add default-backend-service to crd (Azure#174)

.env.example

@@ -2,5 +2,5 @@
 
 TENANT_ID=<azure_tenant_id>
 SUBSCRIPTION_ID=<azure_subscription id>
-INFRA_NAMES="basic cluster"
+INFRA_NAMES="basic-cluster"
 SERVICE_PRINCIPAL_APP_OBJ_ID=<azure_app_registration_object_id>

api/v1alpha1/nginxingresscontroller_types.go

@@ -56,6 +56,11 @@ type NginxIngressControllerSpec struct {
 	// +optional
 	DefaultSSLCertificate *DefaultSSLCertificate `json:"defaultSSLCertificate,omitempty"`
 
+	// DefaultBackendService defines the service that the NginxIngressController should default to when given HTTP traffic with not matching known server names.
+	// The controller directs traffic to the first port of the service.
+	// +optional
+	DefaultBackendService *NICNamespacedName `json:"defaultBackendService,omitempty"`
+
 	// Scaling defines configuration options for how the Ingress Controller scales
 	// +optional
 	Scaling *Scaling `json:"scaling,omitempty"`
@@ -72,13 +77,13 @@ type DefaultSSLCertificate struct {
 
 	// Secret in the form of a Key Vault URI
 	// +optional
-	KeyVaultURI *string `json:"keyVaultURI"`
+	KeyVaultURI *string `json:"keyVaultURI,omitempty"`
 
 	// ForceSSLRedirect is a flag that sets the global value of redirects to HTTPS if there is a defined DefaultSSLCertificate
 	// +kubebuilder:default:=false
+	ForceSSLRedirect bool `json:"forceSSLRedirect,omitempty"`
 	// forceSSLRedirect is set to false by default and will add the "forceSSLRedirect: false" property even if the user doesn't specify it.
 	// If a user adds both a keyvault uri and secret the property count will be 3 since forceSSLRedirect still automatically gets added thus failing the check.
-	ForceSSLRedirect bool `json:"forceSSLRedirect,omitempty"`
 }
 
 // Secret is a struct that holds a name and namespace to be used in DefaultSSLCertificate
@@ -94,6 +99,19 @@ type Secret struct {
 	Namespace string `json:"namespace"`
 }
 
+// NICNamespacedName is a struct that holds a name and namespace with length checking on the crd for fields other than DefaultSSLCertificate in the spec
+type NICNamespacedName struct {
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=253
+	// +kubebuilder:validation:Pattern=`^[a-z0-9][-a-z0-9\.]*[a-z0-9]$`
+	Name string `json:"name"`
+
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=253
+	// +kubebuilder:validation:Pattern=`^[a-z0-9][-a-z0-9\.]*[a-z0-9]$`
+	Namespace string `json:"namespace"`
+}
+
 // Scaling holds specification for how the Ingress Controller scales
 // +kubebuilder:validation:XValidation:rule="(!has(self.minReplicas)) || (!has(self.maxReplicas)) || (self.minReplicas <= self.maxReplicas)"
 type Scaling struct {

config/crd/bases/approuting.kubernetes.azure.com_nginxingresscontrollers.yaml

@@ -61,6 +61,26 @@ spec:
                 x-kubernetes-validations:
                 - message: Value is immutable
                   rule: self == oldSelf
+              defaultBackendService:
+                description: DefaultBackendService defines the service that the NginxIngressController
+                  should default to when given HTTP traffic with not matching known
+                  server names. The controller directs traffic to the first port of
+                  the service.
+                properties:
+                  name:
+                    maxLength: 253
+                    minLength: 1
+                    pattern: ^[a-z0-9][-a-z0-9\.]*[a-z0-9]$
+                    type: string
+                  namespace:
+                    maxLength: 253
+                    minLength: 1
+                    pattern: ^[a-z0-9][-a-z0-9\.]*[a-z0-9]$
+                    type: string
+                required:
+                - name
+                - namespace
+                type: object
               defaultSSLCertificate:
                 description: DefaultSSLCertificate defines whether the NginxIngressController
                   should use a certain SSL certificate by default. If this field is

docs/e2e.md

@@ -85,7 +85,7 @@ Run e2e with the following steps:
 1. Ensure you've copied the .env.example file to .env and filled in the values
 2. run `make e2e`
 
