DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3803 commits 4 branches 217 tags 166 MiB
Commit graph

444 commits

Author SHA1 Message Date
k8s-ci-robot
82721e575d
Merge pull request #3372 from Shopify/session-cookie-path 
Add annotation for session affinity path
 2018-11-19 07:25:32 -08:00
Zenara Daley
50b29feb4a Add annotation for session affinity path 2018-11-19 09:15:24 -05:00
k8s-ci-robot
bf7ad0daca
Merge pull request #3374 from aledbf/restore-tcp-udp 
Revert removal of support for TCP and UDP services
 2018-11-18 08:33:29 -08:00
Manuel Alejandro de Brito Fontes
af2dce901d
Fix tests 2018-11-18 08:17:18 -03:00
Manuel Alejandro de Brito Fontes
654eceda46
Add tcp e2e test 2018-11-16 21:07:52 -03:00
Manuel Alejandro de Brito Fontes
168f30d1ec Revert removal of support for TCP and UDP services 2018-11-16 13:48:47 -03:00
Fernando Diaz
95b3042b6e Add a Snippet for ModSecurity 
Allows for the configuration of Mod Security rules via
a Snippet.
 2018-11-14 23:31:27 -06:00
Conor Landry
ec28539e43 bugfix: do not merge catch-all canary backends with itself 2018-11-13 13:20:15 -05:00
k8s-ci-robot
a22c656f30
Merge pull request #3409 from Shopify/client-max-body-size 
Convert isValidClientBodyBufferSize to something more generic
 2018-11-13 08:36:06 -08:00
Maxime Ginters
0f3e2b9bf0 Convert isValidClientBodyBufferSize to something more generic and use it for client_max_body_size 2018-11-13 10:11:40 -05:00
mikeweiwei
2850fb538a fix logging calls 2018-11-13 16:02:27 +08:00
Elvin Efendi
5f3b48e16d breaking change: do not trust x-forwarded-* headers by default 2018-11-13 10:35:59 +04:00
k8s-ci-robot
950a2f9174
Merge pull request #3387 from xichengliudui/fix181109 
Modify the wrong function name
 2018-11-09 06:14:55 -08:00
xichengliudui
d2b1d37ee3 Modify the wrong function name 2018-11-08 15:17:40 -05:00
mooncake
b3d789edca Fix typos: reqrite -> rewrite 
Signed-off-by: mooncake <xcoder@tenxcloud.com>
 2018-11-09 00:54:51 +08:00
k8s-ci-robot
d97999c07d
Merge pull request #3309 from diazjf/modsecurity-location 
Customize ModSecurity to be used in Locations
 2018-11-07 09:29:01 -08:00
SataQiu
76aae20b64 fix the typos 2018-11-07 17:53:17 +08:00
Fernando Diaz
5195600841 Allows ModSecurity to be configured per location 
The following annotations will be added:

- enable-modsecurity
- enable-owasp-core-rules
- modsecurity-transaction-id

Fixes #3167
 2018-11-06 22:24:31 -06:00
k8s-ci-robot
17cad51e47
Merge pull request #3341 from Shopify/canary_upstream 
Add canary annotation and alternative backends for traffic shaping
 2018-11-06 12:22:16 -08:00
Conor Landry
412cd70d3a implement canary annotation and alternative backends 
Adds the ability to create alternative backends. Alternative backends enable
traffic shaping by sharing a single location but routing to different
backends depending on the TrafficShapingPolicy defined by AlternativeBackends.

When the list of upstreams and servers are retrieved, we then call
mergeAlternativeBackends which iterates through the paths of every ingress
and checks if the backend supporting the path is a AlternativeBackend. If
so, we then iterate through the map of servers and find the real backend
that the AlternativeBackend should fall under. Once found, the
AlternativeBackend is embedded in the list of VirtualBackends for the real
backend.

