DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: DevFW-CICD:main
Branches Tags
DevFW-CICD:main
DevFW-CICD:release-1.11
DevFW-CICD:release-1.12
DevFW-CICD:gh-pages
DevFW-CICD:helm-chart-4.12.1-depends
DevFW-CICD:helm-chart-4.12.1
DevFW-CICD:helm-chart-4.12.0
DevFW-CICD:controller-v1.12.0
DevFW-CICD:helm-chart-4.11.4
DevFW-CICD:controller-v1.11.4
DevFW-CICD:helm-chart-4.10.6
DevFW-CICD:controller-v1.10.6
DevFW-CICD:helm-chart-4.12.0-beta.0
DevFW-CICD:controller-v1.12.0-beta.0
DevFW-CICD:helm-chart-4.11.3
DevFW-CICD:controller-v1.11.3
DevFW-CICD:helm-chart-4.10.5
DevFW-CICD:controller-v1.10.5
DevFW-CICD:helm-chart-4.10.4
DevFW-CICD:controller-v1.10.4
DevFW-CICD:helm-chart-4.11.2
DevFW-CICD:controller-v1.11.2
DevFW-CICD:helm-chart-4.10.3
DevFW-CICD:controller-v1.10.3
DevFW-CICD:helm-chart-4.11.1
DevFW-CICD:controller-v1.11.1
DevFW-CICD:helm-chart-4.11.0
DevFW-CICD:controller-v1.11.0
DevFW-CICD:helm-chart-4.10.2
DevFW-CICD:controller-v1.10.2
DevFW-CICD:helm-chart-4.10.1
DevFW-CICD:controller-v1.10.1
DevFW-CICD:helm-chart-4.10.0
DevFW-CICD:controller-v1.10.0
DevFW-CICD:helm-chart-4.7.5
DevFW-CICD:helm-chart-4.9.1
DevFW-CICD:controller-v1.9.6
DevFW-CICD:controller-v1.8.5
DevFW-CICD:helm-chart-4.9.0
DevFW-CICD:controller-v1.9.5
DevFW-CICD:helm-chart-4.8.3
DevFW-CICD:controller-v1.9.4
DevFW-CICD:helm-chart-4.7.3
DevFW-CICD:helm-chart-4.8.2
DevFW-CICD:controller-v1.9.3
DevFW-CICD:controller-v1.8.4
DevFW-CICD:helm-chart-4.8.1
DevFW-CICD:controller-v1.9.1
DevFW-CICD:helm-chart-4.8.0
DevFW-CICD:controller-v1.9.0-beta.0
DevFW-CICD:helm-chart-4.8.0-beta.0
DevFW-CICD:helm-chart-4.7.2
DevFW-CICD:controller-v1.8.2
DevFW-CICD:controller-v1.8.1
DevFW-CICD:helm-chart-4.7.1
DevFW-CICD:controller-v1.9.0
DevFW-CICD:helm-chart-4.7.0
DevFW-CICD:controller-v1.8.0
DevFW-CICD:helm-chart-4.6.1
DevFW-CICD:controller-v1.7.1
DevFW-CICD:helm-chart-4.6.0
DevFW-CICD:controller-v1.7.0
DevFW-CICD:helm-chart-4.5.2
DevFW-CICD:controller-v1.6.4
DevFW-CICD:helm-chart-4.5.0
DevFW-CICD:helm-chart-4.4.2
DevFW-CICD:controller-v1.5.1
DevFW-CICD:helm-chart-4.4.0
DevFW-CICD:helm-chart-4.3.0
DevFW-CICD:controller-v1.4.0
DevFW-CICD:helm-chart-4.2.5
DevFW-CICD:controller-v1.3.1
DevFW-CICD:helm-chart-4.2.4
DevFW-CICD:helm-chart-4.2.3
DevFW-CICD:helm-chart-4.2.2
DevFW-CICD:helm-chart-4.2.1
DevFW-CICD:helm-chart-4.2.0
DevFW-CICD:controller-v1.3.0
DevFW-CICD:helm-chart-4.1.4
DevFW-CICD:helm-chart-4.1.3
DevFW-CICD:controller-v1.2.1
DevFW-CICD:helm-chart-4.1.2
DevFW-CICD:helm-chart-4.1.1
DevFW-CICD:helm-chart-4.1.0
DevFW-CICD:controller-v1.2.0
DevFW-CICD:helm-chart-4.1.0-beta.1
DevFW-CICD:controller-v1.2.0-beta.1
DevFW-CICD:controller-v1.2.0-beta.0
DevFW-CICD:helm-chart-4.1.0-beta.0
DevFW-CICD:helm-chart-3.41.0
DevFW-CICD:controller-v0.51.0
DevFW-CICD:helm-chart-4.0.19
DevFW-CICD:controller-v1.1.3
DevFW-CICD:helm-chart-4.0.18
DevFW-CICD:controller-v1.1.2
DevFW-CICD:helm-chart-4.0.17
DevFW-CICD:helm-chart-4.0.16
DevFW-CICD:helm-chart-4.0.15
DevFW-CICD:controller-v1.1.1
DevFW-CICD:helm-chart-4.0.13
DevFW-CICD:helm-chart-4.0.12
DevFW-CICD:helm-chart-4.0.11
DevFW-CICD:helm-chart-3.40.0
DevFW-CICD:helm-chart-4.0.10
DevFW-CICD:controller-v1.1.0
DevFW-CICD:helm-chart-4.0.9
DevFW-CICD:helm-chart-4.0.8
DevFW-CICD:helm-chart-4.0.7
DevFW-CICD:controller-v1.0.5
DevFW-CICD:helm-chart-4.0.6
DevFW-CICD:controller-v1.0.4
DevFW-CICD:helm-chart-4.0.5
DevFW-CICD:helm-chart-4.0.4
DevFW-CICD:helm-chart-3.39.0
DevFW-CICD:controller-v1.0.3
DevFW-CICD:controller-v0.49.3
DevFW-CICD:helm-chart-4.0.3
DevFW-CICD:controller-v1.0.2
DevFW-CICD:helm-chart-3.38.0
DevFW-CICD:controller-v0.49.2
DevFW-CICD:helm-chart-3.37.0
DevFW-CICD:helm-chart-4.0.2
DevFW-CICD:controller-v1.0.1
DevFW-CICD:controller-v0.49.1
DevFW-CICD:helm-chart-4.0.1
DevFW-CICD:controller-v1.0.0
DevFW-CICD:helm-chart-3.36.0
DevFW-CICD:controller-v0.49.0
DevFW-CICD:helm-chart-4.0.0-beta.3
DevFW-CICD:controller-v1.0.0-beta.3
DevFW-CICD:helm-chart-4.0.0-beta.2
DevFW-CICD:helm-chart-4.0.0
DevFW-CICD:helm-chart-3.35.0
DevFW-CICD:controller-v1.0.0-beta.1
DevFW-CICD:controller-v0.48.1
DevFW-CICD:controller-v1.0.0-alpha.2
DevFW-CICD:helm-chart-3.34.0
DevFW-CICD:controller-v0.47.0
DevFW-CICD:helm-chart-3.33.0
DevFW-CICD:helm-chart-3.32.0
DevFW-CICD:helm-chart-3.31.0
DevFW-CICD:helm-chart-3.30.0
DevFW-CICD:controller-v0.46.0
DevFW-CICD:helm-chart-3.29.0
DevFW-CICD:helm-chart-3.28.0
DevFW-CICD:controller-v0.45.0
DevFW-CICD:helm-chart-3.27.0
DevFW-CICD:helm-chart-3.26.0
DevFW-CICD:helm-chart-3.25.0
DevFW-CICD:helm-chart-3.24.0
DevFW-CICD:controller-v0.44.0
DevFW-CICD:helm-chart-3.23.0
DevFW-CICD:helm-chart-3.22.0
DevFW-CICD:helm-chart-3.21.0
DevFW-CICD:helm-chart-3.20.1
DevFW-CICD:helm-chart-3.20.0
DevFW-CICD:controller-v0.43.0
DevFW-CICD:helm-chart-3.19.0
DevFW-CICD:helm-chart-3.18.0
DevFW-CICD:controller-v0.42.0
DevFW-CICD:helm-chart-3.17.0
DevFW-CICD:helm-chart-3.16.1
DevFW-CICD:helm-chart-3.16.0
DevFW-CICD:ingress-nginx-3.15.2
DevFW-CICD:ingress-nginx-3.15.1
DevFW-CICD:ingress-nginx-3.15.0
DevFW-CICD:ingress-nginx-3.13.0
DevFW-CICD:ingress-nginx-3.12.0
DevFW-CICD:ingress-nginx-3.11.1
DevFW-CICD:ingress-nginx-3.11.0
DevFW-CICD:controller-v0.41.2
DevFW-CICD:ingress-nginx-3.10.1
DevFW-CICD:controller-v0.41.1
DevFW-CICD:ingress-nginx-3.10.0
DevFW-CICD:ingress-nginx-3.9.0
DevFW-CICD:ingress-nginx-3.8.0
DevFW-CICD:controller-v0.41.0
DevFW-CICD:ingress-nginx-3.7.1
DevFW-CICD:ingress-nginx-3.7.0
DevFW-CICD:ingress-nginx-3.6.0
DevFW-CICD:ingress-nginx-3.5.1
DevFW-CICD:ingress-nginx-3.5.0
DevFW-CICD:ingress-nginx-3.4.1
DevFW-CICD:controller-v0.40.2
DevFW-CICD:ingress-nginx-3.4.0
DevFW-CICD:controller-v0.40.1
DevFW-CICD:ingress-nginx-3.3.1
DevFW-CICD:controller-v0.40.0
DevFW-CICD:ingress-nginx-3.3.0
DevFW-CICD:ingress-nginx-3.2.0
DevFW-CICD:ingress-nginx-3.1.0
DevFW-CICD:ingress-nginx-3.0.0
DevFW-CICD:ingress-nginx-2.16.0
DevFW-CICD:ingress-nginx-2.15.0
DevFW-CICD:ingress-nginx-2.14.0
DevFW-CICD:ingress-nginx-2.13.0
DevFW-CICD:controller-v0.35.0
DevFW-CICD:ingress-nginx-2.12.1
DevFW-CICD:ingress-nginx-2.12.0
DevFW-CICD:ingress-nginx-2.11.3
DevFW-CICD:ingress-nginx-2.11.2
DevFW-CICD:controller-v0.34.1
DevFW-CICD:ingress-nginx-2.11.1
DevFW-CICD:ingress-nginx-2.11.0
DevFW-CICD:controller-v0.34.0
DevFW-CICD:ingress-nginx-2.10.0
DevFW-CICD:ingress-nginx-2.9.1
DevFW-CICD:ingress-nginx-2.9.0
DevFW-CICD:ingress-nginx-2.8.0
DevFW-CICD:ingress-nginx-2.7.1
DevFW-CICD:ingress-nginx-2.7.0
DevFW-CICD:ingress-nginx-2.6.0
DevFW-CICD:ingress-nginx-2.5.0
DevFW-CICD:ingress-nginx-2.4.0
DevFW-CICD:ingress-nginx-2.3.0
DevFW-CICD:ingress-nginx-2.2.0
DevFW-CICD:ingress-nginx-2.1.0
DevFW-CICD:ingress-nginx-2.0.3
DevFW-CICD:ingress-nginx-2.0.2
DevFW-CICD:ingress-nginx-2.0.1
DevFW-CICD:ingress-nginx-2.0.0
