k8s-infra-cherrypick-robot
88494aa11d
fix: Ensure changes in MatchCN annotation are detected ( #11528 )
...
Co-authored-by: Wouter Dullaert <wouter.dullaert@exoscale.ch>
2024-07-02 01:03:58 -07:00
k8s-infra-cherrypick-robot
9409bb15da
Rename variable to fix typo ( #11413 )
...
Co-authored-by: Andrea Scarpino <andrea@scarpino.dev>
2024-06-02 13:27:35 -07:00
k8s-infra-cherrypick-robot
b7f6f93334
removed tlsv1 & tlsv1.1 ( #11408 )
...
Co-authored-by: longwuyuan <longwuyuan@gmail.com>
2024-06-02 11:52:07 -07:00
cuiyourong
a4e5daebec
Fix function name in comment
...
Signed-off-by: cuiyourong <cuiyourong@gmail.com>
2024-04-23 11:28:01 +00:00
k8s-infra-cherrypick-robot
1a7f674422
fix path in file changed detected message ( #11286 )
...
* fix path in file changed detected message
Signed-off-by: Tom Hayward <thayward@infoblox.com>
* fix typo in log message
* explain code per review comments
---------
Signed-off-by: Tom Hayward <thayward@infoblox.com>
Co-authored-by: Tom Hayward <thayward@infoblox.com>
2024-04-19 09:56:22 -07:00
k8s-infra-cherrypick-robot
c5ffbd3cf5
chore: fix function names in comment ( #11281 )
...
Signed-off-by: racequite <quiterace@gmail.com>
Co-authored-by: racequite <quiterace@gmail.com>
2024-04-19 03:23:40 -07:00
k8s-infra-cherrypick-robot
a5fe09e80e
remove _ssl_expire_time_seconds metric by identifier ( #11239 )
...
Signed-off-by: xiayu.lyt <xiayu.lyt@alibaba-inc.com>
Co-authored-by: xiayu.lyt <xiayu.lyt@alibaba-inc.com>
2024-04-09 04:20:34 -07:00
k8s-infra-cherrypick-robot
0f9df16424
Fix admission controller logging of admissionTime and testedConfigurationSize ( #11114 )
...
Co-authored-by: Luca Berneking <luca@berneking.net>
2024-03-12 11:08:59 -07:00
Marco Ebert
8d3d4a33bf
Chores: Pick patches from main. ( #11103 )
...
* Release version v1.10.0
* set deploy url to v1-10-0 in docs
* quotes around numbers fort ports definitions
* Bump dorny/paths-filter from 3.0.1 to 3.0.2
Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/dorny/paths-filter/releases )
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md )
- [Commits](ebc4d7e9eb...de90cc6fb3https://github.com/aquasecurity/trivy-action ) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](84384bd6e7...062f259268https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](47b3d888fe...8a470fddafhttps://github.com/prometheus/common ) from 0.48.0 to 0.49.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.48.0...v0.49.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Bump docker/setup-buildx-action from 3.0.0 to 3.1.0
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f95db51fdd...0d103c3126https://github.com/stretchr/testify ) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Bump actions/download-artifact from 4.1.2 to 4.1.4
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](eaceaf801f...c850b930e6https://github.com/prometheus/common ) from 0.49.0 to 0.50.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.49.0...v0.50.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Bump the all group with 1 update
Bumps the all group with 1 update: [google.golang.org/grpc](https://github.com/grpc/grpc-go ).
Updates `google.golang.org/grpc` from 1.62.0 to 1.62.1
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.62.0...v1.62.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all
...
* Bump the all group with 1 update
Bumps the all group with 1 update: [actions/add-to-project](https://github.com/actions/add-to-project ).
Updates `actions/add-to-project` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/actions/add-to-project/releases )
- [Commits](31b3f3ccdc...0609a2702ehttps://github.com/onsi/ginkgo ) from 2.15.0 to 2.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.15.0...v2.16.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
---------
Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
Co-authored-by: longwuyuan <longwuyuan@gmail.com>
Co-authored-by: Bartosz Fenski <fenio@debian.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Grinish <grinish@gmail.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
2024-03-11 14:30:46 -07:00
Ricardo Katz
fa0bf81984
Bump go libraries ( #11023 )
...
* Bump go libraries
* Fix update codegen execution
* Fix errors on klog
* Fix gzip test
* Bump libraries on webhook certgen
* Fix webhook-certgen compilation
2024-02-27 09:52:42 -08:00
Ricardo Katz
02e6ebc95a
Add OTEL build test and for NGINX v1.25 ( #10889 )
...
* Add OTEL build test
* Simplify otel compilation
* Remove http2 deprecated arg
* Move image build to CI
* Turn image from scratch to optimize usage
* rollback image from scratch
* Final reviews on nginx v1.25 image
* Remove s390x from final image
2024-01-27 07:33:50 -08:00
kbweave
1bc745619d
Include SECLEVEL and STRENGTH as part of ssl-cipher list validation ( #10754 )
2024-01-05 15:50:34 +01:00
Philipp Sauter
05d68a1512
annotation validation: validate regex in common name annotation ( #10657 )
...
