@@ -3,11 +3,12 @@ package ingress
33import (
44 "context"
55 "encoding/json"
6- ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
7- elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types"
86 "testing"
97 "time"
108
9+ ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
10+ elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types"
11+
1112 awssdk "github.com/aws/aws-sdk-go-v2/aws"
1213 jsonpatch "github.com/evanphx/json-patch"
1314 "github.com/go-logr/logr"
@@ -2140,6 +2141,109 @@ func Test_defaultModelBuilder_Build(t *testing.T) {
21402141 "80:3": null
21412142 }
21422143 }
2144+ }` ,
2145+ },
2146+ {
2147+ name : "Ingress - wafv2AclArn in IngressClassParams" ,
2148+ env : env {
2149+ svcs : []* corev1.Service {ns_1_svc_1 , ns_1_svc_2 , ns_1_svc_3 },
2150+ },
2151+ fields : fields {
2152+ resolveViaDiscoveryCalls : []resolveViaDiscoveryCall {resolveViaDiscoveryCallForInternalLB },
2153+ listLoadBalancersCalls : []listLoadBalancersCall {listLoadBalancerCallForEmptyLB },
2154+ enableBackendSG : true ,
2155+ },
2156+ args : args {
2157+ ingGroup : Group {
2158+ ID : GroupID {Namespace : "ns-1" , Name : "ing-1" },
2159+ Members : []ClassifiedIngress {
2160+ {
2161+ IngClassConfig : ClassConfiguration {
2162+ IngClassParams : & v1beta1.IngressClassParams {
2163+ Spec : v1beta1.IngressClassParamsSpec {
2164+ WAFv2ACLArn : "alb.ingress.kubernetes.io/wafv2-acl-arn: arn:aws:wafv2:us-west-2:xxxxx:regional/webacl/xxxxxxx/3ab78708-85b0-49d3-b4e1-7a9615a6613b" ,
2165+ },
2166+ },
2167+ },
2168+ Ing : & networking.Ingress {ObjectMeta : metav1.ObjectMeta {
2169+ Namespace : "ns-1" ,
2170+ Name : "ing-1" ,
2171+ },
2172+ Spec : networking.IngressSpec {
2173+ Rules : []networking.IngressRule {
2174+ {
2175+ Host : "app-1.example.com" ,
2176+ IngressRuleValue : networking.IngressRuleValue {
2177+ HTTP : & networking.HTTPIngressRuleValue {
2178+ Paths : []networking.HTTPIngressPath {
2179+ {
2180+ Path : "/svc-1" ,
2181+ Backend : networking.IngressBackend {
2182+ Service : & networking.IngressServiceBackend {
2183+ Name : ns_1_svc_1 .Name ,
2184+ Port : networking.ServiceBackendPort {
2185+ Name : "http" ,
2186+ },
2187+ },
2188+ },
2189+ },
2190+ {
2191+ Path : "/svc-2" ,
2192+ Backend : networking.IngressBackend {
2193+ Service : & networking.IngressServiceBackend {
2194+ Name : ns_1_svc_2 .Name ,
2195+ Port : networking.ServiceBackendPort {
2196+ Name : "http" ,
2197+ },
2198+ },
2199+ },
2200+ },
2201+ },
2202+ },
2203+ },
2204+ },
2205+ {
2206+ Host : "app-2.example.com" ,
2207+ IngressRuleValue : networking.IngressRuleValue {
2208+ HTTP : & networking.HTTPIngressRuleValue {
2209+ Paths : []networking.HTTPIngressPath {
2210+ {
2211+ Path : "/svc-3" ,
2212+ Backend : networking.IngressBackend {
2213+ Service : & networking.IngressServiceBackend {
2214+ Name : ns_1_svc_3 .Name ,
2215+ Port : networking.ServiceBackendPort {
2216+ Name : "https" ,
2217+ },
2218+ },
2219+ },
2220+ },
2221+ },
2222+ },
2223+ },
2224+ },
2225+ },
2226+ },
2227+ },
2228+ },
2229+ },
2230+ },
2231+ },
2232+ wantStackPatch : `
2233+ {
2234+ "id":"ns-1/ing-1",
2235+ "resources":{
2236+ "AWS::WAFv2::WebACLAssociation":{
2237+ "LoadBalancer":{
2238+ "spec":{
2239+ "resourceARN":{
2240+ "$ref":"#/resources/AWS::ElasticLoadBalancingV2::LoadBalancer/LoadBalancer/status/loadBalancerARN"
2241+ },
2242+ "webACLARN":"alb.ingress.kubernetes.io/wafv2-acl-arn: arn:aws:wafv2:us-west-2:xxxxx:regional/webacl/xxxxxxx/3ab78708-85b0-49d3-b4e1-7a9615a6613b"
2243+ }
2244+ }
2245+ }
2246+ }
21432247}` ,
21442248 },
21452249 {
0 commit comments