REORG: move Ingress handler in a seperate pacakge

Author: Mo3m3n

controller/annotations/annotations.go

@@ -59,7 +59,7 @@ func Defaults(d *models.Defaults) []Annotation {
 	}
 }
 
-func Frontend(i store.Ingress, r *rules.Rules, m maps.MapFiles) []Annotation {
+func Frontend(i *store.Ingress, r *rules.Rules, m maps.MapFiles) []Annotation {
 	reqRateLimit := ingress.NewReqRateLimit(r)
 	httpsRedirect := ingress.NewHTTPSRedirect(r, i)
 	hostRedirect := ingress.NewHostRedirect(r)

controller/annotations/ingress/basicAuth.go

@@ -12,16 +12,16 @@ import (
 type ReqAuth struct {
 	authRule *rules.ReqBasicAuth
 	rules    *rules.Rules
-	ingress  store.Ingress
+	ingress  *store.Ingress
 }
 
 type ReqAuthAnn struct {
 	name   string
 	parent *ReqAuth
 }
 
-func NewReqAuth(r *rules.Rules, i store.Ingress) *ReqAuth {
-	return &ReqAuth{rules: r, ingress: i}
+func NewReqAuth(rules *rules.Rules, i *store.Ingress) *ReqAuth {
+	return &ReqAuth{rules: rules, ingress: i}
 }
 
 func (p *ReqAuth) NewAnnotation(n string) ReqAuthAnn {
@@ -44,7 +44,7 @@ func (a ReqAuthAnn) Process(k store.K8s, annotations ...map[string]string) (err
 			return fmt.Errorf("incorrect auth-type value '%s'. Only 'basic-auth' value is currently supported", input)
 		}
 		authGroup := "Global"
-		if a.parent.ingress.Namespace != "" {
+		if a.parent.ingress != nil {
 			authGroup = fmt.Sprintf("%s-%s", a.parent.ingress.Namespace, a.parent.ingress.Name)
 		}
 		a.parent.authRule = &rules.ReqBasicAuth{

controller/annotations/ingress/httpsRedirect.go

@@ -13,16 +13,16 @@ import (
 type HTTPSRedirect struct {
 	redirect *rules.RequestRedirect
 	rules    *rules.Rules
-	ingress  store.Ingress
+	ingress  *store.Ingress
 }
 
 type HTTPSRedirectAnn struct {
 	name   string
 	parent *HTTPSRedirect
 }
 
-func NewHTTPSRedirect(r *rules.Rules, i store.Ingress) *HTTPSRedirect {
-	return &HTTPSRedirect{rules: r, ingress: i}
+func NewHTTPSRedirect(rules *rules.Rules, i *store.Ingress) *HTTPSRedirect {
+	return &HTTPSRedirect{rules: rules, ingress: i}
 }
 
 func (p *HTTPSRedirect) NewAnnotation(n string) HTTPSRedirectAnn {
@@ -86,7 +86,10 @@ func (a HTTPSRedirectAnn) Process(k store.K8s, annotations ...map[string]string)
 	return
 }
 
-func tlsEnabled(ingress store.Ingress) bool {
+func tlsEnabled(ingress *store.Ingress) bool {
+	if ingress == nil {
+		return false
+	}
 	for _, tls := range ingress.TLS {
 		if tls.Status != store.DELETED {
 			return true