If no matching real backend for a AlternativeBackend is found, then the
AlternativeBackend is deleted as it cannot be backed by any server.
 2018-11-06 13:13:14 -05:00
k8s-ci-robot
265f96bf14
Merge pull request #3344 from ecosia/jg-customerrors-per-ingress 
Adds CustomHTTPErrors ingress annotation and test
 2018-11-06 09:21:49 -08:00
jasongwartz
0ebf0354cb Adds CustomHTTPErrors ingress annotation and test 
Adds per-server/location error-catch functionality to nginx template

Adds documentation

Reduces template duplication with helper function for CUSTOM_ERRORS data

Updates documentation

Adds e2e test for customerrors

Removes AllCustomHTTPErrors, replaces with template function with deduplication and adds e2e test of deduplication

Fixes copy-paste error in test, adds additional test cases

Reverts noop change in controller.go (unused now)
 2018-11-06 16:47:52 +01:00
k8s-ci-robot
08d5ffabbf
Merge pull request #3367 from aledbf/503-restart 
Remove reloads when there is no endpoints
 2018-11-06 06:39:04 -08:00
k8s-ci-robot
d53b492d73
Merge pull request #3343 from abaruni/auth-snippet 
Auth snippet
 2018-11-06 04:37:34 -08:00
Manuel Alejandro de Brito Fontes
3838145a8c
Remove reloads when there is no endpoints 2018-11-06 09:26:04 -03:00
k8s-ci-robot
ecf605bf60
Merge pull request #3369 from SataQiu/fix-20181106 
Fix some typos
 2018-11-06 04:02:10 -08:00
k8s-ci-robot
c19f7eb1df
Merge pull request #3370 from xichengliudui/fix181106 
Fix typo: whitlelist -> whitelist
 2018-11-06 04:00:49 -08:00
xichengliudui
a13ea30e6d Fix typo: whitlelist -> whitelist 2018-11-06 04:59:03 -05:00
SataQiu
76b5a7b45e fix typos 2018-11-06 15:58:56 +08:00
Adnan Baruni
b511333130 add support for auth-snippet annotation 
add test for new auth-snippet annotation

document auth-snippet annotation

add e2e test for auth-snippet annotation

add log warning and update documentation
 2018-11-05 16:02:29 -06:00
k8s-ci-robot
b4c5af1b85
Merge pull request #3366 from mooncak/fix_typos 
Fix some typos
 2018-11-05 07:45:35 -08:00
mooncake
4b518ec03c Fix some typos 
Signed-off-by: mooncake <xcoder@tenxcloud.com>
 2018-11-05 22:10:11 +08:00
k8s-ci-robot
19cc5e5b96
Merge pull request #3345 from xichengliudui/fix181102 
update annotation
 2018-11-04 12:58:15 -08:00
liuwei
c74e59fa4c Use second as cookie expires unit 2018-11-02 17:05:38 +08:00
liuwei
ce6e564f82 merge from master 2018-11-02 13:13:24 +08:00
xichengliudui
648f8dfc20 update annotation 2018-11-01 23:50:08 -04:00
Manuel Alejandro de Brito Fontes
71ebe1cba5 Code linting 2018-10-30 20:46:48 -03:00
Manuel Alejandro de Brito Fontes
c9668dd40b
Fix e2e tests 2018-10-30 13:35:31 -03:00
k8s-ci-robot
bec97b36c7
Merge pull request #3321 from mbode/geoip2 
Add configuration for geoip2 module
 2018-10-30 05:09:38 -07:00
Maximilian Bode
c27c57dc8b Add configuration for geoip2 module 
Based on closed PRs #2551, #2755
 2018-10-29 21:25:23 +01:00
Manuel Alejandro de Brito Fontes
fed013ab6f Fix status update in case of connection errors 2018-10-29 13:01:41 -03:00
liuwei
ad57c76b73 Support cookie expires 2018-10-29 15:21:10 +08:00
xichengliudui
ed107a489a Delete some extra words 2018-10-29 02:48:56 -04:00
Henry Tran
3cbfd63992 Refactor EWMA to not use shared dictionaries 2018-10-25 22:33:42 +04:00
k8s-ci-robot
bc6f2e7016
Merge pull request #3285 from Shopify/probe-timeout 
Add health-check-timeout as command line argument
 2018-10-25 06:31:32 -07:00
k8s-ci-robot
063f652711
Merge pull request #3187 from DesmondHoLLM/feature/annotations-resty-lua 
UPT: annotation enhancement for resty-lua-waf
 2018-10-25 00:06:03 -07:00
Desmond Ho
bf03046a80 UPT: updated e2e test and default true for process-multipart-body annotation 2018-10-25 14:17:38 +08:00
Zenara Daley
9f2a0b6363 Add healthcheck timeout as CLA 2018-10-24 16:02:28 -04:00
Aarni Koskela
4a71111d4c Fix usages of %q formatting for numbers (%d) 
This caused logs like "Adjusting ServerNameHashBucketSize variable to '@'"
 2018-10-23 18:21:16 +03:00
Desmond Ho
bab521e81a UPT: align waf options 2018-10-20 12:46:39 +08:00
Desmond Ho
04a89ce234 UPT: annotation enhancement for resty-lua-waf 2018-10-20 12:09:38 +08:00
Elvin Efendi
cdb244e579 fix two bugs with backend-protocol annotation 2018-10-19 09:11:21 -04:00
k8s-ci-robot
ad89a93a29
Merge pull request #3195 from diazjf/auth-tls-e2e 
Add e2e Tests for AuthTLS
 2018-10-19 03:02:43 -07:00
k8s-ci-robot
12fba876c3
Merge pull request #3270 from ukinau/Fix-3269-sort-should-be-done-before-pass-to-update-status 
Don't sort IngressStatus from each Goroutine(update for each ingress)
 2018-10-19 02:46:54 -07:00
Yuki Nishiwaki
4845daeb35 Don't sort IngressStatus from each Goroutine(update for each ingress) 
Currently ingress controller try to update status for each ingress
resource in a parallel by using Goroutine, and inside this Goroutine we
are trying to sort same IngressStatus reference which is shared between
all Goroutine, this will break the original refrence if some Goroutine
tried to sort exact same time.
So we should have done sorting before passing reference to each
Goroutine to prevent from breaking original reference

