Skip to content

Commit f367c53

Browse files
author
test
committed
add tls support for the ingress
1 parent a694945 commit f367c53

File tree

4 files changed

+60
-0
lines changed

4 files changed

+60
-0
lines changed

apis/dash/v1alpha1/dashapplication_types.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,22 @@ type Ingress struct {
8484
// when using PathType with value "Exact" or "Prefix".
8585
// +optional
8686
Path string `json:"path,omitempty"`
87+
// TLS configuration.
88+
// +optional
89+
TLS *IngressTLS `json:"tls,omitempty"`
90+
}
91+
92+
type IngressTLS struct {
93+
// Hosts included in the TLS certificate. The values in
94+
// +optional
95+
Host string `json:"hosts,omitempty"`
96+
// SecretName is the name of the secret used to terminate TLS traffic on
97+
// port 443. Field is left optional to allow TLS routing based on SNI
98+
// hostname alone. If the SNI host in a listener conflicts with the "Host"
99+
// header field used by an IngressRule, the SNI host is used for termination
100+
// and value of the Host header is used for routing.
101+
// +optional
102+
SecretName string `json:"secretName,omitempty" protobuf:"bytes,2,opt,name=secretName"`
87103
}
88104

89105
type DashApplicationStatus struct {

apis/dash/v1alpha1/zz_generated.deepcopy.go

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

config/crd/bases/dash.plural.sh_dashapplications.yaml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,22 @@ spec:
116116
with a '/' and must be present when using PathType with value
117117
"Exact" or "Prefix".
118118
type: string
119+
tls:
120+
description: TLS configuration.
121+
properties:
122+
hosts:
123+
description: Hosts included in the TLS certificate. The values
124+
in
125+
type: string
126+
secretName:
127+
description: SecretName is the name of the secret used to
128+
terminate TLS traffic on port 443. Field is left optional
129+
to allow TLS routing based on SNI hostname alone. If the
130+
SNI host in a listener conflicts with the "Host" header
131+
field used by an IngressRule, the SNI host is used for termination
132+
and value of the Host header is used for routing.
133+
type: string
134+
type: object
119135
type: object
120136
labels:
121137
additionalProperties:

pkg/controller/dash_controller.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,14 @@ func genIngress(dashApp *dashv1alpha1.DashApplication) *networkingv1.Ingress {
162162
},
163163
},
164164
}
165+
if dashApp.Spec.Ingress.TLS != nil {
166+
ingress.Spec.TLS = []networkingv1.IngressTLS{
167+
{
168+
Hosts: []string{dashApp.Spec.Ingress.TLS.Host},
169+
SecretName: dashApp.Spec.Ingress.TLS.SecretName,
170+
},
171+
}
172+
}
165173

166174
return ingress
167175
}

0 commit comments

Comments
 (0)