controller/controller.go

@@ -21,10 +21,9 @@ import (
 	"github.com/haproxytech/client-native/v2/models"
 	config "github.com/haproxytech/kubernetes-ingress/controller/configuration"
 	"github.com/haproxytech/kubernetes-ingress/controller/haproxy/api"
-	"github.com/haproxytech/kubernetes-ingress/controller/haproxy/certs"
 	"github.com/haproxytech/kubernetes-ingress/controller/haproxy/process"
+	"github.com/haproxytech/kubernetes-ingress/controller/ingress"
 	"github.com/haproxytech/kubernetes-ingress/controller/route"
-	"github.com/haproxytech/kubernetes-ingress/controller/status"
 	"github.com/haproxytech/kubernetes-ingress/controller/store"
 	"github.com/haproxytech/kubernetes-ingress/controller/utils"
 	"k8s.io/apimachinery/pkg/watch"
@@ -40,7 +39,7 @@ type HAProxyController struct {
 	PublishService *utils.NamespaceValue
 	AuxCfgModTime  int64
 	eventChan      chan SyncDataEvent
-	statusChan     chan status.SyncIngress
+	ingressChan    chan ingress.Sync
 	k8s            *K8s
 	ready          bool
 	reload         bool
@@ -122,8 +121,8 @@ func (c *HAProxyController) Start() {
 	go c.monitorChanges()
 	if c.PublishService != nil {
 		// Update Ingress status
-		c.statusChan = make(chan status.SyncIngress, watch.DefaultChanSize*6)
-		go status.UpdateIngress(c.k8s.API, c.Store, c.statusChan)
+		c.ingressChan = make(chan ingress.Sync, watch.DefaultChanSize*6)
+		go ingress.UpdateStatus(c.k8s.API, c.Store, c.OSArgs.IngressClass, c.OSArgs.EmptyIngressClass, c.ingressChan)
 	}
 }
 
@@ -160,60 +159,23 @@ func (c *HAProxyController) updateHAProxy() {
 		if !namespace.Relevant {
 			continue
 		}
-		for _, ingress := range namespace.Ingresses {
-			if ingress.Status == DELETED {
+		for _, ingResource := range namespace.Ingresses {
+			if ingResource.Status == DELETED {
 				continue
 			}
-			if !c.igClassIsSupported(ingress) {
-				logger.Debugf("ingress '%s/%s' ignored: no matching IngressClass", ingress.Namespace, ingress.Name)
+			i := ingress.New(ingResource, c.OSArgs.IngressClass, c.OSArgs.EmptyIngressClass)
+			if !i.Supported(c.Store) {
+				logger.Debugf("ingress '%s/%s' ignored: no matching IngressClass", ingResource.Namespace, ingResource.Name)
 				continue
 			}
-			if c.PublishService != nil && ingress.Status == ADDED {
+			if c.PublishService != nil && ingResource.Status == ADDED {
 				select {
-				case c.statusChan <- status.SyncIngress{Ingress: ingress}:
+				case c.ingressChan <- ingress.Sync{Ingress: ingResource}:
 				default:
-					logger.Errorf("Ingress %s/%s: unable to sync status: sync channel full", ingress.Namespace, ingress.Name)
-				}
-			}
-			if ingress.DefaultBackend != nil {
-				if reload, err = c.setDefaultService(ingress, []string{c.Cfg.FrontHTTP, c.Cfg.FrontHTTPS}); err != nil {
-					logger.Errorf("Ingress '%s/%s': default backend: %s", ingress.Namespace, ingress.Name, err)
-				} else {
-					c.reload = c.reload || reload
-				}
-			}
-			// Ingress secrets
-			logger.Tracef("ingress '%s/%s': processing secrets...", ingress.Namespace, ingress.Name)
-			for _, tls := range ingress.TLS {
-				if tls.Status == store.DELETED {
-					continue
-				}
-				secret, secErr := c.Store.GetSecret(ingress.Namespace, tls.SecretName)
-				if secErr != nil {
-					logger.Warningf("ingress '%s/%s': %s", ingress.Namespace, ingress.Name, secErr)
-					continue
-				}
-				_, err = c.Cfg.Certificates.HandleTLSSecret(secret, certs.FT_CERT)
-				logger.Error(err)
-			}
-			// Ingress annotations
-			logger.Tracef("ingress '%s/%s': processing annotations...", ingress.Namespace, ingress.Name)
-			if len(ingress.Rules) == 0 {
-				logger.Debugf("Ingress %s/%s: no rules defined", ingress.Namespace, ingress.Name)
-				continue
-			}
-			ruleIDs := c.handleIngressAnnotations(*ingress)
-			// Ingress rules
-			logger.Tracef("ingress '%s/%s': processing rules...", ingress.Namespace, ingress.Name)
-			for _, rule := range ingress.Rules {
-				for _, path := range rule.Paths {
-					if reload, err = c.handleIngressPath(ingress, rule.Host, path, ruleIDs); err != nil {
-						logger.Errorf("Ingress '%s/%s': %s", ingress.Namespace, ingress.Name, err)
-					} else {
-						c.reload = c.reload || reload
-					}
+					logger.Errorf("Ingress %s/%s: unable to sync status: sync channel full", ingResource.Namespace, ingResource.Name)
 				}
 			}
+			c.reload = i.Update(c.Store, &c.Cfg, c.Client) || c.reload
 		}
 	}
 

