DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6400 commits 4 branches 217 tags 166 MiB
Commit graph

993 commits

Author SHA1 Message Date
Ray
cf9ae96d72
Additional AuthTLS assertions and doc change to demonstrate auth-tls-secret enables the other AuthTLS annotations (#7202) 
* Fix indentation of nested list in AuthTLS annotations

Also, put `<annotation>`: <description text>` on a single line in
Markdown markup, which will match what gets rendered eventually.

On the other hand, for the line on auth-tls-secret (This annotation
expects the Secret name in the form "namespace/secretName"), its
Markdown markup suggests that the author wanted the line to start on its
own line, but currently this gets rendered on the same line. It's nice
for this to be on its own line, since it's kind of a "note" about the
annotation syntax. Format/indent the markup appropriately so that it
shows up on its line.

* Fix indentation of nested list in CORS annotations

Also, put `<annotation>`: <description text>` on a single line in
Markdown markup, which will match what gets rendered eventually.

On the other hand, for lines noting the allowed characters (This is a
multi-valued field...), its Markdown markup suggests that the author
wanted the line to start on its own line, but currently this gets
rendered on the same line. It's nice for this to be on its own line,
since it's kind of a "note" about the annotation syntax. Format/indent
the markup appropriately so that it shows up on its line.

* Replace f.HTTPTestClientWithTLSConfig() in AuthTLS E2E, the odd one out for requests without client certs

* Demonstrate and document that auth-tls-secret enables the other AuthTLS annotations like verify client, depth

* Split E2E for auth-tls-error-page and *-pass-certificate-to-upstream
 2021-09-07 10:35:16 -07:00
Tony Li
f27deed2e8
remove timestamp when requeuing Element (#7440) 
Signed-off-by: xiayu.lyt <xiayu.lyt@alibaba-inc.com>
 2021-09-06 10:12:28 -07:00
KuberDriver
90c065d508
Update to the base nginx image (#7597) 
* Update to the base nginx image

* update template.go

* update template_test.go
 2021-09-05 04:50:28 -07:00
Vincent LE GOFF
f2e743f561
feat: add session-cookie-secure annotation (#7399) 2021-09-01 15:23:40 -07:00
Maksim Nabokikh
4c4013904a
Add a flag to specify address to bind the healthz server (#7541) 
* Add a flag to specify address to bind the healthz server

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Add healthz host to the helm chart

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Apply suggestions from code review

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
 2021-08-26 05:13:23 -07:00
Marcos Nery
638a93835a
Improving e2e tests for non-service backends #7544 (#7545) 
* Adding test cases for backend with nil service

Signed-off-by: Marcos <marcosnery.comp@gmail.com>
Co-authored-by: Renato Araujo <renatobritto@protonmail.com>
Co-authored-by: André Goretti <andremotta96@gmail.com>
Co-authored-by: Kalebe Lopes <calbkalebe@gmail.com>

* Add e2e test for backend nil service and add nil safeguard (#7344)

Co-authored-by: Renato Araujo <renatobritto@protonmail.com>
Co-authored-by: André Goretti <andremotta96@gmail.com>
Co-authored-by: Kalebe Lopes <calbkalebe@gmail.com>

* changing portuguese names to english in order to maintain the pattern

* updating boilerplate header

* adding second test case to also test valid path

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

* Updating boilerplate

* fixing boilerplate

Signed-off-by: MarcosN <marcosnery.comp@gmail.com>
Co-authored-by: André Goretti <andremotta96@gmail.com>
Co-authored-by: Gabriel Albino <enggabrielalbino@gmail.com>

* Improving template test for cases where a nil backend service is included

Signed-off-by: MarcosN <marcosnery.comp@gmail.com>
Co-authored-by: André Goretti <andremotta96@gmail.com>
Co-authored-by: Gabriel Albino <enggabrielalbino@gmail.com>

Co-authored-by: Renato Araujo <renatobritto@protonmail.com>
Co-authored-by: André Goretti <andremotta96@gmail.com>
Co-authored-by: Kalebe Lopes <calbkalebe@gmail.com>
Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
Co-authored-by: Gabriel Albino <enggabrielalbino@gmail.com>
 2021-08-25 17:45:23 -07:00
wenhuwang
6593cb244b
fix ingress-nginx panic when the certificate format is wrong. (#7443) 
* fix ingress-nginx panic when the certificate format is wrong.

