DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5543 commits 4 branches 217 tags 166 MiB
Commit graph

131 commits

Author SHA1 Message Date
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Thibault Jamet
1cd17cd12c
Implement a validation webhook 
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.

In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.

Related changes:

- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
 2019-04-18 19:07:04 +02:00
Kubernetes Prow Robot
b87cc5a1a6
Merge pull request #3786 from Shopify/rewrite-x-forwarded-prefix 
Fix x-forwarded-prefix annotation
 2019-03-31 16:18:32 -07:00
Elvin Efendi
496ff07bf1 replace some of the Nginx configuration to Lua code 2019-03-31 12:04:52 -04:00
Alex Kursell
188295550c Simplify x-forwarded-prefix annotation 2019-03-29 16:25:25 -04:00
Thomas Jackson
eba4a8b87c Correctly format ipv6 resolver config for lua 
Fixes #3881
 2019-03-14 10:00:24 -07:00
Alejandro Pedraza
a3c87cf9cb Properly set ing.Service when there are multiple rules with different hosts using the same path 
Fixes #3611

Signed-off-by: Alejandro Pedraza <alejandro.pedraza@gmail.com>
 2019-03-07 06:06:24 -05:00
jasongwartz
3865e30a00 Changes CustomHTTPErrors annotation to use custom default backend 
Updates e2e test

Removes focus from e2e test

Fixes renamed function

Adds tests for new template funcs

Addresses gofmt

Updates e2e test, fixes custom-default-backend test by creating service

Updates docs
 2019-02-24 22:48:56 +01:00
Alan J Castonguay
a29c27ed4c Datadog Opentracing support - part 2 
This commit is part 2 of 2, adding configuration of the
Datadog Opentracing module to the controller.

Fixes half of #3752
 2019-02-15 15:20:10 -05:00
Elvin Efendi
d99390f402 remove old unused lua dicts 2019-02-06 17:33:16 -05:00
Fernando Diaz
7b507095f4 Increase Unit Test Coverage for Templates 
Increases the Coverage for nginx ingress template
functions. The majority of the added unit tests
are for checking the invalid type handling.
 2019-01-29 22:55:44 -06:00
Kubernetes Prow Robot
71cc6df74f
Merge pull request #3174 from Shopify/rewrite-regex 
Generalize Rewrite Block Creation and Deprecate AddBaseUrl (not backwards compatible)
 2019-01-02 12:30:18 -08:00
Fernando Diaz
429110aa13 Add Unit Tests for getIngressInformation 
Adds a unit test for the getIngressInformation
function.
 2018-12-18 11:10:48 -06:00
Zenara Daley
67654a6fd5 Generalize Rewrite Block Creation 2018-12-13 13:02:05 -05:00
Manuel Alejandro de Brito Fontes
68f344233b Fix lint issues 2018-12-05 13:28:28 -03:00
Manuel Alejandro de Brito Fontes
2fa55eabf6 Replace glog with klog 2018-12-05 13:27:55 -03:00
Manuel Alejandro de Brito Fontes
06d33c16b5
Allow to disable NGINX metrics 2018-12-05 10:14:35 -03:00
Elvin Efendi
4eabd535f9 be consistent with what Nginx supports 2018-12-02 22:20:56 +04:00
Kubernetes Prow Robot
ccd7b890fd
Merge pull request #3492 from aledbf/fix-units 
Fix data size validations
 2018-12-02 09:01:12 -08:00
Andre Marianiello
b80b19902a Use opentracing_grpc_propagate_context when necessary 2018-12-01 16:31:10 -05:00
Manuel Alejandro de Brito Fontes
6098f6c0e7
Fix data size validations 2018-11-30 10:40:33 -03:00
Elvin Efendi
60569137ca delete unused buildLoadBalancingConfig 2018-11-28 11:55:41 +04:00
k8s-ci-robot
c99716aadf
Merge pull request #3437 from Shopify/ingress-annotations 
Use struct to pack Ingress and its annotations
 2018-11-21 00:41:58 -08:00
Manuel Alejandro de Brito Fontes
a5341822d5 Increase log level when there is an invalid size value 2018-11-20 15:09:03 -03:00
Maxime Ginters
12766cdfc6 Use struct to pack Ingress and its annotations 2018-11-20 09:38:22 -05:00
Maxime Ginters
0f3e2b9bf0 Convert isValidClientBodyBufferSize to something more generic and use it for client_max_body_size 2018-11-13 10:11:40 -05:00
jasongwartz
0ebf0354cb Adds CustomHTTPErrors ingress annotation and test 
Adds per-server/location error-catch functionality to nginx template

