dVerhees
c25b80ca00
fix geoip2 configuration docs ( #11150 )
2024-03-22 01:28:24 -07:00
Matheus Fidelis
3c4e78e6b7
feature(geoip2_autoreload): Enable GeoIP2 auto_reload config ( #11079 )
...
* feature(geoip2_autoreload): GeoIP Autoreload
feature(geoip2_autoreload): fix lint
feature(geoip2_autoreload): changing flag interval
feature(geoip2_autoreload): tests - up and running
feature(geoip2_autoreload): tests - up and running
feature(geoip2): testing
feature(geoip2): remove typo
feature(geoip2_autoreload): fixing tests
* feature(geoip2_autoreload): working
* feature(geoip2_autoreload): including tests on geoip2 test file
2024-03-19 07:32:15 -07:00
dependabot[bot]
9d251d955e
Bump the all group with 4 updates ( #11133 )
...
Bumps the all group with 4 updates: [actions/checkout](https://github.com/actions/checkout ), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ), [docker/login-action](https://github.com/docker/login-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3https://github.com/docker/setup-buildx-action/releases )
- [Commits](0d103c3126...2b51285047https://github.com/docker/login-action/releases )
- [Commits](343f7c4344...e92390c5fbhttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8a470fddaf...3ab4101902
2024-03-19 07:00:00 -07:00
dependabot[bot]
d49f114af3
Bump the all group with 1 update ( #11134 )
...
Bumps the all group with 1 update: [k8s.io/component-base](https://github.com/kubernetes/component-base ).
Updates `k8s.io/component-base` from 0.29.2 to 0.29.3
- [Commits](https://github.com/kubernetes/component-base/compare/v0.29.2...v0.29.3 )
---
updated-dependencies:
- dependency-name: k8s.io/component-base
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-18 04:45:18 -07:00
Marco Ebert
56a0968675
Chart: Add IngressClass aliases. ( #11109 )
2024-03-17 14:27:27 -07:00
Robert Ma
0bed0a4558
Fix typos in OTel doc ( #11081 )
2024-03-14 07:39:56 -07:00
dependabot[bot]
e3ea23110a
Bump google.golang.org/protobuf in /images/custom-error-pages/rootfs ( #11119 )
...
Bumps google.golang.org/protobuf from 1.28.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-14 07:32:08 -07:00
dependabot[bot]
f0b986d93f
Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /magefiles ( #11121 )
...
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-14 07:29:03 -07:00
Marco Ebert
112b9bb028
Chart: Render controller.ingressClassResource.parameters natively. ( #11108 )
2024-03-14 06:23:13 -07:00
dependabot[bot]
a00a1499a0
Bump google.golang.org/protobuf in /images/kube-webhook-certgen/rootfs ( #11120 )
...
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-13 16:51:31 -07:00
Luca Berneking
a2f67e2ba6
Fix admission controller logging of admissionTime and testedConfigurationSize ( #11089 )
2024-03-12 06:51:08 -07:00
Marco Ebert
9480cde724
Chart: Align HPA & KEDA conditions. ( #11110 )
2024-03-12 06:43:51 -07:00
Marco Ebert
aa5deedae3
Chart: Add Gacko to maintainers. Again. ( #11107 )
2024-03-12 06:41:27 -07:00
Marco Ebert
2894b8a060
Chart: Improve IngressClass documentation. ( #11104 )
2024-03-12 06:39:07 -07:00
Ramon Borges
b5c447612c
Chart: Deploy PodDisruptionBudget with KEDA. ( #11032 )
...
* feat: deploy PDB if Keda is enabled and the minimum amount of replicas is greater than 1
* feat: add the corresponding unit-test to check PDB deployment with Keda
* chore: rename the test of PDB to follow suggested pattern
* chore: update the test-case suite name to the new format
* Update charts/ingress-nginx/templates/controller-poddisruptionbudget.yaml
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
* Update charts/ingress-nginx/tests/controller-poddisruptionbudget_test.yaml
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
---------
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-03-11 14:14:25 -07:00
bossm8
9c384c7eb8
Undo #11062 since it breaks the nginx config ( #11082 )
...
