BUG/MEDIUM: haproxy rules should be mapped to ingress.Namespace+ingress.Name

Mo3m3n · Mo3m3n · commit 2650e2989289 · 2021-03-01T19:05:31.000+01:00
We used to have haproxy rules mapped only to ingress.Name this results in
conflicts when the same ingress name is reused in different namespaces.
diff --git a/controller/configuration.go b/controller/configuration.go
@@ -64,41 +64,41 @@ func (c *Configuration) HAProxyRulesInit() error {
 		// ForwardedProto rule
 		c.HAProxyRules.AddRule(rules.SetHdr{
 			ForwardedProto: true,
-		}, nil, FrontendHTTPS),
+		}, "", FrontendHTTPS),
 		// txn.base var used for logging
 		c.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "base",
 			Scope:      "txn",
 			Expression: "base",
-		}, nil, FrontendHTTP, FrontendHTTPS),
+		}, "", FrontendHTTP, FrontendHTTPS),
 		// Backend switching rules.
 		c.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "path",
 			Scope:      "txn",
 			Expression: "path",
-		}, nil, FrontendHTTP, FrontendHTTPS),
+		}, "", FrontendHTTP, FrontendHTTPS),
 		c.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "host",
 			Scope:      "txn",
 			Expression: fmt.Sprintf("req.hdr(Host),field(1,:),lower,map(%s)", haproxy.GetMapPath(HOST)),
-		}, nil, FrontendHTTP, FrontendHTTPS),
+		}, "", FrontendHTTP, FrontendHTTPS),
 		c.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "host",
 			Scope:      "txn",
 			Expression: fmt.Sprintf("req.hdr(Host),field(1,:),regsub(^[^.]*,,),lower,map(%s,'')", haproxy.GetMapPath(HOST)),
 			CondTest:   "!{ var(txn.host) -m found }",
-		}, nil, FrontendHTTP, FrontendHTTPS),
+		}, "", FrontendHTTP, FrontendHTTPS),
 		c.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "match",
 			Scope:      "txn",
 			Expression: fmt.Sprintf("var(txn.host),concat(,txn.path,),map(%s)", haproxy.GetMapPath(PATH_EXACT)),
-		}, nil, FrontendHTTP, FrontendHTTPS),
+		}, "", FrontendHTTP, FrontendHTTPS),
 		c.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "match",
 			Scope:      "txn",
 			Expression: fmt.Sprintf("var(txn.host),concat(,txn.path,),map_beg(%s)", haproxy.GetMapPath(PATH_PREFIX)),
 			CondTest:   "!{ var(txn.match) -m found }",
-		}, nil, FrontendHTTP, FrontendHTTPS),
+		}, "", FrontendHTTP, FrontendHTTPS),
 	)
 
 	return errors.Result()
diff --git a/controller/controller.go b/controller/controller.go
@@ -246,7 +246,7 @@ func (c *HAProxyController) updateHAProxy() {
 						Ingress:        ingress,
 						Host:           rule.Host,
 						Path:           path,
-						HAProxyRules:   c.cfg.HAProxyRules.GetIngressRuleIDs(ingress.Name),
+						HAProxyRules:   c.cfg.HAProxyRules.GetIngressRuleIDs(ingress.Namespace + "-" + ingress.Name),
 						SSLPassthrough: c.sslPassthroughEnabled(namespace, ingress, path),
 					}))
 				}
diff --git a/controller/frontend-annotations.go b/controller/frontend-annotations.go
@@ -60,7 +60,7 @@ func (c *HAProxyController) handleSourceIPHeader(ingress *store.Ingress) {
 	reqSetSrc := rules.ReqSetSrc{
 		HeaderName: srcIPHeader.Value,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqSetSrc, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqSetSrc, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleBlacklisting(ingress *store.Ingress) {
@@ -90,7 +90,7 @@ func (c *HAProxyController) handleBlacklisting(ingress *store.Ingress) {
 	reqBlackList := rules.ReqDeny{
 		SrcIPsMap: mapName,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqBlackList, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqBlackList, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleWhitelisting(ingress *store.Ingress) {
@@ -121,7 +121,7 @@ func (c *HAProxyController) handleWhitelisting(ingress *store.Ingress) {
 		SrcIPsMap: mapName,
 		Whitelist: true,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqWhitelist, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqWhitelist, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleRequestRateLimiting(ingress *store.Ingress) {
