DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7908 commits 4 branches 217 tags 166 MiB
Commit graph

212 commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
1539a24c7b Start using e2e test images from gcr.io 2020-06-27 11:36:17 -04:00
agile6v
e8aaa15ce8 Remove duplicated X-Forwarded-Proto header. 2020-06-25 11:11:00 +08:00
Manuel Alejandro de Brito Fontes
3d3efaab29 Fix proxy_protocol duplication in listen definition 2020-06-09 15:00:59 -04:00
agile6v
fc1c043437 Add http-access-log-path and stream-access-log-path options in configMap 2020-06-05 01:27:26 +08:00
Mark Janssen
639a8c7871 Enable TLSv1.3 by default 
Fix for 049b25e566 which mistakenly only
updated documentation.
 2020-05-08 12:40:11 +02:00
Manuel Alejandro de Brito Fontes
efbb3f9fc8 Add support for IngressClass and ingress.class annotation 2020-04-22 09:15:32 -04:00
Manuel Alejandro de Brito Fontes
e9bd1d8b1f Add new cfssl image and update e2e tests to use it 2020-04-17 16:41:50 -04:00
Manuel Alejandro de Brito Fontes
d18fa90cfd Add e2e test for OCSP and new configmap setting 2020-04-17 12:53:47 -04:00
Elvin Efendi
129df3892c adjust e2e test 2020-04-14 10:27:38 -04:00
Manuel Alejandro de Brito Fontes
c0db19b0ec Enable configuration of plugins using configmap 2020-04-13 11:38:42 -04:00
Manuel Alejandro de Brito Fontes
a46126a034 Update client-go methods to support context and and new create and delete options 2020-03-27 19:52:51 -03:00
Manuel Alejandro de Brito Fontes
7627757081
Cleanup of chart labels (#5258) 2020-03-18 08:35:29 -03:00
Balazs Szekeres
12fe318fdb Added test case for proxy connect, read, and send timeout from setting them via Nginx configmap. 2020-03-02 09:36:52 +01:00
Balazs Szekeres
6757224996 Refactored test/e2e/annotations/proxy.go 2020-02-27 16:03:28 +01:00
Kubernetes Prow Robot
380840f27e
Merge pull request #5145 from szombi/e2e-hsts-fix 
Refactor the HSTS related test file and add config check to the HSTS tests
 2020-02-21 07:08:35 -08:00
Sandor Szombat
1906832bc5 Rework the hsts related test file 2020-02-21 14:25:18 +01:00
Balazs Szekeres
0986ea8f18 Added configmap test ssl-ciphers. 2020-02-20 20:43:43 +01:00
Kubernetes Prow Robot
f4454612cb
Merge pull request #5109 from SzekeresB/dev/limit-rate-tc 
Added basic limit-rate configmap test.
 2020-02-20 06:55:04 -08:00
Kubernetes Prow Robot
b6516344bf
Merge pull request #5103 from SzekeresB/dev/no-tls-redirect-location 
Added configmap test for no-tls-redirect-locations
 2020-02-20 06:23:02 -08:00
Balazs Szekeres
122bf02489 Added configmap test for no-tls-redirect-locations 2020-02-20 14:54:41 +01:00
Balazs Szekeres
c47aa3cac7 Added basic limit-rate configmap test. 2020-02-20 14:22:26 +01:00
Sandor Szombat
d149382743 Add upstream keep alive tests 2020-02-20 09:59:36 +01:00
Manuel Alejandro de Brito Fontes
57fcbdfb73
Lint go code (#5132) 2020-02-19 21:43:14 -03:00
Kubernetes Prow Robot
f6cbf3e735
Merge pull request #5117 from szombi/e2e-hash-size 
Hash size e2e check test case
 2020-02-19 15:44:30 -08:00
Manuel Alejandro de Brito Fontes
f9624cbe46 Refactor e2e tests to use testify y httpexpect 2020-02-19 19:42:50 -03:00
Sandor Szombat
bd23b815bd Add hash size check tc 2020-02-19 09:27:53 +01:00