* fix common name validation
* add tests
2024-01-04 15:56:57 +01:00
James Strong
6807537a70
upgrade go 1.21.5 ( #10732 )
...
* upgrade go 1.21.5
Signed-off-by: James Strong <strong.james.e@gmail.com>
* update golang gha
Signed-off-by: James Strong <strong.james.e@gmail.com>
* supgrade golang lint ci to v1.55.2
* sfix all golang lint ci errors
* sget a nginx build as well
* srevert some e2e changes
* srevert some e2e changes
---------
Signed-off-by: James Strong <strong.james.e@gmail.com>
2023-12-08 01:52:14 +01:00
chriss-de
ad406b64d8
Add override for proxy_intercept_errors when using Custom HTTP Errors ( #9497 )
...
* added proxy-intercept-errors config option
* fixed error when comparing locations
* fixed missing location config from annotation
added e2e test
* reversed logic for proxy-intercept-errors to disable-proxy-intercept-errors
* reversed logic to disable-proxy-intercept-errors
* reversed logic
* default has to be false
* put comment in same line as return
* run gofmt
* fixing wrong Boilerplate header
* updated code to new IngressAnnotation interface
* fixes to satisfy PR comments
* synced with upstream; fixed typo
* gofumpt disableproxyintercepterrors.go
* gofumpt
2023-11-17 05:43:54 +01:00
Filip Havlíček
e0446d7554
annotation validation - extended URLWithNginxVariableRegex from alphaNumericChars to extendedAlphaNumeric ( #10652 )
2023-11-15 17:40:00 +01:00
Ardika Bagus S
da51393cac
fix(cors): ensure trailing comma treated as empty value to be ignored ( #10616 )
...
* fix(cors): ensure trailing comma treated as empty value to be ignored
Signed-off-by: Ardika Bagus <me@ardikabs.com>
* test(cors): add e2e test
Signed-off-by: Ardika Bagus <me@ardikabs.com>
---------
Signed-off-by: Ardika Bagus <me@ardikabs.com>
2023-11-07 19:02:48 +01:00
Ricardo Katz
30820a5acc
Deprecate opentracing ( #10615 )
2023-11-05 01:58:35 +01:00
Ricardo Katz
9ed0d7f7af
Separate third party NGINX configuration ( #10470 )
...
* Document container separation
* Separate configurations
2023-11-03 14:46:32 +01:00
Simon Wessel
13d95d026a
fix: adjust unfulfillable validation check for session-cookie-samesite annotation ( #10600 )
2023-11-01 23:09:00 +01:00
Matt Dainty
9cdd51d5dc
fix: Validate x-forwarded-prefix annotation with RegexPathWithCapture ( #10598 )
2023-11-01 23:08:51 +01:00
Michael Dreher
8c3aeaae4a
Increase HSTS max-age to default to one year ( #10564 )
2023-10-27 12:50:37 +02:00
Ricardo Katz
a879829408
Fix fcgi configmap value parsing ( #10528 )
2023-10-17 01:10:16 +02:00
Ricardo Katz
8b53cabe03
Bump curl and Go version ( #10503 )
...
* Bump curl and Go version
* Add NGINX BAse image scanning
* Try again
2023-10-11 16:16:11 +02:00
Ricardo Katz
cbed4c6831
Remove legacy GeoIP from controller ( #10495 )
2023-10-11 08:53:55 +02:00
Ricardo Katz
1fbfcbd907
Accept backend protocol on any case ( #10460 )
2023-09-28 18:20:42 -07:00
Chen Chen
d96b3f0082
Add a flag to enable or disable aio_write ( #10394 )
...
* Add a flag to enable or disable aio_write
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix e2e test for aio_write
Signed-off-by: z1cheng <imchench@gmail.com>
* Remove redundant spaces to fix the 2e test
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-09-11 05:56:12 -07:00
Ricardo Katz
cf889c6c47
Disable user snippets per default ( #10393 )
...
* Disable user snippets per default
* Enable snippet on tests
2023-09-10 20:02:10 -07:00
Chen Chen
93e006c2ce
Fix deferInLoop error ( #10387 )
...
Signed-off-by: z1cheng <imchench@gmail.com>
2023-09-10 06:48:10 -07:00
Chen Chen
b3060bfbd0
Fix golangci-lint errors ( #10196 )
...
* Fix golangci-lint errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix dupl errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix comments
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix errcheck lint errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix assert in e2e test
Signed-off-by: z1cheng <imchench@gmail.com>
* Not interrupt the waitForPodsReady
Signed-off-by: z1cheng <imchench@gmail.com>
* Replace string with constant
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix comments
Signed-off-by: z1cheng <imchench@gmail.com>
* Revert write file permision
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-08-31 00:36:48 -07:00
Marcelo Cyreno
93f9ac2521
Making auth access logs optional ( #10335 )
2023-08-28 07:37:44 -07:00
logica
dd6145b2d3
Bump k8s.io/component-base from 0.26.4 to 0.27.4 (Replace Topology Aware Hints with Topology Aware Routing) ( #10282 )
...
