feat: support sni based tls route

[mangoGoForward]

Signed-off-by: mango [email protected]

Type of change:

• [ ] Bugfix
• [x] New feature provided
• [ ] Improve performance
• [ ] Backport patches

What this PR does / why we need it:

Please see #547

Pre-submission checklist:

• [x] Did you explain what problem does this PR solve? Or what new features have been added?
• [x] Have you added corresponding test cases?
• [ ] Have you modified the corresponding document?
• [ ] Is this PR backward compatible? If it is not backward compatible, please discuss on the mailing list first

[codecov-commenter]

Codecov Report

Merging #1051 (dd48936) into master (e51a2c7) will increase coverage by 0.80%. The diff coverage is 66.66%.

@@            Coverage Diff             @@
##           master    #1051      +/-   ##
==========================================
+ Coverage   40.62%   41.42%   +0.80%     
==========================================
  Files          75       82       +7     
  Lines        7006     7234     +228     
==========================================
+ Hits         2846     2997     +151     
- Misses       3847     3891      +44     
- Partials      313      346      +33     

Impacted Files	Coverage Δ
pkg/providers/apisix/translation/apisix_route.go	31.42% <50.00%> (+12.28%)	:arrow_up:
pkg/apisix/stream_route.go	36.42% <100.00%> (ø)
...kg/providers/apisix/translation/apisix_upstream.go	55.26% <0.00%> (-44.74%)	:arrow_down:
pkg/apisix/resource.go	56.79% <0.00%> (-6.23%)	:arrow_down:
pkg/providers/utils/manifest.go	42.79% <0.00%> (-2.83%)	:arrow_down:
pkg/config/config.go	64.13% <0.00%> (-2.22%)	:arrow_down:
pkg/apisix/nonexistentclient.go	41.20% <0.00%> (-2.07%)	:arrow_down:
pkg/apisix/ssl.go	35.91% <0.00%> (-0.45%)	:arrow_down:
pkg/apisix/consumer.go	36.30% <0.00%> (-0.44%)	:arrow_down:
pkg/apisix/global_rule.go	36.05% <0.00%> (-0.44%)	:arrow_down:
... and 33 more

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

[tokers]

@mangoGoForward Please make the CI pass, thanks! See https://github.com/apache/apisix-ingress-controller/runs/6623221714?check_suite_focus=true.

[mangoGoForward]

@mangoGoForward Please make the CI pass, thanks! See https://github.com/apache/apisix-ingress-controller/runs/6623221714?check_suite_focus=true.

I got some connection refused errors, this feature seems wouldn't effect the CI?

[mangoGoForward]

Please also add some e2e test cases to cover the SNI route feature.

Thanks, I will do.

[mangoGoForward]

Hi @tokers How can I generate a crd? The Makefile seems has no related command.

[tao12345666333]

n I generate a crd? Th

@mangoGoForward Unfortunately, current CRDs are manually maintained. We have https://github.com/apache/apisix-ingress-controller/issues/515 to track it.

[tao12345666333]

Please merge master latest code, and resolve conflicts. Thanks

[mangoGoForward]

Please merge master latest code, and resolve conflicts. Thanks

OK. I will solve it later.

[tokers]

@mangoGoForward Please make the CI passed, it has some failures. Thanks!

[mangoGoForward]

@mangoGoForward Please make the CI passed, it has some failures. Thanks!

OK, I haven't found the the target of this error, it may takes a while to resolve.

[tao12345666333]

@mangoGoForward hi, thanks for your contribution, we plan to enter v1.5 release window.

I have a few suggestions for this PR

• I would like to put this PR into v1.6
• Currently we have unified all resources to the v2 version of the API, I recommend implementing this feature only for the v2 version of ApisixRoute. Because when the v1.5 version is released, we will mark the v2beta3 version as deprecated. You can check #707 for more detail

[tao12345666333]

Hi, do you have time to pick up this one? Thanks

[mangoGoForward]

Hi, do you have time to pick up this one? Thanks

Yes, the file conflicts solved

[tao12345666333]

@mangoGoForward Thanks for your active contribution! As I said, we can implement this feature into the v2 API version.

@mangoGoForward hi, thanks for your contribution, we plan to enter v1.5 release window.

I have a few suggestions for this PR

• I would like to put this PR into v1.6
• Currently we have unified all resources to the v2 version of the API, I recommend implementing this feature only for the v2 version of ApisixRoute. Because when the v1.5 version is released, we will mark the v2beta3 version as deprecated. You can check proposal: use a uniform CRD APIVersion #707 for more detail

[tao12345666333]

LGTM !

could you please add e2e test cases to covet this one? thanks!

[mangoGoForward]

LGTM !

could you please add e2e test cases to covet this one? thanks!

Sure, but have no time to deal with it recently, I will improve it as soon as possible

[tao12345666333]

Now that we're in the v1.6 development cycle, do you have time to add e2e test cases to covet this one? Thanks!

[mangoGoForward]

Now that we're in the v1.6 development cycle, do you have time to add e2e test cases to covet this one? Thanks!

Sorry reply to late, will be completed this week

[tao12345666333]

Thanks! @mangoGoForward

[tao12345666333]

But we can do it in a follow-up PR #1438 @mangoGoForward

[mangoGoForward]

LGTM

But I think a more complete case can be added in e2e. Create a certificate pair and use it for proxying.

Thanks, it absolutely need more test cases to cover it. I need to study how the TLS route with SNI works and how to test it, I am so poor about knowledge in this area.

[tao12345666333]

Don't worry, you can continue if you are interested. Otherwise see if others are interested.