diff --git a/internal/configs/version1/__snapshots__/template_test.snap b/internal/configs/version1/__snapshots__/template_test.snap index ec16b28c1a..7f4182f0bf 100644 --- a/internal/configs/version1/__snapshots__/template_test.snap +++ b/internal/configs/version1/__snapshots__/template_test.snap @@ -200,7 +200,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -259,7 +260,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -336,7 +337,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -395,7 +397,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -1742,7 +1744,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -1801,7 +1804,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -1880,7 +1883,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -1939,7 +1943,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2018,7 +2022,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2077,7 +2082,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2156,7 +2161,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2215,7 +2221,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2294,7 +2300,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2354,7 +2361,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2465,7 +2472,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2524,7 +2532,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2613,7 +2621,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2673,7 +2682,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2767,7 +2776,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2826,7 +2836,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; @@ -2902,7 +2912,8 @@ http { default upgrade; '' $default_connection_header; } - resolver example.com127.0.0.1 valid=10s ipv6=off;resolver_timeout 15s; + resolver example.com 127.0.0.1 valid=10s ipv6=off; + resolver_timeout 15s; server { # required to support the Websocket protocol in VirtualServer/VirtualServerRoutes @@ -2962,7 +2973,7 @@ stream { access_log /dev/stdout stream-main; # comment - resolver example.com127.0.0.1 valid=10s ipv6=off; + resolver example.com 127.0.0.1 valid=10s ipv6=off; resolver_timeout 15s; map_hash_max_size ; diff --git a/internal/configs/version1/nginx-plus.tmpl b/internal/configs/version1/nginx-plus.tmpl index c5e392d1df..756d16c5ad 100644 --- a/internal/configs/version1/nginx-plus.tmpl +++ b/internal/configs/version1/nginx-plus.tmpl @@ -152,11 +152,8 @@ http { {{- if .OpenTracingLoadModule}} opentracing_load_tracer {{ .OpenTracingTracer }} /var/lib/nginx/tracer-config.json; {{- end}} - - {{- if .ResolverAddresses}} - resolver {{range $resolver := .ResolverAddresses}}{{$resolver}}{{end}}{{if .ResolverValid}} valid={{.ResolverValid}}{{end}}{{if not .ResolverIPV6}} ipv6=off{{end}}; - {{- if .ResolverTimeout}}resolver_timeout {{.ResolverTimeout}};{{end}} - {{- end}} + {{ makeResolver .ResolverAddresses .ResolverValid .ResolverIPV6 }} + {{if .ResolverTimeout}}resolver_timeout {{.ResolverTimeout}};{{end}} {{- if .OIDC}} include oidc/oidc_common.conf; @@ -318,11 +315,8 @@ stream { {{- range $value := .StreamSnippets}} {{$value}}{{end}} - - {{- if .ResolverAddresses}} - resolver {{range $resolver := .ResolverAddresses}}{{$resolver}}{{end}}{{if .ResolverValid}} valid={{.ResolverValid}}{{end}}{{if not .ResolverIPV6}} ipv6=off{{end}}; + {{ makeResolver .ResolverAddresses .ResolverValid .ResolverIPV6 }} {{if .ResolverTimeout}}resolver_timeout {{.ResolverTimeout}};{{end}} - {{- end}} map_hash_max_size {{.MapHashMaxSize}}; {{if .MapHashBucketSize}}map_hash_bucket_size {{.MapHashBucketSize}};{{end}} diff --git a/internal/configs/version1/template_helper.go