controller/global.go

@@ -20,8 +20,11 @@ import (
 	"github.com/haproxytech/client-native/v2/models"
 
 	"github.com/haproxytech/kubernetes-ingress/controller/annotations"
+	"github.com/haproxytech/kubernetes-ingress/controller/annotations/common"
 	"github.com/haproxytech/kubernetes-ingress/controller/configuration"
 	"github.com/haproxytech/kubernetes-ingress/controller/haproxy/certs"
+	"github.com/haproxytech/kubernetes-ingress/controller/ingress"
+	"github.com/haproxytech/kubernetes-ingress/controller/service"
 	"github.com/haproxytech/kubernetes-ingress/controller/store"
 )
 
@@ -30,7 +33,7 @@ func (c *HAProxyController) handleGlobalConfig() (reload, restart bool) {
 	reload = c.defaultsCfg() || reload
 	c.handleDefaultCert()
 	reload = c.handleDefaultService() || reload
-	_ = c.handleIngressAnnotations(store.Ingress{})
+	(&ingress.Ingress{}).HandleAnnotations(c.Store, &c.Cfg)
 	return reload, restart
 }
 
@@ -139,31 +142,23 @@ func (c *HAProxyController) defaultsCfg() (reload bool) {
 
 // handleDefaultService configures HAProy default backend provided via cli param "default-backend-service"
 func (c *HAProxyController) handleDefaultService() (reload bool) {
-	service, err := annotations.Service("default-backend-service", c.PodNamespace, c.Store, c.Store.ConfigMaps.Main.Annotations)
+	var svc *service.Service
+	ns, name, err := common.GetK8sPath("default-backend-service", c.Store.ConfigMaps.Main.Annotations)
 	if err != nil {
 		logger.Errorf("default service: %s", err)
-		return
 	}
-	if service == nil {
-		return
+	ingressPath := &store.IngressPath{
+		SvcNamespace:     ns,
+		SvcName:          name,
+		IsDefaultBackend: true,
+	}
+	if svc, err = service.New(c.Store, ingressPath, nil, false, c.Store.ConfigMaps.Main.Annotations); err == nil {
+		reload, err = svc.SetDefaultBackend(c.Store, &c.Cfg, c.Client, []string{c.Cfg.FrontHTTP, c.Cfg.FrontHTTPS})
 	}
-
-	ingress := &store.Ingress{
-		Namespace:   service.Namespace,
-		Name:        "DefaultService",
-		Annotations: map[string]string{},
-		DefaultBackend: &store.IngressPath{
-			SvcName:          service.Name,
-			SvcPortInt:       service.Ports[0].Port,
-			IsDefaultBackend: true,
-		},
-	}
-	reload, err = c.setDefaultService(ingress, []string{c.Cfg.FrontHTTP, c.Cfg.FrontHTTPS})
 	if err != nil {
 		logger.Errorf("default service: %s", err)
-		return
 	}
-	return reload
+	return
 }
 
 // handleDefaultCert configures default/fallback HAProxy certificate to use for client HTTPS requests.

