DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7879 commits 4 branches 217 tags 166 MiB
Commit graph

181 commits

Author SHA1 Message Date
Ricardo Katz
cd6f88af3f
Add patch to remove root and alias directives (#8624) 2022-05-23 20:13:10 -07:00
Ricardo Katz
81c2afd975
update base images and protobuf gomod (#8478) 2022-04-15 12:53:12 -07:00
Long Wu Yuan
87979099fd
set execute bit on entrypoint.sh (#8404) 2022-03-31 04:25:00 -07:00
Aditya Kamath
5402d35663
Add execute permissions to nginx image entrypoint.sh (#8403) 2022-03-31 03:37:01 -07:00
James Strong
5298448865
downgrade to 3.14.4 and fix tag (#8386) 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-25 10:21:58 -07:00
James Strong
40bb6c3d2e
update cloud build (#8349) 2022-03-17 12:02:41 -07:00
James Strong
2fefd714bd
update tag and force a new build 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2022-03-16 12:57:48 -04:00
James Strong
1953efa9d8
Bumping alpine base to 3.15 2022-03-16 11:52:38 -04:00
sskserk
01b92b8b3a
Nginx v1.19.10 (#8307) 2022-03-14 08:55:57 -07:00
Damien Mathieu
15b0aba03b
First sidecar module: OpenTelemetry (#8013) 
* remove opentelemetry from main nginx image

* add opentelemetry sidecar image

* handle extra modules in helm chart

* fix running helm chart

* mount the modules volume in the init container

* merge the mounted folder

* fix the otel image

* fix licence year

* fix cloudbuild image

* use the same nginx version as in the main image

* only retrieve /etc/nginx/modules for now
 2022-01-16 13:33:28 -08:00
dmitry-j-mikhin
8ccec84496
fix nginx compilation flags (#8023) 
* use '-O2' instead of '-Og'
  '-O2' produce production optimized binary while '-Og' is used mostly
  for debugging
* use '-mtune=generic' instead of '-mtune=native'
  '-mtune=native' produce optimal code for builder host system, but it
  can be sub-optimal for execution host system
 2021-12-12 05:25:58 -08:00
Damien Mathieu
eb482db5b3
disable opentelemetry on arm (#7831) 2021-10-24 12:12:21 -07:00
Damien Mathieu
9da4d87d0c
Properly check whether we can install opentelemetry, and switch it back to main repo (#7803) 
* check for the exact value of USE_OPENTELEMETRY

* use latest commit from the main opentelemetry-cpp-contrib repo
 2021-10-12 12:16:34 -07:00
Damien Mathieu
0c16980018
add OpenTelemetry to nginx base image (#7669) 2021-10-11 06:16:40 -07:00
Ricardo Katz
5662db4509
Fix resty balancer checksum and location (#7703) 2021-09-26 10:28:21 -07:00
Jintao Zhang
0606ef8282
fix: upgrade lua-resty-balancer to v0.04 (#7702) 
it has two important bugfix:

1. should force convert weight to a number since it may cause dead loop
   when weight is a string type "0".
2. out-of-bounds memory writing may happen in chash_point_sort.

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2021-09-26 08:50:23 -07:00
Jintao Zhang
498892514d
Downgrade nginx to v1.19 (#7639) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2021-09-15 11:08:11 -07:00
Ricardo Katz
4ce0227268 Remove addgroup directive from alpine building 2021-09-04 02:12:50 -03:00
Ricardo Katz
cb8ebcb880
update alpine and remove buildx restriction (#7583) 2021-09-02 11:59:39 -07:00
Elvin Efendi
8951b7e22a
Revert "Update base nginx" (#7558) 
* Revert "Update base nginx (#7552)"

This reverts commit c6bc9870f1.

* keep alpine bump
 2021-08-28 07:38:52 -07:00
Elvin Efendi
c6bc9870f1
Update base nginx (#7552) 
* upgrade alpine

* use nginx 1.19.9 and corresponding patches from openresty

* include openresty CVE-2021-23017 patch too
 2021-08-27 07:20:05 -07:00
Ricardo Katz
90c79689c4
Release v1 (#7470) 
* Drop v1beta1 from ingress nginx (#7156)

* Drop v1beta1 from ingress nginx

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix intorstr logic in controller

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* fixing admission

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* more intorstr fixing

* correct template rendering

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix e2e tests for v1 api

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix gofmt errors

* This is finally working...almost there...

