DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6881 commits 4 branches 217 tags 166 MiB
Commit graph

140 commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
5c30820d1f Remove hard-coded annotation and don't use map pointers 2019-12-13 03:05:20 -03:00
Manuel Alejandro de Brito Fontes
fe2ae8a1ec Check the configmap is valid 2019-12-10 22:45:02 -03:00
Laszlo Janosi
cc84bd4ab6 Server level proxy_ssl parameters are applied again, following the comments received. 
Also writing tls.crt and tls.key to disk is according to the original code.
 2019-10-26 20:20:18 +02:00
Laszlo Janosi
37fe9c9876 Enabling per-location proxy-ssl parameters, so locations of the same server but with own unique Ingress definitions can have different SSL configs 2019-10-17 10:15:53 +02:00
Manuel Alejandro de Brito Fontes
a40a4b0325
Fix reload when a configmap changes 2019-09-24 10:55:59 -03:00
Manuel Alejandro de Brito Fontes
9f092a2c81
Increase log level for identical CreationTimestamp warning 2019-09-18 11:59:03 -03:00
Manuel Alejandro de Brito Fontes
55820ef1e8
Allow multiple CA Certificates (#4556) 2019-09-13 09:22:24 -03:00
Ricardo Katz
9c51676f17 Add support to CRL (#3164) 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Add support to CRL

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>
 2019-09-03 16:47:28 -04:00
Manuel Alejandro de Brito Fontes
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates (#4472) 2019-08-26 10:58:44 -04:00
Kubernetes Prow Robot
6697203891
Merge pull request #4409 from ProNic-QY/master 
sort ingress by namespace and name when ingress.CreationTimestamp identical
 2019-08-18 17:30:03 -07:00
qianyong
70614f4622 sort ingress by namespace and name when ingress.CreationTimestamp identical 2019-08-18 23:11:15 +08:00
Gabor Lekeny
65b9e2c574 Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl 2019-08-16 06:21:53 +02:00
Manuel Alejandro de Brito Fontes
80bd481abb
Only support SSL dynamic mode 2019-08-13 17:33:34 -04:00
Gabor Lekeny
def13fc06c Add proxy_ssl_* directives 
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.