controller/handler.go

@@ -43,12 +43,11 @@ func (c *HAProxyController) initHandlers() {
 		handler.ProxyProtocol{},
 		handler.ErrorFile{},
 		handler.TCPServices{
-			SetDefaultService: c.setDefaultService,
-			CertDir:           c.Cfg.Env.FrontendCertDir,
-			IPv4:              !c.OSArgs.DisableIPV4,
-			AddrIPv4:          c.OSArgs.IPV4BindAddr,
-			IPv6:              !c.OSArgs.DisableIPV6,
-			AddrIPv6:          c.OSArgs.IPV6BindAddr,
+			CertDir:  c.Cfg.Env.FrontendCertDir,
+			IPv4:     !c.OSArgs.DisableIPV4,
+			AddrIPv4: c.OSArgs.IPV4BindAddr,
+			IPv6:     !c.OSArgs.DisableIPV6,
+			AddrIPv6: c.OSArgs.IPV6BindAddr,
 		},
 		handler.PatternFiles{},
 		handler.Refresh{},

controller/handler/tcp-services.go

@@ -8,17 +8,17 @@ import (
 	"github.com/haproxytech/client-native/v2/models"
 	config "github.com/haproxytech/kubernetes-ingress/controller/configuration"
 	"github.com/haproxytech/kubernetes-ingress/controller/haproxy/api"
+	"github.com/haproxytech/kubernetes-ingress/controller/service"
 	"github.com/haproxytech/kubernetes-ingress/controller/store"
 	"github.com/haproxytech/kubernetes-ingress/controller/utils"
 )
 
 type TCPServices struct {
-	SetDefaultService func(ingress *store.Ingress, frontends []string) (reload bool, err error)
-	IPv4              bool
-	IPv6              bool
-	CertDir           string
-	AddrIPv4          string
-	AddrIPv6          string
+	IPv4     bool
+	IPv6     bool
+	CertDir  string
+	AddrIPv4 string
+	AddrIPv6 string
 }
 
 type tcpSvcParser struct {
@@ -50,7 +50,7 @@ func (t TCPServices) Update(k store.K8s, cfg *config.ControllerCfg, api api.HAPr
 			}
 		}
 		// Update  Frontend
-		reload, err = t.updateTCPFrontend(api, frontend, p)
+		reload, err = t.updateTCPFrontend(k, cfg, api, frontend, p)
 		if err != nil {
 			logger.Errorf("TCP frontend '%s': update failed: %s", frontendName, err)
 		}
@@ -152,7 +152,7 @@ func (t TCPServices) createTCPFrontend(api api.HAProxyClient, frontendName, bind
 	return frontend, true, nil
 }
 
-func (t TCPServices) updateTCPFrontend(api api.HAProxyClient, frontend models.Frontend, p tcpSvcParser) (reload bool, err error) {
+func (t TCPServices) updateTCPFrontend(k store.K8s, cfg *config.ControllerCfg, api api.HAProxyClient, frontend models.Frontend, p tcpSvcParser) (reload bool, err error) {
 	binds, err := api.FrontendBindsGet(frontend.Name)
 	if err != nil {
 		err = fmt.Errorf("failed to get bind lines: %w", err)
@@ -182,18 +182,17 @@ func (t TCPServices) updateTCPFrontend(api api.HAProxyClient, frontend models.Fr
 		reload = true
 		return
 	}
-	ingress := &store.Ingress{
-		Namespace:   p.service.Namespace,
-		Annotations: make(map[string]string),
-		DefaultBackend: &store.IngressPath{
-			SvcName:    p.service.Name,
-			SvcPortInt: p.port,
-		},
+
+	var svc *service.Service
+	var r bool
+	path := &store.IngressPath{
+		SvcNamespace:     p.service.Namespace,
+		SvcName:          p.service.Name,
+		SvcPortInt:       p.port,
+		IsDefaultBackend: true,
 	}
-	r, err := t.SetDefaultService(ingress, []string{frontend.Name})
-	if err != nil {
-		return
+	if svc, err = service.New(k, path, nil, true); err == nil {
+		r, err = svc.SetDefaultBackend(k, cfg, api, []string{frontend.Name})
 	}
-
 	return reload || r, err
 }