func ToNginxIngressConfig()

in pkg/controller/nginxingress/nginx_ingress_controller.go [526:605]


func ToNginxIngressConfig(nic *approutingv1alpha1.NginxIngressController, defaultNicControllerClass string) *manifests.NginxIngressConfig {
	if nic == nil {
		return nil
	}

	cc := "approuting.kubernetes.azure.com/" + url.PathEscape(nic.Name)
	if len(cc) > controllerClassMaxLen {
		cc = cc[:controllerClassMaxLen]
	}

	resourceName := fmt.Sprintf("%s-%d", nic.Spec.ControllerNamePrefix, nic.Status.CollisionCount)

	if IsDefaultNic(nic) {
		cc = defaultNicControllerClass
		resourceName = DefaultNicResourceName
	}

	scaling := nic.Spec.Scaling
	var minReplicas int32 = defaultMinReplicas
	if scaling != nil && scaling.MinReplicas != nil {
		minReplicas = *scaling.MinReplicas
	}
	var maxReplicas int32 = defaultMaxReplicas
	if scaling != nil && scaling.MaxReplicas != nil {
		maxReplicas = *scaling.MaxReplicas
	}

	// we use CEL validation on crd to enforce min <= max if it's defined. There's an edge case where they define max to 1 but don't define min which defaults to 2. The opposite is true too
	if minReplicas > maxReplicas {
		if scaling == nil || scaling.MinReplicas == nil {
			minReplicas = maxReplicas
		} else {
			maxReplicas = minReplicas
		}
	}

	nginxIng := &manifests.NginxIngressConfig{
		ControllerClass: cc,
		ResourceName:    resourceName,
		IcName:          nic.Spec.IngressClassName,
		ServiceConfig: &manifests.ServiceConfig{
			Annotations: nic.Spec.LoadBalancerAnnotations,
		},
		HTTPDisabled:                   nic.Spec.HTTPDisabled,
		MinReplicas:                    minReplicas,
		MaxReplicas:                    maxReplicas,
		TargetCPUUtilizationPercentage: getTargetCPUUtilizationPercentage(nic),
	}

	if cert := nic.Spec.DefaultSSLCertificate; cert != nil {
		if cert.Secret != nil && cert.Secret.Name != "" && cert.Secret.Namespace != "" {
			nginxIng.DefaultSSLCertificate = cert.Secret.Namespace + "/" + cert.Secret.Name
		}

		if cert.Secret == nil && cert.KeyVaultURI != nil {
			nginxIng.DefaultSSLCertificate = config.DefaultNs + "/" + keyvault.DefaultNginxCertName(nic)
		}

		if cert.ForceSSLRedirect {
			nginxIng.ForceSSLRedirect = true
		}
	}

	if nic.Spec.DefaultBackendService != nil && nic.Spec.DefaultBackendService.Name != "" && nic.Spec.DefaultBackendService.Namespace != "" {
		nginxIng.DefaultBackendService = nic.Spec.DefaultBackendService.Namespace + "/" + nic.Spec.DefaultBackendService.Name
	}

	if len(nic.Spec.CustomHTTPErrors) != 0 {
		errStr := ""
		for i, errCode := range nic.Spec.CustomHTTPErrors {
			errStr += strconv.Itoa(int(errCode))
			if i+1 < len(nic.Spec.CustomHTTPErrors) {
				errStr += ","
			}
		}
		nginxIng.CustomHTTPErrors = errStr
	}

	return nginxIng
}