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Re-add removed validation of AdmissionReview

* Prepare for v1.0.0-alpha.1 release

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Update changelog and matrix table for v1.0.0-alpha.1 (#7274)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* add docs for syslog feature (#7219)

* Fix link to e2e-tests.md in developer-guide (#7201)

* Use ENV expansion for namespace in args (#7146)

Update the DaemonSet namespace references to use the `POD_NAMESPACE` environment variable in the same way that the Deployment does.

* chart: using Helm builtin capabilities check (#7190)

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* Update proper default value for HTTP2MaxConcurrentStreams in Docs (#6944)

It should be 128 as documented in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/config/config.go#L780

* Fix MaxWorkerOpenFiles calculation on high cores nodes (#7107)

* Fix MaxWorkerOpenFiles calculation on high cores nodes

* Add e2e test for rlimit_nofile

* Fix doc for max-worker-open-files

* ingress/tcp: add additional error logging on failed (#7208)

* Add file containing stable release (#7313)

* Handle named (non-numeric) ports correctly (#7311)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Updated v1beta1 to v1 as its deprecated (#7308)

* remove mercurial from build (#7031)

* Retry to download maxmind DB if it fails (#7242)

* Retry to download maxmind DB if it fails.

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Add retries count arg, move retry logic into DownloadGeoLite2DB function

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Reorder parameters in DownloadGeoLite2DB

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Remove hardcoded value

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Release v1.0.0-alpha.1

* Add changelog for v1.0.0-alpha.2

* controller: ignore non-service backends (#7332)

* controller: ignore non-service backends

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* update per feedback

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* fix: allow scope/tcp/udp configmap namespace to altered (#7161)

* Lower webhook timeout for digital ocean (#7319)

* Lower webhook timeout for digital ocean

* Set Digital Ocean value controller.admissionWebhooks.timeoutSeconds to 29

* update OWNERS and aliases files (#7365) (#7366)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Downgrade Lua modules for s390x (#7355)

Downgrade Lua modules to last known working version.

* Fix IngressClass logic for newer releases (#7341)

* Fix IngressClass logic for newer releases

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Change e2e tests for the new IngressClass presence

* Fix chart and admission tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix helm chart test

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix reviews

* Remove ingressclass code from admission

* update tag to v1.0.0-beta.1

* update readme and changelog for v1.0.0-beta.1

* Release v1.0.0-beta.1 - helm and manifests (#7422)

* Change the order of annotation just to trigger a new helm release (#7425)

* [cherry-pick] Add dev-v1 branch into helm releaser (#7428)

* Add dev-v1 branch into helm releaser (#7424)

* chore: add link for artifacthub.io/prerelease annotations

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

* k8s job ci pipeline for dev-v1 br v1.22.0 (#7453)

* k8s job ci pipeline for dev-v1 br v1.22.0

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* k8s job ci pipeline for dev-v1 br v1.21.2

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* remove v1.21.1 version

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* Add controller.watchIngressWithoutClass config option (#7459)

Signed-off-by: Akshit Grover <akshit.grover2016@gmail.com>

* Release new helm chart with certgen fixed (#7478)

* Update go version, modules and remove ioutil

* Release new helm chart with certgen fixed

* changed appversion, chartversion, TAG, image (#7490)