Adds documentation

Reduces template duplication with helper function for CUSTOM_ERRORS data

Updates documentation

Adds e2e test for customerrors

Removes AllCustomHTTPErrors, replaces with template function with deduplication and adds e2e test of deduplication

Fixes copy-paste error in test, adds additional test cases

Reverts noop change in controller.go (unused now)
 2018-11-06 16:47:52 +01:00
Manuel Alejandro de Brito Fontes
71ebe1cba5 Code linting 2018-10-30 20:46:48 -03:00
Henry Tran
3cbfd63992 Refactor EWMA to not use shared dictionaries 2018-10-25 22:33:42 +04:00
k8s-ci-robot
3edf11b85f
Merge pull request #3198 from aledbf/only-dynamic 
Only support dynamic configuration
 2018-10-10 05:07:34 -07:00
Manuel Alejandro de Brito Fontes
74c2f93de6
Only support dynamic configuration 2018-10-09 22:05:45 -03:00
k8s-ci-robot
f56ab42cd2
Merge pull request #3194 from bshelton229/literal-dollar-character 
Make literal $ character work in set $location_path
 2018-10-09 15:52:39 -07:00
Bryan Shelton
3686e4f366 Move escapeLocationPathVar to escapeLiteralDollar 2018-10-09 12:58:50 -07:00
Manuel Alejandro de Brito Fontes
859b298d42 Remove annotations grpc-backend and secure-backend already deprecated 2018-10-08 12:26:06 -03:00
Bryan Shelton
3dc131bd57 Make literal $ character work in set $location_path 2018-10-07 12:58:39 -07:00
Zenara Daley
bd3f56eaa0 allow curly braces to be used in regex paths 2018-10-04 10:58:38 -04:00
Zenara Daley
f29bdc3e8d Add 'use regex' annotation to toggle nginx regex location modifier 2018-10-01 13:54:11 -04:00
k8s-ci-robot
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref 
Provide possibility to block IPs, User-Agents and Referers globally
 2018-09-25 05:51:56 -07:00
Pavel Sinkevych
7212d0081b Provide possibility to block CIDRs, User-Agents and Referers globally 2018-09-25 14:16:20 +03:00
Zenara Daley
0de19c8062 Fix/add unit tests; Styling changes 2018-09-14 15:07:57 -04:00
Zenara Daley
0e6f0bb88d enforce ^~ location modifier when rewrite-target annotation is set 2018-09-13 10:39:52 -04:00
Jeroen van Dongen
e428095e3c fixed rewrites for paths not ending in / 2018-08-15 21:15:40 +02:00
k8s-ci-robot
3f5af6eecf
Merge pull request #2889 from hnrytrn/dynamic-cert-endpoint 
Add Lua endpoint to support dynamic certificate serving functionality
 2018-08-13 10:49:43 -07:00
Manuel de Brito Fontes
7af93e03c7
Add annotation backend-protocol 2018-08-07 08:59:38 -04:00
Henry Tran
5200a38bd7 Add lua endpoint to handle certificates in dynamic configuration mode 2018-08-07 08:18:34 -04:00
k8s-ci-robot
23ce9b5db1
Merge pull request #2808 from dongqi1990/bugfix-2799 
fix the bug #2799, add prefix (?i) in rewrite statement.
 2018-08-02 20:58:06 -07:00
dongqi1990
72a2aa171a fix the bug #2799, add prefix (?i) in rewrite statement and add new e2e 
test.
 2018-07-30 17:34:28 +08:00
Elvin Efendi
8a67ace5c3 enable dynamic backend configuration by default 2018-07-26 15:16:06 -04:00
Elvin Efendi
d4faf68416 add support for ExternalName service type in dynamic mode 2018-07-25 09:05:47 -04:00
k8s-ci-robot
237dcd7aa7
Merge pull request #2811 from takonomura/escape-request-uri 
Escape $request_uri for external auth
 2018-07-21 02:23:38 -07:00
dongqi1990
568512fdb8 modified annotation name "rewrite-to" to "rewrite-target" in comments 2018-07-19 17:14:18 +08:00
takonomura
587c2a8765 Escape $request_uri for external auth 2018-07-19 15:22:05 +09:00
Mike Bryant
85d1742283 fix: Use the correct opentracing plugin for Jaeger 
Part of #2738
 2018-07-05 19:09:12 +01:00
Manuel Alejandro de Brito Fontes
df76d4b481
Update opentracing configuration (#2676) 2018-06-21 18:15:18 -04:00
Lorenzo Fontana
d434583b53
InfluxDB configuration string template builder helper 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2018-05-19 09:22:49 +02:00
Manuel de Brito Fontes
ff3e182350 Add support for grpc_set_header 2018-05-17 08:35:11 -04:00
Elvin Efendi
6cb28e059c use roundrobin from lua-resty-balancer library and refactor balancer.lua 2018-05-10 13:47:19 -04:00
k8s-ci-robot
361e53ffa9
Merge pull request #2344 from aledbf/xss-base-tag 
Escape variables in add-base-url annotation
 2018-04-13 10:11:00 -07:00
k8s-ci-robot
8855460817
Merge pull request #2341 from Shopify/custom-sticky 
Add session affinity to custom load balancing
 2018-04-12 17:22:59 -07:00
Zenara Daley
6ed256dde6 Add session affinity to custom load balancing 2018-04-12 14:21:42 -04:00
Zenara Daley
9198e2c14b fix make verify-all failures 2018-04-12 14:14:43 -04:00
Zenara Daley
4b76ad14bb Fix buildupstream name to work with dynamic session affinity 2018-04-12 14:01:46 -04:00
Elvin Efendi
d6eb44376d run lua-resty-waf in different modes (#2317) 
* run lua-resty-waf in different modes

