DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4544 commits 4 branches 217 tags 166 MiB
Commit graph

4544 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sablu Miah
010ec6f159
Remove extra annotation when Enabling ModSecurity 
Since version 0.25, if you try to use both annotations of:

nginx.ingress.kubernetes.io/modsecurity-snippet: |
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
Include /etc/nginx/modsecurity/modsecurity.conf

and 

nginx.ingress.kubernetes.io/enable-modsecurity: "true"

it breaks nginx config and you will not catch it unless you have nginx admission controller enabled. 

You do not need the annotation of `Include /etc/nginx/modsecurity/modsecurity.conf` from version 0.25
 2019-11-28 15:16:09 +00:00
Kubernetes Prow Robot
de12fc16f0
Merge pull request #4791 from bouk/manifest-add-staticport 
deploy: add protocol to all Container/ServicePorts
 2019-11-28 05:05:04 -08:00
Bouke van der Bijl
5b918e2d95 deploy: add protocol to all Container/ServicePorts 
kubectl apply --server-side currently doesn't work with Port specs that
are missing protocol:
https://github.com/kubernetes-sigs/structured-merge-diff/issues/130 so
we should always specify it.
 2019-11-28 12:41:48 +00:00
Kubernetes Prow Robot
d523b4a96e
Merge pull request #4780 from aledbf/openresty-master 
Update nginx image to use openresty master
 2019-11-27 12:33:03 -08:00
Kubernetes Prow Robot
a85d5ed93a
Merge pull request #4779 from aledbf/update-image 
Remove lua-resty-waf feature
 2019-11-27 11:45:05 -08:00
Kubernetes Prow Robot
b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames
6927d9351a Improve safety of AWS-based builds 
Ensure that AWS and Docker credentials don't get
accidentally added
 2019-11-27 11:07:26 +10:00
Will Thames
0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00
Kubernetes Prow Robot
5935ce7df5
Merge pull request #4777 from Miouge1/x-forwarded-prefix-chanegelog 
[docs] Add info about x-forwarded-prefix breaking change
 2019-11-26 15:57:20 -08:00
Kubernetes Prow Robot
95edf02f91
Merge pull request #4700 from TronWallet/fix/nodeport_externalips 
adds hability to use externalIP when controller service is of type NodePort
 2019-11-26 15:33:20 -08:00
Manuel Alejandro de Brito Fontes
61d902db14 Remove Lua resty waf feature 2019-11-26 10:37:43 -03:00
Miouge1
fe7a9986d4 Add info about x-forwarded-prefix breaking change 2019-11-26 10:11:02 +01:00
Kubernetes Prow Robot
9f72cb3aee
Merge pull request #4766 from AndiDog/dev-env-fixes 
dev-env.sh: fix for parsing `minikube status` output of newer versions, fix shellcheck lints
 2019-11-25 11:07:25 -08:00
Andreas Sommer
bb25070f64 Fix for parsing minikube status output of newer versions 
Changed in ca7d378aaa to "Configured" or "Misconfigured"
 2019-11-21 10:25:31 +01:00
Andreas Sommer
885cdb2ac1 Fix shellcheck lints in dev-env.sh 2019-11-21 10:23:19 +01:00
Kubernetes Prow Robot
59a97535e6
Merge pull request #4765 from mrbusche/master 
Fix extra word
 2019-11-20 17:41:28 -08:00
Matt Busche
6b0a6ec8b3 Fix extra word 2019-11-20 19:01:56 -06:00
Kubernetes Prow Robot
e32f60fe38
Merge pull request #4749 from skomma/patch-1 
Update documentation for rate limiting
 2019-11-18 20:31:42 -08:00
Kubernetes Prow Robot
62518b60b4
Merge pull request #4689 from janosi/upstream_ssl 
Server-only authentication of backends and per-location SSL config
 2019-11-18 19:49:43 -08:00
Kubernetes Prow Robot
3ffe85537f
Merge pull request #4747 from FRI-DAY/image-add-opencontainer-source-label 
Docker image: Add source code reference label
 2019-11-18 19:23:41 -08:00
Michael Frister
dea9c405e5 Docker image: Add more opencontainers labels (incl. version) 2019-11-18 10:20:20 +01:00
Kubernetes Prow Robot
d4355b56aa
Merge pull request #4748 from argeas/update-static-ip-docs 
Update documentation for static ip example
 2019-11-14 05:07:35 -08:00
Syunsuke Komma
73aaf0ff28
Update annotations.md 
Add links to proxy-buffering section
 2019-11-13 12:54:42 +09:00
Syunsuke Komma
0b38a48ac9
Update annotations.md 
Add notes of limit-rate/limit-rate-after
 2019-11-13 12:49:59 +09:00
argeas
efc64c85a4 fix ingress name in get example 2019-11-13 02:24:48 +00:00
argeas
f5cf7e5566 set correct apiVersion 2019-11-13 02:23:27 +00:00
Michael Frister
be5349c05a Docker image: Add source code reference label 
This allows tools that automate component updates (in our case Renovate Bot [1])
to automatically find the source repository for the Docker image and extract
release notes from there. Renovate Bot can include the relevant release notes
automatically in a merge request changing the component version.

