k8s-infra-cherrypick-robot
7502f9dc65
Go: Bump to v1.24.1. ( #12942 )
...
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2025-03-05 07:33:46 -08:00
k8s-infra-cherrypick-robot
abca410e07
Go: Replace golang.org/x/exp/slices with slices. ( #12781 )
...
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Co-authored-by: Eng Zer Jun <engzerjun@gmail.com>
2025-02-03 06:22:59 -08:00
k8s-infra-cherrypick-robot
5523bad30c
Annotations: Deny newlines. ( #12667 )
...
Co-authored-by: James Strong <strong.james.e@gmail.com>
2025-01-10 16:26:30 -08:00
k8s-infra-cherrypick-robot
1245626c4a
Annotations: Reload on custom header changes. ( #12652 )
...
Co-authored-by: jgoelen <jurgen.goelen@vlaanderen.be>
2025-01-09 14:28:32 -08:00
k8s-infra-cherrypick-robot
16cd5fc19e
Auth TLS: Add _ to redirect RegEx. ( #12326 )
...
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-11-08 06:28:44 +00:00
k8s-infra-cherrypick-robot
8f457f5a61
Auth TLS: Improve redirect RegEx. ( #12323 )
...
Co-authored-by: James Strong <strong.james.e@gmail.com>
2024-11-07 07:05:30 +00:00
Nathan Baulch
4f23049374
Fix minor typos ( #11935 )
2024-09-06 15:59:43 +01:00
Adam Sunderland
2cec24143d
Allow any protocol for cors origins ( #11153 )
...
Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
2024-08-31 16:26:45 +01:00
James Strong
d4c49112a4
Annotations: Allow commas in URLs. ( #11882 )
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2024-08-26 23:39:30 +02:00
Ricardo Katz
21cd966d1c
Remove global-rate-limit feature ( #11851 )
2024-08-25 21:03:29 +01:00
lou-lan
24450ea509
Add custom code handling for temporal redirect ( #10651 )
...
Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
2024-08-23 21:10:20 +01:00
Ricardo Katz
cf8e374290
Auto-generate annotation docs ( #11820 )
2024-08-18 16:13:18 -07:00
Jintao Zhang
1a13bf5c0d
Missing anchors in regular expression. ( #11717 )
...
Co-authored-by: André Storfjord Kristiansen <33384479+dev-bio@users.noreply.github.com>
2024-08-01 15:56:56 -07:00
Chakrit Wichian
e1d81b7818
Docs: Clarify from-to-www redirect direction. ( #11682 )
...
* docs: Clarify from-to-www redirect direction.
This was not clear to me when reading the docs whether the ingress will
redirect from non-www to with-www or the reverse. It's also not very
clear from just grepping around the codebase. I found the answer by
reading from this reddit link:
https://www.reddit.com/r/kubernetes/comments/pbl033/k8s_ingress_redirecting_www_to_nonwww_domains/
So, to save time for other people doing the same, which I assumes is a
lot of people since it's a common scenario, this little revision in the
docs is warranted.
* Docs: Implement suggestion.
---------
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-07-29 01:28:45 -07:00
wdullaer
bcb98c0c8d
fix: Ensure changes in MatchCN annotation are detected ( #11173 )
2024-07-01 13:48:24 -07:00
Long Wu Yuan
5639979cb5
removed tlsv1 & tlsv1.1 ( #11343 )
2024-05-28 11:37:30 -07:00
cuiyourong
7379b80459
Fix function name in comment ( #11296 )
...
Signed-off-by: cuiyourong <cuiyourong@gmail.com>
2024-04-23 04:27:06 -07:00
Christian Groschupp
1f4ee0e235
feat: add annotation to allow to add custom response headers ( #9742 )
...
* add custom headers
Signed-off-by: Christian Groschupp <christian@groschupp.org>
* add tests
Signed-off-by: Christian Groschupp <christian@groschupp.org>
* add docs
* update copyright
* change comments
* add e2e test customheaders
* add custom headers validation
* remove escapeLiteralDollar filter
* validate value in custom headers
* add regex for header value
* fix annotation test
* Revert "remove escapeLiteralDollar filter"
This reverts commit ab48392b60dee4ce146a4c17e046849f9633c7fb.
* add annotationConfig
* fix test
* fix golangci-lint findings
* fix: add missung exp module
---------
Signed-off-by: Christian Groschupp <christian@groschupp.org>
2024-04-09 03:25:22 -07:00
Carlos Tadeu Panato Junior
12fbe9b163
golangci-lint update, ci cleanup, group dependabot updates ( #11071 )
...
