DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge 8998f31a3b into 86889532aa

Browse source
This commit is contained in:
vdavidoff 2018-01-29 02:23:49 +00:00 committed by GitHub
commit b62ea01d69
5 changed files with 66 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
internal/ingress/controller/config/config.go
View file

@ -546,6 +546,7 @@ func NewDefault() Configuration {
CustomHTTPErrors: []int{}, CustomHTTPErrors: []int{},
WhitelistSourceRange: []string{}, WhitelistSourceRange: []string{},
SkipAccessLogURLs: []string{}, SkipAccessLogURLs: []string{},
SkipAccessLogHTTPStatuses: []string{},
LimitRate: 0, LimitRate: 0,
LimitRateAfter: 0, LimitRateAfter: 0,
}, },

7
internal/ingress/controller/template/configmap.go
View file

@ -34,6 +34,7 @@ import (
const ( const (
customHTTPErrors = "custom-http-errors" customHTTPErrors = "custom-http-errors"
skipAccessLogUrls = "skip-access-log-urls" skipAccessLogUrls = "skip-access-log-urls"
skipAccessLogHTTPStatuses = "skip-access-log-http-statuses"
whitelistSourceRange = "whitelist-source-range" whitelistSourceRange = "whitelist-source-range"
proxyRealIPCIDR = "proxy-real-ip-cidr" proxyRealIPCIDR = "proxy-real-ip-cidr"
bindAddress = "bind-address" bindAddress = "bind-address"
@ -56,6 +57,7 @@ func ReadConfig(src map[string]string) config.Configuration {
errors := make([]int, 0) errors := make([]int, 0)
skipUrls := make([]string, 0) skipUrls := make([]string, 0)
skipHTTPStatuses := make([]string, 0)
whitelist := make([]string, 0) whitelist := make([]string, 0)
proxylist := make([]string, 0) proxylist := make([]string, 0)
hideHeaderslist := make([]string, 0) hideHeaderslist := make([]string, 0)
@ -83,6 +85,10 @@ func ReadConfig(src map[string]string) config.Configuration {
delete(conf, skipAccessLogUrls) delete(conf, skipAccessLogUrls)
skipUrls = strings.Split(val, ",") skipUrls = strings.Split(val, ",")
} }
if val, ok := conf[skipAccessLogHTTPStatuses]; ok {
delete(conf, skipAccessLogHTTPStatuses)
skipHTTPStatuses = strings.Split(val, ",")
}
if val, ok := conf[whitelistSourceRange]; ok { if val, ok := conf[whitelistSourceRange]; ok {
delete(conf, whitelistSourceRange) delete(conf, whitelistSourceRange)
whitelist = append(whitelist, strings.Split(val, ",")...) whitelist = append(whitelist, strings.Split(val, ",")...)
@ -137,6 +143,7 @@ func ReadConfig(src map[string]string) config.Configuration {
to := config.NewDefault() to := config.NewDefault()
to.CustomHTTPErrors = filterErrors(errors) to.CustomHTTPErrors = filterErrors(errors)
to.SkipAccessLogURLs = skipUrls to.SkipAccessLogURLs = skipUrls
to.SkipAccessLogHTTPStatuses = skipHTTPStatuses
to.WhitelistSourceRange = whitelist to.WhitelistSourceRange = whitelist
to.ProxyRealIPCIDR = proxylist to.ProxyRealIPCIDR = proxylist
to.BindAddressIpv4 = bindAddressIpv4List to.BindAddressIpv4 = bindAddressIpv4List

2
internal/ingress/controller/template/configmap_test.go
View file

@ -37,6 +37,7 @@ func TestMergeConfigMapToStruct(t *testing.T) {
"proxy-read-timeout": "1", "proxy-read-timeout": "1",
"proxy-send-timeout": "2", "proxy-send-timeout": "2",
"skip-access-log-urls": "/log,/demo,/test", "skip-access-log-urls": "/log,/demo,/test",
"skip-access-log-http-statuses": "^[23],204,302,^201",
"use-proxy-protocol": "true", "use-proxy-protocol": "true",
"disable-access-log": "true", "disable-access-log": "true",
"access-log-path": "/var/log/test/access.log", "access-log-path": "/var/log/test/access.log",
@ -54,6 +55,7 @@ func TestMergeConfigMapToStruct(t *testing.T) {
def.AccessLogPath = "/var/log/test/access.log" def.AccessLogPath = "/var/log/test/access.log"
def.ErrorLogPath = "/var/log/test/error.log" def.ErrorLogPath = "/var/log/test/error.log"
def.SkipAccessLogURLs = []string{"/log", "/demo", "/test"} def.SkipAccessLogURLs = []string{"/log", "/demo", "/test"}
def.SkipAccessLogHTTPStatuses = []string{"^[23]", "204", "302", "^201"}
def.ProxyReadTimeout = 1 def.ProxyReadTimeout = 1
def.ProxySendTimeout = 2 def.ProxySendTimeout = 2
def.EnableDynamicTLSRecords = false def.EnableDynamicTLSRecords = false

6
internal/ingress/defaults/main.go
View file

@ -95,6 +95,12 @@ type Backend struct {
// By default this list is empty // By default this list is empty
SkipAccessLogURLs []string `json:"skip-access-log-urls,-"` SkipAccessLogURLs []string `json:"skip-access-log-urls,-"`
// SkipAccessLogHTTPStatuses sets a list of HTTP statuses that should not appear in the NGINX access log
// The status strings provided are interpreted by an NGINX map as regex
// This is useful with statuses like 2xx and 3xx that make "complex" reading the logs
// By default this list is empty
SkipAccessLogHTTPStatuses []string `json:"skip-access-log-http-statuses,-"`
// Enables or disables the redirect (301) to the HTTPS port // Enables or disables the redirect (301) to the HTTPS port
SSLRedirect bool `json:"ssl-redirect"` SSLRedirect bool `json:"ssl-redirect"`

13
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -157,9 +157,20 @@ http {
{{/* map urls that should not appear in access.log */}} {{/* map urls that should not appear in access.log */}}
{{/* http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log */}} {{/* http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log */}}
map $request_uri $loggable { map $request_uri $loggable_request_url {
{{ range $reqUri := $cfg.SkipAccessLogURLs }} {{ range $reqUri := $cfg.SkipAccessLogURLs }}
{{ $reqUri }} 0;{{ end }} {{ $reqUri }} 0;{{ end }}
}
{{/* map HTTP statuses that should not appear in access.log */}}
{{/* http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log */}}
map $status $loggable_http_status {
{{ range $reqHTTPStatus := $cfg.SkipAccessLogHTTPStatuses }}
~{{ $reqHTTPStatus }} 0;{{ end }}
}
map "${loggable_request_url}${loggable_http_status}" $loggable {
~0 0;
default 1; default 1;
} }