DevFW-CICD/ingress-nginx-helm

Author	SHA1	Message	Date
Renan Gonçalves	48601bcd0e	Allow the usage of Services as Upstream on a global level (#7469 ) It is possible to change this behavior on an ingress level, which works well when you only have a few of them. When running several dozen ingress and with a high change rate of running pods it makes it easier to define this configuration on a global level. This change is completely backwards compatible, only adding the possibility of defining a new key in the configmap.	2021-09-07 12:47:15 -07:00
Ray	cf9ae96d72	Additional AuthTLS assertions and doc change to demonstrate auth-tls-secret enables the other AuthTLS annotations (#7202 ) * Fix indentation of nested list in AuthTLS annotations Also, put `<annotation>`: <description text>` on a single line in Markdown markup, which will match what gets rendered eventually. On the other hand, for the line on auth-tls-secret (This annotation expects the Secret name in the form "namespace/secretName"), its Markdown markup suggests that the author wanted the line to start on its own line, but currently this gets rendered on the same line. It's nice for this to be on its own line, since it's kind of a "note" about the annotation syntax. Format/indent the markup appropriately so that it shows up on its line. * Fix indentation of nested list in CORS annotations Also, put `<annotation>`: <description text>` on a single line in Markdown markup, which will match what gets rendered eventually. On the other hand, for lines noting the allowed characters (This is a multi-valued field...), its Markdown markup suggests that the author wanted the line to start on its own line, but currently this gets rendered on the same line. It's nice for this to be on its own line, since it's kind of a "note" about the annotation syntax. Format/indent the markup appropriately so that it shows up on its line. * Replace f.HTTPTestClientWithTLSConfig() in AuthTLS E2E, the odd one out for requests without client certs * Demonstrate and document that auth-tls-secret enables the other AuthTLS annotations like verify client, depth * Split E2E for auth-tls-error-page and *-pass-certificate-to-upstream	2021-09-07 10:35:16 -07:00
Vincent LE GOFF	f2e743f561	feat: add session-cookie-secure annotation (#7399 )	2021-09-01 15:23:40 -07:00
Ricardo Katz	90c79689c4	Release v1 (#7470 ) * Drop v1beta1 from ingress nginx (#7156) * Drop v1beta1 from ingress nginx Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix intorstr logic in controller Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * fixing admission Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * more intorstr fixing * correct template rendering Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix e2e tests for v1 api Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix gofmt errors * This is finally working...almost there... Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Re-add removed validation of AdmissionReview * Prepare for v1.0.0-alpha.1 release Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Update changelog and matrix table for v1.0.0-alpha.1 (#7274) Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * add docs for syslog feature (#7219) * Fix link to e2e-tests.md in developer-guide (#7201) * Use ENV expansion for namespace in args (#7146) Update the DaemonSet namespace references to use the `POD_NAMESPACE` environment variable in the same way that the Deployment does. * chart: using Helm builtin capabilities check (#7190) Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com> * Update proper default value for HTTP2MaxConcurrentStreams in Docs (#6944) It should be 128 as documented in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/config/config.go#L780 * Fix MaxWorkerOpenFiles calculation on high cores nodes (#7107) * Fix MaxWorkerOpenFiles calculation on high cores nodes * Add e2e test for rlimit_nofile * Fix doc for max-worker-open-files * ingress/tcp: add additional error logging on failed (#7208) * Add file containing stable release (#7313) * Handle named (non-numeric) ports correctly (#7311) Signed-off-by: Carlos Panato <ctadeu@gmail.com> * Updated v1beta1 to v1 as its deprecated (#7308) * remove mercurial from build (#7031) * Retry to download maxmind DB if it fails (#7242) * Retry to download maxmind DB if it fails. Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com> * Add retries count arg, move retry logic into DownloadGeoLite2DB function Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com> * Reorder parameters in DownloadGeoLite2DB Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com> * Remove hardcoded value Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com> * Release v1.0.0-alpha.1 * Add changelog for v1.0.0-alpha.2 * controller: ignore non-service backends (#7332) * controller: ignore non-service backends Signed-off-by: Carlos Panato <ctadeu@gmail.com> * update per feedback Signed-off-by: Carlos Panato <ctadeu@gmail.com> * fix: allow scope/tcp/udp configmap namespace to altered (#7161) * Lower webhook timeout for digital ocean (#7319) * Lower webhook timeout for digital ocean * Set Digital Ocean value controller.admissionWebhooks.timeoutSeconds to 29 * update OWNERS and aliases files (#7365) (#7366) Signed-off-by: Carlos Panato <ctadeu@gmail.com> * Downgrade Lua modules for s390x (#7355) Downgrade Lua modules to last known working version. * Fix IngressClass logic for newer releases (#7341) * Fix IngressClass logic for newer releases Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Change e2e tests for the new IngressClass presence * Fix chart and admission tests Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix helm chart test Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix reviews * Remove ingressclass code from admission * update tag to v1.0.0-beta.1 * update readme and changelog for v1.0.0-beta.1 * Release v1.0.0-beta.1 - helm and manifests (#7422) * Change the order of annotation just to trigger a new helm release (#7425) * [cherry-pick] Add dev-v1 branch into helm releaser (#7428) * Add dev-v1 branch into helm releaser (#7424) * chore: add link for artifacthub.io/prerelease annotations Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com> Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com> * k8s job ci pipeline for dev-v1 br v1.22.0 (#7453) * k8s job ci pipeline for dev-v1 br v1.22.0 Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com> * k8s job ci pipeline for dev-v1 br v1.21.2 Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com> * remove v1.21.1 version Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com> * Add controller.watchIngressWithoutClass config option (#7459) Signed-off-by: Akshit Grover <akshit.grover2016@gmail.com> * Release new helm chart with certgen fixed (#7478) * Update go version, modules and remove ioutil * Release new helm chart with certgen fixed * changed appversion, chartversion, TAG, image (#7490) * Fix CI conflict * Fix CI conflict * Fix build.sh from rebase process * Fix controller_test post rebase Co-authored-by: Tianhao Guo <rggth09@gmail.com> Co-authored-by: Ray <61553+rctay@users.noreply.github.com> Co-authored-by: Bill Cassidy <cassid4@gmail.com> Co-authored-by: Jintao Zhang <tao12345666333@163.com> Co-authored-by: Sathish Ramani <rsathishx87@gmail.com> Co-authored-by: Mansur Marvanov <nanorobocop@gmail.com> Co-authored-by: Matt1360 <568198+Matt1360@users.noreply.github.com> Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com> Co-authored-by: Kundan Kumar <kundan.kumar@india.nec.com> Co-authored-by: Tom Hayward <thayward@infoblox.com> Co-authored-by: Sergey Shakuto <sshakuto@infoblox.com> Co-authored-by: Tore <tore.lonoy@gmail.com> Co-authored-by: Bouke Versteegh <info@boukeversteegh.nl> Co-authored-by: Shahid <shahid@us.ibm.com> Co-authored-by: James Strong <strong.james.e@gmail.com> Co-authored-by: Long Wu Yuan <longwuyuan@gmail.com> Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com> Co-authored-by: Neha Lohia <nehapithadiya444@gmail.com> Co-authored-by: Akshit Grover <akshit.grover2016@gmail.com>	2021-08-21 13:42:00 -07:00
Ricardo Katz	d226d831bd	Update go version, modules and remove ioutil	2021-08-06 14:15:21 -03:00
wasker	f222c752be	Enable session affinity for canaries (#7371 )	2021-07-29 14:23:19 -07:00
Dmitry Kuleshov	a327a809d9	auto backend protocol for HTTP/HTTPS (#6985 ) * add auto backend protocol for HTTP/HTTPS * e2e test for AUTO_HTTP backend protocol * unit test for AUTO_HTTP backend protocol Co-authored-by: Luca Del Monte <luca.delmonte5@gmail.com>	2021-07-29 12:49:19 -07:00
Ricardo Katz	11d4ddca8e	Revert "feat: multiple-cors-allow-origin support (#7134 )" (#7168 ) This reverts commit `8a55801cc0`.	2021-05-27 05:38:24 -07:00
Alex Zhang	8a55801cc0	feat: multiple-cors-allow-origin support (#7134 )	2021-05-23 09:13:39 -07:00
Matt Miller	b3dfee6ada	Allow preservation of trailing slashes on TLS redirects via annotation. (#7144 ) * allow retaining a trailing slash in a TLS redirect via annotation. Signed-off-by: mamiller <mamiller@rosettastone.com> * requested changes * gofmt	2021-05-23 08:51:38 -07:00
cjyyb	49ae85099b	Fix log printing error	2021-05-02 11:34:57 +08:00
Elvin Efendi	e0dece48f7	Add Global Rate Limiting support	2021-01-04 17:47:07 -05:00
Elvin Efendi	2cff9fa41d	generalize cidr parsing and improve lua tests	2021-01-04 15:01:55 -05:00
Manuel Alejandro de Brito Fontes	d9af197e62	Remove dead code	2020-12-27 22:26:51 -03:00
