinov1beta1.AuthorinoSpec) authorinov1beta1.AuthorinoSpec {
+	out := authorinov1beta1.AuthorinoSpec{}
+
+	out.EvaluatorCacheSize = spec.EvaluatorCacheSize
+	out.Listener = spec.Listener
+	out.Metrics = spec.Metrics
+	out.OIDCServer = spec.OIDCServer
+	out.Replicas = spec.Replicas
+	out.Tracing = spec.Tracing
+	out.Volumes = spec.Volumes
+
+	return out
+}
+
+func MapListenerSpec(listener *authorinov1beta1.Listener, spec v1beta1.AuthorinoListener) authorinov1beta1.Listener {
+	out := authorinov1beta1.Listener{}
+	if listener != nil {
+		out = *listener
+	}
+	if spec.Ports != nil {
+		out.Ports = *spec.Ports
+	}
+	if spec.Tls != nil {
+		out.Tls = *spec.Tls
+	}
+	if spec.Timeout != nil {
+		out.Timeout = spec.Timeout
+	}
+	if spec.MaxHttpRequestBodySize != nil {
+		out.MaxHttpRequestBodySize = spec.MaxHttpRequestBodySize
+	}
+	return out
+}