@@ -171,8 +171,8 @@ func (c *HAProxyController) handleRequestRateLimiting(ingress *store.Ingress) {
 		ReqsLimit:      reqsLimit,
 		DenyStatusCode: rateLimitCode,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqTrack, &ingress.Name, FrontendHTTP, FrontendHTTPS))
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqRateLimit, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqTrack, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqRateLimit, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleRequestBasicAuth(ingress *store.Ingress) {
@@ -232,7 +232,7 @@ func (c *HAProxyController) handleRequestBasicAuth(ingress *store.Ingress) {
 		AuthRealm: realm,
 		AuthGroup: userListName,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqBasicAuth, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqBasicAuth, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleRequestHostRedirect(ingress *store.Ingress) {
@@ -252,9 +252,9 @@ func (c *HAProxyController) handleRequestHostRedirect(ingress *store.Ingress) {
 		RedirectCode: domainRedirectCode,
 		Host:         annDomainRedirect.Value,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, &ingress.Name, FrontendHTTP))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, ingress.Namespace+"-"+ingress.Name, FrontendHTTP))
 	reqDomainRedirect.SSLRequest = true
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, &ingress.Name, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, ingress.Namespace+"-"+ingress.Name, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleRequestHTTPSRedirect(ingress *store.Ingress) {
@@ -290,7 +290,7 @@ func (c *HAProxyController) handleRequestHTTPSRedirect(ingress *store.Ingress) {
 		RedirectPort: sslRedirectPort,
 		SSLRedirect:  true,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqSSLRedirect, &ingress.Name, FrontendHTTP))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqSSLRedirect, ingress.Namespace+"-"+ingress.Name, FrontendHTTP))
 }
 
 func (c *HAProxyController) handleRequestCapture(ingress *store.Ingress) {
@@ -321,7 +321,7 @@ func (c *HAProxyController) handleRequestCapture(ingress *store.Ingress) {
 			Expression: sample,
 			CaptureLen: captureLen,
 		}
-		logger.Error(c.cfg.HAProxyRules.AddRule(reqCapture, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+		logger.Error(c.cfg.HAProxyRules.AddRule(reqCapture, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 	}
 }
 
@@ -341,7 +341,7 @@ func (c *HAProxyController) handleRequestSetHost(ingress *store.Ingress) {
 		HdrName:   "Host",
 		HdrFormat: annSetHost.Value,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHost, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHost, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleRequestPathRewrite(ingress *store.Ingress) {
@@ -374,7 +374,7 @@ func (c *HAProxyController) handleRequestPathRewrite(ingress *store.Ingress) {
 		logger.Errorf("incorrect value '%s', path-rewrite takes 1 or 2 params ", annPathRewrite.Value)
 		return
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(reqPathReWrite, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(reqPathReWrite, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleRequestSetHdr(ingress *store.Ingress) {
@@ -399,7 +399,7 @@ func (c *HAProxyController) handleRequestSetHdr(ingress *store.Ingress) {
 			HdrName:   parts[0],
 			HdrFormat: parts[1],
 		}
-		logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+		logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 	}
 }
 
@@ -429,7 +429,7 @@ func (c *HAProxyController) handleResponseSetHdr(ingress *store.Ingress) {
 			HdrFormat: param[indexSpace+1:],
 			Response:  true,
 		}
-		logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+		logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 	}
