DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4909 commits 4 branches 217 tags 166 MiB
Commit graph

490 commits

Author SHA1 Message Date
Balazs Szekeres
6206adf188 Added 'Add headers' configmap parameter testcase. 2020-02-14 19:56:43 +01:00
Manuel Alejandro de Brito Fontes
71e35c9100
Make sure set-cookie is retained from external auth endpoint (#5067) 2020-02-14 01:41:11 -03:00
Manuel Alejandro de Brito Fontes
e179a24f97 Cleanup of e2e tests 2020-02-14 01:09:08 -03:00
Manuel Alejandro de Brito Fontes
2e3f128ed5 Enable grpc e2e tests 2020-02-14 01:09:08 -03:00
Manuel Alejandro de Brito Fontes
fa3642d01b
Update go to 1.13.8 (#5070) 2020-02-13 19:41:35 -03:00
Manuel Alejandro de Brito Fontes
1e42967d91 Adjust Suite time execution 2020-02-13 15:33:14 -03:00
Manuel Alejandro de Brito Fontes
b4dba519fc Remove dependency of https://grpcb.in 2020-02-13 15:33:14 -03:00
Manuel Alejandro de Brito Fontes
4a21dc17f4 Remove cleanup helper 2020-02-13 15:33:14 -03:00
Manuel Alejandro de Brito Fontes
0197ea0dc4 Remove empty BeforeEach and AfterEach from e2e tests 2020-02-13 15:33:14 -03:00
Manuel Alejandro de Brito Fontes
b37270bdde Cleanup framework package 2020-02-13 15:33:14 -03:00
Manuel Alejandro de Brito Fontes
28350f9876
Fix scripts to run in osx (#5061) 2020-02-12 21:17:26 -03:00
Manuel Alejandro de Brito Fontes
281139d1a7
Only set mirror source when a target is configured (#5055) 2020-02-11 13:48:42 -03:00
Ilya Nemakov
46a3e0a6fd Fix X-Forwarded-Proto based on proxy-protocol server port 2020-02-10 18:08:34 +03:00
Manuel Alejandro de Brito Fontes
8d4278bfd2
Update default kind k8s version (#5031) 2020-02-07 14:20:16 -03:00
Manuel Alejandro de Brito Fontes
ac2ce11739
Add echo image to avoid building and installing dependencies in each test (#5028) 2020-02-06 18:08:44 -03:00
Manuel Alejandro de Brito Fontes
b3146354d4 Refactor mirror feature 2020-02-05 10:39:55 -03:00
Manuel Alejandro de Brito Fontes
a16ed1b01f
Update nginx image, go to 1.13.7 and e2e image (#5011) 2020-02-04 14:02:10 -03:00
Manuel Alejandro de Brito Fontes
11192819ff
Dump kind logs after e2e tests (#4987) 2020-01-30 11:42:57 -03:00
Manuel Alejandro de Brito Fontes
02c99e9ccf Update e2e image 2020-01-27 00:01:13 -03:00
Manuel Alejandro de Brito Fontes
68bfbd939b Remove hard-coded timeout in e2e tests 2020-01-27 00:01:13 -03:00
Kubernetes Prow Robot
2f8cbeb8fa
Merge pull request #4956 from djboris9/proxy-protocol-port 
Fix proxy protocol support for X-Forwarded-Port
 2020-01-26 12:27:02 -08:00
Manuel Alejandro de Brito Fontes
5eddf1095d
Add verification of docker buildx support (#4966) 2020-01-26 10:07:55 -03:00
Manuel Alejandro de Brito Fontes
1443ebf5a8
Cleanup of e2e docker images (#4962) 2020-01-25 17:43:21 -03:00
HowJMay
ad8a01f945 fix: Fix typo 
Fix typo in comment
 2020-01-25 16:03:18 +08:00
Boris Djurdjevic
665f924e9e Add proxy protocol support for X-Forwarded-Port 
Fixes https://github.com/kubernetes/ingress-nginx/issues/4951
 2020-01-24 13:50:35 +01:00
Manuel Alejandro de Brito Fontes
c8015c7734
Update nginx image, use docker buildx and remove qemu (#4923) 
* Update nginx image, use docker buildx and remove qemu

