Add prefix nginx to annotations

2017-11-08 17:58:57 -03:00 · 2017-11-08 17:58:57 -03:00 · 8f1ff15a6e
commit 8f1ff15a6e
parent 97577c07a5
54 changed files with 445 additions and 441 deletions
--- a/internal/ingress/annotations/secureupstream/main.go
+++ b/internal/ingress/annotations/secureupstream/main.go
@ -26,11 +26,6 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/resolver"
 )

-const (
-	secureUpstream       = "ingress.kubernetes.io/secure-backends"
-	secureVerifyCASecret = "ingress.kubernetes.io/secure-verify-ca-secret"
-)
-
 // Config describes SSL backend configuration
 type Config struct {
 	Secure bool                 `json:"secure"`
@ -38,21 +33,19 @@ type Config struct {
 }

 type su struct {
-	certResolver resolver.AuthCertificate
+	r resolver.Resolver
 }

 // NewParser creates a new secure upstream annotation parser
-func NewParser(resolver resolver.AuthCertificate) parser.IngressAnnotation {
-	return su{
-		certResolver: resolver,
-	}
+func NewParser(r resolver.Resolver) parser.IngressAnnotation {
+	return su{r}
 }

 // Parse parses the annotations contained in the ingress
 // rule used to indicate if the upstream servers should use SSL
 func (a su) Parse(ing *extensions.Ingress) (interface{}, error) {
-	s, _ := parser.GetBoolAnnotation(secureUpstream, ing)
-	ca, _ := parser.GetStringAnnotation(secureVerifyCASecret, ing)
+	s, _ := parser.GetBoolAnnotation("secure-backends", ing, a.r)
+	ca, _ := parser.GetStringAnnotation("secure-verify-ca-secret", ing, a.r)
 	secure := &Config{
 		Secure: s,
 		CACert: resolver.AuthSSLCert{},
@ -64,7 +57,7 @@ func (a su) Parse(ing *extensions.Ingress) (interface{}, error) {
 	if ca == "" {
 		return secure, nil
 	}
-	caCert, err := a.certResolver.GetAuthCertificate(fmt.Sprintf("%v/%v", ing.Namespace, ca))
+	caCert, err := a.r.GetAuthCertificate(fmt.Sprintf("%v/%v", ing.Namespace, ca))
 	if err != nil {
 		return secure, errors.Wrap(err, "error obtaining certificate")
 	}
--- a/internal/ingress/annotations/secureupstream/main_test.go
+++ b/internal/ingress/annotations/secureupstream/main_test.go
@ -64,6 +64,7 @@ func buildIngress() *extensions.Ingress {
 }

 type mockCfg struct {
+	resolver.Mock
 	certs map[string]resolver.AuthSSLCert
 }

@ -77,8 +78,8 @@ func (cfg mockCfg) GetAuthCertificate(secret string) (*resolver.AuthSSLCert, err
 func TestAnnotations(t *testing.T) {
 	ing := buildIngress()
 	data := map[string]string{}
-	data[secureUpstream] = "true"
-	data[secureVerifyCASecret] = "secure-verify-ca"
+	data["nginx/secure-backends"] = "true"
+	data["nginx/secure-verify-ca-secret"] = "secure-verify-ca"
 	ing.SetAnnotations(data)

 	_, err := NewParser(mockCfg{
@ -94,8 +95,8 @@ func TestAnnotations(t *testing.T) {
 func TestSecretNotFound(t *testing.T) {
 	ing := buildIngress()
 	data := map[string]string{}
-	data[secureUpstream] = "true"
-	data[secureVerifyCASecret] = "secure-verify-ca"
+	data["nginx/secure-backends"] = "true"
+	data["nginx/secure-verify-ca-secret"] = "secure-verify-ca"
 	ing.SetAnnotations(data)
 	_, err := NewParser(mockCfg{}).Parse(ing)
 	if err == nil {
@ -106,8 +107,8 @@ func TestSecretNotFound(t *testing.T) {
 func TestSecretOnNonSecure(t *testing.T) {
 	ing := buildIngress()
 	data := map[string]string{}
-	data[secureUpstream] = "false"
-	data[secureVerifyCASecret] = "secure-verify-ca"
+	data["nginx/secure-backends"] = "false"
+	data["nginx/secure-verify-ca-secret"] = "secure-verify-ca"
 	ing.SetAnnotations(data)
 	_, err := NewParser(mockCfg{
 		certs: map[string]resolver.AuthSSLCert{