b/internal/configs/version1/template_helper.go index a5d8d5b3bf..bd6232e5fe 100644 --- a/internal/configs/version1/template_helper.go +++ b/internal/configs/version1/template_helper.go @@ -182,6 +182,26 @@ func generateProxySetHeaders(loc *Location, ingressAnnotations map[string]string return combinedHeaders, nil } +func makeResolver(resolverAddresses []string, resolverValid string, resolverIPV6 bool) string { + var builder strings.Builder + if len(resolverAddresses) > 0 { + builder.WriteString("resolver") + for _, address := range resolverAddresses { + builder.WriteString(" ") + builder.WriteString(address) + } + if resolverValid != "" { + builder.WriteString(" valid=") + builder.WriteString(resolverValid) + } + if !resolverIPV6 { + builder.WriteString(" ipv6=off") + } + builder.WriteString(";") + } + return builder.String() +} + var helperFunctions = template.FuncMap{ "split": split, "trim": trim, @@ -194,4 +214,5 @@ var helperFunctions = template.FuncMap{ "makeLocationPath": makeLocationPath, "makeSecretPath": commonhelpers.MakeSecretPath, "generateProxySetHeaders": generateProxySetHeaders, + "makeResolver": makeResolver, } diff --git a/internal/configs/version1/template_helper_test.go b/internal/configs/version1/template_helper_test.go index 684f69860e..8cc7f94e5e 100644 --- a/internal/configs/version1/template_helper_test.go +++ b/internal/configs/version1/template_helper_test.go @@ -830,3 +830,90 @@ func TestGenerateProxySetHeadersForValidHeadersInOnlyOneMinion(t *testing.T) { }) } } + +func TestMakeResolver(t *testing.T) { + t.Parallel() + + testCases := []struct { + name string + resolverAddresses []string + resolverValid string + resolverIPV6 bool + expected string + }{ + { + name: "No addresses", + resolverAddresses: []string{}, + resolverValid: "", + resolverIPV6: true, + expected: "", + }, + { + name: "Single address, default options", + resolverAddresses: []string{"8.8.8.8"}, + resolverValid: "", + resolverIPV6: true, + expected: "resolver 8.8.8.8;", + }, + { + name: "Multiple addresses, valid time, ipv6 on", + resolverAddresses: []string{"8.8.8.8", "8.8.4.4"}, + resolverValid: "30s", + resolverIPV6: true, + expected: "resolver 8.8.8.8 8.8.4.4 valid=30s;", + }, + { + name: "Single address, ipv6 off", + resolverAddresses: []string{"8.8.8.8"}, + resolverValid: "", + resolverIPV6: false, + expected: "resolver 8.8.8.8 ipv6=off;", + }, + { + name: "Multiple addresses, valid time, ipv6 off", + resolverAddresses: []string{"8.8.8.8", "8.8.4.4"}, + resolverValid: "30s", + resolverIPV6: false, + expected: "resolver 8.8.8.8 8.8.4.4 valid=30s ipv6=off;", + }, + { + name: "No valid time, ipv6 off", + resolverAddresses: []string{"8.8.8.8"}, + resolverValid: "", + resolverIPV6: false, + expected: "resolver 8.8.8.8 ipv6=off;", + }, + { + name: "Valid time only", + resolverAddresses: []string{"8.8.8.8"}, + resolverValid: "10s", + resolverIPV6: true, + expected: "resolver 8.8.8.8 valid=10s;", + }, + { + name: "IPv6 only", + resolverAddresses: []string{"8.8.8.8"}, + resolverValid: "", + resolverIPV6: false, + expected: "resolver 8.8.8.8 ipv6=off;", + }, + { + name: "All options", + resolverAddresses: []string{"8.8.8.8", "8.8.4.4", "1.1.1.1"}, + resolverValid: "60s", + resolverIPV6: false, + expected: "resolver 8.8.8.8 8.8.4.4 1.1.1.1 valid=60s ipv6=off;", + }, + } + + for _, tc := range testCases { + tc := tc + t.Run(tc.name, func(t *testing.T) { + t.Parallel() + got := makeResolver(tc.resolverAddresses, tc.resolverValid, tc.resolverIPV6) + if got != tc.expected { + t.Errorf("makeResolver(%v, %q, %v) = %q; want %q", tc.resolverAddresses, tc.resolverValid, tc.resolverIPV6, got, tc.expected) + } + }) + } +}