...
compare: DevFW-CICD:helm-chart-3.40.0
Branches Tags
DevFW-CICD:release-1.11
DevFW-CICD:release-1.12
DevFW-CICD:main
DevFW-CICD:gh-pages
DevFW-CICD:helm-chart-4.12.1-depends
DevFW-CICD:helm-chart-4.12.1
DevFW-CICD:helm-chart-4.12.0
DevFW-CICD:controller-v1.12.0
DevFW-CICD:helm-chart-4.11.4
DevFW-CICD:controller-v1.11.4
DevFW-CICD:helm-chart-4.10.6
DevFW-CICD:controller-v1.10.6
DevFW-CICD:helm-chart-4.12.0-beta.0
DevFW-CICD:controller-v1.12.0-beta.0
DevFW-CICD:helm-chart-4.11.3
DevFW-CICD:controller-v1.11.3
DevFW-CICD:helm-chart-4.10.5
DevFW-CICD:controller-v1.10.5
DevFW-CICD:helm-chart-4.10.4
DevFW-CICD:controller-v1.10.4
DevFW-CICD:helm-chart-4.11.2
DevFW-CICD:controller-v1.11.2
DevFW-CICD:helm-chart-4.10.3
DevFW-CICD:controller-v1.10.3
DevFW-CICD:helm-chart-4.11.1
DevFW-CICD:controller-v1.11.1
DevFW-CICD:helm-chart-4.11.0
DevFW-CICD:controller-v1.11.0
DevFW-CICD:helm-chart-4.10.2
DevFW-CICD:controller-v1.10.2
DevFW-CICD:helm-chart-4.10.1
DevFW-CICD:controller-v1.10.1
DevFW-CICD:helm-chart-4.10.0
DevFW-CICD:controller-v1.10.0
DevFW-CICD:helm-chart-4.7.5
DevFW-CICD:helm-chart-4.9.1
DevFW-CICD:controller-v1.9.6
DevFW-CICD:controller-v1.8.5
DevFW-CICD:helm-chart-4.9.0
DevFW-CICD:controller-v1.9.5
DevFW-CICD:helm-chart-4.8.3
DevFW-CICD:controller-v1.9.4
DevFW-CICD:helm-chart-4.7.3
DevFW-CICD:helm-chart-4.8.2
DevFW-CICD:controller-v1.9.3
DevFW-CICD:controller-v1.8.4
DevFW-CICD:helm-chart-4.8.1
DevFW-CICD:controller-v1.9.1
DevFW-CICD:helm-chart-4.8.0
DevFW-CICD:controller-v1.9.0-beta.0
DevFW-CICD:helm-chart-4.8.0-beta.0
DevFW-CICD:helm-chart-4.7.2
DevFW-CICD:controller-v1.8.2
DevFW-CICD:controller-v1.8.1
DevFW-CICD:helm-chart-4.7.1
DevFW-CICD:controller-v1.9.0
DevFW-CICD:helm-chart-4.7.0
DevFW-CICD:controller-v1.8.0
DevFW-CICD:helm-chart-4.6.1
DevFW-CICD:controller-v1.7.1
DevFW-CICD:helm-chart-4.6.0
DevFW-CICD:controller-v1.7.0
DevFW-CICD:helm-chart-4.5.2
DevFW-CICD:controller-v1.6.4
DevFW-CICD:helm-chart-4.5.0
DevFW-CICD:helm-chart-4.4.2
DevFW-CICD:controller-v1.5.1
DevFW-CICD:helm-chart-4.4.0
DevFW-CICD:helm-chart-4.3.0
DevFW-CICD:controller-v1.4.0
DevFW-CICD:helm-chart-4.2.5
DevFW-CICD:controller-v1.3.1
DevFW-CICD:helm-chart-4.2.4
DevFW-CICD:helm-chart-4.2.3
DevFW-CICD:helm-chart-4.2.2
DevFW-CICD:helm-chart-4.2.1
DevFW-CICD:helm-chart-4.2.0
DevFW-CICD:controller-v1.3.0
DevFW-CICD:helm-chart-4.1.4
DevFW-CICD:helm-chart-4.1.3
DevFW-CICD:controller-v1.2.1
DevFW-CICD:helm-chart-4.1.2
DevFW-CICD:helm-chart-4.1.1
DevFW-CICD:helm-chart-4.1.0
DevFW-CICD:controller-v1.2.0
DevFW-CICD:helm-chart-4.1.0-beta.1
DevFW-CICD:controller-v1.2.0-beta.1
DevFW-CICD:controller-v1.2.0-beta.0
DevFW-CICD:helm-chart-4.1.0-beta.0
DevFW-CICD:helm-chart-3.41.0
DevFW-CICD:controller-v0.51.0
DevFW-CICD:helm-chart-4.0.19
DevFW-CICD:controller-v1.1.3
DevFW-CICD:helm-chart-4.0.18
DevFW-CICD:controller-v1.1.2
DevFW-CICD:helm-chart-4.0.17
DevFW-CICD:helm-chart-4.0.16
DevFW-CICD:helm-chart-4.0.15
DevFW-CICD:controller-v1.1.1
DevFW-CICD:helm-chart-4.0.13
DevFW-CICD:helm-chart-4.0.12
DevFW-CICD:helm-chart-4.0.11
DevFW-CICD:helm-chart-3.40.0
DevFW-CICD:helm-chart-4.0.10
DevFW-CICD:controller-v1.1.0
DevFW-CICD:helm-chart-4.0.9
DevFW-CICD:helm-chart-4.0.8
DevFW-CICD:helm-chart-4.0.7
DevFW-CICD:controller-v1.0.5
DevFW-CICD:helm-chart-4.0.6
DevFW-CICD:controller-v1.0.4
DevFW-CICD:helm-chart-4.0.5
DevFW-CICD:helm-chart-4.0.4
DevFW-CICD:helm-chart-3.39.0
DevFW-CICD:controller-v1.0.3
DevFW-CICD:controller-v0.49.3
DevFW-CICD:helm-chart-4.0.3
DevFW-CICD:controller-v1.0.2
DevFW-CICD:helm-chart-3.38.0
DevFW-CICD:controller-v0.49.2
DevFW-CICD:helm-chart-3.37.0
DevFW-CICD:helm-chart-4.0.2
DevFW-CICD:controller-v1.0.1
DevFW-CICD:controller-v0.49.1
DevFW-CICD:helm-chart-4.0.1
DevFW-CICD:controller-v1.0.0
DevFW-CICD:helm-chart-3.36.0
DevFW-CICD:controller-v0.49.0
DevFW-CICD:helm-chart-4.0.0-beta.3
DevFW-CICD:controller-v1.0.0-beta.3
DevFW-CICD:helm-chart-4.0.0-beta.2
DevFW-CICD:helm-chart-4.0.0
DevFW-CICD:helm-chart-3.35.0
DevFW-CICD:controller-v1.0.0-beta.1
DevFW-CICD:controller-v0.48.1
DevFW-CICD:controller-v1.0.0-alpha.2
DevFW-CICD:helm-chart-3.34.0
DevFW-CICD:controller-v0.47.0
DevFW-CICD:helm-chart-3.33.0
DevFW-CICD:helm-chart-3.32.0
DevFW-CICD:helm-chart-3.31.0
DevFW-CICD:helm-chart-3.30.0
DevFW-CICD:controller-v0.46.0
DevFW-CICD:helm-chart-3.29.0
DevFW-CICD:helm-chart-3.28.0
DevFW-CICD:controller-v0.45.0
DevFW-CICD:helm-chart-3.27.0
DevFW-CICD:helm-chart-3.26.0
DevFW-CICD:helm-chart-3.25.0
DevFW-CICD:helm-chart-3.24.0
DevFW-CICD:controller-v0.44.0
DevFW-CICD:helm-chart-3.23.0
DevFW-CICD:helm-chart-3.22.0
DevFW-CICD:helm-chart-3.21.0
DevFW-CICD:helm-chart-3.20.1
DevFW-CICD:helm-chart-3.20.0
DevFW-CICD:controller-v0.43.0
DevFW-CICD:helm-chart-3.19.0
DevFW-CICD:helm-chart-3.18.0
DevFW-CICD:controller-v0.42.0
DevFW-CICD:helm-chart-3.17.0
DevFW-CICD:helm-chart-3.16.1
DevFW-CICD:helm-chart-3.16.0
DevFW-CICD:ingress-nginx-3.15.2
DevFW-CICD:ingress-nginx-3.15.1
DevFW-CICD:ingress-nginx-3.15.0
DevFW-CICD:ingress-nginx-3.13.0
DevFW-CICD:ingress-nginx-3.12.0
DevFW-CICD:ingress-nginx-3.11.1
DevFW-CICD:ingress-nginx-3.11.0
DevFW-CICD:controller-v0.41.2
DevFW-CICD:ingress-nginx-3.10.1
DevFW-CICD:controller-v0.41.1
DevFW-CICD:ingress-nginx-3.10.0
DevFW-CICD:ingress-nginx-3.9.0
DevFW-CICD:ingress-nginx-3.8.0
DevFW-CICD:controller-v0.41.0
DevFW-CICD:ingress-nginx-3.7.1
DevFW-CICD:ingress-nginx-3.7.0
DevFW-CICD:ingress-nginx-3.6.0
DevFW-CICD:ingress-nginx-3.5.1
DevFW-CICD:ingress-nginx-3.5.0
DevFW-CICD:ingress-nginx-3.4.1
DevFW-CICD:controller-v0.40.2
DevFW-CICD:ingress-nginx-3.4.0
DevFW-CICD:controller-v0.40.1
DevFW-CICD:ingress-nginx-3.3.1
DevFW-CICD:controller-v0.40.0
DevFW-CICD:ingress-nginx-3.3.0
DevFW-CICD:ingress-nginx-3.2.0
DevFW-CICD:ingress-nginx-3.1.0
DevFW-CICD:ingress-nginx-3.0.0
DevFW-CICD:ingress-nginx-2.16.0
DevFW-CICD:ingress-nginx-2.15.0
DevFW-CICD:ingress-nginx-2.14.0
DevFW-CICD:ingress-nginx-2.13.0
DevFW-CICD:controller-v0.35.0
DevFW-CICD:ingress-nginx-2.12.1
DevFW-CICD:ingress-nginx-2.12.0
DevFW-CICD:ingress-nginx-2.11.3
DevFW-CICD:ingress-nginx-2.11.2
DevFW-CICD:controller-v0.34.1
DevFW-CICD:ingress-nginx-2.11.1
DevFW-CICD:ingress-nginx-2.11.0
DevFW-CICD:controller-v0.34.0
DevFW-CICD:ingress-nginx-2.10.0
DevFW-CICD:ingress-nginx-2.9.1
DevFW-CICD:ingress-nginx-2.9.0
DevFW-CICD:ingress-nginx-2.8.0
DevFW-CICD:ingress-nginx-2.7.1
DevFW-CICD:ingress-nginx-2.7.0
DevFW-CICD:ingress-nginx-2.6.0
DevFW-CICD:ingress-nginx-2.5.0
DevFW-CICD:ingress-nginx-2.4.0
DevFW-CICD:ingress-nginx-2.3.0
DevFW-CICD:ingress-nginx-2.2.0
DevFW-CICD:ingress-nginx-2.1.0
DevFW-CICD:ingress-nginx-2.0.3
DevFW-CICD:ingress-nginx-2.0.2
DevFW-CICD:ingress-nginx-2.0.1
DevFW-CICD:ingress-nginx-2.0.0

