DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6881 commits 4 branches 217 tags 166 MiB
Commit graph

172 commits

Author SHA1 Message Date
Samuel Vaillant
e6dcd6845e
feat(configmap): expose gzip-disable (#9505) 
* docs(configmap): add link for gzip-min-length

* feat(configmap): expose gzip-disable

* test(e2e): cover gzip settings

* docs(configmap): simplify description with NGINX link

* refactor(configmap): simplify condition
 2023-01-16 17:08:32 -08:00
Marcus Noble
e7bee5308e
added option to disable sync event creation (#8528) 
* added option to disable event creation

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

* Re-trigger github workflows

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2023-01-09 06:37:31 -08:00
Ricardo Katz
fe2bf5cbdf
Add sslpassthrough tests (#9457) 2022-12-28 12:59:27 -08:00
Nate Campbell
7cb91ef9c1
Support none keyword in log-format escape (#8692) 
* Support none keyword in log-format escape


## What this PR does / why we need it:
ingress-nginx does not support disabling escaping of special characters in the nginx log. This PR exposes the setting to support that functionality.

## Types of changes
- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [ ] Documentation only

## Which issue/s this PR fixes
<!--
(optional, in `fixes #<issue number>` format, will close that issue when PR gets merged):

fixes #
-->

## How Has This Been Tested?
Followed the [getting-started](96b6228a6b/docs/developer-guide/getting-started.md) guide. Used ppa:longsleep/golang-backports on WSL Ubuntu to establish a golang-1.18 environment with latest docker and recommended kind. Built the dev-env successfully; had issues with make test, but they are entirely unrelated to anything I touched. Ultimate test was
```
FOCUS=log-format make kind-e2e-test
...
Ginkgo ran 1 suite in 6m29.7437865s
Test Suite Passed
```

## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] My change requires a change to the documentation.
- [x] I have updated the documentation accordingly.
- [x] I've read the [CONTRIBUTION](https://github.com/kubernetes/ingress-nginx/blob/main/CONTRIBUTING.md) guide
- [x] I have added tests to cover my changes.
- [x] All new and existing tests passed.

I did not update docs/e2e-tests.md.

* gofmt -s ./internal/ingress/controller/config/config.go
 2022-09-30 08:00:29 -07:00
Amim Knabben
12c9f00931
Adding a simpler interface for the HTTP request library. (#8862) 2022-09-05 04:02:36 -07:00
Ricardo Katz
bfd44ab83e
Add v1.25 test and reduce amount of e2e tests (#9018) 2022-09-04 16:22:36 -07:00
Long Wu Yuan
a98c637872
bump baseimage alpine to v3.16.2 for zlib CVE fix (#8939) 2022-08-18 19:30:09 -07:00
Long Wu Yuan
0f61d9d0dc
updated to new images built today (#8896) 2022-08-08 11:40:19 -07:00
Lien Li
5b0cc8edca
migrate ginkgo to v2 (#8826) 
* Migrate ginkgo to v2

* Update test/e2e/annotations/ipwhitelist.go

Co-authored-by: Jintao Zhang <tao12345666333@163.com>

* Update test/e2e/annotations/modsecurity/modsecurity.go

Co-authored-by: Jintao Zhang <tao12345666333@163.com>

* Update test/e2e/settings/access_log.go

Co-authored-by: Jintao Zhang <tao12345666333@163.com>

* remove unnecessary blank line

* re-order packages

* less change

Co-authored-by: Jintao Zhang <tao12345666333@163.com>
 2022-07-31 09:16:28 -07:00
Long Wu Yuan
96b6228a6b
changed k8s.gcr.io to registry.k8s.io (#8667) 2022-06-10 04:01:52 -07:00
Ricardo Katz
4dfb3f2e9a
Fix tls1.0 test (#8632) 
* Fix tls1.0 test

* fix algorithm
 2022-05-25 17:49:22 -07:00
Maksim Nabokikh
2c27e66cc7
feat: always set auth cookie (#8213) 
* feat: always set auth cookie

