DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Deprecate existing annotation

Browse source
This commit is contained in:
Julio Camarero 2024-12-06 10:57:17 +01:00
parent b112acdbb9
commit 76624fcbb1
No known key found for this signature in database
GPG key ID: 13D4414ED5D08C25
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
internal/ingress/annotations/proxyssl/main.go
View file

@ -45,7 +45,7 @@ var (
) )
const ( const (
proxySSLSecretAnnotation = "proxy-ssl-secret" proxySSLSecretAnnotation = "proxy-ssl-secret" // DEPRECATED Use proxy-ssl-client-secret and proxy-ssl-ca-configmap instead
proxySSLClientSecretAnnotation = "proxy-ssl-client-secret" // #nosec proxySSLClientSecretAnnotation = "proxy-ssl-client-secret" // #nosec
proxySSLCAConfigMapAnnotation = "proxy-ssl-ca-configmap" proxySSLCAConfigMapAnnotation = "proxy-ssl-ca-configmap"
proxySSLCiphersAnnotation = "proxy-ssl-ciphers" proxySSLCiphersAnnotation = "proxy-ssl-ciphers"
@ -63,7 +63,8 @@ var proxySSLAnnotation = parser.Annotation{
Validator: parser.ValidateRegex(parser.BasicCharsRegex, true), Validator: parser.ValidateRegex(parser.BasicCharsRegex, true),
Scope: parser.AnnotationScopeIngress, Scope: parser.AnnotationScopeIngress,
Risk: parser.AnnotationRiskMedium, Risk: parser.AnnotationRiskMedium,
Documentation: `This annotation specifies a Secret with the certificate tls.crt, key tls.key in PEM format used for authentication to a proxied HTTPS server. Documentation: `(DEPRECATED: Use proxy-ssl-client-secret and proxy-ssl-ca-configmap instead)
This annotation specifies a Secret with the certificate tls.crt, key tls.key in PEM format used for authentication to a proxied HTTPS server.
It should also contain trusted CA certificates ca.crt in PEM format used to verify the certificate of the proxied HTTPS server. It should also contain trusted CA certificates ca.crt in PEM format used to verify the certificate of the proxied HTTPS server.
This annotation expects the Secret name in the form "namespace/secretName" This annotation expects the Secret name in the form "namespace/secretName"
Just secrets on the same namespace of the ingress can be used.`, Just secrets on the same namespace of the ingress can be used.`,