func pruneNoTrustedRootCertificate()

in pkg/controller/prune.go [184:217]

• 30 lines of code
• 9 McCabe index (conditional complexity)

func pruneNoTrustedRootCertificate(c *AppGwIngressController, appGw *n.ApplicationGateway, cbCtx *appgw.ConfigBuilderContext, ingressList []*networking.Ingress) []*networking.Ingress {
	var prunedIngresses []*networking.Ingress
	set := make(map[string]bool)
	for _, installedTrustedRootCertificate := range *appGw.TrustedRootCertificates {
		set[*installedTrustedRootCertificate.Name] = true
	}

	for _, ingress := range ingressList {
		installed := true
		trustedRootCertificates, err := annotations.GetAppGwTrustedRootCertificate(ingress)
		// if annotation is not specified
		if err != nil && controllererrors.IsErrorCode(err, controllererrors.ErrorMissingAnnotation) {
			prunedIngresses = append(prunedIngresses, ingress)
			continue
		}

		for _, rootCert := range strings.Split(trustedRootCertificates, ",") {
			if _, exists := set[rootCert]; !exists {
				installed = false
				errorLine := fmt.Sprintf("ignoring Ingress %s/%s as it requires Application Gateway %s to have pre-installed root certificate '%s'", ingress.Namespace, ingress.Name, c.appGwIdentifier.AppGwName, rootCert)
				klog.Error(errorLine)
				c.recorder.Event(ingress, v1.EventTypeWarning, events.ReasonNoPreInstalledRootCertificate, errorLine)
				if c.agicPod != nil {
					c.recorder.Event(c.agicPod, v1.EventTypeWarning, events.ReasonNoPreInstalledRootCertificate, errorLine)
				}
			}
		}
		if installed {
			prunedIngresses = append(prunedIngresses, ingress)
		}
	}

	return prunedIngresses
}