Sandor Szombat
0b1efdb549 Add reuse-port config check tc 2020-02-18 10:09:34 +01:00
Kubernetes Prow Robot
9a52f12b19
Merge pull request #5101 from szombi/e2e-keep-alive 
Add keep-alive config check test
 2020-02-17 11:27:29 -08:00
Sandor Szombat
2400febc48 Add keep-alive config check test 2020-02-17 15:04:43 +01:00
Sandor Szombat
8470a06174 Add log-format related tests 2020-02-17 14:52:35 +01:00
Manuel Alejandro de Brito Fontes
cc318cdec1
Cleanup and standardization of e2e test definitions (#5090) 2020-02-16 15:27:58 -03:00
Manuel Alejandro de Brito Fontes
37c24b0df5
Migration e2e installation to helm (#5086) 2020-02-16 11:58:37 -03:00
Balazs Szekeres
6206adf188 Added 'Add headers' configmap parameter testcase. 2020-02-14 19:56:43 +01:00
Manuel Alejandro de Brito Fontes
0197ea0dc4 Remove empty BeforeEach and AfterEach from e2e tests 2020-02-13 15:33:14 -03:00
Ilya Nemakov
46a3e0a6fd Fix X-Forwarded-Proto based on proxy-protocol server port 2020-02-10 18:08:34 +03:00
Boris Djurdjevic
665f924e9e Add proxy protocol support for X-Forwarded-Port 
Fixes https://github.com/kubernetes/ingress-nginx/issues/4951
 2020-01-24 13:50:35 +01:00
Manuel Alejandro de Brito Fontes
2af6305a4f Fix flaking e2e tests 2020-01-05 14:08:56 -03:00
Manuel Alejandro de Brito Fontes
1f2820a343 GeoIP test are temporarily disabled 2020-01-04 15:17:24 -03:00
Manuel Alejandro de Brito Fontes
5c30820d1f Remove hard-coded annotation and don't use map pointers 2019-12-13 03:05:20 -03:00
Manuel Alejandro de Brito Fontes
c2550930b1 Fix e2e test flakes 2019-12-13 01:34:52 -03:00
Manuel Alejandro de Brito Fontes
0dce5be743 Migrate ingress definitions from extensions to networking.k8s.io 2019-12-12 21:25:00 -03:00
Elvin Efendi
49ba53b7b6 regression test for duplicate hsts 2019-12-12 13:45:43 -05:00
Kubernetes Prow Robot
fb025ab501
Merge pull request #4087 from MRoci/master 
Define Modsecurity Snippet via ConfigMap
 2019-09-30 15:19:32 -07:00
Andrea Spacca
e84c8cd705 ISSUE-4244 e2e test 2019-09-29 23:28:44 +02:00
MRoci
1ee081ccc8
test modsecurity-snippet 2019-09-28 09:54:10 +02:00
Elvin Efendi
799f0ae76d more meaningful assertion for tls hsts test 2019-09-24 15:39:20 -04:00
Manuel Alejandro de Brito Fontes
ce3e3d51c3
WIP Remove nginx unix sockets (#4531) 
* Remove nginx unix sockets
* Use an emptyDir volume for /tmp in PSP e2e tests
 2019-09-08 18:14:54 -03:00
Manuel Alejandro de Brito Fontes
c85450c1e7
Remove hard-coded names from e2e test and use local docker dependencies (#4502) 2019-09-01 14:16:52 -04:00
Manuel Alejandro de Brito Fontes
fcd3054f13
Lint code using staticcheck (#4471) 2019-08-23 12:08:40 -04:00
Manuel Alejandro de Brito Fontes
23ed3ba4c4
Fix file permissions to support volumes 2019-08-15 20:48:37 -04:00
Elvin Efendi
b21c721196 lua-shared-dicts improvements, fixes and documentation 2019-08-14 22:10:56 -04:00
Manuel Alejandro de Brito Fontes
80bd481abb
Only support SSL dynamic mode 2019-08-13 17:33:34 -04:00
Kubernetes Prow Robot
8c472190d1
Merge pull request #4086 from jeroen92/issue-4038 
Resolve #4038, move X-Forwarded-Port variable to the location context
 2019-08-09 08:07:25 -07:00
tals
a2e667c082 lua shared dict from cm 
lua shared dict teml test and update func sign

