adding a customizable calue for controller class

Author: andpozo

controllers/ingress/group_controller.go

@@ -52,7 +52,7 @@ func NewGroupReconciler(cloud aws.Cloud, k8sClient client.Client, eventRecorder
 	annotationParser := annotations.NewSuffixAnnotationParser(annotations.AnnotationPrefixIngress)
 	authConfigBuilder := ingress.NewDefaultAuthConfigBuilder(annotationParser)
 	enhancedBackendBuilder := ingress.NewDefaultEnhancedBackendBuilder(k8sClient, annotationParser, authConfigBuilder, controllerConfig.IngressConfig.TolerateNonExistentBackendService, controllerConfig.IngressConfig.TolerateNonExistentBackendAction)
-	referenceIndexer := ingress.NewDefaultReferenceIndexer(enhancedBackendBuilder, authConfigBuilder, logger)
+	referenceIndexer := ingress.NewDefaultReferenceIndexer(enhancedBackendBuilder, authConfigBuilder, logger, controllerConfig.IngressConfig.ControllerClass)
 	trackingProvider := tracking.NewDefaultProvider(ingressTagPrefix, controllerConfig.ClusterName)
 	modelBuilder := ingress.NewDefaultModelBuilder(k8sClient, eventRecorder,
 		cloud.EC2(), cloud.ELBV2(), cloud.ACM(),
@@ -64,10 +64,10 @@ func NewGroupReconciler(cloud aws.Cloud, k8sClient client.Client, eventRecorder
 	stackMarshaller := deploy.NewDefaultStackMarshaller()
 	stackDeployer := deploy.NewDefaultStackDeployer(cloud, k8sClient, networkingSGManager, networkingSGReconciler, elbv2TaggingManager,
 		controllerConfig, ingressTagPrefix, logger)
-	classLoader := ingress.NewDefaultClassLoader(k8sClient, true)
+	classLoader := ingress.NewDefaultClassLoader(k8sClient, true, controllerConfig.IngressConfig.ControllerClass)
 	classAnnotationMatcher := ingress.NewDefaultClassAnnotationMatcher(controllerConfig.IngressConfig.IngressClass)
 	manageIngressesWithoutIngressClass := controllerConfig.IngressConfig.IngressClass == ""
-	groupLoader := ingress.NewDefaultGroupLoader(k8sClient, eventRecorder, annotationParser, classLoader, classAnnotationMatcher, manageIngressesWithoutIngressClass)
+	groupLoader := ingress.NewDefaultGroupLoader(k8sClient, eventRecorder, annotationParser, classLoader, classAnnotationMatcher, manageIngressesWithoutIngressClass, controllerConfig.IngressConfig.ControllerClass)
 	groupFinalizerManager := ingress.NewDefaultFinalizerManager(finalizerManager)
 
 	return &groupReconciler{

pkg/config/ingress_config.go

@@ -10,12 +10,14 @@ const (
 	flagTolerateNonExistentBackendService    = "tolerate-non-existent-backend-service"
 	flagTolerateNonExistentBackendAction     = "tolerate-non-existent-backend-action"
 	flagAllowedCAArns                        = "allowed-certificate-authority-arns"
+	flagControllerClass                      = "controller-class"
 	defaultIngressClass                      = "alb"
 	defaultDisableIngressClassAnnotation     = false
 	defaultDisableIngressGroupNameAnnotation = false
 	defaultMaxIngressConcurrentReconciles    = 3
 	defaultTolerateNonExistentBackendService = true
 	defaultTolerateNonExistentBackendAction  = true
+	defaultControllerClass                   = "ingress.k8s.aws/alb"
 )
 
 // IngressConfig contains the configurations for the Ingress controller
@@ -46,6 +48,9 @@ type IngressConfig struct {
 
 	// AllowedCertificateAuthoritiyARNs contains a list of all CAs to consider when discovering certificates for ingress resources
 	AllowedCertificateAuthorityARNs []string
+
+	// ControllerClass is the class for the ingress controller
+	ControllerClass string
 }
 
