fix test

Revolyssup · Revolyssup · commit 774fe81eeb29 · 2024-09-20T15:55:55.000+05:30
diff --git a/internal/controller/gateway_controller.go b/internal/controller/gateway_controller.go
@@ -8,6 +8,7 @@ import (
 	"github.com/api7/api7-ingress-controller/internal/controller/config"
 	"github.com/api7/api7-ingress-controller/internal/controlplane"
 	"github.com/api7/api7-ingress-controller/internal/controlplane/translator"
+	"github.com/api7/gopkg/pkg/log"
 	"github.com/go-logr/logr"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -214,6 +215,9 @@ func (r *GatewayReconciler) listGatewaysForHTTPRoute(_ context.Context, obj clie
 func (r *GatewayReconciler) processListenerConfig(tctx *translator.TranslateContext, listeners []gatewayv1.Listener, ns string) error {
 	var terror error
 	for _, listener := range listeners {
+		if listener.TLS == nil || listener.TLS.CertificateRefs == nil {
+			continue
+		}
 		secret := corev1.Secret{}
 		for _, ref := range listener.TLS.CertificateRefs {
 			if ref.Namespace != nil {
@@ -223,9 +227,11 @@ func (r *GatewayReconciler) processListenerConfig(tctx *translator.TranslateCont
 				Namespace: ns,
 				Name:      string(ref.Name),
 			}, &secret); err != nil {
+				log.Error(err, "failed to get secret", "namespace", ns, "name", string(ref.Name))
 				terror = err
 				break
 			}
+			log.Info("Setting secret for listener", "listener", listener.Name, "secret", secret.Name, " namespace", ns)
 			tctx.Secrets[types.NamespacedName{Namespace: ns, Name: string(ref.Name)}] = &secret
 		}
 	}
diff --git a/internal/controlplane/translator/gateway.go b/internal/controlplane/translator/gateway.go
@@ -6,6 +6,7 @@ import (
 	v1 "github.com/api7/api7-ingress-controller/api/dashboard/v1"
 	"github.com/api7/api7-ingress-controller/internal/controlplane/label"
 	"github.com/api7/api7-ingress-controller/pkg/id"
+	"github.com/api7/gopkg/pkg/log"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
@@ -15,36 +16,51 @@ import (
 func (t *Translator) TranslateGateway(tctx *TranslateContext, obj *gatewayv1.Gateway) (*TranslateResult, error) {
 	result := &TranslateResult{}
 	for _, listener := range obj.Spec.Listeners {
-		tctx.GatewayTLSConfig = append(tctx.GatewayTLSConfig, *listener.TLS)
-		ssl, err := t.translateSecret(tctx, listener, obj)
-		if err != nil {
-			return nil, fmt.Errorf("failed to translate secret: %w", err)
+		if listener.TLS != nil {
+			tctx.GatewayTLSConfig = append(tctx.GatewayTLSConfig, *listener.TLS)
+			ssl, err := t.translateSecret(tctx, listener, obj)
+			if err != nil {
+				return nil, fmt.Errorf("failed to translate secret: %w", err)
+			}
+			result.SSL = append(result.SSL, ssl...)
 		}
-		result.SSL = append(result.SSL, ssl)
 	}
 	return result, nil
 }
 
-func (t *Translator) translateSecret(tctx *TranslateContext, listener gatewayv1.Listener, obj *gatewayv1.Gateway) (*v1.Ssl, error) {
+func (t *Translator) translateSecret(tctx *TranslateContext, listener gatewayv1.Listener, obj *gatewayv1.Gateway) ([]*v1.Ssl, error) {
 	if tctx.Secrets == nil {
 		return nil, nil
 	}
-	sslObj := &v1.Ssl{}
-	ns := obj.GetNamespace()
-	name := obj.GetName()
-	sslObj.ID = id.GenID(fmt.Sprintf("%s_%s_%s", ns, name, listener.Name))
-	if listener.Hostname != nil && *listener.Hostname != "" {
-		sslObj.Snis = []string{string(*listener.Hostname)}
+	if listener.TLS.CertificateRefs == nil {
+		return nil, fmt.Errorf("no certificateRefs found in listener %s", listener.Name)
 	}
-	secret := tctx.Secrets[types.NamespacedName{Namespace: ns, Name: name}]
-	cert, key, err := extractKeyPair(secret, true)
-	if err != nil {
-		return nil, err
+	sslObjs := make([]*v1.Ssl, 0)
+	ns := obj.GetNamespace()
+	gatewayName := obj.GetName()
+
+	for _, ref := range listener.TLS.CertificateRefs {
+		sslObj := &v1.Ssl{}
+		sslObj.ID = id.GenID(fmt.Sprintf("%s_%s_%s", ns, gatewayName, listener.Name))
+		if listener.Hostname != nil && *listener.Hostname != "" {
+			sslObj.Snis = []string{string(*listener.Hostname)}
+		}
+		name := listener.TLS.CertificateRefs[0].Name
+		secret := tctx.Secrets[types.NamespacedName{Namespace: ns, Name: string(ref.Name)}]
+		if secret.Data == nil {
+			log.Error("secret data is nil", "secret", secret)
+			return nil, fmt.Errorf("no secret data found for %s/%s", ns, name)
+		}
+		cert, key, err := extractKeyPair(secret, true)
+		if err != nil {
+			return nil, err
+		}
+		sslObj.Cert = string(cert)
+		sslObj.Key = string(key)
+		sslObj.Labels = label.GenLabel(obj)
+		sslObjs = append(sslObjs, sslObj)
 	}
-	sslObj.Cert = string(cert)
-	sslObj.Key = string(key)
-	sslObj.Labels = label.GenLabel(obj)
-	return sslObj, nil
+	return sslObjs, nil
 }
 