The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
 2019-07-18 03:21:52 +02:00
Manuel Alejandro de Brito Fontes
3d7a09347d
Apply fixes suggested by staticcheck 2019-07-08 16:18:52 -04:00
Manuel Alejandro de Brito Fontes
8807db9748
Check and complete intermediate SSL certificates 2019-07-04 19:13:21 -04:00
Manuel Alejandro de Brito Fontes
85a848faaf
Fix misspelled and e2e check 2019-06-24 23:47:22 -04:00
Manuel Alejandro de Brito Fontes
84102eec2b
Migrate to new networking.k8s.io/v1beta1 package 2019-06-13 11:32:39 -04:00
Elvin Efendi
c4ced9d694 fix source file mods 2019-06-06 10:47:08 -04:00
Manuel Alejandro de Brito Fontes
14a394fc9e
Update nginx (#4150) 
* Update nginx image
* Fix IPV6 test issues in Prow
 2019-06-04 12:15:03 -04:00
Manuel Alejandro de Brito Fontes
c639f490b1
Use a real apiserver to test the store 2019-05-23 04:58:14 -04:00
Manuel Alejandro de Brito Fontes
bae49a4657
Refactor ListIngresses to add filters 2019-05-22 05:37:44 -04:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Elvin Efendi
417af76e97 properly handle default and custom default certs in dynamic ssl mode 2019-04-13 12:32:06 -04:00
Elvin Efendi
fc6e7c9be0 fix dynamic cert bug 2019-04-09 22:11:21 -04:00
Manuel Alejandro de Brito Fontes
14a9e9f3fa
Update dependencies client-go to release-11.0 and kubernetes-1.14.0 2019-03-28 20:43:18 -03:00
Elvin Efendi
5667ea5d67 bugfix: when secret includes ca.crt store it on disk even in dynamic cert mode 2019-03-11 00:53:06 -04:00
Elvin Efendi
70df5e03e5 clean up certificate processing 2019-03-11 00:53:06 -04:00
Manuel Alejandro de Brito Fontes
bef6ff9042
Do not log unnecessarily (#3771) 2019-02-16 20:56:18 -03:00
Alex Kursell
b5a9f6c000 Fix flaky test 2019-02-05 18:02:21 -05:00
Alex Kursell
ca74960905 Fix --disable-catch-all 2019-01-25 14:53:55 -05:00
Maxime Ginters
3fa8395f7f Fix a bug in Ingress update handler 2019-01-08 09:28:42 -05:00
Kubernetes Prow Robot
8f57f9578d
Merge pull request #3586 from Shopify/disable-catch-all 
Add --disable-catch-all option to disable catch-all server
 2019-01-07 07:16:26 -08:00
Manuel Alejandro de Brito Fontes
b2fa243b97
Sort ingresses by creation timestamp 2018-12-27 10:48:01 -03:00
Maxime Ginters
1678d99a03 Add --disable-catch-all option to disable catch-all server 2018-12-21 13:22:26 -05:00
Elvin Efendi
7a00d52141 fix status updated: make sure ingress.status is copied 2018-12-17 16:19:02 +04:00
Maxime Ginters
f90881b367 Update lua configuration_data when number of controller pod change 2018-12-14 13:34:54 -05:00
Archangel_SDY
ece5e1c678 Pass k8sStore to member functions by pointer 
Passing `k8sStore` by value implies read and copy of `backendConfig`,
which is not protected by a mutex and may cause race conditions.
 2018-12-06 22:11:19 +08:00
Archangel_SDY
d58dbde5e3 Add a mutex to protect against simultaneous read/write to backend config 
This addresses issues found by race detector.
 2018-12-06 22:02:17 +08:00
Archangel_SDY
9122c08b3e Ignore updates of ingress with invalid class 2018-12-06 22:02:17 +08:00
Manuel Alejandro de Brito Fontes
68f344233b Fix lint issues 2018-12-05 13:28:28 -03:00
Manuel Alejandro de Brito Fontes
2fa55eabf6 Replace glog with klog 2018-12-05 13:27:55 -03:00
Manuel Alejandro de Brito Fontes
497246f8ba
Annotations cannot being empty 2018-12-02 16:07:46 -03:00
Manuel Alejandro de Brito Fontes
f78e2e3849
Only copy fields being used 2018-12-02 15:35:36 -03:00
Manuel Alejandro de Brito Fontes
67808c0ed8
Improve parsing of annotations and use of Ingress wrapper 2018-12-02 15:35:36 -03:00
Maxime Ginters
b6b221aebb Watch controller Pods list 2018-11-26 15:35:31 -05:00
Maxime Ginters
12766cdfc6 Use struct to pack Ingress and its annotations 2018-11-20 09:38:22 -05:00
Manuel Alejandro de Brito Fontes
168f30d1ec Revert removal of support for TCP and UDP services 2018-11-16 13:48:47 -03:00
SataQiu
76b5a7b45e fix typos 2018-11-06 15:58:56 +08:00
Manuel Alejandro de Brito Fontes
44bdc7eb59 Remove support for TCP and UDP services 2018-10-07 10:53:37 -03:00
Manuel de Brito Fontes
281318b4b6 Replace client-go deprecated method 2018-09-10 14:42:10 -03:00
Fernando Diaz
10de8cac56 Log Errors Missing in Internal 
Adds a few missing errors and fix formatting for others.

Fixes #3013
 2018-08-30 15:02:42 -05:00
Henry Tran
7faf089082 Add dynamic certificate feature to controller 2018-08-16 20:19:33 -04:00
Manuel de Brito Fontes
f311668625 Add misspell target 2018-08-11 08:26:14 -04:00
Fernando Diaz
c783c08d81 Remove KubeConfig Dependency for Store Tests 
Removes the KubeConfig Dependency for the Store Test by using the
FakeClient Instead. Unit Tests should not rely on a real KubeConfig.

Fixes #2789
 2018-07-17 11:13:41 -05:00
Fernando Diaz
52ecdf0b46 Add Better Error Handling for SSLSessionTicketKey 
Adds more error handling when writing an SSLSessionTicketKey to
the config map. Also adds tests and makes the function for modular.

