DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4066 commits 4 branches 217 tags 166 MiB
Commit graph

4066 commits

This branch
This branch
All branches
Author SHA1 Message Date
weltschraet
abca32ba8e reduce memory footprint and cpu usage when modsecurity and owasp rules are enabled globally 2019-05-18 19:08:30 +02:00
Kubernetes Prow Robot
19501b217d
Merge pull request #4089 from alanjcastonguay/docs/use-gzip-configmap-defaults 
Docs: configmap: use-gzip
 2019-05-18 04:09:14 -07:00
Kubernetes Prow Robot
c12059bff5
Merge pull request #4098 from kevinsimper/patch-1 
Update configmap about adding custom locations
 2019-05-18 03:39:12 -07:00
Kubernetes Prow Robot
0f13d65b05
Merge pull request #4099 from kppullin/patch-1 
Docs - Update capture group `placeholder`
 2019-05-18 03:09:13 -07:00
Kevin Pullin
3ef6689bbd
Docs - Update capture group placeholder 
The current ingress example uses the `$2` capture group placeholder, however the description refers to the `$1` placeholder (this was previously correct, but was not updated when the ingress example changed from $1 to $2).
 2019-05-17 16:01:17 -07:00
Kevin Simper
ddc2ce5c70
Update configmap about adding custom locations 2019-05-17 21:39:40 +02:00
Kubernetes Prow Robot
1bd3fd2429
Merge pull request #4088 from aledbf/prow 
Migrate to Prow
 2019-05-17 12:26:11 -07:00
Manuel Alejandro de Brito Fontes
d32079e69c
Allow to use a custom k8s version in e2e tests 2019-05-15 20:58:58 -04:00
Manuel Alejandro de Brito Fontes
87b730d5fe
Add binaries required by kubernetes-sigs/testing_frameworks 2019-05-15 17:17:32 -04:00
Manuel Alejandro de Brito Fontes
e619a1120c
Cleanup 2019-05-15 17:17:32 -04:00
Alan J Castonguay
f5b090518d Docs: configmap: use-gzip 
Move the "gzip-types" value default from the "use-gzip" to the "gzip-types"
heading, and link to it from use-gzip.

Document that the "use-gzip" default is "true", matching the style of other
configmap items.
 2019-05-15 13:09:45 -04:00
Manuel Alejandro de Brito Fontes
3dd1699637
Add dependencies for code generator 2019-05-14 20:15:49 -04:00
Manuel Alejandro de Brito Fontes
89c157c63b
Update generated code 2019-05-14 20:15:49 -04:00
Manuel Alejandro de Brito Fontes
be2792c5f9
Refactor scripts to run e2e tests 2019-05-14 20:15:43 -04:00
Kubernetes Prow Robot
182b28260c
Merge pull request #4080 from MRoci/master 
Load modsecurity config with OWASP core rules
 2019-05-14 09:59:17 -07:00
Kubernetes Prow Robot
677ea4db23
Merge pull request #4082 from alanjcastonguay/patch-1 
Explain references in custom-headers documentation
 2019-05-14 08:35:19 -07:00
Manuel Alejandro de Brito Fontes
7be1dccea7
Add option to run scripts in debug mode 2019-05-13 22:31:06 -04:00
Manuel Alejandro de Brito Fontes
16540a1dba
Run tests with only one worker 2019-05-13 22:30:21 -04:00
Manuel Alejandro de Brito Fontes
ebc50b5c68
Add image for prow jobs 2019-05-13 22:29:44 -04:00
Alan J Castonguay
5eda92b1c9
Explain references in custom-headers documentation 
Augment description of custom-headers behavior. Explain the purpose of the two configmaps, making explicit that one cites the other by `namespace/name`. Link the two example yaml files, so they're more easily navigated to from a browser looking at https://kubernetes.github.io/ingress-nginx/examples/customization/custom-headers/

