fix: test flakes

internal/controller/auth_policy_status_updater.go

@@ -213,18 +213,24 @@ func (r *AuthPolicyStatusUpdater) enforcedCondition(policy *kuadrantv1.AuthPolic
 			}
 			continue
 		}
+		if gatewayClass.GetDeletionTimestamp() != nil || gateway.GetDeletionTimestamp() != nil || httpRoute.GetDeletionTimestamp() != nil {
+			continue
+		}
 		if !kuadrantgatewayapi.IsListenerReady(listener.Listener, gateway.Gateway) || !kuadrantgatewayapi.IsHTTPRouteReady(httpRoute.HTTPRoute, gateway.Gateway, gatewayClass.Spec.ControllerName) {
 			continue
 		}
 		effectivePolicyRules := effectivePolicy.Spec.Rules()
 		if len(effectivePolicyRules) > 0 {
 			for _, policyRuleKey := range policyRuleKeys {
 				if effectivePolicyRule, ok := effectivePolicyRules[policyRuleKey]; !ok || (ok && effectivePolicyRule.GetSource() != policy.GetLocator()) { // policy rule has been overridden by another policy
-					var overriddenBy string
-					if ok { // TODO(guicassolato): !ok → we cannot tell which policy is overriding the rule, this information is lost when the policy rule is dropped during an atomic override
-						overriddenBy = effectivePolicyRule.GetSource()
+					if ok {
+						// Rule exists in effective policy but from a different source (rule-level override)
+						overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], effectivePolicyRule.GetSource())
+					} else {
+						// Rule doesn't exist at all (atomic override) - the policies that contributed
+						// to the effective policy are the ones that overrode this policy
+						overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], effectivePolicy.SourcePolicies...)
 					}
-					overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], overriddenBy)
 					continue
 				}
 				// policy rule is in the effective policy, track the Gateway and the HTTPRouteRule affected by the policy

internal/controller/ratelimit_policy_status_updater.go

@@ -2,14 +2,14 @@ package controllers
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"slices"
 	"strings"
 	"sync"
 
-	"github.com/kuadrant/kuadrant-operator/internal/cel"
-
 	envoygatewayv1alpha1 "github.com/envoyproxy/gateway/api/v1alpha1"
+	"github.com/go-logr/logr"
 	limitadorv1alpha1 "github.com/kuadrant/limitador-operator/api/v1alpha1"
 	"github.com/kuadrant/policy-machinery/controller"
 	"github.com/kuadrant/policy-machinery/machinery"
@@ -27,6 +27,7 @@ import (
 
 	kuadrantv1 "github.com/kuadrant/kuadrant-operator/api/v1"
 	kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1"
+	"github.com/kuadrant/kuadrant-operator/internal/cel"
 	kuadrantenvoygateway "github.com/kuadrant/kuadrant-operator/internal/envoygateway"
 	kuadrantgatewayapi "github.com/kuadrant/kuadrant-operator/internal/gatewayapi"
 	kuadrantistio "github.com/kuadrant/kuadrant-operator/internal/istio"
@@ -101,7 +102,7 @@ func (r *RateLimitPolicyStatusUpdater) UpdateStatus(ctx context.Context, _ []con
 		if !accepted {
 			meta.RemoveStatusCondition(&newStatus.Conditions, string(kuadrant.PolicyConditionEnforced))
 		} else {
-			enforcedCond := r.enforcedCondition(policy, topology, state)
+			enforcedCond := r.enforcedCondition(policy, topology, state, logger)
 			meta.SetStatusCondition(&newStatus.Conditions, *enforcedCond)
 		}
 
@@ -150,7 +151,7 @@ func (r *RateLimitPolicyStatusUpdater) UpdateStatus(ctx context.Context, _ []con
 	return nil
 }
 
-func (r *RateLimitPolicyStatusUpdater) enforcedCondition(policy *kuadrantv1.RateLimitPolicy, topology *machinery.Topology, state *sync.Map) *metav1.Condition {
+func (r *RateLimitPolicyStatusUpdater) enforcedCondition(policy *kuadrantv1.RateLimitPolicy, topology *machinery.Topology, state *sync.Map, logger logr.Logger) *metav1.Condition {
 	kObj := GetKuadrantFromTopology(topology)
 	if kObj == nil {
 		return kuadrant.EnforcedCondition(policy, kuadrant.NewErrSystemResource("kuadrant"), false)
@@ -193,18 +194,33 @@ func (r *RateLimitPolicyStatusUpdater) enforcedCondition(policy *kuadrantv1.Rate
 			}
 		}
 
