Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

modules to traffic policy #370

Merged
merged 9 commits into from
May 1, 2024
Merged

modules to traffic policy #370

merged 9 commits into from
May 1, 2024

Conversation

OfTheDelmer
Copy link
Contributor

@OfTheDelmer OfTheDelmer commented Apr 29, 2024
edited
Loading

What

Updates the https edge ingress route spec with either the annotated modset policy or the annotated traffic policy policy

How

  • Update the driver and store to parallel the GetModuleSetV1 path for the traffic policy CRD
  • Update the tls, tcp and https edge types to use json.RawMessage because the alias of RawMessage causes issues with kubebuilder validation internally
  • Get the single policy annotation from the annotations on the ingress

Validation

  • Use the following ingress + traffic policy yaml to apply resources locally
  • See changes sync to edges on ngrok.com with the corresponding traffic policy

ingress_trafficpolicy_crd_test.yml

---
kind: NgrokTrafficPolicy
apiVersion: ngrok.k8s.ngrok.com/v1alpha1
metadata:
  name: traffic-policy-2
spec:
    policy:
      inbound:
        - name: "test_in"
          expressions:
            - "req.Method == 'PUT'"
          actions:
            - type: "deny"
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    k8s.ngrok.com/traffic-policy: traffic-policy-2
spec:
  ingressClassName: ngrok
  rules:
    - host: trafficpolicyingress-test.ngrok.dev
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: game-2048
                port:
                  number: 80

2048.yml

apiVersion: v1
kind: Service
metadata:
  name: game-2048
  namespace: ngrok-ingress-controller
spec:
  ports:
    - name: http
      port: 80
      targetPort: 80
  selector:
    app: game-2048
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: game-2048
  namespace: ngrok-ingress-controller
spec:
  replicas: 1
  selector:
    matchLabels:
      app: game-2048
  template:
    metadata:
      labels:
        app: game-2048
    spec:
      containers:
        - name: backend
          image: alexwhen/docker-2048
          ports:
            - name: http
              containerPort: 80

@github-actions github-actions bot added the area/controller Issues dealing with the controller label Apr 29, 2024
OfTheDelmer and others added 6 commits April 29, 2024 15:54
@OfTheDelmer @bobzilladev
feat: extract ngrok traffic policy from annotations
d14d2aa 
Extracts a single traffic policy from the ingress annotation, and fails if
more than one is provided.

Co-authored-by: bobzilla <bob@ngrok.com>
@OfTheDelmer @bobzilladev
feat: hyrdate policy from store/cache
a4b4a0b 
Co-authored-by: bobzilla <bob@ngrok.com>
@OfTheDelmer
fix: calculate ingress traffic policy spec policy
72086b2
@OfTheDelmer
feat: add validation examples
8d74e92
@OfTheDelmer @bobzilladev
feat: use the json.RawMessage over alias
6120593 
Using RawMessage invokes some special casing under the hood that aliasing interferes with
the validation of the object specified to kubebuilder.

Co-authored-by: bobzilla <bob@ngrok.com>
@OfTheDelmer
chore: drop json raw message casts
ed4ba6a
@OfTheDelmer OfTheDelmer force-pushed the del-bob/29099-modules-to-traffic-policy branch from 713a79c to ed4ba6a Compare April 30, 2024 21:58
@github-actions github-actions bot added the area/helm-chart Issues dealing with the helm chart label Apr 30, 2024
@OfTheDelmer OfTheDelmer marked this pull request as ready for review April 30, 2024 22:14
@OfTheDelmer OfTheDelmer requested a review from a team as a code owner April 30, 2024 22:14
bobzilladev
bobzilladev approved these changes May 1, 2024
View reviewed changes
Copy link
Contributor

@bobzilladev bobzilladev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm still, one comment

internal/store/driver.go Outdated Show resolved Hide resolved
@OfTheDelmer
feat: separate policy json logic
de91cbc 
Refactors to remove the interleaved lines regarding policy json into a single method call.
@OfTheDelmer OfTheDelmer merged commit e820323 into main May 1, 2024
7 checks passed
@OfTheDelmer OfTheDelmer deleted the del-bob/29099-modules-to-traffic-policy branch May 1, 2024 22:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bobzilladev bobzilladev bobzilladev approved these changes

@Abdiramen Abdiramen Abdiramen approved these changes

Assignees

@bobzilladev bobzilladev

@OfTheDelmer OfTheDelmer

Labels
area/controller Issues dealing with the controller area/helm-chart Issues dealing with the helm chart
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@OfTheDelmer @bobzilladev @Abdiramen