Set hostnames field to required for TLSRoute (#736)

Ryan Lymburner · web-flow · commit 3f8359fbfe67 · 2025-05-23T23:01:51.000Z
diff --git a/pkg/gateway/model_build_lattice_service.go b/pkg/gateway/model_build_lattice_service.go
@@ -111,6 +111,11 @@ func (t *latticeServiceModelBuildTask) buildLatticeService(ctx context.Context)
 		routeType = core.GrpcRouteType
 	case *core.TLSRoute:
 		routeType = core.TlsRouteType
+		// VPC Lattice requires a custom domain name for TLS listeners
+		if len(t.route.Spec().Hostnames()) == 0 {
+			return nil, fmt.Errorf("TLSRoute %s/%s must specify at least one hostname as VPC Lattice requires a custom domain name",
+				t.route.Namespace(), t.route.Name())
+		}
 	default:
 		return nil, fmt.Errorf("unsupported route type: %T", t.route)
 	}
diff --git a/pkg/gateway/model_build_lattice_service_test.go b/pkg/gateway/model_build_lattice_service_test.go
@@ -16,6 +16,7 @@ import (
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	testclient "sigs.k8s.io/controller-runtime/pkg/client/fake"
 	gwv1 "sigs.k8s.io/gateway-api/apis/v1"
+	gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2"
 )
 
 func Test_LatticeServiceModelBuild(t *testing.T) {
@@ -403,6 +404,31 @@ func Test_LatticeServiceModelBuild(t *testing.T) {
 				ServiceNetworkNames: []string{vpcLatticeGateway.Name, "gateway2"},
 			},
 		},
+		{
+			name:          "TLSRoute without hostname should fail",
+			wantIsDeleted: false,
+			wantErrIsNil:  false,
+			gwClass:       vpcLatticeGatewayClass,
+			gws: []gwv1.Gateway{
+				vpcLatticeGateway,
+			},
+			route: core.NewTLSRoute(gwv1alpha2.TLSRoute{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "service1",
+					Namespace: "default",
+				},
+				Spec: gwv1alpha2.TLSRouteSpec{
+					CommonRouteSpec: gwv1.CommonRouteSpec{
+						ParentRefs: []gwv1.ParentReference{
+							{
+								Name:      gwv1.ObjectName(vpcLatticeGateway.Name),
+								Namespace: namespacePtr(vpcLatticeGateway.Namespace),
+							},
+						},
+					},
+				},
+			}),
+		},
 		{
 			name:          "Multiple service networks with one different controller",
 			wantIsDeleted: false,
@@ -463,6 +489,7 @@ func Test_LatticeServiceModelBuild(t *testing.T) {
 			k8sSchema := runtime.NewScheme()
 			clientgoscheme.AddToScheme(k8sSchema)
 			gwv1.Install(k8sSchema)
+			gwv1alpha2.Install(k8sSchema)
 			k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build()
 
 			assert.NoError(t, k8sClient.Create(ctx, tt.gwClass.DeepCopy()))
