Auto-generate annotation docs (#11835)

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
2024-08-21 09:38:34 +02:00 · 2024-08-21 09:38:34 +02:00 · 0486f013fe
commit 0486f013fe
parent f08a1c4fda
10 changed files with 404 additions and 51 deletions
--- a/internal/ingress/annotations/annotations.go
+++ b/internal/ingress/annotations/annotations.go
@ -19,18 +19,10 @@ package annotations
 import (
 	"dario.cat/mergo"

-	"k8s.io/ingress-nginx/internal/ingress/annotations/canary"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/disableproxyintercepterrors"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/opentelemetry"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/proxyssl"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/sslcipher"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/streamsnippet"
-	"k8s.io/klog/v2"
-
 	apiv1 "k8s.io/api/core/v1"
 	networking "k8s.io/api/networking/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/klog/v2"

 	"k8s.io/ingress-nginx/internal/ingress/annotations/alias"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/auth"
@ -38,11 +30,13 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/authreqglobal"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/authtls"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/backendprotocol"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/canary"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/clientbodybuffersize"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/connection"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/cors"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/customhttperrors"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/defaultbackend"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/disableproxyintercepterrors"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/fastcgi"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/globalratelimit"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/http2pushpreload"
@ -51,9 +45,12 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/loadbalancing"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/log"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/mirror"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/opentelemetry"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/portinredirect"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/proxy"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/proxyssl"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ratelimit"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/redirect"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/rewrite"
@ -62,7 +59,9 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/serviceupstream"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/sessionaffinity"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/snippet"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/sslcipher"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/sslpassthrough"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/streamsnippet"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/upstreamhashby"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/upstreamvhost"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/xforwardedprefix"
@ -124,51 +123,55 @@ type Extractor struct {
 	annotations map[string]parser.IngressAnnotation
 }