fixes: #3269
 2018-10-19 11:10:31 +08:00
Fernando Diaz
b503c6bdeb Add e2e Tests for AuthTLS 
Adds E2E tests for the following annotations:

- auth-tls-secret
- auth-tls-verify-depth
- auth-tls-verify-client
- auth-tls-error-page
- auth-tls-pass-certificate-to-upstream
 2018-10-18 20:09:21 -05:00
Manuel Alejandro de Brito Fontes
dc553d8f91 Refactor probe url requests 2018-10-15 16:29:32 -03:00
Manuel Alejandro de Brito Fontes
1b63ca355f
Improve dynamic lua confguration 2018-10-12 14:29:41 -03:00
k8s-ci-robot
9af9ef5fd9
Merge pull request #3230 from reactiveops/backoff-dynamic-config 
Retry initial backend configuration
 2018-10-12 10:01:21 -07:00
Corey O'Brien
e0020e22d1 Switch to using wait.ExponentialBackoff 2018-10-12 09:19:20 -04:00
k8s-ci-robot
0baf62dd6a
Merge pull request #3222 from diazjf/add-timeouts-and-such 
Allow Ability to Configure Upstream Keepalive
 2018-10-12 06:15:09 -07:00
Corey O'Brien
ee6bb942e5 Retry initial backend configuration 2018-10-12 00:12:59 -04:00
Fernando Diaz
12955a4a1b Allow Ability to Configure Upstream Keepalive 
Allows Upstream Keepalive values like keepalive_timeout and
keepalive_requests to be configured via ConfigMap.

