trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Only create k8s TLS Ingress config if secretName is set

Browse source
This commit is contained in:
Philipp Kolberg 2023-10-16 18:32:47 +02:00
parent 996dfd649c
commit 90cbae6d29
No known key found for this signature in database
GPG key ID: 4C58CB0448FF9061
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
authentik/providers/proxy/controllers/k8s/ingress.py
View file

@ -55,7 +55,10 @@ class IngressReconciler(KubernetesObjectReconciler[V1Ingress]):
proxy_provider: ProxyProvider
external_host_name = urlparse(proxy_provider.external_host)
expected_hosts.append(external_host_name.hostname)
if external_host_name.scheme == "https":
if (
external_host_name.scheme == "https"
and self.controller.outpost.config.kubernetes_ingress_secret_name
):
expected_hosts_tls.append(external_host_name.hostname)
expected_hosts.sort()
expected_hosts_tls.sort()
@ -115,7 +118,10 @@ class IngressReconciler(KubernetesObjectReconciler[V1Ingress]):
):
proxy_provider: ProxyProvider
external_host_name = urlparse(proxy_provider.external_host)
if external_host_name.scheme == "https":
if (
external_host_name.scheme == "https"
and self.controller.outpost.config.kubernetes_ingress_secret_name
):
tls_hosts.append(external_host_name.hostname)
if proxy_provider.mode in [
ProxyMode.FORWARD_SINGLE,