Use an annotation to provide a route cookie

pecameron · pecameron · commit 351aedc2fe8e · 2017-09-20T13:21:02.000-04:00
Route annotation: router.openshift.io/router.cookie.name can be used to set a cookie name for the route. The cookie must pass regex filter "^[a-zA-Z0-9_-][a-zA-Z0-9_-]*" https://trello.com/c/dZpU26W9 (3) Allow routes to set the cookie names for session stickiness
diff --git a/images/router/haproxy/conf/haproxy-config.template b/images/router/haproxy/conf/haproxy-config.template
@@ -22,6 +22,9 @@
 {{/* cidrListPattern: Match a space separated list of CIDRs; e.g. 192.168.21.23/24 192.10.2.12 */}}
 {{- $cidrListPattern := printf `(?:%s(?: +%s)*)` $cidrPattern $cidrPattern -}}
 
+{{/* cookie name pattern: */}}
+{{- $cookieName := "^[a-zA-Z0-9_-][a-zA-Z0-9_-]*" -}}
+
 {{- $timeSpecRE := "[1-9][0-9]*(us|ms|s|m|h|d)?" }}
 global
   maxconn {{env "ROUTER_MAX_CONNECTIONS" "20000"}}
@@ -377,7 +380,7 @@ backend be_secure:{{$cfgIdx}}
   {{- end }}
 
   {{- if not (isTrue (index $cfg.Annotations "haproxy.router.openshift.io/disable_cookies")) }}
-  cookie {{$cfg.RoutingKeyName}} insert indirect nocache httponly
+  cookie {{firstMatch $cookieName (index $cfg.Annotations "router.openshift.io/route.cookie.name") $cfg.RoutingKeyName}} insert indirect nocache httponly
     {{- if and (matchValues (print $cfg.TLSTermination) "edge" "reencrypt") (ne $cfg.InsecureEdgeTerminationPolicy "Allow") }} secure
     {{- end }}
   {{- end }}{{/* end disable cookies check */}}
