From 7839bcf3cb23edbf6094dc00db44b4d8b57bf7f4 Mon Sep 17 00:00:00 2001 From: Tom Neuber Date: Wed, 22 Jan 2025 08:36:45 +0100 Subject: [PATCH 1/3] chore(ingressroute): remove hashable fields from queue store --- pkg/ingressroute/ingressroute.go | 63 ++++++++++++++++++++------------ 1 file changed, 39 insertions(+), 24 deletions(-) diff --git a/pkg/ingressroute/ingressroute.go b/pkg/ingressroute/ingressroute.go index b5df5f3..4413391 100644 --- a/pkg/ingressroute/ingressroute.go +++ b/pkg/ingressroute/ingressroute.go @@ -51,31 +51,14 @@ func (i *ingressRouteClient) Watch(stopCh chan struct{}) { _, err := informer.AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: func(obj interface{}) { key, err := cache.MetaNamespaceKeyFunc(obj) - if err != nil { - return + if err == nil { + queue.Add(event{key: key, eventType: watch.Added, object: &obj}) } - - convObj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(obj) - if err != nil { - return - } - - rawRoutes, found, err := unstructured.NestedSlice(convObj, "spec", "routes") - if err != nil || !found { - return - } - - routes, err := routeInterfaceToMapSlice(rawRoutes) - if err != nil { - return - } - - queue.Add(event{key: key, eventType: watch.Added, routes: routes}) }, UpdateFunc: func(_, newObj interface{}) { key, err := cache.MetaNamespaceKeyFunc(newObj) if err == nil { - queue.Add(event{key: key, eventType: watch.Modified}) + queue.Add(event{key: key, eventType: watch.Modified, object: &newObj}) } }, DeleteFunc: func(obj interface{}) { @@ -85,7 +68,7 @@ func (i *ingressRouteClient) Watch(stopCh chan struct{}) { key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj) if err == nil { - queue.Add(event{key: key, eventType: watch.Deleted}) + queue.Add(event{key: key, eventType: watch.Deleted, object: &obj}) } }, }) @@ -122,20 +105,52 @@ func (i *ingressRouteClient) processNextItem(queue workqueue.TypedRateLimitingIn return true } + convObj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(event.object) + if err != nil { + log.Printf("Failed to convert unstructured object for key %s: %v", event.key, err) + return true + } + + rawRoutes, found, err := unstructured.NestedSlice(convObj, "spec", "routes") + if err != nil || !found { + log.Printf("No routes found for key %s", event.key) + return true + } + + secretName, found, err := unstructured.NestedString(convObj, "spec", "tls", "secretName") + if err != nil { + log.Printf("Failed to scrape secret name for %s: %v", event.key, err) + return true + } + if !found { + log.Printf("No secret name found, using ingressroute name %s", name) + secretName = name + } + + routes, err := routeInterfaceToMapSlice(rawRoutes) + if err != nil { + log.Printf("Failed to convert routes for key %s: %v", event.key, err) + return true + } + //nolint:exhaustive // ignore missing switch cases switch event.eventType { case watch.Added, watch.Modified: - createErr := i.client.certmanager.Certificates.Create(context.Background(), namespace, name, event.routes) + createErr := i.client.certmanager.Certificates.Create(context.Background(), namespace, secretName, routes) if createErr != nil { if errors.Is(createErr, certmanager.ErrCertificateAlreadyExist) { log.Printf("Certificate %s for %s already exists", secretName, event.key) } else { log.Printf("Failed to create certificate %s: %v", event.key, createErr) } + } else { + log.Printf("Certificate %s for %s created", secretName, event.key) } case watch.Deleted: - if deleteErr := i.client.certmanager.Certificates.Delete(context.Background(), namespace, name); deleteErr != nil { + if deleteErr := i.client.certmanager.Certificates.Delete(context.Background(), namespace, secretName); deleteErr != nil { log.Printf("Failed to delete certificate %s: %v", event.key, deleteErr) + } else { + log.Printf("Certificate %s for %s deleted", secretName, event.key) } } @@ -145,7 +160,7 @@ func (i *ingressRouteClient) processNextItem(queue workqueue.TypedRateLimitingIn type event struct { key string eventType watch.EventType - routes []map[string]interface{} + object *interface{} } func routeInterfaceToMapSlice(input []interface{}) ([]map[string]interface{}, error) { From 065b04ba391c9aea2bd951d3b880f6d6d5a08476 Mon Sep 17 00:00:00 2001 From: Tom Neuber Date: Wed, 22 Jan 2025 08:53:05 +0100 Subject: [PATCH 2/3] fix(certmanager): convert certificate to unstructured using pointer --- pkg/certmanager/certificate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/certmanager/certificate.go b/pkg/certmanager/certificate.go index a5c2441..c6fbeeb 100644 --- a/pkg/certmanager/certificate.go +++ b/pkg/certmanager/certificate.go @@ -77,7 +77,7 @@ func (c *certificateClient) Create( }, } - obj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(cert) + obj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&cert) if err != nil { return errors.Join(ErrCertificateToUnstructured, err) } From 0ae856a894fe70136172cb8881aede27e4920ceb Mon Sep 17 00:00:00 2001 From: Tom Neuber Date: Wed, 22 Jan 2025 09:14:58 +0100 Subject: [PATCH 3/3] fix(certmanager): improve regex to ignore "`" character --- pkg/certmanager/certificate.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/certmanager/certificate.go b/pkg/certmanager/certificate.go index c6fbeeb..5df8e88 100644 --- a/pkg/certmanager/certificate.go +++ b/pkg/certmanager/certificate.go @@ -140,6 +140,7 @@ func extractHosts(routes []map[string]interface{}) []string { } if match, ok = route["match"].(string); ok { + match = strings.ReplaceAll(match, "`", "") hostMatches := re.FindAllStringSubmatch(match, -1) for _, match := range hostMatches { if len(match) > 1 {