* [mTLS] Fix acme verfication when mTLS and Client CN verification is enabled
* revert mTLS location excluding acme-challenge since each location will match ultimately resulting in 404 for all request paths
2024-03-08 16:06:47 -08:00
dependabot[bot]
157e53b814
Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.16.0 ( #11076 )
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.15.0 to 2.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.15.0...v2.16.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-08 12:35:08 -08:00
bossm8
7d12628208
[mTLS] Fix acme verfication when mTLS and Client CN verification is enabled ( #11062 )
2024-03-08 12:32:40 -08:00
dependabot[bot]
f3a4f07174
Bump the all group with 1 update ( #11073 )
...
Bumps the all group with 1 update: [actions/add-to-project](https://github.com/actions/add-to-project ).
Updates `actions/add-to-project` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/actions/add-to-project/releases )
- [Commits](31b3f3ccdc...0609a2702e
2024-03-07 08:01:56 -08:00
dependabot[bot]
43595fc5b7
Bump the all group with 1 update ( #11072 )
...
Bumps the all group with 1 update: [google.golang.org/grpc](https://github.com/grpc/grpc-go ).
Updates `google.golang.org/grpc` from 1.62.0 to 1.62.1
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.62.0...v1.62.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 07:00:53 -08:00
dependabot[bot]
7a2e4b19a1
Bump github.com/prometheus/common from 0.49.0 to 0.50.0 ( #11075 )
...
Bumps [github.com/prometheus/common](https://github.com/prometheus/common ) from 0.49.0 to 0.50.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.49.0...v0.50.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 05:52:06 -08:00
Carlos Tadeu Panato Junior
12fbe9b163
golangci-lint update, ci cleanup, group dependabot updates ( #11071 )
...
* bump golangci-lint to v1.56.x
Signed-off-by: cpanato <ctadeu@gmail.com>
* cleanup empty lines
Signed-off-by: cpanato <ctadeu@gmail.com>
* group dependabot updates
Signed-off-by: cpanato <ctadeu@gmail.com>
* run on job changes as well
Signed-off-by: cpanato <ctadeu@gmail.com>
* remove deprecated checks
Signed-off-by: cpanato <ctadeu@gmail.com>
* fix lints and format
Signed-off-by: cpanato <ctadeu@gmail.com>
---------
Signed-off-by: cpanato <ctadeu@gmail.com>
2024-03-07 02:39:53 -08:00
James Strong
0e11470ef3
bump golang ( #11070 )
...
Signed-off-by: James Strong <strong.james.e@gmail.com>
2024-03-06 06:53:45 -08:00
Matheus Fidelis
9b63559cbb
feature(leader_election): flag to disable leader election feature on controller ( #11064 )
2024-03-06 05:59:22 -08:00
Grinish
a302cc5cca
docs: update the 404 link to FAQ ( #11069 )
2024-03-05 21:49:14 -08:00
James Strong
6c4f2ea03a
Update README.md ( #11065 )
...
remove older version, left latest for release train.
2024-03-04 11:45:49 -08:00
dependabot[bot]
272712adfb
Bump actions/download-artifact from 4.1.2 to 4.1.4 ( #11059 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](eaceaf801f...c850b930e6
2024-03-04 11:37:52 -08:00
dependabot[bot]
f3f4f3e9d3
Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 ( #11055 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 07:13:08 -08:00
dependabot[bot]
513665443a
Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 ( #11057 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f95db51fdd...0d103c3126
2024-03-04 06:16:44 -08:00
dependabot[bot]
b3b22dbb1d
Bump github.com/prometheus/common from 0.48.0 to 0.49.0 ( #11056 )
...
Bumps [github.com/prometheus/common](https://github.com/prometheus/common ) from 0.48.0 to 0.49.0.
