James Strong
a171d3f0f2
adding cve finding and adding release-notes to PR template ( #8916 )
...
* adding cve finding and adding release-notes to PR template
Signed-off-by: James Strong <strong.james.e@gmail.com>
* update cve report with verbiage around open CVEs and not disclosures
Signed-off-by: James Strong <strong.james.e@gmail.com>
* fix then assignees
Signed-off-by: James Strong <strong.james.e@gmail.com>
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-24 19:20:05 -07:00
Long Wu Yuan
f34769b543
added note on digitalocean annotations ( #8966 )
2022-08-24 07:12:04 -07:00
Ismayil Mirzali
f6d04d3e3b
fix: bump k8s dependencies to fix go-restful CVE ( #8969 )
...
[1] https://nvd.nist.gov/vuln/detail/CVE-2022-1996
[2] https://github.com/kubernetes/ingress-nginx/issues/8745
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
2022-08-24 04:54:03 -07:00
Long Wu Yuan
511f7cd55f
updated to testrunnerimage with updated yamle yamllint ( #8967 )
2022-08-24 01:58:25 -07:00
Jintao Zhang
e19026fe4e
upgrade yamale and yamllint version ( #8960 )
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-08-23 01:05:23 -07:00
Jintao Zhang
ffcf13c09b
revert changes to configmap resource permissions ( #8959 )
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-08-23 00:29:24 -07:00
Ismayil Mirzali
45f71d5a16
make keep-alive docs more explicit #8927 ( #8944 )
...
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
2022-08-22 16:30:28 -07:00
Harpreet singh
69318355b1
Fix defaultServer backend update for Ingress with defaultBackend. ( #8825 )
2022-08-22 16:26:23 -07:00
Zadkiel Aharonian
d5893d4a2e
fix(controller): typo in catch-all CheckIngress error message ( #8905 )
2022-08-22 16:20:16 -07:00
Anders Swanson
adeb84aa38
Metrics port name (Helm) ( #8665 )
2022-08-22 16:20:09 -07:00
Edvin N
63edd3befd
Document internal-logger-address cli arg ( #8873 )
...
Signed-off-by: Edvin Norling <edvin.norling@xenit.se>
Signed-off-by: Edvin Norling <edvin.norling@xenit.se>
2022-08-22 16:14:09 -07:00
omichels
cad575e923
securityContext in admission-webhook now configurable e.g. to set seccompProfiles ( #8930 )
...
* Make securityContext in admission-webhook more configurable e.g. to set seccompProfiles
Signed-off-by: Oliver Michels <oliver.michels@aldi-sued.com>
* Make securityContext in admission-webhook more configurable e.g. to set seccompProfiles
Signed-off-by: Oliver Michels <oliver.michels@aldi-sued.com>
* Make securityContext in admission-webhook more configurable e.g. to set seccompProfiles
Signed-off-by: Oliver Michels <oliver.michels@aldi-sued.com>
* Make securityContext in admission-webhook more configurable e.g. to set seccompProfiles
Signed-off-by: Oliver Michels <oliver.michels@aldi-sued.com>
Signed-off-by: Oliver Michels <oliver.michels@aldi-sued.com>
2022-08-22 16:12:09 -07:00
Mangirdas Judeikis
1791b62e45
Add NetworkPolicy support ( #8928 )
...
* Add NetworkPolicy support
* add doc for np
2022-08-22 16:08:09 -07:00
Jintao Zhang
730174f73d
feat: using LeaseLock for election ( #8921 )
...
We removed the use of configmap as an election lock, so we will use the
Lease API to complete the election.
Before this, we used `MultiLock` to facilitate smooth migration of
existing users of ingress-nginx from configmap to LeaseLock.
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-08-22 15:38:16 -07:00
Christian
fe09f6d096
Don't error log when no OCSP responder URL exists ( #8881 )
2022-08-22 15:38:09 -07:00
dependabot[bot]
363a7f7fb2
Bump github/codeql-action from 2.1.19 to 2.1.20 ( #8957 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.19 to 2.1.20.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f5d217be74...7fee4ca032
2022-08-22 15:32:09 -07:00
dependabot[bot]
c1b3a5065b
Bump azure/setup-helm from 2.1 to 3.3 ( #8956 )
...
Bumps [azure/setup-helm](https://github.com/azure/setup-helm ) from 2.1 to 3.3.
- [Release notes](https://github.com/azure/setup-helm/releases )
- [Commits](217bf70cbd...b5b231a831
2022-08-22 15:30:09 -07:00
dependabot[bot]
d7373c9140
Bump actions/dependency-review-action from 2.0.4 to 2.1.0 ( #8954 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.0.4 to 2.1.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](94145f3150...23d1ffffb6
2022-08-22 15:28:08 -07:00
dependabot[bot]
c3fb817985
Bump aquasecurity/trivy-action from 0.5.1 to 0.7.1 ( #8953 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.5.1 to 0.7.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](0105373003...d63413b0a4
2022-08-22 15:26:09 -07:00
dependabot[bot]
21fab45e9d
Bump securego/gosec ( #8952 )
...
Bumps [securego/gosec](https://github.com/securego/gosec ) from b99b5f7838e43a4104354ad92a6a1774302ee1f9 to 2.13.1. This release includes the previously tagged commit.
- [Release notes](https://github.com/securego/gosec/releases )
- [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml )
- [Commits](b99b5f7838...19fa856bad
2022-08-22 15:24:09 -07:00
dependabot[bot]
2e3eb675a8
Bump geekyeggo/delete-artifact ( #8951 )
...
