Revert "Propagate status from KCert to Route (#7163)"

This reverts commit 455185d.

pkg/apis/serving/v1/route_lifecycle.go

@@ -29,7 +29,6 @@ import (
 var routeCondSet = apis.NewLivingConditionSet(
 	RouteConditionAllTrafficAssigned,
 	RouteConditionIngressReady,
-	RouteConditionCertificateProvisioned,
 )
 
 // GetConditionSet retrieves the condition set for this resource. Implements the KRShaped interface.
@@ -105,41 +104,43 @@ func (rs *RouteStatus) MarkMissingTrafficTarget(kind, name string) {
 }
 
 func (rs *RouteStatus) MarkCertificateProvisionFailed(name string) {
-	routeCondSet.Manage(rs).MarkFalse(RouteConditionCertificateProvisioned,
-		"CertificateProvisionFailed",
-		"Certificate %s fails to be provisioned.", name)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionFalse,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateProvisionFailed",
+		Message:  fmt.Sprintf("Certificate %s fails to be provisioned.", name),
+	})
 }
 
 func (rs *RouteStatus) MarkCertificateReady(name string) {
-	routeCondSet.Manage(rs).MarkTrue(RouteConditionCertificateProvisioned)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionTrue,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateReady",
+		Message:  fmt.Sprintf("Certificate %s is successfully provisioned", name),
+	})
 }
 
 func (rs *RouteStatus) MarkCertificateNotReady(name string) {
-	routeCondSet.Manage(rs).MarkUnknown(RouteConditionCertificateProvisioned,
-		"CertificateNotReady",
-		"Certificate %s is not ready.", name)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionUnknown,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateNotReady",
+		Message:  fmt.Sprintf("Certificate %s is not ready.", name),
+	})
 }
 
 func (rs *RouteStatus) MarkCertificateNotOwned(name string) {
-	routeCondSet.Manage(rs).MarkFalse(RouteConditionCertificateProvisioned,
-		"CertificateNotOwned",
-		"There is an existing certificate %s that we don't own.", name)
-}
-
-// MarkAutoTLSNotEnabled sets RouteConditionCertificateProvisioned to true when
-// certificate config such as autoTLS is not enabled.
-func (rs *RouteStatus) MarkAutoTLSNotEnabled() {
-	routeCondSet.Manage(rs).MarkTrueWithReason(RouteConditionCertificateProvisioned,
-		"AutoTLSNotEnabled",
-		"autoTLS is not enabled")
-}
-
-// MarkHTTPDowngrade sets RouteConditionCertificateProvisioned to true when plain
-// HTTP is enabled even when Certificated is not ready.
-func (rs *RouteStatus) MarkHTTPDowngrade(name string) {
-	routeCondSet.Manage(rs).MarkTrueWithReason(RouteConditionCertificateProvisioned,
-		"HTTPDowngrade",
-		"Certificate %s is not ready downgrade HTTP.", name)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionFalse,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateNotOwned",
+		Message:  fmt.Sprintf("There is an existing certificate %s that we don't own.", name),
+	})
 }
 
 // PropagateIngressStatus update RouteConditionIngressReady condition

pkg/apis/serving/v1/route_lifecycle_test.go

@@ -177,7 +177,6 @@ func TestTypicalRouteFlow(t *testing.T) {
 	apistest.CheckConditionOngoing(r, RouteConditionReady, t)
 
 	r.MarkTrafficAssigned()
-	r.MarkAutoTLSNotEnabled()
 	apistest.CheckConditionSucceeded(r, RouteConditionAllTrafficAssigned, t)
 	apistest.CheckConditionOngoing(r, RouteConditionIngressReady, t)
 	apistest.CheckConditionOngoing(r, RouteConditionReady, t)
@@ -291,7 +290,6 @@ func TestIngressFailureRecovery(t *testing.T) {
 	apistest.CheckConditionOngoing(r, RouteConditionReady, t)
 
 	r.MarkTrafficAssigned()
-	r.MarkAutoTLSNotEnabled()
 	r.PropagateIngressStatus(netv1alpha1.IngressStatus{
 		Status: duckv1.Status{
 			Conditions: duckv1.Conditions{{
@@ -383,22 +381,6 @@ func TestRouteNotOwnCertificate(t *testing.T) {
 	apistest.CheckConditionFailed(r, RouteConditionCertificateProvisioned, t)
 }
 