-You can replace the `INFRA_NAMES` value in the .env file with the name of any infrastructure defined in [/testing/e2e/infra/infras.go](../testing/e2e/infra/infras.go) to test different scenarios. `"basic cluster"` is the default one and is fine for locally running e2e tests for most scenarios.
+You can replace the `INFRA_NAMES` value in the .env file with the name of any infrastructure defined in [/testing/e2e/infra/infras.go](../testing/e2e/infra/infras.go) to test different scenarios. `"basic-cluster"` is the default one and is fine for locally running e2e tests for most scenarios.
 
 If a step fails you have a few options for debugging.
 

pkg/controller/nginxingress/nginx_ingress_controller.go

@@ -577,6 +577,10 @@ func ToNginxIngressConfig(nic *approutingv1alpha1.NginxIngressController, defaul
 		}
 	}
 
+	if nic.Spec.DefaultBackendService != nil && nic.Spec.DefaultBackendService.Name != "" && nic.Spec.DefaultBackendService.Namespace != "" {
+		nginxIng.DefaultBackendService = nic.Spec.DefaultBackendService.Namespace + "/" + nic.Spec.DefaultBackendService.Name
+	}
+
 	return nginxIng
 }
 

pkg/controller/nginxingress/nginx_ingress_controller_test.go

@@ -891,6 +891,8 @@ func TestToNginxIngressConfig(t *testing.T) {
 	FakeDefaultSSLCertNoName := getFakeDefaultSSLCert("", "fakenamespace")
 	FakeDefaultSSLCertNoNamespace := getFakeDefaultSSLCert("fake", "")
 
+	FakeDefaultBackend := approutingv1alpha1.NICNamespacedName{"fakename", "fakenamespace"}
+
 	FakeCertWithForceSSLRedirectTrue := getFakeDefaultSSLCert("fake", "fakenamespace")
 	FakeCertWithForceSSLRedirectTrue.ForceSSLRedirect = true
 
@@ -1304,6 +1306,33 @@ func TestToNginxIngressConfig(t *testing.T) {
 				TargetCPUUtilizationPercentage: steadyTargetCPUUtilization,
 			},
 		},
+		{
+			name: "default controller class with DefaultBackendService",
+			nic: &approutingv1alpha1.NginxIngressController{
+				TypeMeta: metav1.TypeMeta{
+					APIVersion: approutingv1alpha1.GroupVersion.String(),
+					Kind:       "NginxIngressController",
+				},
+				ObjectMeta: metav1.ObjectMeta{
+					Name: DefaultNicName,
+				},
+				Spec: approutingv1alpha1.NginxIngressControllerSpec{
+					ControllerNamePrefix:  DefaultNicResourceName,
+					IngressClassName:      DefaultIcName,
+					DefaultBackendService: &FakeDefaultBackend,
+				},
+			},
+			want: manifests.NginxIngressConfig{
+				ControllerClass:                defaultCc,
+				ResourceName:                   DefaultNicResourceName,
+				IcName:                         DefaultIcName,
+				ServiceConfig:                  &manifests.ServiceConfig{},
+				DefaultBackendService:          FakeDefaultBackend.Namespace + "/" + FakeDefaultBackend.Name,
+				MaxReplicas:                    defaultMaxReplicas,
+				MinReplicas:                    defaultMinReplicas,
+				TargetCPUUtilizationPercentage: balancedTargetCPUUtilization,
+			},
+		},
 	}
 
 	for _, c := range cases {