Skip to content

ALB Ingress Controller - Refactor unit and controller tests #1156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
meneksece wants to merge 4 commits into
base: feat/kp/add-alb-ingress-controller
Choose a base branch
from
Open

ALB Ingress Controller - Refactor unit and controller tests #1156

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1a15c2f
fix tls bridging missing tlspool config and add tests and fix typo in…
May 27, 2026
f28b4d8
updated annotation lookup when sorting ingresses for ingressClass
May 28, 2026
2428294
updated tests
Jun 1, 2026
3930409
introduced sequenceIndex to not lose the order of rules when creating…
Jun 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 54 additions & 4 deletions pkg/alb/ingress/alb_spec.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ import (
)

func (r *IngressClassReconciler) getAlbSpecForIngressClass(ctx context.Context, class *networkingv1.IngressClass) (*albsdk.CreateLoadBalancerPayload, []errorEvents, error) {
ingresses, err := r.getIngressesForIngressClass(ctx, class)
ingresses, err := r.getSortedIngressesForIngressClass(ctx, class)
if err != nil {
return nil, nil, err
}
Expand All @@ -34,9 +34,9 @@ func (r *IngressClassReconciler) getAlbSpecForIngresses(ctx context.Context, cla
certificates := albCertificates{}
targetPools := albTargetPools{}

for _, ingress := range ingresses {
for i, ingress := range ingresses {
var listenerMergeError, targetPoolMergeError []errorEvents
ingressListeners, ingressCertificates, ingressTargetPools, ingressErrorList := r.getALBResourcesForIngress(ctx, class, &ingress)
ingressListeners, ingressCertificates, ingressTargetPools, ingressErrorList := r.getALBResourcesForIngress(ctx, class, &ingress, i)
errorList = append(errorList, ingressErrorList...)

certificates = mergeCertificates(certificates, ingressCertificates)
Expand Down Expand Up @@ -134,6 +134,33 @@ func (r *IngressClassReconciler) getAlbSpecForResources(ctx context.Context, cla

albsdkHost.Rules = append(albsdkHost.Rules, albsdkRule)
}

/// menekse

sort.SliceStable(albsdkHost.Rules, func(i, j int) bool {
pathI := ""
if albsdkHost.Rules[i].Path.Prefix != nil {
pathI = *albsdkHost.Rules[i].Path.Prefix
} else if albsdkHost.Rules[i].Path.ExactMatch != nil {
pathI = *albsdkHost.Rules[i].Path.ExactMatch
}

pathJ := ""
if albsdkHost.Rules[j].Path.Prefix != nil {
pathJ = *albsdkHost.Rules[j].Path.Prefix
} else if albsdkHost.Rules[j].Path.ExactMatch != nil {
pathJ = *albsdkHost.Rules[j].Path.ExactMatch
}

ruleI := hostPaths.path[pathI]
ruleJ := hostPaths.path[pathJ]

// Smaller sequence index means it was processed earlier (higher priority)
return ruleI.sequenceIndex < ruleJ.sequenceIndex
})

////

albsdkHosts = append(albsdkHosts, albsdkHost)

albsdkListener.Http = new(albsdk.ProtocolOptionsHTTP{
Expand Down Expand Up @@ -179,13 +206,33 @@ func (r *IngressClassReconciler) getAlbSpecForResources(ctx context.Context, cla
Targets: targets,
ActiveHealthCheck: nil, // TODO
}

if targetPool.tlsEnabled {
albsdkTargetPool.TlsConfig = &albsdk.TlsConfig{
Enabled: new(bool),
SkipCertificateValidation: nil,
CustomCa: nil,
}
*albsdkTargetPool.TlsConfig.Enabled = true

if targetPool.skipCertificateValidation {
albsdkTargetPool.TlsConfig.SkipCertificateValidation = new(bool)
*albsdkTargetPool.TlsConfig.SkipCertificateValidation = true
}

if targetPool.customCA != "" {
albsdkTargetPool.TlsConfig.CustomCa = new(string)
*albsdkTargetPool.TlsConfig.CustomCa = targetPool.customCA
}
}

alb.TargetPools = append(alb.TargetPools, albsdkTargetPool)
}

return alb, errorList, nil
}

func (r *IngressClassReconciler) getALBResourcesForIngress(ctx context.Context, class *networkingv1.IngressClass, ingress *networkingv1.Ingress) (albListeners, albCertificates, albTargetPools, []errorEvents) {
func (r *IngressClassReconciler) getALBResourcesForIngress(ctx context.Context, class *networkingv1.IngressClass, ingress *networkingv1.Ingress, sequenceIndex int) (albListeners, albCertificates, albTargetPools, []errorEvents) {
ref := getIngressRefForIngress(r.Scheme, ingress)

certificates := albCertificates{}
Expand Down Expand Up @@ -250,6 +297,7 @@ func (r *IngressClassReconciler) getALBResourcesForIngress(ctx context.Context,
cookiePersistenceTtlSeconds: getAnnotation(AnnotationCookiePersistenceTTLSeconds, 0, class, ingress),
targetPoolName: poolName,
websocket: getAnnotation(AnnotationWebSocket, false, class, ingress),
sequenceIndex: sequenceIndex,
}
}
}
Expand Down Expand Up @@ -302,6 +350,8 @@ func (r *IngressClassReconciler) getSortedIngressesForIngressClass(ctx context.C
sort.SliceStable(ingresses, func(i, j int) bool {
prioI := getAnnotation(AnnotationPriority, 0, class, &ingresses[i])
prioJ := getAnnotation(AnnotationPriority, 0, class, &ingresses[j])
//prioI := getAnnotation(AnnotationPriority, 0, &ingresses[i], class)
//prioJ := getAnnotation(AnnotationPriority, 0, &ingresses[j], class)

// Sort by Priority (Highest at the beginning)
if prioI != prioJ {
Expand Down
Loading