Skip to content

Commit

Permalink
Merge branch 'kubernetes-sigs:main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@shraddhabang
shraddhabang authored Mar 15, 2024
2 parents 25d5a93 + a513f0c commit a55e6c2
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 17 deletions.
4 changes: 3 additions & 1 deletion .github/workflows/deps.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,10 @@ jobs:
uses: actions/checkout@v4
with:
show-progress: false
- name: Setup Go Version
run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV
- id: govulncheck
uses: golang/govulncheck-action@v1
with:
go-version-input: 1.21.5
go-version-input: ${{ env.GO_VERSION }}
go-version-file: go.mod
10 changes: 6 additions & 4 deletions .github/workflows/test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,21 @@ jobs:
name: Build
runs-on: ubuntu-latest
steps:
- name: Setup Go Version
run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV
- name: Set up Go 1.x
uses: actions/setup-go@v2
with:
go-version: ^1.21
go-version: ${{ env.GO_VERSION }}

- name: Check out code into the Go module directory
uses: actions/checkout@v2

- name: Run unit tests
run: |
sudo snap install yq
make test
- name: Codecov
uses: codecov/codecov-action@v1
with:
Expand All @@ -32,4 +34,4 @@ jobs:

- name: make quick-ci
run: |
make quick-ci
make quick-ci
1 change: 1 addition & 0 deletions .go-version
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
1.21.8
6 changes: 5 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ MAKEFILE_PATH = $(dir $(realpath -s $(firstword $(MAKEFILE_LIST))))
# Image URL to use all building/pushing image targets
IMG ?= public.ecr.aws/eks/aws-load-balancer-controller:v2.7.0
# Image URL to use for builder stage in Docker build
BUILD_IMAGE ?= public.ecr.aws/docker/library/golang:1.21.5
GOLANG_VERSION ?= $(shell cat .go-version)
BUILD_IMAGE ?= public.ecr.aws/docker/library/golang:$(GOLANG_VERSION)
# Image URL to use for base layer in Docker build
BASE_IMAGE ?= public.ecr.aws/eks-distro-build-tooling/eks-distro-minimal-base-nonroot:2023-09-06-1694026927.2
IMG_PLATFORM ?= linux/amd64,linux/arm64
Expand All @@ -24,6 +25,9 @@ else
GOBIN=$(shell go env GOBIN)
endif

export GOSUMDB = sum.golang.org
export GOTOOLCHAIN = go$(GOLANG_VERSION)

all: controller

# Run tests
Expand Down
22 changes: 11 additions & 11 deletions pkg/ingress/cert_discovery.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package ingress

import (
"context"
"slices"
"strings"
"sync"
"time"
Expand All @@ -16,6 +15,7 @@ import (
"github.com/pkg/errors"
"k8s.io/apimachinery/pkg/util/cache"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/utils/strings/slices"
"sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services"
)

Expand Down Expand Up @@ -153,18 +153,18 @@ func (d *acmCertDiscovery) loadDomainsForCertificate(ctx context.Context, certAR
certDetail := resp.Certificate

// check if cert is issued from an allowed CA
// otherwise empty-out the list of domains
domains := sets.String{}
if len(d.allowedCAARNs) == 0 || slices.Contains(d.allowedCAARNs, awssdk.StringValue(certDetail.CertificateAuthorityArn)) {
domains := sets.NewString(aws.StringValueSlice(certDetail.SubjectAlternativeNames)...)
switch aws.StringValue(certDetail.Type) {
case acm.CertificateTypeImported:
d.certDomainsCache.Set(certARN, domains, d.importedCertDomainsCacheTTL)
case acm.CertificateTypeAmazonIssued, acm.CertificateTypePrivate:
d.certDomainsCache.Set(certARN, domains, d.privateCertDomainsCacheTTL)
}
return domains, nil
domains = sets.NewString(aws.StringValueSlice(certDetail.SubjectAlternativeNames)...)
}
return sets.String{}, nil

switch aws.StringValue(certDetail.Type) {
case acm.CertificateTypeImported:
d.certDomainsCache.Set(certARN, domains, d.importedCertDomainsCacheTTL)
case acm.CertificateTypeAmazonIssued, acm.CertificateTypePrivate:
d.certDomainsCache.Set(certARN, domains, d.privateCertDomainsCacheTTL)
}
return domains, nil
}

func (d *acmCertDiscovery) domainMatchesHost(domainName string, tlsHost string) bool {
Expand Down

0 comments on commit a55e6c2

Please sign in to comment.