From 94e7237e3604764c99242a8141ea03d57d132cc4 Mon Sep 17 00:00:00 2001
From: Sarthak Agrawal <s.agrawal@f5.com>
Date: Wed, 7 Aug 2024 13:46:47 -0600
Subject: [PATCH] add validate listener checks

---
 .../static/state/graph/gateway_listener.go    | 47 ++++++++++---------
 1 file changed, 26 insertions(+), 21 deletions(-)

diff --git a/internal/mode/static/state/graph/gateway_listener.go b/internal/mode/static/state/graph/gateway_listener.go
index 109a70bc6..0991a82b3 100644
--- a/internal/mode/static/state/graph/gateway_listener.go
+++ b/internal/mode/static/state/graph/gateway_listener.go
@@ -254,26 +254,41 @@ func getAndValidateListenerSupportedKinds(listener v1.Listener) (
 	var conds []conditions.Condition
 	var supportedKinds []v1.RouteGroupKind
 
-	ngfSupportedKinds := map[v1.Kind]struct{}{
-		kinds.TLSRoute:  {},
-		kinds.HTTPRoute: {},
-		kinds.GRPCRoute: {},
-	}
-
-	validRouteKind := func(kind v1.RouteGroupKind) bool {
-		if _, ok := ngfSupportedKinds[kind.Kind]; !ok {
+	validProtocolRouteKind := func(kind v1.RouteGroupKind, validKinds []v1.RouteGroupKind) bool {
+		matchedKind := false
+		for _, k := range validKinds {
+			if k.Kind == kind.Kind {
+				matchedKind = true
+				break
+			}
+		}
+		if !matchedKind {
 			return false
 		}
-		if kind.Group == nil || *kind.Group != v1.GroupName {
+		if kind.Group != nil && *kind.Group != v1.GroupName {
 			return false
 		}
 		return true
 	}
 
+	var validKinds []v1.RouteGroupKind
+
+	switch listener.Protocol {
+	case v1.HTTPProtocolType, v1.HTTPSProtocolType:
+		validKinds = []v1.RouteGroupKind{
+			{Kind: v1.Kind(kinds.HTTPRoute), Group: helpers.GetPointer[v1.Group](v1.GroupName)},
+			{Kind: v1.Kind(kinds.GRPCRoute), Group: helpers.GetPointer[v1.Group](v1.GroupName)},
+		}
+	case v1.TLSProtocolType:
+		validKinds = []v1.RouteGroupKind{
+			{Kind: v1.Kind(kinds.TLSRoute), Group: helpers.GetPointer[v1.Group](v1.GroupName)},
+		}
+	}
+
 	if listener.AllowedRoutes != nil && listener.AllowedRoutes.Kinds != nil {
 		supportedKinds = make([]v1.RouteGroupKind, 0, len(listener.AllowedRoutes.Kinds))
 		for _, kind := range listener.AllowedRoutes.Kinds {
-			if !validRouteKind(kind) {
+			if !validProtocolRouteKind(kind, validKinds) {
 				msg := fmt.Sprintf("Unsupported route kind \"%s/%s\"", *kind.Group, kind.Kind)
 				conds = append(conds, staticConds.NewListenerInvalidRouteKinds(msg)...)
 				continue
@@ -281,17 +296,7 @@ func getAndValidateListenerSupportedKinds(listener v1.Listener) (
 			supportedKinds = append(supportedKinds, kind)
 		}
 	} else {
-		switch listener.Protocol {
-		case v1.HTTPProtocolType, v1.HTTPSProtocolType:
-			supportedKinds = []v1.RouteGroupKind{
-				{Kind: v1.Kind(kinds.HTTPRoute), Group: helpers.GetPointer[v1.Group](v1.GroupName)},
-				{Kind: v1.Kind(kinds.GRPCRoute), Group: helpers.GetPointer[v1.Group](v1.GroupName)},
-			}
-		case v1.TLSProtocolType:
-			supportedKinds = []v1.RouteGroupKind{
-				{Kind: v1.Kind(kinds.TLSRoute), Group: helpers.GetPointer[v1.Group](v1.GroupName)},
-			}
-		}
+		supportedKinds = validKinds
 	}
 
 	return conds, supportedKinds