CUSTESC-23757: Fix a bug where a wildcard ingress rule would match an host without starting with a dot

ingress/ingress.go

@@ -58,7 +58,7 @@ func matchHost(ruleHost, reqHost string) bool {
 
 	// Validate hostnames that use wildcards at the start
 	if strings.HasPrefix(ruleHost, "*.") {
-		toMatch := strings.TrimPrefix(ruleHost, "*.")
+		toMatch := strings.TrimPrefix(ruleHost, "*")
 		return strings.HasSuffix(reqHost, toMatch)
 	}
 	return false

ingress/rule_test.go

@@ -148,6 +148,16 @@ func Test_rule_matches(t *testing.T) {
 			},
 			want: true,
 		},
+		{
+			name: "Hostname with wildcard should not match if no dot present",
+			rule: Rule{
+				Hostname: "*.api.abc.cloud",
+			},
+			args: args{
+				requestURL: MustParseURL(t, "https://testing-api.abc.cloud"),
+			},
+			want: false,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {