func()

in pkg/ingress/kube/kingress/controller.go [300:436]

• 112 lines of code
• 22 McCabe index (conditional complexity)

func (c *controller) ConvertGateway(convertOptions *common.ConvertOptions, wrapper *common.WrapperConfig) error {
	if convertOptions == nil {
		return fmt.Errorf("convertOptions is nil")
	}
	if wrapper == nil {
		return fmt.Errorf("wrapperConfig is nil")
	}

	cfg := wrapper.Config
	kingressv1alpha1, ok := cfg.Spec.(ingress.IngressSpec)

	if !ok {
		common.IncrementInvalidIngress(c.options.ClusterId, common.Unknown)
		return fmt.Errorf("convert type is invalid in cluster %s", c.options.ClusterId)
	}
	if len(kingressv1alpha1.Rules) == 0 {
		common.IncrementInvalidIngress(c.options.ClusterId, common.EmptyRule)
		return fmt.Errorf("invalid ingress rule %s:%s in cluster %s, `rules` must be specified", cfg.Namespace, cfg.Name, c.options.ClusterId)
	}

	for _, rule := range kingressv1alpha1.Rules {
		for _, ruleHost := range rule.Hosts {
			// Need create builder for every rule.
			domainBuilder := &common.IngressDomainBuilder{
				ClusterId: c.options.ClusterId,
				Protocol:  common.HTTP,
				Host:      ruleHost,
				Ingress:   cfg,
				Event:     common.Normal,
			}
			// Extract the previous gateway and builder
			wrapperGateway, exist := convertOptions.Gateways[ruleHost]
			preDomainBuilder, _ := convertOptions.IngressDomainCache.Valid[ruleHost]
			if !exist {
				wrapperGateway = &common.WrapperGateway{
					Gateway:       &networking.Gateway{},
					WrapperConfig: wrapper,
					ClusterId:     c.options.ClusterId,
					Host:          ruleHost,
				}
				if c.options.GatewaySelectorKey != "" {
					wrapperGateway.Gateway.Selector = map[string]string{c.options.GatewaySelectorKey: c.options.GatewaySelectorValue}
				}
				if rule.Visibility == ingress.IngressVisibilityClusterLocal {
					wrapperGateway.Gateway.Servers = append(wrapperGateway.Gateway.Servers, &networking.Server{
						Port: &networking.Port{
							Number:   8081,
							Protocol: string(protocol.HTTP),
							Name:     common.CreateConvertedName("http-8081-ingress", c.options.ClusterId.String()),
						},
						Hosts: []string{ruleHost},
					})

				} else {
					wrapperGateway.Gateway.Servers = append(wrapperGateway.Gateway.Servers, &networking.Server{
						Port: &networking.Port{
							Number:   80,
							Protocol: string(protocol.HTTP),
							Name:     common.CreateConvertedName("http-80-ingress", c.options.ClusterId.String()),
						},
						Hosts: []string{ruleHost},
					})
				}

				// Add new gateway, builder
				convertOptions.Gateways[ruleHost] = wrapperGateway
				convertOptions.IngressDomainCache.Valid[ruleHost] = domainBuilder
			} else {
				// Fallback to get downstream tls from current ingress.
				if wrapperGateway.WrapperConfig.AnnotationsConfig.DownstreamTLS == nil {
					wrapperGateway.WrapperConfig.AnnotationsConfig.DownstreamTLS = wrapper.AnnotationsConfig.DownstreamTLS
				}
			}
			//Redirect option
			if isIngressPublic(&kingressv1alpha1) && (kingressv1alpha1.HTTPOption == ingress.HTTPOptionRedirected) {
				for _, server := range wrapperGateway.Gateway.Servers {
					if protocol.Parse(server.Port.Protocol).IsHTTP() {
						server.Tls = &networking.ServerTLSSettings{
							HttpsRedirect: true,
						}
					}
				}
			} else if isIngressPublic(&kingressv1alpha1) && (kingressv1alpha1.HTTPOption == ingress.HTTPOptionEnabled) {
				for _, server := range wrapperGateway.Gateway.Servers {
					if protocol.Parse(server.Port.Protocol).IsHTTP() {
						server.Tls = nil
					}
				}
			}

			// There are no tls settings, so just skip.
			if len(kingressv1alpha1.TLS) == 0 {
				continue
			}

			// Get tls secret matching the rule host
			secretName := extractTLSSecretName(ruleHost, kingressv1alpha1.TLS)
			if secretName == "" {
				// There no matching secret, so just skip.
				continue
			}

			domainBuilder.Protocol = common.HTTPS
			domainBuilder.SecretName = path.Join(c.options.ClusterId.String(), cfg.Namespace, secretName)

			// There is a matching secret and the gateway has already a tls secret.
			// We should report the duplicated tls secret event.
			if wrapperGateway.IsHTTPS() {
				domainBuilder.Event = common.DuplicatedTls
				domainBuilder.PreIngress = preDomainBuilder.Ingress
				convertOptions.IngressDomainCache.Invalid = append(convertOptions.IngressDomainCache.Invalid,
					domainBuilder.Build())
				continue
			}

			// Append https server
			wrapperGateway.Gateway.Servers = append(wrapperGateway.Gateway.Servers, &networking.Server{
				Port: &networking.Port{
					Number:   443,
					Protocol: string(protocol.HTTPS),
					Name:     common.CreateConvertedName("https-443-ingress", c.options.ClusterId.String()),
				},
				Hosts: []string{ruleHost},
				Tls: &networking.ServerTLSSettings{
					Mode:           networking.ServerTLSSettings_SIMPLE,
					CredentialName: credentials.ToKubernetesIngressResource(c.options.RawClusterId, cfg.Namespace, secretName),
				},
			})

			// Update domain builder
			convertOptions.IngressDomainCache.Valid[ruleHost] = domainBuilder
		}

	}

	return nil
}