DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4294 commits 4 branches 217 tags 166 MiB
Commit graph

465 commits

Author SHA1 Message Date
Pierrick Charron
f459515d0d Add quote function in template 
Co-authored-by: Charle Demers <charle.demers@gmail.com>
 2019-08-09 15:47:29 -04:00
Manuel Alejandro de Brito Fontes
4a9b02bc03
Remove dynamic TLS records 2019-08-08 15:52:56 -04:00
Kubernetes Prow Robot
f4678764f5
Merge pull request #4416 from aledbf/diff 
Remove invalid log "Failed to executing diff command: exit status 1"
 2019-08-08 11:31:20 -07:00
Manuel Alejandro de Brito Fontes
171da635ef
Remove invalid log "Failed to executing diff command: exit status 1" 2019-08-08 12:53:23 -04:00
tals
a2e667c082 lua shared dict from cm 
lua shared dict teml test and update func sign

lua shared dict cm test

lua shared dict integration test

lua shared dict add cm parsing

lua shared dict change test header
 2019-08-08 12:44:11 +03:00
Charle Demers
72271e9313
FastCGI backend support (#2982) 
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
 2019-07-31 10:39:21 -04:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
Manuel Alejandro de Brito Fontes
d5c7fa8cfb
Fix scripts to be able to run tests in docker 2019-07-17 11:06:53 -04:00
Kubernetes Prow Robot
fe6c086580
Merge pull request #4288 from eshicks4/proxy-http-version-annotation 
added proxy-http-version annotation to override the HTTP/1.1 default …
 2019-07-11 11:43:07 -07:00
Manuel Alejandro de Brito Fontes
3d7a09347d
Apply fixes suggested by staticcheck 2019-07-08 16:18:52 -04:00
E. Stuart Hicks
3b0c523e49 added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends 2019-07-08 14:32:00 -04:00
Kubernetes Prow Robot
7c297e001a
Merge pull request #4246 from ElvinEfendi/proxy-alternative-upstream-name 
introduce proxy_alternative_upstream_name Nginx var
 2019-07-04 19:20:35 -07:00
Elvin Efendi
8b208cac93 introduce proxy_alternative_upstream_name Nginx var to differentiate canary requests 2019-07-04 19:43:20 -04:00
Manuel Alejandro de Brito Fontes
8807db9748
Check and complete intermediate SSL certificates 2019-07-04 19:13:21 -04:00
Manuel Alejandro de Brito Fontes
ccd88f625c
Refactor metric prometheus leader helper 2019-06-29 17:44:53 -04:00
Manuel Alejandro de Brito Fontes
ddffa2a173
Enable arm again 2019-06-26 23:00:58 -04:00
Kubernetes Prow Robot
ecce3fd7b1
Merge pull request #4180 from aledbf/externalname 
Service type=ExternalName can be defined with ports
 2019-06-25 13:47:15 -07:00
Manuel Alejandro de Brito Fontes
8ca5c1cba9
Do not send empty certificates to nginx 2019-06-25 08:15:28 -04:00
Manuel Alejandro de Brito Fontes
85a848faaf
Fix misspelled and e2e check 2019-06-24 23:47:22 -04:00
Manuel Alejandro de Brito Fontes
991f95f6bf
Migrate to openresty 2019-06-23 22:29:11 -04:00
Manuel Alejandro de Brito Fontes
0ac850cba4
Service type=ExternalName can be defined with ports 2019-06-18 17:17:43 -04:00
Kubernetes Prow Robot
6f1261015b
Merge pull request #4127 from aledbf/migration 
Migrate to new networking.k8s.io/v1beta1 package
 2019-06-13 09:28:19 -07:00
Kubernetes Prow Robot
ec674aa22d
Merge pull request #4185 from Colstuwjx/fix/missing-healthcheck-timeout 
Fix: fillout missing health check timeout on health check.
 2019-06-13 08:38:20 -07:00
Manuel Alejandro de Brito Fontes
84102eec2b
Migrate to new networking.k8s.io/v1beta1 package 2019-06-13 11:32:39 -04:00
Colstuwjx
b28577a4bf Fix: fillout missing health check timeout on health check. 2019-06-13 21:15:50 +08:00
tals
a9a73c6ed6 increase lua_shared_dict config data 2019-06-12 18:42:47 +03:00
Sebastiaan Tammer
c11583dc5f Only load modsecurity_module when ModSec is active 2019-06-11 16:39:52 +02:00
Kubernetes Prow Robot
e76418cd99
Merge pull request #4162 from stramel/patch-1 
Add "text/javascript" to compressible MIME types
 2019-06-06 11:35:34 -07:00
Michael Stramel
686f2310e4 Add "text/javascript" to compressible MIME types 
Based on the HTML Standard, https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages, servers _should_ use `text/javascript`.
 2019-06-06 13:11:56 -05:00
Elvin Efendi
c4ced9d694 fix source file mods 2019-06-06 10:47:08 -04:00
Kubernetes Prow Robot
286ff13af2
Merge pull request #4048 from fedunineyu/change-upstream-on-error-with-sticky-session 
Change upstream on error when sticky session balancer is used
 2019-06-06 07:22:17 -07:00
Manuel Alejandro de Brito Fontes
29489097c9
SSL expiration metrics cannot be tied to dynamic updates 2019-06-05 11:04:27 -04:00
Manuel Alejandro de Brito Fontes
14a394fc9e
Update nginx (#4150) 
* Update nginx image
* Fix IPV6 test issues in Prow
 2019-06-04 12:15:03 -04:00
Eugene Fedunin
254629cf16 Added support for annotation session-cookie-change-on-failure 
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.

Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
 2019-05-27 13:00:07 +03:00
Kubernetes Prow Robot
c7df848662
Merge pull request #4109 from aledbf/use-real-server 
Use real apiserver
 2019-05-26 04:47:50 -07:00
Manuel Alejandro de Brito Fontes
0baf75cd17
Add retry to LookupHost used to check the content of ExternalName 2019-05-23 05:07:25 -04:00
Manuel Alejandro de Brito Fontes
c639f490b1
Use a real apiserver to test the store 2019-05-23 04:58:14 -04:00
Kubernetes Prow Robot
3e3e29b78f
Merge pull request #4102 from aledbf/listingresses 
Refactor ListIngresses to add filters
 2019-05-22 06:48:14 -07:00
Manuel Alejandro de Brito Fontes
bae49a4657
Refactor ListIngresses to add filters 2019-05-22 05:37:44 -04:00
reynaldi.wijaya
31ffad8fa1 UPT: Add variable to define custom sampler host and port, add commituser 2019-05-21 12:34:38 +08:00
okryvoshapka-connyun
4811168d2a Fixed typos 2019-05-06 09:04:12 +02:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Thibault Jamet
1cd17cd12c
Implement a validation webhook 
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.

In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.

Related changes:

- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
 2019-04-18 19:07:04 +02:00
Kubernetes Prow Robot
34734edc6e
Merge pull request #4005 from Shopify/proxy-next-upstream-timeout 
Support proxy_next_upstream_timeout
 2019-04-15 09:10:09 -07:00
Alex Kursell
ffeb1fe348 Support proxy_next_upstream_timeout 2019-04-15 11:08:57 -04:00
Elvin Efendi
13a7e2c5d0 refactor GetFakeSSLCert 2019-04-14 09:35:48 -04:00
Kubernetes Prow Robot
4c37e0e4b7
Merge pull request #4004 from Shopify/no-valgrind 
Remove valgrind
 2019-04-13 20:48:01 -07:00
Elvin Efendi
b1a6aa2973 make sure unit test create fakecertificate 2019-04-13 16:35:52 -04:00
Elvin Efendi
417af76e97 properly handle default and custom default certs in dynamic ssl mode 2019-04-13 12:32:06 -04:00