DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5961 commits 4 branches 217 tags 166 MiB
Commit graph

233 commits

Author SHA1 Message Date
Ricardo Katz
f5c80783bf
[Cherry Pick] - Add configuration to disable external name service feature (#7314) (#7321) 
* Add configuration to disable external name service feature (#7314)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix CI files
 2021-07-05 21:50:18 -07:00
Ricardo Katz
39ace3176b
Fix nilpointer in admission and remove failing test (#7255) 
* Fix nilpointer in admission when it was unable to validate default backend ingress

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Remove temporarily the slow shutdown tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
 2021-06-21 12:32:51 -07:00
Aditya Sharma
475bcde64c
Skip validation checks if an ingress is marked as deleted (#7216) 
Signed-off-by: Aditya Sharma <git@adi.run>
 2021-06-08 09:27:34 -07:00
qianyong
b6dc384afb Bugfix: non-host canary ingress use default server name as host to merge 2021-05-14 10:25:12 +08:00
Mahnoor Mehboob
8f7fecab17 Deny catch-all ingress when DisableCatchAll is set 2021-04-24 11:49:45 -04:00
Björn Carlsson
54b13bd216 Add flag to allow setting a shutdown grace period 2021-01-27 14:09:04 +01:00
Manuel Alejandro de Brito Fontes
04e2603ecc
Update PemSHA field for default SSL certificate 2021-01-21 19:15:03 -03:00
Elvin Efendi
e0dece48f7 Add Global Rate Limiting support 2021-01-04 17:47:07 -05:00
Josh Soref
a8728f3d2c Spelling 2020-12-15 16:10:48 -05:00
qianyong
44aaa2e367 Fix sticky session not set for host in server-alias annotation (#6448) 2020-12-15 11:01:19 +08:00
Manuel Alejandro de Brito Fontes
77234fcde0 Fix nginx ingress variables for definitions with Backend 2020-12-05 14:40:22 -03:00
Manuel Alejandro de Brito Fontes
d781d99797 Fixes for gosec 2020-12-04 20:29:07 -03:00
Manuel Alejandro de Brito Fontes
1389cc0e80 Refactor extraction of ingress pod details 2020-11-19 17:31:28 -03:00
Manuel Alejandro de Brito Fontes
3f153add00 Refactor handling of path Prefix and Exact 2020-11-10 07:21:34 -03:00
Manuel Alejandro de Brito Fontes
a85e53f4cb Remove k8s.io/kubernetes dependency 2020-10-26 13:04:00 -03:00
Manuel Alejandro de Brito Fontes
108637bb1c Migrate to structured logging (klog) 2020-09-27 18:59:57 -03:00
Manuel Alejandro de Brito Fontes
a767b1d906 Cleanup 2020-09-27 17:16:09 -03:00
Manuel Alejandro de Brito Fontes
29ea30a4e8 Add events for NGINX reloads 2020-09-27 17:16:09 -03:00
Manuel Alejandro de Brito Fontes
7722fa38aa Add admission controller e2e test 2020-09-26 16:06:58 -03:00
Matthew Silverman
9612180f6e reject annotations with default prefix in the case of an override 2020-09-10 09:16:44 -04:00
Manuel Alejandro de Brito Fontes
cb86c5698c Migrate to klog v2 2020-08-08 21:01:03 -04:00
Manuel Alejandro de Brito Fontes
e4c4edd626 Custom default backend service must have ports 2020-07-07 08:49:13 -04:00
Bo0km4n
7ab0916c92 Resolve conflicts 2020-06-20 17:13:31 +09:00
Bo0km4n
53a6b0fd3b Configurable metrics max batch size 2020-06-20 15:58:14 +09:00
agile6v
41d82005ec Add annotation ssl-prefer-server-ciphers. 2020-05-11 16:31:08 +08:00
Manuel Alejandro de Brito Fontes
af910a16d4 Refactor ingress validation in webhook 2020-04-28 18:35:03 -04:00
Andreas Sommer
c775b439dc Case-insensitive TLS host matching 2020-04-28 11:07:43 +02:00
Manuel Alejandro de Brito Fontes
dbaefc8ee9 Ensure webhook validation ingress has a PathTypePrefix 2020-04-27 10:37:26 -04:00
Manuel Alejandro de Brito Fontes
a95d850384 Add support for PathTypeExact 2020-04-23 11:12:37 -04:00
Rodrigo Villablanca
ecc20461aa Removed wrong code 2020-04-20 12:30:18 -04:00
Manuel Alejandro de Brito Fontes
1216ed03f7 Fix condition in server-alias annotation 2020-04-01 08:37:14 -03:00
Maxim Pogozhiy
78576a9bbc Add Maxmind Editions support 2020-03-19 19:36:10 +07:00
Manuel Alejandro de Brito Fontes
ad460e16ce
Avoid secret without tls.crt and tls.key but a valid ca.crt (#5225) 2020-03-07 21:15:24 -03:00
Kubernetes Prow Robot
35264d6e8f
Merge pull request #5114 from whalecold/match 
Feat: add header-pattern annotation.
 2020-02-24 17:07:36 -08:00
Kubernetes Prow Robot
6cd223558f
Merge pull request #4981 from janosi/proxy-ssl-scope 
Applying proxy-ssl-* directives on locations only
 2020-02-24 15:53:36 -08:00
Manuel Alejandro de Brito Fontes
cd94ac7f84
Allow service type ExternalName with different port and targetPort (#5141) 2020-02-20 23:06:05 -03:00
Lisheng Zheng
0b33650bb8 Feat: canary supports using specific match strategy to match header value. 2020-02-21 10:02:20 +08:00
Manuel Alejandro de Brito Fontes
54c30b91c9
Fix server aliases (#5003) 2020-02-02 19:08:55 -03:00
Brian Kopp
1b523390bb Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility 2020-01-29 14:30:00 -07:00
Laszlo Janosi
ced67e53a1 New logic: proxy-ssl parameters can be applied on locations only 
Add: new parameter in the ConfigMap to control whether the proxy-ssl parameters of an Ingress should be applied on server and location levels, or only on location level
Add: logic in the config handling to work according to the new ConfigMap parameter
Add: unit test case
 2020-01-29 10:00:55 +01:00
Kamil Domański
5c8522cdab apply default certificate again in cases of invalid or incomplete cert config 
Signed-off-by: Kamil Domański <kamil@domanski.co>
 2019-12-06 12:15:52 +01:00
Manuel Alejandro de Brito Fontes
19d596b72b
Allow custom CA certificate when flag --api-server is specified (#4807) 2019-12-05 19:12:54 -03:00
Kubernetes Prow Robot
a85d5ed93a
Merge pull request #4779 from aledbf/update-image 
Remove lua-resty-waf feature
 2019-11-27 11:45:05 -08:00
Kubernetes Prow Robot
b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames
0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00
Manuel Alejandro de Brito Fontes
61d902db14 Remove Lua resty waf feature 2019-11-26 10:37:43 -03:00
Kubernetes Prow Robot
62518b60b4
Merge pull request #4689 from janosi/upstream_ssl 
Server-only authentication of backends and per-location SSL config
 2019-11-18 19:49:43 -08:00
Kubernetes Prow Robot
a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret 
Removing secure-verify-ca-secret support
 2019-11-08 07:12:21 -08:00
Laszlo Janosi
cc84bd4ab6 Server level proxy_ssl parameters are applied again, following the comments received. 
Also writing tls.crt and tls.key to disk is according to the original code.
 2019-10-26 20:20:18 +02:00
Laszlo Janosi
31227d61c2 Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition 2019-10-18 10:58:57 +02:00