24 commits
main ... helm-chart

Author SHA1 Message Date
James Strong
8ca389235d
Release v0.50.0 update (#7974) 2021-11-24 12:15:32 -08:00
James Strong
34a35a24cf
Merge pull request #7973 from strongjz/tag-v0.50.0 
tag for build start
 2021-11-24 13:31:15 -05:00
James Strong
493049277b
tag for build starT 2021-11-24 12:40:20 -05:00
James Strong
18e6eb0a31
Legacy cherrypick (#7965) 
* update default block list,docs, tests (#7942)

* update default block list,docs, tests

* fix config for admin test

* gofmt

* remove the err return

* Change sanitization message from error to warning (#7963)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* duplicate test

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
 2021-11-24 09:34:21 -08:00
Ricardo Katz
b159577c23
Legacy cherrypick (#7925) 
* fix: fix thread synchronization issue #6245 (#7800)

* Add option to sanitize annotation inputs (#7874)

* Add option to sanitize annotation inputs

* Fix e2e tests after string sanitization

* Add proxy_pass and serviceaccount as denied values

* Trim spaces from badword items (#7921)

* Fix tests from cherrypick

Co-authored-by: Jens Reimann <ctron@dentrassi.de>
 2021-11-16 05:57:27 -08:00
Tom Hayward
3673519a73
[Helm] Make HPA behavior configurable (#7203) (#7821) 
Signed-off-by: amirschw <24677563+amirschw@users.noreply.github.com>

Co-authored-by: amirschw <24677563+amirschw@users.noreply.github.com>
 2021-10-19 03:00:39 -07:00
Alex R
5cc9aa1ad9
Disable builtin ssl_session_cache (#7779) 
Signed-off-by: Alex R <i@sepa.spb.ru>
 2021-10-09 06:40:36 -07:00
Ricardo Katz
0a2ec01eb4
Release v0.49.3 (#7748) 
Signed-off-by: Ricardo Katz <rkatz@vmware.com>
 2021-10-04 07:17:09 -07:00
Ricardo Katz
7ee28f431c
Prepare for v0.49.3 release (#7742) 2021-10-03 18:37:08 -07:00
Ricardo Katz
0f5d2c6383
fix overlap check when ingress is configured as canary (#7719) (#7741) 
Co-authored-by: Alan <zg.zhu@daocloud.io>
 2021-10-03 16:55:07 -07:00
Rushank Jhanjaria
25b87436f7
Correct Nginx and Alpine version in legacy branch (#7736) 2021-10-03 13:57:06 -07:00
Ricardo Katz
23fa7c0450
Fix selector for shutting down Pods (#7727) (#7731) 
* Fix selector for shutting down Pods

* Add autogenerated labels for daemonset in exception

Co-authored-by: Jintao Zhang <tao12345666333@163.com>

Co-authored-by: Jintao Zhang <tao12345666333@163.com>

Co-authored-by: Jintao Zhang <tao12345666333@163.com>
 2021-09-30 14:39:17 -07:00
Ricardo Katz
570d0d5acb
Release v0.49.2 (#7708) 2021-09-26 20:00:22 -07:00
Ricardo Katz
d5f3499cfe
Update base nginx image and tag new release (#7706) 
* Update base nginx image to the corrected version (#7705)