Fixes #3099
 2018-10-11 20:46:42 -05:00
Manuel Alejandro de Brito Fontes
4c46ee95c9
Update leader election methods 2018-10-10 21:46:45 -03:00
k8s-ci-robot
3038da8719
Merge pull request #3215 from hchenxa/hchenxa 
align opentracing user-guide with nginx configmap configuration
 2018-10-10 06:56:15 -07:00
k8s-ci-robot
3edf11b85f
Merge pull request #3198 from aledbf/only-dynamic 
Only support dynamic configuration
 2018-10-10 05:07:34 -07:00
Hui Chen
f8052385f9 aline opentracing user-guide with nginx configmap configuration 2018-10-10 11:25:53 +08:00
Manuel Alejandro de Brito Fontes
74c2f93de6
Only support dynamic configuration 2018-10-09 22:05:45 -03:00
k8s-ci-robot
f56ab42cd2
Merge pull request #3194 from bshelton229/literal-dollar-character 
Make literal $ character work in set $location_path
 2018-10-09 15:52:39 -07:00
Bryan Shelton
3686e4f366 Move escapeLocationPathVar to escapeLiteralDollar 2018-10-09 12:58:50 -07:00
Elvin Efendi
78f12c25c5 delete upstream healthcheck annotation 2018-10-09 09:14:13 -04:00
Manuel Alejandro de Brito Fontes
859b298d42 Remove annotations grpc-backend and secure-backend already deprecated 2018-10-08 12:26:06 -03:00
Bryan Shelton
3dc131bd57 Make literal $ character work in set $location_path 2018-10-07 12:58:39 -07:00
Manuel Alejandro de Brito Fontes
44bdc7eb59 Remove support for TCP and UDP services 2018-10-07 10:53:37 -03:00
Zenara Daley
bd3f56eaa0 allow curly braces to be used in regex paths 2018-10-04 10:58:38 -04:00
k8s-ci-robot
d9f58144eb
Merge pull request #3145 from Shopify/regex-modifier 
Add "use-regex" Annotation to Toggle Regular Expression Location Modifier
 2018-10-01 11:31:43 -07:00
Zenara Daley
f29bdc3e8d Add 'use regex' annotation to toggle nginx regex location modifier 2018-10-01 13:54:11 -04:00
Zenara Daley
a7c2633e4e remove payload from log (#3135) 2018-09-26 12:09:14 -03:00
Elvin Efendi
b3a22f7fc0 do not require --default-backend-service 2018-09-25 21:14:28 -04:00
k8s-ci-robot
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref 
Provide possibility to block IPs, User-Agents and Referers globally
 2018-09-25 05:51:56 -07:00
Pavel Sinkevych
7212d0081b Provide possibility to block CIDRs, User-Agents and Referers globally 2018-09-25 14:16:20 +03:00
Manuel de Brito Fontes
5cca38304e Fix tests 2018-09-22 15:09:54 -03:00
Manuel de Brito Fontes
55ccaf4be3 Update prometheus methods 2018-09-22 14:54:11 -03:00
Manuel de Brito Fontes
9766ad8f4b Filter hostnames before creation of metrics 2018-09-22 14:25:57 -03:00
Manuel de Brito Fontes
91ae204f6c Replace standard json encoding with jsoniter 2018-09-22 14:25:01 -03:00
Zenara Daley
0de19c8062 Fix/add unit tests; Styling changes 2018-09-14 15:07:57 -04:00
Zenara Daley
0e6f0bb88d enforce ^~ location modifier when rewrite-target annotation is set 2018-09-13 10:39:52 -04:00
Manuel de Brito Fontes
281318b4b6 Replace client-go deprecated method 2018-09-10 14:42:10 -03:00
Manuel de Brito Fontes
361f06b791 Join host/port with go helper (supports ipv6) 2018-09-09 16:34:18 -03:00
Mike Bryant
66486203db fix: Don't try and find local certs when secretName is not specified 
Fixes #3048
 2018-09-06 11:35:16 +01:00
k8s-ci-robot
3f6314aa2f
Merge pull request #3016 from diazjf/better-logging 
Log Errors Missing in Internal
 2018-09-05 05:18:33 -07:00
Derek Perkins
9099f3b4db add support for http2-max-requests in configmap 2018-09-02 23:53:30 -06:00
k8s-ci-robot
a92555f4cb
Merge pull request #3017 from diazjf/more-e2e-1 
Add e2e tests for CORS
 2018-09-02 16:00:41 -07:00
Fernando Diaz
2a990d2d2c Add e2e tests for CORS and more 
Adds the missing e2e tests for Cross-Origin Resource Sharing(CORS).
This will include all the CORS annotations. Also adds more unit tests.
 2018-09-01 16:14:52 -05:00
Manuel de Brito Fontes
b0e242fe73 Add support for valgrind 2018-08-30 21:32:06 -03:00
Fernando Diaz
10de8cac56 Log Errors Missing in Internal 
Adds a few missing errors and fix formatting for others.