-		gatewayClass, gateway, listener, httpRoute, _, _ := kuadrantpolicymachinery.ObjectsInRequestPath(effectivePolicy.Path)
+		gatewayClass, gateway, listener, httpRoute, _, err := kuadrantpolicymachinery.ObjectsInRequestPath(effectivePolicy.Path)
+		if err != nil {
+			if errors.As(err, &kuadrantpolicymachinery.ErrInvalidPath{}) {
+				logger.V(1).Info("skipping effectivePolicy for invalid path", "path", effectivePolicy.Path)
+			} else {
+				logger.Error(err, "unable to process effectivePolicy", "path", effectivePolicy.Path)
+			}
+			continue
+		}
+
+		if gatewayClass.GetDeletionTimestamp() != nil || gateway.GetDeletionTimestamp() != nil || httpRoute.GetDeletionTimestamp() != nil {
+			continue
+		}
 		if !kuadrantgatewayapi.IsListenerReady(listener.Listener, gateway.Gateway) || !kuadrantgatewayapi.IsHTTPRouteReady(httpRoute.HTTPRoute, gateway.Gateway, gatewayClass.Spec.ControllerName) {
 			continue
 		}
 		effectivePolicyRules := effectivePolicy.Spec.Rules()
 		for _, policyRuleKey := range policyRuleKeys {
 			if effectivePolicyRule, ok := effectivePolicyRules[policyRuleKey]; !ok || (ok && effectivePolicyRule.GetSource() != policy.GetLocator()) { // policy rule has been overridden by another policy
-				var overriddenBy string
-				if ok { // TODO(guicassolato): !ok → we cannot tell which policy is overriding the rule, this information is lost when the policy rule is dropped during an atomic override
-					overriddenBy = effectivePolicyRule.GetSource()
+				if ok {
+					// Rule exists in effective policy but from a different source (rule-level override)
+					overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], effectivePolicyRule.GetSource())
+				} else {
+					// Rule doesn't exist at all (atomic override) - the policies that contributed
+					// to the effective policy are the ones that overrode this policy
+					overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], effectivePolicy.SourcePolicies...)
 				}
-				overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], overriddenBy)
 				continue
 			}
 			// policy rule is in the effective policy, track the Gateway affected by the policy

internal/controller/tokenratelimitpolicy_status_updater.go

@@ -192,11 +192,14 @@ func (r *TokenRateLimitPolicyStatusUpdater) enforcedCondition(policy *kuadrantv1
 		effectivePolicyRules := effectivePolicy.Spec.Rules()
 		for _, policyRuleKey := range policyRuleKeys {
 			if effectivePolicyRule, ok := effectivePolicyRules[policyRuleKey]; !ok || (ok && effectivePolicyRule.GetSource() != policy.GetLocator()) { // policy rule has been overridden by another policy
-				var overriddenBy string
 				if ok {
-					overriddenBy = effectivePolicyRule.GetSource()
+					// Rule exists in effective policy but from a different source (rule-level override)
+					overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], effectivePolicyRule.GetSource())
+				} else {
+					// Rule doesn't exist at all (atomic override) - the policies that contributed
+					// to the effective policy are the ones that overrode this policy
+					overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], effectivePolicy.SourcePolicies...)
 				}
-				overridingPolicies[policyRuleKey] = append(overridingPolicies[policyRuleKey], overriddenBy)
 				continue
 			}
 			// policy rule is in the effective policy, track the Gateway affected by the policy

internal/kuadrant/errors.go

@@ -168,9 +168,6 @@ type ErrOverridden struct {
 }
 
 func (e ErrOverridden) Error() string {
-	if len(e.OverridingPolicies) == 0 {
-		return fmt.Sprintf("%s is overridden", e.Kind)
-	}
 	return fmt.Sprintf("%s is overridden by %s", e.Kind, e.OverridingPolicies)
 }
 

tests/bare_k8s/suite_test.go

@@ -22,6 +22,7 @@ import (
 	"encoding/json"
 	"os"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -48,6 +49,9 @@ func testClient() client.Client { return k8sClient }
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	SetDefaultEventuallyPollingInterval(500 * time.Millisecond)
+	SetDefaultEventuallyTimeout(2 * time.Minute)
+
 	RunSpecs(t, "Controller suite on bare k8s")
 }
 

tests/common/authpolicy/suite_test.go

@@ -23,6 +23,7 @@ import (
 	"encoding/json"
 	"os"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -51,6 +52,9 @@ func testClient() client.Client { return k8sClient }
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	SetDefaultEventuallyPollingInterval(500 * time.Millisecond)
+	SetDefaultEventuallyTimeout(2 * time.Minute)
+
 	RunSpecs(t, "AuthPolicy Controller Suite")
 }
 