- [Release notes](https://github.com/prometheus/common/releases )
- [Commits](https://github.com/prometheus/common/compare/v0.48.0...v0.49.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/common
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 06:11:33 -08:00
dependabot[bot]
1e79313bf5
Bump github/codeql-action from 3.24.5 to 3.24.6 ( #11060 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](47b3d888fe...8a470fddaf
2024-03-04 03:26:51 -08:00
dependabot[bot]
6ab637d26d
Bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 ( #11058 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](84384bd6e7...062f259268
2024-03-04 03:24:14 -08:00
dependabot[bot]
2a9dc340e7
Bump dorny/paths-filter from 3.0.1 to 3.0.2 ( #11061 )
...
Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/dorny/paths-filter/releases )
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md )
- [Commits](ebc4d7e9eb...de90cc6fb3
2024-03-04 03:21:27 -08:00
Bartosz Fenski
683105ebdc
quotes around numbers fort ports definitions ( #11052 )
2024-03-02 22:54:36 -08:00
James Strong
a41f46a3c7
Merge pull request #11050 from longwuyuan/fix-deploy-url
...
set deploy url to v1-10-0 in docs
2024-03-01 09:47:36 -06:00
longwuyuan
41879b14f1
set deploy url to v1-10-0 in docs
2024-03-01 20:56:44 +05:30
Ricardo Katz
dc999d81da
Release version v1.10.0 ( #11039 )
2024-02-28 16:41:06 -08:00
Ricardo Katz
02e3af9039
bump nginx and Go, remove tag file and old CI jobs ( #11037 )
...
* bump nginx and remove tag file
* Bump go, remove old CI jobs
2024-02-28 17:05:38 -03:00
Ricardo Katz
7a75538dea
Bump kubewebhook certgen ( #11034 )
...
Signed-off-by: Ricardo Katz <rikatz@users.noreply.github.com>
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
2024-02-27 21:32:13 -08:00
Ricardo Katz
862b05d913
Fix kubewebhook image tag ( #11033 )
2024-02-27 15:51:37 -03:00
Ricardo Katz
fa0bf81984
Bump go libraries ( #11023 )
...
* Bump go libraries
* Fix update codegen execution
* Fix errors on klog
* Fix gzip test
* Bump libraries on webhook certgen
* Fix webhook-certgen compilation
2024-02-27 09:52:42 -08:00
Khoo Hao Yit
b4ea953cce
add missing backend-protocol annotation option ( #9545 )
2024-02-27 09:41:09 -08:00
Bazze
bb6d1b77be
Update controller-prometheusrules.yaml ( #8902 )
...
As fixed in pull request #7829 for the ServiceMonitor resource, this is also needed for the PrometheusRule. When
upgrading the ingress-nginx chart in our environment (via Pulumi) from a really old version to the latest (4.2.0) we
noticed it wanted to delete the PrometheusRule resource. This PR should fix that.
2024-02-27 09:27:48 -08:00
Ricardo Katz
58f6285c70
Stop reporting interrupted tests ( #11027 )
2024-02-27 07:50:45 -08:00
Samuel Vaillant
0e3e32d0ae
test(gzip): reach ingress ( #9541 )
2024-02-27 06:06:39 -08:00
Florian Schlichting
1bc20da92f
fix datasource, $exported_namespace variable in grafana nginx dashboard ( #9092 )
...
* grafana/dashboards/nginx.json: re-add exported_namespace as a variable (was deleted entirely in #9523 )
* dashboards/nginx.json: switch around ingress and namespace selectors, and rename "Exported Namespace" to "Ingress Namespace"
authored by tghartland at https://gist.github.com/tghartland/9147d88f991a95d4bab0fa7278c237eb
* dashboards/nginx.json: make "Ingress Request Volume" and "Ingress Success Rate" panels look at selected Ingress Namespaces only, and rename two panel titels to use the renamed variable
as suggested by tghartland in https://github.com/kubernetes/ingress-nginx/pull/9092#issuecomment-1285840900
* dashboards/nginx.json: apply Ingress Namespace selection to "Ingress Percentile Response Times and Transfer Rates" as well
this is from https://github.com/kubernetes/ingress-nginx/pull/9092#issuecomment-1287114743 also by tghartland
2024-02-27 05:58:42 -08:00
Artur Juraszek
3a887f28e8
Properly support a TLS-wrapped OCSP responder ( #10164 )
...