Signed-off-by: wang_wenhu <976400757@qq.com>

* Add unit test.

Signed-off-by: wang_wenhu <976400757@qq.com>

* Update controller_test.go
 2021-08-23 18:58:14 -07:00
Swift
c43ea4d6e1
Update ingress to go 1.17 (#7521) 
* bump go.mod to 1.17

* bump github ci workflow to go 1.17

* bump e2e-test-runner version

* fix go mod error

* fix go fmt error

* fix boilerplate verification
 2021-08-23 14:25:25 -07:00
Ricardo Katz
90c79689c4
Release v1 (#7470) 
* Drop v1beta1 from ingress nginx (#7156)

* Drop v1beta1 from ingress nginx

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix intorstr logic in controller

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* fixing admission

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* more intorstr fixing

* correct template rendering

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix e2e tests for v1 api

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix gofmt errors

* This is finally working...almost there...

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Re-add removed validation of AdmissionReview

* Prepare for v1.0.0-alpha.1 release

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Update changelog and matrix table for v1.0.0-alpha.1 (#7274)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* add docs for syslog feature (#7219)

* Fix link to e2e-tests.md in developer-guide (#7201)

* Use ENV expansion for namespace in args (#7146)

Update the DaemonSet namespace references to use the `POD_NAMESPACE` environment variable in the same way that the Deployment does.

* chart: using Helm builtin capabilities check (#7190)

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* Update proper default value for HTTP2MaxConcurrentStreams in Docs (#6944)

It should be 128 as documented in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/config/config.go#L780

* Fix MaxWorkerOpenFiles calculation on high cores nodes (#7107)

* Fix MaxWorkerOpenFiles calculation on high cores nodes

* Add e2e test for rlimit_nofile

* Fix doc for max-worker-open-files

* ingress/tcp: add additional error logging on failed (#7208)

* Add file containing stable release (#7313)

* Handle named (non-numeric) ports correctly (#7311)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Updated v1beta1 to v1 as its deprecated (#7308)

* remove mercurial from build (#7031)

* Retry to download maxmind DB if it fails (#7242)

* Retry to download maxmind DB if it fails.

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Add retries count arg, move retry logic into DownloadGeoLite2DB function

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Reorder parameters in DownloadGeoLite2DB

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Remove hardcoded value

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Release v1.0.0-alpha.1

* Add changelog for v1.0.0-alpha.2

* controller: ignore non-service backends (#7332)

* controller: ignore non-service backends

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* update per feedback

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* fix: allow scope/tcp/udp configmap namespace to altered (#7161)

* Lower webhook timeout for digital ocean (#7319)

* Lower webhook timeout for digital ocean

* Set Digital Ocean value controller.admissionWebhooks.timeoutSeconds to 29

* update OWNERS and aliases files (#7365) (#7366)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Downgrade Lua modules for s390x (#7355)

Downgrade Lua modules to last known working version.

* Fix IngressClass logic for newer releases (#7341)

* Fix IngressClass logic for newer releases

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Change e2e tests for the new IngressClass presence

* Fix chart and admission tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix helm chart test

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix reviews

* Remove ingressclass code from admission

* update tag to v1.0.0-beta.1

* update readme and changelog for v1.0.0-beta.1

* Release v1.0.0-beta.1 - helm and manifests (#7422)

* Change the order of annotation just to trigger a new helm release (#7425)

* [cherry-pick] Add dev-v1 branch into helm releaser (#7428)

* Add dev-v1 branch into helm releaser (#7424)

* chore: add link for artifacthub.io/prerelease annotations

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

* k8s job ci pipeline for dev-v1 br v1.22.0 (#7453)

* k8s job ci pipeline for dev-v1 br v1.22.0

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* k8s job ci pipeline for dev-v1 br v1.21.2

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* remove v1.21.1 version

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* Add controller.watchIngressWithoutClass config option (#7459)

Signed-off-by: Akshit Grover <akshit.grover2016@gmail.com>

* Release new helm chart with certgen fixed (#7478)

* Update go version, modules and remove ioutil

* Release new helm chart with certgen fixed

* changed appversion, chartversion, TAG, image (#7490)

