// ParseAnnotations parses the annotations contained in the ingress // rule used to add authentication in the paths defined in the rule // and generated an htpasswd compatible file to be used as source // during the authentication process func ParseAnnotations(kubeClient client.Interface, ing *extensions.Ingress, authDir string) (*Nginx, error) { if ing.GetAnnotations() == nil { return &Nginx{}, ErrMissingAnnotations } at, err := ingAnnotations(ing.GetAnnotations()).authType() if err != nil { return &Nginx{}, err } s, err := ingAnnotations(ing.GetAnnotations()).secretName() if err != nil { return &Nginx{}, err } secret, err := kubeClient.Secrets(ing.Namespace).Get(s) if err != nil { return &Nginx{}, err } realm := ingAnnotations(ing.GetAnnotations()).realm() passFile := fmt.Sprintf("%v/%v-%v.passwd", authDir, ing.GetNamespace(), ing.GetName()) err = dumpSecret(passFile, secret) if err != nil { return &Nginx{}, err } return &Nginx{ Type: at, Realm: realm, File: passFile, Secured: true, }, nil }
// ParseAnnotations parses the annotations contained in the ingress // rule used to rewrite the defined paths func ParseAnnotations(ing *extensions.Ingress) (*RateLimit, error) { if ing.GetAnnotations() == nil { return &RateLimit{}, ErrMissingAnnotations } rps := ingAnnotations(ing.GetAnnotations()).limitRPS() conn := ingAnnotations(ing.GetAnnotations()).limitIP() if rps == 0 && conn == 0 { return &RateLimit{ Connections: Zone{}, RPS: Zone{}, }, ErrInvalidRateLimit } zoneName := fmt.Sprintf("%v_%v", ing.GetNamespace(), ing.GetName()) return &RateLimit{ Connections: Zone{ Name: fmt.Sprintf("%v_conn", zoneName), Limit: conn, Burst: conn * defBurst, SharedSize: defSharedSize, }, RPS: Zone{ Name: fmt.Sprintf("%v_rps", zoneName), Limit: rps, Burst: conn * defBurst, SharedSize: defSharedSize, }, }, nil }
// ParseAnnotations parses the annotations contained in the ingress // rule used to add authentication in the paths defined in the rule // and generated an htpasswd compatible file to be used as source // during the authentication process func ParseAnnotations(ing *extensions.Ingress, authDir string, fn func(string) (*api.Secret, error)) (*BasicDigest, error) { if ing.GetAnnotations() == nil { return &BasicDigest{}, parser.ErrMissingAnnotations } at, err := parser.GetStringAnnotation(authType, ing) if err != nil { return &BasicDigest{}, err } if !authTypeRegex.MatchString(at) { return &BasicDigest{}, ErrInvalidAuthType } s, err := parser.GetStringAnnotation(authSecret, ing) if err != nil { return &BasicDigest{}, err } secret, err := fn(fmt.Sprintf("%v/%v", ing.Namespace, s)) if err != nil { return &BasicDigest{}, err } realm, _ := parser.GetStringAnnotation(authRealm, ing) passFile := fmt.Sprintf("%v/%v-%v.passwd", authDir, ing.GetNamespace(), ing.GetName()) err = dumpSecret(passFile, secret) if err != nil { return &BasicDigest{}, err } return &BasicDigest{ Type: at, Realm: realm, File: passFile, Secured: true, }, nil }