Fixes #3013
 2018-08-30 15:02:42 -05:00
Manuel de Brito Fontes
16fce7444f
Check if cgroup cpu limits are defined to get the number of CPUs 2018-08-25 18:34:44 -03:00
Manuel de Brito Fontes
db947e344e
Fix formatting args 2018-08-25 12:18:28 -03:00
Henry Tran
cbf041fc3e Add Lua module to serve SSL Certificates dynamically 2018-08-23 22:15:54 -04:00
Elvin Efendi
dc952dc462 consistently fallback to default certificate when TLS is configured 2018-08-22 20:53:25 -04:00
k8s-ci-robot
c083599a4b
Merge pull request #2899 from jeroenvand/jvd-fix-rewrite 
fixed rewrites for paths not ending in /
 2018-08-19 02:49:22 -07:00
Elvin Efendi
2207d7694d batch metrics and flush periodically 2018-08-18 13:17:21 -04:00
Henry Tran
7faf089082 Add dynamic certificate feature to controller 2018-08-16 20:19:33 -04:00
Dario Nieuwenhuis
b5bcb93a4b
Merge branch 'master' into xff 2018-08-16 18:15:14 +02:00
Jeroen van Dongen
e428095e3c fixed rewrites for paths not ending in / 2018-08-15 21:15:40 +02:00
k8s-ci-robot
3f5af6eecf
Merge pull request #2889 from hnrytrn/dynamic-cert-endpoint 
Add Lua endpoint to support dynamic certificate serving functionality
 2018-08-13 10:49:43 -07:00
Manuel de Brito Fontes
f311668625 Add misspell target 2018-08-11 08:26:14 -04:00
Mike Bryant
6d9772ce00 fix: Sort TCP/UDP upstream order (#2885) 
Fixes #2721
 2018-08-10 07:09:14 -04:00
Manuel de Brito Fontes
7af93e03c7
Add annotation backend-protocol 2018-08-07 08:59:38 -04:00
Henry Tran
5200a38bd7 Add lua endpoint to handle certificates in dynamic configuration mode 2018-08-07 08:18:34 -04:00
k8s-ci-robot
7f7f59df79
Merge pull request #2894 from aledbf/authbind 
Use authbind to bind privileged ports
 2018-08-05 08:43:43 -07:00
Manuel de Brito Fontes
b148f113ae
Use authbind to bind privileged ports 2018-08-05 11:18:50 -04:00
k8s-ci-robot
9b3207d4c6
Merge pull request #2897 from aledbf/enable-reuseport 
Enable reuse-port by default
 2018-08-04 19:43:43 -07:00
k8s-ci-robot
060704c624
Merge pull request #2682 from aledbf/listen-localhost 
Use localhost to expose status server
 2018-08-04 17:16:56 -07:00
Manuel de Brito Fontes
6b2c7e08db Use localhost to expose status server 2018-08-04 18:57:56 -04:00
Manuel de Brito Fontes
1d00a5c2bc Enable reuse-port by default 2018-08-04 17:43:34 -04:00
Tom Reznik
b7bcf92480 support configuring multi_accept directive via configmap 2018-08-04 19:20:01 +03:00
Tom Reznik
1bacf1655e support custom configuration to main context of nginx config 2018-08-04 00:53:06 +03:00
k8s-ci-robot
23ce9b5db1
Merge pull request #2808 from dongqi1990/bugfix-2799 
fix the bug #2799, add prefix (?i) in rewrite statement.
 2018-08-02 20:58:06 -07:00
Manuel de Brito Fontes
5e13de4a65
Delay initial prometheus status metric 2018-07-30 10:24:51 -04:00
dongqi1990
72a2aa171a fix the bug #2799, add prefix (?i) in rewrite statement and add new e2e 
test.
 2018-07-30 17:34:28 +08:00
Antoine Cotten
39966f48cd
Add e2e test for redirect annotations 
Minor refactoring of parser and unit tests
 2018-07-29 22:53:03 +02:00
Karl Stoney
09832557ed
Add permanent-redirect-code annotation 2018-07-29 11:50:16 +02:00
Manuel de Brito Fontes
4a316045a8 Fix inconsistent metric labels 2018-07-27 12:41:37 -04:00
Elvin Efendi
8a67ace5c3 enable dynamic backend configuration by default 2018-07-26 15:16:06 -04:00
Elvin Efendi
a2692ce946 fix issues introduced in #2804 2018-07-26 14:23:51 -04:00
Elvin Efendi
d4faf68416 add support for ExternalName service type in dynamic mode 2018-07-25 09:05:47 -04:00
Manuel de Brito Fontes
010342aa58 Do not allow invalid latency values in metrics 2018-07-24 10:53:46 -04:00
k8s-ci-robot
237dcd7aa7
Merge pull request #2811 from takonomura/escape-request-uri 
Escape $request_uri for external auth
 2018-07-21 02:23:38 -07:00
k8s-ci-robot
496fb9d3b8
Merge pull request #2812 from dongqi1990/bugfix--rewrite-to 
modified annotation name "rewrite-to" to "rewrite-target" in comments
 2018-07-19 02:38:41 -07:00
dongqi1990
568512fdb8 modified annotation name "rewrite-to" to "rewrite-target" in comments 2018-07-19 17:14:18 +08:00
takonomura
587c2a8765 Escape $request_uri for external auth 2018-07-19 15:22:05 +09:00
Fernando Diaz
c783c08d81 Remove KubeConfig Dependency for Store Tests 
Removes the KubeConfig Dependency for the Store Test by using the
FakeClient Instead. Unit Tests should not rely on a real KubeConfig.

