DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix chain completion and default certificate flag issues (#1978)

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2018-01-25 10:46:20 -03:00 committed by GitHub
parent 5dc261dd9c
commit 444a56c001
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
internal/ingress/controller/nginx.go
View file

@ -118,11 +118,13 @@ func NewNGINXController(config *Configuration, fs file.Filesystem) *NGINXControl
Proxy: &TCPProxy{}, Proxy: &TCPProxy{},
} }
n.store = store.New(true, n.store = store.New(
config.EnableSSLChainCompletion,
config.Namespace, config.Namespace,
config.ConfigMapName, config.ConfigMapName,
config.TCPConfigMapName, config.TCPConfigMapName,
config.UDPConfigMapName, config.UDPConfigMapName,
config.DefaultSSLCertificate,
config.ResyncPeriod, config.ResyncPeriod,
config.Client, config.Client,
fs, fs,

9
internal/ingress/controller/store/store.go
View file

@ -198,11 +198,13 @@ type k8sStore struct {
// mu mutex used to avoid simultaneous incovations to syncSecret // mu mutex used to avoid simultaneous incovations to syncSecret
mu *sync.Mutex mu *sync.Mutex
defaultSSLCertificate string
} }
// New creates a new object store to be used in the ingress controller // New creates a new object store to be used in the ingress controller
func New(checkOCSP bool, func New(checkOCSP bool,
namespace, configmap, tcp, udp string, namespace, configmap, tcp, udp, defaultSSLCertificate string,
resyncPeriod time.Duration, resyncPeriod time.Duration,
client clientset.Interface, client clientset.Interface,
fs file.Filesystem, fs file.Filesystem,
@ -218,6 +220,7 @@ func New(checkOCSP bool,
backendConfig: ngx_config.NewDefault(), backendConfig: ngx_config.NewDefault(),
mu: &sync.Mutex{}, mu: &sync.Mutex{},
secretIngressMap: make(map[string]sets.String), secretIngressMap: make(map[string]sets.String),
defaultSSLCertificate: defaultSSLCertificate,
} }
eventBroadcaster := record.NewBroadcaster() eventBroadcaster := record.NewBroadcaster()
@ -612,6 +615,10 @@ func (s k8sStore) Run(stopCh chan struct{}) {
s.ReadSecrets(ing) s.ReadSecrets(ing)
} }
if s.defaultSSLCertificate != "" {
s.syncSecret(s.defaultSSLCertificate)
}
// start goroutine to check for missing local secrets // start goroutine to check for missing local secrets
go wait.Until(s.checkMissingSecrets, 10*time.Second, stopCh) go wait.Until(s.checkMissingSecrets, 10*time.Second, stopCh)

4
internal/ingress/controller/store/store_test.go
View file

@ -70,6 +70,7 @@ func TestStore(t *testing.T) {
fmt.Sprintf("%v/config", ns.Name), fmt.Sprintf("%v/config", ns.Name),
fmt.Sprintf("%v/tcp", ns.Name), fmt.Sprintf("%v/tcp", ns.Name),
fmt.Sprintf("%v/udp", ns.Name), fmt.Sprintf("%v/udp", ns.Name),
"",
10*time.Minute, 10*time.Minute,
clientSet, clientSet,
fs, fs,
@ -155,6 +156,7 @@ func TestStore(t *testing.T) {
fmt.Sprintf("%v/config", ns.Name), fmt.Sprintf("%v/config", ns.Name),
fmt.Sprintf("%v/tcp", ns.Name), fmt.Sprintf("%v/tcp", ns.Name),
fmt.Sprintf("%v/udp", ns.Name), fmt.Sprintf("%v/udp", ns.Name),
"",
10*time.Minute, 10*time.Minute,
clientSet, clientSet,
fs, fs,
@ -294,6 +296,7 @@ func TestStore(t *testing.T) {
fmt.Sprintf("%v/config", ns.Name), fmt.Sprintf("%v/config", ns.Name),
fmt.Sprintf("%v/tcp", ns.Name), fmt.Sprintf("%v/tcp", ns.Name),
fmt.Sprintf("%v/udp", ns.Name), fmt.Sprintf("%v/udp", ns.Name),
"",
10*time.Minute, 10*time.Minute,
clientSet, clientSet,
fs, fs,
@ -378,6 +381,7 @@ func TestStore(t *testing.T) {
fmt.Sprintf("%v/config", ns.Name), fmt.Sprintf("%v/config", ns.Name),
fmt.Sprintf("%v/tcp", ns.Name), fmt.Sprintf("%v/tcp", ns.Name),
fmt.Sprintf("%v/udp", ns.Name), fmt.Sprintf("%v/udp", ns.Name),
"",
10*time.Minute, 10*time.Minute,
clientSet, clientSet,
fs, fs,