 }
 
@@ -481,7 +481,7 @@ func (c *HAProxyController) handleResponseCorsOrigin(ingress *store.Ingress) (ac
 		Name:       originVar,
 		Scope:      "txn",
 		Expression: "req.hdr(origin)",
-	}, &ingress.Name, FrontendHTTP, FrontendHTTPS)
+	}, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS)
 	if err != nil {
 		return acl, err
 	}
@@ -500,7 +500,7 @@ func (c *HAProxyController) handleResponseCorsOrigin(ingress *store.Ingress) (ac
 		resSetHdr.HdrFormat = "%[var(txn." + originVar + ")]"
 		resSetHdr.CondTest = acl
 	}
-	err = c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS)
+	err = c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS)
 	if err != nil {
 		return acl, err
 	}
@@ -537,7 +537,7 @@ func (c *HAProxyController) handleResponseCorsMethod(ingress *store.Ingress, acl
 		Response:  true,
 		CondTest:  acl,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleResponseCorsCredential(ingress *store.Ingress, acl string) {
@@ -561,7 +561,7 @@ func (c *HAProxyController) handleResponseCorsCredential(ingress *store.Ingress,
 		Response:  true,
 		CondTest:  acl,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleResponseCorsHeaders(ingress *store.Ingress, acl string) {
@@ -581,7 +581,7 @@ func (c *HAProxyController) handleResponseCorsHeaders(ingress *store.Ingress, ac
 		Response:  true,
 		CondTest:  acl,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func (c *HAProxyController) handleResponseCorsMaxAge(ingress *store.Ingress, acl string) {
@@ -611,7 +611,7 @@ func (c *HAProxyController) handleResponseCorsMaxAge(ingress *store.Ingress, acl
 		Response:  true,
 		CondTest:  acl,
 	}
-	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))
+	logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))
 }
 
 func tlsEnabled(ingress *store.Ingress) bool {
diff --git a/controller/handler-https.go b/controller/handler-https.go
@@ -191,15 +191,15 @@ func (h HTTPS) sslPassthroughRules(k store.K8s, cfg *Configuration) error {
 	cfg.HAProxyRules.EnableSSLPassThrough(FrontendSSL, FrontendHTTPS)
 	errors := utils.Errors{}
 	errors.Add(
-		cfg.HAProxyRules.AddRule(rules.ReqAcceptContent{}, nil, FrontendSSL),
+		cfg.HAProxyRules.AddRule(rules.ReqAcceptContent{}, "", FrontendSSL),
 		cfg.HAProxyRules.AddRule(rules.ReqSetVar{
 			Name:       "sni",
 			Scope:      "sess",
 			Expression: "req_ssl_sni",
-		}, nil, FrontendSSL),
+		}, "", FrontendSSL),
 		cfg.HAProxyRules.AddRule(rules.ReqInspectDelay{
 			Timeout: inspectTimeout,
-		}, nil, FrontendSSL),
+		}, "", FrontendSSL),
 	)
 	return errors.Result()
 }
diff --git a/controller/handler-proxy-protocol.go b/controller/handler-proxy-protocol.go
@@ -51,6 +51,6 @@ func (p ProxyProtocol) Update(k store.K8s, cfg *Configuration, api api.HAProxyCl
 	}
 	// Configure Annotation
 	logger.Debugf("Configuring ProxyProtcol annotation")
-	err = cfg.HAProxyRules.AddRule(rules.ReqProxyProtocol{SrcIPsMap: mapName}, nil, FrontendHTTP, FrontendHTTPS)
+	err = cfg.HAProxyRules.AddRule(rules.ReqProxyProtocol{SrcIPsMap: mapName}, "", FrontendHTTP, FrontendHTTPS)
 	return false, err
 }
diff --git a/controller/haproxy/rules.go b/controller/haproxy/rules.go
@@ -85,7 +85,7 @@ func NewRules() *Rules {
 	}
 }
 
-func (r Rules) AddRule(rule Rule, ingressName *string, frontends ...string) error {
+func (r Rules) AddRule(rule Rule, ingressName string, frontends ...string) error {
 	if rule == nil || len(frontends) == 0 {
 		return fmt.Errorf("invalid params")
 	}
@@ -111,11 +111,11 @@ func (r Rules) AddRule(rule Rule, ingressName *string, frontends ...string) erro
 			ftRules.status[id] = TO_CREATE
 		}
 	}
-	if ingressName != nil {
+	if ingressName != "" {
 		for _, frontend := range frontends {
 			r.frontendRules[frontend].status[id] |= INGRESS
 		}
-		r.ingressRuleIDs[*ingressName] = append(r.ingressRuleIDs[*ingressName], id)
