DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7211 commits 4 branches 217 tags 166 MiB
Commit graph

160 commits

Author SHA1 Message Date
Ricardo Katz
8bd33d29e7
Remove curl from nginx base image (#10477) 2023-10-04 21:48:34 +02:00
James Strong
3a28016a64
fix brotli build issues 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2023-10-01 14:51:48 -04:00
Nicolas Woerner
362ec37778
images: upgrade to Alpine 3.18.4 (#10466) 2023-10-01 11:18:44 -07:00
Rashad Mammadli
c3194dd388
upgrade owasp modsecurity core rule set to v3.3.5 (#10323) 2023-09-24 07:54:56 -07:00
Son Bui
4664b741ff
fix: remove curl on base container #9716 (#10306) 
* fix: remove curl on base container #9716

* fix: remove curl on chroot container #9716

Signed-off-by: Son Bui <sonbv00@gmail.com>

* fix: remove curl on test runner image #9716

Signed-off-by: Son Bui <sonbv00@gmail.com>

* fix: remove curl on e2e runner container #9716

Signed-off-by: Son Bui <sonbv00@gmail.com>

---------

Signed-off-by: Son Bui <sonbv00@gmail.com>
 2023-09-08 10:34:15 -07:00
Jintao Zhang
c83422fd65 fix deps sha 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2023-07-22 06:41:22 +08:00
James Strong
24fda9da20
Golang 1.20.6 for test runner (#10230) 
* Golang 1.20.6 for test runner

* alpine 3.18.2 as well

Signed-off-by: James Strong <strong.james.e@gmail.com>

---------

Signed-off-by: James Strong <strong.james.e@gmail.com>
 2023-07-20 14:34:12 -07:00
Jintao Zhang
6416ed821d
chore: bump OpenResty to v1.21.4.2 (#10219) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2023-07-20 08:36:09 -07:00
Ricardo Katz
ebb6314494
Deprecate and remove AJP support (#10158) 2023-07-02 02:26:49 -07:00
David Goffredo
05e5956545
tracing: upgrade to dd-opentracing-cpp v1.3.7 (#10031) 2023-06-11 11:45:47 -07:00
Jintao Zhang
c2e1f34cbe
images: upgrade to Alpine 3.18 (#9997) 
Alpine Linux 3.18 was released
https://alpinelinux.org/posts/Alpine-3.18.0-released.html

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2023-05-26 17:54:49 -07:00
Ricardo Katz
297036e169
Deprecate and remove influxdb feature (#9861) 2023-04-16 17:26:43 -07:00
James Strong
26d83d1b20
update all container tags with date and sha, upgrade all containers (#9834) 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2023-04-06 10:25:48 -07:00
James Strong
66a760794f
update to golang 1.20 (#9690) 
update alpine and golang
remove nano
update go modules
remove need for openssl external cli
fix stale

Signed-off-by: James Strong <james.strong@chainguard.dev>
 2023-03-11 20:38:39 -08:00
James Strong
f685c9b379
force rebuild for curl cve 
Signed-off-by: James Strong <james.strong@chainguard.dev>
 2022-12-21 12:36:20 -05:00
James Strong
c648595cd7
update the nginx run container for alpine:3.17.0 (#9430) 
Signed-off-by: James Strong <james.strong@chainguard.dev>

Signed-off-by: James Strong <james.strong@chainguard.dev>
 2022-12-20 19:55:25 -08:00
James Strong
e3e0d9c1f4
start upgrade to golang 1.19.4 and alpine 3.17.0 (#9417) 
* start upgrade to 1.19.4

Signed-off-by: James Strong <james.strong@chainguard.dev>

* add matrix to image test-image

Signed-off-by: James Strong <james.strong@chainguard.dev>

* update to alpine 3.17

Signed-off-by: James Strong <james.strong@chainguard.dev>

* remove need for curl

Signed-off-by: James Strong <james.strong@chainguard.dev>

Signed-off-by: James Strong <james.strong@chainguard.dev>
 2022-12-18 17:07:43 -08:00
Adam Hukalowicz
49bd5dd763
ModSecurity dependencies update to avoid Memory Leaks (#9330) 
* Update ModSecurity to latest head

* modsecurity version pinned
 2022-12-04 11:39:54 -08:00
Jintao Zhang
0b5e068511
chore: update NGINX to 1.21.6 (#9231) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2022-10-31 07:10:45 -07:00
Jintao Zhang
bf8362cb50
chore: bump NGINX version v1.21.4 (#8889) 
* chore: bump NGINX version v1.21.4

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* chore: bump all others

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* apply all patches

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* fix files hash

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* fix ajp module

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2022-10-28 16:40:39 -07:00
Nicolas Julian
855bcbce34
Update Version ModSecurity and Coreruleset (#9086) 
This is related to some new bugs that found in LiveHackingEvent 1337up0522. The latest coreruleset need *ModSecurity version 2.9.6 or 3.0.8*

- https://terjanq.medium.com/waf-bypasses-via-0days-d4ef1f212ec
- https://coreruleset.org/20220920/crs-version-3-3-4-and-3-2-3/
- https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/
- https://github.com/coreruleset/coreruleset/releases/tag/v3.3.4
 2022-09-27 06:59:51 -07:00
Long Wu Yuan
9fdbef829c
bump alpine to v3.16.2 (#8934) 2022-08-18 05:54:36 -07:00
David Goffredo
18ee046b43
update dd-opentracing-cpp version in nginx build script (#8848) 
* update dd-opentracing-cpp version in nginx build script