* Tag release v0.49.2
 2021-09-26 18:10:22 -07:00
Ricardo Katz
71d2346545
add legacy to helm releaser 2021-09-22 09:44:26 -03:00
Ricardo Katz
a15d226294
trigger helm build changing random comments 2021-09-22 09:35:46 -03:00
Ricardo Katz
29b5519504
Release v0.49.1 (#7682) 2021-09-21 20:12:01 -07:00
Ricardo Katz
9f5559dcca
Trigger v0.49.1 release (#7680) 2021-09-21 04:34:24 -07:00
Ricardo Katz
bb265845b5
Change enable-snippet to allow-snippet-annotation (#7670) (#7677) 
Signed-off-by: Ricardo Pchevuzinske Katz <rkatz@vmware.com>
 2021-09-20 19:28:23 -07:00
Ricardo Katz
a104d4fbc3
Fix opentracing in v0.X (#7676) 2021-09-20 17:38:23 -07:00
Ricardo Katz
3d277a6200
Merge pull request #7671 from nehaLohia27/cherry-pick 
Cherry pick - #7643
 2021-09-20 20:29:41 -03:00
Jintao Zhang
5564577f0d Update NGINX base image to v1.19 (#7643) 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2021-09-20 17:22:25 +05:30
Ricardo Katz
64e2bed508
CHERRY-PICK of #7665 - Remove snippet (#7666) 
* Add option to force enabling snippet directives (#7665)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add missing key when cherry-picking
 2021-09-19 17:52:08 -07:00
Swift
f44bbe9b03
cherry-pick #7521 Update ingress to go 1.17 (#7531) 
* fix boilerplate verification

* fix go fmt error

* fix go mod error

* bump e2e-test-runner version

* bump github ci workflow to go 1.17

* bump go.mod to 1.17
 2021-08-23 17:26:14 -07:00
57 changed files with 1323 additions and 388 deletions
Show stats Expand all files Collapse all files

4
.github/workflows/ci.yaml vendored
View file

@ -65,11 +65,11 @@ jobs:
- name: Checkout - name: Checkout
uses: actions/checkout@v2 uses: actions/checkout@v2
- name: Set up Go 1.16 - name: Set up Go 1.17
id: go id: go
uses: actions/setup-go@v2 uses: actions/setup-go@v2
with: with:
go-version: 1.16 go-version: 1.17
- name: Set up Docker Buildx - name: Set up Docker Buildx
id: buildx id: buildx

2
.github/workflows/helm.yaml vendored
View file

@ -4,7 +4,7 @@ on:
push: push:
branches: branches:
- main - main
- dev-v1 - legacy
jobs: jobs:

16
Changelog.md
View file

@ -1,5 +1,21 @@
# Changelog # Changelog
### 0.50.0
**Image:**
- `k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8`
This release makes the annotation `annotation-value-word-blocklist` backwards compatible by being an empty list instead of prescribed defaults.
Effectively reverting [7874](https://github.com/kubernetes/ingress-nginx/pull/7874) but keeping the functionality of `annotation-value-word-blocklist`
See Issue [7939](https://github.com/kubernetes/ingress-nginx/pull/7939) for more discussion
Admins should still consider putting a reasonable block list in place, more information on why can be found [here](https://github.com/kubernetes/ingress-nginx/issues/7837) and how in our documentation [here](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#annotation-value-word-blocklist)
_Changes:_
- [7963](https://github.com/kubernetes/ingress-nginx/pull/7963) Change sanitization message from error to warning (#7963)
- [7942](https://github.com/kubernetes/ingress-nginx/pull/7942) update default block list,docs, tests (#7942)
### 0.49.0 ### 0.49.0

2
Makefile
View file

@ -51,7 +51,7 @@ endif
REGISTRY ?= gcr.io/k8s-staging-ingress-nginx REGISTRY ?= gcr.io/k8s-staging-ingress-nginx
BASE_IMAGE ?= k8s.gcr.io/ingress-nginx/nginx:v20210809-g98288bc3c@sha256:f9363669cf26514c9548c1fe4f8f4e2f58dfb76616bcd638a0ff7f0ec3457c17 BASE_IMAGE ?= k8s.gcr.io/ingress-nginx/nginx:v20210926-g5662db450@sha256:1ef404b5e8741fe49605a1f40c3fdd8ef657aecdb9526ea979d1672eeabd0cd9
GOARCH=$(ARCH) GOARCH=$(ARCH)

2
TAG
View file

@ -1 +1 @@
v0.49.0 v0.50.0

2
build/run-in-docker.sh
View file

@ -37,7 +37,7 @@ function cleanup {
} }
trap cleanup EXIT trap cleanup EXIT
E2E_IMAGE=${E2E_IMAGE:-k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210810-g820a21a74@sha256:7d7393a8c6c72d76145282df53ea0679a5b769211fd1cd6b8910b6dda1bd986d} E2E_IMAGE=${E2E_IMAGE:-k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210822-g5e5faa24d@sha256:55c568d9e35e15d94b3ab41fe549b8ee4cd910cc3e031ddcccd06256755c5d89}
DOCKER_OPTS=${DOCKER_OPTS:-} DOCKER_OPTS=${DOCKER_OPTS:-}
DOCKER_IN_DOCKER_ENABLED=${DOCKER_IN_DOCKER_ENABLED:-} DOCKER_IN_DOCKER_ENABLED=${DOCKER_IN_DOCKER_ENABLED:-}

12
charts/ingress-nginx/CHANGELOG.md
View file

@ -2,6 +2,18 @@
This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org). This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org).
### 3.40.0
- [7973](https://github.com/kubernetes/ingress-nginx/pull/7973) update controller version to v0.50.0
- [7963](https://github.com/kubernetes/ingress-nginx/pull/7963) Change sanitization message from error to warning (#7963)
- [7942](https://github.com/kubernetes/ingress-nginx/pull/7942) update default block list,docs, tests (#7942)
### 3.39.0
- [7742] https://github.com/kubernetes/ingress-nginx/pull/7742 Release v0.49.3 with bugfixes
### 3.37.0
- [7666] https://github.com/kubernetes/ingress-nginx/pull/7666 Add option to disable snippet annotations
- [7671] https://github.com/kubernetes/ingress-nginx/pull/7671 Downgrade NGINX image to v1.19.9
### 3.34.0 ### 3.34.0
- [7256] https://github.com/kubernetes/ingress-nginx/pull/7256 Add namespace field in the namespace scoped resource templates - [7256] https://github.com/kubernetes/ingress-nginx/pull/7256 Add namespace field in the namespace scoped resource templates

10
charts/ingress-nginx/Chart.yaml
View file

@ -1,9 +1,9 @@
apiVersion: v2 apiVersion: v2
name: ingress-nginx name: ingress-nginx
# When the version is modified, make sure the artifacthub.io/changes list is updated # When the version is modified, please make sure the artifacthub.io/changes list is updated
# Also update CHANGELOG.md # Also update CHANGELOG.md
version: 3.36.0 version: 3.40.0
appVersion: 0.49.0 appVersion: 0.50.0
home: https://github.com/kubernetes/ingress-nginx home: https://github.com/kubernetes/ingress-nginx
description: Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer description: Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer
icon: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c5/Nginx_logo.svg/500px-Nginx_logo.svg.png icon: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c5/Nginx_logo.svg/500px-Nginx_logo.svg.png
@ -21,5 +21,5 @@ annotations:
# List of changes for the release in artifacthub.io # List of changes for the release in artifacthub.io
# https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx?modal=changelog # https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx?modal=changelog
artifacthub.io/changes: | artifacthub.io/changes: |
- Migrate the webhook-certgen program inside ingress repo. - Fix selector for shuttind down Pods status
- Fix forwarding of auth-response-headers to gRPC backends - Fix overlap check when ingress is configured as canary

1
charts/ingress-nginx/ci/daemonset-customconfig-values.yaml
View file

@ -1,5 +1,6 @@
controller: controller:
kind: DaemonSet kind: DaemonSet
allowSnippetAnnotations: false
admissionWebhooks: admissionWebhooks:
enabled: false enabled: false
service: service:

14
charts/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml Normal file
View file

@ -0,0 +1,14 @@
controller:
autoscaling:
enabled: true
behavior:
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Pods
value: 1
periodSeconds: 180
admissionWebhooks:
enabled: false
service:
type: ClusterIP

1
charts/ingress-nginx/ci/deployment-customconfig-values.yaml
View file

@ -1,6 +1,7 @@
controller: controller:
config: config:
use-proxy-protocol: "true" use-proxy-protocol: "true"
allowSnippetAnnotations: false
admissionWebhooks: admissionWebhooks:
enabled: false enabled: false
service: service:

1
charts/ingress-nginx/templates/controller-configmap.yaml
View file

@ -10,6 +10,7 @@ metadata:
name: {{ include "ingress-nginx.controller.fullname" . }} name: {{ include "ingress-nginx.controller.fullname" . }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
data: data:
allow-snippet-annotations: "{{ .Values.controller.allowSnippetAnnotations }}"
{{- if .Values.controller.addHeaders }} {{- if .Values.controller.addHeaders }}
add-headers: {{ .Release.Namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-add-headers add-headers: {{ .Release.Namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-add-headers
{{- end }} {{- end }}

