k8s-infra-cherrypick-robot
0f9df16424
Fix admission controller logging of admissionTime and testedConfigurationSize ( #11114 )
...
Co-authored-by: Luca Berneking <luca@berneking.net>
2024-03-12 11:08:59 -07:00
Marco Ebert
8d3d4a33bf
Chores: Pick patches from main. ( #11103 )
...
* Release version v1.10.0
* set deploy url to v1-10-0 in docs
* quotes around numbers fort ports definitions
* Bump dorny/paths-filter from 3.0.1 to 3.0.2
Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/dorny/paths-filter/releases )
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md )
- [Commits](ebc4d7e9eb...de90cc6fb3https://github.com/aquasecurity/trivy-action ) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](84384bd6e7...062f259268https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](47b3d888fe...8a470fddafhttps://github.com/prometheus/common ) from 0.48.0 to 0.49.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.48.0...v0.49.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Bump docker/setup-buildx-action from 3.0.0 to 3.1.0
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f95db51fdd...0d103c3126https://github.com/stretchr/testify ) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Bump actions/download-artifact from 4.1.2 to 4.1.4
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](eaceaf801f...c850b930e6https://github.com/prometheus/common ) from 0.49.0 to 0.50.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.49.0...v0.50.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Bump the all group with 1 update
Bumps the all group with 1 update: [google.golang.org/grpc](https://github.com/grpc/grpc-go ).
Updates `google.golang.org/grpc` from 1.62.0 to 1.62.1
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.62.0...v1.62.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all
...
* Bump the all group with 1 update
Bumps the all group with 1 update: [actions/add-to-project](https://github.com/actions/add-to-project ).
Updates `actions/add-to-project` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/actions/add-to-project/releases )
- [Commits](31b3f3ccdc...0609a2702ehttps://github.com/onsi/ginkgo ) from 2.15.0 to 2.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.15.0...v2.16.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
---------
Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
Co-authored-by: longwuyuan <longwuyuan@gmail.com>
Co-authored-by: Bartosz Fenski <fenio@debian.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Grinish <grinish@gmail.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
2024-03-11 14:30:46 -07:00
Ricardo Katz
fa0bf81984
Bump go libraries ( #11023 )
...
* Bump go libraries
* Fix update codegen execution
* Fix errors on klog
* Fix gzip test
* Bump libraries on webhook certgen
* Fix webhook-certgen compilation
2024-02-27 09:52:42 -08:00
Ricardo Katz
02e6ebc95a
Add OTEL build test and for NGINX v1.25 ( #10889 )
...
* Add OTEL build test
* Simplify otel compilation
* Remove http2 deprecated arg
* Move image build to CI
* Turn image from scratch to optimize usage
* rollback image from scratch
* Final reviews on nginx v1.25 image
* Remove s390x from final image
2024-01-27 07:33:50 -08:00
kbweave
1bc745619d
Include SECLEVEL and STRENGTH as part of ssl-cipher list validation ( #10754 )
2024-01-05 15:50:34 +01:00
Philipp Sauter
05d68a1512
annotation validation: validate regex in common name annotation ( #10657 )
...
* fix common name validation
* add tests
2024-01-04 15:56:57 +01:00
James Strong
6807537a70
upgrade go 1.21.5 ( #10732 )
...
* upgrade go 1.21.5
Signed-off-by: James Strong <strong.james.e@gmail.com>
* update golang gha
Signed-off-by: James Strong <strong.james.e@gmail.com>
* supgrade golang lint ci to v1.55.2
* sfix all golang lint ci errors
* sget a nginx build as well
* srevert some e2e changes
* srevert some e2e changes
---------
Signed-off-by: James Strong <strong.james.e@gmail.com>
2023-12-08 01:52:14 +01:00
chriss-de
ad406b64d8
Add override for proxy_intercept_errors when using Custom HTTP Errors ( #9497 )
...
* added proxy-intercept-errors config option
* fixed error when comparing locations
* fixed missing location config from annotation
added e2e test
* reversed logic for proxy-intercept-errors to disable-proxy-intercept-errors
* reversed logic to disable-proxy-intercept-errors
* reversed logic
* default has to be false
* put comment in same line as return
* run gofmt
* fixing wrong Boilerplate header
* updated code to new IngressAnnotation interface
* fixes to satisfy PR comments
* synced with upstream; fixed typo
* gofumpt disableproxyintercepterrors.go
* gofumpt
2023-11-17 05:43:54 +01:00
Filip Havlíček
e0446d7554
annotation validation - extended URLWithNginxVariableRegex from alphaNumericChars to extendedAlphaNumeric ( #10652 )
2023-11-15 17:40:00 +01:00
Ardika Bagus S
da51393cac
fix(cors): ensure trailing comma treated as empty value to be ignored ( #10616 )
...
* fix(cors): ensure trailing comma treated as empty value to be ignored
Signed-off-by: Ardika Bagus <me@ardikabs.com>
* test(cors): add e2e test
Signed-off-by: Ardika Bagus <me@ardikabs.com>
---------
Signed-off-by: Ardika Bagus <me@ardikabs.com>
2023-11-07 19:02:48 +01:00
Ricardo Katz
30820a5acc
Deprecate opentracing ( #10615 )
2023-11-05 01:58:35 +01:00
Ricardo Katz
9ed0d7f7af
Separate third party NGINX configuration ( #10470 )
...
* Document container separation
* Separate configurations
2023-11-03 14:46:32 +01:00
Simon Wessel
13d95d026a
fix: adjust unfulfillable validation check for session-cookie-samesite annotation ( #10600 )
2023-11-01 23:09:00 +01:00
Matt Dainty
9cdd51d5dc
fix: Validate x-forwarded-prefix annotation with RegexPathWithCapture ( #10598 )
2023-11-01 23:08:51 +01:00
Michael Dreher
8c3aeaae4a
Increase HSTS max-age to default to one year ( #10564 )
2023-10-27 12:50:37 +02:00
Ricardo Katz
a879829408
Fix fcgi configmap value parsing ( #10528 )
2023-10-17 01:10:16 +02:00
Ricardo Katz
8b53cabe03
Bump curl and Go version ( #10503 )
...
* Bump curl and Go version
* Add NGINX BAse image scanning
* Try again
2023-10-11 16:16:11 +02:00
Ricardo Katz
cbed4c6831
Remove legacy GeoIP from controller ( #10495 )
2023-10-11 08:53:55 +02:00
Ricardo Katz
1fbfcbd907
Accept backend protocol on any case ( #10460 )
2023-09-28 18:20:42 -07:00
Chen Chen
d96b3f0082
Add a flag to enable or disable aio_write ( #10394 )
...
* Add a flag to enable or disable aio_write
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix e2e test for aio_write
Signed-off-by: z1cheng <imchench@gmail.com>
* Remove redundant spaces to fix the 2e test
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-09-11 05:56:12 -07:00
Ricardo Katz
cf889c6c47
Disable user snippets per default ( #10393 )
...
* Disable user snippets per default
* Enable snippet on tests
2023-09-10 20:02:10 -07:00
Chen Chen
b3060bfbd0
Fix golangci-lint errors ( #10196 )
...
* Fix golangci-lint errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix dupl errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix comments
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix errcheck lint errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix assert in e2e test
Signed-off-by: z1cheng <imchench@gmail.com>
* Not interrupt the waitForPodsReady
Signed-off-by: z1cheng <imchench@gmail.com>
* Replace string with constant
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix comments
Signed-off-by: z1cheng <imchench@gmail.com>
* Revert write file permision
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-08-31 00:36:48 -07:00
Marcelo Cyreno
93f9ac2521
Making auth access logs optional ( #10335 )
2023-08-28 07:37:44 -07:00
logica
dd6145b2d3
Bump k8s.io/component-base from 0.26.4 to 0.27.4 (Replace Topology Aware Hints with Topology Aware Routing) ( #10282 )
...