* Bump k8s.io/component-base from 0.26.4 to 0.27.4
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base ) from 0.26.4 to 0.27.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.26.4...v0.27.4 )
---
updated-dependencies:
- dependency-name: k8s.io/component-base
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* changed annotation to TopologyMode
* fixed documents
* fixed test
* using api constraint for test deployment options
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-11 07:17:27 -07:00
Gabor Lekeny
5d8185c9d7
Handle request_id variable correctly in auth requests ( #9219 )
...
* Handle $request_id variable correctly in auth requests
* Make share_all_vars configurable
* Fix test name
2023-08-07 06:16:32 -07:00
Ricardo Katz
c5f348ea2e
Implement annotation validation ( #9673 )
...
* Add validation to all annotations
* Add annotation validation for fcgi
* Fix reviews and fcgi e2e
* Add flag to disable cross namespace validation
* Add risk, flag for validation, tests
* Add missing formating
* Enable validation by default on tests
* Test validation flag
* remove ajp from list
* Finalize validation changes
* Add validations to CI
* Update helm docs
* Fix code review
* Use a better name for annotation risk
2023-07-21 20:32:07 -07:00
David Goffredo
6d55e1f3c4
revise Datadog trace sampling configuration ( #10151 )
...
* datadog: sample_rate omitted by default
* config: use *float32 with nil instead of float32 with sentinel value
* change some names
* gofmt -s -w internal/ingress/controller/nginx.go
2023-07-06 16:51:04 -07:00
Chen Chen
d44a8e0045
Fix golang-ci linter errors ( #10128 )
...
* Fix golang-ci linter errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix gofmt errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Add nolint comment to defaults.Backend in Configuration
Signed-off-by: z1cheng <imchench@gmail.com>
* Add #nosec comment to rand.New func
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix errcheck warnings
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix gofmt check
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix unit tests and comments
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-07-03 05:50:52 -07:00
Ricardo Katz
ebb6314494
Deprecate and remove AJP support ( #10158 )
2023-07-02 02:26:49 -07:00
Brendan Kamp
30de5999c1
fix: obsolete warnings ( #10029 )
...
Signed-off-by: Spazzy <brendankamp757@gmail.com>
2023-06-18 12:16:21 -07:00
Jintao Zhang
cccba35005
Revert "Remove fastcgi feature" ( #10081 )
...
* Revert "Remove fastcgi feature (#9864 )"
This reverts commit 90ed0ccdbe
2023-06-13 12:55:59 -07:00
Ricardo Katz
90ed0ccdbe
Remove fastcgi feature ( #9864 )
2023-06-11 13:33:47 -07:00
Gerald Pape
db49b9da6f
Fix mirror-target values without path separator and port ( #9889 )
...
* Remove variables with $ before feeding into url.Parse
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Do not render invalid request mirroring config
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Remove additional note from docs again
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Include quotes in e2e test for mirror proxy_pass
---------
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
2023-06-11 11:59:47 -07:00
guangwu
7043f6ae29
unnecessary use of fmt.Sprint (S1039) ( #10049 )
2023-06-11 11:49:54 -07:00
guangwu
114ae77fb7
chore: pkg imported more than once ( #10048 )
2023-06-11 11:49:47 -07:00
Chen Chen
1503695b30
Fix typo in controller_test ( #10034 )
...
Signed-off-by: z1cheng <imchench@gmail.com>
2023-06-03 10:50:41 -07:00
Eng Zer Jun
d02ba28b96
perf: avoid unnecessary byte/string conversion ( #10012 )
...
We can use alternative functions to avoid unnecessary byte/string
conversion calls and reduce allocations.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-06-01 07:29:47 -07:00
Ricardo Katz
1282345be2
Admission warning ( #9975 )
...
* Add warning feature in admission code
* Apply suggestions from code review
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* Add deprecation and validation path notice
---------
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2023-05-25 07:56:52 -07:00
Ehsan Saei
ac9a50751e
OpenTelemetry default config ( #9978 )
2023-05-21 10:04:19 -07:00
Ricardo Katz
c540b58474
Validate path types ( #9967 )
...
* Validate path types
* Fix the year of header
* Update internal/ingress/controller/config/config.go
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
---------
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
2023-05-20 04:58:18 -07:00
Ricardo Katz
11419a6837
Fastcgi configmap should be on the same namespace of ingress ( #9863 )
2023-04-16 17:32:43 -07:00
Ricardo Katz
297036e169
Deprecate and remove influxdb feature ( #9861 )
2023-04-16 17:26:43 -07:00