-func TestRouteAutoTLSNotEnabled(t *testing.T) {
-	r := &RouteStatus{}
-	r.InitializeConditions()
-	r.MarkAutoTLSNotEnabled()
-
-	apistest.CheckConditionSucceeded(r, RouteConditionCertificateProvisioned, t)
-}
-
-func TestRouteHTTPDowngrade(t *testing.T) {
-	r := &RouteStatus{}
-	r.InitializeConditions()
-	r.MarkHTTPDowngrade("cert")
-
-	apistest.CheckConditionSucceeded(r, RouteConditionCertificateProvisioned, t)
-}
-
 func TestIngressNotConfigured(t *testing.T) {
 	r := &RouteStatus{}
 	r.InitializeConditions()

pkg/apis/serving/v1alpha1/route_lifecycle.go

@@ -29,7 +29,6 @@ import (
 var routeCondSet = apis.NewLivingConditionSet(
 	RouteConditionAllTrafficAssigned,
 	RouteConditionIngressReady,
-	RouteConditionCertificateProvisioned,
 )
 
 func (r *Route) GetGroupVersionKind() schema.GroupVersionKind {
@@ -113,41 +112,43 @@ func (rs *RouteStatus) MarkMissingTrafficTarget(kind, name string) {
 }
 
 func (rs *RouteStatus) MarkCertificateProvisionFailed(name string) {
-	routeCondSet.Manage(rs).MarkFalse(RouteConditionCertificateProvisioned,
-		"CertificateProvisionFailed",
-		"Certificate %s fails to be provisioned.", name)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionFalse,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateProvisionFailed",
+		Message:  fmt.Sprintf("Certificate %s fails to be provisioned.", name),
+	})
 }
 
 func (rs *RouteStatus) MarkCertificateReady(name string) {
-	routeCondSet.Manage(rs).MarkTrue(RouteConditionCertificateProvisioned)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionTrue,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateReady",
+		Message:  fmt.Sprintf("Certificate %s is successfully provisioned", name),
+	})
 }
 
 func (rs *RouteStatus) MarkCertificateNotReady(name string) {
-	routeCondSet.Manage(rs).MarkUnknown(RouteConditionCertificateProvisioned,
-		"CertificateNotReady",
-		"Certificate %s is not ready.", name)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionUnknown,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateNotReady",
+		Message:  fmt.Sprintf("Certificate %s is not ready.", name),
+	})
 }
 
 func (rs *RouteStatus) MarkCertificateNotOwned(name string) {
-	routeCondSet.Manage(rs).MarkFalse(RouteConditionCertificateProvisioned,
-		"CertificateNotOwned",
-		"There is an existing certificate %s that we don't own.", name)
-}
-
-// MarkAutoTLSNotEnabled sets RouteConditionCertificateProvisioned to true when
-// certificate config such as autoTLS is not enabled.
-func (rs *RouteStatus) MarkAutoTLSNotEnabled() {
-	routeCondSet.Manage(rs).MarkTrueWithReason(RouteConditionCertificateProvisioned,
-		"AutoTLSNotEnabled",
-		"autoTLS is not enabled")
-}
-
-// MarkHTTPDowngrade sets RouteConditionCertificateProvisioned to true when plain
-// HTTP is enabled even when Certificated is not ready.
-func (rs *RouteStatus) MarkHTTPDowngrade(name string) {
-	routeCondSet.Manage(rs).MarkTrueWithReason(RouteConditionCertificateProvisioned,
-		"HTTPDowngrade",
-		"Certificate %s is not ready downgrade HTTP.", name)
+	routeCondSet.Manage(rs).SetCondition(apis.Condition{
+		Type:     RouteConditionCertificateProvisioned,
+		Status:   corev1.ConditionFalse,
+		Severity: apis.ConditionSeverityWarning,
+		Reason:   "CertificateNotOwned",
+		Message:  fmt.Sprintf("There is an existing certificate %s that we don't own.", name),
+	})
 }
 