* Update e2e image
 2020-01-14 20:52:57 -03:00
Manuel Alejandro de Brito Fontes
fcd3a580d9
Use docker to run makefile tasks (#4893) 2020-01-09 00:58:16 -03:00
Manuel Alejandro de Brito Fontes
2af6305a4f Fix flaking e2e tests 2020-01-05 14:08:56 -03:00
Manuel Alejandro de Brito Fontes
9c0061f482
Update e2e image (#4884) 2020-01-04 22:18:29 -03:00
Manuel Alejandro de Brito Fontes
8fb2695d54
Update e2e image (#4883) 2020-01-04 20:29:49 -03:00
Manuel Alejandro de Brito Fontes
1f2820a343 GeoIP test are temporarily disabled 2020-01-04 15:17:24 -03:00
Manuel Alejandro de Brito Fontes
f9e2b7c14b Fix status code 2020-01-04 13:23:16 -03:00
Manuel Alejandro de Brito Fontes
fbdd924a45 Update nginx image 2020-01-04 13:23:16 -03:00
Manuel Alejandro de Brito Fontes
6c92c80073 Fix sticky session for ingress without host 2020-01-02 16:52:49 -03:00
Manuel Alejandro de Brito Fontes
a0523c3c8a
Use a named location for authSignURL (#4859) 2019-12-24 22:50:25 -03:00
Manuel Alejandro de Brito Fontes
0ae5892935
Update nginx image (#4848) 2019-12-18 09:32:20 -03:00
Manuel Alejandro de Brito Fontes
5c30820d1f Remove hard-coded annotation and don't use map pointers 2019-12-13 03:05:20 -03:00
Manuel Alejandro de Brito Fontes
c2550930b1 Fix e2e test flakes 2019-12-13 01:34:52 -03:00
Manuel Alejandro de Brito Fontes
1800ffa30d Use deployments only from apps/v1 group 2019-12-12 21:25:01 -03:00
Manuel Alejandro de Brito Fontes
0dce5be743 Migrate ingress definitions from extensions to networking.k8s.io 2019-12-12 21:25:00 -03:00
Elvin Efendi
49ba53b7b6 regression test for duplicate hsts 2019-12-12 13:45:43 -05:00
Kamil Domański
16b5ad3c09 add e2e test for HTTP->HTTPS redirection 2019-12-09 15:56:21 +01:00
Manuel Alejandro de Brito Fontes
fd9e2b2214
Update nginx and e2e images (#4805) 2019-12-02 14:36:49 -03:00
Manuel Alejandro de Brito Fontes
46953ccb4d
Update nginx image and Go to 1.13.4 (#4785) 2019-11-29 15:20:18 -03:00
Manuel Alejandro de Brito Fontes
61d902db14 Remove Lua resty waf feature 2019-11-26 10:37:43 -03:00
Thomas Jackson
500b043f27 Don't use DNS resolution to "validate FQDN" 
As the controller stands today this "validation" is done once per config load, which means if the DNS query fails for any reason the endpoint will remain dead until both (1) a change happens to the ingress and (2) the DNS resolution works. If the user configured the name we should just pass it through, this way the lua dns can attempt to re-query it at its leisure.
 2019-10-13 13:16:47 -07:00
Kubernetes Prow Robot
fb025ab501
Merge pull request #4087 from MRoci/master 
Define Modsecurity Snippet via ConfigMap
 2019-09-30 15:19:32 -07:00
Andrea Spacca
e84c8cd705 ISSUE-4244 e2e test 2019-09-29 23:28:44 +02:00
MRoci
1ee081ccc8
test modsecurity-snippet 2019-09-28 09:54:10 +02:00
Manuel Alejandro de Brito Fontes
2bd8121338
Change default for proxy-add-original-uri-header 2019-09-25 10:57:31 -03:00
Elvin Efendi
fe2ea692a6 adjust tests to the new no-reload on cert update world 2019-09-25 06:59:47 -04:00
Elvin Efendi
799f0ae76d more meaningful assertion for tls hsts test 2019-09-24 15:39:20 -04:00
A Gardner
786a3b6862 Add support for configmap of headers to be sent to external auth service 2019-09-24 10:53:23 -04:00
Kubernetes Prow Robot
f6c2f5fb97
Merge pull request #4514 from alexmaret/4475-stickyness-mode 
Added new affinity mode for maximum session stickyness.
 2019-09-24 05:09:27 -07:00
Kubernetes Prow Robot
846ff00363
Merge pull request #4560 from Shopify/basic-auth-map 
Support configuring basic auth credentials as a map of user/password hashes
 2019-09-16 07:52:39 -07:00
A Gardner