 func extractKeyPair(s *corev1.Secret, hasPrivateKey bool) ([]byte, []byte, error) {
diff --git a/internal/manager/controllers.go b/internal/manager/controllers.go
@@ -29,9 +29,10 @@ func setupControllers(ctx context.Context, mgr manager.Manager, cpclient control
 			Log:    ctrl.LoggerFrom(ctx).WithName("controllers").WithName("GatewayClass"),
 		},
 		&controller.GatewayReconciler{
-			Client: mgr.GetClient(),
-			Scheme: mgr.GetScheme(),
-			Log:    ctrl.LoggerFrom(ctx).WithName("controllers").WithName("Gateway"),
+			Client:             mgr.GetClient(),
+			ControlPlaneClient: cpclient,
+			Scheme:             mgr.GetScheme(),
+			Log:                ctrl.LoggerFrom(ctx).WithName("controllers").WithName("Gateway"),
 		},
 		&controller.HTTPRouteReconciler{
 			Client:             mgr.GetClient(),
diff --git a/pkg/dashboard/ssl.go b/pkg/dashboard/ssl.go
@@ -33,15 +33,8 @@ type sslClient struct {
 }
 
 func newSSLClient(c *cluster) SSL {
-	if c.adminVersion == "v3" {
-		return &sslClient{
-			url:     c.baseURL + "/ssls",
-			cluster: c,
-		}
-	}
-
 	return &sslClient{
-		url:     c.baseURL + "/ssl",
+		url:     c.baseURL + "/ssls",
 		cluster: c,
 	}
 }
@@ -66,7 +59,7 @@ func (s *sslClient) List(ctx context.Context) ([]*v1.Ssl, error) {
 		zap.String("cluster", s.cluster.name),
 	)
 	url := s.url
-	sslItems, err := s.cluster.listResource(ctx, url, "ssl")
+	sslItems, err := s.cluster.listResource(ctx, url, "ssls")
 	if err != nil {
 		log.Errorf("failed to list ssl: %s", err)
 		return nil, err
@@ -103,7 +96,7 @@ func (s *sslClient) Create(ctx context.Context, obj *v1.Ssl) (*v1.Ssl, error) {
 	}
 	url := s.url + "/" + obj.ID
 	log.Debugw("creating ssl", zap.ByteString("body", data), zap.String("url", url))
-	resp, err := s.cluster.createResource(ctx, url, "ssl", data)
+	resp, err := s.cluster.createResource(ctx, url, "ssls", data)
 	if err != nil {
 		log.Errorf("failed to create ssl: %s", err)
 		return nil, err
@@ -130,7 +123,7 @@ func (s *sslClient) Delete(ctx context.Context, obj *v1.Ssl) error {
 		return err
 	}
 	url := s.url + "/" + obj.ID
-	if err := s.cluster.deleteResource(ctx, url, "ssl"); err != nil {
+	if err := s.cluster.deleteResource(ctx, url, "ssls"); err != nil {
 		return err
 	}
 	if err := s.cluster.cache.DeleteSSL(obj); err != nil {
@@ -148,7 +141,7 @@ func (s *sslClient) Update(ctx context.Context, obj *v1.Ssl) (*v1.Ssl, error) {
 		ctx,
 		obj,
 		url,
-		"ssl",
+		"ssls",
 		s.cluster.updateResource,
 		s.cluster.cache.InsertSSL,
 		func(resp *getResponse) (*v1.Ssl, error) {
