traefik/pkg/provider/kubernetes/ingress-nginx/annotations.go
Romain 9bd5c61782
NGINX Ingress Provider
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
2025-06-23 18:06:04 +02:00

116 lines
4.4 KiB
Go

package ingressnginx
import (
"errors"
"reflect"
"strconv"
"strings"
netv1 "k8s.io/api/networking/v1"
)
type ingressConfig struct {
AuthType *string `annotation:"nginx.ingress.kubernetes.io/auth-type"`
AuthSecret *string `annotation:"nginx.ingress.kubernetes.io/auth-secret"`
AuthRealm *string `annotation:"nginx.ingress.kubernetes.io/auth-realm"`
AuthSecretType *string `annotation:"nginx.ingress.kubernetes.io/auth-secret-type"`
AuthURL *string `annotation:"nginx.ingress.kubernetes.io/auth-url"`
AuthResponseHeaders *string `annotation:"nginx.ingress.kubernetes.io/auth-response-headers"`
ForceSSLRedirect *bool `annotation:"nginx.ingress.kubernetes.io/force-ssl-redirect"`
SSLRedirect *bool `annotation:"nginx.ingress.kubernetes.io/ssl-redirect"`
SSLPassthrough *bool `annotation:"nginx.ingress.kubernetes.io/ssl-passthrough"`
UseRegex *bool `annotation:"nginx.ingress.kubernetes.io/use-regex"`
Affinity *string `annotation:"nginx.ingress.kubernetes.io/affinity"`
SessionCookieName *string `annotation:"nginx.ingress.kubernetes.io/session-cookie-name"`
SessionCookieSecure *bool `annotation:"nginx.ingress.kubernetes.io/session-cookie-secure"`
SessionCookiePath *string `annotation:"nginx.ingress.kubernetes.io/session-cookie-path"`
SessionCookieDomain *string `annotation:"nginx.ingress.kubernetes.io/session-cookie-domain"`
SessionCookieSameSite *string `annotation:"nginx.ingress.kubernetes.io/session-cookie-samesite"`
SessionCookieMaxAge *int `annotation:"nginx.ingress.kubernetes.io/session-cookie-max-age"`
ServiceUpstream *bool `annotation:"nginx.ingress.kubernetes.io/service-upstream"`
BackendProtocol *string `annotation:"nginx.ingress.kubernetes.io/backend-protocol"`
ProxySSLSecret *string `annotation:"nginx.ingress.kubernetes.io/proxy-ssl-secret"`
ProxySSLVerify *string `annotation:"nginx.ingress.kubernetes.io/proxy-ssl-verify"`
ProxySSLName *string `annotation:"nginx.ingress.kubernetes.io/proxy-ssl-name"`
ProxySSLServerName *string `annotation:"nginx.ingress.kubernetes.io/proxy-ssl-server-name"`
EnableCORS *bool `annotation:"nginx.ingress.kubernetes.io/enable-cors"`
EnableCORSAllowCredentials *bool `annotation:"nginx.ingress.kubernetes.io/cors-allow-credentials"`
CORSExposeHeaders *[]string `annotation:"nginx.ingress.kubernetes.io/cors-expose-headers"`
CORSAllowHeaders *[]string `annotation:"nginx.ingress.kubernetes.io/cors-allow-headers"`
CORSAllowMethods *[]string `annotation:"nginx.ingress.kubernetes.io/cors-allow-methods"`
CORSAllowOrigin *[]string `annotation:"nginx.ingress.kubernetes.io/cors-allow-origin"`
CORSMaxAge *int `annotation:"nginx.ingress.kubernetes.io/cors-max-age"`
}
// parseIngressConfig parses the annotations from an Ingress object into an ingressConfig struct.
func parseIngressConfig(ing *netv1.Ingress) (ingressConfig, error) {
cfg := ingressConfig{}
cfgType := reflect.TypeOf(cfg)
cfgValue := reflect.ValueOf(&cfg).Elem()
for i := range cfgType.NumField() {
field := cfgType.Field(i)
annotation := field.Tag.Get("annotation")
if annotation == "" {
continue
}
val, ok := ing.GetAnnotations()[annotation]
if !ok {
continue
}
switch field.Type.Elem().Kind() {
case reflect.String:
cfgValue.Field(i).Set(reflect.ValueOf(&val))
case reflect.Bool:
parsed, err := strconv.ParseBool(val)
if err == nil {
cfgValue.Field(i).Set(reflect.ValueOf(&parsed))
}
case reflect.Int:
parsed, err := strconv.Atoi(val)
if err == nil {
cfgValue.Field(i).Set(reflect.ValueOf(&parsed))
}
case reflect.Slice:
if field.Type.Elem().Elem().Kind() == reflect.String {
// Handle slice of strings
var slice []string
elements := strings.Split(val, ",")
for _, elt := range elements {
slice = append(slice, strings.TrimSpace(elt))
}
cfgValue.Field(i).Set(reflect.ValueOf(&slice))
} else {
return cfg, errors.New("unsupported slice type in annotations")
}
default:
return cfg, errors.New("unsupported kind")
}
}
return cfg, nil
}
// parseBackendProtocol parses the backend protocol annotation and returns the corresponding protocol string.
func parseBackendProtocol(bp string) string {
switch strings.ToUpper(bp) {
case "HTTPS", "GRPCS":
return "https"
case "GRPC":
return "h2c"
default:
return "http"
}
}