376b862c23 Add annotation to support map of user/pass pairs in basic auth 2019-09-13 11:33:33 -04:00
Manuel Alejandro de Brito Fontes
9af574a234
Remove the_real_ip variable 2019-09-12 20:01:33 -03:00
Manuel Alejandro de Brito Fontes
ce3e3d51c3
WIP Remove nginx unix sockets (#4531) 
* Remove nginx unix sockets
* Use an emptyDir volume for /tmp in PSP e2e tests
 2019-09-08 18:14:54 -03:00
Manuel Alejandro de Brito Fontes
1433cde9e6
Improve the time to run e2e tests 2019-09-05 11:46:53 -04:00
Manuel Alejandro de Brito Fontes
1304cb194f
Update nginx image to 0.92 2019-09-04 10:34:54 -04:00
Kubernetes Prow Robot
74031cc8b8
Merge pull request #4528 from aledbf/clean-docker 
Cleanup of docker images
 2019-09-03 18:04:58 -07:00
Manuel Alejandro de Brito Fontes
dc20551288
Cleanup of docker images 2019-09-03 19:10:40 -04:00
Manuel Alejandro de Brito Fontes
48c89cbe3c
Switch to official kind images (#4527) 2019-09-03 16:46:43 -04:00
Manuel Alejandro de Brito Fontes
c2935ca35c
Refactor health checks and wait until NGINX process ends 2019-09-01 15:31:27 -04:00
Manuel Alejandro de Brito Fontes
c85450c1e7
Remove hard-coded names from e2e test and use local docker dependencies (#4502) 2019-09-01 14:16:52 -04:00
Alexander Maret-Huskinson
9170591185 Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475 2019-08-30 11:40:29 +02:00
Manuel Alejandro de Brito Fontes
fcd3054f13
Lint code using staticcheck (#4471) 2019-08-23 12:08:40 -04:00
Kubernetes Prow Robot
75d65bbd15
Merge pull request #4327 from leki75/proxyssl 
Add proxy_ssl_* directives
 2019-08-18 09:14:04 -07:00
Guangming Wang
3c05cc4225
cleanup: fix typos in framework.go 
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
 2019-08-17 23:16:15 +08:00
Guangming Wang
8cf384b212
cleanup logging message typos in rewrite.go 
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
 2019-08-16 23:36:24 +08:00
Gabor Lekeny
65b9e2c574 Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl 2019-08-16 06:21:53 +02:00
Manuel Alejandro de Brito Fontes
23ed3ba4c4
Fix file permissions to support volumes 2019-08-15 20:48:37 -04:00
Manuel Alejandro de Brito Fontes
816f4b0824
Fix service type external name using the name 2019-08-15 12:09:42 -04:00
Elvin Efendi
b21c721196 lua-shared-dicts improvements, fixes and documentation 2019-08-14 22:10:56 -04:00
Kubernetes Prow Robot
dd0fe4b458
Merge pull request #4422 from ElvinEfendi/lua-resolv-conf-search 
teach lua about search and ndots settings in resolv.conf
 2019-08-14 17:36:33 -07:00
Kubernetes Prow Robot
0d690fba1a
Merge pull request #4356 from aledbf/only-dynamic-mode 
Only support SSL dynamic mode
 2019-08-14 17:08:35 -07:00
Elvin Efendi
1be52afa8d e2e test for service with incomplete external name 2019-08-14 18:03:30 -04:00
Gabor Lekeny
8a2a0e915a Add e2e tests for proxyssl 2019-08-14 11:49:28 +02:00
Kubernetes Prow Robot
adef152db8
Merge pull request #4379 from diazjf/mirror 
Allow Requests to be Mirrored to different backends
 2019-08-13 17:52:24 -07:00
Elvin Efendi
d46b4148fa Lua /etc/resolv.conf parser and some refactoring 2019-08-13 18:34:54 -04:00
Manuel Alejandro de Brito Fontes
80bd481abb
Only support SSL dynamic mode 2019-08-13 17:33:34 -04:00
Manuel Alejandro de Brito Fontes
8a9298ae27
Add helper to extract prometheus metrics in e2e tests 2019-08-13 12:53:40 -04:00
Kubernetes Prow Robot
8c472190d1
Merge pull request #4086 from jeroen92/issue-4038 
Resolve #4038, move X-Forwarded-Port variable to the location context
 2019-08-09 08:07:25 -07:00
Manuel Alejandro de Brito Fontes
4a9b02bc03
Remove dynamic TLS records 2019-08-08 15:52:56 -04:00
tals
a2e667c082 lua shared dict from cm 
lua shared dict teml test and update func sign