lua shared dict cm test

lua shared dict integration test

lua shared dict add cm parsing

lua shared dict change test header
 2019-08-08 12:44:11 +03:00
Jeroen Schutrup
8dd912114e
Move X-Forwarded-Port variable to the location context 
Resolves issue #4038 where the X-Forwarded-Port header would be set to the value of the https listening port if all of the following settings were satisfied:
- The ingress controller was started with a non-default HTTPS port set with the `--https-port` argument
- An ingress is created having:
  - the `nginx.ingress.kubernetes.io/auth-url` annotation set
  - TLS enabled

This commit solves this issue by moving the setting of the `pass_server_port` variable from the server, one level down to the location context.
 2019-08-06 17:00:58 +02:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
Manuel Alejandro de Brito Fontes
84102eec2b
Migrate to new networking.k8s.io/v1beta1 package 2019-06-13 11:32:39 -04:00
Jorrit Salverda
f77eaaee50 Add opentracing-operation-name and opentracing-location-operation-name config settings 
With these settings custom span names can be used for the server span and location span

Signed-off-by: Jorrit Salverda <jsalverda@travix.com>
 2019-06-07 14:19:34 +02:00
Kubernetes Prow Robot
251f48b120
Merge pull request #4135 from nicknovitski/deployment-api-appsv1 
Use apps/v1 api group in e2e tests
 2019-05-29 16:50:18 -07:00
Nick Novitski
e1958b8272 Run PodSecurityPolicy E2E test in parallel 
Previously, this test modified a ClusterRole used by _every_ test.  It had to be run serially, with a special teardown function that restored the state of the ClusterRole for any other serial tests.

