This is an ingress controller that can be run on Azure Kubernetes Service (AKS) to allow an Azure Application Gateway to act as the ingress for an AKS cluster.
[x] If applicable, the changes made in the PR have proper test coverage
[x] Issues addressed by the PR are mentioned in the description followed by Fixes.
Description
This PR fixes a bug which was introduced as part of changes to support Private Only Application Gateway.
When a cluster doesn't have any/valid ingresses, then AGIC adds a default listener to the AppGW as AppGW requires a listener.
To select what frontend IP configuration to use, AGIC checks if
if UsePrivateIP environment variable is set, then use private IP
if public IP is present, then use public IP as that was the default behavior before
otherwise use private IP
In a recent change to support private only appgw, a bug got introduced in which AGIC was incorrectly looking for presence of public IP frontend by passing wrong arguments.
In following image, true corresponds to finding a private frontend.
This was causing a panic as denoted in the attached issue. Because AGIC was looking for private IP instead public IP, it was returning nil and dereferencing that caused a panic.
To fix this, instead of passing a Boolean to look for public or private, we use FrontendType with value Public or Private.
This will allow to reduce ambiguity and bugs in the future.
Multiple test files got updated due to this as AppGW resources are named using the listener struct hash. As this struct is now taking an enum instead of bool, it has changed hashes across multiple test files. Some places, it has the changes the order of rules in the array.
Checklist
Fixes
.Description
This PR fixes a bug which was introduced as part of changes to support Private Only Application Gateway.
When a cluster doesn't have any/valid ingresses, then AGIC adds a default listener to the AppGW as AppGW requires a listener. To select what frontend IP configuration to use, AGIC checks if
In following image,
true
corresponds to finding a private frontend.This was causing a
panic
as denoted in the attached issue. Because AGIC was looking for private IP instead public IP, it was returningnil
and dereferencing that caused apanic
.To fix this, instead of passing a
Boolean
to look for public or private, we useFrontendType
with valuePublic
orPrivate
. This will allow to reduce ambiguity and bugs in the future.Multiple test files got updated due to this as AppGW resources are named using the
listener
struct hash. As this struct is now taking an enum instead of bool, it has changed hashes across multiple test files. Some places, it has the changes the order of rules in the array.Fixes
1532