 // BindFlags binds the command line flags to the fields in the config object
@@ -63,4 +68,5 @@ func (cfg *IngressConfig) BindFlags(fs *pflag.FlagSet) {
 	fs.BoolVar(&cfg.TolerateNonExistentBackendAction, flagTolerateNonExistentBackendAction, defaultTolerateNonExistentBackendAction,
 		"Tolerate rules that specify a non-existent backend action")
 	fs.StringSliceVar(&cfg.AllowedCertificateAuthorityARNs, flagAllowedCAArns, []string{}, "Specify an optional list of CA ARNs to filter on in cert discovery")
+	fs.StringVar(&cfg.ControllerClass, flagControllerClass, defaultControllerClass, "ControllerClass is the class for the ingress controller, the default value is \"ingress.k8s.aws/alb\".")
 }

pkg/ingress/class_loader.go

@@ -18,7 +18,6 @@ import (
 
 const (
 	// the controller name used in IngressClass for ALB.
-	IngressClassControllerALB = "ingress.k8s.aws/alb"
 	// the Kind for IngressClassParams CRD.
 	ingressClassParamsKind = "IngressClassParams"
 	// default class from ingressClass
@@ -35,17 +34,19 @@ type ClassLoader interface {
 }
 
 // NewDefaultClassLoader constructs new defaultClassLoader instance.
-func NewDefaultClassLoader(client client.Client, loadParams bool) ClassLoader {
+func NewDefaultClassLoader(client client.Client, loadParams bool, controllerClass string) ClassLoader {
 	return &defaultClassLoader{
-		client:     client,
-		loadParams: loadParams,
+		client:          client,
+		loadParams:      loadParams,
+		controllerClass: controllerClass,
 	}
 }
 
 // default implementation for ClassLoader
 type defaultClassLoader struct {
-	client     client.Client
-	loadParams bool
+	client          client.Client
+	loadParams      bool
+	controllerClass string
 }
 
 // GetDefaultIngressClass returns the default IngressClass from the list of IngressClasses.
@@ -93,7 +94,7 @@ func (l *defaultClassLoader) Load(ctx context.Context, ing *networking.Ingress)
 		}
 		return ClassConfiguration{}, err
 	}
-	if ingClass.Spec.Controller != IngressClassControllerALB || ingClass.Spec.Parameters == nil || !l.loadParams {
+	if ingClass.Spec.Controller != l.controllerClass || ingClass.Spec.Parameters == nil || !l.loadParams {
 		return ClassConfiguration{
 			IngClass: ingClass,
 		}, nil

pkg/ingress/group_loader.go

@@ -45,7 +45,7 @@ type GroupLoader interface {
 }
 
 // NewDefaultGroupLoader constructs new GroupLoader instance.
-func NewDefaultGroupLoader(client client.Client, eventRecorder record.EventRecorder, annotationParser annotations.Parser, classLoader ClassLoader, classAnnotationMatcher ClassAnnotationMatcher, manageIngressesWithoutIngressClass bool) *defaultGroupLoader {
+func NewDefaultGroupLoader(client client.Client, eventRecorder record.EventRecorder, annotationParser annotations.Parser, classLoader ClassLoader, classAnnotationMatcher ClassAnnotationMatcher, manageIngressesWithoutIngressClass bool, controllerClass string) *defaultGroupLoader {
 	return &defaultGroupLoader{
 		client:           client,
 		eventRecorder:    eventRecorder,
@@ -54,6 +54,7 @@ func NewDefaultGroupLoader(client client.Client, eventRecorder record.EventRecor
 		classLoader:                        classLoader,
 		classAnnotationMatcher:             classAnnotationMatcher,
 		manageIngressesWithoutIngressClass: manageIngressesWithoutIngressClass,
+		controllerClass:                    controllerClass,
 	}
 }
 