In [2], Renovate added the label for their own Docker image.

[1] https://github.com/renovatebot/renovate
[2] https://github.com/renovatebot/renovate/pull/3753
 2019-11-12 11:40:37 +01:00
Manuel Alejandro de Brito Fontes
d1eea794e9
Fix broken links in documentation (#4746) 2019-11-08 16:22:52 -03:00
Kubernetes Prow Robot
2771095b8c
Merge pull request #4727 from nothinux/master 
update docs, remove output in prometheus deploy command
 2019-11-08 09:02:14 -08:00
Kubernetes Prow Robot
c1136067ad
Merge pull request #4745 from cmluciano/cml/cmlreviewer 
add cmluciano to owners
 2019-11-08 08:34:16 -08:00
Christopher M. Luciano
0089dd595e
add cmluciano to owners 
cmluciano will be working to implement new v1/v2 API changes in the codebase
and is volunteering for triage and PR reviews.

Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2019-11-08 11:06:23 -05:00
Kubernetes Prow Robot
0d244e1c41
Merge pull request #4730 from stamm/master 
add configuration for http2_max_concurrent_streams
 2019-11-08 07:12:29 -08:00
Kubernetes Prow Robot
a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret 
Removing secure-verify-ca-secret support
 2019-11-08 07:12:21 -08:00
Kubernetes Prow Robot
f808f955ee
Merge pull request #4664 from bryanhanner/master 
warn when ConfigMap is missing or not parsable instead of erroring
 2019-11-08 07:12:14 -08:00
Manuel Alejandro de Brito Fontes
cde0bf308f
Fix generation of sitemap.xml file (#4744) 2019-11-08 11:44:47 -03:00
Manuel Alejandro de Brito Fontes
d8ac82db9c Update nginx image to use openresty master 2019-11-04 15:36:03 -03:00
Rustam Zagirov
d9cfad1894 add configuration for http2_max_concurrent_streams 2019-10-31 15:13:38 +03:00
nothinux
d8c2d38a39 remove output in prometheus deploy command 2019-10-31 10:29:14 +07:00
Laszlo Janosi
cc84bd4ab6 Server level proxy_ssl parameters are applied again, following the comments received. 
Also writing tls.crt and tls.key to disk is according to the original code.
 2019-10-26 20:20:18 +02:00
Kubernetes Prow Robot
43fa61cabd
Merge pull request #4708 from cpanato/add_doc_proxy-max-temp-file-size 
add proxy-max-temp-file-size doc
 2019-10-23 09:50:30 -07:00
Carlos Panato
40e0e5bef8
add proxy-max-temp-file-size doc 2019-10-23 09:55:46 +02:00
Vinicius Niche Correa
b14a6944a7 adds hability to use externalIP 2019-10-21 01:23:27 -03:00
Kubernetes Prow Robot
bd4b62029d
Merge pull request #4694 from panpan0000/add-remote-addr-into-l4-logs 
Enhancement : add remote_addr in TCP access log
 2019-10-20 19:39:37 -07:00
Peter Pan
ee24bf1bbc Doc: Add remote_addr into default values in configmap for TCP logging format 2019-10-21 10:18:17 +08:00
Kubernetes Prow Robot
f2d3454520
Merge pull request #4693 from section-io/feature/adding-docs-about-host-metrics 
Adding some documentation about the use of metrics-per-host and enabl…
 2019-10-18 10:05:59 -07:00
Laszlo Janosi
c76995b81b Fixing comments 2019-10-18 11:36:00 +02:00
Laszlo Janosi
31227d61c2 Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition 2019-10-18 10:58:57 +02:00
Peter Pan
6aa48def3a add remote_addr in layer 4 access log 
original:
[18/Oct/2019:00:47:53 +0000]  TCP 200 4333 81 0.002
new:
[10.6.124.202]  [18/Oct/2019:01:05:15 +0000]  TCP 200 4333  81 0.002
 2019-10-18 09:21:01 +08:00
Matthew Wickman
ad17d71387 Adding some documentation about the use of metrics-per-host and enable-metrics cmd line flags 2019-10-17 17:22:49 -06:00
Laszlo Janosi
37fe9c9876 Enabling per-location proxy-ssl parameters, so locations of the same server but with own unique Ingress definitions can have different SSL configs 2019-10-17 10:15:53 +02:00