+		r.ingressRuleIDs[ingressName] = append(r.ingressRuleIDs[ingressName], id)
 	}
 	return nil
 }

Original file line number	Diff line number	Diff line change
`@@ -246,7 +246,7 @@ func (c *HAProxyController) updateHAProxy() {`
`246`	`246`	`Ingress: ingress,`
`247`	`247`	`Host: rule.Host,`
`248`	`248`	`Path: path,`
`249`		`- HAProxyRules: c.cfg.HAProxyRules.GetIngressRuleIDs(ingress.Name),`
	`249`	`+ HAProxyRules: c.cfg.HAProxyRules.GetIngressRuleIDs(ingress.Namespace + "-" + ingress.Name),`
`250`	`250`	`SSLPassthrough: c.sslPassthroughEnabled(namespace, ingress, path),`
`251`	`251`	`}))`
`252`	`252`	`}`
Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,7 @@ func (c HAProxyController) handleSourceIPHeader(ingress store.Ingress) {`
`60`	`60`	`reqSetSrc := rules.ReqSetSrc{`
`61`	`61`	`HeaderName: srcIPHeader.Value,`
`62`	`62`	`}`
`63`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqSetSrc, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`63`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqSetSrc, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`func (c HAProxyController) handleBlacklisting(ingress store.Ingress) {`
`@@ -90,7 +90,7 @@ func (c HAProxyController) handleBlacklisting(ingress store.Ingress) {`
`90`	`90`	`reqBlackList := rules.ReqDeny{`
`91`	`91`	`SrcIPsMap: mapName,`
`92`	`92`	`}`
`93`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqBlackList, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`93`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqBlackList, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`94`	`94`	`}`
`95`	`95`
`96`	`96`	`func (c HAProxyController) handleWhitelisting(ingress store.Ingress) {`
`@@ -121,7 +121,7 @@ func (c HAProxyController) handleWhitelisting(ingress store.Ingress) {`
`121`	`121`	`SrcIPsMap: mapName,`
`122`	`122`	`Whitelist: true,`
`123`	`123`	`}`
`124`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqWhitelist, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`124`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqWhitelist, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`125`	`125`	`}`
`126`	`126`
`127`	`127`	`func (c HAProxyController) handleRequestRateLimiting(ingress store.Ingress) {`
`@@ -171,8 +171,8 @@ func (c HAProxyController) handleRequestRateLimiting(ingress store.Ingress) {`
`171`	`171`	`ReqsLimit: reqsLimit,`
`172`	`172`	`DenyStatusCode: rateLimitCode,`
`173`	`173`	`}`
`174`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqTrack, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
`175`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqRateLimit, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`174`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqTrack, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`175`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqRateLimit, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`176`	`176`	`}`
`177`	`177`
`178`	`178`	`func (c HAProxyController) handleRequestBasicAuth(ingress store.Ingress) {`
`@@ -232,7 +232,7 @@ func (c HAProxyController) handleRequestBasicAuth(ingress store.Ingress) {`
`232`	`232`	`AuthRealm: realm,`
`233`	`233`	`AuthGroup: userListName,`
`234`	`234`	`}`
`235`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqBasicAuth, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`235`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqBasicAuth, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`236`	`236`	`}`
`237`	`237`
`238`	`238`	`func (c HAProxyController) handleRequestHostRedirect(ingress store.Ingress) {`
`@@ -252,9 +252,9 @@ func (c HAProxyController) handleRequestHostRedirect(ingress store.Ingress) {`
`252`	`252`	`RedirectCode: domainRedirectCode,`
`253`	`253`	`Host: annDomainRedirect.Value,`
`254`	`254`	`}`
`255`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, &ingress.Name, FrontendHTTP))`
