@@ -2,9 +2,11 @@ package controller
22
33import (
44 "context"
5+ "errors"
56 "fmt"
67 "reflect"
78
9+ "github.com/api7/api7-ingress-controller/api/v1alpha1"
810 "github.com/api7/api7-ingress-controller/internal/controller/config"
911 "github.com/api7/api7-ingress-controller/internal/controller/indexer"
1012 "github.com/api7/api7-ingress-controller/internal/provider"
@@ -95,6 +97,12 @@ func (r *IngressReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
9597 // create a translate context
9698 tctx := provider .NewDefaultTranslateContext ()
9799
100+ // process IngressClass parameters if they reference GatewayProxy
101+ if err := r .processIngressClassParameters (ctx , tctx , ingress ); err != nil {
102+ r .Log .Error (err , "failed to process IngressClass parameters" , "ingress" , ingress .Name )
103+ return ctrl.Result {}, err
104+ }
105+
98106 // process TLS configuration
99107 if err := r .processTLS (ctx , tctx , ingress ); err != nil {
100108 r .Log .Error (err , "failed to process TLS configuration" , "ingress" , ingress .Name )
@@ -122,6 +130,46 @@ func (r *IngressReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
122130 return ctrl.Result {}, nil
123131}
124132
133+ // getIngressClass get the ingress class for the ingress
134+ func (r * IngressReconciler ) getIngressClass (obj client.Object ) (* networkingv1.IngressClass , error ) {
135+ ingress := obj .(* networkingv1.Ingress )
136+
137+ if ingress .Spec .IngressClassName == nil {
138+ // handle the case where IngressClassName is not specified
139+ // find all ingress classes and check if any of them is marked as default
140+ ingressClassList := & networkingv1.IngressClassList {}
141+ if err := r .List (context .Background (), ingressClassList , client.MatchingFields {
142+ indexer .IngressClass : config .GetControllerName (),
143+ }); err != nil {
144+ r .Log .Error (err , "failed to list ingress classes" )
145+ return nil , err
146+ }
147+
148+ // find the ingress class that is marked as default
149+ for _ , ic := range ingressClassList .Items {
150+ if IsDefaultIngressClass (& ic ) && matchesController (ic .Spec .Controller ) {
151+ log .Debugw ("match the default ingress class" )
152+ return & ic , nil
153+ }
154+ }
155+
156+ log .Debugw ("no default ingress class found" )
157+ return nil , errors .New ("no default ingress class found" )
158+ }
159+
160+ // if it does not match, check if the ingress class is controlled by us
161+ ingressClass := networkingv1.IngressClass {}
162+ if err := r .Client .Get (context .Background (), client.ObjectKey {Name : * ingress .Spec .IngressClassName }, & ingressClass ); err != nil {
163+ return nil , err
164+ }
165+
166+ if matchesController (ingressClass .Spec .Controller ) {
167+ return & ingressClass , nil
168+ }
169+
170+ return nil , errors .New ("ingress class is not controlled by us" )
171+ }
172+
125173// checkIngressClass check if the ingress uses the ingress class that we control
126174func (r * IngressReconciler ) checkIngressClass (obj client.Object ) bool {
127175 ingress := obj .(* networkingv1.Ingress )
@@ -469,3 +517,71 @@ func (r *IngressReconciler) updateStatus(ctx context.Context, ingress *networkin
469517
470518 return nil
471519}
520+
521+ // processIngressClassParameters processes the IngressClass parameters that reference GatewayProxy
522+ func (r * IngressReconciler ) processIngressClassParameters (ctx context.Context , tctx * provider.TranslateContext , ingress * networkingv1.Ingress ) error {
523+ ingressClass , err := r .getIngressClass (ingress )
524+ if err != nil {
525+ r .Log .Error (err , "failed to get IngressClass" , "name" , ingress .Spec .IngressClassName )
526+ return err
527+ }
528+
529+ if ingressClass .Spec .Parameters == nil {
530+ return nil
531+ }
532+
533+ parameters := ingressClass .Spec .Parameters
534+ // check if the parameters reference GatewayProxy
535+ if parameters .APIGroup != nil && * parameters .APIGroup == v1alpha1 .GroupVersion .Group && parameters .Kind == "GatewayProxy" {
536+ ns := ingress .GetNamespace ()
537+ if parameters .Namespace != nil {
538+ ns = * parameters .Namespace
539+ }
540+
541+ gatewayProxy := & v1alpha1.GatewayProxy {}
542+ if err := r .Get (ctx , client.ObjectKey {
543+ Namespace : ns ,
544+ Name : parameters .Name ,
545+ }, gatewayProxy ); err != nil {
546+ r .Log .Error (err , "failed to get GatewayProxy" , "namespace" , ns , "name" , parameters .Name )
547+ return err
548+ }
549+
550+ r .Log .Info ("found GatewayProxy for IngressClass" , "ingressClass" , ingressClass .Name , "gatewayproxy" , gatewayProxy .Name )
551+ tctx .GatewayProxy = gatewayProxy
552+
553+ // check if the provider field references a secret
554+ if gatewayProxy .Spec .Provider != nil && gatewayProxy .Spec .Provider .Type == v1alpha1 .ProviderTypeControlPlane {
555+ if gatewayProxy .Spec .Provider .ControlPlane != nil &&
556+ gatewayProxy .Spec .Provider .ControlPlane .Auth .Type == v1alpha1 .AuthTypeAdminKey &&
557+ gatewayProxy .Spec .Provider .ControlPlane .Auth .AdminKey != nil &&
558+ gatewayProxy .Spec .Provider .ControlPlane .Auth .AdminKey .ValueFrom != nil &&
559+ gatewayProxy .Spec .Provider .ControlPlane .Auth .AdminKey .ValueFrom .SecretKeyRef != nil {
560+
561+ secretRef := gatewayProxy .Spec .Provider .ControlPlane .Auth .AdminKey .ValueFrom .SecretKeyRef
562+ secret := & corev1.Secret {}
563+ if err := r .Get (ctx , client.ObjectKey {
564+ Namespace : ns ,
565+ Name : secretRef .Name ,
566+ }, secret ); err != nil {
567+ r .Log .Error (err , "failed to get secret for GatewayProxy provider" ,
568+ "namespace" , ns ,
569+ "name" , secretRef .Name )
570+ return err
571+ }
572+
573+ r .Log .Info ("found secret for GatewayProxy provider" ,
574+ "ingressClass" , ingressClass .Name ,
575+ "gatewayproxy" , gatewayProxy .Name ,
576+ "secret" , secretRef .Name )
577+
578+ tctx .Secrets [types.NamespacedName {
579+ Namespace : ns ,
580+ Name : secretRef .Name ,
581+ }] = secret
582+ }
583+ }
584+ }
585+
586+ return nil
587+ }
0 commit comments