* idiomatic placement of "v" prefix in Datadog plugin version tag
 2022-07-23 11:02:57 -07:00
Long Wu Yuan
f0ff7e841d
bump to alpine-3.16.1 (#8858) 2022-07-23 07:24:57 -07:00
Guilhem Lettron
0049796682
feat: update mimalloc to 1.7.6 (#8827) 
Signed-off-by: Guilhem Lettron <guilhem@barpilot.io>
 2022-07-17 12:13:20 -07:00
Long Wu Yuan
8baac4214a
changed to alpine-v3.16 (#8793) 2022-07-08 06:57:46 -07:00
Daniel Schulze
0ff500c23f
Working OpenTelemetry sidecar (base nginx image) (#8719) 
* Delete entrypoint script and add sidecar lib path

* make otel libs path otel specific

* add description

* remove library path adaption from nginx base image
 2022-06-23 08:29:42 -07:00
Sara Saei
3410655065
update nginx otel LD_LIBRARY_PATH (#8641) 2022-05-29 12:44:51 -07:00
Ehsan Saei
ac3bbaf068
update LD_LIBRARY_PATH for OpenTelemetry use (#8628) 2022-05-24 10:15:26 -07:00
Ricardo Katz
cd6f88af3f
Add patch to remove root and alias directives (#8624) 2022-05-23 20:13:10 -07:00
Ricardo Katz
81c2afd975
update base images and protobuf gomod (#8478) 2022-04-15 12:53:12 -07:00
Long Wu Yuan
87979099fd
set execute bit on entrypoint.sh (#8404) 2022-03-31 04:25:00 -07:00
Aditya Kamath
5402d35663
Add execute permissions to nginx image entrypoint.sh (#8403) 2022-03-31 03:37:01 -07:00
James Strong
5298448865
downgrade to 3.14.4 and fix tag (#8386) 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-25 10:21:58 -07:00
James Strong
40bb6c3d2e
update cloud build (#8349) 2022-03-17 12:02:41 -07:00
James Strong
2fefd714bd
update tag and force a new build 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 12:57:48 -04:00
James Strong
1953efa9d8
Bumping alpine base to 3.15 2022-03-16 11:52:38 -04:00
sskserk
01b92b8b3a
Nginx v1.19.10 (#8307) 2022-03-14 08:55:57 -07:00
Damien Mathieu
15b0aba03b
First sidecar module: OpenTelemetry (#8013) 
* remove opentelemetry from main nginx image

* add opentelemetry sidecar image

* handle extra modules in helm chart

* fix running helm chart

* mount the modules volume in the init container

* merge the mounted folder

* fix the otel image

* fix licence year

* fix cloudbuild image

* use the same nginx version as in the main image

* only retrieve /etc/nginx/modules for now
 2022-01-16 13:33:28 -08:00
dmitry-j-mikhin
8ccec84496
fix nginx compilation flags (#8023) 
* use '-O2' instead of '-Og'
  '-O2' produce production optimized binary while '-Og' is used mostly
  for debugging
* use '-mtune=generic' instead of '-mtune=native'
  '-mtune=native' produce optimal code for builder host system, but it
  can be sub-optimal for execution host system
 2021-12-12 05:25:58 -08:00
Damien Mathieu
eb482db5b3
disable opentelemetry on arm (#7831) 2021-10-24 12:12:21 -07:00
Damien Mathieu
9da4d87d0c
Properly check whether we can install opentelemetry, and switch it back to main repo (#7803) 
* check for the exact value of USE_OPENTELEMETRY

* use latest commit from the main opentelemetry-cpp-contrib repo
 2021-10-12 12:16:34 -07:00
Damien Mathieu
0c16980018
add OpenTelemetry to nginx base image (#7669) 2021-10-11 06:16:40 -07:00
Ricardo Katz
5662db4509
Fix resty balancer checksum and location (#7703) 2021-09-26 10:28:21 -07:00
Jintao Zhang
0606ef8282
fix: upgrade lua-resty-balancer to v0.04 (#7702) 
it has two important bugfix:

1. should force convert weight to a number since it may cause dead loop
   when weight is a string type "0".
2. out-of-bounds memory writing may happen in chash_point_sort.

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2021-09-26 08:50:23 -07:00
Jintao Zhang
498892514d
Downgrade nginx to v1.19 (#7639) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2021-09-15 11:08:11 -07:00
Ricardo Katz
4ce0227268 Remove addgroup directive from alpine building 2021-09-04 02:12:50 -03:00
Ricardo Katz
cb8ebcb880
update alpine and remove buildx restriction (#7583) 2021-09-02 11:59:39 -07:00
Elvin Efendi
8951b7e22a
Revert "Update base nginx" (#7558) 
* Revert "Update base nginx (#7552)"

This reverts commit c6bc9870f1.

* keep alpine bump
 2021-08-28 07:38:52 -07:00
Elvin Efendi
c6bc9870f1
Update base nginx (#7552) 
* upgrade alpine

* use nginx 1.19.9 and corresponding patches from openresty

* include openresty CVE-2021-23017 patch too
 2021-08-27 07:20:05 -07:00