DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6044 commits 4 branches 217 tags 166 MiB
Commit graph

611 commits

Author SHA1 Message Date
Vincent LE GOFF
f2e743f561
feat: add session-cookie-secure annotation (#7399) 2021-09-01 15:23:40 -07:00
Matthew Silverman
b591adac48
allow kb granularity for lua shared dicts (#6750) 
Update internal/ingress/controller/template/configmap.go

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
 2021-08-12 11:13:50 -07:00
Tom Hayward
9a9ad47857 Fix forwarding of auth-response-headers to gRPC backends (#7331) 
* add e2e test for auth-response-headers annotation

* add e2e test for grpc with auth-response-headers

* fix forwarding of auth header to GRPC backends

* add test case for proxySetHeader(nil)
 2021-08-10 11:24:39 -07:00
Ricardo Katz
2d90ba14f5
Change all master reference to main (#7369) 2021-08-06 17:07:29 -07:00
tobiasgiese
9efea320b9
Fix cap for NET_BIND_SERVICE (#7449) 
Signed-off-by: Tobias Giese <tobias.giese@daimler.com>
 2021-08-06 12:45:30 -07:00
wasker
f222c752be
Enable session affinity for canaries (#7371) 2021-07-29 14:23:19 -07:00
Ricardo Katz
191b27a8bb
Automatically add area labels to help triaging (#7387) 2021-07-22 17:29:16 -07:00
Kyle Michel
12a2a6d0e0
Fix definition order of modsecurity directives for controller to match PR 5315 (#6940) (#7323) 
* Fix definition order of modsecurity directives for controller to match PR 5315

* Add a test
 2021-07-06 19:24:43 -07:00
Kirill Trofimenkov
a064337621
Rewrite clean-nginx-conf.sh in Go to speed up admission webhook (#7076) (#7322) 
* Rewrite clean-nginx-conf.sh to speed up admission webhook

* Less diff with original clean-nginx-conf.sh

* Add error handling, add documentation, add unit test

* indent code

* Don't ignore Getwd() error
 2021-07-06 10:50:19 -07:00
zhaogaolong
68ec350388
perf: json encoding share to eatch request (#6955) 
* perf: json encoding share to eatch request

* fix: fix lint lua
 2021-05-23 17:57:38 -07:00
Matt Miller
b3dfee6ada
Allow preservation of trailing slashes on TLS redirects via annotation. (#7144) 
* allow retaining a trailing slash in a TLS redirect via annotation.

