in pkg/controller/osm/ingress_backend_reconciler.go [75:182]
func (i *IngressBackendReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
var err error
result := ctrl.Result{}
// do metrics
defer func() {
//placing this call inside a closure allows for result and err to be bound after Reconcile executes
//this makes sure they have the proper value
//just calling defer metrics.HandleControllerReconcileMetrics(ingressCertConfigControllerName, result, err) would bind
//the values of result and err to their zero values, since they were just instantiated
metrics.HandleControllerReconcileMetrics(ingressBackendControllerName, result, err)
}()
logger, err := logr.FromContext(ctx)
if err != nil {
return result, err
}
logger = ingressBackendControllerName.AddToLogger(logger)
logger.Info("getting Ingress", "name", req.Name, "namespace", req.Namespace)
ing := &netv1.Ingress{}
err = i.client.Get(ctx, req.NamespacedName, ing)
if err != nil {
return result, client.IgnoreNotFound(err)
}
logger = logger.WithValues("name", ing.Name, "namespace", ing.Namespace, "generation", ing.Generation)
backend := &policyv1alpha1.IngressBackend{
TypeMeta: metav1.TypeMeta{
Kind: "IngressBackend",
APIVersion: "policy.openservicemesh.io/v1alpha1",
},
ObjectMeta: metav1.ObjectMeta{
Name: ing.Name,
Namespace: ing.Namespace,
Labels: manifests.GetTopLevelLabels(),
OwnerReferences: []metav1.OwnerReference{{
APIVersion: ing.APIVersion,
Controller: util.ToPtr(true),
Kind: ing.Kind,
Name: ing.Name,
UID: ing.UID,
}},
},
}
logger = logger.WithValues("ingressBackend", backend.Name)
sourceSpec, ok, err := i.ingressControllerSourceSpecer.IngressSourceSpec(ing)
if err != nil {
logger.Error(err, "failed to get ingress source spec")
return result, err
}
backend.Spec = policyv1alpha1.IngressBackendSpec{
Backends: []policyv1alpha1.BackendSpec{},
Sources: []policyv1alpha1.IngressSourceSpec{
sourceSpec,
{
Kind: "AuthenticatedPrincipal",
Name: osmNginxSAN,
},
},
}
for _, rule := range ing.Spec.Rules {
if rule.HTTP == nil {
continue
}
for _, path := range rule.HTTP.Paths {
if path.Backend.Service == nil || path.Backend.Service.Port.Number == 0 {
continue
}
backend.Spec.Backends = append(backend.Spec.Backends, policyv1alpha1.BackendSpec{
Name: path.Backend.Service.Name,
TLS: policyv1alpha1.TLSSpec{SkipClientCertValidation: false},
Port: policyv1alpha1.PortSpec{
Number: int(path.Backend.Service.Port.Number),
Protocol: "https",
},
})
}
}
if ing.Annotations == nil || ing.Annotations["kubernetes.azure.com/use-osm-mtls"] == "" || !ok {
logger.Info("Ingress does not have osm mtls annotation, cleaning up managed IngressBackend")
logger.Info("getting IngressBackend")
toCleanBackend := &policyv1alpha1.IngressBackend{}
err = i.client.Get(ctx, client.ObjectKeyFromObject(backend), toCleanBackend)
if err != nil {
return result, client.IgnoreNotFound(err)
}
if manifests.HasTopLevelLabels(toCleanBackend.Labels) {
logger.Info("deleting IngressBackend")
err = i.client.Delete(ctx, toCleanBackend)
return result, client.IgnoreNotFound(err)
}
return result, nil
}
logger.Info("reconciling OSM ingress backend for ingress")
err = util.Upsert(ctx, i.client, backend)
if err != nil {
i.events.Eventf(ing, corev1.EventTypeWarning, "FailedUpdateOrCreateIngressBackend", "error while creating or updating IngressBackend needed for OSM integration: %s", err)
}
return result, err
}