Bumps [geekyeggo/delete-artifact](https://github.com/geekyeggo/delete-artifact ) from a6ab43859c960a8b74cbc6291f362c7fb51829ba to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/geekyeggo/delete-artifact/releases )
- [Commits](a6ab43859c...b73cb98674
2022-08-22 15:22:09 -07:00
dependabot[bot]
cecd085ef7
Bump github/codeql-action from 2.1.18 to 2.1.19 ( #8950 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.18 to 2.1.19.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.18...f5d217be74900c6ac8fbbe53f3c10376ba4e64da )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-22 15:20:10 -07:00
Long Wu Yuan
3a450e0468
updated testrunner and testecho images ( #8948 )
2022-08-22 11:24:29 -07:00
Ricardo Katz
4508493dfe
Clean old code and move helper functions ( #8946 )
2022-08-21 14:21:51 -07:00
Long Wu Yuan
a98c637872
bump baseimage alpine to v3.16.2 for zlib CVE fix ( #8939 )
2022-08-18 19:30:09 -07:00
Long Wu Yuan
9fdbef829c
bump alpine to v3.16.2 ( #8934 )
2022-08-18 05:54:36 -07:00
Ismayil Mirzali
1dc9d98833
Reimplement kubectl plugin release workflow ( #8812 )
...
* Feat: reimplement kubectl plugin release system
This commit does the following changes:
- Add GitHub Actions pipeline for releasing the plugin
- Removes the build/build-plugin.sh and replaces this with GoReleaser
- Adds the use of krew-release-bot for automatically updating the krew
release
- Removes the make target for build/build-plugin.sh
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
* Fix: pin github actions stages with commit sha
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
2022-08-11 21:22:43 -07:00
Ismayil Mirzali
c85765a015
Improve hack/generate-deploy-scripts.sh to no longer generate versioned manifests ( #8877 )
...
* feat: no longer generate versioned manifests
Updates the script to no longer generate multiple versioned deploy manifests.
The script will only generate the manifests for one given version of
Kubernetes.
See: https://github.com/kubernetes/ingress-nginx/issues/8824
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
* fix: delete unnecessary versioned deploy manifests
See: https://github.com/kubernetes/ingress-nginx/issues/8824
Signed-off-by: Ismayil Mirzali <ismayilmirzeli@gmail.com>
2022-08-09 10:30:37 -07:00
James Strong
f44e790021
Merge pull request #8776 from strongjz/ci-unit-test
...
Trivy Image Scanning
2022-08-08 17:52:23 -07:00
James Strong
ead3c2bc95
remove on pushes
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 17:14:13 -07:00
James Strong
0c343c8a77
stesting pathing
2022-08-08 17:08:21 -07:00
James Strong
1d2fa93856
sarif upload issues
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 17:04:59 -07:00
James Strong
e55a84e8a0
testing output of sarif file
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 16:40:30 -07:00
James Strong
9162fe0aa8
fix permissions
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 16:39:32 -07:00
James Strong
ebb8308654
it seems sarif upload needs git information
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 16:17:24 -07:00
James Strong
932320cf44
need short tags
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 16:01:27 -07:00
James Strong
069ac3a0d6
remove var
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 15:40:06 -07:00
James Strong
13639b5ad7
add scanning to CI
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-08-08 15:36:49 -07:00
Long Wu Yuan
0f61d9d0dc
updated to new images built today ( #8896 )
2022-08-08 11:40:19 -07:00
dependabot[bot]
534bcfb193
Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 ( #8913 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.12.2...v1.13.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 07:06:19 -07:00
dependabot[bot]
4077f7e682
Bump github/codeql-action from 2.1.17 to 2.1.18 ( #8914 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0c670bbf04...2ca79b6fa8
2022-08-08 06:58:20 -07:00
dependabot[bot]
72a01bbe6e
Bump github/codeql-action from 2.1.16 to 2.1.17 ( #8894 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3e7e3b32d0...0c670bbf04
2022-08-01 05:52:29 -07:00
Long Wu Yuan
00ee51f09e
update to baseiamge built after CI changes ( #8892 )
2022-08-01 00:58:29 -07:00
Lien Li
5b0cc8edca
migrate ginkgo to v2 ( #8826 )
...
* Migrate ginkgo to v2
* Update test/e2e/annotations/ipwhitelist.go
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
* Update test/e2e/annotations/modsecurity/modsecurity.go
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
* Update test/e2e/settings/access_log.go
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
* remove unnecessary blank line
* re-order packages
* less change
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
2022-07-31 09:16:28 -07:00
Markus Engel
5e6093cf59
add X-Forwarded-For in custom error template ( #7892 )
2022-07-28 03:23:10 -07:00
Jintao Zhang
f0490cbfbf
fix: change all cloudbuild jobs configuration ( #8870 )
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-07-26 14:43:11 -07:00
James Strong
91e6174556
Update gce docs ( #8866 )
...
* update GCE doc with proxy protocol and some fixes
Signed-off-by: James Strong <strong.james.e@gmail.com>
* update gke docs
Signed-off-by: James Strong <strong.james.e@gmail.com>
2022-07-26 13:13:10 -07:00
Jintao Zhang
fe116d62cb
fix: change cloudbuild configuration ( #8869 )
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-07-26 13:01:10 -07:00
Adrián Tóth
000d1b2775
version (commit sha) bump for dependency github.com/moul/pb due to dependency licence ( #8841 )
2022-07-26 12:57:10 -07:00
Jintao Zhang
d2fbd38cd1
Revert "fix: test-runner prow build" ( #8865 )
...
This reverts commit 423008b752
2022-07-24 18:40:58 -07:00