Campfire: grammar, standard installation is in the `ingress-nginx` namespace.
 2019-05-13 17:50:59 -04:00
MRoci
8b7f069b56
load modsecurity.conf on ModSecurity.Enable 2019-05-13 17:39:06 +02:00
Kubernetes Prow Robot
fafa0a6e13
Merge pull request #4067 from aledbf/normalize 
Trim spaces from annotations that can contain multiple lines
 2019-05-09 07:18:51 -07:00
Kubernetes Prow Robot
6d82cd66c2
Merge pull request #4070 from nicknovitski/e2e-rbac-once 
Don't try to create e2e runner rbac resources twice
 2019-05-07 19:10:38 -07:00
Nick Novitski
5c26a72256 Don't try to create e2e runner rbac resources twice 2019-05-07 18:07:18 -07:00
Kubernetes Prow Robot
78d582c0fa
Merge pull request #4069 from nicknovitski/make-e2e-fixes 
fix e2e-test make target
 2019-05-07 16:52:34 -07:00
Kubernetes Prow Robot
1e61dff0ca
Merge pull request #4068 from nicknovitski/fix-deployement-typos 
fix typo: deployement->deployment
 2019-05-07 16:50:34 -07:00
Nick Novitski
8ea40bbcb9 fix typo: deployement->deployment 2019-05-07 16:16:06 -07:00
Nick Novitski
731c2d8e4c fix e2e-test make target 
- explicitly wait for api token
- only use posix shell conditionals
 2019-05-07 16:15:24 -07:00
Manuel Alejandro de Brito Fontes
23e7423477
Trim spaces from annotations that can contain multiple lines 2019-05-07 14:25:52 -04:00
Kubernetes Prow Robot
b06e114177
Merge pull request #3506 from KoerberDigitalDevTeam/feature/extrenal-auth-security-opt-out 
Improve the external authorization concept from opt-in to secure-by-default
 2019-05-07 09:15:53 -07:00
Manuel Alejandro de Brito Fontes
b8fb09d7b3
Update go to 1.12.5, kubectl to 1.14.1 and kind to 0.2.1 (#4064) 2019-05-06 23:28:15 -04:00
okryvoshapka-connyun
4811168d2a Fixed typos 2019-05-06 09:04:12 +02:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Kubernetes Prow Robot
b4f2880ee6
Merge pull request #3802 from tjamet/admission-controller 
Add a validating webhook for ingress sanity check
 2019-05-02 07:52:25 -07:00
Kubernetes Prow Robot
7ff6643372
Merge pull request #4037 from marcostvz/fix-doc-rewrite 
[doc] fixing regex in example of rewrite
 2019-05-02 07:02:23 -07:00
Kubernetes Prow Robot
ddedd165b2
Merge pull request #4036 from Yantrio/patch-1 
Docs have incorrect command in baremetal.md
 2019-04-26 12:28:05 -07:00
Manuel Alejandro de Brito Fontes
e7a5bec5c7
Release custom error pages image v0.4 [skip-ci] (#4042) 2019-04-25 16:02:03 -04:00
Kubernetes Prow Robot
a2f9193a04
Merge pull request #4040 from juliohm1978/master 
Fix default Content-Type for custom-error-pages example
 2019-04-25 12:18:28 -07:00
Julio H Morimoto
7245340e88
Fix default Content-Type for custom-error-pages example 
This should fix issue [4039](https://github.com/kubernetes/ingress-nginx/issues/4039). This default backend fails to send the correct `Content-Type` header when it fails to decode the `Accept` request header.

This patch simply forces `text/html` in that specific scenario.
 2019-04-25 14:53:22 -03:00
Marcos Estevez
69c1efc0e3
[doc] fixing regex in example of rewrite 
avoids /somethingfoo to be matched by regex

Signed-off-by: Marcos Estevez <marcos.stvz@gmail.com>
 2019-04-25 12:43:32 +02:00
James Humphries
2a31790887
Docs have incorrect command in baremetal.md 
The output shown is for `kubectl get node` and not `kubectl describe node`.

I've updated the docs to use the correct command.
 2019-04-25 11:10:16 +01:00
Kubernetes Prow Robot
5d31fb2c5d
Merge pull request #4034 from warmchang/bare-metal 
🔧 fix navigation error in file baremetal.md
 2019-04-24 06:16:07 -07:00
William Zhang
a94eea2c03 🔧 fix navigation error in file baremetal.md 
Signed-off-by: William Zhang <zhang.wanmin@zte.com.cn>
 2019-04-24 15:45:04 +08:00
Kubernetes Prow Robot
e68b68d20c
Merge pull request #3966 from GabrielNicolasAvellaneda/master 
Documentation example code fix
 2019-04-19 09:33:54 -07:00
Thibault Jamet
1cd17cd12c
Implement a validation webhook 
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.

In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.

Related changes:

- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
 2019-04-18 19:07:04 +02:00
Kubernetes Prow Robot
d7f0713046
Merge pull request #4022 from anthonyho007/mult-auth-e2e 
Add e2e test coverage for mult-auth
 2019-04-18 08:22:11 -07:00
Anthony Ho
bd694bf3de add e2e coverage for multi auth 2019-04-18 10:32:15 -04:00
Manuel Alejandro de Brito Fontes
7283a01b9f
Update nginx image and Go to 1.12.4 (#4010) 2019-04-17 22:45:51 -04:00
Kubernetes Prow Robot
0953b3d22e
Merge pull request #4009 from aledbf/update-nginx 
Update nginx to 1.15.12
 2019-04-17 13:30:05 -07:00
Kubernetes Prow Robot
774403fa7c
Merge pull request #4012 from aledbf/modules 
Switch to go modules
 2019-04-17 13:26:04 -07:00