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* feat: Add annotation to always set auth cookie

* Add annotation
* Add global configmap key
* Provide unit tests and e2e tests
* Fix e2e documentation autogen script

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Regenerate e2e tests

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-05-19 15:27:53 -07:00
sskserk
d4b9b486e6
Upstream keepalive time (#8319) 
* nginx 1.19.10 keepalive_time parameter

* nginx v1.19.10 base image

* keepalive_time documentation

* base image

* restore base image

* e2e test

* replace default value in test
 2022-04-15 04:09:10 -07:00
Ricardo Katz
3def835a6a
Jail/chroot nginx process inside controller container (#8337) 
* Initial work on chrooting nginx process

* More improvements in chroot

* Fix charts and some file locations

* Fix symlink on non chrooted container

* fix psp test

* Add e2e tests to chroot image

* Fix logger

* Add internal logger in controller

* Fix overlay for chrooted tests

* Fix tests

* fix boilerplates

* Fix unittest to point to the right pid

* Fix PR review
 2022-04-08 21:48:04 -07:00
Damien Mathieu
dcd552ceb5
use functional options to reduce number of methods creating an EchoDeployment (#8199) 2022-02-02 05:12:22 -08:00
Jintao Zhang
53ac0ddd42
Using Go install for misspell (#8191) 
* chore: using go install misspell

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* chore: fix typo

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2022-01-26 18:52:50 -08:00
Tobias Salzmann
ce9deaa332
Add stream-snippet as a ConfigMap and Annotation option (#8029) 
* stream snippet

* gofmt -s
 2021-12-23 11:46:30 -08:00
James Strong
d4a6ade65f
update default block list,docs, tests (#7942) 
* update default block list,docs, tests

* fix config for admin test

* gofmt

* remove the err return
 2021-11-23 09:06:17 -08:00
zryfish
7203a0b8bd
support watch namespaces matched namespace selector (#7472) 
skip caching namespaces at cluster scope if only watching single namespace

add --watch-namespace-selector in user guide

add e2e test
 2021-11-12 11:46:28 -08:00
Ricardo Katz
67e13bf692
Add option to sanitize annotation inputs (#7874) 
* Add option to sanitize annotation inputs

* Fix e2e tests after string sanitization

* Add proxy_pass and serviceaccount as denied values
 2021-11-12 11:40:30 -08:00
Rahil Patel
c8ab4dc307
add brotli-min-length configuration option (#7854) 
* add `brotli-min-length` configuration option

* add e2e tests for brotli

* include check for expected content type

* fix header and format
 2021-11-02 04:52:59 -07:00
Matthew Silverman
7d5452d00b
configmap: option to not trust incoming tracing spans (#7045) 
* validate the sender of tracing spans

* add location-specific setting
 2021-10-24 14:36:21 -07:00
Ricardo Katz
97e39e79e2
Add e2e test for non ingressclass enabled ingress (#7785) 2021-10-10 16:18:37 -07:00
Ricardo Katz
4fc57dcc49
Change enable-snippet to allow-snippet-annotation (#7670) 
Signed-off-by: Ricardo Pchevuzinske Katz <rkatz@vmware.com>
 2021-09-20 16:52:23 -07:00
Ricardo Katz
5e6ab651ec
Add option to force enabling snippet directives (#7665) 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
 2021-09-19 12:40:08 -07:00
Ricardo Katz
cda59ccc9c
Add new flag to watch ingressclass by name instead of spec (#7609) 2021-09-10 10:14:01 -07:00
Elvin Efendi
33061b8cdf
put modsecurity e2e tests into their own packages (#7560) 2021-09-07 10:35:22 -07:00
Ricardo Katz
90c79689c4
Release v1 (#7470) 
* Drop v1beta1 from ingress nginx (#7156)

* Drop v1beta1 from ingress nginx

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix intorstr logic in controller

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* fixing admission

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* more intorstr fixing

* correct template rendering

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix e2e tests for v1 api

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix gofmt errors

* This is finally working...almost there...