6
charts/ingress-nginx/templates/controller-hpa.yaml
View file

@ -38,7 +38,11 @@ spec:
averageUtilization: {{ . }} averageUtilization: {{ . }}
{{- end }} {{- end }}
{{- with .Values.controller.autoscalingTemplate }} {{- with .Values.controller.autoscalingTemplate }}
{{- toYaml . | nindent 2 }} {{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.controller.autoscaling.behavior }}
behavior:
{{- toYaml . | nindent 4 }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

23
charts/ingress-nginx/values.yaml
View file

@ -15,8 +15,8 @@ controller:
# for backwards compatibility consider setting the full image url via the repository value below # for backwards compatibility consider setting the full image url via the repository value below
# use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail # use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
# repository: # repository:
tag: "v0.49.0" tag: "v0.50.0"
digest: sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef digest: sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# www-data -> uid 101 # www-data -> uid 101
runAsUser: 101 runAsUser: 101
@ -61,6 +61,12 @@ controller:
# Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply # Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply
reportNodeInternalIp: false reportNodeInternalIp: false
# This configuration defines if Ingress Controller should allow users to set
# their own *-snippet annotations, otherwise this is forbidden / dropped
# when users add those annotations.
# Global snippets in ConfigMap are still respected
allowSnippetAnnotations: true
# Required for use with CNI based kubernetes installations (such as ones set up by kubeadm), # Required for use with CNI based kubernetes installations (such as ones set up by kubeadm),
# since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920 # since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920
# is merged # is merged
@ -335,6 +341,19 @@ controller:
maxReplicas: 11 maxReplicas: 11
targetCPUUtilizationPercentage: 50 targetCPUUtilizationPercentage: 50
targetMemoryUtilizationPercentage: 50 targetMemoryUtilizationPercentage: 50
behavior: {}
# scaleDown:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 1
# periodSeconds: 180
# scaleUp:
# stabilizationWindowSeconds: 300
# policies:
# - type: Pods
# value: 2
# periodSeconds: 60
autoscalingTemplate: [] autoscalingTemplate: []
# Custom or additional autoscaling metrics # Custom or additional autoscaling metrics

79
deploy/static/provider/aws/deploy-tls-termination.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,15 +28,16 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
http-snippet: | http-snippet: |
server{ server{
listen 2443; listen 2443;
@ -50,10 +51,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -119,10 +120,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -139,10 +140,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -225,10 +226,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -247,10 +248,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -278,10 +279,10 @@ metadata:
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https
service.beta.kubernetes.io/aws-load-balancer-type: elb service.beta.kubernetes.io/aws-load-balancer-type: elb
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -308,10 +309,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -334,7 +335,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -426,10 +427,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -467,10 +468,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -483,10 +484,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -507,10 +508,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -532,10 +533,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -557,10 +558,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -582,10 +583,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -593,10 +594,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -632,10 +633,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -643,10 +644,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/aws/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,25 +28,26 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -112,10 +113,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -132,10 +133,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -218,10 +219,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -240,10 +241,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -268,10 +269,10 @@ metadata:
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true' service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true'
service.beta.kubernetes.io/aws-load-balancer-type: nlb service.beta.kubernetes.io/aws-load-balancer-type: nlb
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -298,10 +299,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -324,7 +325,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -413,10 +414,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -454,10 +455,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -470,10 +471,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -494,10 +495,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -519,10 +520,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -544,10 +545,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -569,10 +570,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -580,10 +581,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -619,10 +620,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -630,10 +631,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/baremetal/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,25 +28,26 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -112,10 +113,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -132,10 +133,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -218,10 +219,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -240,10 +241,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -265,10 +266,10 @@ kind: Service
metadata: metadata:
annotations: annotations:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -294,10 +295,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -320,7 +321,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -408,10 +409,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -449,10 +450,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -465,10 +466,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -489,10 +490,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -514,10 +515,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -539,10 +540,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -564,10 +565,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -575,10 +576,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -614,10 +615,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -625,10 +626,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/cloud/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,25 +28,26 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -112,10 +113,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -132,10 +133,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -218,10 +219,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -240,10 +241,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -265,10 +266,10 @@ kind: Service
metadata: metadata:
annotations: annotations:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -295,10 +296,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -321,7 +322,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -410,10 +411,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -451,10 +452,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -467,10 +468,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -491,10 +492,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -516,10 +517,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -541,10 +542,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -566,10 +567,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -577,10 +578,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -616,10 +617,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -627,10 +628,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/do/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,15 +28,16 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
use-proxy-protocol: 'true' use-proxy-protocol: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
@ -44,10 +45,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -113,10 +114,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -133,10 +134,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -219,10 +220,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -241,10 +242,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -267,10 +268,10 @@ metadata:
annotations: annotations:
service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: 'true' service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: 'true'
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -297,10 +298,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -323,7 +324,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -412,10 +413,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -453,10 +454,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -469,10 +470,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -493,10 +494,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -518,10 +519,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -543,10 +544,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -568,10 +569,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -579,10 +580,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -618,10 +619,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -629,10 +630,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/exoscale/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,25 +28,26 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -112,10 +113,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -132,10 +133,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -218,10 +219,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -240,10 +241,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -273,10 +274,10 @@ metadata:
service.beta.kubernetes.io/exoscale-loadbalancer-service-healthcheck-timeout: 3s service.beta.kubernetes.io/exoscale-loadbalancer-service-healthcheck-timeout: 3s
service.beta.kubernetes.io/exoscale-loadbalancer-service-strategy: source-hash service.beta.kubernetes.io/exoscale-loadbalancer-service-strategy: source-hash
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -303,10 +304,10 @@ apiVersion: apps/v1
kind: DaemonSet kind: DaemonSet
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -329,7 +330,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -418,10 +419,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -459,10 +460,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -475,10 +476,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -499,10 +500,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -524,10 +525,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -549,10 +550,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -574,10 +575,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -585,10 +586,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -624,10 +625,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -635,10 +636,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/kind/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,25 +28,26 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -112,10 +113,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -132,10 +133,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -218,10 +219,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -240,10 +241,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -265,10 +266,10 @@ kind: Service
metadata: metadata:
annotations: annotations:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -294,10 +295,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -324,7 +325,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -420,10 +421,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -461,10 +462,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -477,10 +478,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -501,10 +502,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -526,10 +527,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -551,10 +552,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -576,10 +577,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -587,10 +588,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -626,10 +627,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -637,10 +638,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

79
deploy/static/provider/scw/deploy.yaml
View file

@ -13,10 +13,10 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -28,15 +28,16 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
namespace: ingress-nginx namespace: ingress-nginx
data: data:
allow-snippet-annotations: 'true'
use-proxy-protocol: 'true' use-proxy-protocol: 'true'
--- ---
# Source: ingress-nginx/templates/clusterrole.yaml # Source: ingress-nginx/templates/clusterrole.yaml
@ -44,10 +45,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
rules: rules:
@ -113,10 +114,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
name: ingress-nginx name: ingress-nginx
roleRef: roleRef:
@ -133,10 +134,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -219,10 +220,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx name: ingress-nginx
@ -241,10 +242,10 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller-admission name: ingress-nginx-controller-admission
@ -267,10 +268,10 @@ metadata:
annotations: annotations:
service.beta.kubernetes.io/scw-loadbalancer-proxy-protocol-v2: 'true' service.beta.kubernetes.io/scw-loadbalancer-proxy-protocol-v2: 'true'
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -297,10 +298,10 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller app.kubernetes.io/component: controller
name: ingress-nginx-controller name: ingress-nginx-controller
@ -323,7 +324,7 @@ spec:
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
containers: containers:
- name: controller - name: controller
image: k8s.gcr.io/ingress-nginx/controller:v0.49.0@sha256:e9707504ad0d4c119036b6d41ace4a33596139d3feb9ccb6617813ce48c3eeef image: k8s.gcr.io/ingress-nginx/controller:v0.50.0@sha256:f46fc2d161c97a9d950635acb86fb3f8d4adcfb03ee241ea89c6cde16aa3fdf8
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
lifecycle: lifecycle:
preStop: preStop:
@ -412,10 +413,10 @@ apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration kind: ValidatingWebhookConfiguration
metadata: metadata:
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
name: ingress-nginx-admission name: ingress-nginx-admission
@ -453,10 +454,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
--- ---
@ -469,10 +470,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -493,10 +494,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -518,10 +519,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
rules: rules:
@ -543,10 +544,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
roleRef: roleRef:
@ -568,10 +569,10 @@ metadata:
helm.sh/hook: pre-install,pre-upgrade helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -579,10 +580,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-create name: ingress-nginx-admission-create
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -618,10 +619,10 @@ metadata:
helm.sh/hook: post-install,post-upgrade helm.sh/hook: post-install,post-upgrade
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:
@ -629,10 +630,10 @@ spec:
metadata: metadata:
name: ingress-nginx-admission-patch name: ingress-nginx-admission-patch
labels: labels:
helm.sh/chart: ingress-nginx-3.36.0 helm.sh/chart: ingress-nginx-3.40.0
app.kubernetes.io/name: ingress-nginx app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.49.0 app.kubernetes.io/version: 0.50.0
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: admission-webhook app.kubernetes.io/component: admission-webhook
spec: spec:

