Add SnippetsPolicy generator and validation logic

Author: fabian4

internal/controller/nginx/config/base_http_config.go

@@ -5,6 +5,7 @@ import (
 	"net"
 	gotemplate "text/template"
 
+	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/shared"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/state/dataplane"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/framework/helpers"
@@ -28,9 +29,18 @@ type httpConfig struct {
 	HTTP2                   bool
 }
 
-func executeBaseHTTPConfig(conf dataplane.Configuration) []executeResult {
+func newExecuteBaseHTTPConfigFunc(generator policies.Generator) executeFunc {
+	return func(conf dataplane.Configuration) []executeResult {
+		return executeBaseHTTPConfig(conf, generator)
+	}
+}
+
+func executeBaseHTTPConfig(conf dataplane.Configuration, generator policies.Generator) []executeResult {
 	includes := createIncludesFromSnippets(conf.BaseHTTPConfig.Snippets)
 
+	policyIncludes := createIncludesFromPolicyGenerateResult(generator.GenerateForHTTP(conf.Policies))
+	includes = append(includes, policyIncludes...)
+
 	hc := httpConfig{
 		HTTP2:                   conf.BaseHTTPConfig.HTTP2,
 		Includes:                includes,

internal/controller/nginx/config/base_http_config_test.go

@@ -8,6 +8,7 @@ import (
 
 	. "github.com/onsi/gomega"
 
+	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies/policiesfakes"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/state/dataplane"
 )
 
@@ -69,7 +70,7 @@ func TestLoggingSettingsTemplate(t *testing.T) {
 				Logging: dataplane.Logging{AccessLog: tt.accessLog},
 			}
 
-			res := executeBaseHTTPConfig(conf)
+			res := executeBaseHTTPConfig(conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 			httpConfig := string(res[0].data)
 			for _, expectedOutput := range tt.expectedOutputs {
@@ -120,7 +121,7 @@ func TestExecuteBaseHttp_HTTP2(t *testing.T) {
 			t.Parallel()
 			g := NewWithT(t)
 
-			res := executeBaseHTTPConfig(test.conf)
+			res := executeBaseHTTPConfig(test.conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 			g.Expect(test.expCount).To(Equal(strings.Count(string(res[0].data), expSubStr)))
 			g.Expect(strings.Count(string(res[0].data), "map $http_host $gw_api_compliant_host {")).To(Equal(1))
@@ -150,7 +151,7 @@ func TestExecuteBaseHttp_Snippets(t *testing.T) {
 
 	g := NewWithT(t)
 
-	res := executeBaseHTTPConfig(conf)
+	res := executeBaseHTTPConfig(conf, &policiesfakes.FakeGenerator{})
 	g.Expect(res).To(HaveLen(3))
 
 	sort.Slice(
@@ -261,7 +262,7 @@ func TestExecuteBaseHttp_NginxReadinessProbePort(t *testing.T) {
 			t.Parallel()
 			g := NewWithT(t)
 
-			res := executeBaseHTTPConfig(test.conf)
+			res := executeBaseHTTPConfig(test.conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 
 			httpConfig := string(res[0].data)
@@ -377,7 +378,7 @@ func TestExecuteBaseHttp_DNSResolver(t *testing.T) {
 			t.Parallel()
 			g := NewWithT(t)
 
-			res := executeBaseHTTPConfig(test.conf)
+			res := executeBaseHTTPConfig(test.conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 
 			httpConfig := string(res[0].data)
@@ -435,7 +436,7 @@ func TestExecuteBaseHttp_GatewaySecretID(t *testing.T) {
 			t.Parallel()
 			g := NewWithT(t)
 
-			res := executeBaseHTTPConfig(test.conf)
+			res := executeBaseHTTPConfig(test.conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 
 			httpConfig := string(res[0].data)

internal/controller/nginx/config/generator.go

@@ -15,6 +15,7 @@ import (
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies/clientsettings"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies/observability"
+	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies/snippetspolicy"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies/upstreamsettings"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/state/dataplane"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/framework/file"
@@ -125,6 +126,7 @@ func (g GeneratorImpl) Generate(conf dataplane.Configuration) []agent.File {
 	policyGenerator := policies.NewCompositeGenerator(
 		clientsettings.NewGenerator(),
 		observability.NewGenerator(conf.Telemetry),
+		&snippetspolicy.Generator{},
 	)
 
 	files = append(files, g.executeConfigTemplates(conf, policyGenerator)...)
@@ -201,11 +203,11 @@ func (g GeneratorImpl) getExecuteFuncs(
 	keepAliveCheck keepAliveChecker,
 ) []executeFunc {
 	return []executeFunc{
-		executeMainConfig,
+		newExecuteMainConfigFunc(generator),
 		executeEventsConfig,
-		executeBaseHTTPConfig,
-		g.newExecuteServersFunc(generator, keepAliveCheck),
+		newExecuteBaseHTTPConfigFunc(generator),
 		newExecuteUpstreamsFunc(upstreams),
+		newExecuteServersFunc(g.plus, generator, g.logger, keepAliveCheck),
 		executeSplitClients,
 		executeMaps,
 		executeTelemetry,

internal/controller/nginx/config/main_config.go

@@ -7,6 +7,7 @@ import (
 	filesHelper "github.com/nginx/agent/v3/pkg/files"
 
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/agent"
+	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/shared"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/state/dataplane"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/state/graph"
@@ -25,9 +26,18 @@ type mainConfig struct {
 	Conf     dataplane.Configuration
 }
 
