Enable validation of ingress definitions from extensions package

internal/admission/controller/main.go

@@ -23,6 +23,7 @@ import (
 	admissionv1 "k8s.io/api/admission/v1"
 	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	networking "k8s.io/api/networking/v1beta1"
+	apiequality "k8s.io/apimachinery/pkg/api/equality"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -43,16 +44,10 @@ type IngressAdmission struct {
 }
 
 var (
-	networkingV1Beta1Resource = metav1.GroupVersionResource{
-		Group:    networking.GroupName,
-		Version:  "v1beta1",
-		Resource: "ingresses",
-	}
-
-	networkingV1Resource = metav1.GroupVersionResource{
-		Group:    networking.GroupName,
-		Version:  "v1",
-		Resource: "ingresses",
+	ingressResource = metav1.GroupVersionKind{
+		Group:   networking.GroupName,
+		Version: "v1beta1",
+		Kind:    "Ingress",
 	}
 )
 
@@ -75,9 +70,9 @@ func (ia *IngressAdmission) HandleAdmission(obj runtime.Object) (runtime.Object,
 		convertV1beta1AdmissionReviewToAdmissionAdmissionReview(reviewv1beta1, review)
 	}
 
-	if review.Request.Resource != networkingV1Beta1Resource && review.Request.Resource != networkingV1Resource {
+	if !apiequality.Semantic.DeepEqual(review.Request.Kind, ingressResource) {
 		return nil, fmt.Errorf("rejecting admission review because the request does not contain an Ingress resource but %s with name %s in namespace %s",
-			review.Request.Resource.String(), review.Request.Name, review.Request.Namespace)
+			review.Request.Kind.String(), review.Request.Name, review.Request.Namespace)
 	}
 
 	status := &admissionv1.AdmissionResponse{}

internal/admission/controller/main_test.go

@@ -25,7 +25,6 @@ import (
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/json"
-	"k8s.io/kubernetes/pkg/apis/extensions"
 )
 
 const testIngressName = "testIngressName"
@@ -58,7 +57,7 @@ func TestHandleAdmission(t *testing.T) {
 
 	result, err := adm.HandleAdmission(&admissionv1.AdmissionReview{
 		Request: &admissionv1.AdmissionRequest{
-			Resource: v1.GroupVersionResource{Group: "", Version: "v1", Resource: "pod"},
+			Kind: v1.GroupVersionKind{Group: "", Version: "v1", Kind: "Pod"},
 		},
 	})
 	if err == nil {
@@ -72,16 +71,7 @@ func TestHandleAdmission(t *testing.T) {
 
 	result, err = adm.HandleAdmission(&admissionv1.AdmissionReview{
 		Request: &admissionv1.AdmissionRequest{
-			Resource: v1.GroupVersionResource{Group: extensions.GroupName, Version: "v1beta1", Resource: "ingresses"},
-		},
-	})
-	if err == nil {
-		t.Fatalf("with extensions/v1beta1 Ingress resource, the check should not pass")
-	}
-
-	result, err = adm.HandleAdmission(&admissionv1.AdmissionReview{
-		Request: &admissionv1.AdmissionRequest{
-			Resource: v1.GroupVersionResource{Group: networking.GroupName, Version: "v1beta1", Resource: "ingresses"},
+			Kind: v1.GroupVersionKind{Group: networking.GroupName, Version: "v1beta1", Kind: "Ingress"},
 			Object: runtime.RawExtension{
 				Raw: []byte{0xff},
 			},

internal/ingress/annotations/class/main.go

@@ -53,7 +53,7 @@ func IsValid(ing *networking.Ingress) bool {
 	}
 
 	// 2. k8s < v1.18. Check default annotation
-	if !k8s.IsIngressV1Ready {
+	if !k8s.IsIngressV1Beta1Ready {
 		return IngressClass == DefaultClass
 	}
 

internal/ingress/controller/store/store_test.go

@@ -40,13 +40,10 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/class"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
-	"k8s.io/ingress-nginx/internal/k8s"
 	"k8s.io/ingress-nginx/test/e2e/framework"
 )
 
 func TestStore(t *testing.T) {
-	k8s.IsNetworkingIngressAvailable = true
-
 	//TODO: move env definition to docker image?
 	os.Setenv("KUBEBUILDER_ASSETS", "/usr/local/bin")
 

internal/ingress/status/status_test.go

@@ -301,9 +301,6 @@ func TestStatusActions(t *testing.T) {
 		t.Fatalf("expected a valid Sync")
 	}
 
-	// assume k8s >= 1.14 as the rest of the test
-	k8s.IsNetworkingIngressAvailable = true
-
 	fk := fkSync.(statusSync)
 
 	// start it and wait for the election and syn actions

internal/k8s/main.go

@@ -128,10 +128,10 @@ func MetaNamespaceKey(obj interface{}) string {
 	return key
 }
 
-// IsNetworkingIngressAvailable indicates if package "k8s.io/api/networking/v1beta1" is available or not
-var IsNetworkingIngressAvailable bool
+// IsIngressV1Beta1Ready indicates if the running Kubernetes version is at least v1.18.0
+var IsIngressV1Beta1Ready bool
 
-// IsIngressV1Ready indicates if the running Kubernetes version is at least v1.18.0
+// IsIngressV1Ready indicates if the running Kubernetes version is at least v1.19.0
 var IsIngressV1Ready bool
 
 // IngressClass indicates the class of the Ingress to use as filter
@@ -143,23 +143,24 @@ const IngressNGINXController = "k8s.io/ingress-nginx"
 
 // NetworkingIngressAvailable checks if the package "k8s.io/api/networking/v1beta1"
 // is available or not and if Ingress V1 is supported (k8s >= v1.18.0)
-func NetworkingIngressAvailable(client clientset.Interface) (bool, bool) {
+func NetworkingIngressAvailable(client clientset.Interface) (bool, bool, bool) {
 	// check kubernetes version to use new ingress package or not
 	version114, _ := version.ParseGeneric("v1.14.0")
 	version118, _ := version.ParseGeneric("v1.18.0")
+	version119, _ := version.ParseGeneric("v1.19.0")
 
 	serverVersion, err := client.Discovery().ServerVersion()
 	if err != nil {
-		return false, false
+		return false, false, false
 	}
 
 	runningVersion, err := version.ParseGeneric(serverVersion.String())
 	if err != nil {
 		klog.ErrorS(err, "unexpected error parsing running Kubernetes version")
-		return false, false
+		return false, false, false
 	}
 
-	return runningVersion.AtLeast(version114), runningVersion.AtLeast(version118)
+	return runningVersion.AtLeast(version114), runningVersion.AtLeast(version118), runningVersion.AtLeast(version119)
 }
 
 // default path type is Prefix to not break existing definitions