23
docs/user-guide/nginx-configuration/configmap.md
View file

@ -29,6 +29,8 @@ The following table shows a configuration option's name, type, and the default v
|:---|:---|:------| |:---|:---|:------|
|[add-headers](#add-headers)|string|""| |[add-headers](#add-headers)|string|""|
|[allow-backend-server-header](#allow-backend-server-header)|bool|"false"| |[allow-backend-server-header](#allow-backend-server-header)|bool|"false"|
|[allow-snippet-annotations](#allow-snippet-annotations)|bool|true|
|[annotation-value-word-blocklist](#annotation-value-word-blocklist)|string array|""|
|[hide-headers](#hide-headers)|string array|empty| |[hide-headers](#hide-headers)|string array|empty|
|[access-log-params](#access-log-params)|string|""| |[access-log-params](#access-log-params)|string|""|
|[access-log-path](#access-log-path)|string|"/var/log/nginx/access.log"| |[access-log-path](#access-log-path)|string|"/var/log/nginx/access.log"|
@ -209,6 +211,27 @@ Sets custom headers from named configmap before sending traffic to the client. S
Enables the return of the header Server from the backend instead of the generic nginx string. _**default:**_ is disabled Enables the return of the header Server from the backend instead of the generic nginx string. _**default:**_ is disabled
## allow-snippet-annotations
Enables Ingress to parse and add *-snippet annotations/directives created by the user. _**default:**_ `true`;
Warning: We recommend enabling this option only if you TRUST users with permission to create Ingress objects, as this
may allow a user to add restricted configurations to the final nginx.conf file
## annotation-value-word-blocklist
Contains a comma-separated value of chars/words that are well known of being used to abuse Ingress configuration
and must be blocked. Related to [CVE-2021-25742](https://github.com/kubernetes/ingress-nginx/issues/7837)
When an annotation is detected with a value that matches one of the blocked bad words, the whole Ingress won't be configured.
_**default:**_ `""`
When doing this, the default blocklist is override, which means that the Ingress admin should add all the words
that should be blocked, here is a suggested block list.
_**suggested:**_ `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\"`
## hide-headers ## hide-headers
Sets additional header that will not be passed from the upstream server to the client response. Sets additional header that will not be passed from the upstream server to the client response.

103
go.mod
View file

@ -1,6 +1,6 @@
module k8s.io/ingress-nginx module k8s.io/ingress-nginx
go 1.16 go 1.17
require ( require (
github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a
@ -46,3 +46,104 @@ require (
sigs.k8s.io/controller-runtime v0.9.5 sigs.k8s.io/controller-runtime v0.9.5
sigs.k8s.io/mdtoc v1.0.1 sigs.k8s.io/mdtoc v1.0.1
) )
require (
cloud.google.com/go v0.81.0 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.12 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.5 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/logger v0.2.0 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/BurntSushi/toml v0.3.1 // indirect
github.com/PuerkitoBio/purell v1.1.1 // indirect
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
github.com/ajg/form v1.5.1 // indirect
github.com/andybalholm/brotli v1.0.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver v3.5.1+incompatible // indirect
github.com/cespare/xxhash/v2 v2.1.1 // indirect
github.com/coreos/go-systemd/v22 v22.3.2 // indirect
github.com/cyphar/filepath-securejoin v0.2.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/eapache/queue v1.1.0 // indirect
github.com/emicklei/go-restful v2.9.5+incompatible // indirect
github.com/evanphx/json-patch v4.11.0+incompatible // indirect
github.com/fatih/structs v1.0.0 // indirect
github.com/form3tech-oss/jwt-go v3.2.2+incompatible // indirect
github.com/fullsailor/pkcs7 v0.0.0-20160414161337-2585af45975b // indirect
github.com/go-errors/errors v1.0.1 // indirect
github.com/go-logr/logr v0.4.0 // indirect
github.com/go-openapi/jsonpointer v0.19.3 // indirect
github.com/go-openapi/jsonreference v0.19.3 // indirect
github.com/go-openapi/spec v0.19.5 // indirect
github.com/go-openapi/swag v0.19.5 // indirect
github.com/godbus/dbus/v5 v5.0.4 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/gomarkdown/markdown v0.0.0-20200824053859-8c8b3816f167 // indirect
github.com/google/btree v1.0.0 // indirect
github.com/google/go-cmp v0.5.5 // indirect
github.com/google/go-querystring v1.0.0 // indirect
github.com/google/gofuzz v1.1.0 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
github.com/google/uuid v1.2.0 // indirect
github.com/googleapis/gnostic v0.5.5 // indirect
github.com/gorilla/websocket v1.4.2 // indirect
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/imkira/go-interpol v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/klauspost/compress v1.12.2 // indirect
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
github.com/mailru/easyjson v0.7.0 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
github.com/mmarkdown/mmark v2.0.40+incompatible // indirect
github.com/moby/sys/mountinfo v0.4.1 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.1 // indirect
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
github.com/ncabatoff/go-seq v0.0.0-20180805175032-b08ef85ed833 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 // indirect
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
github.com/prometheus/procfs v0.6.0 // indirect
github.com/sergi/go-diff v1.1.0 // indirect
github.com/sirupsen/logrus v1.8.1 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/valyala/fasthttp v1.27.0 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/xeipuuv/gojsonschema v1.1.0 // indirect
github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca // indirect
github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0 // indirect
github.com/yudai/gojsondiff v1.0.0 // indirect
github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect
go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
go.uber.org/zap v1.18.1 // indirect
golang.org/x/mod v0.4.2 // indirect
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c // indirect
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d // indirect
golang.org/x/text v0.3.6 // indirect
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
golang.org/x/tools v0.1.2 // indirect
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect
google.golang.org/protobuf v1.26.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027 // indirect
k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 // indirect
moul.io/http2curl v1.0.1-0.20190925090545-5cd742060b0e // indirect
sigs.k8s.io/kustomize/api v0.8.8 // indirect
sigs.k8s.io/kustomize/kyaml v0.10.17 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.1.2 // indirect
sigs.k8s.io/yaml v1.2.0 // indirect
)

2
hack/boilerplate/boilerplate.py
View file

@ -193,7 +193,7 @@ def get_regexs():
'(%s)' % "|".join(map(lambda l: str(l), years))) '(%s)' % "|".join(map(lambda l: str(l), years)))
# strip // +build \n\n build constraints # strip // +build \n\n build constraints
regexs["go_build_constraints"] = re.compile( regexs["go_build_constraints"] = re.compile(
r"^(// \+build.*\n)+\n", re.MULTILINE) r"^((// \+build.*\n)|(//go:build.*\n))+\n", re.MULTILINE)
# strip #!.* from shell scripts # strip #!.* from shell scripts
regexs["shebang"] = re.compile(r"^(#!.*\n)\n*", re.MULTILINE) regexs["shebang"] = re.compile(r"^(#!.*\n)\n*", re.MULTILINE)
return regexs return regexs

1
hack/tools.go
View file

@ -1,3 +1,4 @@
//go:build tools
// +build tools // +build tools
/* /*

2
images/echo/Makefile
View file

@ -36,7 +36,7 @@ build: ensure-buildx
--platform=${PLATFORMS} $(OUTPUT) \ --platform=${PLATFORMS} $(OUTPUT) \
--progress=$(PROGRESS) \ --progress=$(PROGRESS) \
--pull \ --pull \
--build-arg BASE_IMAGE=k8s.gcr.io/ingress-nginx/nginx:v20210809-g98288bc3c@sha256:f9363669cf26514c9548c1fe4f8f4e2f58dfb76616bcd638a0ff7f0ec3457c17 \ --build-arg BASE_IMAGE=k8s.gcr.io/ingress-nginx/nginx:v20210926-g5662db450@sha256:1ef404b5e8741fe49605a1f40c3fdd8ef657aecdb9526ea979d1672eeabd0cd9 \
--build-arg LUAROCKS_VERSION=3.3.1 \ --build-arg LUAROCKS_VERSION=3.3.1 \
--build-arg LUAROCKS_SHA=837481e408f7c06b59befe7ec194537c657687d624894bca7f79034302141a34 \ --build-arg LUAROCKS_SHA=837481e408f7c06b59befe7ec194537c657687d624894bca7f79034302141a34 \
-t $(IMAGE):$(TAG) rootfs -t $(IMAGE):$(TAG) rootfs

