fix minio annotation

Signed-off-by: Ziming Zhang <zziming@vmware.com>
goharbor · Nov 17, 2021 · a6aad76 · a6aad76
1 parent b6379af
commit a6aad76
Showing 1 changed file with 39 additions and 15 deletions.
diff --git a/pkg/cluster/controllers/storage/ingress.go b/pkg/cluster/controllers/storage/ingress.go
@@ -4,7 +4,7 @@ import (
 	"context"
 
 	goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
-	"github.com/goharbor/harbor-operator/apis/meta/v1alpha1"
+	harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1"
 	"github.com/goharbor/harbor-operator/pkg/cluster/controllers/common"
 	miniov2 "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2"
 	"github.com/goharbor/harbor-operator/pkg/cluster/lcm"
@@ -105,31 +105,55 @@ func (m *MinIOController) cleanupIngress(ctx context.Context, harborcluster *goh
 	return minioUnknownStatus(), nil
 }
 
-func (m *MinIOController) generateIngress(ctx context.Context, harborcluster *goharborv1.HarborCluster) *netv1.Ingress { // nolint:funlen
-	var tls []netv1.IngressTLS
+func (m *MinIOController) getMinioIngressAnnotations(harborcluster *goharborv1.HarborCluster) map[string]string {
+	isEnableExpose := false
+	if harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose != nil {
+		isEnableExpose = true
+	}
 
-	if harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose != nil &&
-		harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.TLS.Enabled() {
-		tls = []netv1.IngressTLS{{
-			SecretName: harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.TLS.CertificateRef,
-			Hosts:      []string{harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.Ingress.Host},
-		}}
+	istls := false
+	if isEnableExpose && harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.TLS.Enabled() {
+		istls = true
 	}
 
-	annotations := make(map[string]string)
-	annotations["nginx.ingress.kubernetes.io/proxy-body-size"] = "0"
+	annotations := map[string]string{
+		// resolve 413(Too Large Entity) error when push large image. It only works for NGINX ingress.
+		"nginx.ingress.kubernetes.io/proxy-body-size": "0",
+	}
 
-	if harborcluster.Spec.Expose.Core.Ingress != nil && harborcluster.Spec.Expose.Core.Ingress.Controller == v1alpha1.IngressControllerNCP {
+	if isEnableExpose && harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.Ingress.Controller == harbormetav1.IngressControllerNCP {
 		annotations["ncp/use-regex"] = NCPIngressValueTrue
-		if tls != nil {
+		if istls {
 			annotations["ncp/http-redirect"] = NCPIngressValueTrue
 		}
-	} else if harborcluster.Spec.Expose.Core.Ingress != nil && harborcluster.Spec.Expose.Core.Ingress.Controller == v1alpha1.IngressControllerContour {
-		if tls != nil {
+	} else if harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.Ingress.Controller == harbormetav1.IngressControllerContour {
+		if istls {
 			annotations["ingress.kubernetes.io/force-ssl-redirect"] = ContourIngressValueTrue
 		}
 	}
 
+	if isEnableExpose {
+		for key, value := range harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.Ingress.Annotations {
+			annotations[key] = value
+		}
+	}
+
+	return annotations
+}
+
+func (m *MinIOController) generateIngress(ctx context.Context, harborcluster *goharborv1.HarborCluster) *netv1.Ingress {
+	var tls []netv1.IngressTLS
+
+	if harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose != nil &&
+		harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.TLS.Enabled() {
+		tls = []netv1.IngressTLS{{
+			SecretName: harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.TLS.CertificateRef,
+			Hosts:      []string{harborcluster.Spec.Storage.Spec.MinIO.Redirect.Expose.Ingress.Host},
+		}}
+	}
+
+	annotations := m.getMinioIngressAnnotations(harborcluster)
+
 	pathTypePrefix := netv1.PathTypePrefix
 
 	ingress := &netv1.Ingress{