* Bump k8s.io/component-base from 0.26.4 to 0.27.4
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base ) from 0.26.4 to 0.27.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.26.4...v0.27.4 )
---
updated-dependencies:
- dependency-name: k8s.io/component-base
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* changed annotation to TopologyMode
* fixed documents
* fixed test
* using api constraint for test deployment options
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-11 07:17:27 -07:00
Gabor Lekeny
5d8185c9d7
Handle request_id variable correctly in auth requests ( #9219 )
...
* Handle $request_id variable correctly in auth requests
* Make share_all_vars configurable
* Fix test name
2023-08-07 06:16:32 -07:00
Ricardo Katz
c5f348ea2e
Implement annotation validation ( #9673 )
...
* Add validation to all annotations
* Add annotation validation for fcgi
* Fix reviews and fcgi e2e
* Add flag to disable cross namespace validation
* Add risk, flag for validation, tests
* Add missing formating
* Enable validation by default on tests
* Test validation flag
* remove ajp from list
* Finalize validation changes
* Add validations to CI
* Update helm docs
* Fix code review
* Use a better name for annotation risk
2023-07-21 20:32:07 -07:00
David Goffredo
6d55e1f3c4
revise Datadog trace sampling configuration ( #10151 )
...
* datadog: sample_rate omitted by default
* config: use *float32 with nil instead of float32 with sentinel value
* change some names
* gofmt -s -w internal/ingress/controller/nginx.go
2023-07-06 16:51:04 -07:00
Chen Chen
d44a8e0045
Fix golang-ci linter errors ( #10128 )
...
* Fix golang-ci linter errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix gofmt errors
Signed-off-by: z1cheng <imchench@gmail.com>
* Add nolint comment to defaults.Backend in Configuration
Signed-off-by: z1cheng <imchench@gmail.com>
* Add #nosec comment to rand.New func
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix errcheck warnings
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix gofmt check
Signed-off-by: z1cheng <imchench@gmail.com>
* Fix unit tests and comments
Signed-off-by: z1cheng <imchench@gmail.com>
---------
Signed-off-by: z1cheng <imchench@gmail.com>
2023-07-03 05:50:52 -07:00
Ricardo Katz
ebb6314494
Deprecate and remove AJP support ( #10158 )
2023-07-02 02:26:49 -07:00
Brendan Kamp
30de5999c1
fix: obsolete warnings ( #10029 )
...
Signed-off-by: Spazzy <brendankamp757@gmail.com>
2023-06-18 12:16:21 -07:00
Jintao Zhang
cccba35005
Revert "Remove fastcgi feature" ( #10081 )
...
* Revert "Remove fastcgi feature (#9864 )"
This reverts commit 90ed0ccdbe
2023-06-13 12:55:59 -07:00
Ricardo Katz
90ed0ccdbe
Remove fastcgi feature ( #9864 )
2023-06-11 13:33:47 -07:00
Gerald Pape
db49b9da6f
Fix mirror-target values without path separator and port ( #9889 )
...
* Remove variables with $ before feeding into url.Parse
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Do not render invalid request mirroring config
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Remove additional note from docs again
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
* Include quotes in e2e test for mirror proxy_pass
---------
Signed-off-by: Gerald Pape <gerald@giantswarm.io>
2023-06-11 11:59:47 -07:00
guangwu
7043f6ae29
unnecessary use of fmt.Sprint (S1039) ( #10049 )
2023-06-11 11:49:54 -07:00
guangwu
114ae77fb7
chore: pkg imported more than once ( #10048 )
2023-06-11 11:49:47 -07:00
Chen Chen
1503695b30
Fix typo in controller_test ( #10034 )
...
Signed-off-by: z1cheng <imchench@gmail.com>
2023-06-03 10:50:41 -07:00
Eng Zer Jun
d02ba28b96
perf: avoid unnecessary byte/string conversion ( #10012 )
...
We can use alternative functions to avoid unnecessary byte/string
conversion calls and reduce allocations.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-06-01 07:29:47 -07:00
Ricardo Katz
1282345be2
Admission warning ( #9975 )
...