2
images/nginx/README.md
View file

@ -18,7 +18,7 @@ This image provides a default configuration file with no backend servers.
_Using docker_ _Using docker_
```console ```console
docker run -v /some/nginx.con:/etc/nginx/nginx.conf:ro k8s.gcr.io/ingress-nginx/nginx:v20210809-g98288bc3c@sha256:f9363669cf26514c9548c1fe4f8f4e2f58dfb76616bcd638a0ff7f0ec3457c17 docker run -v /some/nginx.conf:/etc/nginx/nginx.conf:ro k8s.gcr.io/ingress-nginx/nginx:v20210926-g5662db450@sha256:1ef404b5e8741fe49605a1f40c3fdd8ef657aecdb9526ea979d1672eeabd0cd9
``` ```
_Creating a replication controller_ _Creating a replication controller_

2
images/nginx/rc.yaml
View file

@ -38,7 +38,7 @@ spec:
spec: spec:
containers: containers:
- name: nginx - name: nginx
image: k8s.gcr.io/ingress-nginx/nginx:v20210809-g98288bc3c@sha256:f9363669cf26514c9548c1fe4f8f4e2f58dfb76616bcd638a0ff7f0ec3457c17 image: k8s.gcr.io/ingress-nginx/nginx:v20210926-g5662db450@sha256:1ef404b5e8741fe49605a1f40c3fdd8ef657aecdb9526ea979d1672eeabd0cd9
ports: ports:
- containerPort: 80 - containerPort: 80
- containerPort: 443 - containerPort: 443

4
images/nginx/rootfs/Dockerfile
View file

@ -13,7 +13,7 @@
# limitations under the License. # limitations under the License.
FROM alpine:3.13 as builder FROM alpine:3.14.2 as builder
COPY . / COPY . /
@ -23,7 +23,7 @@ RUN apk update \
&& /build.sh && /build.sh
# Use a multi-stage build # Use a multi-stage build
FROM alpine:3.13 FROM alpine:3.14.2
ENV PATH=$PATH:/usr/local/luajit/bin:/usr/local/nginx/sbin:/usr/local/nginx/bin ENV PATH=$PATH:/usr/local/luajit/bin:/usr/local/nginx/sbin:/usr/local/nginx/bin

4
images/nginx/rootfs/build.sh
View file

@ -18,7 +18,7 @@ set -o errexit
set -o nounset set -o nounset
set -o pipefail set -o pipefail
export NGINX_VERSION=1.20.1 export NGINX_VERSION=1.19.9
# Check for recent changes: https://github.com/vision5/ngx_devel_kit/compare/v0.3.1...master # Check for recent changes: https://github.com/vision5/ngx_devel_kit/compare/v0.3.1...master
export NDK_VERSION=0.3.1 export NDK_VERSION=0.3.1
@ -190,7 +190,7 @@ mkdir --verbose -p "$BUILD_PATH"
cd "$BUILD_PATH" cd "$BUILD_PATH"
# download, verify and extract the source files # download, verify and extract the source files
get_src e462e11533d5c30baa05df7652160ff5979591d291736cfa5edb9fd2edb48c49 \ get_src 2e35dff06a9826e8aca940e9e8be46b7e4b12c19a48d55bfc2dc28fc9cc7d841 \
"https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz" "https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz"
get_src 0e971105e210d272a497567fa2e2c256f4e39b845a5ba80d373e26ba1abfbd85 \ get_src 0e971105e210d272a497567fa2e2c256f4e39b845a5ba80d373e26ba1abfbd85 \

2
images/test-runner/Makefile
View file

@ -23,7 +23,7 @@ REGISTRY ?= local
IMAGE = $(REGISTRY)/e2e-test-runner IMAGE = $(REGISTRY)/e2e-test-runner
NGINX_BASE_IMAGE ?= k8s.gcr.io/ingress-nginx/nginx:v20210809-g98288bc3c@sha256:f9363669cf26514c9548c1fe4f8f4e2f58dfb76616bcd638a0ff7f0ec3457c17 NGINX_BASE_IMAGE ?= k8s.gcr.io/ingress-nginx/nginx:v20210926-g5662db450@sha256:1ef404b5e8741fe49605a1f40c3fdd8ef657aecdb9526ea979d1672eeabd0cd9
# required to enable buildx # required to enable buildx
export DOCKER_CLI_EXPERIMENTAL=enabled export DOCKER_CLI_EXPERIMENTAL=enabled

6
internal/ingress/annotations/parser/main_test.go
View file

@ -116,6 +116,12 @@ rewrite (?i)/arcgis/services/Utilities/Geometry/GeometryServer(.*)$ /arcgis/serv
} }
continue continue
} }
if !test.expErr {
if err != nil {
t.Errorf("%v: didn't expected error but error was returned: %v", test.name, err)
}
continue
}
if s != test.exp { if s != test.exp {
t.Errorf("%v: expected \"%v\" but \"%v\" was returned", test.name, test.exp, s) t.Errorf("%v: expected \"%v\" but \"%v\" was returned", test.name, test.exp, s)
} }

13
internal/ingress/controller/config/config.go
View file

@ -93,6 +93,15 @@ const (
type Configuration struct { type Configuration struct {
defaults.Backend `json:",squash"` defaults.Backend `json:",squash"`
// AllowSnippetAnnotations enable users to add their own snippets via ingress annotation.
// If disabled, only snippets added via ConfigMap are added to ingress.
AllowSnippetAnnotations bool `json:"allow-snippet-annotations"`
// AnnotationValueWordBlocklist defines words that should not be part of an user annotation value
// (can be used to run arbitrary code or configs, for example) and that should be dropped.
// This list should be separated by "," character
AnnotationValueWordBlocklist string `json:"annotation-value-word-blocklist"`
// Sets the name of the configmap that contains the headers to pass to the client // Sets the name of the configmap that contains the headers to pass to the client
AddHeaders string `json:"add-headers,omitempty"` AddHeaders string `json:"add-headers,omitempty"`
@ -749,7 +758,6 @@ func NewDefault() Configuration {
defNginxStatusIpv4Whitelist := make([]string, 0) defNginxStatusIpv4Whitelist := make([]string, 0)
defNginxStatusIpv6Whitelist := make([]string, 0) defNginxStatusIpv6Whitelist := make([]string, 0)
defResponseHeaders := make([]string, 0) defResponseHeaders := make([]string, 0)
defIPCIDR = append(defIPCIDR, "0.0.0.0/0") defIPCIDR = append(defIPCIDR, "0.0.0.0/0")
defNginxStatusIpv4Whitelist = append(defNginxStatusIpv4Whitelist, "127.0.0.1") defNginxStatusIpv4Whitelist = append(defNginxStatusIpv4Whitelist, "127.0.0.1")
defNginxStatusIpv6Whitelist = append(defNginxStatusIpv6Whitelist, "::1") defNginxStatusIpv6Whitelist = append(defNginxStatusIpv6Whitelist, "::1")
@ -757,7 +765,10 @@ func NewDefault() Configuration {
defGlobalExternalAuth := GlobalExternalAuth{"", "", "", "", "", append(defResponseHeaders, ""), "", "", "", []string{}, map[string]string{}} defGlobalExternalAuth := GlobalExternalAuth{"", "", "", "", "", append(defResponseHeaders, ""), "", "", "", []string{}, map[string]string{}}
cfg := Configuration{ cfg := Configuration{
AllowSnippetAnnotations: true,
AllowBackendServerHeader: false, AllowBackendServerHeader: false,
AnnotationValueWordBlocklist: "",
AccessLogPath: "/var/log/nginx/access.log", AccessLogPath: "/var/log/nginx/access.log",
AccessLogParams: "", AccessLogParams: "",
EnableAccessLogForDefaultBackend: false, EnableAccessLogForDefaultBackend: false,

