# This is a combination of 5 commits.

# This is the 1st commit message:

Add feature flag to disable annotation prefix check in admission controller

# This is the commit message #2:

Add log message for when ingress hits annotation check

Indicates that the correct environment variable is set. Does not log on
absence of environment variable.

# This is the commit message #3:

Add flag for disabling legacy ingress class annotation prefix check

# This is the commit message #4:

Remove negation from if statement on annotation prefix check

# This is the commit message #5:

Add logline to indicate annotation prefix check is skipped
This commit is contained in:
Yngve Molnes 2022-02-15 15:07:27 +01:00
parent 8d9210fd38
commit 3eed9f3bfc
2 changed files with 10 additions and 1 deletions

View file

@ -135,6 +135,8 @@ type Configuration struct {
DynamicConfigurationRetries int
EnableAnnotationsPrefixCheck bool
DisableSyncEvents bool
EnableTopologyAwareRouting bool
@ -310,7 +312,8 @@ func (n *NGINXController) CheckIngress(ing *networking.Ingress) error {
for key, value := range ing.ObjectMeta.GetAnnotations() {
if parser.AnnotationsPrefix != parser.DefaultAnnotationsPrefix {
klog.Warningf("EnableAnnotationsPrefixCheck set to false, Ignoring annotation check.")
if n.cfg.EnableAnnotationsPrefixCheck && parser.AnnotationsPrefix != parser.DefaultAnnotationsPrefix {
if strings.HasPrefix(key, fmt.Sprintf("%s/", parser.DefaultAnnotationsPrefix)) {
return fmt.Errorf("This deployment has a custom annotation prefix defined. Use '%s' instead of '%s'", parser.AnnotationsPrefix, parser.DefaultAnnotationsPrefix)
}

View file

@ -35,6 +35,7 @@ import (
"k8s.io/ingress-nginx/internal/ingress/status"
ing_net "k8s.io/ingress-nginx/internal/net"
"k8s.io/ingress-nginx/internal/nginx"
"k8s.io/ingress-nginx/pkg/apis/ingress"
klog "k8s.io/klog/v2"
)
@ -216,9 +217,13 @@ Takes the form "<host>:port". If not provided, no admission controller is starte
dynamicConfigurationRetries = flags.Int("dynamic-configuration-retries", 15, "Number of times to retry failed dynamic configuration before failing to sync an ingress.")
<<<<<<< HEAD
disableSyncEvents = flags.Bool("disable-sync-events", false, "Disables the creation of 'Sync' event resources")
enableTopologyAwareRouting = flags.Bool("enable-topology-aware-routing", false, "Enable topology aware hints feature, needs service object annotation service.kubernetes.io/topology-aware-hints sets to auto.")
=======
enableAnnotationsPrefixCheck = flags.Bool("enable-annotations-prefix-check", true, "Enables check for value of legacy ingressclass annotation")
>>>>>>> 2ea8b7a8f (Add flag for disabling legacy ingress class annotation prefix check)
)
flags.StringVar(&nginx.MaxmindMirror, "maxmind-mirror", "", `Maxmind mirror url (example: http://geoip.local/databases.`)
@ -372,6 +377,7 @@ https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-g
ValidationWebhookKeyPath: *validationWebhookKey,
InternalLoggerAddress: *internalLoggerAddress,
DisableSyncEvents: *disableSyncEvents,
EnableAnnotationsPrefixCheck: *enableAnnotationsPrefixCheck,
}
if *apiserverHost != "" {