* Fix CI conflict

* Fix CI conflict

* Fix build.sh from rebase process

* Fix controller_test post rebase

Co-authored-by: Tianhao Guo <rggth09@gmail.com>
Co-authored-by: Ray <61553+rctay@users.noreply.github.com>
Co-authored-by: Bill Cassidy <cassid4@gmail.com>
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
Co-authored-by: Sathish Ramani <rsathishx87@gmail.com>
Co-authored-by: Mansur Marvanov <nanorobocop@gmail.com>
Co-authored-by: Matt1360 <568198+Matt1360@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: Kundan Kumar <kundan.kumar@india.nec.com>
Co-authored-by: Tom Hayward <thayward@infoblox.com>
Co-authored-by: Sergey Shakuto <sshakuto@infoblox.com>
Co-authored-by: Tore <tore.lonoy@gmail.com>
Co-authored-by: Bouke Versteegh <info@boukeversteegh.nl>
Co-authored-by: Shahid <shahid@us.ibm.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Long Wu Yuan <longwuyuan@gmail.com>
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
Co-authored-by: Neha Lohia <nehapithadiya444@gmail.com>
Co-authored-by: Akshit Grover <akshit.grover2016@gmail.com>
 2021-08-21 13:42:00 -07:00
Noah Ispas
98288bc3ca
Update versions of components for base image (#7411) 
* update versions and checksums

