func()

in pkg/controller/ingress/reconcile/builder/albconfig_manager/model_builder.go [159:250]

• 86 lines of code
• 23 McCabe index (conditional complexity)

func (t *defaultModelBuildTask) run(ctx context.Context) error {
	if !t.albconfig.DeletionTimestamp.IsZero() {
		return nil
	}

	lb, err := t.buildAlbLoadBalancer(ctx, t.albconfig)
	if err != nil {
		return err
	}

	var lss = make(map[int32]*alb.Listener, 0)
	for _, ls := range t.albconfig.Spec.Listeners {
		modelLs, err := t.buildListener(ctx, lb.LoadBalancerID(), ls)
		if err != nil {
			return err
		}
		lss[int32(ls.Port.IntValue())] = modelLs
	}

	ingListByPort := make(map[portProtocol][]networking.Ingress)

	for _, member := range t.ingGroup.Members {
		listenPorts, err := ComputeIngressListenPorts(member)
		if err != nil {
			return err
		}
		for k, v := range listenPorts {
			pp := portProtocol{
				port:     k,
				protocol: v,
			}
			ingListByPort[pp] = append(ingListByPort[pp], *member)
		}
	}
	for pp, ingList := range ingListByPort {
		ls, ok := lss[pp.port]
		if !ok {
			continue
		}
		if pp.protocol == ProtocolHTTPS {
			if len(ls.Spec.Certificates) == 0 {
				var certIDs []string
				for _, ing := range ingList {
					cert, err := t.computeIngressInferredTLSCertIDs(ctx, &ing)
					if err != nil {
						klog.Errorf("computeIngressInferredTLSCertARNs error: %s", err.Error())
						return err
					}
					certIDs = append(certIDs, cert...)
				}
				if len(certIDs) == 0 {
					return fmt.Errorf("no cert was discovered: %v", certIDs)
				}
				certIDs = removeDuplicateElement(certIDs)
				sort.Strings(certIDs)
				cs := make([]alb.Certificate, 0)
				for index, cid := range certIDs {
					cert := alb.Certificate{
						IsDefault:     false,
						CertificateId: cid,
					}
					if index == 0 {
						cert.IsDefault = true
					}
					cs = append(cs, cert)
				}
				lss[pp.port].Spec.ListenerProtocol = string(ProtocolHTTPS)
				lss[pp.port].Spec.Certificates = cs
			}
		}
		if err := t.buildListenerRules(ctx, ls.ListenerID(), pp.port, ingList); err != nil {
			return err
		}
	}

	for _, ls := range lss {
		if ls.Spec.ListenerProtocol == string(ProtocolHTTPS) {
			var isDefaultCertExist bool
			for _, c := range ls.Spec.Certificates {
				if c.IsDefault {
					isDefaultCertExist = true
					break
				}
			}
			if !isDefaultCertExist {
				return fmt.Errorf("https listener: %d must provider one default cert", ls.Spec.ListenerPort)
			}
		}
	}

	return nil
}