Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support for wildcard domains #412

Merged
merged 1 commit into from
Aug 22, 2024
Merged

feat: Support for wildcard domains #412

merged 1 commit into from
Aug 22, 2024

Conversation

jonstacks
Copy link
Collaborator

Closes #148

What

Allows for using wildcard domains via the ingress controller.

How

Domain CR naming

The algorithm for creating domains was to aggregate all of the rules.Hosts from ingresses and the listener.hostnames from Gateways. This would give us a list of ngrok Domain CRs to create/update. We currently replace . with - in the domain name to create the Domain CRs. This works fine expect that * are not valid in kubernetes resource names. So we now replace * with wildcard when generating the Domain CR Name. This makes the name now a valid k8s name.

This could cause future problems if you want to reserve the domain wildcard.example.com as the name wouldn't be able to be distinguished from the one generated by *.example.com as they would both generate a Domain CR named wildcard-example-com. We should probably look at generating these names like we do for HTTPSEdge CRs going forward to prevent this future problem, but this is not handled in this PR.

HTTPS Edge Labels

Previously we would add a label to the HTTPSEdge CR with the domain. This causes problems when using wildcards since * is not a valid character for labels. I initially debated about hashing the domain and using that as the label instead. However, we can extract the hostports from the existing edge. For HTTPSEdges generated by the driver, they will only ever have a single domain per HTTPSEdge and will always be listening on port 443. We can use this to compare if the edge in question is the same one as the one we are generating from the Ingress/Gateway configuration. This allows us to get rid of using the domain label or having to implement hashing for it.

Breaking Changes

No, with the caveat that if you could hit the above edge case temporarily if you are using both wildcard.example.com and *.example.com

@jonstacks jonstacks self-assigned this Aug 16, 2024
@jonstacks jonstacks requested a review from a team as a code owner August 16, 2024 18:36
@github-actions github-actions bot added the area/controller Issues dealing with the controller label Aug 16, 2024
@jonstacks jonstacks added this to the controller 0.12.2 milestone Aug 20, 2024
alex-bezek
alex-bezek approved these changes Aug 21, 2024
View reviewed changes
Copy link
Collaborator

@alex-bezek alex-bezek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the potential edge case of the conflicting * vs wildcard do we plan to address that right away, or is it something we should document somewhere for our users and support just incase someone hits it?

@jonstacks
Copy link
Collaborator Author

For the potential edge case of the conflicting * vs wildcard do we plan to address that right away, or is it something we should document somewhere for our users and support just incase someone hits it?

I think it is lower on the priority list. I'll write up an issue for it and link it so it appears in our list of issues.

@jonstacks jonstacks merged commit bdd3627 into ngrok:main Aug 22, 2024
7 checks passed
@jonstacks jonstacks mentioned this pull request Aug 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alex-bezek alex-bezek alex-bezek approved these changes

Assignees

@jonstacks jonstacks

Labels
area/controller Issues dealing with the controller
Projects
None yet
Milestone
controller 0.12.2
Development

Successfully merging this pull request may close these issues.

Wildcard domains
2 participants
@jonstacks @alex-bezek