* update docs
 2018-04-09 09:19:13 -03:00
Elvin Efendi
a6fe800a47 lua-resty-waf controller (#2304) 2018-04-08 17:37:13 -03:00
Manuel de Brito Fontes
82b6c33c25
Escape variables in add-base-url annotation 2018-04-05 20:45:49 -03:00
Manuel Alejandro de Brito Fontes
adf12fced1
Add support for gRPC (#2223) 
* Update nginx to 1.13.10 and enable gRPC

* Add support for grpc
 2018-03-22 00:38:47 -03:00
Elvin Efendi
df50487a35 fix wrong config generation when upstream-hash-by is set (#2215) 2018-03-19 17:37:51 -03:00
Alvaro Aleman
94deb3a01a Add configoption to exclude routes from tls upgrading (#2203) 
* Add configoption to exclude routes from tls upgrading

* Add tests for IsLocationInLocationList

* Seperate elements in NoTLSRedirectLocations by comma

* Set NoTLSRedirectLocations to "/.well-known/acme-challenge/" by default

* Remove trailing slash from "/.well-known/acme-challenge" default
 2018-03-18 17:44:59 -03:00
Elvin Efendi
c90a4e811e Live Nginx (re)configuration without reloading (#2174) 2018-03-18 10:13:41 -03:00
Elvin Efendi
36cce00fdd configuring load balancing per ingress (#2167) 
* configure load balancing through a ingress annotation

* update docs
 2018-03-09 13:09:41 -08:00
Manuel Alejandro de Brito Fontes
a8ce680d43
Fix error loading modules (#2141) 2018-02-24 18:09:23 -03:00
Manuel Alejandro de Brito Fontes
33475b7184
Fix opentracing configuration when multiple options are configured (#2075) 2018-02-12 16:08:49 -08:00
Luke Jolly
42076e8ed0 Added configmap option to disable IPv6 in nginx DNS resolver (#1992) 2018-02-02 11:53:28 -08:00
Fernando Diaz
d1ae7ff29c Enable Customization of Auth Request Redirect (#1993) 
Adds the 'nginx.ingress.kubernetes.io/auth-request-redirect'
annotation, which allows the customization of the
'X-Auth-Request-Redirect' Header. Fixes: #1979
 2018-01-27 21:32:08 -03:00
Manuel Alejandro de Brito Fontes
3e7d1f9acf
Random string function should only contains letters (#1906) 2018-01-17 10:26:32 -02:00
Manuel de Brito Fontes
03a1e20fde
Remove package to generate UUIDs 2018-01-07 12:07:33 -03:00
Max Laverse
f5953bbfa1 Add X-Forwarded-Prefix on rewrites 2017-12-06 22:06:37 +01:00
Manuel de Brito Fontes
18d6573981 Add fake filesystem for test to avoid temporal files on the local filesystem 2017-11-22 19:52:30 -03:00
Manuel de Brito Fontes
8f1ff15a6e Add prefix nginx to annotations 2017-11-11 14:53:44 -03:00
Manuel de Brito Fontes
97577c07a5 Include a buffer pool to improve memory usage 2017-11-11 14:53:44 -03:00
Manuel de Brito Fontes
73fe95722c Rename package pkg to internal 2017-11-11 14:53:44 -03:00
Renamed from pkg/ingress/controller/template/template.go (Browse further)