@@ -74,6 +75,7 @@ type defaultGroupLoader struct {
 	// manageIngressesWithoutIngressClass specifies whether ingresses without "kubernetes.io/ingress.class" annotation
 	// and "spec.ingressClassName" should be managed or not.
 	manageIngressesWithoutIngressClass bool
+	controllerClass                    string
 }
 
 func (m *defaultGroupLoader) Load(ctx context.Context, groupID GroupID) (Group, error) {
@@ -219,7 +221,7 @@ func (m *defaultGroupLoader) classifyIngress(ctx context.Context, ing *networkin
 		return ClassifiedIngress{
 			Ing:            ing,
 			IngClassConfig: ingClassConfig,
-		}, ingClassConfig.IngClass.Spec.Controller == IngressClassControllerALB, nil
+		}, ingClassConfig.IngClass.Spec.Controller == m.controllerClass, nil
 	}
 
 	return ClassifiedIngress{

pkg/ingress/reference_indexer.go

@@ -35,11 +35,12 @@ type ReferenceIndexer interface {
 }
 
 // NewDefaultReferenceIndexer constructs new defaultReferenceIndexer.
-func NewDefaultReferenceIndexer(enhancedBackendBuilder EnhancedBackendBuilder, authConfigBuilder AuthConfigBuilder, logger logr.Logger) *defaultReferenceIndexer {
+func NewDefaultReferenceIndexer(enhancedBackendBuilder EnhancedBackendBuilder, authConfigBuilder AuthConfigBuilder, logger logr.Logger, controllerClass string) *defaultReferenceIndexer {
 	return &defaultReferenceIndexer{
 		enhancedBackendBuilder: enhancedBackendBuilder,
 		authConfigBuilder:      authConfigBuilder,
 		logger:                 logger,
+		controllerClass:        controllerClass,
 	}
 }
 
@@ -50,6 +51,7 @@ type defaultReferenceIndexer struct {
 	enhancedBackendBuilder EnhancedBackendBuilder
 	authConfigBuilder      AuthConfigBuilder
 	logger                 logr.Logger
+	controllerClass        string
 }
 
 func (i *defaultReferenceIndexer) BuildServiceRefIndexes(ctx context.Context, ing *networking.Ingress) []string {
@@ -103,7 +105,7 @@ func (i *defaultReferenceIndexer) BuildIngressClassRefIndexes(_ context.Context,
 }
 
 func (i *defaultReferenceIndexer) BuildIngressClassParamsRefIndexes(_ context.Context, ingClass *networking.IngressClass) []string {
-	if ingClass.Spec.Controller != IngressClassControllerALB || ingClass.Spec.Parameters == nil {
+	if ingClass.Spec.Controller != i.controllerClass || ingClass.Spec.Parameters == nil {
 		return nil
 	}
 	if ingClass.Spec.Parameters.APIGroup == nil ||

webhooks/networking/ingress_validator.go

@@ -27,11 +27,12 @@ func NewIngressValidator(client client.Client, ingConfig config.IngressConfig, l
 	return &ingressValidator{
 		annotationParser:                   annotations.NewSuffixAnnotationParser(annotations.AnnotationPrefixIngress),
 		classAnnotationMatcher:             ingress.NewDefaultClassAnnotationMatcher(ingConfig.IngressClass),
-		classLoader:                        ingress.NewDefaultClassLoader(client, false),
+		classLoader:                        ingress.NewDefaultClassLoader(client, false, ingConfig.ControllerClass),
 		disableIngressClassAnnotation:      ingConfig.DisableIngressClassAnnotation,
 		disableIngressGroupAnnotation:      ingConfig.DisableIngressGroupNameAnnotation,
 		manageIngressesWithoutIngressClass: ingConfig.IngressClass == "",
 		logger:                             logger,
+		controllerClass:                    ingConfig.ControllerClass,
 	}
 }
 
@@ -47,6 +48,7 @@ type ingressValidator struct {
 	// and "spec.ingressClassName" should be managed or not.
 	manageIngressesWithoutIngressClass bool
 	logger                             logr.Logger
+	controllerClass                    string
 }
 
 func (v *ingressValidator) Prototype(req admission.Request) (runtime.Object, error) {
@@ -108,7 +110,7 @@ func (v *ingressValidator) checkIngressClass(ctx context.Context, ing *networkin
 		return false, err
 	}
 	if classConfiguration.IngClass != nil {
-		return classConfiguration.IngClass.Spec.Controller != ingress.IngressClassControllerALB, nil
+		return classConfiguration.IngClass.Spec.Controller != v.controllerClass, nil
 	}
 	return !v.manageIngressesWithoutIngressClass, nil
 }