Allow referencing to TLS secret from other namespace

When TLS secret referred to when creating an ingress is of pattern
<namespace>/<secretName> ingress controller will check the namespace
specified rather than ingress' namespace.

Fixes #2170

internal/ingress/controller/controller.go

@@ -997,7 +997,13 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
 				continue
 			}
 
-			key := fmt.Sprintf("%v/%v", ing.Namespace, tlsSecretName)
+			key := ""
+
+			if strings.Contains(tlsSecretName, "/") {
+				key = tlsSecretName
+			} else {
+				key = fmt.Sprintf("%v/%v", ing.Namespace, tlsSecretName)
+			}
 			cert, err := n.store.GetLocalSecret(key)
 			if err != nil {
 				glog.Warningf("ssl certificate \"%v\" does not exist in local store", key)

internal/ingress/controller/store/backend_ssl.go

@@ -188,7 +188,7 @@ func (s k8sStore) checkMissingSecrets() {
 				continue
 			}
 
-			key := fmt.Sprintf("%v/%v", ing.Namespace, tls.SecretName)
+			key := getSecretKey(ing.Namespace, tls.SecretName)
 			if _, ok := s.sslStore.Get(key); !ok {
 				s.syncSecret(key)
 			}
@@ -212,7 +212,7 @@ func (s k8sStore) ReadSecrets(ing *extensions.Ingress) {
 			continue
 		}
 
-		key := fmt.Sprintf("%v/%v", ing.Namespace, tls.SecretName)
+		key := getSecretKey(ing.Namespace, tls.SecretName)
 		s.syncSecret(key)
 	}
 
@@ -236,3 +236,13 @@ func (s *k8sStore) sendDummyEvent() {
 		},
 	}
 }
+
+// getSecretKey gets a key in format namespace/secretName
+func getSecretKey(namespace, secretName string) (key string) {
+	if strings.Contains(secretName, "/") {
+		key = secretName
+	} else {
+		key = fmt.Sprintf("%v/%v", namespace, secretName)
+	}
+	return
+}