Support HostSNIRegexp in GatewayAPI TLS routes

2022-12-12 12:30:05 -03:00 · 2022-12-12 12:30:05 -03:00 · a08a428787
commit a08a428787
parent 3eeea2bb2b
3 changed files with 45 additions and 24 deletions
--- a/pkg/provider/kubernetes/gateway/kubernetes_test.go
+++ b/pkg/provider/kubernetes/gateway/kubernetes_test.go
@ -3076,10 +3076,10 @@ func TestLoadTLSRoutes(t *testing.T) {
 				},
 				TCP: &dynamic.TCPConfiguration{
 					Routers: map[string]*dynamic.TCPRouter{
-						"default-tls-app-1-my-gateway-tls-dfc5c7506ac1b172c8b7": {
+						"default-tls-app-1-my-gateway-tls-d5342d75658583f03593": {
 							EntryPoints: []string{"tls"},
-							Service:     "default-tls-app-1-my-gateway-tls-dfc5c7506ac1b172c8b7-wrr-0",
-							Rule:        "(HostSNI(`foo.example.com`) || HostSNI(`bar.example.com`))",
+							Service:     "default-tls-app-1-my-gateway-tls-d5342d75658583f03593-wrr-0",
+							Rule:        "HostSNI(`foo.example.com`) || HostSNI(`bar.example.com`)",
 							TLS: &dynamic.RouterTCPTLSConfig{
 								Passthrough: true,
 							},
@ -3087,7 +3087,7 @@ func TestLoadTLSRoutes(t *testing.T) {
 					},
 					Middlewares: map[string]*dynamic.TCPMiddleware{},
 					Services: map[string]*dynamic.TCPService{
-						"default-tls-app-1-my-gateway-tls-dfc5c7506ac1b172c8b7-wrr-0": {
+						"default-tls-app-1-my-gateway-tls-d5342d75658583f03593-wrr-0": {
 							Weighted: &dynamic.TCPWeightedRoundRobin{
 								Services: []dynamic.TCPWRRService{
 									{
@ -4780,6 +4780,11 @@ func Test_hostSNIRule(t *testing.T) {
 			hostnames:   []v1alpha2.Hostname{"*"},
 			expectError: true,
 		},
+		{
+			desc:         "Supported wildcard",
+			hostnames:    []v1alpha2.Hostname{"*.foo"},
+			expectedRule: "HostSNIRegexp(`^[a-zA-Z0-9-]+\\.foo$`)",
+		},
 		{
 			desc:        "Multiple malformed wildcard",
 			hostnames:   []v1alpha2.Hostname{"*.foo.*"},
@ -4788,7 +4793,7 @@ func Test_hostSNIRule(t *testing.T) {
 		{
 			desc:         "Some empty hostnames",
 			hostnames:    []v1alpha2.Hostname{"foo", "", "bar"},
-			expectedRule: "(HostSNI(`foo`) || HostSNI(`bar`))",
+			expectedRule: "HostSNI(`foo`) || HostSNI(`bar`)",
 		},
 		{
 			desc:         "Valid hostname",
@ -4798,12 +4803,17 @@ func Test_hostSNIRule(t *testing.T) {
 		{
 			desc:         "Multiple valid hostnames",
 			hostnames:    []v1alpha2.Hostname{"foo", "bar"},
-			expectedRule: "(HostSNI(`foo`) || HostSNI(`bar`))",
+			expectedRule: "HostSNI(`foo`) || HostSNI(`bar`)",
+		},
+		{
+			desc:         "Multiple valid hostnames with wildcard",
+			hostnames:    []v1alpha2.Hostname{"bar.foo", "foo.foo", "*.foo"},
+			expectedRule: "HostSNI(`bar.foo`) || HostSNI(`foo.foo`) || HostSNIRegexp(`^[a-zA-Z0-9-]+\\.foo$`)",
 		},
 		{
 			desc:         "Multiple overlapping hostnames",
 			hostnames:    []v1alpha2.Hostname{"foo", "bar", "foo", "baz"},
-			expectedRule: "(HostSNI(`foo`) || HostSNI(`bar`) || HostSNI(`baz`))",
+			expectedRule: "HostSNI(`foo`) || HostSNI(`bar`) || HostSNI(`baz`)",
 		},
 	}