Josh Soref	a8728f3d2c	Spelling	2020-12-15 16:10:48 -05:00
Kubernetes Prow Robot	e3a3ea8826	Merge pull request #6294 from ianbuss/auth-error-redirect-param Allow customisation of redirect URL parameter in external auth redirects	2020-11-23 01:27:37 -08:00
aimuz	e5fa90db9b	fix: empty IngressClassName, Error handling	2020-11-09 11:36:00 +08:00
Manuel Alejandro de Brito Fontes	4d65097afa	Improve log messages	2020-10-26 17:14:36 -03:00
Manuel Alejandro de Brito Fontes	703c2d6f8e	Enable validation of ingress definitions from extensions package	2020-10-26 10:50:44 -03:00
Ian Buss	41cf628bdf	Add a configurable URL redirect parameter for error URLs	2020-10-08 12:53:46 +01:00
Manuel Alejandro de Brito Fontes	108637bb1c	Migrate to structured logging (klog)	2020-09-27 18:59:57 -03:00
Maxime LUCE	b7b85175f6	Add annotation to configure CORS Access-Control-Expose-Headers	2020-09-23 17:41:52 +02:00
Kubernetes Prow Robot	91c6d1a081	Merge pull request #6150 from timmysilv/master Reject ingresses that use the default annotation if a custom one was provided	2020-09-10 07:11:45 -07:00
Matthew Silverman	9612180f6e	reject annotations with default prefix in the case of an override	2020-09-10 09:16:44 -04:00
Gian Ortz	3820aa416b	Add annotation to set value for burst multiplier on rate limit	2020-08-30 19:43:08 -03:00
Manuel Alejandro de Brito Fontes	cb86c5698c	Migrate to klog v2	2020-08-08 21:01:03 -04:00
Laszlo Janosi	7d82903ce9	Fix panic in ingress class validation If an ingress had no class annotation, nor IngressClassName at all, and an IngressClass resource was created for the ingress-nginx there was a panic when the controller tried to check the IngressClassName of the Ingress.	2020-08-07 17:09:14 +00:00
Zhongcheng Lao	c0629e92c2	Add proxy-ssl-server-name to enable passing SNI	2020-07-03 14:14:32 +08:00
Yilong Ren	714637bec5	build/dev-env.sh: remove docker version check docker experimental feature is unnecessary, so just remove it	2020-06-23 15:37:41 +08:00
Kubernetes Prow Robot	d061375afa	Merge pull request #5571 from agile6v/dev feat: support the combination of Nginx variables for annotation upstream-hash-by.	2020-06-01 15:10:14 -07:00
agile6v	c035a144f8	Support the combination of nginx variables and text value for annotation upstream-hash-by.	2020-06-01 06:37:41 +08:00
Kubernetes Prow Robot	ee02d897d5	Merge pull request #5534 from agile6v/master Add annotation ssl-prefer-server-ciphers.	2020-05-29 08:35:16 -07:00
agile6v	0e79ad8e4f	Update unit & e2e tests.	2020-05-21 02:19:13 +08:00
agile6v	38f99cefb2	Update testcase for sslCipher.	2020-05-13 11:03:15 +08:00
agile6v	38a8556c4f	Add comments for sslcipher.Config struct.	2020-05-13 10:40:56 +08:00
agile6v	41d82005ec	Add annotation ssl-prefer-server-ciphers.	2020-05-11 16:31:08 +08:00
Kevin Frommelt	e775495a56	Remove duplicate Cookie.ChangeOnFailure assertion	2020-05-08 13:51:14 -05:00
Kevin Frommelt	3c5e3eda7b	Remove duplicate annotation parsing for annotationAffinityCookieChangeOnFailure	2020-05-08 09:14:10 -05:00
Manuel Alejandro de Brito Fontes	efbb3f9fc8	Add support for IngressClass and ingress.class annotation	2020-04-22 09:15:32 -04:00
Manuel Alejandro de Brito Fontes	04ef782c57	Migrate ingress.class annotation to new IngressClassName field	2020-03-31 12:20:01 -03:00
Bhavin Gandhi	380ef3a92c	Fix the ability to disable ModSecurity at location level - Adds 'modsecurity off;' to the nginx config if the 'enable-modsecurity' annotation is set to false. - Update tests and e2e tests accordingly Signed-off-by: Bhavin Gandhi <bhavin7392@gmail.com>	2020-03-22 23:51:02 +05:30
Manuel Alejandro de Brito Fontes	07b70f68bd	Redirect for app-root should preserve current scheme (#5266 )	2020-03-19 15:49:18 -03:00
schaefec	0ab2e72e95	Doesn't fail if proxy-ssl-name annotation is not specified	2020-02-25 13:32:14 +01:00
schaefec	141ea59b7f	Allows overriding the server name used to verify the certificate of the proxied HTTPS server	2020-02-25 13:32:14 +01:00
Lisheng Zheng	0b33650bb8	Feat: canary supports using specific match strategy to match header value.	2020-02-21 10:02:20 +08:00
Manuel Alejandro de Brito Fontes	281139d1a7	Only set mirror source when a target is configured (#5055 )	2020-02-11 13:48:42 -03:00
Manuel Alejandro de Brito Fontes	77586dd83b	Validation of header in authreq should be done only in the key (#5053 )	2020-02-11 10:30:14 -03:00
Manuel Alejandro de Brito Fontes	b3146354d4	Refactor mirror feature	2020-02-05 10:39:55 -03:00
Brian Kopp	1b523390bb	Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility	2020-01-29 14:30:00 -07:00
Manuel Alejandro de Brito Fontes	5d05e19cc3	Fix enable opentracing per location (#4983 )	2020-01-29 12:20:05 -03:00

1 2 3 4

183 commits