fix: fetch default value from configmap

2023-12-08 15:14:12 +01:00 · 2023-12-08 15:14:12 +01:00 · 4606ea39cf
commit 4606ea39cf
parent a3e71a9f1c
3 changed files with 9 additions and 11 deletions
--- a/internal/ingress/annotations/authreqglobal/main.go
+++ b/internal/ingress/annotations/authreqglobal/main.go
@ -17,6 +17,8 @@ limitations under the License.
 package authreqglobal

 import (
+	"strconv"
+
 	networking "k8s.io/api/networking/v1"

 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
@ -39,10 +41,6 @@ var globalAuthAnnotations = parser.Annotation{
 	},
 }

-type Config struct {
-	GlobalAuthDefaultEnable bool `json:"global-auth-default-enable,omitempty"`
-}
-
 type authReqGlobal struct {
 	r                resolver.Resolver
 	annotationConfig parser.Annotation
@ -61,7 +59,13 @@ func NewParser(r resolver.Resolver) parser.IngressAnnotation {
 func (a authReqGlobal) Parse(ing *networking.Ingress) (interface{}, error) {
 	enableGlobalAuth, err := parser.GetBoolAnnotation(enableGlobalAuthAnnotation, ing, a.annotationConfig.Annotations)
 	if err != nil {
-		enableGlobalAuth = a.r.GetDefaultBackend().GlobalAuthDefaultEnable
+		globalAuthDefaultEnable, err := a.r.GetConfigMap("ingress-nginx/ingress-nginx-controller")
+		if err != nil {
+			return nil, err
+		}
+
+		enableGlobalAuth, err = strconv.ParseBool(globalAuthDefaultEnable.Data["global-auth-default-enable"])
+		// enableGlobalAuth = a.r.GetDefaultBackend().GlobalAuthDefaultEnable
 	}

 	return enableGlobalAuth, nil
--- a/internal/ingress/controller/config/config.go
+++ b/internal/ingress/controller/config/config.go
@ -877,7 +877,6 @@ func NewDefault() Configuration {
 			DisableProxyInterceptErrors: false,
 			DenylistSourceRange:         []string{},
 			WhitelistSourceRange:        []string{},
-			GlobalAuthDefaultEnable:     true,
 			SkipAccessLogURLs:           []string{},
 			LimitRate:                   0,
 			LimitRateAfter:              0,
--- a/internal/ingress/defaults/main.go
+++ b/internal/ingress/defaults/main.go
@ -176,11 +176,6 @@ type Backend struct {
 	// By default, the NGINX ingress controller uses a list of all endpoints (Pod IP/port) in the NGINX upstream configuration.
 	// It disables that behavior and instead uses a single upstream in NGINX, the service's Cluster IP and port.
 	ServiceUpstream bool `json:"service-upstream"`
-
-	// By default, the NGINX ingress controller applies global-auth configuration to all Ingress resources,
-	// if global-auth-url (ConfigMap) is set, and auth-url is not set (Ingess). Default is `true`. By setting this to
-	// `false`, global-auth is only applied to Ingress resources when global-auth-url (ConfigMap) is set and enable-global-auth is set (Ingress).
-	GlobalAuthDefaultEnable bool `json:"global-auth-default-enable"`
 }

 type SecurityConfiguration struct {