Skip TLS section with no secret in Kubernetes ingress

old/provider/kubernetes/kubernetes.go

@@ -642,6 +642,11 @@ func getRuleForHost(host string) string {
 
 func getTLS(ingress *extensionsv1beta1.Ingress, k8sClient Client, tlsConfigs map[string]*tls.Configuration) error {
 	for _, t := range ingress.Spec.TLS {
+		if t.SecretName == "" {
+			log.Debugf("Skipping TLS sub-section for ingress %s/%s: No secret name provided", ingress.Namespace, ingress.Name)
+			continue
+		}
+
 		newEntryPoints := getSliceStringValue(ingress.Annotations, annotationKubernetesFrontendEntryPoints)
 
 		configKey := ingress.Namespace + "/" + t.SecretName

old/provider/kubernetes/kubernetes_test.go

@@ -2850,6 +2850,16 @@ func TestGetTLS(t *testing.T) {
 		),
 	)
 
+	testIngressWithoutSecret := buildIngress(
+		iNamespace("testing"),
+		iRules(
+			iRule(iHost("ep1.example.com")),
+		),
+		iTLSes(
+			iTLS("", "foo.com"),
+		),
+	)
+
 	testCases := []struct {
 		desc      string
 		ingress   *extensionsv1beta1.Ingress
@@ -2976,6 +2986,12 @@ func TestGetTLS(t *testing.T) {
 				},
 			},
 		},
+		{
+			desc:    "return nil when no secret is defined",
+			ingress: testIngressWithoutSecret,
+			client:  clientMock{},
+			result:  map[string]*tls.Configuration{},
+		},
 		{
 			desc: "pass the endpoints defined in the annotation to the certificate",
 			ingress: buildIngress(