* bump golangci-lint to v1.56.x
Signed-off-by: cpanato <ctadeu@gmail.com>
* cleanup empty lines
Signed-off-by: cpanato <ctadeu@gmail.com>
* group dependabot updates
Signed-off-by: cpanato <ctadeu@gmail.com>
* run on job changes as well
Signed-off-by: cpanato <ctadeu@gmail.com>
* remove deprecated checks
Signed-off-by: cpanato <ctadeu@gmail.com>
* fix lints and format
Signed-off-by: cpanato <ctadeu@gmail.com>
---------
Signed-off-by: cpanato <ctadeu@gmail.com>
2024-03-07 02:39:53 -08:00
Ricardo Katz
fa0bf81984
Bump go libraries ( #11023 )
...
* Bump go libraries
* Fix update codegen execution
* Fix errors on klog
* Fix gzip test
* Bump libraries on webhook certgen
* Fix webhook-certgen compilation
2024-02-27 09:52:42 -08:00
kbweave
1bc745619d
Include SECLEVEL and STRENGTH as part of ssl-cipher list validation ( #10754 )
2024-01-05 15:50:34 +01:00
Philipp Sauter
05d68a1512
annotation validation: validate regex in common name annotation ( #10657 )
...
* fix common name validation
* add tests
2024-01-04 15:56:57 +01:00
James Strong
6807537a70
upgrade go 1.21.5 ( #10732 )
...
* upgrade go 1.21.5
Signed-off-by: James Strong <strong.james.e@gmail.com>
* update golang gha
Signed-off-by: James Strong <strong.james.e@gmail.com>
* supgrade golang lint ci to v1.55.2
* sfix all golang lint ci errors
* sget a nginx build as well
* srevert some e2e changes
* srevert some e2e changes
---------
Signed-off-by: James Strong <strong.james.e@gmail.com>
2023-12-08 01:52:14 +01:00
chriss-de
ad406b64d8
Add override for proxy_intercept_errors when using Custom HTTP Errors ( #9497 )
...
* added proxy-intercept-errors config option
* fixed error when comparing locations
* fixed missing location config from annotation
added e2e test
* reversed logic for proxy-intercept-errors to disable-proxy-intercept-errors
* reversed logic to disable-proxy-intercept-errors
* reversed logic
* default has to be false
* put comment in same line as return
* run gofmt
* fixing wrong Boilerplate header
* updated code to new IngressAnnotation interface
* fixes to satisfy PR comments
* synced with upstream; fixed typo
* gofumpt disableproxyintercepterrors.go
* gofumpt
2023-11-17 05:43:54 +01:00
Filip Havlíček
e0446d7554
annotation validation - extended URLWithNginxVariableRegex from alphaNumericChars to extendedAlphaNumeric ( #10652 )
2023-11-15 17:40:00 +01:00
Ardika Bagus S
da51393cac
fix(cors): ensure trailing comma treated as empty value to be ignored ( #10616 )
...
* fix(cors): ensure trailing comma treated as empty value to be ignored
Signed-off-by: Ardika Bagus <me@ardikabs.com>
* test(cors): add e2e test
Signed-off-by: Ardika Bagus <me@ardikabs.com>
---------
Signed-off-by: Ardika Bagus <me@ardikabs.com>
2023-11-07 19:02:48 +01:00
Ricardo Katz
30820a5acc
Deprecate opentracing ( #10615 )
2023-11-05 01:58:35 +01:00
Simon Wessel
13d95d026a
fix: adjust unfulfillable validation check for session-cookie-samesite annotation ( #10600 )
2023-11-01 23:09:00 +01:00
Matt Dainty
9cdd51d5dc
fix: Validate x-forwarded-prefix annotation with RegexPathWithCapture ( #10598 )
2023-11-01 23:08:51 +01:00
Ricardo Katz
a879829408
Fix fcgi configmap value parsing ( #10528 )
2023-10-17 01:10:16 +02:00
Ricardo Katz
8b53cabe03
Bump curl and Go version ( #10503 )
...
* Bump curl and Go version
* Add NGINX BAse image scanning
* Try again
2023-10-11 16:16:11 +02:00
Ricardo Katz
cf889c6c47
Disable user snippets per default ( #10393 )
...
* Disable user snippets per default
* Enable snippet on tests
2023-09-10 20:02:10 -07:00
Chen Chen
b3060bfbd0
Fix golangci-lint errors ( #10196 )
...
