fix ssl

Author: AlinsRan

internal/provider/adc/translator/gateway.go

@@ -105,16 +105,17 @@ func (t *Translator) translateSecret(tctx *provider.TranslateContext, listener g
 				// Dashboard doesn't allow wildcard hostname
 				if listener.Hostname != nil && *listener.Hostname != "" {
 					sslObj.Snis = append(sslObj.Snis, string(*listener.Hostname))
+				} else {
+					hosts, err := extractHost(cert)
+					if err != nil {
+						return nil, err
+					}
+					if len(hosts) == 0 {
+						log.Warnw("no valid hostname found in certificate", zap.String("secret", secret.Namespace+"/"+secret.Name))
+						continue
+					}
+					sslObj.Snis = append(sslObj.Snis, hosts...)
 				}
-				hosts, err := extractHost(cert)
-				if err != nil {
-					return nil, err
-				}
-				if len(hosts) == 0 {
-					log.Warnw("no valid hostname found in certificate", zap.String("secret", secret.Namespace+"/"+secret.Name))
-					continue
-				}
-				sslObj.Snis = append(sslObj.Snis, hosts...)
 				// Note: Dashboard doesn't allow duplicate certificate across ssl objects
 				sslObj.ID = id.GenID(string(cert))
 				log.Debugw("generated ssl id", zap.String("ssl id", sslObj.ID), zap.String("secret", secret.Namespace+"/"+secret.Name))

test/e2e/crds/consumer.go

@@ -23,7 +23,7 @@ import (
 	"github.com/apache/apisix-ingress-controller/test/e2e/scaffold"
 )
 
-var _ = FDescribe("Test Consumer", func() {
+var _ = Describe("Test Consumer", func() {
 	s := scaffold.NewDefaultScaffold()
 
 	var defaultGatewayProxy = `
@@ -236,7 +236,7 @@ spec:
 			s.ApplyDefaultGatewayResource(defaultGatewayProxy, defaultGatewayClass, defaultGateway, defaultHTTPRoute)
 		})
 
-		FIt("Create/Update/Delete", func() {
+		It("Create/Update/Delete", func() {
 			s.ResourceApplied("Consumer", "consumer-sample", defaultCredential, 1)
 
 			time.Sleep(15 * time.Minute)

test/e2e/gatewayapi/controller.go

@@ -23,7 +23,7 @@ import (
 	"github.com/apache/apisix-ingress-controller/test/e2e/scaffold"
 )
 
-var _ = FDescribe("Check if controller cache gets synced with correct resources", func() {
+var _ = Describe("Check if controller cache gets synced with correct resources", func() {
 
 	var gatewayProxyYaml = `
 apiVersion: apisix.apache.org/v1alpha1

test/e2e/gatewayapi/gateway.go

@@ -148,7 +148,7 @@ spec:
 	})
 
 	Context("Gateway SSL", func() {
-		PIt("Check if SSL resource was created", func() {
+		It("Check if SSL resource was created", func() {
 			By("create GatewayProxy")
 			gatewayProxy := fmt.Sprintf(gatewayProxyYaml, s.Deployer.GetAdminEndpoint(), s.AdminKey())
 			err := s.CreateResourceFromString(gatewayProxy)
@@ -206,10 +206,10 @@ spec:
 			assert.Len(GinkgoT(), tls, 1, "tls number not expect")
 			assert.Len(GinkgoT(), tls[0].Certificates, 1, "length of certificates not expect")
 			assert.Equal(GinkgoT(), Cert, tls[0].Certificates[0].Certificate, "tls cert not expect")
-			assert.ElementsMatch(GinkgoT(), []string{host, "*.api6.com"}, tls[0].Snis)
+			assert.ElementsMatch(GinkgoT(), []string{host}, tls[0].Snis)
 		})
 
-		PIt("Gateway SSL with and without hostname", func() {
+		It("Gateway SSL with and without hostname", func() {
 			By("create GatewayProxy")
 			gatewayProxy := fmt.Sprintf(gatewayProxyYaml, s.Deployer.GetAdminEndpoint(), s.AdminKey())
 			err := s.CreateResourceFromString(gatewayProxy)
@@ -277,36 +277,24 @@ spec:
 			tls, err := s.DefaultDataplaneResource().SSL().List(context.Background())
 			assert.Nil(GinkgoT(), err, "list tls error")
 			assert.Len(GinkgoT(), tls, 1, "tls number not expect")
-			assert.Equal(GinkgoT(), Cert, tls[0].Cert, "tls cert not expect")
+			assert.Len(GinkgoT(), tls[0].Certificates, 1, "length of certificates not expect")
+			assert.Equal(GinkgoT(), Cert, tls[0].Certificates[0].Certificate, "tls cert not expect")
 			assert.Equal(GinkgoT(), tls[0].Labels["k8s/controller-name"], "apisix.apache.org/apisix-ingress-controller")
 
 			By("update secret")
 			err = s.NewKubeTlsSecret(secretName, framework.TestCert, framework.TestKey)
 			Expect(err).NotTo(HaveOccurred(), "update secret")
 			Eventually(func() string {
 				tls, err := s.DefaultDataplaneResource().SSL().List(context.Background())
-				assert.Nil(GinkgoT(), err, "list tls error")
-				assert.Len(GinkgoT(), tls, 1, "tls number not expect")
-				assert.Len(GinkgoT(), tls[0].Certificates, 1, "length of certificates not expect")
-				assert.Equal(GinkgoT(), Cert, tls[0].Certificates[0].Certificate, "tls cert not expect")
-				assert.Equal(GinkgoT(), tls[0].Labels["k8s/controller-name"], "apisix.apache.org/apisix-ingress-controller")
-
-				By("update secret")
-				err = s.NewKubeTlsSecret(secretName, framework.TestCert, framework.TestKey)
-				Expect(err).NotTo(HaveOccurred(), "update secret")
-				Eventually(func() string {
-					tls, err := s.DefaultDataplaneResource().SSL().List(context.Background())
-					Expect(err).NotTo(HaveOccurred(), "list ssl from dashboard")
-					if len(tls) < 1 {
-						return ""
-					}
-					if len(tls[0].Certificates) < 1 {
-						return ""
-					}
-					return tls[0].Certificates[0].Certificate
-				}).WithTimeout(8 * time.Second).ProbeEvery(time.Second).Should(Equal(framework.TestCert))
-			})
+				Expect(err).NotTo(HaveOccurred(), "list ssl from dashboard")
+				if len(tls) < 1 {
+					return ""
+				}
+				if len(tls[0].Certificates) < 1 {
+					return ""
+				}
+				return tls[0].Certificates[0].Certificate
+			}).WithTimeout(8 * time.Second).ProbeEvery(time.Second).Should(Equal(framework.TestCert))
 		})
 	})
-
 })

test/e2e/gatewayapi/httproute.go

@@ -555,7 +555,7 @@ spec:
 				Status(200)
 		})
 
-		PIt("Match Port", func() {
+		It("Match Port", func() {
 			By("create HTTPRoute")
 			ResourceApplied("HTTPRoute", "httpbin", invalidBackendPort, 1)