From 04e2603ecc47a8a190fc27775493dbae091a9205 Mon Sep 17 00:00:00 2001
From: Manuel Alejandro de Brito Fontes <aledbf@gmail.com>
Date: Thu, 21 Jan 2021 17:27:06 -0300
Subject: [PATCH] Update PemSHA field for default SSL certificate

---
 internal/ingress/controller/controller.go | 1 +
 internal/ingress/sslcert.go               | 7 ++++++-
 internal/ingress/types.go                 | 9 ++++++++-
 internal/ingress/types_equals.go          | 6 +++++-
 4 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/internal/ingress/controller/controller.go b/internal/ingress/controller/controller.go
index f5e3d2733..8e3111180 100644
--- a/internal/ingress/controller/controller.go
+++ b/internal/ingress/controller/controller.go
@@ -491,6 +491,7 @@ func (n *NGINXController) getConfiguration(ingresses []*ingress.Ingress) (sets.S
 		UDPEndpoints:          n.getStreamServices(n.cfg.UDPConfigMapName, apiv1.ProtocolUDP),
 		PassthroughBackends:   passUpstreams,
 		BackendConfigChecksum: n.store.GetBackendConfiguration().Checksum,
+		DefaultSSLCertificate: n.getDefaultSSLCertificate(),
 	}
 }
 
diff --git a/internal/ingress/sslcert.go b/internal/ingress/sslcert.go
index 82cdcbf68..9265b07ac 100644
--- a/internal/ingress/sslcert.go
+++ b/internal/ingress/sslcert.go
@@ -71,5 +71,10 @@ func (s SSLCert) GetObjectKind() schema.ObjectKind {
 
 // HashInclude defines if a field should be used or not to calculate the hash
 func (s SSLCert) HashInclude(field string, v interface{}) (bool, error) {
-	return (field != "PemSHA" && field != "CASHA" && field != "ExpireTime"), nil
+	switch field {
+	case "PemSHA", "CASHA", "ExpireTime":
+		return true, nil
+	default:
+		return false, nil
+	}
 }
diff --git a/internal/ingress/types.go b/internal/ingress/types.go
index fabd66c98..84d964b7a 100644
--- a/internal/ingress/types.go
+++ b/internal/ingress/types.go
@@ -74,6 +74,8 @@ type Configuration struct {
 
 	// ConfigurationChecksum contains the particular checksum of a Configuration object
 	ConfigurationChecksum string `json:"configurationChecksum,omitempty"`
+
+	DefaultSSLCertificate *SSLCert `json:"-"`
 }
 
 // Backend describes one or more remote server/s (endpoints) associated with a service
@@ -125,7 +127,12 @@ type TrafficShapingPolicy struct {
 
 // HashInclude defines if a field should be used or not to calculate the hash
 func (s Backend) HashInclude(field string, v interface{}) (bool, error) {
-	return (field != "Endpoints"), nil
+	switch field {
+	case "Endpoints":
+		return false, nil
+	default:
+		return true, nil
+	}
 }
 
 // SessionAffinityConfig describes different affinity configurations for new sessions.
diff --git a/internal/ingress/types_equals.go b/internal/ingress/types_equals.go
index ac7bf4bf6..15a1ad710 100644
--- a/internal/ingress/types_equals.go
+++ b/internal/ingress/types_equals.go
@@ -29,6 +29,10 @@ func (c1 *Configuration) Equal(c2 *Configuration) bool {
 		return false
 	}
 
+	if !c1.DefaultSSLCertificate.Equal(c2.DefaultSSLCertificate) {
+		return false
+	}
+
 	match := compareBackends(c1.Backends, c2.Backends)
 	if !match {
 		return false
@@ -271,7 +275,7 @@ func (s1 *Server) Equal(s2 *Server) bool {
 	if s1.SSLPassthrough != s2.SSLPassthrough {
 		return false
 	}
-	if !(s1.SSLCert).Equal(s2.SSLCert) {
+	if !s1.SSLCert.Equal(s2.SSLCert) {
 		return false
 	}