Merge pull request #95660 from rikatz/improve-create-ingress

Fix catch all regex and missing DryRun Options
2025-07-19 09:52:49 +00:00 · 2020-10-19 07:52:26 -07:00 · 2020-10-19 07:52:26 -07:00 · 2046f4212a
commit 2046f4212a
parent 86a208edc8 45d6672a98
2 changed files with 71 additions and 7 deletions
--- a/staging/src/k8s.io/kubectl/pkg/cmd/create/create_ingress.go
+++ b/staging/src/k8s.io/kubectl/pkg/cmd/create/create_ingress.go
@ -40,13 +40,13 @@ import (

 var (
 	// Explaining the Regex below:
-	// ^(?P<host>.+) -> Indicates the host - 1-N characters
+	// ^(?P<host>[\w\*\-\.]*) -> Indicates the host - 0-N characters of letters, number, underscore, '-', '.' and '*'
 	// (?P<path>/.*) -> Indicates the path and MUST start with '/' - / + 0-N characters
 	// Separator from host/path to svcname:svcport -> "="
 	// (?P<svcname>[\w\-]+) -> Service Name (letters, numbers, '-') -> 1-N characters
 	// Separator from svcname to svcport -> ":"
 	// (?P<svcport>[\w\-]+) -> Service Port (letters, numbers, '-') -> 1-N characters
-	regexHostPathSvc = `^(?P<host>.+)(?P<path>/.*)=(?P<svcname>[\w\-]+):(?P<svcport>[\w\-]+)`
+	regexHostPathSvc = `^(?P<host>[\w\*\-\.]*)(?P<path>/.*)=(?P<svcname>[\w\-]+):(?P<svcport>[\w\-]+)`

 	// This Regex is optional -> (....)?
 	// (?P<istls>tls) -> Verify if the argument after "," is 'tls'
@ -66,8 +66,8 @@ var (
 		# svc1:8080 with a tls secret "my-cert"
 		kubectl create ingress simple --rule="foo.com/bar=svc1:8080,tls=my-cert"

-		# Create a catch all ingress pointing to service svc:port and Ingress Class as "otheringress"
-		kubectl create ingress catch-all --class=otheringress --rule="_/=svc:port"
+		# Create a catch all ingress of "/path" pointing to service svc:port and Ingress Class as "otheringress"
+		kubectl create ingress catch-all --class=otheringress --rule="/path=svc:port"

 		# Create an ingress with two annotations: ingress.annotation1 and ingress.annotations2
 		kubectl create ingress annotated --class=default --rule="foo.com/bar=svc:port" \
@ -156,6 +156,7 @@ func NewCmdCreateIngress(f cmdutil.Factory, ioStreams genericclioptions.IOStream

 	cmdutil.AddApplyAnnotationFlags(cmd)
 	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddDryRunFlag(cmd)
 	cmd.Flags().StringVar(&o.IngressClass, "class", o.IngressClass, "Ingress Class to be used")
 	cmd.Flags().StringArrayVar(&o.Rules, "rule", o.Rules, "Rule in format host/path=service:port[,tls=secretname]. Paths containing the leading character '*' are considered pathType=Prefix. tls argument is optional.")
 	cmd.Flags().StringVar(&o.DefaultBackend, "default-backend", o.DefaultBackend, "Default service for backend, in format of svcname:port")
@ -344,7 +345,7 @@ func (o *CreateIngressOptions) buildTLSRules() []networkingv1.IngressTLS {
 					hostAlreadyPresent[host] = struct{}{}
 					continue
 				}
-				if host != "_" {
+				if host != "" {
 					ingressTLS.Hosts = append(ingressTLS.Hosts, host)
 				}
 				if secret != "" {
@ -371,7 +372,7 @@ func (o *CreateIngressOptions) buildIngressRules() []networkingv1.IngressRule {
 		ingressPath := buildHTTPIngressPath(hostSplit[1])
 		ingressRule := networkingv1.IngressRule{}

-		if host != "_" {
+		if host != "" {
 			ingressRule.Host = host
 		}

--- a/staging/src/k8s.io/kubectl/pkg/cmd/create/create_ingress_test.go
+++ b/staging/src/k8s.io/kubectl/pkg/cmd/create/create_ingress_test.go
@ -108,6 +108,12 @@ func TestCreateIngressValidation(t *testing.T) {
 			},
 			expected: "rule foo.com=othersvc:8080 is invalid and should be in format host/path=svcname:svcport[,tls[=secret]]",
 		},
+		"valid catch all rule": {
+			rules: []string{
+				"/path/subpath*=svc:redis,tls=blo",
+			},
+			expected: "",
+		},
 	}

 	for name, tc := range tests {
@ -144,7 +150,7 @@ func TestCreateIngress(t *testing.T) {
 	}{
 		"catch all host and default backend with default TLS returns empty TLS": {
 			rules: []string{
-				"_/=catchall:8080,tls=",
+				"/=catchall:8080,tls=",
 			},
 			ingressclass:   ingressClass,
 			defaultbackend: "service1:https",
@ -195,6 +201,63 @@ func TestCreateIngress(t *testing.T) {
 				},
 			},
 		},
+		"catch all with path of type prefix and secret name": {
+			rules: []string{
+				"/path*=catchall:8080,tls=secret1",
+			},
+			ingressclass:   ingressClass,
+			defaultbackend: "service1:https",
+			annotations:    []string{},
+			expected: &networkingv1.Ingress{
+				TypeMeta: metav1.TypeMeta{
+					APIVersion: networkingv1.SchemeGroupVersion.String(),
+					Kind:       "Ingress",
+				},
+				ObjectMeta: metav1.ObjectMeta{
+					Name:        ingressName,
+					Annotations: map[string]string{},
+				},
+				Spec: networkingv1.IngressSpec{
+					IngressClassName: &ingressClass,
+					DefaultBackend: &networkingv1.IngressBackend{
+						Service: &networkingv1.IngressServiceBackend{
+							Name: "service1",
+							Port: networkingv1.ServiceBackendPort{
+								Name: "https",
+							},
+						},
+					},
+					TLS: []v1.IngressTLS{
+						{
+							SecretName: "secret1",
+						},
+					},
+					Rules: []networkingv1.IngressRule{
+						{
+							Host: "",
+							IngressRuleValue: networkingv1.IngressRuleValue{
+								HTTP: &networkingv1.HTTPIngressRuleValue{
+									Paths: []networkingv1.HTTPIngressPath{
+										{
+											Path:     "/path",
+											PathType: &pathTypePrefix,
+											Backend: networkingv1.IngressBackend{
+												Service: &networkingv1.IngressServiceBackend{
+													Name: "catchall",
+													Port: networkingv1.ServiceBackendPort{
+														Number: 8080,
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
 		"mixed hosts with mixed TLS configuration and a default backend": {
 			rules: []string{
 				"foo.com/=foo-svc:8080,tls=",