* Fix golangci-lint errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix dupl errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix comments
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix errcheck lint errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix assert in e2e test
Signed-off-by: z1cheng <imchench@gmail.com>
* Not interrupt the waitForPodsReady
Signed-off-by: z1cheng <imchench@gmail.com>
* Replace string with constant
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix comments
Signed-off-by: z1cheng <imchench@gmail.com>
* Revert write file permision
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-08-31 00:36:48 -07:00
Gabor Lekeny
5d8185c9d7
Handle request_id variable correctly in auth requests ( #9219 )
...
* Handle $request_id variable correctly in auth requests
* Make share_all_vars configurable
* Fix test name
2023-08-07 06:16:32 -07:00
Ricardo Katz
c5f348ea2e
Implement annotation validation ( #9673 )
...
* Add validation to all annotations
* Add annotation validation for fcgi
* Fix reviews and fcgi e2e
* Add flag to disable cross namespace validation
* Add risk, flag for validation, tests
* Add missing formating
* Enable validation by default on tests
* Test validation flag
* remove ajp from list
* Finalize validation changes
* Add validations to CI
* Update helm docs
* Fix code review
* Use a better name for annotation risk
2023-07-21 20:32:07 -07:00
Ricardo Katz
ebb6314494
Deprecate and remove AJP support ( #10158 )
2023-07-02 02:26:49 -07:00
Jintao Zhang
cccba35005
Revert "Remove fastcgi feature" ( #10081 )
...
* Revert "Remove fastcgi feature (#9864 )"
This reverts commit 90ed0ccdbe
2023-06-13 12:55:59 -07:00
Ricardo Katz
90ed0ccdbe
Remove fastcgi feature ( #9864 )
2023-06-11 13:33:47 -07:00
Gerald Pape
db49b9da6f
Fix mirror-target values without path separator and port ( #9889 )
...
* Remove variables with $ before feeding into url.Parse
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Do not render invalid request mirroring config
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Remove additional note from docs again
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Include quotes in e2e test for mirror proxy_pass
---------
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
2023-06-11 11:59:47 -07:00
Eng Zer Jun
d02ba28b96
perf: avoid unnecessary byte/string conversion ( #10012 )
...
We can use alternative functions to avoid unnecessary byte/string
conversion calls and reduce allocations.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-06-01 07:29:47 -07:00
Ricardo Katz
11419a6837
Fastcgi configmap should be on the same namespace of ingress ( #9863 )
2023-04-16 17:32:43 -07:00
Ricardo Katz
297036e169
Deprecate and remove influxdb feature ( #9861 )
2023-04-16 17:26:43 -07:00
Ricardo Katz
6778c3ec44
Remove deprecated annotation secure-upstream ( #9862 )
2023-04-16 17:22:43 -07:00
Ehsan Saei
c8cb9167d3
feat: OpenTelemetry module integration ( #9062 )
...
* OpenTelemetry module integration
* e2e test
* e2e test fix
* default OpentelemetryConfig
* e2e values
* mount otel module for otel test only
* propagate IS_CHROOT
* propagate IS_CHROOT e2e test
* code doc
* comments
* golint
* opentelemetry doc
* zipkin
* zipkin
* typo
* update e2e test OpenTelemetry value
* use opentelemetry value
* revert merge conflict
* fix
* format
* review comments
* clean
2023-03-22 11:58:22 -07:00
Phil Nichol
8ed3a27e25
Adding ipdenylist annotation ( #8795 )
...
* feat: Add support for IP Deny List
* fixed gomod
* Update package
* go mod tidy
* Revert "go mod tidy"
This reverts commit e6a837e1e7
2023-01-08 14:43:28 -08:00
Ricardo Katz
3916f7b8b7
move tests to gh actions ( #9461 )
2022-12-29 14:09:29 -08:00
Kir Shatrov
84614b99c3
Implement parseFloat for annotations ( #9195 )
2022-10-20 12:57:25 -07:00
Matthias Neugebauer
26fe69cb47
Add annotation for setting sticky cookie domain ( #9088 )
...
This adds the new annotation `nginx.ingress.kubernetes.io/session-cookie-domain`
for setting the cookie `Domain` attribute of the sticky cookie.
Signed-off-by: Matthias Neugebauer <mtneug@mailbox.org>
Signed-off-by: Matthias Neugebauer <mtneug@mailbox.org>
2022-09-28 07:28:37 -07:00
Ricardo Pchevuzinske Katz
7304086202
Move util to specific package location
2022-07-21 18:06:55 -03:00
Ricardo Katz
4c6a7ee158
Decouple shared functions between controllers ( #8829 )
...
* Decouple shared functions between controllers
* Apply suggestions from code review
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
* Fix package names and fmt
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
2022-07-20 11:53:44 -07:00