* Add warning feature in admission code
* Apply suggestions from code review
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* Add deprecation and validation path notice
---------
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2023-05-25 07:56:52 -07:00
Ehsan Saei
ac9a50751e
OpenTelemetry default config ( #9978 )
2023-05-21 10:04:19 -07:00
Ricardo Katz
c540b58474
Validate path types ( #9967 )
...
* Validate path types
* Fix the year of header
* Update internal/ingress/controller/config/config.go
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
---------
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
2023-05-20 04:58:18 -07:00
Ricardo Katz
11419a6837
Fastcgi configmap should be on the same namespace of ingress ( #9863 )
2023-04-16 17:32:43 -07:00
Ricardo Katz
297036e169
Deprecate and remove influxdb feature ( #9861 )
2023-04-16 17:26:43 -07:00
Ricardo Katz
6778c3ec44
Remove deprecated annotation secure-upstream ( #9862 )
2023-04-16 17:22:43 -07:00
Marco Cadetg
4e8d0b5836
Exclude socket metrics ( #9770 )
...
* exclude creation and exporting of socket metrics via flag
* make exclude metric naming more consistent
* fix connect time metric update
* add documentation
* e2e test
* improve creation of metric mapping
2023-04-11 01:01:18 -07:00
Ehsan Saei
c8cb9167d3
feat: OpenTelemetry module integration ( #9062 )
...
* OpenTelemetry module integration
* e2e test
* e2e test fix
* default OpentelemetryConfig
* e2e values
* mount otel module for otel test only
* propagate IS_CHROOT
* propagate IS_CHROOT e2e test
* code doc
* comments
* golint
* opentelemetry doc
* zipkin
* zipkin
* typo
* update e2e test OpenTelemetry value
* use opentelemetry value
* revert merge conflict
* fix
* format
* review comments
* clean
2023-03-22 11:58:22 -07:00
Sergei Kaznakhovskii
e4a66fd2f6
Fix canary-weight-total annotation ignored in rule backends ( #9729 )
...
* Missed canary weight total
- added canary weight total for spec rules
* - added e2e test
2023-03-21 06:47:09 -07:00
cui fliter
82e836fbe8
fix some comments ( #9688 )
...
Signed-off-by: cui fliter <imcusg@gmail.com>
2023-03-05 11:00:57 -08:00
Mitsuo Heijo
c5d73d58c6
migrate mitchellh/hashstructure to v2 ( #9651 )
2023-02-22 07:27:57 -08:00
Toon Schoenmakers
4aef45c177
controller: Don't panic when ready condition in a endpointslice is missing ( #9550 )
2023-02-17 13:48:10 -08:00
Hervé
d6bba85351
Rework Ginkgo usage ( #9522 )
...
* Rework Ginkgo usage
Currently Ginkgo is launched multiple times with different options to
accomodate various use-cases. In particular, some specs needs to be run
sequentially because non-namespaced objects are created that conflicts
with concurent Helm deployments.
However Ginkgo is able to handle such cases natively, in particular
specs that needs to be run sequentially are supported (Serial spec).
This commit marks the specs that needs to be run sequentially as Serial
specs and runs the whole test suite from a single Ginkgo invocation. As
a result, a single JUnit report is now generated.
Signed-off-by: Hervé Werner <dud225@hotmail.com>
* Fix controller error in test
Error getting ConfigMap "$NAMESPACE/tcp-services": no object matching key "$NAMESPACE/tcp-services" in local store
Signed-off-by: Hervé Werner <dud225@hotmail.com>
* Replace "go get" invocations by "go install"
Executing "go get" changes the go.mod & go.sum files which is not the
case of "go install".
Signed-off-by: Hervé Werner <dud225@hotmail.com>
* Always clean out the Helm deployment
Signed-off-by: Hervé Werner <dud225@hotmail.com>
* Add E2E test to verify that changes to one or more configmap trigger an update
Signed-off-by: Hervé Werner <dud225@hotmail.com>
---------
Signed-off-by: Hervé Werner <dud225@hotmail.com>
2023-02-16 06:15:39 -08:00