* change requests from PR
 2021-08-09 04:55:30 -07:00
James Strong
6aab4c2919
The actual sah256 sum for nginx 1.20.1 (#7183) 2021-05-30 11:46:25 -07:00
James Strong
be85bc0d7f
Update the sha for nginx 1.21.1 (#7182) 
Update the sha for nginx 1.21.1
 2021-05-30 11:32:25 -07:00
Shiming Zhang
e780c0b188
Upgrade Nginx to 1.20.1 (#7179) 2021-05-30 11:10:25 -07:00
Matthew Silverman
5794a9360a build yaml-cpp lib in image builder 2021-03-24 13:55:12 -04:00
Matthew Silverman
723729922a update tracing libraries 
remove unused boost_static option
 2021-03-23 19:09:23 -04:00
Manuel Alejandro de Brito Fontes
ba05026037 Update alpine to 3.13 2021-01-15 19:16:58 -03:00
Elvin Efendi
dfed436b9a fix ipmatcher installation 2021-01-04 13:09:37 -05:00
Manuel Alejandro de Brito Fontes
0cca8e83ce Update nginx alpine image to 3.12 2020-12-30 17:42:10 -03:00
Elvin Efendi
a3f1c2ad3b include lua-resty-ipmatcher and lua-resty-global-throttle inn the base image 2020-12-30 11:36:49 -05:00
Elvin Efendi
0830b21a5b include new resty lua libs in base image 2020-12-24 12:43:10 -05:00
Manuel Alejandro de Brito Fontes
a48ae42034 Update nginx to 1.19.6 2020-12-15 17:14:46 -03:00
Manuel Alejandro de Brito Fontes
68c57386d0 Update nginx to 1.19.5 2020-11-27 14:19:20 -03:00
Manuel Alejandro de Brito Fontes
2c1279cd8b Update nginx to 1.19.4 2020-10-28 12:04:05 -03:00
Tim Hobbs
0cf475ad2d
fix: OWASP CoreRuleSet rules for NodeJS and Java 
Add ruleset REQUEST-934 and REQUEST-944 to configuration for CoreRuleSet
 2020-10-28 13:19:21 +01:00
Aditya Purandare
285bdb5d0c
Update datadog opentracing plugin to v1.2.0 
https://github.com/DataDog/dd-opentracing-cpp/releases/tag/v1.2.0
 2020-10-01 09:56:14 -07:00
Manuel Alejandro de Brito Fontes
c8c69df30d Update nginx to 1.19.3 2020-09-29 12:44:30 -03:00
Manuel Alejandro de Brito Fontes
f30a32a6e3 Switch modules to dynamic and remove http_dav_module 2020-09-09 12:32:07 -03:00
Manuel Alejandro de Brito Fontes
333288e755 Library dd-opentracing cannot be static 2020-09-03 17:31:36 -04:00
Manuel Alejandro de Brito Fontes
90830034d3 Update trace modules 2020-09-03 10:04:44 -04:00
Manuel Alejandro de Brito Fontes
0673e5e17e Update mimalloc to v1.6.4 2020-08-11 23:55:04 -04:00
Manuel Alejandro de Brito Fontes
53a70c9f83 Remove .a files 2020-08-11 23:55:04 -04:00
Manuel Alejandro de Brito Fontes
53e95d9ddd Rollback update of Jaeger library to 0.5.0 and update datadog to 1.2.0 2020-08-11 23:55:04 -04:00
Manuel Alejandro de Brito Fontes
4ecd38dca5 Update nginx to 1.19.2 2020-08-11 14:46:01 -04:00
Manuel Alejandro de Brito Fontes
7994e9a8e7 Update opentracing nginx module 2020-07-24 11:10:33 -04:00
Manuel Alejandro de Brito Fontes
00f4a215de Update OWASP ModSecurity Core Rule Set 2020-07-08 09:13:31 -04:00
Manuel Alejandro de Brito Fontes
1ced9a51c8 Update nginx modules 2020-07-07 20:55:17 -04:00
Manuel Alejandro de Brito Fontes
16de15aa6e Update nginx to 1.19.1 2020-07-07 12:50:41 -04:00
agile6v
eb4ec91b76 Enable stream_realip_module. 2020-06-20 06:33:07 +08:00
Manuel Alejandro de Brito Fontes
e3c49c52f4 Update nginx image 2020-05-30 19:05:48 -04:00
Manuel Alejandro de Brito Fontes
efbd0e54e8 Update nginx image to use alpine 3.12 2020-05-30 16:03:14 -04:00
Manuel Alejandro de Brito Fontes
6c633ee581 Remove unused download of GeoIP databases 2020-05-29 21:49:26 -04:00
Manuel Alejandro de Brito Fontes
85a94fc612 Add support for s390x 2020-05-29 21:49:26 -04:00
Manuel Alejandro de Brito Fontes
227f974651 Update nginx to 1.19.0 2020-05-26 12:15:36 -04:00
Manuel Alejandro de Brito Fontes
0f2496fc95 Ensure alpine packages are up to date 2020-04-27 16:48:22 -04:00
Manuel Alejandro de Brito Fontes
5d67794f4f Pin mimalloc version and update openssl 2020-04-21 20:29:45 -04:00
Manuel Alejandro de Brito Fontes
914aad2ae3 Update luajit and nginx to 1.17.10 2020-04-14 11:43:30 -04:00
Manuel Alejandro de Brito Fontes
1eeb149b91 Remove version dependency in mimalloc symlink 2020-04-13 23:23:10 -04:00
Stevo Slavić
5f270792df
Fix broken symlink to mimalloc 2020-04-13 15:44:07 +02:00
Manuel Alejandro de Brito Fontes
7b6e2dd312
Update NGINX to 1.17.9 (#5211) 2020-03-06 10:47:27 -03:00
Caleb Gilmour
