refactor(ingress) Split ingress rules

Define ingress rules in each components instead of a global one in harbor-core component Signed-off-by: Pierre Péronnet <pierre.peronnet@ovhcloud.com>
goharbor · Feb 18, 2020 · 79ab62a · 79ab62a
1 parent 825d468
commit 79ab62a
Show file tree

Hide file tree

Showing 4 changed files with 186 additions and 44 deletions.
diff --git a/controllers/harbor/components/chartmuseum/ingresses.go b/controllers/harbor/components/chartmuseum/ingresses.go
@@ -2,10 +2,70 @@ package chartmuseum
 
 import (
 	"context"
+	"net/url"
+	"strings"
 
+	"github.com/pkg/errors"
 	netv1 "k8s.io/api/networking/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/intstr"
+
+	containerregistryv1alpha1 "github.com/ovh/harbor-operator/api/v1alpha1"
+	"github.com/ovh/harbor-operator/pkg/factories/application"
 )
 
-func (c *ChartMuseum) GetIngresses(ctx context.Context) []*netv1.Ingress {
-	return []*netv1.Ingress{}
+func (c *ChartMuseum) GetIngresses(ctx context.Context) []*netv1.Ingress { // nolint:funlen
+	operatorName := application.GetName(ctx)
+	harborName := c.harbor.Name
+
+	u, err := url.Parse(c.harbor.Spec.PublicURL)
+	if err != nil {
+		panic(errors.Wrap(err, "invalid url"))
+	}
+
+	host := strings.SplitN(u.Host, ":", 1) // nolint:mnd
+
+	var tls []netv1.IngressTLS
+	if u.Scheme == "https" {
+		tls = []netv1.IngressTLS{
+			{
+				SecretName: c.harbor.Spec.TLSSecretName,
+			},
+		}
+	}
+
+	return []*netv1.Ingress{
+		{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      c.harbor.NormalizeComponentName(containerregistryv1alpha1.ChartMuseumName),
+				Namespace: c.harbor.Namespace,
+				Labels: map[string]string{
+					"app":      containerregistryv1alpha1.ChartMuseumName,
+					"harbor":   harborName,
+					"operator": operatorName,
+				},
+			},
+			Spec: netv1.IngressSpec{
+				TLS: tls,
+				Rules: []netv1.IngressRule{
+					{
+						Host: host[0],
+						IngressRuleValue: netv1.IngressRuleValue{
+							HTTP: &netv1.HTTPIngressRuleValue{
+								Paths: []netv1.HTTPIngressPath{
+									{
+										Path: "/chartrepo",
+										Backend: netv1.IngressBackend{
+											ServiceName: c.harbor.NormalizeComponentName(containerregistryv1alpha1.CoreName),
+											ServicePort: intstr.FromInt(PublicPort),
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
 }
diff --git a/controllers/harbor/components/harbor-core/ingresses.go b/controllers/harbor/components/harbor-core/ingresses.go
@@ -11,17 +11,9 @@ import (
 	"k8s.io/apimachinery/pkg/util/intstr"
 
 	containerregistryv1alpha1 "github.com/ovh/harbor-operator/api/v1alpha1"
-
-	"github.com/ovh/harbor-operator/controllers/harbor/components/chartmuseum"
-	"github.com/ovh/harbor-operator/controllers/harbor/components/portal"
-	"github.com/ovh/harbor-operator/controllers/harbor/components/registry"
 	"github.com/ovh/harbor-operator/pkg/factories/application"
 )
 
-const (
-	emptyPort = 1
-)
-
 func (c *HarborCore) GetIngresses(ctx context.Context) []*netv1.Ingress { // nolint:funlen
 	operatorName := application.GetName(ctx)
 	harborName := c.harbor.Name
@@ -73,42 +65,12 @@ func (c *HarborCore) GetIngresses(ctx context.Context) []*netv1.Ingress { // nol
 											ServiceName: c.harbor.NormalizeComponentName(containerregistryv1alpha1.CoreName),
 											ServicePort: intstr.FromInt(PublicPort),
 										},
-									}, {
-										Path: "/chartrepo",
-										Backend: netv1.IngressBackend{
-											ServiceName: c.harbor.NormalizeComponentName(containerregistryv1alpha1.CoreName),
-											ServicePort: intstr.FromInt(chartmuseum.PublicPort),
-										},
 									}, {
 										Path: "/service",
 										Backend: netv1.IngressBackend{
 											ServiceName: c.harbor.NormalizeComponentName(containerregistryv1alpha1.CoreName),
 											ServicePort: intstr.FromInt(PublicPort),
 										},
-									}, {
-										Path: "/service/notification",
-										Backend: netv1.IngressBackend{
-											ServiceName: "dev-null",
-											ServicePort: intstr.FromInt(emptyPort),
-										},
-									}, {
-										Path: "/v1",
-										Backend: netv1.IngressBackend{
-											ServiceName: "dev-null",
-											ServicePort: intstr.FromInt(emptyPort),
-										},
-									}, {
-										Path: "/v2",
-										Backend: netv1.IngressBackend{
-											ServiceName: c.harbor.NormalizeComponentName(containerregistryv1alpha1.RegistryName),
-											ServicePort: intstr.FromInt(registry.PublicPort),
-										},
-									}, {
-										Path: "/",
-										Backend: netv1.IngressBackend{
-											ServiceName: c.harbor.NormalizeComponentName(containerregistryv1alpha1.PortalName),
-											ServicePort: intstr.FromInt(portal.PublicPort),
-										},
 									},
 								},
 							},

diff --git a/controllers/harbor/components/portal/ingresses.go b/controllers/harbor/components/portal/ingresses.go
@@ -2,10 +2,70 @@ package portal
 
 import (
 	"context"
+	"net/url"
+	"strings"
 
