Skip to content

feat: support SSL #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 53 commits into from
Sep 27, 2024
Merged

feat: support SSL #52

merged 53 commits into from
Sep 27, 2024

Conversation

@Revolyssup
Copy link
Contributor

@Revolyssup Revolyssup commented Sep 18, 2024

No description provided.

@Revolyssup Revolyssup marked this pull request as draft September 18, 2024 16:26
@Revolyssup Revolyssup changed the title feat: support SSL(DRAFT) feat: support SSL Sep 18, 2024
AlinsRan
AlinsRan reviewed Sep 19, 2024
View reviewed changes
@Revolyssup
Copy link
Contributor Author

Revolyssup commented Sep 19, 2024

@AlinsRan Can you take a look at again at certificate extraction? I have taken reference from

api7-ingress-controller/pkg/providers/apisix/translation/apisix_ssl.go

Line 29 in 83873d0

cert, key, err := translation.ExtractKeyPair(s, true)

@Revolyssup Revolyssup requested a review from AlinsRan September 19, 2024 05:48
AlinsRan
AlinsRan reviewed Sep 19, 2024
View reviewed changes
AlinsRan
AlinsRan reviewed Sep 19, 2024
View reviewed changes
@Revolyssup
Copy link
Contributor Author

Revolyssup commented Sep 19, 2024

@AlinsRan Currently E2E tests are in dysfunctional state. So for the completion of this subtask, the passing tests need to be there or not?

@AlinsRan
Copy link
Contributor

AlinsRan commented Sep 20, 2024

@Revolyssup At present, e2e testing is mainly focused on basic functions.
We need to find the reason before we can consider skipping test cases. We cannot introduce other issues just because of a certain feature.

@AlinsRan
Copy link
Contributor

AlinsRan commented Sep 20, 2024
edited
Loading

image

The test cases you wrote yourself are all incorrect. I suggest you run them locally:

make kind-e2e-test or make e2e-test

AlinsRan
AlinsRan reviewed Sep 20, 2024
View reviewed changes
@Revolyssup
Copy link
Contributor Author

Revolyssup commented Sep 20, 2024

locally the tests passing. trying to fix the ci issue

@Revolyssup Revolyssup marked this pull request as ready for review September 22, 2024 15:12
@Revolyssup
Copy link
Contributor Author

Revolyssup commented Sep 22, 2024
edited
Loading

@AlinsRan E2E test passing, need to pass conformance test

AlinsRan
AlinsRan reviewed Sep 23, 2024
View reviewed changes
@AlinsRan
Copy link
Contributor

AlinsRan commented Sep 23, 2024

We also need a use case for accessing HTTPS based on HTTPRoute.

AlinsRan
AlinsRan reviewed Sep 23, 2024
View reviewed changes
AlinsRan
AlinsRan reviewed Sep 26, 2024
View reviewed changes
test/conformance/conformance_test.go Outdated
var skippedTestsForTraditionalRoutes = []string{
// TODO: Support ReferenceGrant resource
tests.HTTPRouteInvalidReferenceGrant.ShortName,
tests.GatewayWithAttachedRoutes.ShortName,
Copy link
Contributor

@AlinsRan AlinsRan Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why skip it?

Copy link
Contributor Author

@Revolyssup Revolyssup Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One test in this was failing. Trying to pass it now

Copy link
Contributor Author

@Revolyssup Revolyssup Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Passed it

internal/controller/gateway_controller.go
continue
}
secret := corev1.Secret{}
for _, ref := range listener.TLS.CertificateRefs {
Copy link
Contributor

@AlinsRan AlinsRan Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need condition ref.kind == secret

Copy link
Contributor Author

@Revolyssup Revolyssup Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added

internal/controlplane/translator/gateway.go Outdated
Snis: []string{},
}
name := listener.TLS.CertificateRefs[0].Name
secret := tctx.Secrets[types.NamespacedName{Namespace: ns, Name: string(ref.Name)}]
Copy link
Contributor

@AlinsRan AlinsRan Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ditto.

Copy link
Contributor Author

@Revolyssup Revolyssup Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added

AlinsRan
AlinsRan reviewed Sep 27, 2024
View reviewed changes
@AlinsRan AlinsRan requested a review from nic-6443 September 27, 2024 01:29
@Revolyssup Revolyssup merged commit 418edc0 into release-v2-dev Sep 27, 2024
8 checks passed
@Revolyssup Revolyssup deleted the revolyssup/support/ssl branch September 27, 2024 05:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlinsRan AlinsRan AlinsRan approved these changes

@nic-6443 nic-6443 Awaiting requested review from nic-6443

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Revolyssup @AlinsRan