DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6375 commits 4 branches 217 tags 166 MiB
Commit graph

6375 commits

This branch
This branch
All branches
Author SHA1 Message Date
James Strong
fe4472157a update cloud build image 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 15:32:45 -04:00
James Strong
5c0cff57ec Merge pull request #8344 from strongjz/tag-1.1.3 
update tag and force a new build
 2022-03-16 15:15:08 -04:00
James Strong
e403ce9680 fix the cloud build 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 15:13:24 -04:00
James Strong
fa30819930 add the date per request 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 15:07:38 -04:00
James Strong
482fcb1bcd control tag with short sha 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 14:52:06 -04:00
James Strong
d47a2fd115 update tag and force a new build 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 12:57:48 -04:00
James Strong
48d47b81c9 Merge pull request #8343 from strongjz/alpine-3.15 
Bump alpine base to 3.15
 2022-03-16 12:27:14 -04:00
James Strong
47d808088d Bumping alpine base to 3.15 2022-03-16 11:52:38 -04:00
Ana Claudia Riekstin
f9368d4ca2 Fix 50% split between canary and mainline tests (#8315) 
* fix 50% canary test

* fix past tense

* after code review

* revert go.sum and go.mod

* run gofmt
 2022-03-16 06:25:49 -07:00
sskserk
4a7a7cdd94 Nginx v1.19.10 (#8307) 2022-03-14 08:55:57 -07:00
thomasbruggink
a5893adb76 Add the shareProcessNamespace as a configurable setting. (#8287) 2022-03-14 08:51:57 -07:00
Rodrigo Riccitelli Vieira
18f311ed89 Update monitoring.md (#8324) 
Added missing repo on "helm upgrade" command
 2022-03-14 08:47:58 -07:00
Naveen
09d3a2106c Pinned GitHub workflows by SHA (#8334) 
- Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
- Included permissions for some of the actions. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

Dependabot can upgrade pinned version of actions.
 2022-03-14 08:29:58 -07:00
Daniel Lim
48500eca86 Names cannot contain _ (underscore)! So I changed it to -. (#8300) 
* The name can't use _(underscore)! So fix it!

The name can't use _(underscore)! So fix it!

* Fix configMap name can't use _(underscore)

Fix configMap name can't use _(underscore)
 2022-03-09 06:56:13 -08:00
hongkunyoo
976df3b6cf Missing annotations (#8288) 
Not quite sure but It seems that `nginx.ingress.kubernetes.io/canary-by-header` is missing.
 2022-03-09 06:54:13 -08:00
James Strong
36a8186e7a leaving it the git tag (#8311) 
fixing the git tag for the image version, it is what it is .
 2022-03-07 09:38:53 -08:00
Niclas Mietz
ab78af6d3d docs: fix changelog formatting (#8302) 2022-03-07 08:32:55 -08:00
Long Wu Yuan
9c1c26dc56 release-v1.1.2-continued (#8294) 
* v1.1.2 release

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* release-v1.1.2-continued

Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2022-03-04 11:48:52 -08:00
James Strong
f22e7e16e9 Merge pull request #8291 from kubernetes/strongjz-patch-6 
remove git tag env from cloud build
 2022-03-02 15:03:04 -05:00
James Strong
673f4b12e8 remove git tag env from cloud build 
the latest git tag is from helm, so force the make file use of TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
 2022-03-02 14:49:01 -05:00
James Strong
0f370b7cb1 update tag for image (#8290) 2022-03-02 11:07:13 -08:00
Damien Mathieu
a2af5ba655 Fix OpenTelemetry sidecar image build (#8286) 
* fix wrong checksum for nginx image

* fix wrong platform. Arm64 has grpc, when arm doesn't
 2022-03-02 08:39:14 -08:00
James Strong
5c878cfe6c force prow job by changing something in images/ot dir (#8281) 
Images dir was merged in before the test-infra prow job, so the image was never built. 

https://github.com/kubernetes/ingress-nginx/pull/8013 Jan 16

https://github.com/kubernetes/test-infra/pull/25344/files Prow job 4 days ago.
 2022-03-01 09:35:55 -08:00
Maksim Nabokikh
20344d338b fix: deny locations with invalid auth-url annotation (#8256) 
* fix: deny locations with invalid auth-url annotation

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Delete duplicate test

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-03-01 02:13:51 -08:00
James Strong
5ac36489f5 Add OpenSSF Best practices badge (#8277) 2022-02-28 20:27:47 -08:00
dylan-bitovi
8482b2bd23 Add fsGroup value to admission-webhooks/job-patch charts (#8267) 
* added fsGroup to admission createSecret and patchWebhook job

* added fsGroup to admission createSecret and patchWebhook job

* modified helm/README.md to add value for fsGroup

* fixed patch job values ordering

* remove manually edited README for replacement with helm-docs generated version

* re-adding charts/README.md generated by helm-docs
 2022-02-28 07:10:57 -08:00
Jintao Zhang
8f49fd0745 Start Release process for v1.1.2 (#8275) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2022-02-27 06:45:18 -08:00
Indhu Kumar
d2dea3658e Issue#8241 (#8273) 
* replace daemon set for deployment manifest

* nit
 2022-02-26 14:53:17 -08:00
Thibault Jamet
19f57f28ca Add a certificate info metric (#8253) 
When the ingress controller loads certificates  (new ones or following a
secret update), it performs a series of check to ensure its validity.

