Fix mirror-target values without path separator and port

[ubergesundheit]

What this PR does / why we need it:

Bug report in #9898

Ingress resources with annotation nginx.ingress.kubernetes.io/mirror-target and a value like http://my-host.org:8080$request_uri (note there is no / between the port and the $) cause ingress-nginx pods to crash (Tested with v1.3.1 but relevant code portions did not change since then).

Parsing the url using golangs url.Parse would fail because of a missing / separator. This caused the Host portion of the mirror config to be set to an empty string which then would make the internal nginx instance unhappy. (emergency exit).

This PR changes

• How the host header is extracted from the annotation value
• How the extracted values are being rendered into the nginx template

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• CVE Report (Scanner found CVE and adding report)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation only

How Has This Been Tested?

Tests have been added.

Checklist:

• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I've read the CONTRIBUTION guide
• I have added unit and/or e2e tests to cover my changes.
• All new and existing tests passed.
• Added Release Notes.

Does my pull request need a release note?

Any user-visible or operator-visible change qualifies for a release note. This could be a:

• CLI change
• API change
• UI change
• configuration schema change
• behavioral change
• change in non-functional attributes such as efficiency or availability, availability of a new platform
• a warning about a deprecation
• fix of a previous Known Issue
• fix of a vulnerability (CVE)

No release notes are required for changes to the following:

• Tests
• Build infrastructure
• Fixes for unreleased bugs

For more tips on writing good release notes, check out the Release Notes Handbook

Prevent rendering invalid ngx_http_mirror_module templates

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: ubergesundheit / name: Gerald Pape (41f6f8c, 165a411, 024cead, 526c284)

[k8s-ci-robot]

This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-ci-robot]

Hi @ubergesundheit. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[longwuyuan]

@ubergesundheit from what you describe, it appears to be a bug. If so, I think this should be taken care of asap. Some thoughts below

• but there is no bug report on this. Is it possible to create a issue and link it here. The details are needed for a reader
• there is no step-by-step reproduce steps here that someone can use to copy/paste and reproduce. Or at least your own test showing the kubectl describe ... output of related objects and a curl request generating logs or failing in curl output with -v
• the test seems to have been refactored but this PR is improved with a test from your fork where the same failing request in the issue (To Be Created) passes in your fork's build. You can use make dev-env https://kubernetes.github.io/ingress-nginx/developer-guide/getting-started/#local-build to get a environment with your fix in the controller and run a request against it

[longwuyuan]

Also the tests are failing but that can be addressed once there is relevant data posted here

[ubergesundheit]

Thank you for your comments, I've created bug report #9898 which contains instructions on how to reproduce.

I think sending requests does not make sense in this case because this is about reconciliation of Ingress resources and does not change how requests are handeled by the internal nginx instance.

[longwuyuan]

Thanks for creating the issue as now there is content for readers.

Help out any way you can to reduce the time to be spent by a developer/maintainer to get proof of the problem and the fix. The problem seems straight forward because of the missing slash character. Its just that a clear trail of live object snapshots kubectl describe and curl requests+responses+controller-logs reduce the work to be done by others.

[rikatz]

/approve
/ok-to-test
/kind bug

It seems to be a bug indeed, I was checking this code today! Thanks for catching this.

Please fix the e2e test ASAP, it should pass properly, so take a look if there is a flaw on the logic of the implementation or the test :)

[rikatz]

/hold
Should be merged just after tests passes

[ubergesundheit]

Thank you for approving. Just pushed a commit to fix the test :)

[cpanato]

/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cpanato, rikatz, ubergesundheit

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [cpanato,rikatz]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[rikatz]

/hold cancel
Thank you!