	`255`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, ingress.Namespace+"-"+ingress.Name, FrontendHTTP))`
`256`	`256`	`reqDomainRedirect.SSLRequest = true`
`257`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, &ingress.Name, FrontendHTTPS))`
	`257`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqDomainRedirect, ingress.Namespace+"-"+ingress.Name, FrontendHTTPS))`
`258`	`258`	`}`
`259`	`259`
`260`	`260`	`func (c HAProxyController) handleRequestHTTPSRedirect(ingress store.Ingress) {`
`@@ -290,7 +290,7 @@ func (c HAProxyController) handleRequestHTTPSRedirect(ingress store.Ingress) {`
`290`	`290`	`RedirectPort: sslRedirectPort,`
`291`	`291`	`SSLRedirect: true,`
`292`	`292`	`}`
`293`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqSSLRedirect, &ingress.Name, FrontendHTTP))`
	`293`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqSSLRedirect, ingress.Namespace+"-"+ingress.Name, FrontendHTTP))`
`294`	`294`	`}`
`295`	`295`
`296`	`296`	`func (c HAProxyController) handleRequestCapture(ingress store.Ingress) {`
`@@ -321,7 +321,7 @@ func (c HAProxyController) handleRequestCapture(ingress store.Ingress) {`
`321`	`321`	`Expression: sample,`
`322`	`322`	`CaptureLen: captureLen,`
`323`	`323`	`}`
`324`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqCapture, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`324`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqCapture, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`325`	`325`	`}`
`326`	`326`	`}`
`327`	`327`
`@@ -341,7 +341,7 @@ func (c HAProxyController) handleRequestSetHost(ingress store.Ingress) {`
`341`	`341`	`HdrName: "Host",`
`342`	`342`	`HdrFormat: annSetHost.Value,`
`343`	`343`	`}`
`344`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHost, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`344`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHost, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`345`	`345`	`}`
`346`	`346`
`347`	`347`	`func (c HAProxyController) handleRequestPathRewrite(ingress store.Ingress) {`
`@@ -374,7 +374,7 @@ func (c HAProxyController) handleRequestPathRewrite(ingress store.Ingress) {`
`374`	`374`	`logger.Errorf("incorrect value '%s', path-rewrite takes 1 or 2 params ", annPathRewrite.Value)`
`375`	`375`	`return`
`376`	`376`	`}`
`377`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqPathReWrite, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`377`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqPathReWrite, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`378`	`378`	`}`
`379`	`379`
`380`	`380`	`func (c HAProxyController) handleRequestSetHdr(ingress store.Ingress) {`
`@@ -399,7 +399,7 @@ func (c HAProxyController) handleRequestSetHdr(ingress store.Ingress) {`
`399`	`399`	`HdrName: parts[0],`
`400`	`400`	`HdrFormat: parts[1],`
`401`	`401`	`}`
`402`		`- logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`402`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(reqSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`403`	`403`	`}`
`404`	`404`	`}`
`405`	`405`
`@@ -429,7 +429,7 @@ func (c HAProxyController) handleResponseSetHdr(ingress store.Ingress) {`
`429`	`429`	`HdrFormat: param[indexSpace+1:],`
`430`	`430`	`Response: true,`
`431`	`431`	`}`
`432`		`- logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`432`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`433`	`433`	`}`
`434`	`434`	`}`
`435`	`435`
`@@ -481,7 +481,7 @@ func (c HAProxyController) handleResponseCorsOrigin(ingress store.Ingress) (ac`
`481`	`481`	`Name: originVar,`
`482`	`482`	`Scope: "txn",`
`483`	`483`	`Expression: "req.hdr(origin)",`
`484`		`- }, &ingress.Name, FrontendHTTP, FrontendHTTPS)`
	`484`	`+ }, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS)`
`485`	`485`	`if err != nil {`
`486`	`486`	`return acl, err`
`487`	`487`	`}`