lua shared dict cm test

lua shared dict integration test

lua shared dict add cm parsing

lua shared dict change test header
 2019-08-08 12:44:11 +03:00
Jeroen Schutrup
8dd912114e
Move X-Forwarded-Port variable to the location context 
Resolves issue #4038 where the X-Forwarded-Port header would be set to the value of the https listening port if all of the following settings were satisfied:
- The ingress controller was started with a non-default HTTPS port set with the `--https-port` argument
- An ingress is created having:
  - the `nginx.ingress.kubernetes.io/auth-url` annotation set
  - TLS enabled

This commit solves this issue by moving the setting of the `pass_server_port` variable from the server, one level down to the location context.
 2019-08-06 17:00:58 +02:00
Fernando Diaz
386486e969 Allow Requests to be Mirrored to different backends 
Add a feature which allows traffic to be mirrored to
additional backends. This is useful for testing how
requests will behave on different "test" backends.

See https://nginx.org/en/docs/http/ngx_http_mirror_module.html
 2019-08-01 11:53:58 -05:00
Charle Demers
72271e9313
FastCGI backend support (#2982) 
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
 2019-07-31 10:39:21 -04:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
Manuel Alejandro de Brito Fontes
d5c7fa8cfb
Fix scripts to be able to run tests in docker 2019-07-17 11:06:53 -04:00
E. Stuart Hicks
3b0c523e49 added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends 2019-07-08 14:32:00 -04:00
Elvin Efendi
08906ef8f2 add comment to the test 2019-07-04 18:39:29 -04:00
Elvin Efendi
e988217fdf e2e test for ewma 2019-07-03 16:25:53 -04:00
Elvin Efendi
964a484b2f GetLbAlgorithm helper func for e2e 2019-07-03 08:15:41 -04:00
Manuel Alejandro de Brito Fontes
004d0c8214
Fix go imports 2019-06-30 18:58:18 -04:00
Kubernetes Prow Robot
a2009484f7
Merge pull request #4249 from ElvinEfendi/trailing-dot 
test to make sure dynamic cert works trailing dot in domains
 2019-06-29 16:43:22 -07:00
Manuel Alejandro de Brito Fontes
975a63516d
Update kind to 0.4.0 2019-06-29 18:32:02 -04:00
Elvin Efendi
f771e7247a test to make sure dynamic cert works trailing dot in domains 2019-06-28 16:21:59 -04:00
Manuel Alejandro de Brito Fontes
591887089f
Add e2e test suite to detect memory leaks in lua 2019-06-27 22:05:52 -04:00