* Fix CI conflict

* Fix CI conflict

* Fix build.sh from rebase process

* Fix controller_test post rebase

Co-authored-by: Tianhao Guo <rggth09@gmail.com>
Co-authored-by: Ray <61553+rctay@users.noreply.github.com>
Co-authored-by: Bill Cassidy <cassid4@gmail.com>
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
Co-authored-by: Sathish Ramani <rsathishx87@gmail.com>
Co-authored-by: Mansur Marvanov <nanorobocop@gmail.com>
Co-authored-by: Matt1360 <568198+Matt1360@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: Kundan Kumar <kundan.kumar@india.nec.com>
Co-authored-by: Tom Hayward <thayward@infoblox.com>
Co-authored-by: Sergey Shakuto <sshakuto@infoblox.com>
Co-authored-by: Tore <tore.lonoy@gmail.com>
Co-authored-by: Bouke Versteegh <info@boukeversteegh.nl>
Co-authored-by: Shahid <shahid@us.ibm.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Long Wu Yuan <longwuyuan@gmail.com>
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
Co-authored-by: Neha Lohia <nehapithadiya444@gmail.com>
Co-authored-by: Akshit Grover <akshit.grover2016@gmail.com>
 2021-08-21 13:42:00 -07:00
Ricardo Katz
e9f0ad3485
Merge pull request #7479 from equinix-ms/main 
Make custom-default-backend upstream name more unique.
 2021-08-12 17:09:55 -03:00
Matthew Silverman
b591adac48
allow kb granularity for lua shared dicts (#6750) 
Update internal/ingress/controller/template/configmap.go

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
 2021-08-12 11:13:50 -07:00
Robin Elfrink
8ee98e9422 Make custom-default-backend upstream name more unique. 
Signed-off-by: Robin Elfrink <robin.elfrink@eu.equinix.com>
 2021-08-11 09:06:16 +02:00
Tom Hayward
9a9ad47857 Fix forwarding of auth-response-headers to gRPC backends (#7331) 
* add e2e test for auth-response-headers annotation

* add e2e test for grpc with auth-response-headers

* fix forwarding of auth header to GRPC backends

* add test case for proxySetHeader(nil)
 2021-08-10 11:24:39 -07:00
Tom Hayward
c9d5b21a65 fix: discover mounted geoip db files (#7228) 
* fix: discover mounted geoip db files

* add test

* fix runtime reload of config.MaxmindEditionFiles

* add e2e test

* log missing geoip2 db
 2021-08-10 11:24:39 -07:00
Sergey Shakuto
45995525e7 Retry to download maxmind DB if it fails (#7242) 
* Retry to download maxmind DB if it fails.

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Add retries count arg, move retry logic into DownloadGeoLite2DB function

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Reorder parameters in DownloadGeoLite2DB

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Remove hardcoded value

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>
 2021-08-10 11:24:39 -07:00
Eugene Apollonsky
af745bd97d
use listen to ensure the port is free (#6990) (#7467) 
Co-authored-by: boxjan <i@boxjan.li>
 2021-08-09 05:31:31 -07:00
Ricardo Katz
d226d831bd Update go version, modules and remove ioutil 2021-08-06 14:15:21 -03:00
wasker
f222c752be
Enable session affinity for canaries (#7371) 2021-07-29 14:23:19 -07:00
Dmitry Kuleshov
a327a809d9
auto backend protocol for HTTP/HTTPS (#6985) 
* add auto backend protocol for HTTP/HTTPS

* e2e test for AUTO_HTTP backend protocol

* unit  test for AUTO_HTTP backend protocol

Co-authored-by: Luca Del Monte <luca.delmonte5@gmail.com>
 2021-07-29 12:49:19 -07:00
Shuhei Kitagawa
a20f27ff7d
Add missing tests for store/endpoint (#7039) 2021-07-16 06:06:09 -07:00
Ricardo Katz
0e606ddcb2
Speed up admission hook by eliminating deep copy of Ingresses in CheckIngress (#7298) (#7333) 
Co-authored-by: Kirill Trofimenkov <cgorbit@joom.com>
 2021-07-09 13:38:54 -07:00
Kirill Trofimenkov
a064337621
Rewrite clean-nginx-conf.sh in Go to speed up admission webhook (#7076) (#7322) 
* Rewrite clean-nginx-conf.sh to speed up admission webhook