Now every test gets its own cluster role, which means this test can be safely run in parallel with all the others, without any special teardown.
 2019-05-29 14:13:04 -07:00
Nick Novitski
d617e5abdc Use apps/v1 api group in e2e tests 2019-05-29 12:12:45 -07:00
Manuel Alejandro de Brito Fontes
c2227a058d
Refactor e2e test 2019-05-27 06:31:01 -04:00
Nick Novitski
51ad0bc54b Rearrange deployment files into kustomizations 2019-05-19 12:35:54 -07:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Elvin Efendi
b13432dbe0 adjust default ssl cert e2e test 2019-04-13 15:00:44 -04:00
Elvin Efendi
1ddf5d2752 regression test for dynamic cert related default-certificate issue 2019-04-09 22:11:21 -04:00
Elvin Efendi
87e962682f properly parse x-forwarded-host 2019-03-31 15:10:45 -04:00
Elvin Efendi
496ff07bf1 replace some of the Nginx configuration to Lua code 2019-03-31 12:04:52 -04:00
Manuel Alejandro de Brito Fontes
14a9e9f3fa
Update dependencies client-go to release-11.0 and kubernetes-1.14.0 2019-03-28 20:43:18 -03:00
Manuel Alejandro de Brito Fontes
5e249d3366
Refactor e2e tests to use the service ClusterIP 2019-02-24 20:04:07 -03:00
Manuel Alejandro de Brito Fontes
8b6e4d4697
Use UsePortInRedirects only if enabled 2019-02-21 17:48:45 -03:00
Alex Kursell
ca74960905 Fix --disable-catch-all 2019-01-25 14:53:55 -05:00
Manuel Alejandro de Brito Fontes
0db09f425d
Refactor e2e tls helper 2019-01-10 20:59:49 -03:00
Maxime Ginters
3fa8395f7f Fix a bug in Ingress update handler 2019-01-08 09:28:42 -05:00
Kubernetes Prow Robot
8f57f9578d
Merge pull request #3586 from Shopify/disable-catch-all 
Add --disable-catch-all option to disable catch-all server
 2019-01-07 07:16:26 -08:00
Kubernetes Prow Robot
29118750be
Merge pull request #3342 from aledbf/allowPrivilegeEscalation 
Allow privilege escalation
 2019-01-02 17:49:39 -08:00
Manuel Alejandro de Brito Fontes
09e2466671
Add support to run e2e tests serially 2019-01-02 15:47:26 -03:00
Manuel Alejandro de Brito Fontes
a73dac2c0b
Fix proxy_host variable configuration 2019-01-02 15:31:27 -03:00
Manuel Alejandro de Brito Fontes
1109db2d09 Add e2e test 2018-12-21 19:30:34 -03:00
Manuel Alejandro de Brito Fontes
9be174738d Add allowPrivilegeEscalation 2018-12-21 19:30:19 -03:00
Maxime Ginters
1678d99a03 Add --disable-catch-all option to disable catch-all server 2018-12-21 13:22:26 -05:00
k8s-ci-robot
710ea8c76f
Merge pull request #3333 from Shopify/dont-trust-by-default 
breaking change: by default do not trust any client
 2018-11-27 05:12:48 -08:00
Manuel Alejandro de Brito Fontes
a51136b863 Refactor assertions 2018-11-18 10:53:05 -03:00
Elvin Efendi
5f3b48e16d breaking change: do not trust x-forwarded-* headers by default 2018-11-13 10:35:59 +04:00
Zenara Daley
8b32c4c326 Restructure load balance e2e tests and update round robin test 2018-11-12 10:19:52 -05:00
Zenara Daley
95db733c12 add e2e test for round robin load balancing 2018-11-09 13:20:33 -05:00
Manuel Alejandro de Brito Fontes
c9668dd40b
Fix e2e tests 2018-10-30 13:35:31 -03:00
k8s-ci-robot
5671c1718f
Merge pull request #3322 from aledbf/tests-cleanup 
Remove e2e boilerplate
 2018-10-30 08:40:23 -07:00
Manuel Alejandro de Brito Fontes
83dc4607c5
Remove e2e boilerplate 2018-10-29 22:38:15 -03:00
Maximilian Bode
c27c57dc8b Add configuration for geoip2 module 
Based on closed PRs #2551, #2755
 2018-10-29 21:25:23 +01:00
k8s-ci-robot
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref 
Provide possibility to block IPs, User-Agents and Referers globally
 2018-09-25 05:51:56 -07:00
Pavel Sinkevych
7212d0081b Provide possibility to block CIDRs, User-Agents and Referers globally 2018-09-25 14:16:20 +03:00
Manuel de Brito Fontes
361f06b791 Join host/port with go helper (supports ipv6) 2018-09-09 16:34:18 -03:00
Elvin Efendi
702fb9bf81 adjust tls settings test 2018-08-22 21:28:03 -04:00
Dario Nieuwenhuis
b5bcb93a4b
Merge branch 'master' into xff 2018-08-16 18:15:14 +02:00
Tom Reznik
b7bcf92480 support configuring multi_accept directive via configmap 2018-08-04 19:20:01 +03:00
Tom Reznik
1bacf1655e support custom configuration to main context of nginx config 2018-08-04 00:53:06 +03:00
Brian Findlay
d59e3ee9dd Update server-tokens tests 2018-06-23 10:08:39 -04:00
Manuel de Brito Fontes
1d6e2dfd5c Add e2e test for configmap change and reload 2018-06-21 10:52:56 -04:00
Dario Nieuwenhuis
04d24e1ff7 Switch forwarded-headers e2e to use gorequest. 2018-06-13 21:10:33 +02:00
Dario Nieuwenhuis
fa626a605f Add use-forwarded-headers e2e test. 2018-06-12 21:33:53 +02:00
Manuel de Brito Fontes
ff3e182350 Add support for grpc_set_header 2018-05-17 08:35:11 -04:00
Antoine Cotten
ca423e1567
Add tests for global TLS settings 2018-04-27 23:24:23 +02:00
Antoine Cotten
553df8a0cc
Refactor e2e framework for TLS tests 2018-04-27 23:24:22 +02:00
Manuel de Brito Fontes
62a80a39ad
Remove most of the time.Sleep from the e2e tests 2018-04-19 17:48:50 -03:00
Andrew Louis
444914b764 Move the resetting logic into framework 
Stylistic fixes based on feedback
 2018-04-18 11:48:22 -04:00
Andrew Louis
19337f05fb Introduce ConfigMap updating helpers into e2e/framework and retain default nginx-configuration state between tests 
Group sublogic
 2018-04-17 15:08:26 -04:00
AdamDang
e519edc76f
Correct some returned messages in server_tokens.go 
should not exists->should not exist
should exists->should exist
 2018-04-15 23:42:38 +08:00
Alvaro Aleman
e7aa74b5d4 Add NoAuthLocations and default it to "/.well-known/acme-challenge" (#2243) 
* Add NoAuthLocations and default it to "/.well-known/acme-challenge"

* Add e2e tests for no-auth-location

* Improve wording of no-auth-location tests
 2018-04-01 21:02:34 -03:00
Manuel de Brito Fontes
62622f6516 Clenup tests 2018-01-23 21:11:56 -03:00
Manuel Alejandro de Brito Fontes
807932259e
If server_tokens is disabled remove the Server header (#1903) 
* If server_tokens is disabled remove the Server header

* Add server-tokens tests

* Fix tests
 2018-01-17 10:26:53 -02:00
Manuel de Brito Fontes
57f43989fd Add e2e tests to verify the correct source IP address 2017-11-13 17:26:13 -03:00