`@@ -500,7 +500,7 @@ func (c HAProxyController) handleResponseCorsOrigin(ingress store.Ingress) (ac`
`500`	`500`	`resSetHdr.HdrFormat = "%[var(txn." + originVar + ")]"`
`501`	`501`	`resSetHdr.CondTest = acl`
`502`	`502`	`}`
`503`		`- err = c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS)`
	`503`	`+ err = c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS)`
`504`	`504`	`if err != nil {`
`505`	`505`	`return acl, err`
`506`	`506`	`}`
`@@ -537,7 +537,7 @@ func (c HAProxyController) handleResponseCorsMethod(ingress store.Ingress, acl`
`537`	`537`	`Response: true,`
`538`	`538`	`CondTest: acl,`
`539`	`539`	`}`
`540`		`- logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`540`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`541`	`541`	`}`
`542`	`542`
`543`	`543`	`func (c HAProxyController) handleResponseCorsCredential(ingress store.Ingress, acl string) {`
`@@ -561,7 +561,7 @@ func (c HAProxyController) handleResponseCorsCredential(ingress store.Ingress,`
`561`	`561`	`Response: true,`
`562`	`562`	`CondTest: acl,`
`563`	`563`	`}`
`564`		`- logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`564`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`565`	`565`	`}`
`566`	`566`
`567`	`567`	`func (c HAProxyController) handleResponseCorsHeaders(ingress store.Ingress, acl string) {`
`@@ -581,7 +581,7 @@ func (c HAProxyController) handleResponseCorsHeaders(ingress store.Ingress, ac`
`581`	`581`	`Response: true,`
`582`	`582`	`CondTest: acl,`
`583`	`583`	`}`
`584`		`- logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`584`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`585`	`585`	`}`
`586`	`586`
`587`	`587`	`func (c HAProxyController) handleResponseCorsMaxAge(ingress store.Ingress, acl string) {`
`@@ -611,7 +611,7 @@ func (c HAProxyController) handleResponseCorsMaxAge(ingress store.Ingress, acl`
`611`	`611`	`Response: true,`
`612`	`612`	`CondTest: acl,`
`613`	`613`	`}`
`614`		`- logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, &ingress.Name, FrontendHTTP, FrontendHTTPS))`
	`614`	`+ logger.Error(c.cfg.HAProxyRules.AddRule(resSetHdr, ingress.Namespace+"-"+ingress.Name, FrontendHTTP, FrontendHTTPS))`
`615`	`615`	`}`
`616`	`616`
`617`	`617`	`func tlsEnabled(ingress *store.Ingress) bool {`
Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,6 @@ func (p ProxyProtocol) Update(k store.K8s, cfg *Configuration, api api.HAProxyCl`
`51`	`51`	`}`
`52`	`52`	`// Configure Annotation`
`53`	`53`	`logger.Debugf("Configuring ProxyProtcol annotation")`
`54`		`- err = cfg.HAProxyRules.AddRule(rules.ReqProxyProtocol{SrcIPsMap: mapName}, nil, FrontendHTTP, FrontendHTTPS)`
	`54`	`+ err = cfg.HAProxyRules.AddRule(rules.ReqProxyProtocol{SrcIPsMap: mapName}, "", FrontendHTTP, FrontendHTTPS)`
`55`	`55`	`return false, err`
`56`	`56`	`}`
Original file line number	Diff line number	Diff line change
`@@ -85,7 +85,7 @@ func NewRules() *Rules {`
`85`	`85`	`}`
`86`	`86`	`}`
`87`	`87`
`88`		`-func (r Rules) AddRule(rule Rule, ingressName *string, frontends ...string) error {`
	`88`	`+func (r Rules) AddRule(rule Rule, ingressName string, frontends ...string) error {`
`89`	`89`	`if rule == nil \|\| len(frontends) == 0 {`
`90`	`90`	`return fmt.Errorf("invalid params")`
`91`	`91`	`}`
`@@ -111,11 +111,11 @@ func (r Rules) AddRule(rule Rule, ingressName *string, frontends ...string) erro`
`111`	`111`	`ftRules.status[id] = TO_CREATE`
`112`	`112`	`}`
`113`	`113`	`}`
`114`		`- if ingressName != nil {`
	`114`	`+ if ingressName != "" {`
`115`	`115`	`for _, frontend := range frontends {`
`116`	`116`	`r.frontendRules[frontend].status[id] \|= INGRESS`
`117`	`117`	`}`
`118`		`- r.ingressRuleIDs[ingressName] = append(r.ingressRuleIDs[ingressName], id)`
	`118`	`+ r.ingressRuleIDs[ingressName] = append(r.ingressRuleIDs[ingressName], id)`
`119`	`119`	`}`
`120`	`120`	`return nil`
`121`	`121`	`}`