tests/common/discoverability/suite_test.go

@@ -23,6 +23,7 @@ import (
 	"encoding/json"
 	"os"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -51,6 +52,9 @@ func testClient() client.Client { return k8sClient }
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	SetDefaultEventuallyPollingInterval(500 * time.Millisecond)
+	SetDefaultEventuallyTimeout(2 * time.Minute)
+
 	RunSpecs(t, "Target Status Controller Suite")
 }
 

tests/common/dnspolicy/suite_test.go

@@ -22,6 +22,7 @@ import (
 	"encoding/json"
 	"os"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -61,6 +62,9 @@ func testDynamicClient() *dynamic.DynamicClient {
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	SetDefaultEventuallyPollingInterval(500 * time.Millisecond)
+	SetDefaultEventuallyTimeout(2 * time.Minute)
+
 	RunSpecs(t, "DNS Controller Suite")
 }
 

tests/common/ratelimitpolicy/ratelimitpolicy_controller_test.go

@@ -13,6 +13,7 @@ import (
 	. "github.com/onsi/gomega"
 	"github.com/samber/lo"
 	appsv1 "k8s.io/api/apps/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/ptr"
@@ -359,7 +360,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 			// Check RLP status is available
 			rlpKey := client.ObjectKey{Name: rlpName, Namespace: testNamespace}
 			Eventually(assertPolicyIsAcceptedAndNotEnforced(ctx, rlpKey)).WithContext(ctx).Should(BeTrue())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), rlpKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")).To(BeTrue())
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), rlpKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")
+			}).WithContext(ctx).Should(BeTrue())
 
 			// check limits
 			Eventually(func(g Gomega) {
@@ -454,7 +457,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 			Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed())
 			gwRLPKey := client.ObjectKey{Name: gwRLP.Name, Namespace: testNamespace}
 			Eventually(assertPolicyIsAcceptedAndNotEnforced(ctx, gwRLPKey)).WithContext(ctx).Should(BeTrue())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")).To(BeTrue())
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")
+			}).WithContext(ctx).Should(BeTrue())
 		}, testTimeOut)
 
 		It("Implicit defaults - no underlying routes to enforce policy", func(ctx SpecContext) {
@@ -468,7 +473,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 			Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed())
 			gwRLPKey := client.ObjectKey{Name: gwRLP.Name, Namespace: testNamespace}
 			Eventually(assertPolicyIsAcceptedAndNotEnforced(ctx, gwRLPKey)).WithContext(ctx).Should(BeTrue())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")).To(BeTrue())
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")
+			}).WithContext(ctx).Should(BeTrue())
 		}, testTimeOut)
 	})
 
@@ -514,7 +521,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 			Expect(k8sClient.Create(ctx, routeRLP)).To(Succeed())
 			routeRLPKey := client.ObjectKeyFromObject(routeRLP)
 			Eventually(assertPolicyIsAcceptedAndNotEnforced(ctx, routeRLPKey)).WithContext(ctx).Should(BeTrue())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey)))
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey))
+			}).WithContext(ctx).Should(BeTrue())
 
 			limitsNamespace := controllers.LimitsNamespaceFromRoute(httpRoute)
 
@@ -555,7 +564,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 
 			// Route RLP should no longer be enforced
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), routeRLPKey)).WithContext(ctx).Should(BeFalse())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey)))
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey))
+			}).WithContext(ctx).Should(BeTrue())
 
 			// Should contain override values
 			Eventually(limitadorContainsLimit(ctx, limitadorv1alpha1.RateLimit{
@@ -582,7 +593,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 			Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed())
 			gwRLPKey := client.ObjectKeyFromObject(gwRLP)
 			Eventually(assertPolicyIsAcceptedAndNotEnforced(ctx, gwRLPKey)).WithContext(ctx).Should(BeTrue())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", routeRLPKey)))
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", routeRLPKey))
+			}).WithContext(ctx).Should(BeTrue())
 
 			// Route RLP should still be enforced
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), routeRLPKey)).WithContext(ctx).Should(BeTrue())
@@ -609,7 +622,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 
 			// GW RLP should now be enforced
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), routeRLPKey)).WithContext(ctx).Should(BeFalse())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey)))
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey))
+			}).WithContext(ctx).Should(BeTrue())
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), gwRLPKey)).WithContext(ctx).Should(BeTrue())
 
