diff --git a/CHANGELOG.md b/CHANGELOG.md index d3a5ebe97c..a5db1105bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,7 +7,7 @@ Adding a new version? You'll need three changes: * Add the diff link, like "[2.7.0]: https://github.com/kong/kubernetes-ingress-controller/compare/v1.2.2...v1.2.3". This is all the way at the bottom. It's the thing we always forget. ---> - + - [2.9.0](#290) - [2.9.0-rc.1](#290-rc1) - [2.8.1](#281) - [2.8.0](#280) @@ -63,6 +63,16 @@ Adding a new version? You'll need three changes: - [0.0.5](#005) - [0.0.4 and prior](#004-and-prior) +## [2.9.0] + +> Release date: TBD + +### Fixed + +- Fixed the issue where the status of an ingress is not updated when `secretName` is + not specified in `ingress.spec.tls`. + [#3719](https://github.com/Kong/kubernetes-ingress-controller/pull/3719) + ## [2.9.0-rc.1] > Release date: 2023-03-09 diff --git a/internal/controllers/configuration/object_references.go b/internal/controllers/configuration/object_references.go index 18bdb71346..8230dd83c3 100644 --- a/internal/controllers/configuration/object_references.go +++ b/internal/controllers/configuration/object_references.go @@ -75,6 +75,9 @@ func listCoreV1ServiceReferredSecrets(service *corev1.Service) []types.Namespace func listNetV1IngressReferredSecrets(ingress *netv1.Ingress) []types.NamespacedName { referredSecretNames := make([]types.NamespacedName, 0, len(ingress.Spec.TLS)) for _, tls := range ingress.Spec.TLS { + if tls.SecretName == "" { + continue + } nsName := types.NamespacedName{ Namespace: ingress.Namespace, Name: tls.SecretName, @@ -87,6 +90,9 @@ func listNetV1IngressReferredSecrets(ingress *netv1.Ingress) []types.NamespacedN func listNetV1beta1IngressReferredSecrets(ingress *netv1beta1.Ingress) []types.NamespacedName { referredSecretNames := make([]types.NamespacedName, 0, len(ingress.Spec.TLS)) for _, tls := range ingress.Spec.TLS { + if tls.SecretName == "" { + continue + } nsName := types.NamespacedName{ Namespace: ingress.Namespace, Name: tls.SecretName, @@ -99,6 +105,9 @@ func listNetV1beta1IngressReferredSecrets(ingress *netv1beta1.Ingress) []types.N func listExtensionV1beta1IngressReferredSecrets(ingress *extv1beta1.Ingress) []types.NamespacedName { referredSecretNames := make([]types.NamespacedName, 0, len(ingress.Spec.TLS)) for _, tls := range ingress.Spec.TLS { + if tls.SecretName == "" { + continue + } nsName := types.NamespacedName{ Namespace: ingress.Namespace, Name: tls.SecretName, @@ -147,6 +156,9 @@ func listKongConsumerReferredSecrets(consumer *kongv1.KongConsumer) []types.Name func listTCPIngressReferredSecrets(tcpIngress *kongv1beta1.TCPIngress) []types.NamespacedName { referredSecretNames := make([]types.NamespacedName, 0, len(tcpIngress.Spec.TLS)) for _, tls := range tcpIngress.Spec.TLS { + if tls.SecretName == "" { + continue + } nsName := types.NamespacedName{ Namespace: tcpIngress.Namespace, Name: tls.SecretName, diff --git a/internal/controllers/configuration/object_references_test.go b/internal/controllers/configuration/object_references_test.go index c033575ed0..a6c94e5dba 100644 --- a/internal/controllers/configuration/object_references_test.go +++ b/internal/controllers/configuration/object_references_test.go @@ -104,6 +104,21 @@ func TestListIngressReferredSecrets(t *testing.T) { secretNum: 1, refSecretName: types.NamespacedName{Namespace: "ns", Name: "secret1"}, }, + { + name: "ingress_has_tls_without_secretName_should_refer_no_secrets", + ingress: &netv1.Ingress{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "ns", + Name: "ing1", + }, + Spec: netv1.IngressSpec{ + TLS: []netv1.IngressTLS{ + {Hosts: []string{"example.com"}}, + }, + }, + }, + secretNum: 0, + }, } for _, tc := range testCases { @@ -289,11 +304,11 @@ func TestListTCPIngressReferredSecrets(t *testing.T) { Spec: kongv1beta1.TCPIngressSpec{ TLS: []kongv1beta1.IngressTLS{ {Hosts: []string{"example.com"}, SecretName: "secret1"}, - {Hosts: []string{"konghq.com"}, SecretName: "secret2"}, + {Hosts: []string{"konghq.com"}, SecretName: ""}, }, }, }, - secretNum: 2, + secretNum: 1, refSecretName: types.NamespacedName{ Namespace: "ns", Name: "secret1",