Change Denied to *string

internal/ingress/annotations/annotations.go

@@ -81,7 +81,7 @@ type Ingress struct {
 	CustomHTTPErrors     []int
 	DefaultBackend       *apiv1.Service
 	//TODO: Change this back into an error when https://github.com/imdario/mergo/issues/100 is resolved
-	Denied             string
+	Denied             *string
 	ExternalAuth       authreq.Config
 	HTTP2PushPreload   bool
 	Proxy              proxy.Config
@@ -183,7 +183,8 @@ func (e Extractor) Extract(ing *extensions.Ingress) *Ingress {
 
 			_, alreadyDenied := data[DeniedKeyName]
 			if !alreadyDenied {
-				data[DeniedKeyName] = err.Error()
+				errString := err.Error()
+				data[DeniedKeyName] = &errString
 				klog.Errorf("error reading %v annotation in Ingress %v/%v: %v", name, ing.GetNamespace(), ing.GetName(), err)
 				continue
 			}

internal/ingress/controller/template/template.go

@@ -611,7 +611,7 @@ func isLocationAllowed(input interface{}) bool {
 		return false
 	}
 
-	return loc.Denied == ""
+	return loc.Denied == nil
 }
 
 var (

internal/ingress/controller/template/template_test.go

@@ -468,7 +468,7 @@ func TestIsLocationAllowed(t *testing.T) {
 	}
 
 	loc := ingress.Location{
-		Denied: "",
+		Denied: nil,
 	}
 
 	isAllowed := isLocationAllowed(&loc)

internal/ingress/types.go

@@ -239,7 +239,7 @@ type Location struct {
 	BasicDigestAuth auth.Config `json:"basicDigestAuth,omitempty"`
 	// Denied returns an error when this location cannot not be allowed
 	// Requesting a denied location should return HTTP code 403.
-	Denied string `json:"denied,omitempty"`
+	Denied *string `json:"denied,omitempty"`
 	// CorsConfig returns the Cors Configuration for the ingress rule
 	// +optional
 	CorsConfig cors.Config `json:"corsConfig,omitempty"`