From 3ca3d6e43d2e1e8a11e8505363e1773fee890db5 Mon Sep 17 00:00:00 2001 From: AlexFenlon Date: Tue, 19 Nov 2024 15:57:14 +0000 Subject: [PATCH] refactor secret name for clarity (#6823) --- cmd/nginx-ingress/main.go | 4 ++-- internal/configs/configurator.go | 8 ++++---- internal/k8s/controller.go | 10 +++++----- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/cmd/nginx-ingress/main.go b/cmd/nginx-ingress/main.go index a1ec4f0cf1..ae2fc567c3 100644 --- a/cmd/nginx-ingress/main.go +++ b/cmd/nginx-ingress/main.go @@ -572,7 +572,7 @@ func processDefaultServerSecret(ctx context.Context, kubeClient *kubernetes.Clie } bytes := configs.GenerateCertAndKeyFileContent(secret) - nginxManager.CreateSecret(configs.DefaultServerSecretName, bytes, nginx.TLSSecretFileMode) + nginxManager.CreateSecret(configs.DefaultServerSecretFileName, bytes, nginx.TLSSecretFileMode) } else { _, err := os.Stat(configs.DefaultServerSecretPath) if err != nil { @@ -596,7 +596,7 @@ func processWildcardSecret(ctx context.Context, kubeClient *kubernetes.Clientset } bytes := configs.GenerateCertAndKeyFileContent(secret) - nginxManager.CreateSecret(configs.WildcardSecretName, bytes, nginx.TLSSecretFileMode) + nginxManager.CreateSecret(configs.WildcardSecretFileName, bytes, nginx.TLSSecretFileMode) } return *wildcardTLSSecret != "" } diff --git a/internal/configs/configurator.go b/internal/configs/configurator.go index e115bca314..8d286f0415 100644 --- a/internal/configs/configurator.go +++ b/internal/configs/configurator.go @@ -47,11 +47,11 @@ const DefaultServerSecretPath = "/etc/nginx/secrets/default" //nolint:gosec // G // DefaultSecretPath is the full default path to where secrets are stored and accessed. const DefaultSecretPath = "/etc/nginx/secrets" // #nosec G101 -// DefaultServerSecretName is the filename of the Secret with a TLS cert and a key for the default server. -const DefaultServerSecretName = "default" +// DefaultServerSecretFileName is the filename of the Secret with a TLS cert and a key for the default server. +const DefaultServerSecretFileName = "default" -// WildcardSecretName is the filename of the Secret with a TLS cert and a key for the ingress resources with TLS termination enabled but not secret defined. -const WildcardSecretName = "wildcard" +// WildcardSecretFileName is the filename of the Secret with a TLS cert and a key for the ingress resources with TLS termination enabled but not secret defined. +const WildcardSecretFileName = "wildcard" // JWTKeyKey is the key of the data field of a Secret where the JWK must be stored. const JWTKeyKey = "jwk" diff --git a/internal/k8s/controller.go b/internal/k8s/controller.go index 581e7713da..9ad044b69f 100644 --- a/internal/k8s/controller.go +++ b/internal/k8s/controller.go @@ -1656,7 +1656,7 @@ func (lbc *LoadBalancerController) reportCustomResourceStatusEnabled() bool { func (lbc *LoadBalancerController) syncSecret(task task) { key := task.Key var obj interface{} - var secrExists bool + var secretWatched bool var err error namespace, name, err := ParseNamespaceName(key) @@ -1664,7 +1664,7 @@ func (lbc *LoadBalancerController) syncSecret(task task) { nl.Warnf(lbc.Logger, "Secret key %v is invalid: %v", key, err) return } - obj, secrExists, err = lbc.getNamespacedInformer(namespace).secretLister.GetByKey(key) + obj, secretWatched, err = lbc.getNamespacedInformer(namespace).secretLister.GetByKey(key) if err != nil { lbc.syncQueue.Requeue(task, err) return @@ -1683,7 +1683,7 @@ func (lbc *LoadBalancerController) syncSecret(task task) { nl.Debugf(lbc.Logger, "Found %v Resources with Secret %v", len(resources), key) - if !secrExists { + if !secretWatched { lbc.secretStore.DeleteSecret(key) nl.Debugf(lbc.Logger, "Deleting Secret: %v", key) @@ -1780,9 +1780,9 @@ func (lbc *LoadBalancerController) handleSpecialSecretUpdate(secret *api_v1.Secr secretNsName := secret.Namespace + "/" + secret.Name switch secretNsName { case lbc.specialSecrets.defaultServerSecret: - lbc.validationTLSSpecialSecret(secret, configs.DefaultServerSecretName, &specialTLSSecretsToUpdate) + lbc.validationTLSSpecialSecret(secret, configs.DefaultServerSecretFileName, &specialTLSSecretsToUpdate) case lbc.specialSecrets.wildcardTLSSecret: - lbc.validationTLSSpecialSecret(secret, configs.WildcardSecretName, &specialTLSSecretsToUpdate) + lbc.validationTLSSpecialSecret(secret, configs.WildcardSecretFileName, &specialTLSSecretsToUpdate) default: nl.Warnf(lbc.Logger, "special secret not found") return