* Less diff with original clean-nginx-conf.sh

* Add error handling, add documentation, add unit test

* indent code

* Don't ignore Getwd() error
 2021-07-06 10:50:19 -07:00
Ricardo Katz
f5c80783bf
[Cherry Pick] - Add configuration to disable external name service feature (#7314) (#7321) 
* Add configuration to disable external name service feature (#7314)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix CI files
 2021-07-05 21:50:18 -07:00
Ricardo Katz
39ace3176b
Fix nilpointer in admission and remove failing test (#7255) 
* Fix nilpointer in admission when it was unable to validate default backend ingress

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Remove temporarily the slow shutdown tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
 2021-06-21 12:32:51 -07:00
Aditya Sharma
475bcde64c
Skip validation checks if an ingress is marked as deleted (#7216) 
Signed-off-by: Aditya Sharma <git@adi.run>
 2021-06-08 09:27:34 -07:00
Ricardo Katz
11d4ddca8e
Revert "feat: multiple-cors-allow-origin support (#7134)" (#7168) 
This reverts commit 8a55801cc0.
 2021-05-27 05:38:24 -07:00
Alex Zhang
8a55801cc0
feat: multiple-cors-allow-origin support (#7134) 2021-05-23 09:13:39 -07:00
Matt Miller
b3dfee6ada
Allow preservation of trailing slashes on TLS redirects via annotation. (#7144) 
* allow retaining a trailing slash in a TLS redirect via annotation.

Signed-off-by: mamiller <mamiller@rosettastone.com>

* requested changes

* gofmt
 2021-05-23 08:51:38 -07:00
qianyong
b6dc384afb Bugfix: non-host canary ingress use default server name as host to merge 2021-05-14 10:25:12 +08:00
tokers
a08887040b fix: use exponential backoff mechanism to listen on nginx.StatusPort 2021-05-13 15:02:11 +08:00
cjyyb
49ae85099b Fix log printing error 2021-05-02 11:34:57 +08:00
Ricardo Pchevuzinske Katz
0dceedfad7 Remove localhost calls from external names 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
 2021-04-30 16:49:35 -03:00
Kubernetes Prow Robot
cfbe30c232
Merge pull request #6889 from alanjcastonguay/server-tokens-default-false 
NIT: Correct comment re default of server-tokens=false
 2021-04-29 07:16:51 -07:00
Mahnoor Mehboob
bc8a731e28 reset backend and disableCatchAll to og value 2021-04-26 17:32:50 -04:00
Mahnoor Mehboob
8f7fecab17 Deny catch-all ingress when DisableCatchAll is set 2021-04-24 11:49:45 -04:00
Mahnoor Mehboob
2503b23b09 Alter e2e test for disable_catch_all.go 2021-04-22 12:01:41 -04:00
Mahnoor Mehboob
cc4d5f2283 update catch-all ingress requirement logic 2021-04-21 17:49:58 -04:00
Kubernetes Prow Robot
559690f579
Merge pull request #6971 from anthonyho007/fix-crl-no-reload 
Fix crl not reload when crl got updated in the ca secret
 2021-04-05 07:43:12 -07:00
anthonyho007
4ddb0c724a fix crl not reload when crl got updated in the ca secret 2021-03-31 16:13:07 -04:00
Matthew Silverman
71c8ef119d add support for the jaeger propagation format 
adding default, testing w3c traceparent is propagated
 2021-03-26 12:33:24 -04:00
Kubernetes Prow Robot
c90d33c313
Merge pull request #6884 from timmysilv/tracing-endpoint 
jaeger-endpoint feature for non-agent trace collectors
 2021-03-09 10:59:05 -08:00
AnaClaudia
ef714ae52f Allow multiple publish status addresses 2021-02-26 16:57:54 -05:00
Alan J Castonguay
aecc5bac21 NIT: Correct comment re default of server-tokens=false 
The default value of ShowServerTokens aka server-tokens in the
global configmap was changed in commit
87aa96b468 in 2020-09-17 (release v0.40.0)
but one reference was overlooked in this comment.