+func NewAnnotationFactory(cfg resolver.Resolver) map[string]parser.IngressAnnotation {
+	return map[string]parser.IngressAnnotation{
+		"Aliases":                     alias.NewParser(cfg),
+		"BasicDigestAuth":             auth.NewParser(auth.AuthDirectory, cfg),
+		"Canary":                      canary.NewParser(cfg),
+		"CertificateAuth":             authtls.NewParser(cfg),
+		"ClientBodyBufferSize":        clientbodybuffersize.NewParser(cfg),
+		"ConfigurationSnippet":        snippet.NewParser(cfg),
+		"Connection":                  connection.NewParser(cfg),
+		"CorsConfig":                  cors.NewParser(cfg),
+		"CustomHTTPErrors":            customhttperrors.NewParser(cfg),
+		"DisableProxyInterceptErrors": disableproxyintercepterrors.NewParser(cfg),
+		"DefaultBackend":              defaultbackend.NewParser(cfg),
+		"FastCGI":                     fastcgi.NewParser(cfg),
+		"ExternalAuth":                authreq.NewParser(cfg),
+		"EnableGlobalAuth":            authreqglobal.NewParser(cfg),
+		"HTTP2PushPreload":            http2pushpreload.NewParser(cfg),
+		"Opentelemetry":               opentelemetry.NewParser(cfg),
+		"Proxy":                       proxy.NewParser(cfg),
+		"ProxySSL":                    proxyssl.NewParser(cfg),
+		"RateLimit":                   ratelimit.NewParser(cfg),
+		"GlobalRateLimit":             globalratelimit.NewParser(cfg),
+		"Redirect":                    redirect.NewParser(cfg),
+		"Rewrite":                     rewrite.NewParser(cfg),
+		"Satisfy":                     satisfy.NewParser(cfg),
+		"ServerSnippet":               serversnippet.NewParser(cfg),
+		"ServiceUpstream":             serviceupstream.NewParser(cfg),
+		"SessionAffinity":             sessionaffinity.NewParser(cfg),
+		"SSLPassthrough":              sslpassthrough.NewParser(cfg),
+		"UsePortInRedirects":          portinredirect.NewParser(cfg),
+		"UpstreamHashBy":              upstreamhashby.NewParser(cfg),
+		"LoadBalancing":               loadbalancing.NewParser(cfg),
+		"UpstreamVhost":               upstreamvhost.NewParser(cfg),
+		"Allowlist":                   ipallowlist.NewParser(cfg),
+		"Denylist":                    ipdenylist.NewParser(cfg),
+		"XForwardedPrefix":            xforwardedprefix.NewParser(cfg),
+		"SSLCipher":                   sslcipher.NewParser(cfg),
+		"Logs":                        log.NewParser(cfg),
+		"BackendProtocol":             backendprotocol.NewParser(cfg),
+		"ModSecurity":                 modsecurity.NewParser(cfg),
+		"Mirror":                      mirror.NewParser(cfg),
+		"StreamSnippet":               streamsnippet.NewParser(cfg),
+	}
+}
+
 // NewAnnotationExtractor creates a new annotations extractor
 func NewAnnotationExtractor(cfg resolver.Resolver) Extractor {
 	return Extractor{
-		map[string]parser.IngressAnnotation{
-			"Aliases":                     alias.NewParser(cfg),
-			"BasicDigestAuth":             auth.NewParser(auth.AuthDirectory, cfg),
-			"Canary":                      canary.NewParser(cfg),
-			"CertificateAuth":             authtls.NewParser(cfg),
-			"ClientBodyBufferSize":        clientbodybuffersize.NewParser(cfg),
-			"ConfigurationSnippet":        snippet.NewParser(cfg),
-			"Connection":                  connection.NewParser(cfg),
-			"CorsConfig":                  cors.NewParser(cfg),
-			"CustomHTTPErrors":            customhttperrors.NewParser(cfg),
-			"DisableProxyInterceptErrors": disableproxyintercepterrors.NewParser(cfg),
-			"DefaultBackend":              defaultbackend.NewParser(cfg),
-			"FastCGI":                     fastcgi.NewParser(cfg),
-			"ExternalAuth":                authreq.NewParser(cfg),
-			"EnableGlobalAuth":            authreqglobal.NewParser(cfg),
-			"HTTP2PushPreload":            http2pushpreload.NewParser(cfg),
-			"Opentelemetry":               opentelemetry.NewParser(cfg),
-			"Proxy":                       proxy.NewParser(cfg),
-			"ProxySSL":                    proxyssl.NewParser(cfg),
-			"RateLimit":                   ratelimit.NewParser(cfg),
-			"GlobalRateLimit":             globalratelimit.NewParser(cfg),
-			"Redirect":                    redirect.NewParser(cfg),
-			"Rewrite":                     rewrite.NewParser(cfg),
-			"Satisfy":                     satisfy.NewParser(cfg),
-			"ServerSnippet":               serversnippet.NewParser(cfg),
-			"ServiceUpstream":             serviceupstream.NewParser(cfg),
-			"SessionAffinity":             sessionaffinity.NewParser(cfg),
-			"SSLPassthrough":              sslpassthrough.NewParser(cfg),
-			"UsePortInRedirects":          portinredirect.NewParser(cfg),
-			"UpstreamHashBy":              upstreamhashby.NewParser(cfg),
-			"LoadBalancing":               loadbalancing.NewParser(cfg),
-			"UpstreamVhost":               upstreamvhost.NewParser(cfg),
-			"Allowlist":                   ipallowlist.NewParser(cfg),
-			"Denylist":                    ipdenylist.NewParser(cfg),
-			"XForwardedPrefix":            xforwardedprefix.NewParser(cfg),
-			"SSLCipher":                   sslcipher.NewParser(cfg),
-			"Logs":                        log.NewParser(cfg),
-			"BackendProtocol":             backendprotocol.NewParser(cfg),
-			"ModSecurity":                 modsecurity.NewParser(cfg),
-			"Mirror":                      mirror.NewParser(cfg),
-			"StreamSnippet":               streamsnippet.NewParser(cfg),
-		},
+		NewAnnotationFactory(cfg),
 	}
 }

--- a/internal/ingress/annotations/parser/main.go
+++ b/internal/ingress/annotations/parser/main.go
@ -210,6 +210,21 @@ func StringRiskToRisk(risk string) AnnotationRisk {
 	}
 }

+func (a AnnotationRisk) ToString() string {
+	switch a {
+	case AnnotationRiskCritical:
+		return "Critical"
+	case AnnotationRiskHigh:
+		return "High"
+	case AnnotationRiskMedium:
+		return "Medium"
+	case AnnotationRiskLow:
+		return "Low"
+	default:
+		return "Unknown"
+	}
+}
+
 func normalizeString(input string) string {
 	trimmedContent := []string{}
 	for _, line := range strings.Split(input, "\n") {