[feat aga] Add e2e tests for cross namepsace support for AGA

Author: shraddhabang

pkg/aga/endpoint_resources_manager_test.go

@@ -245,8 +245,78 @@ func TestCrossNamespaceReferences(t *testing.T) {
 		// Monitor the cross-namespace endpoint
 		manager.MonitorEndpointResources(ga, endpoints)
 
-	// Verify no watches were created since cross-namespace references should be skipped
-	defaultManager, _ := manager.(*defaultEndpointResourcesManager)
-	resourceKey := ktypes.NamespacedName{Namespace: svcNamespace, Name: svcName}
-	assert.NotContains(t, defaultManager.serviceWatches, resourceKey, "Cross-namespace service watch should be skipped")
+		// Verify no watches were created since cross-namespace references should be skipped
+		defaultManager, _ := manager.(*defaultEndpointResourcesManager)
+		resourceKey := ktypes.NamespacedName{Namespace: svcNamespace, Name: svcName}
+		assert.NotContains(t, defaultManager.serviceWatches, resourceKey, "Cross-namespace service watch should be skipped when not allowed")
+	})
+
+	t.Run("cross-namespace reference allowed", func(t *testing.T) {
+		// Create test dependencies
+		clientSet := fake.NewSimpleClientset()
+		gwClient := fakegwclientset.NewSimpleClientset()
+
+		// Use our mock event channels
+		serviceEventChannel := NewMockEventChannel()
+		ingressEventChannel := NewMockEventChannel()
+		gatewayEventChannel := NewMockEventChannel()
+
+		logger := logr.Discard()
+
+		// Create the manager
+		manager := NewEndpointResourcesManager(
+			clientSet,
+			gwClient,
+			serviceEventChannel.Channel(),
+			ingressEventChannel.Channel(),
+			gatewayEventChannel.Channel(),
+			logger,
+		)
+
+		// Create a GlobalAccelerator with cross-namespace endpoint
+		ga := &agaapi.GlobalAccelerator{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "test-ga-allowed",
+				Namespace: "default",
+			},
+		}
+
+		// Create loaded endpoint to a service in another namespace
+		svcName := "cross-ns-service-allowed"
+		svcNamespace := "other-namespace" // Different from GA's namespace
+		endpoints := []*LoadedEndpoint{
+			{
+				Type:      agaapi.GlobalAcceleratorEndpointTypeService,
+				Name:      svcName,
+				Namespace: svcNamespace,
+				EndpointRef: &agaapi.GlobalAcceleratorEndpoint{
+					Type: agaapi.GlobalAcceleratorEndpointTypeService,
+					Name: &svcName,
+				},
+				Status: EndpointStatusLoaded,
+				ARN:    "arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/test-allowed",
+				// Important: Set CrossNamespaceAllowed to true for this test
+				CrossNamespaceAllowed: true,
+			},
+		}
+
+		// Monitor the cross-namespace endpoint
+		manager.MonitorEndpointResources(ga, endpoints)
+
+		// Verify watch was created since cross-namespace reference is allowed
+		defaultManager, _ := manager.(*defaultEndpointResourcesManager)
+		resourceKey := ktypes.NamespacedName{Namespace: svcNamespace, Name: svcName}
+		assert.Contains(t, defaultManager.serviceWatches, resourceKey, "Cross-namespace service watch should be created when allowed")
+
+		// Verify the watch has the right consumer
+		watcher := defaultManager.serviceWatches[resourceKey]
+		assert.True(t, watcher.HasConsumer("default/test-ga-allowed"), "Watcher should have the GA as consumer")
+
+		// Clean up
+		gaKey := ktypes.NamespacedName{Namespace: "default", Name: "test-ga-allowed"}
+		manager.RemoveGA(gaKey)
+
+		// Verify watch was removed
+		assert.NotContains(t, defaultManager.serviceWatches, resourceKey, "Cross-namespace service watch should be removed when GA is removed")
+	})
 }

test/e2e/gateway/auxillary_stack.go

@@ -101,7 +101,7 @@ func (s *auxiliaryResourceStack) CreateReferenceGrants(ctx context.Context, f *f
 	}
 	s.refGrants = refGrants
 
-	if err := createReferenceGrants(ctx, f, s.refGrants); err != nil {
+	if err := CreateReferenceGrants(ctx, f, s.refGrants); err != nil {
 		return err
 	}
 

test/e2e/gateway/common_resource_stack.go

@@ -181,7 +181,7 @@ func createServices(ctx context.Context, f *framework.Framework, svcs []*corev1.
 	return nil
 }
 
-func createReferenceGrants(ctx context.Context, f *framework.Framework, refGrants []*gwbeta1.ReferenceGrant) error {
+func CreateReferenceGrants(ctx context.Context, f *framework.Framework, refGrants []*gwbeta1.ReferenceGrant) error {
 	f.Logger.Info("About to create ref grant")
 	for _, refg := range refGrants {
 		f.Logger.Info("creating ref grant", "refg", k8s.NamespacedName(refg))

test/e2e/gateway/nlb_test_helper.go

@@ -374,7 +374,7 @@ func (s *NLBTestStack) CreateFENLBReferenceGrant(ctx context.Context, f *framewo
 		},
 	}
 
-	if err := createReferenceGrants(ctx, f, []*gwbeta1.ReferenceGrant{refGrant}); err != nil {
+	if err := CreateReferenceGrants(ctx, f, []*gwbeta1.ReferenceGrant{refGrant}); err != nil {
 		return nil, err
 	}
 

test/e2e/globalaccelerator/aga_verifier.go

@@ -157,6 +157,10 @@ func verifyGlobalAcceleratorConfiguration(ctx context.Context, f *framework.Fram
 				for k, expectedEG := range expectedListener.EndpointGroups {
 					eg := listEGResp[k]
 
+					if len(eg.EndpointDescriptions) != expectedEG.NumEndpoints {
+						return fmt.Errorf("listener[%d] endpoint group[%d] endpoint count mismatch: expected %d, got %d", i, k, expectedEG.NumEndpoints, len(eg.EndpointDescriptions))
+					}
+
 					if expectedEG.TrafficDialPercentage > 0 && awssdk.ToFloat32(eg.TrafficDialPercentage) != float32(expectedEG.TrafficDialPercentage) {
 						return fmt.Errorf("listener[%d] endpoint group[%d] traffic dial percentage mismatch: expected %d, got %f", i, k, expectedEG.TrafficDialPercentage, awssdk.ToFloat32(eg.TrafficDialPercentage))
 					}
@@ -174,10 +178,6 @@ func verifyGlobalAcceleratorConfiguration(ctx context.Context, f *framework.Fram
 							}
 						}
 					}
-
-					if expectedEG.NumEndpoints > 0 && len(eg.EndpointDescriptions) != expectedEG.NumEndpoints {
-						return fmt.Errorf("listener[%d] endpoint group[%d] endpoint count mismatch: expected %d, got %d", i, k, expectedEG.NumEndpoints, len(eg.EndpointDescriptions))
-					}
 				}
 			}
 		}