Other documentation, implementation and testcases are all in agreement.
Correct the comment to align with others: server-tokens=false.
 2021-02-19 13:38:50 -05:00
Matthew Silverman
28280de175 jaeger-endpoint configmap attribute 2021-02-18 17:29:35 -05:00
Michael Nikitochkin
9a261d6339
Remove extra comma from Jaeger config json 
It is not a valid Json generated for Jaeger.
There is extra comma.
 2021-02-01 16:52:02 +01:00
Björn Carlsson
54b13bd216 Add flag to allow setting a shutdown grace period 2021-01-27 14:09:04 +01:00
Kubernetes Prow Robot
d9f613e52a
Merge pull request #6796 from aledbf/default 
Updates to the custom default SSL certificate must trigger a reload
 2021-01-22 07:41:27 -08:00
Manuel Alejandro de Brito Fontes
04e2603ecc
Update PemSHA field for default SSL certificate 2021-01-21 19:15:03 -03:00
cormick
56b252e9b7 🐛 return error if tempconfig missing 
Fmt: gofmt
 2021-01-21 22:01:45 +08:00
Kubernetes Prow Robot
5bcfc54662
Merge pull request #6669 from EclesioMeloJunior/add-ingress-resolver-tests 
chore: Add test to internal ingress resolver pkg
 2021-01-05 06:56:00 -08:00
Elvin Efendi
e0dece48f7 Add Global Rate Limiting support 2021-01-04 17:47:07 -05:00
Elvin Efendi
2cff9fa41d generalize cidr parsing and improve lua tests 2021-01-04 15:01:55 -05:00
Elvin Efendi
bc6a2718d2 fix generated code for the new year 2021-01-02 11:22:53 -05:00
Manuel Alejandro de Brito Fontes
6f87f3288b Do not assume ingress-nginx is using recommended labels 2020-12-30 09:00:39 -03:00
Kubernetes Prow Robot
06cb6696a5
Merge pull request #6692 from andyxning/add_string_split_function_to_template_funcMap 
add string split function to template funcMap
 2020-12-29 05:32:28 -08:00
Kubernetes Prow Robot
cff52e69c7
Merge pull request #6685 from foxdalas/geoip_local_mirror 
Add GeoIP Local mirror support
 2020-12-29 04:48:30 -08:00
andyxning
bbf831afae add string split function to template funcMap 2020-12-29 13:57:30 +08:00
Maxim Pogozhiy
b55f4371e3 Add GeoIP Local mirror support 2020-12-28 17:37:26 +10:00
Manuel Alejandro de Brito Fontes
d9af197e62
Remove dead code 2020-12-27 22:26:51 -03:00
eclesiomelojunior
7a533f035b chore: Add test to internal ingress resolver pkg 2020-12-23 13:33:12 -03:00
Josh Soref
a8728f3d2c Spelling 2020-12-15 16:10:48 -05:00
Kubernetes Prow Robot
fe65e9d22f
Merge pull request #6620 from nic-6443/sticky-session-fix 
Fix sticky session not set for host in server-alias annotation (#6448)
 2020-12-15 03:47:48 -08:00
qianyong
44aaa2e367 Fix sticky session not set for host in server-alias annotation (#6448) 2020-12-15 11:01:19 +08:00
qianyong
f9ffa93588 Allow FQDN for ExternalName Service 2020-12-14 20:32:08 +08:00
Manuel Alejandro de Brito Fontes
9c0a39636d Refactor ingress nginx variables 2020-12-12 08:52:47 -03:00
Manuel Alejandro de Brito Fontes
77234fcde0 Fix nginx ingress variables for definitions with Backend 2020-12-05 14:40:22 -03:00
Manuel Alejandro de Brito Fontes
5df2951948 Fix nginx ingress variables for definitions without hosts 2020-12-04 20:30:55 -03:00
Manuel Alejandro de Brito Fontes
81bf8056da Disable HTTP/2 in the webhook server 2020-12-04 20:29:36 -03:00
Manuel Alejandro de Brito Fontes
d781d99797 Fixes for gosec 2020-12-04 20:29:07 -03:00
agile6v
06f53bcf05 feat: allow user to specify the maxmium number of retries in stream block. 2020-12-02 14:54:14 +08:00
Kubernetes Prow Robot
e3a3ea8826
Merge pull request #6294 from ianbuss/auth-error-redirect-param 