In our systems, we detected a case where, when the secret object is
compromised, for example when the certificate does not match the secret
key, different pods of the ingress controller are serving a different
version of the certificate.

This behaviour is due to the cache mechanism of the ingress controller,
keeping the last known certificate in case of corruption. When this
happens, old ingress-controller pods will keep serving the old one,
while new pods, by failing to load the corrupted certificates, would
use the default certificate, causing invalid certificates for its
clients.

This generates a random error on the client side, depending on the
actual pod instance it reaches.

In order to allow detecting occurences of those situations, add a metric
to expose, for all ingress controlller pods, detailed informations of
the currently loaded certificate.

This will, for example, allow setting an alert when there is a
certificate discrepency across all ingress controller pods using a query
similar to `sum(nginx_ingress_controller_ssl_certificate_info{host="name.tld"})by(serial_number)`

This also allows to catch other exceptions loading certificates (failing
to load the certificate from the k8s API, ...

Co-authored-by: Daniel Ricart <danielricart@users.noreply.github.com>

Co-authored-by: Daniel Ricart <danielricart@users.noreply.github.com>
 2022-02-24 07:08:32 -08:00
Goran
c3bff67497 Updated confusing error (#8262) 2022-02-21 11:52:01 -08:00
Romain Dauby
2499c55fb7 Minor fix for missing pathType property (#8244) 2022-02-20 13:14:11 -08:00
Noah Ispas
eeb75ff64d remove 0.46.0 from supported versions table (#8258) 2022-02-19 15:12:12 -08:00
Alastair Firth
feb1c32ea4 Versioned static manifests (#8162) 
* update deploy script to generate static manifests for all supported versions

* generate static manifests for all supported versions
 2022-02-13 10:47:47 -08:00
Aibek
61dfe174b1 Append elements on match, instead of removing for cors-annotations (#8185) 
* fixes https://github.com/kubernetes/ingress-nginx/issues/8168 by appending elements on match, instead of removing

* refactor the corsOriginRegex comparison, and initialize CorsAllowOrigin
 2022-02-13 10:39:47 -08:00
Endre Kovács
1d1abf784e fix inconsistent-label-cardinality for prometheus metrics: nginx_ingress_controller_requests (#8225) 
* fix inconsistent-label-cardinality

for prometheus metrics: nginx_ingress_controller_requests

* add host to collectorLabels only if metricsPerHost is true
 2022-02-13 10:33:47 -08:00
Yang
536d9692af webhook: remove useless code. (#8236) 
* webhook: remove useless code

Signed-off-by: SpecialYang <940129520@qq.com>

* Remove duplicated codec
 2022-02-13 10:25:47 -08:00
Ana Claudia Riekstin
0e8070c13e Adding some geoip variables and default values (#8159) 
* adding geoIp variables that Shopify uses

* adding source remote_addr for geoip2-isp
 2022-02-07 09:53:44 -08:00
Indhu Kumar
5b94077c03 prometheus+grafana using servicemonitor (#8186) 
* prometheus+grafana using servicemonitor

* fix review comments

* markdown changes

* more formatting changes

* fix review comments
 2022-02-07 01:47:45 -08:00
Ricardo Katz
d3d8b8dd70 Update libraries in webhook image (#8227) 2022-02-06 12:42:51 -08:00
Elvin Efendi
fc7b4e4637 Do not validate ingresses with unknown ingress class in admission webhook endpoint. (#8221) 2022-02-06 12:28:51 -08:00
dependabot[bot]
fb158ce883 Bump google.golang.org/grpc from 1.43.0 to 1.44.0 (#8209) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.43.0...v1.44.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-06 12:22:52 -08:00
Tomas Hulata
ea94a605c5 add ingress.class (#8136) 
Signed-off-by: tombokombo <tombo@sysart.tech>
 2022-02-06 12:18:51 -08:00
Alexander Brand
6245bf6129 Update the $req_id placeholder description (#8163) 2022-02-06 12:14:53 -08:00
Kundan Kumar
d49d071b7b 8217 fix removed extra v (#8218) 2022-02-06 12:10:52 -08:00
Damien Mathieu
64085fa368 use functional options to reduce number of methods creating an EchoDeployment (#8199) 2022-02-02 05:12:22 -08:00
stoupance
1e9266d20f Remove Capabilities.APIVersions for Kustomize to parse file (#7829) 2022-02-01 09:34:10 -08:00
dependabot[bot]
3a2be539d6 Bump github.com/prometheus/client_golang from 1.11.0 to 1.12.1 (#8210) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.11.0 to 1.12.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.11.0...v1.12.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-31 03:22:24 -08:00
naseemkullah
69fae46b32 feat(metrics): add path and method labels to requests counter (#8201) 2022-01-30 03:52:23 -08:00
Jintao Zhang
479eb416a4 chore: add Artifact Hub lint (#8204) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2022-01-28 06:16:31 -08:00
Tiago Ferreira
f89664071d Fix Indentation of example and link to cert-manager tutorial (#8203) 2022-01-27 08:34:59 -08:00