DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

In case of TLS errors do not allow traffic (#2146)

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2018-02-25 17:20:14 -03:00 committed by GitHub
parent 216fe01a07
commit 3c67976969
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 23 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
internal/ingress/controller/controller.go
View file

@ -369,12 +369,14 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
continue
}
if server.AuthTLSError == "" && anns.CertificateAuth.AuthTLSError != "" {
server.AuthTLSError = anns.CertificateAuth.AuthTLSError
}
if server.CertificateAuth.CAFileName == "" {
server.CertificateAuth = anns.CertificateAuth
// It is possible that no CAFileName is found in the secret
if server.CertificateAuth.CAFileName == "" {
glog.V(3).Infof("secret %v does not contain 'ca.crt', mutual authentication not enabled - ingress rule %v/%v.", server.CertificateAuth.Secret, ing.Namespace, ing.Name)
}
} else {
glog.V(3).Infof("server %v already contains a mutual authentication configuration - ingress rule %v/%v", server.Hostname, ing.Namespace, ing.Name)