Allow customisation of redirect URL parameter in external auth redirects
 2020-11-23 01:27:37 -08:00
Manuel Alejandro de Brito Fontes
1389cc0e80 Refactor extraction of ingress pod details 2020-11-19 17:31:28 -03:00
Manuel Alejandro de Brito Fontes
e7d6c3fedc Update tests 2020-11-12 16:07:21 -03:00
Manuel Alejandro de Brito Fontes
2ca1f92697 Add PathType details in external auth location 2020-11-12 16:07:21 -03:00
Manuel Alejandro de Brito Fontes
3f153add00 Refactor handling of path Prefix and Exact 2020-11-10 07:21:34 -03:00
Manuel Alejandro de Brito Fontes
f49d2fdb3b Improve class.IsValid logs 2020-11-09 11:01:03 -03:00
aimuz
e5fa90db9b fix: empty IngressClassName, Error handling 2020-11-09 11:36:00 +08:00
JacieChao
615485affb Reload nginx when L4 proxy protocol change 
Signed-off-by: JacieChao <kathyyy@163.com>
 2020-11-03 19:33:32 +08:00
Manuel Alejandro de Brito Fontes
a6b6f03b53 Add support for k8s ingress pathtype Prefix 2020-11-02 09:56:49 -05:00
Manuel Alejandro de Brito Fontes
4d65097afa Improve log messages 2020-10-26 17:14:36 -03:00
Manuel Alejandro de Brito Fontes
a85e53f4cb Remove k8s.io/kubernetes dependency 2020-10-26 13:04:00 -03:00
Manuel Alejandro de Brito Fontes
a762d8a4e3 Check pod is ready 2020-10-26 11:59:14 -03:00
Manuel Alejandro de Brito Fontes
d74ea25df8 Add validation for wildcard server names 2020-10-26 10:51:14 -03:00
Manuel Alejandro de Brito Fontes
cdd6437380 Refactor Exact path matthing 2020-10-26 10:51:03 -03:00
Manuel Alejandro de Brito Fontes
703c2d6f8e Enable validation of ingress definitions from extensions package 2020-10-26 10:50:44 -03:00
Kubernetes Prow Robot
a6d603566b
Merge pull request #6325 from sylr/filter-helm-secrets 
Filter out secrets that belong to Helm v3
 2020-10-13 11:46:27 -07:00
Sylvain Rabot
ca7db0e330
Filter out secrets that belong to Helm 
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
 2020-10-13 17:45:26 +02:00
Aditya Purandare
57b10f5693
Add datadog environment as a configuration option 
(cherry picked from commit 4306558baa595606cd6befff08c8c815d6fe2bd4)
 2020-10-12 13:52:15 -07:00
Ian Buss
41cf628bdf Add a configurable URL redirect parameter for error URLs 2020-10-08 12:53:46 +01:00
Stevo Slavić
96f8094fdc Improve HandleAdmission resiliency 
Signed-off-by: Stevo Slavić <sslavic@gmail.com>
 2020-10-06 07:48:23 +02:00
Manuel Alejandro de Brito Fontes
9c94d772fb Add support for admission review v1beta1 2020-10-02 14:03:55 -03:00
Kubernetes Prow Robot
8d45bb39a4
Merge pull request #5348 from Antiarchitect/stream-log-annotations 
Ability to separately disable access log in http and stream contexts
 2020-09-28 11:02:53 -07:00
Manuel Alejandro de Brito Fontes
108637bb1c Migrate to structured logging (klog) 2020-09-27 18:59:57 -03:00
Manuel Alejandro de Brito Fontes
a767b1d906 Cleanup 2020-09-27 17:16:09 -03:00
Manuel Alejandro de Brito Fontes
29ea30a4e8 Add events for NGINX reloads 2020-09-27 17:16:09 -03:00
Kubernetes Prow Robot
6fd891f3df
Merge pull request #6217 from touchifyapp/@feature/cors-expose-headers 
Add annotation to configure CORS Access-Control-Expose-Headers
 2020-09-26 16:52:48 -07:00
Manuel Alejandro de Brito Fontes
7722fa38aa Add admission controller e2e test 2020-09-26 16:06:58 -03:00
Manuel Alejandro de Brito Fontes
a990ac3910
Change defaults 2020-09-24 21:33:56 -03:00
Maxime LUCE
b7b85175f6 Add annotation to configure CORS Access-Control-Expose-Headers 2020-09-23 17:41:52 +02:00
Elvin Efendi
e050ff1b9f disable session tickets by default 2020-09-18 00:08:00 -04:00