 			// Should contain override values
@@ -636,7 +651,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 
 			// Route RLP should not be enforced
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), routeRLPKey)).WithContext(ctx).Should(BeFalse())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey)))
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), routeRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", gwRLPKey))
+			}).WithContext(ctx).Should(BeTrue())
 
 			limitsNamespace := controllers.LimitsNamespaceFromRoute(httpRoute)
 
@@ -660,7 +677,9 @@ var _ = Describe("RateLimitPolicy controller", func() {
 
 			// Route RLP now takes precedence
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), gwRLPKey)).WithContext(ctx).Should(BeFalse())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", routeRLPKey)))
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonOverridden, fmt.Sprintf("RateLimitPolicy is overridden by [%s]", routeRLPKey))
+			}).WithContext(ctx).Should(BeTrue())
 			Eventually(tests.RLPIsEnforced(ctx, testClient(), routeRLPKey)).WithContext(ctx).Should(BeTrue())
 
 			// Should contain Route RLP values
@@ -676,13 +695,23 @@ var _ = Describe("RateLimitPolicy controller", func() {
 
 		It("Gateway atomic override - no underlying routes to enforce policy", func(ctx SpecContext) {
 			// Delete HTTPRoute
-			Expect(k8sClient.Delete(ctx, &gatewayapiv1.HTTPRoute{ObjectMeta: metav1.ObjectMeta{Name: routeName, Namespace: testNamespace}})).To(Succeed())
+			Expect(k8sClient.Delete(ctx, httpRoute)).To(Succeed())
+
+			Eventually(func() bool {
+				route := &gatewayapiv1.HTTPRoute{}
+				err := k8sClient.Get(ctx, client.ObjectKeyFromObject(httpRoute), route)
+				// Either deleted OR has deletionTimestamp
+				return apierrors.IsNotFound(err) ||
+					(err == nil && route.GetDeletionTimestamp() != nil)
+			}).WithContext(ctx).WithTimeout(5 * time.Second).Should(BeTrue())
 
 			// create GW RLP with overrides
 			Expect(k8sClient.Create(ctx, gwRLP)).To(Succeed())
 			gwRLPKey := client.ObjectKey{Name: gwRLP.Name, Namespace: testNamespace}
 			Eventually(assertPolicyIsAcceptedAndNotEnforced(ctx, gwRLPKey)).WithContext(ctx).Should(BeTrue())
-			Expect(tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")).To(BeTrue())
+			Eventually(func() bool {
+				return tests.RLPEnforcedCondition(ctx, testClient(), gwRLPKey, kuadrant.PolicyReasonUnknown, "RateLimitPolicy is not in the path to any existing routes")
+			}).WithContext(ctx).Should(BeTrue())
 		}, testTimeOut)
 	})
 

tests/common/ratelimitpolicy/suite_test.go

@@ -23,6 +23,7 @@ import (
 	"encoding/json"
 	"os"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -51,6 +52,9 @@ func testClient() client.Client { return k8sClient }
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	SetDefaultEventuallyPollingInterval(500 * time.Millisecond)
+	SetDefaultEventuallyTimeout(2 * time.Minute)
+
 	RunSpecs(t, "RateLimitPolicy Controller Suite")
 }
 

tests/common/tlspolicy/suite_test.go

@@ -22,6 +22,7 @@ import (
 	"encoding/json"
 	"os"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -48,6 +49,9 @@ func testClient() client.Client { return k8sClient }
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
 
+	SetDefaultEventuallyPollingInterval(500 * time.Millisecond)
+	SetDefaultEventuallyTimeout(2 * time.Minute)
+
 	RunSpecs(t, "TLS Policy Controller Suite")
 }
 

tests/envoygateway/observability_reconciler_test.go

@@ -98,11 +98,11 @@ var _ = Describe("Observabiltity monitors for envoy gateway", func() {
 					Namespace: kuadrantNS,
 				},
 			}
-			err := testClient().Get(ctx, client.ObjectKeyFromObject(kuadrantCR), kuadrantCR)
-			Expect(err).NotTo(HaveOccurred())
-			kuadrantCR.Spec.Observability.Enable = true
-			err = testClient().Update(ctx, kuadrantCR)
-			Expect(err).NotTo(HaveOccurred())
+			Eventually(func(g Gomega) {
+				g.Expect(testClient().Get(ctx, client.ObjectKeyFromObject(kuadrantCR), kuadrantCR)).To(Succeed())
+				kuadrantCR.Spec.Observability.Enable = true
+				g.Expect(testClient().Update(ctx, kuadrantCR)).To(Succeed())
+			}).WithContext(ctx).Should(Succeed())
 
 			// Verify all monitors are created
 			Eventually(func(g Gomega) {