Surface TLS error

kubernetes · Feb 8, 2018 · d2559d2 · d2559d2
1 parent 19fb049
commit d2559d2
Showing 1 changed file with 24 additions and 27 deletions.
diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go
@@ -293,10 +293,11 @@ func (lbc *LoadBalancerController) sync(key string) (err error) {
 	singleIngressList := &extensions.IngressList{
 		Items: []extensions.Ingress{*ing},
 	}
-	lbs, err := lbc.toRuntimeInfo(singleIngressList)
+	lb, err := lbc.toRuntimeInfo(ing)
 	if err != nil {
 		return err
 	}
+	lbs := []*loadbalancers.L7RuntimeInfo{lb}
 
 	// Get all service ports for the ingress being synced.
 	ingSvcPorts := lbc.Translator.ToNodePorts(singleIngressList)
@@ -395,36 +396,32 @@ func (lbc *LoadBalancerController) updateIngressStatus(l7 *loadbalancers.L7, ing
 	return nil
 }
 
-// toRuntimeInfo returns L7RuntimeInfo for the given ingresses.
-func (lbc *LoadBalancerController) toRuntimeInfo(ingList *extensions.IngressList) (lbs []*loadbalancers.L7RuntimeInfo, err error) {
-	for _, ing := range ingList.Items {
-		k, err := keyFunc(&ing)
-		if err != nil {
-			glog.Warningf("Cannot get key for Ingress %v/%v: %v", ing.Namespace, ing.Name, err)
-			continue
-		}
+// toRuntimeInfo returns L7RuntimeInfo for the given ingress.
+func (lbc *LoadBalancerController) toRuntimeInfo(ing *extensions.Ingress) (*loadbalancers.L7RuntimeInfo, error) {
+	k, err := keyFunc(ing)
+	if err != nil {
+		return nil, fmt.Errorf("cannot get key for Ingress %v/%v: %v", ing.Namespace, ing.Name, err)
+	}
 
-		var tls *loadbalancers.TLSCerts
+	var tls *loadbalancers.TLSCerts
 
-		annotations := annotations.FromIngress(&ing)
-		// Load the TLS cert from the API Spec if it is not specified in the annotation.
-		// TODO: enforce this with validation.
-		if annotations.UseNamedTLS() == "" {
-			tls, err = lbc.tlsLoader.Load(&ing)
-			if err != nil {
-				glog.Warningf("Cannot get certs for Ingress %v/%v: %v", ing.Namespace, ing.Name, err)
-			}
+	annotations := annotations.FromIngress(ing)
+	// Load the TLS cert from the API Spec if it is not specified in the annotation.
+	// TODO: enforce this with validation.
+	if annotations.UseNamedTLS() == "" {
+		tls, err = lbc.tlsLoader.Load(ing)
+		if err != nil {
+			return nil, fmt.Errorf("cannot get certs for Ingress %v/%v: %v", ing.Namespace, ing.Name, err)
 		}
-
-		lbs = append(lbs, &loadbalancers.L7RuntimeInfo{
-			Name:         k,
-			TLS:          tls,
-			TLSName:      annotations.UseNamedTLS(),
-			AllowHTTP:    annotations.AllowHTTP(),
-			StaticIPName: annotations.StaticIPName(),
-		})
 	}
-	return lbs, nil
+
+	return &loadbalancers.L7RuntimeInfo{
+		Name:         k,
+		TLS:          tls,
+		TLSName:      annotations.UseNamedTLS(),
+		AllowHTTP:    annotations.AllowHTTP(),
+		StaticIPName: annotations.StaticIPName(),
+	}, nil
 }
 
 func updateAnnotations(client kubernetes.Interface, name, namespace string, annotations map[string]string) error {