Fixes #2789
 2018-07-17 11:13:41 -05:00
Manuel de Brito Fontes
4c1e501074 Update prometheus labels 2018-07-16 15:52:17 -04:00
Fernando Diaz
52ecdf0b46 Add Better Error Handling for SSLSessionTicketKey 
Adds more error handling when writing an SSLSessionTicketKey to
the config map. Also adds tests and makes the function for modular.

Fixes #2756
 2018-07-15 19:53:39 -05:00
Manuel de Brito Fontes
9890ab343b Fix configuration hash calculation 2018-07-13 09:46:40 -04:00
Manuel de Brito Fontes
1542a12764
Refactor controller metrics interface 2018-07-12 12:46:34 -04:00
k8s-ci-robot
bdd2c5e3be
Merge pull request #2767 from aledbf/fix-regression 
Fix regression introduced in #2732
 2018-07-10 08:51:25 -07:00
Manuel de Brito Fontes
601315039e Fix regression introduced in #2732 2018-07-10 10:29:45 -04:00
Manuel de Brito Fontes
14426c60b8
Fix ingress rule parsing error 2018-07-09 18:30:11 -04:00
Jason Stangroome
8e06afbb45 Allow gzip compress level to be controlled via ConfigMap 2018-07-09 10:30:59 +10:00
Mike Bryant
85d1742283 fix: Use the correct opentracing plugin for Jaeger 
Part of #2738
 2018-07-05 19:09:12 +01:00
Antoine Cotten
472dcb371b
Clarify log messages in controller pkg 2018-07-02 22:59:54 +02:00
Andrii Kostenko
bc53d1eb74
Sample rate configmap option for zipkin in nginx-opentracing 2018-06-28 18:13:31 +03:00
Manuel de Brito Fontes
6c8647a27d
Remove prometheus labels with high cardinality 2018-06-25 09:43:56 -04:00
k8s-ci-robot
c0ed143fbd
Merge pull request #2368 from antoineco/fix-typos 
[aggregate] Fix typos across codebase
 2018-06-24 17:26:02 -07:00
Antoine Cotten
02219bdfb8
Improve best-cert guessing with empty tls.hosts 2018-06-25 01:59:50 +02:00
Antoine Cotten
130866b51c
Proofreading 2018-06-25 00:04:43 +02:00
Manuel Alejandro de Brito Fontes
4877ecd19a
Add note about status update (#2694) 2018-06-23 09:17:57 -04:00
Manuel Alejandro de Brito Fontes
d136017e3d
Revert #2669 [ci skip] (#2693) 2018-06-23 09:10:27 -04:00