diff --git a/cmd/nginx-ingress/main.go b/cmd/nginx-ingress/main.go index df2f968942..45697b747c 100644 --- a/cmd/nginx-ingress/main.go +++ b/cmd/nginx-ingress/main.go @@ -88,6 +88,7 @@ func main() { parsedFlags := os.Args[1:] buildOS := os.Getenv("BUILD_OS") + controllerNamespace := os.Getenv("POD_NAMESPACE") config, kubeClient := mustCreateConfigAndKubeClient(ctx) mustValidateKubernetesVersionInfo(ctx, kubeClient) @@ -146,6 +147,8 @@ func main() { isWildcardEnabled := processWildcardSecret(ctx, kubeClient, nginxManager) + staticSSLPath := nginxManager.GetSecretsDir() + globalConfigurationValidator := createGlobalConfigurationValidator() mustProcessGlobalConfiguration(ctx) @@ -177,7 +180,7 @@ func main() { EnableCertManager: *enableCertManager, DynamicSSLReload: *enableDynamicSSLReload, DynamicWeightChangesReload: *enableDynamicWeightChangesReload, - StaticSSLPath: nginxManager.GetSecretsDir(), + StaticSSLPath: staticSSLPath, NginxVersion: nginxVersion, AppProtectBundlePath: appProtectBundlePath, } @@ -211,8 +214,6 @@ func main() { NginxVersion: nginxVersion, }) - controllerNamespace := os.Getenv("POD_NAMESPACE") - transportServerValidator := cr_validation.NewTransportServerValidator(*enableTLSPassthrough, *enableSnippets, *nginxPlus) virtualServerValidator := cr_validation.NewVirtualServerValidator( cr_validation.IsPlus(*nginxPlus), diff --git a/internal/configs/version1/template_test.go b/internal/configs/version1/template_test.go index 9097611137..5075c754d8 100644 --- a/internal/configs/version1/template_test.go +++ b/internal/configs/version1/template_test.go @@ -12,6 +12,8 @@ import ( "github.com/nginxinc/kubernetes-ingress/internal/nginx" ) +var fakeManager = nginx.NewFakeManager("/etc/nginx") + func TestMain(m *testing.M) { v := m.Run() @@ -2017,6 +2019,7 @@ var ( } mainCfg = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), DefaultHTTPListenerPort: 80, DefaultHTTPSListenerPort: 443, ServerNamesHashMaxSize: "512", @@ -2061,6 +2064,7 @@ var ( } mainCfgR31 = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), DefaultHTTPListenerPort: 80, DefaultHTTPSListenerPort: 443, ServerNamesHashMaxSize: "512", @@ -2090,6 +2094,7 @@ var ( } mainCfgHTTP2On = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), DefaultHTTPListenerPort: 80, DefaultHTTPSListenerPort: 443, HTTP2: true, @@ -2130,6 +2135,7 @@ var ( } mainCfgCustomTLSPassthroughPort = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), ServerNamesHashMaxSize: "512", ServerTokens: "off", WorkerProcesses: "auto", @@ -2157,6 +2163,7 @@ var ( } mainCfgWithoutTLSPassthrough = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), ServerNamesHashMaxSize: "512", ServerTokens: "off", WorkerProcesses: "auto", @@ -2184,6 +2191,7 @@ var ( } mainCfgDefaultTLSPassthroughPort = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), ServerNamesHashMaxSize: "512", ServerTokens: "off", WorkerProcesses: "auto", @@ -2211,6 +2219,7 @@ var ( } mainCfgCustomDefaultHTTPAndHTTPSListenerPorts = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), DefaultHTTPListenerPort: 8083, DefaultHTTPSListenerPort: 8443, ServerNamesHashMaxSize: "512", @@ -2238,6 +2247,7 @@ var ( } mainCfgCustomDefaultHTTPListenerPort = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), DefaultHTTPListenerPort: 8083, DefaultHTTPSListenerPort: 443, ServerNamesHashMaxSize: "512", @@ -2265,6 +2275,7 @@ var ( } mainCfgCustomDefaultHTTPSListenerPort = MainConfig{ + StaticSSLPath: fakeManager.GetSecretsDir(), DefaultHTTPListenerPort: 80, DefaultHTTPSListenerPort: 8443, ServerNamesHashMaxSize: "512",