86d4f351ee Update datadog tracer to v1.1.3 2020-02-17 05:42:40 +00:00
Manuel Alejandro de Brito Fontes
12314aa1ac
Cleanup docker build (#5084) 2020-02-15 13:59:56 -03:00
Manuel Alejandro de Brito Fontes
6ab10fa68d
Update nginx image (#5010) 2020-02-04 11:49:07 -03:00
Manuel Alejandro de Brito Fontes
26f574dc27
Cleanup docker build of nginx image (#4925) 2020-01-14 13:57:44 -03:00
Manuel Alejandro de Brito Fontes
c86e4e0d9a
Use docker buildx and remove qemu-static binary (#4922) 2020-01-13 20:34:24 -03:00
Manuel Alejandro de Brito Fontes
a9dc66f40c
Rollback jaeger module version (#4920) 2020-01-13 17:44:27 -03:00
Manuel Alejandro de Brito Fontes
422f554ba9
Remove download of geoip databases (#4880) 2020-01-04 11:19:52 -03:00
Manuel Alejandro de Brito Fontes
048ce1a130 Migrate to alpine linux 2019-12-28 21:35:18 -03:00
Manuel Alejandro de Brito Fontes
9ba6289054 Add nginx patches 2019-12-28 21:35:18 -03:00
Manuel Alejandro de Brito Fontes
283536154d Switch to nginx 2019-12-28 21:35:18 -03:00
Lucas Charles
85836ac1bb
Update Modsecurity-nginx to latest 
Updates Modsecurity-nginx connector to release v1.0.1
 2019-12-17 10:05:27 -08:00
Manuel Alejandro de Brito Fontes
750f067e4c Update modsecurity crs to v3.2.0 2019-12-13 11:13:14 -03:00
Manuel Alejandro de Brito Fontes
97c59728dc
Update nginx image to fix regression in jaeger tracing (#4803) 2019-12-02 12:17:26 -03:00
Manuel Alejandro de Brito Fontes
d8ac82db9c Update nginx image to use openresty master 2019-11-04 15:36:03 -03:00
Kubernetes Prow Robot
daf8634acf
Merge pull request #4595 from aledbf/nginx-update 
Rollback change of ModSecurity setting SecAuditLog
 2019-09-24 17:05:59 -07:00
Elvin Efendi
159dfc5fc3 make a note for clarity 2019-09-24 19:16:36 -04:00
Manuel Alejandro de Brito Fontes
ea5add6f5c
Rollback change of ModSecurity setting SecAuditLog 2019-09-24 14:53:44 -03:00
Manuel Alejandro de Brito Fontes
bf82482aeb
Rollback luarocks version to 3.1.3 (#4545) 2019-09-09 13:15:46 -03:00
Manuel Alejandro de Brito Fontes
9eedc1be56
Add terraform scripts to build nginx image (#4484) 2019-09-09 01:18:30 -03:00
Manuel Alejandro de Brito Fontes
66350509d7
Remove gdb 2019-09-04 11:55:26 -04:00
Manuel Alejandro de Brito Fontes
efc66451f4
Update openresty 2019-09-04 09:30:25 -04:00
Elvin Efendi
fddd7dca6b use latest openresty with CVE patches 2019-08-14 17:57:27 -04:00
Manuel Alejandro de Brito Fontes
333d9fd48d
Fixes for CVE-2018-16843, CVE-2018-16844, CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516 (#4440) 2019-08-13 16:30:41 -04:00
Caleb Gilmour
a6869faed4 Update datadog tracing plugin to v1.0.1 2019-07-29 01:02:09 +00:00
Manuel Alejandro de Brito Fontes
ddffa2a173
Enable arm again 2019-06-26 23:00:58 -04:00
Manuel Alejandro de Brito Fontes
d57fddebd7
Update image dependencies (#4225) 2019-06-25 06:58:27 -04:00
Manuel Alejandro de Brito Fontes
723411521b
Migrate to openresty 2019-06-23 20:25:47 -04:00
Ionut Craciunescu
d08b8844a1 update modsecurity to latest, libmodsecurity to v3.0.3 and owasp-scrs to v3.1.0 (#4140) 2019-06-04 12:13:40 -04:00
Elvin Efendi
37a603a1af updated nginx and some other modules 2019-05-26 09:09:57 -04:00
Manuel Alejandro de Brito Fontes
dddbd8293b
Update nginx to 1.15.12 2019-04-17 15:44:03 -04:00
Alex Kursell
ae592821c6 Remove valgrind 2019-04-12 12:09:52 -04:00
Manuel Alejandro de Brito Fontes
1e9567b1c0
Update nginx to 1.15.10 2019-03-26 15:39:34 -03:00
Manuel Alejandro de Brito Fontes
6d0f3a00c7
Remove unnecessary copy of GeoIP databases 2019-03-19 09:36:30 -03:00
Manuel Alejandro de Brito Fontes
26f2b1330f Remove authbind 2019-03-05 10:08:34 -03:00
Elvin Efendi
584750454f bump luajit version to v2.1-20190228 that has fix for https://github.com/openresty/luajit2/issues/42 2019-02-28 21:16:49 -05:00
Manuel Alejandro de Brito Fontes
46d15e0039 Update nginx to 1.15.9 2019-02-26 14:19:53 -03:00
Dayang Shen
db4d012a97 Upgrade openresty/lua-resty-balancer 
This fixes bug in chash:reinit which prevents endpoints from being
updated correctly.

See https://github.com/openresty/lua-resty-balancer/pull/25
 2019-02-25 21:33:45 +08:00
Elvin Efendi
d2d160b839 print what lib is being downloaded 2019-02-20 08:09:25 -05:00