Current implementation of OCSP stapling makes use of the DNS caching machinery[^1],
which results in resty.http not seeing the actual host name of the OCSP responder.
On HTTP level, this is already mitigated via overriding the Host header, but
if a given responder operates on a HTTPS endpoint (a setup which, admittedly, isn't
very popular due to its chicken-and-egg caveats involved but is nonetheless legal[^2])
the connection will fail to be established. A relevant (and a bit redacted) excerpt from logs:
2023/07/02 18:13:23 [info] 112#112: *29039 [lua] dns.lua:32: cache_set(): cache set for 'my.ocsp.responder' with value of [10.1.2.3, 10.4.5.6, 10.7.8.9] and ttl of 30., context: ngx.timer, client: 127.0.0.1, server: 0.0.0.0:442
2023/07/02 18:13:23 [error] 112#112: *29039 lua ssl certificate does not match host "10.1.2.3", context: ngx.timer, client: 127.0.0.1, server: 0.0.0.0:442
2023/07/02 18:13:23 [error] 112#112: *29039 [lua] certificate.lua:143: fetch_and_cache_ocsp_response(): could not get OCSP response: certificate host mismatch, context: ngx.timer, client: 127.0.0.1, server: 0.0.0.0:442
[^1]: https://github.com/kubernetes/ingress-nginx/blob/ebb6314/rootfs/etc/nginx/lua/certificate.lua#L81
[^2]: https://datatracker.ietf.org/doc/html/rfc2560#appendix-A.1.1
2024-02-27 05:56:40 -08:00
Hervé
30c4314534
Fix print-e2e-suite ( #9536 )
...
Before:
```
$ make print-e2e-suite
Reached DIND check ELSE block, inside run-in-docker.sh
Compiled e2e.test
Reached DIND check ELSE block, inside run-in-docker.sh
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+++ dirname hack/print-e2e-suite.sh
++ cd hack/..
++ pwd -P
+ DIR=/go/src/k8s.io/ingress-nginx
+ /go/src/k8s.io/ingress-nginx/test/e2e/e2e.test -ginkgo.noColor -ginkgo.dryRun
+ sed 's|/go/src/k8s.io/ingress-nginx/|File: |g'
+ sed s/•//g
+ + head -n-3tail -n+5
You're using deprecated Ginkgo functionality:
=============================================
--ginkgo.dryRun is deprecated, use --ginkgo.dry-run instead
Learn more at: https://onsi.github.io/ginkgo/MIGRATING_TO_V2#changed-command-line-flags
--ginkgo.noColor is deprecated, use --ginkgo.no-color instead
Learn more at: https://onsi.github.io/ginkgo/MIGRATING_TO_V2#changed-command-line-flags
To silence deprecations that can be silenced set the following environment variable:
ACK_GINKGO_DEPRECATIONS=2.6.1
Will run 423 of 423 specs
```
After:
```
$ make print-e2e-suite
Reached DIND check ELSE block, inside run-in-docker.sh
Compiled e2e.test
Reached DIND check ELSE block, inside run-in-docker.sh
Will run 423 of 423 specs
------------------------------
[Annotations] service-upstream when using the default value (false) and enabling in the annotations should use the Service Cluster IP and Port
File: test/e2e/annotations/serviceupstream.go:41
[0.000 seconds]
------------------------------
[...]
```
Signed-off-by: Hervé Werner <dud225@hotmail.com>
2024-02-27 05:41:04 -08:00
Ricardo Katz
0a87031bbd
Bump modsecurity on nginx 1.25 ( #11024 )
2024-02-26 17:08:45 -08:00
Ricardo Katz
391a304b10
Bump grpc and reintroduce OTEL compilation ( #11021 )
...
* Bump grpc and reintroduce OTEL compilation
* Enable s390x again
2024-02-26 15:05:00 -08:00