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Re-add removed validation of AdmissionReview

* Prepare for v1.0.0-alpha.1 release

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Update changelog and matrix table for v1.0.0-alpha.1 (#7274)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* add docs for syslog feature (#7219)

* Fix link to e2e-tests.md in developer-guide (#7201)

* Use ENV expansion for namespace in args (#7146)

Update the DaemonSet namespace references to use the `POD_NAMESPACE` environment variable in the same way that the Deployment does.

* chart: using Helm builtin capabilities check (#7190)

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* Update proper default value for HTTP2MaxConcurrentStreams in Docs (#6944)

It should be 128 as documented in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/config/config.go#L780

* Fix MaxWorkerOpenFiles calculation on high cores nodes (#7107)

* Fix MaxWorkerOpenFiles calculation on high cores nodes

* Add e2e test for rlimit_nofile

* Fix doc for max-worker-open-files

* ingress/tcp: add additional error logging on failed (#7208)

* Add file containing stable release (#7313)

* Handle named (non-numeric) ports correctly (#7311)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Updated v1beta1 to v1 as its deprecated (#7308)

* remove mercurial from build (#7031)

* Retry to download maxmind DB if it fails (#7242)

* Retry to download maxmind DB if it fails.

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Add retries count arg, move retry logic into DownloadGeoLite2DB function

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Reorder parameters in DownloadGeoLite2DB

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Remove hardcoded value

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Release v1.0.0-alpha.1

* Add changelog for v1.0.0-alpha.2

* controller: ignore non-service backends (#7332)

* controller: ignore non-service backends

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* update per feedback

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* fix: allow scope/tcp/udp configmap namespace to altered (#7161)

* Lower webhook timeout for digital ocean (#7319)

* Lower webhook timeout for digital ocean

* Set Digital Ocean value controller.admissionWebhooks.timeoutSeconds to 29

* update OWNERS and aliases files (#7365) (#7366)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Downgrade Lua modules for s390x (#7355)

Downgrade Lua modules to last known working version.

* Fix IngressClass logic for newer releases (#7341)

* Fix IngressClass logic for newer releases

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Change e2e tests for the new IngressClass presence

* Fix chart and admission tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix helm chart test

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix reviews

* Remove ingressclass code from admission

* update tag to v1.0.0-beta.1

* update readme and changelog for v1.0.0-beta.1

* Release v1.0.0-beta.1 - helm and manifests (#7422)

* Change the order of annotation just to trigger a new helm release (#7425)

* [cherry-pick] Add dev-v1 branch into helm releaser (#7428)

* Add dev-v1 branch into helm releaser (#7424)

* chore: add link for artifacthub.io/prerelease annotations

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

* k8s job ci pipeline for dev-v1 br v1.22.0 (#7453)

* k8s job ci pipeline for dev-v1 br v1.22.0

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* k8s job ci pipeline for dev-v1 br v1.21.2

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* remove v1.21.1 version

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* Add controller.watchIngressWithoutClass config option (#7459)

Signed-off-by: Akshit Grover <akshit.grover2016@gmail.com>

* Release new helm chart with certgen fixed (#7478)

* Update go version, modules and remove ioutil

* Release new helm chart with certgen fixed

* changed appversion, chartversion, TAG, image (#7490)

