Skip to content
This repository has been archived by the owner on Aug 26, 2021. It is now read-only.

Reintroduce default ingress provider #257

Merged
merged 2 commits into from
Nov 7, 2017
Merged

Reintroduce default ingress provider #257

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
98a5a7d
Reintroduce default ingress provider
jackhopner Sep 30, 2017
45070b7
Fix formatting on README
jackhopner Oct 26, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,10 +109,11 @@ Please note:
| `LEGO_SUPPORTED_INGRESS_CLASS` | n | `nginx,gce` | Specify the supported ingress class |
| `LEGO_SUPPORTED_INGRESS_PROVIDER` | n | `nginx,gce` | Specify the supported ingress provider |
| `LEGO_INGRESS_NAME_NGINX` | n | `kube-lego-nginx` | Ingress name which contains the routing for HTTP verification for nginx ingress |
| `LEGO_PORT` | n | `8080` | Port where this daemon is listening for verifcation calls (HTTP method)|
| `LEGO_CHECK_INTERVAL` | n | `8h` | Interval for periodically certificate checks (to find expired certs)|
| `LEGO_MINIMUM_VALIDITY` | n | `720h` (30 days) | Request a renewal when the remaining certificate validity falls below that value|
| `LEGO_PORT` | n | `8080` | Port where this daemon is listening for verifcation calls (HTTP method) |
| `LEGO_CHECK_INTERVAL` | n | `8h` | Interval for periodically certificate checks (to find expired certs) |
| `LEGO_MINIMUM_VALIDITY` | n | `720h` (30 days) | Request a renewal when the remaining certificate validity falls below that value |
| `LEGO_DEFAULT_INGRESS_CLASS` | n | `nginx` | Default ingress class for resources without specification|
| `LEGO_DEFAULT_INGRESS_PROVIDER` | n | `$LEGO_DEFAULT_INGRESS_CLASS` | Default ingress provider for resources without specification |
| `LEGO_KUBE_API_URL` | n | `http://127.0.0.1:8080` | API server URL |
| `LEGO_LOG_LEVEL` | n | `info` | Set log level (`debug`, `info`, `warn` or `error`) |
| `LEGO_LOG_TYPE` | n | `text` | Set log type. Only `json` as custom value supported, everything else defaults to default logrus textFormat |
Expand Down
6 changes: 2 additions & 4 deletions pkg/ingress/ingress.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"fmt"
"strings"

"github.com/jetstack/kube-lego/pkg/kubelego_const"
kubelego "github.com/jetstack/kube-lego/pkg/kubelego_const"

"github.com/Sirupsen/logrus"
k8sErrors "k8s.io/apimachinery/pkg/api/errors"
Expand Down Expand Up @@ -175,9 +175,7 @@ func (i *Ingress) IngressClass() string {
func (i *Ingress) IngressProvider() string {
val, ok := i.IngressApi.Annotations[kubelego.AnnotationIngressProvider]
if !ok {
// we return IngressClass() here in order to not break backwards
// compatibility with older versions of kube-lego
return i.IngressClass()
return i.kubelego.LegoDefaultIngressProvider()
}
return strings.ToLower(val)
}
Expand Down
20 changes: 20 additions & 0 deletions pkg/kubelego/kubelego.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,6 +196,10 @@ func (kl *KubeLego) LegoDefaultIngressClass() string {
return kl.legoDefaultIngressClass
}

func (kl *KubeLego) LegoDefaultIngressProvider() string {
return kl.legoDefaultIngressProvider
}

func (kl *KubeLego) LegoIngressNameNginx() string {
return kl.legoIngressNameNginx
}
Expand Down Expand Up @@ -310,6 +314,22 @@ func (kl *KubeLego) paramsLego() error {
return fmt.Errorf("Unsupported default ingress class: '%s'. You can set the ingress class with 'LEGO_DEFAULT_INGRESS_CLASS'", legoDefaultIngressClass)
}
}

legoDefaultIngressProvider := os.Getenv("LEGO_DEFAULT_INGRESS_PROVIDER")
if len(legoDefaultIngressProvider) == 0 {
/*
To support backwards compatability we need to set the default provier
to the same as the default class
*/
kl.legoDefaultIngressProvider = kl.legoDefaultIngressClass
} else {
var err error = nil
kl.legoDefaultIngressProvider, err = ingress.IsSupportedIngressProvider(kl.legoSupportedIngressProvider, legoDefaultIngressProvider)
if err != nil {
return fmt.Errorf("Unsupported default ingress provider: '%s'. You can set the ingress provider with 'LEGO_DEFAULT_INGRESS_PROVIDER'", legoDefaultIngressProvider)
}
}

kl.legoIngressNameNginx = os.Getenv("LEGO_INGRESS_NAME_NGINX")
if len(kl.legoIngressNameNginx) == 0 {
kl.legoIngressNameNginx = os.Getenv("LEGO_INGRESS_NAME")
Expand Down
1 change: 1 addition & 0 deletions pkg/kubelego_const/interfaces.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ type KubeLego interface {
LegoServiceNameNginx() string
LegoServiceNameGce() string
LegoDefaultIngressClass() string
LegoDefaultIngressProvider() string
LegoSupportedIngressClass() []string
LegoSupportedIngressProvider() []string
LegoCheckInterval() time.Duration
Expand Down
4 changes: 2 additions & 2 deletions pkg/provider/nginx/nginx.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package nginx

import (
"github.com/jetstack/kube-lego/pkg/ingress"
"github.com/jetstack/kube-lego/pkg/kubelego_const"
kubelego "github.com/jetstack/kube-lego/pkg/kubelego_const"
"github.com/jetstack/kube-lego/pkg/service"

"sort"
Expand Down Expand Up @@ -123,7 +123,7 @@ func (p *Nginx) updateIngress() error {
// TODO: use the ingres class as specified on the ingress we are
// requesting a certificate for
kubelego.AnnotationIngressClass: p.kubelego.LegoDefaultIngressClass(),
kubelego.AnnotationIngressProvider: "nginx",
kubelego.AnnotationIngressProvider: p.kubelego.LegoDefaultIngressProvider(),
kubelego.AnnotationWhitelistSourceRange: "0.0.0.0/0,::/0",
}

Expand Down