Signed-off-by: mamiller <mamiller@rosettastone.com>

* requested changes

* gofmt
 2021-05-23 08:51:38 -07:00
Matthew Silverman
9b00a4912f set x-forwarded-scheme like x-forwarded-proto 2021-05-13 09:26:27 -04:00
Ricardo Pchevuzinske Katz
0dceedfad7 Remove localhost calls from external names 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
 2021-04-30 16:49:35 -03:00
Adam Renberg Tamm
9123820584 Expose Geo IP subdivision 1 as variables 2021-03-22 17:30:16 +00:00
Kubernetes Prow Robot
ff74d0ff33
Merge pull request #6726 from afrouzMashaykhi/add-body-filter-by-lua 
add body_filter_by_lua_block lua plugin to ingress-nginx
 2021-01-06 16:55:45 -08:00
Kubernetes Prow Robot
37ee5d98bf
Merge pull request #6679 from nic-6443/bug-fix 
Bugfix: fix incomplete log
 2021-01-06 15:01:45 -08:00
qianyong
b65ceee1a8 Bugfix: fix incomplete log 2021-01-06 10:51:05 +08:00
Ginger Cookie
8662144511
Update rootfs/etc/nginx/lua/plugins/README.md 
Co-authored-by: Elvin Efendi <elvin.efendiyev@gmail.com>
 2021-01-05 21:14:35 +03:30
afrouz
ed6debb194 add body_filter_by_lua_block lua plugin to ingress-nginx 2021-01-05 20:56:13 +03:30
Elvin Efendi
e0dece48f7 Add Global Rate Limiting support 2021-01-04 17:47:07 -05:00
Elvin Efendi
2cff9fa41d generalize cidr parsing and improve lua tests 2021-01-04 15:01:55 -05:00
Kubernetes Prow Robot
b022ea8c40
Merge pull request #6639 from spacewander/use_last_for_ewma 
Don't pick tried endpoint & count the latest in ewma balancer
 2020-12-23 18:50:27 -08:00
spacewander
06b200fa4b Update for review 2020-12-24 09:07:12 +08:00
Kubernetes Prow Robot
7732aec3c4
Merge pull request #6600 from nic-6443/backend-sync-503-fix 
Bugfix: some requests fail with 503 when nginx reload
 2020-12-23 09:02:26 -08:00
qianyong
8085304cb9 Separate the ExternalName backend from other backends in the process of synchronizing the backend, because the synchronization of the ExternalName backend requires dns resolution, so we should ensure that it does not affect the synchronization of the Non-ExternalName backend. After separation, in the init worker stage, we should immediately synchronize the Non-ExternalName backend, otherwise there will be some requests that fail with 503 because the balancer cannot be obtained in the rewrite stage. 2020-12-22 17:24:41 +08:00
spacewander
e118ebc08a Don't pick tried endpoint & count the latest in ewma balancer 
fixes https://github.com/kubernetes/ingress-nginx/issues/6632
 2020-12-18 19:21:51 +08:00
Josh Soref
a8728f3d2c Spelling 2020-12-15 16:10:48 -05:00
Manuel Alejandro de Brito Fontes
9c0a39636d Refactor ingress nginx variables 2020-12-12 08:52:47 -03:00
Elvin Efendi
cc94a51cba make sure canary attributes are reset on ewma backend sync 2020-12-11 09:38:58 -05:00
Kubernetes Prow Robot
baf2afc5de
Merge pull request #6546 from nic-6443/ewma-cananry-fix 
bugfix: update trafficShapingPolicy not working in ewma load-balance
 2020-12-11 03:29:23 -08:00
Elvin Efendi
1e9650a0f9 fix flaky lua tests 2020-12-10 22:41:41 -05:00
Matthew Tuusberg
1c6a1a0e23
feat: add support for country databases 2020-12-07 21:43:38 +03:00
Kubernetes Prow Robot
2f6f09a106
Merge pull request #6541 from Jangyooseok/Jangyooseok 
fixed misspell
 2020-12-04 15:35:25 -08:00
Jangyooseok
1ad89c8bb2 fixed misspell 
Update rootfs/etc/nginx/lua/plugins/README.md
 2020-12-04 10:13:00 +09:00
agile6v
06f53bcf05 feat: allow user to specify the maxmium number of retries in stream block. 2020-12-02 14:54:14 +08:00
qianyong
8ca5450e22 bugfix: always update trafficShapingPolicy when using ewma as load-balance even if endpoints not change, otherwise update trafficShapingPolicy will not working 2020-12-01 12:10:15 +08:00
m22r
612a604fa4 Fix ErrorLogLevel in stream contexts 2020-11-27 14:29:43 +09:00
Kubernetes Prow Robot
e3a3ea8826
Merge pull request #6294 from ianbuss/auth-error-redirect-param 
Allow customisation of redirect URL parameter in external auth redirects
 2020-11-23 01:27:37 -08:00
Julien Vey
fd8af11392
Fix opentracing propagation on auth-url 
Currently, the opentracing propagation instructions are set only if opentracing is configured globally.
This fix set the propagation instructions if opentracing is disabled globally, but enabled per ingress
 2020-11-20 01:32:20 +01:00
Manuel Alejandro de Brito Fontes
3f153add00 Refactor handling of path Prefix and Exact 2020-11-10 07:21:34 -03:00
Minji Chun
2e7967cc99 Add comment indicating server-snippet section 2020-11-04 18:59:39 +09:00
Manuel Alejandro de Brito Fontes
a6b6f03b53 Add support for k8s ingress pathtype Prefix 2020-11-02 09:56:49 -05:00
Manuel Alejandro de Brito Fontes
d74ea25df8 Add validation for wildcard server names 2020-10-26 10:51:14 -03:00
Kubernetes Prow Robot
524c3a50ea
Merge pull request #6037 from aledbf/redirect 
Do not append a trailing slash on redirects
 2020-10-08 11:51:06 -07:00
Ian Buss
41cf628bdf Add a configurable URL redirect parameter for error URLs 2020-10-08 12:53:46 +01:00
Kubernetes Prow Robot
8d45bb39a4
Merge pull request #5348 from Antiarchitect/stream-log-annotations 
Ability to separately disable access log in http and stream contexts
 2020-09-28 11:02:53 -07:00
Manuel Alejandro de Brito Fontes
493dd6726d
Replace request_uri 2020-09-27 20:26:39 -03:00
shrpne
2948e3e109 better cors 2020-09-27 21:44:24 +03:00
Maxime LUCE
b7b85175f6 Add annotation to configure CORS Access-Control-Expose-Headers 2020-09-23 17:41:52 +02:00
wenzong
87e79da16a Move ocsp_response_cache:delete after certificate_data:set 2020-09-19 23:16:00 +08:00