Policy status restructuring

Policy objects MUST specify a [`status`](https://gateway-api.sigs.k8s.io/geps/gep-713/#the-status-stanza-of-policy-objects) stanza. As of https://github.com/kubernetes-sigs/gateway-api/pull/3609, the following changes to the Kuadrant policy CRDs are required to be conformant.

**1. The following conditions and reasons SHOULD be adopted (_Standard_):**

- Condition: `Accepted`
  - Reasons for `True`:
    - `Accepted`
  - Reason for `False`:
    - `Conflicted` - for direct policies when targeting a network object already in scope of another policy, N/A for policy kinds that implement merge strategies other than **None**
    - `Invalid` - e.g.: invalid CEL expression
    - `TargetNotFound`

- Condition: `Programmed` (replaces current `Enforced`)
  - Reasons for `True`:
    - `Programmed` - no parts of the policy overridden by another
    - `PartiallyProgrammed` - parts of the policy overridden by another, though not entirely
  - Reason for `False`:
    - `Overridden` - policy entirely overridden by another
    - `Reconciling` - intermediary state while reconciling the policy post acceptance

**2. Policy status SHOULD be organised using the upstream [`PolicyAncestorStatus`](https://gateway-api.sigs.k8s.io/reference/spec/?h=policyancestorstatus#policyancestorstatus) struct (_Experimental_).**

- Policy implementations can arbitrate what the best ancestor is for each case (e.g., Gateway object, target object, [scope](https://gateway-api.sigs.k8s.io/geps/gep-713/#policy-scope), etc)
- My personal recommendation is to use the exact target object (`sectionName` included) as the ancestor, so automated tools can reason about the status of the policy in terms of each target.
- To have in mind: trade-off between desired level of detail to provide and avoiding the [fanout status update problem](https://gateway-api.sigs.k8s.io/geps/gep-713/#fanout-status-update-problems)

**3. Policy status SHOULD reflect the applied merge strategy (_Experimental_).**

- Partially covered by the conditions already
- Any further specification of the applied merge strategy TBD
- May depend on the design adopted for (2) above
- Ref.: https://gateway-api.sigs.k8s.io/geps/gep-713/#reflecting-the-applied-merge-strategy-in-the-status-stanza-of-the-policy

<br/>

Subtasks:

- [ ] AuthPolicy status restructuring
- [ ] RateLimitPolicy status restructuring
- [ ] TokenBasedRatePolicy status restructuring
- [ ] TLSPolicy status restructuring
- [ ] DNSPolicy status restructuring
- [ ] OIDCPolicy status restructuring
- [ ] PlanPolicy status restructuring


----

Supersedes #433 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Policy status restructuring #1653

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Policy status restructuring #1653

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions