in pkg/appgw/requestroutingrules.go [326:418]
func (c *appGwConfigBuilder) getPathRules(cbCtx *ConfigBuilderContext, listenerID listenerIdentifier, listenerAzConfig listenerAzConfig, ingress *networking.Ingress, rule *networking.IngressRule, ruleIdx int) *[]n.ApplicationGatewayPathRule {
backendPools := c.newBackendPoolMap(cbCtx)
_, backendHTTPSettingsMap, _, _ := c.getBackendsAndSettingsMap(cbCtx)
pathRules := make([]n.ApplicationGatewayPathRule, 0)
for pathIdx := range rule.HTTP.Paths {
path := &rule.HTTP.Paths[pathIdx]
if isPathCatchAll(path.Path, path.PathType) {
continue
}
pathMapName := generateURLPathMapName(listenerID)
pathRuleName := generatePathRuleName(ingress.Namespace, ingress.Name, ruleIdx, pathIdx)
pathRule := n.ApplicationGatewayPathRule{
Etag: to.StringPtr("*"),
Name: to.StringPtr(pathRuleName),
ID: to.StringPtr(c.appGwIdentifier.pathRuleID(pathMapName, pathRuleName)),
ApplicationGatewayPathRulePropertiesFormat: &n.ApplicationGatewayPathRulePropertiesFormat{
Paths: &[]string{preparePathFromPathType(path.Path, path.PathType)},
},
}
if wafPolicy, err := annotations.WAFPolicy(ingress); err == nil {
pathRule.FirewallPolicy = &n.SubResource{ID: to.StringPtr(string(wafPolicy))}
var paths string
if pathRule.Paths != nil {
paths = strings.Join(*pathRule.Paths, ",")
}
klog.V(3).Infof("Attach Firewall Policy %s to Path Rule %s", wafPolicy, paths)
}
// check both annotations for rewrite-rule-set, use appropriate one, if both are present - throw error
rewriteRuleSet, err1 := annotations.RewriteRuleSet(ingress)
rewriteRuleSetCR, err2 := annotations.RewriteRuleSetCustomResource(ingress)
if err1 == nil && rewriteRuleSet != "" && err2 == nil && rewriteRuleSetCR != "" {
klog.Errorf("%s and %s both annotations are defined. Please use one.", annotations.RewriteRuleSetKey, annotations.RewriteRuleSetCustomResourceKey)
} else if err1 == nil && rewriteRuleSet != "" {
pathRule.RewriteRuleSet = resourceRef(c.appGwIdentifier.rewriteRuleSetID(rewriteRuleSet))
var paths string
if pathRule.Paths != nil {
paths = strings.Join(*pathRule.Paths, ",")
}
klog.V(3).Infof("Attach Rewrite Rule Set %s to Path Rule %s", rewriteRuleSet, paths)
} else if err2 == nil && rewriteRuleSetCR != "" {
rewriteRuleSetCR = fmt.Sprintf("crd-%s-%s", ingress.Namespace, rewriteRuleSetCR)
pathRule.RewriteRuleSet = resourceRef(c.appGwIdentifier.rewriteRuleSetID(rewriteRuleSetCR))
var paths string
if pathRule.Paths != nil {
paths = strings.Join(*pathRule.Paths, ",")
}
klog.V(3).Infof("Attach Rewrite Rule Set %s to Path Rule %s", rewriteRuleSetCR, paths)
}
if sslRedirect, _ := annotations.IsSslRedirect(ingress); sslRedirect && listenerAzConfig.Protocol == n.ApplicationGatewayProtocolHTTP {
targetListener := listenerID
targetListener.FrontendPort = 443
// We could end up in a situation where we are attempting to attach a redirect, which does not exist.
redirectRef := c.getSslRedirectConfigResourceReference(targetListener)
redirectsSet := *c.groupRedirectsByID(c.getRedirectConfigurations(cbCtx))
if _, exists := redirectsSet[*redirectRef.ID]; exists {
// This Path Rule has a SSL Redirect!
// Add it and move on to the next Path Rule; No need to attach Backend Pools and Settings
pathRule.RedirectConfiguration = redirectRef
klog.V(3).Infof("Attached redirection %s to path rule: %s", *redirectRef.ID, *pathRule.Name)
pathRules = append(pathRules, pathRule)
continue
} else {
klog.Errorf("Will not attach redirect to rule; SSL Redirect does not exist: %s", *redirectRef.ID)
}
}
backendID := generateBackendID(ingress, rule, path, &path.Backend)
backendPool := backendPools[backendID]
backendHTTPSettings := backendHTTPSettingsMap[backendID]
if backendPool == nil || backendHTTPSettings == nil {
continue
}
pathRule.BackendAddressPool = &n.SubResource{ID: backendPool.ID}
pathRule.BackendHTTPSettings = &n.SubResource{ID: backendHTTPSettings.ID}
klog.V(3).Infof("Attached pool %s and http setting %s to path rule: %s", *backendPool.Name, *backendHTTPSettings.Name, *pathRule.Name)
pathRules = append(pathRules, pathRule)
}
return &pathRules
}