kubernetes-sigs · bigkraig · Jun 25, 2018 · Jun 25, 2018
diff --git a/docs/ingress-resources.md b/docs/ingress-resources.md
@@ -65,7 +65,7 @@ alb.ingress.kubernetes.io/unhealthy-threshold-count
 alb.ingress.kubernetes.io/listen-ports
 alb.ingress.kubernetes.io/security-groups
 alb.ingress.kubernetes.io/subnets
-alb.ingress.kubernetes.io/successCodes
+alb.ingress.kubernetes.io/success-codes
 alb.ingress.kubernetes.io/tags
 alb.ingress.kubernetes.io/target-group-attributes
 alb.ingress.kubernetes.io/ignore-host-header
@@ -101,15 +101,15 @@ Optional annotations are:
 
 - **security-groups**: [Security groups](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) that should be applied to the ALB instance. These can be referenced by security group IDs or the name tag associated with each security group. Example ID values are `sg-723a380a,sg-a6181ede,sg-a5181edd`. Example tag values are `appSG, webSG`. When the annotation is not present, the controller will create a security group with appropriate ports allowing access to `0.0.0.0/0` and attached to the ALB. It will also create a security group for instances that allows all TCP traffic when the source is the security group created for the ALB.
 
-- **subnets**: The subnets where the ALB instance should be deployed. Must include 2 subnets, each in a different [availability zone](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html). These can be referenced by subnet IDs or the name tag associated with the subnet.  Example values for subnet IDs are `subnet-a4f0098e,subnet-457ed533,subnet-95c904cd`. Example values for name tags are: `webSubnet,appSubnet`. If subnets are not specified the ALB controller will attempt to detect qualified subnets. This qualification is done by locating subnets that match the following criteria.
+- **subnets**: The subnets where the ALB instance should be deployed. Must include 2 subnets, each in a different [availability zone](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html). These can be referenced by subnet IDs or the name tag associated with the subnet. Example values for subnet IDs are `subnet-a4f0098e,subnet-457ed533,subnet-95c904cd`. Example values for name tags are: `webSubnet,appSubnet`. If subnets are not specified the ALB controller will attempt to detect qualified subnets. This qualification is done by locating subnets that match the following criteria.
 
   - kubernetes.io/cluster/$CLUSTER_NAME where $CLUSTER_NAME is the same cluster name specified on the ingress controller. The value of this tag must be 'shared'.
 
   - kubernetes.io/role/alb-ingress the value of this tag should be empty.
 
   - After subnets matching the above 2 tags have been located, they are checked to ensure 2 or more are in unique AZs, otherwise the ALB will not be created. If 2 subnets share the same AZ, only 1 of the 2 is used.
 
-- **successCodes**: Defines the HTTP status code that should be expected when doing health checks against the defined `healthcheck-path`. When omitted, `200` is used.
+- **success-codes**: Defines the HTTP status code that should be expected when doing health checks against the defined `healthcheck-path`. When omitted, `200` is used.
 
 - **tags**: Defines [AWS Tags](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) that should be applied to the ALB instance and Target groups.
 
@@ -119,4 +119,4 @@ Optional annotations are:
 
 - **ip-address-type**: The IP address type thats used to either route IPv4 traffic only or to route both IPv4 and IPv6 traffic. Can be either `dualstack` or `ipv4`. When omitted `ipv4` is used.
 
-- **ssl-policy**: Defines the [Security Policy](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) that should be assigned to the ALB, allowing you to control the protocol and ciphers.
+- **ssl-policy**: Defines the [Security Policy](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) that should be assigned to the ALB, allowing you to control the protocol and ciphers.
diff --git a/pkg/annotations/annotations.go b/pkg/annotations/annotations.go
@@ -44,7 +44,8 @@ const (
 	ipAddressTypeKey              = "alb.ingress.kubernetes.io/ip-address-type"
 	securityGroupsKey             = "alb.ingress.kubernetes.io/security-groups"
 	subnetsKey                    = "alb.ingress.kubernetes.io/subnets"
-	successCodesKey               = "alb.ingress.kubernetes.io/successCodes"
+	successCodesKey               = "alb.ingress.kubernetes.io/success-codes"
+	successCodesAltKey            = "alb.ingress.kubernetes.io/successCodes"
 	tagsKey                       = "alb.ingress.kubernetes.io/tags"
 	ignoreHostHeader              = "alb.ingress.kubernetes.io/ignore-host-header"
 	targetGroupAttributesKey      = "alb.ingress.kubernetes.io/target-group-attributes"
@@ -622,10 +623,14 @@ func subnetIsUsable(new *ec2.Subnet, existing []*ec2.Subnet) bool {
 }
 
 func (a *Annotations) setSuccessCodes(annotations map[string]string) error {
-	if annotations[successCodesKey] == "" {
+	key := successCodesKey
+	if annotations[successCodesKey] == "" && annotations[successCodesAltKey] != "" {
+		key = successCodesAltKey
+	}
+	if annotations[key] == "" {
 		a.SuccessCodes = aws.String("200")
 	} else {
-		a.SuccessCodes = aws.String(annotations[successCodesKey])
+		a.SuccessCodes = aws.String(annotations[key])
 	}
 	return nil
 }

diff --git a/pkg/annotations/annotations_test.go b/pkg/annotations/annotations_test.go
@@ -24,6 +24,35 @@ func TestParseAnnotations(t *testing.T) {
 	}
 }
 
+func TestSetSuccessCodes(t *testing.T) {
+	var tests = []struct {
+		annotations map[string]string
+		expected    string
+		pass        bool
+	}{
+		{map[string]string{}, "200", true},
+		{map[string]string{successCodesKey: "1"}, "1", true},
+		{map[string]string{successCodesAltKey: "1"}, "1", true},
+		{map[string]string{successCodesKey: "1"}, "2", false},
+		{map[string]string{successCodesAltKey: "1"}, "2", false},
+		{map[string]string{successCodesKey: "1", successCodesAltKey: "2"}, "1", true},
+	}
+	for _, tt := range tests {
+		a := &Annotations{}
+
+		err := a.setSuccessCodes(tt.annotations)
+		if err != nil && tt.pass {
+			t.Errorf("setSuccessCodes(%v): expected %v, errored: %v", tt.annotations, tt.expected, err)
+		}
+		if err == nil && tt.pass && tt.expected != *a.SuccessCodes {
+			t.Errorf("setSuccessCodes(%v): expected %v, actual %v", tt.annotations, tt.expected, *a.SuccessCodes)
+		}
+		if err == nil && !tt.pass && tt.expected == *a.SuccessCodes {
+			t.Errorf("setSuccessCodes(%v): expected %v, actual %v", tt.annotations, tt.expected, *a.SuccessCodes)
+		}
+	}
+}
+
 func TestSetScheme(t *testing.T) {
 	var tests = []struct {
 		scheme   string