* Fix CI conflict

* Fix CI conflict

* Fix build.sh from rebase process

* Fix controller_test post rebase

Co-authored-by: Tianhao Guo <rggth09@gmail.com>
Co-authored-by: Ray <61553+rctay@users.noreply.github.com>
Co-authored-by: Bill Cassidy <cassid4@gmail.com>
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
Co-authored-by: Sathish Ramani <rsathishx87@gmail.com>
Co-authored-by: Mansur Marvanov <nanorobocop@gmail.com>
Co-authored-by: Matt1360 <568198+Matt1360@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: Kundan Kumar <kundan.kumar@india.nec.com>
Co-authored-by: Tom Hayward <thayward@infoblox.com>
Co-authored-by: Sergey Shakuto <sshakuto@infoblox.com>
Co-authored-by: Tore <tore.lonoy@gmail.com>
Co-authored-by: Bouke Versteegh <info@boukeversteegh.nl>
Co-authored-by: Shahid <shahid@us.ibm.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Long Wu Yuan <longwuyuan@gmail.com>
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
Co-authored-by: Neha Lohia <nehapithadiya444@gmail.com>
Co-authored-by: Akshit Grover <akshit.grover2016@gmail.com>
 2021-08-21 13:42:00 -07:00
Tom Hayward
c9d5b21a65 fix: discover mounted geoip db files (#7228) 
* fix: discover mounted geoip db files

* add test

* fix runtime reload of config.MaxmindEditionFiles

* add e2e test

* log missing geoip2 db
 2021-08-10 11:24:39 -07:00
Ricardo Katz
d226d831bd Update go version, modules and remove ioutil 2021-08-06 14:15:21 -03:00
Ricardo Katz
f5c80783bf
[Cherry Pick] - Add configuration to disable external name service feature (#7314) (#7321) 
* Add configuration to disable external name service feature (#7314)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix CI files
 2021-07-05 21:50:18 -07:00
Matthew Silverman
9b00a4912f set x-forwarded-scheme like x-forwarded-proto 2021-05-13 09:26:27 -04:00
Mahnoor Mehboob
2503b23b09 Alter e2e test for disable_catch_all.go 2021-04-22 12:01:41 -04:00
Matthew Silverman
71c8ef119d add support for the jaeger propagation format 
adding default, testing w3c traceparent is propagated
 2021-03-26 12:33:24 -04:00
Matthew Silverman
a6442fbadb remove test, getaddrinfo fails for tcp in test 2021-02-19 15:04:33 -05:00
Matthew Silverman
28280de175 jaeger-endpoint configmap attribute 2021-02-18 17:29:35 -05:00
Elvin Efendi
e0dece48f7 Add Global Rate Limiting support 2021-01-04 17:47:07 -05:00
Manuel Alejandro de Brito Fontes
d9af197e62
Remove dead code 2020-12-27 22:26:51 -03:00
Manuel Alejandro de Brito Fontes
789021e4f6 Avoid ingress class creation if k8s < 1.18 2020-10-29 19:34:05 -03:00
Manuel Alejandro de Brito Fontes
7f991eef84 Update sqlite cfssl database 2020-10-29 19:34:05 -03:00
Manuel Alejandro de Brito Fontes
703c2d6f8e Enable validation of ingress definitions from extensions package 2020-10-26 10:50:44 -03:00
Kubernetes Prow Robot
524c3a50ea
Merge pull request #6037 from aledbf/redirect 
Do not append a trailing slash on redirects
 2020-10-08 11:51:06 -07:00
Manuel Alejandro de Brito Fontes
104fdab2f6 Refactor TLS e2e tests 2020-09-30 14:42:15 -03:00
Manuel Alejandro de Brito Fontes
4cda9787b8
Cleanup proxy protocol e2e test 2020-09-29 22:39:30 -03:00
Manuel Alejandro de Brito Fontes
493dd6726d
Replace request_uri 2020-09-27 20:26:39 -03:00
Manuel Alejandro de Brito Fontes
29ea30a4e8 Add events for NGINX reloads 2020-09-27 17:16:09 -03:00
Manuel Alejandro de Brito Fontes
87aa96b468 Change server-tokens default value to false 2020-09-17 09:52:07 -03:00
Elvin Efendi
8e83d4e84a delete redundant NGINX config about X-Forwarded-Proto 2020-09-15 13:22:26 -04:00
Manuel Alejandro de Brito Fontes
ccb1eb4925 Add e2e tests to verify opentracing libraries 2020-09-08 16:20:03 -03:00
agile6v
609e1b5775 feat: support to define trusted addresses for proxy protocol in stream block 2020-08-28 14:37:16 +08:00