 // PropagateIngressStatus update RouteConditionIngressReady condition

pkg/apis/serving/v1alpha1/route_lifecycle_test.go

@@ -160,7 +160,6 @@ func TestTypicalRouteFlow(t *testing.T) {
 	apistest.CheckConditionOngoing(r, RouteConditionReady, t)
 
 	r.MarkTrafficAssigned()
-	r.MarkAutoTLSNotEnabled()
 	apistest.CheckConditionSucceeded(r, RouteConditionAllTrafficAssigned, t)
 	apistest.CheckConditionOngoing(r, RouteConditionIngressReady, t)
 	apistest.CheckConditionOngoing(r, RouteConditionReady, t)
@@ -274,7 +273,6 @@ func TestIngressFailureRecovery(t *testing.T) {
 	apistest.CheckConditionOngoing(r, RouteConditionReady, t)
 
 	r.MarkTrafficAssigned()
-	r.MarkAutoTLSNotEnabled()
 	r.PropagateIngressStatus(netv1alpha1.IngressStatus{
 		Status: duckv1.Status{
 			Conditions: duckv1.Conditions{{
@@ -378,22 +376,6 @@ func TestRouteNotOwnCertificate(t *testing.T) {
 	apistest.CheckConditionFailed(r, RouteConditionCertificateProvisioned, t)
 }
 
-func TestRouteAutoTLSNotEnabled(t *testing.T) {
-	r := &RouteStatus{}
-	r.InitializeConditions()
-	r.MarkAutoTLSNotEnabled()
-
-	apistest.CheckConditionSucceeded(r, RouteConditionCertificateProvisioned, t)
-}
-
-func TestRouteHTTPDowngrade(t *testing.T) {
-	r := &RouteStatus{}
-	r.InitializeConditions()
-	r.MarkHTTPDowngrade("cert")
-
-	apistest.CheckConditionSucceeded(r, RouteConditionCertificateProvisioned, t)
-}
-
 func TestIngressNotConfigured(t *testing.T) {
 	r := &RouteStatus{}
 	r.InitializeConditions()

pkg/reconciler/route/route.go

@@ -190,7 +190,6 @@ func (c *Reconciler) reconcileIngressResources(ctx context.Context, r *v1.Route,
 func (c *Reconciler) tls(ctx context.Context, host string, r *v1.Route, traffic *traffic.Config) ([]netv1alpha1.IngressTLS, []netv1alpha1.HTTP01Challenge, error) {
 	tls := []netv1alpha1.IngressTLS{}
 	if !config.FromContext(ctx).Network.AutoTLS {
-		r.Status.MarkAutoTLSNotEnabled()
 		return tls, nil, nil
 	}
 	domainToTagMap, err := domains.GetAllDomainsAndTags(ctx, r, getTrafficNames(traffic.Targets), traffic.Visibility)
@@ -250,7 +249,7 @@ func (c *Reconciler) tls(ctx context.Context, host string, r *v1.Route, traffic
 		} else {
 			acmeChallenges = append(acmeChallenges, cert.Status.HTTP01Challenges...)
 			r.Status.MarkCertificateNotReady(cert.Name)
-			// When httpProtocol is enabled, downgrade http scheme.
+			// When httpProtocol is enabled, downward http scheme.
 			if config.FromContext(ctx).Network.HTTPProtocol == network.HTTPEnabled {
 				if dnsNames.Has(host) {
 					r.Status.URL = &apis.URL{
@@ -259,7 +258,6 @@ func (c *Reconciler) tls(ctx context.Context, host string, r *v1.Route, traffic
 					}
 				}
 				setTargetsScheme(&r.Status, dnsNames.List(), "http")
-				r.Status.MarkHTTPDowngrade(cert.Name)
 			}
 		}
 	}