+	"github.com/pkg/errors"
 	netv1 "k8s.io/api/networking/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/intstr"
+
+	containerregistryv1alpha1 "github.com/ovh/harbor-operator/api/v1alpha1"
+	"github.com/ovh/harbor-operator/pkg/factories/application"
 )
 
-func (p *Portal) GetIngresses(ctx context.Context) []*netv1.Ingress {
-	return []*netv1.Ingress{}
+func (p *Portal) GetIngresses(ctx context.Context) []*netv1.Ingress { // nolint:funlen
+	operatorName := application.GetName(ctx)
+	harborName := p.harbor.Name
+
+	u, err := url.Parse(p.harbor.Spec.PublicURL)
+	if err != nil {
+		panic(errors.Wrap(err, "invalid url"))
+	}
+
+	host := strings.SplitN(u.Host, ":", 1) // nolint:mnd
+
+	var tls []netv1.IngressTLS
+	if u.Scheme == "https" {
+		tls = []netv1.IngressTLS{
+			{
+				SecretName: p.harbor.Spec.TLSSecretName,
+			},
+		}
+	}
+
+	return []*netv1.Ingress{
+		{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      p.harbor.NormalizeComponentName(containerregistryv1alpha1.PortalName),
+				Namespace: p.harbor.Namespace,
+				Labels: map[string]string{
+					"app":      containerregistryv1alpha1.PortalName,
+					"harbor":   harborName,
+					"operator": operatorName,
+				},
+			},
+			Spec: netv1.IngressSpec{
+				TLS: tls,
+				Rules: []netv1.IngressRule{
+					{
+						Host: host[0],
+						IngressRuleValue: netv1.IngressRuleValue{
+							HTTP: &netv1.HTTPIngressRuleValue{
+								Paths: []netv1.HTTPIngressPath{
+									{
+										Path: "/",
+										Backend: netv1.IngressBackend{
+											ServiceName: p.harbor.NormalizeComponentName(containerregistryv1alpha1.PortalName),
+											ServicePort: intstr.FromInt(PublicPort),
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
 }
diff --git a/controllers/harbor/components/registry/ingresses.go b/controllers/harbor/components/registry/ingresses.go
@@ -2,10 +2,70 @@ package registry
 
 import (
 	"context"
+	"net/url"
+	"strings"
 
+	"github.com/pkg/errors"
 	netv1 "k8s.io/api/networking/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/intstr"
+
+	containerregistryv1alpha1 "github.com/ovh/harbor-operator/api/v1alpha1"
+	"github.com/ovh/harbor-operator/pkg/factories/application"
 )
 
-func (r *Registry) GetIngresses(ctx context.Context) []*netv1.Ingress {
-	return []*netv1.Ingress{}
+func (r *Registry) GetIngresses(ctx context.Context) []*netv1.Ingress { // nolint:funlen
+	operatorName := application.GetName(ctx)
+	harborName := r.harbor.Name
+
+	u, err := url.Parse(r.harbor.Spec.PublicURL)
+	if err != nil {
+		panic(errors.Wrap(err, "invalid url"))
+	}
+
+	host := strings.SplitN(u.Host, ":", 1) // nolint:mnd
+
+	var tls []netv1.IngressTLS
+	if u.Scheme == "https" {
+		tls = []netv1.IngressTLS{
+			{
+				SecretName: r.harbor.Spec.TLSSecretName,
+			},
+		}
+	}
+
+	return []*netv1.Ingress{
+		{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      r.harbor.NormalizeComponentName(containerregistryv1alpha1.RegistryName),
+				Namespace: r.harbor.Namespace,
+				Labels: map[string]string{
+					"app":      containerregistryv1alpha1.RegistryName,
+					"harbor":   harborName,
+					"operator": operatorName,
+				},
+			},
+			Spec: netv1.IngressSpec{
+				TLS: tls,
+				Rules: []netv1.IngressRule{
+					{
+						Host: host[0],
+						IngressRuleValue: netv1.IngressRuleValue{
+							HTTP: &netv1.HTTPIngressRuleValue{
+								Paths: []netv1.HTTPIngressPath{
+									{
+										Path: "/v2",
+										Backend: netv1.IngressBackend{
+											ServiceName: r.harbor.NormalizeComponentName(containerregistryv1alpha1.RegistryName),
+											ServicePort: intstr.FromInt(PublicPort),
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
 }