-func executeMainConfig(conf dataplane.Configuration) []executeResult {
+func newExecuteMainConfigFunc(generator policies.Generator) executeFunc {
+	return func(conf dataplane.Configuration) []executeResult {
+		return executeMainConfig(conf, generator)
+	}
+}
+
+func executeMainConfig(conf dataplane.Configuration, generator policies.Generator) []executeResult {
 	includes := createIncludesFromSnippets(conf.MainSnippets)
 
+	policyIncludes := createIncludesFromPolicyGenerateResult(generator.GenerateForMain(conf.Policies))
+	includes = append(includes, policyIncludes...)
+
 	mc := mainConfig{
 		Conf:     conf,
 		Includes: includes,

internal/controller/nginx/config/main_config_test.go

@@ -6,6 +6,7 @@ import (
 
 	. "github.com/onsi/gomega"
 
+	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/nginx/config/policies/policiesfakes"
 	"github.com/nginx/nginx-gateway-fabric/v2/internal/controller/state/dataplane"
 )
 
@@ -44,7 +45,7 @@ func TestExecuteMainConfig_Telemetry(t *testing.T) {
 			t.Parallel()
 			g := NewWithT(t)
 
-			res := executeMainConfig(test.conf)
+			res := executeMainConfig(test.conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 			g.Expect(res[0].dest).To(Equal(mainIncludesConfigFile))
 			if test.expLoadModuleDirective {
@@ -67,7 +68,7 @@ func TestExecuteMainConfig_Logging(t *testing.T) {
 
 	g := NewWithT(t)
 
-	res := executeMainConfig(conf)
+	res := executeMainConfig(conf, &policiesfakes.FakeGenerator{})
 	g.Expect(res).To(HaveLen(1))
 	g.Expect(res[0].dest).To(Equal(mainIncludesConfigFile))
 
@@ -96,7 +97,7 @@ func TestExecuteMainConfig_Snippets(t *testing.T) {
 
 	g := NewWithT(t)
 
-	res := executeMainConfig(conf)
+	res := executeMainConfig(conf, &policiesfakes.FakeGenerator{})
 	g.Expect(res).To(HaveLen(4))
 
 	// sort results by filename
@@ -170,7 +171,7 @@ func TestExecuteMainConfig_WorkerConnections(t *testing.T) {
 			t.Parallel()
 			g := NewWithT(t)
 
-			res := executeMainConfig(test.conf)
+			res := executeMainConfig(test.conf, &policiesfakes.FakeGenerator{})
 			g.Expect(res).To(HaveLen(1))
 			g.Expect(res[0].dest).To(Equal(mainIncludesConfigFile))
 			g.Expect(string(res[0].data)).To(ContainSubstring("error_log stderr"))

internal/controller/nginx/config/policies/clientsettings/generator.go

@@ -39,7 +39,9 @@ keepalive_timeout {{ .KeepAlive.Timeout.Server }};
 `
 
 // Generator generates nginx configuration based on a clientsettings policy.
-type Generator struct{}
+type Generator struct {
+	policies.UnimplementedGenerator
+}
 
 // NewGenerator returns a new instance of Generator.
 func NewGenerator() *Generator {

internal/controller/nginx/config/policies/generator.go

@@ -8,6 +8,10 @@ import (
 //
 //counterfeiter:generate . Generator
 type Generator interface {
+	// GenerateForMain generates policy configuration for the main block.
+	GenerateForMain(policies []Policy) GenerateResultFiles
+	// GenerateForHTTP generates policy configuration for the http block.
+	GenerateForHTTP(policies []Policy) GenerateResultFiles
 	// GenerateForServer generates policy configuration for the server block.
 	GenerateForServer(policies []Policy, server http.Server) GenerateResultFiles
 	// GenerateForLocation generates policy configuration for a normal location block.
@@ -35,6 +39,28 @@ func NewCompositeGenerator(generators ...Generator) *CompositeGenerator {
 	return &CompositeGenerator{generators: generators}
 }
 
+// GenerateForMain calls all policy generators for the main block.
+func (g *CompositeGenerator) GenerateForMain(policies []Policy) GenerateResultFiles {
+	var compositeResult GenerateResultFiles
+
+	for _, generator := range g.generators {
+		compositeResult = append(compositeResult, generator.GenerateForMain(policies)...)
+	}
+
+	return compositeResult
+}
+
+// GenerateForHTTP calls all policy generators for the http block.
+func (g *CompositeGenerator) GenerateForHTTP(policies []Policy) GenerateResultFiles {
+	var compositeResult GenerateResultFiles
+
+	for _, generator := range g.generators {
+		compositeResult = append(compositeResult, generator.GenerateForHTTP(policies)...)
+	}
+
+	return compositeResult
+}
+
 // GenerateForServer calls all policy generators for the server block.
 func (g *CompositeGenerator) GenerateForServer(policies []Policy, server http.Server) GenerateResultFiles {
 	var compositeResult GenerateResultFiles
@@ -72,6 +98,14 @@ func (g *CompositeGenerator) GenerateForInternalLocation(policies []Policy) Gene
 // possible generations, in order to satisfy the Generator interface.
 type UnimplementedGenerator struct{}
 
+func (u UnimplementedGenerator) GenerateForMain(_ []Policy) GenerateResultFiles {
+	return nil
+}
+
+func (u UnimplementedGenerator) GenerateForHTTP(_ []Policy) GenerateResultFiles {
+	return nil
+}
+
 func (u UnimplementedGenerator) GenerateForServer(_ []Policy, _ http.Server) GenerateResultFiles {
 	return nil
 }