Skip TLS section with no secret in Kubernetes ingress
This commit is contained in:
parent
c29a69a60d
commit
099bbb8be7
2 changed files with 21 additions and 0 deletions
|
@ -642,6 +642,11 @@ func getRuleForHost(host string) string {
|
||||||
|
|
||||||
func getTLS(ingress *extensionsv1beta1.Ingress, k8sClient Client, tlsConfigs map[string]*tls.Configuration) error {
|
func getTLS(ingress *extensionsv1beta1.Ingress, k8sClient Client, tlsConfigs map[string]*tls.Configuration) error {
|
||||||
for _, t := range ingress.Spec.TLS {
|
for _, t := range ingress.Spec.TLS {
|
||||||
|
if t.SecretName == "" {
|
||||||
|
log.Debugf("Skipping TLS sub-section for ingress %s/%s: No secret name provided", ingress.Namespace, ingress.Name)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
newEntryPoints := getSliceStringValue(ingress.Annotations, annotationKubernetesFrontendEntryPoints)
|
newEntryPoints := getSliceStringValue(ingress.Annotations, annotationKubernetesFrontendEntryPoints)
|
||||||
|
|
||||||
configKey := ingress.Namespace + "/" + t.SecretName
|
configKey := ingress.Namespace + "/" + t.SecretName
|
||||||
|
|
|
@ -2850,6 +2850,16 @@ func TestGetTLS(t *testing.T) {
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
testIngressWithoutSecret := buildIngress(
|
||||||
|
iNamespace("testing"),
|
||||||
|
iRules(
|
||||||
|
iRule(iHost("ep1.example.com")),
|
||||||
|
),
|
||||||
|
iTLSes(
|
||||||
|
iTLS("", "foo.com"),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
testCases := []struct {
|
testCases := []struct {
|
||||||
desc string
|
desc string
|
||||||
ingress *extensionsv1beta1.Ingress
|
ingress *extensionsv1beta1.Ingress
|
||||||
|
@ -2976,6 +2986,12 @@ func TestGetTLS(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
desc: "return nil when no secret is defined",
|
||||||
|
ingress: testIngressWithoutSecret,
|
||||||
|
client: clientMock{},
|
||||||
|
result: map[string]*tls.Configuration{},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
desc: "pass the endpoints defined in the annotation to the certificate",
|
desc: "pass the endpoints defined in the annotation to the certificate",
|
||||||
ingress: buildIngress(
|
ingress: buildIngress(
|
||||||
|
|
Loading…
Add table
Reference in a new issue