Fixes #2756
 2018-07-15 19:53:39 -05:00
Manuel de Brito Fontes
601315039e Fix regression introduced in #2732 2018-07-10 10:29:45 -04:00
Antoine Cotten
472dcb371b
Clarify log messages in controller pkg 2018-07-02 22:59:54 +02:00
Manuel Alejandro de Brito Fontes
0951b973c9
Fix initial read of configuration configmap (#2692) 2018-06-23 09:08:48 -04:00
Manuel de Brito Fontes
779676145b After a configmap change parse ingress annotations (again) 2018-06-21 08:47:06 -04:00
Manuel de Brito Fontes
408391175f Do not wait informer initialization to read configuration 2018-06-17 12:27:12 -04:00
Manuel de Brito Fontes
7ded31d7a8
Create file permission constants 2018-06-12 11:06:14 -04:00
Manuel de Brito Fontes
b57a7cf939 Remove warning when secret is used only for authentication 2018-05-15 08:10:29 -04:00
Antoine Cotten
553df8a0cc
Refactor e2e framework for TLS tests 2018-04-27 23:24:22 +02:00
Manuel de Brito Fontes
a92bf821f9 Remove data races from tests 2018-04-27 00:02:21 -03:00
Manuel de Brito Fontes
c5932366db
Add test for store helper ListIngresses 2018-04-21 21:19:14 -03:00
k8s-ci-robot
7625c05dfb
Merge pull request #2361 from aledbf/check-path 
Check ingress rule contains HTTP paths
 2018-04-20 08:07:00 -07:00
Antoine Cotten
55facfa9f5
Silence unnecessary MissingAnnotations errors 2018-04-20 16:00:33 +02:00
k8s-ci-robot
10fc2548b4
Merge pull request #2374 from aledbf/improve-tests 
Remove most of the time.Sleep from the e2e tests
 2018-04-19 17:52:00 -07:00
Antoine Cotten
0e8ac3077a
Accept ns/name Secret reference in annotations 2018-04-20 00:05:54 +02:00
Manuel de Brito Fontes
62a80a39ad
Remove most of the time.Sleep from the e2e tests 2018-04-19 17:48:50 -03:00
Manuel de Brito Fontes
c966bb8eff Check ingress rule contains HTTP paths 2018-04-17 08:32:01 -03:00
Antoine Cotten
0a563651db
Add test for channel events with referenced secret 2018-04-13 16:36:52 +02:00
Antoine Cotten
c786f55336
Include missing secrets in secretIngressMap 
Update secretIngressMap independently from stored annotations, which may
miss some secret references.
 2018-04-13 16:14:36 +02:00
Antoine Cotten
fec3ddc6cc
Sync secrets (SSL certificates) on events 
Remove scheduled check for missing secrets.
 2018-04-13 16:14:29 +02:00
Manuel Alejandro de Brito Fontes
2a02b7c35c
Fix race condition when Ingress does not contains a secret (#2300) 2018-04-06 17:44:41 -03:00
Antoine Cotten
b09ecf790b Use SharedIndexInformers in place of Informers (#2271) 2018-03-29 09:35:01 -03:00
Oilbeater
1f93a1ccad fix: empty ingress path (#2244) 
If the origin ingress rule has no field `path`, the default value will be an empty string which will cause issues when rendering template as other place will use `/` as the default value.
Set the default value of path to `/` when retrieve ingress rules from api-server. Thie will fix https://github.com/kubernetes/ingress-nginx/issues/1980
 2018-03-23 08:08:42 -03:00
Manuel Alejandro de Brito Fontes
9bcb5b08ea
Use a ring channel to avoid blocking write of events (#2082) 
* Use a ring channel to avoid blocking write of events

* Add eapache/channels dependency
 2018-02-13 17:46:18 -08:00
Manuel Alejandro de Brito Fontes
98213efee3
Fix spelling errors (#2076) 2018-02-12 14:33:26 -08:00
Manuel Alejandro de Brito Fontes
e596a084f8
Do not cancel the synchronization of secrets (#2069) 2018-02-11 21:37:02 -08:00
Lihua Tang
1947f35121 Fix typos (#2046) 2018-02-07 19:15:50 -08:00
Manuel Alejandro de Brito Fontes
444a56c001
Fix chain completion and default certificate flag issues (#1978) 2018-01-25 10:46:20 -03:00
Manuel Alejandro de Brito Fontes
6bd97d195f
Only secrets in the local store can be updated (#1974) 2018-01-24 14:46:43 -03:00
Manuel de Brito Fontes
0836cb30aa Remove event duplication and check ingress before annotation extraction 2018-01-23 21:11:56 -03:00
Manuel de Brito Fontes
12c8ea721d When a secret is updated read ingress annotations (again) 2018-01-23 19:34:33 -03:00
Manuel de Brito Fontes
9af683b02a
Cleanup 2018-01-19 15:53:25 -03:00
Manuel de Brito Fontes
0287024598 Add event for configmap update 2018-01-18 20:04:40 -03:00
Manuel de Brito Fontes
ffea85d397 Cleanup 2018-01-18 17:35:00 -03:00
Manuel de Brito Fontes
e9a00ff916 Refactoring of kubernetes informers and local caches 2018-01-18 16:14:54 -03:00