83
internal/ingress/controller/controller.go
View file

@ -235,27 +235,43 @@ func (n *NGINXController) CheckIngress(ing *networking.Ingress) error {
return fmt.Errorf("This deployment is trying to create a catch-all ingress while DisableCatchAll flag is set to true. Remove '.spec.backend' or set DisableCatchAll flag to false.") return fmt.Errorf("This deployment is trying to create a catch-all ingress while DisableCatchAll flag is set to true. Remove '.spec.backend' or set DisableCatchAll flag to false.")
} }
cfg := n.store.GetBackendConfiguration()
cfg.Resolver = n.resolver
var arrayBadWords []string
if cfg.AnnotationValueWordBlocklist != "" {
arrayBadWords = strings.Split(strings.TrimSpace(cfg.AnnotationValueWordBlocklist), ",")
}
for key, value := range ing.ObjectMeta.GetAnnotations() {
if parser.AnnotationsPrefix != parser.DefaultAnnotationsPrefix { if parser.AnnotationsPrefix != parser.DefaultAnnotationsPrefix {
for key := range ing.ObjectMeta.GetAnnotations() {
if strings.HasPrefix(key, fmt.Sprintf("%s/", parser.DefaultAnnotationsPrefix)) { if strings.HasPrefix(key, fmt.Sprintf("%s/", parser.DefaultAnnotationsPrefix)) {
return fmt.Errorf("This deployment has a custom annotation prefix defined. Use '%s' instead of '%s'", parser.AnnotationsPrefix, parser.DefaultAnnotationsPrefix) return fmt.Errorf("This deployment has a custom annotation prefix defined. Use '%s' instead of '%s'", parser.AnnotationsPrefix, parser.DefaultAnnotationsPrefix)
} }
} }
if strings.HasPrefix(key, fmt.Sprintf("%s/", parser.AnnotationsPrefix)) && len(arrayBadWords) != 0 {
for _, forbiddenvalue := range arrayBadWords {
if strings.Contains(value, strings.TrimSpace(forbiddenvalue)) {
return fmt.Errorf("%s annotation contains invalid word %s", key, forbiddenvalue)
}
}
}
if !cfg.AllowSnippetAnnotations && strings.HasSuffix(key, "-snippet") {
return fmt.Errorf("%s annotation cannot be used. Snippet directives are disabled by the Ingress administrator", key)
}
if len(cfg.GlobalRateLimitMemcachedHost) == 0 && strings.HasPrefix(key, fmt.Sprintf("%s/%s", parser.AnnotationsPrefix, "global-rate-limit")) {
return fmt.Errorf("'global-rate-limit*' annotations require 'global-rate-limit-memcached-host' settings configured in the global configmap")
}
} }
k8s.SetDefaultNGINXPathType(ing) k8s.SetDefaultNGINXPathType(ing)
cfg := n.store.GetBackendConfiguration()
cfg.Resolver = n.resolver
if len(cfg.GlobalRateLimitMemcachedHost) == 0 {
for key := range ing.ObjectMeta.GetAnnotations() {
if strings.HasPrefix(key, fmt.Sprintf("%s/%s", parser.AnnotationsPrefix, "global-rate-limit")) {
return fmt.Errorf("'global-rate-limit*' annotations require 'global-rate-limit-memcached-host' settings configured in the global configmap")
}
}
}
allIngresses := n.store.ListIngresses() allIngresses := n.store.ListIngresses()
filter := func(toCheck *ingress.Ingress) bool { filter := func(toCheck *ingress.Ingress) bool {
@ -508,6 +524,30 @@ func (n *NGINXController) getConfiguration(ingresses []*ingress.Ingress) (sets.S
} }
} }
func dropSnippetDirectives(anns *annotations.Ingress, ingKey string) {
if anns != nil {
if anns.ConfigurationSnippet != "" {
klog.V(3).Infof("Ingress %q tried to use configuration-snippet and the annotation is disabled by the admin. Removing the annotation", ingKey)
anns.ConfigurationSnippet = ""
}
if anns.ServerSnippet != "" {
klog.V(3).Infof("Ingress %q tried to use server-snippet and the annotation is disabled by the admin. Removing the annotation", ingKey)
anns.ServerSnippet = ""
}
if anns.ModSecurity.Snippet != "" {
klog.V(3).Infof("Ingress %q tried to use modsecurity-snippet and the annotation is disabled by the admin. Removing the annotation", ingKey)
anns.ModSecurity.Snippet = ""
}
if anns.ExternalAuth.AuthSnippet != "" {
klog.V(3).Infof("Ingress %q tried to use auth-snippet and the annotation is disabled by the admin. Removing the annotation", ingKey)
anns.ExternalAuth.AuthSnippet = ""
}
}
}
// getBackendServers returns a list of Upstream and Server to be used by the // getBackendServers returns a list of Upstream and Server to be used by the
// backend. An upstream can be used in multiple servers if the namespace, // backend. An upstream can be used in multiple servers if the namespace,
// service name and port are the same. // service name and port are the same.
@ -522,6 +562,10 @@ func (n *NGINXController) getBackendServers(ingresses []*ingress.Ingress) ([]*in
ingKey := k8s.MetaNamespaceKey(ing) ingKey := k8s.MetaNamespaceKey(ing)
anns := ing.ParsedAnnotations anns := ing.ParsedAnnotations
if !n.store.GetBackendConfiguration().AllowSnippetAnnotations {
dropSnippetDirectives(anns, ingKey)
}
for _, rule := range ing.Spec.Rules { for _, rule := range ing.Spec.Rules {
host := rule.Host host := rule.Host
if host == "" { if host == "" {
@ -789,6 +833,11 @@ func (n *NGINXController) createUpstreams(data []*ingress.Ingress, du *ingress.B
for _, ing := range data { for _, ing := range data {
anns := ing.ParsedAnnotations anns := ing.ParsedAnnotations
ingKey := k8s.MetaNamespaceKey(ing)
if !n.store.GetBackendConfiguration().AllowSnippetAnnotations {
dropSnippetDirectives(anns, ingKey)
}
var defBackend string var defBackend string
if ing.Spec.Backend != nil { if ing.Spec.Backend != nil {
@ -1069,6 +1118,10 @@ func (n *NGINXController) createServers(data []*ingress.Ingress,
ingKey := k8s.MetaNamespaceKey(ing) ingKey := k8s.MetaNamespaceKey(ing)
anns := ing.ParsedAnnotations anns := ing.ParsedAnnotations
if !n.store.GetBackendConfiguration().AllowSnippetAnnotations {
dropSnippetDirectives(anns, ingKey)
}
// default upstream name // default upstream name
un := du.Name un := du.Name
@ -1145,6 +1198,10 @@ func (n *NGINXController) createServers(data []*ingress.Ingress,
ingKey := k8s.MetaNamespaceKey(ing) ingKey := k8s.MetaNamespaceKey(ing)
anns := ing.ParsedAnnotations anns := ing.ParsedAnnotations
if !n.store.GetBackendConfiguration().AllowSnippetAnnotations {
dropSnippetDirectives(anns, ingKey)
}
if anns.Canary.Enabled { if anns.Canary.Enabled {
klog.V(2).Infof("Ingress %v is marked as Canary, ignoring", ingKey) klog.V(2).Infof("Ingress %v is marked as Canary, ignoring", ingKey)
continue continue
@ -1638,7 +1695,7 @@ func checkOverlap(ing *networking.Ingress, ingresses []*ingress.Ingress, servers
return fmt.Errorf(`host "%s" and path "%s" is already defined in ingress %s/%s`, rule.Host, path.Path, existing.Namespace, existing.Name) return fmt.Errorf(`host "%s" and path "%s" is already defined in ingress %s/%s`, rule.Host, path.Path, existing.Namespace, existing.Name)
} }
if annotationErr == errors.ErrMissingAnnotations && existingAnnotationErr == existingAnnotationErr { if annotationErr == errors.ErrMissingAnnotations && existingAnnotationErr == errors.ErrMissingAnnotations {
return fmt.Errorf(`host "%s" and path "%s" is already defined in ingress %s/%s`, rule.Host, path.Path, existing.Namespace, existing.Name) return fmt.Errorf(`host "%s" and path "%s" is already defined in ingress %s/%s`, rule.Host, path.Path, existing.Namespace, existing.Name)
} }
} }

127
internal/ingress/controller/controller_test.go
View file

@ -42,6 +42,7 @@ import (
"k8s.io/ingress-nginx/internal/ingress" "k8s.io/ingress-nginx/internal/ingress"
"k8s.io/ingress-nginx/internal/ingress/annotations" "k8s.io/ingress-nginx/internal/ingress/annotations"
"k8s.io/ingress-nginx/internal/ingress/annotations/canary" "k8s.io/ingress-nginx/internal/ingress/annotations/canary"
"k8s.io/ingress-nginx/internal/ingress/annotations/ipwhitelist"
"k8s.io/ingress-nginx/internal/ingress/annotations/parser" "k8s.io/ingress-nginx/internal/ingress/annotations/parser"
"k8s.io/ingress-nginx/internal/ingress/annotations/proxyssl" "k8s.io/ingress-nginx/internal/ingress/annotations/proxyssl"
"k8s.io/ingress-nginx/internal/ingress/annotations/sessionaffinity" "k8s.io/ingress-nginx/internal/ingress/annotations/sessionaffinity"
@ -57,10 +58,11 @@ import (
type fakeIngressStore struct { type fakeIngressStore struct {
ingresses []*ingress.Ingress ingresses []*ingress.Ingress
configuration ngx_config.Configuration
} }
func (fakeIngressStore) GetBackendConfiguration() ngx_config.Configuration { func (fis fakeIngressStore) GetBackendConfiguration() ngx_config.Configuration {
return ngx_config.Configuration{} return fis.configuration
} }
func (fakeIngressStore) GetConfigMap(key string) (*corev1.ConfigMap, error) { func (fakeIngressStore) GetConfigMap(key string) (*corev1.ConfigMap, error) {
@ -246,6 +248,9 @@ func TestCheckIngress(t *testing.T) {
}) })
t.Run("When the default annotation prefix is used despite an override", func(t *testing.T) { t.Run("When the default annotation prefix is used despite an override", func(t *testing.T) {
defer func() {
parser.AnnotationsPrefix = "nginx.ingress.kubernetes.io"
}()
parser.AnnotationsPrefix = "ingress.kubernetes.io" parser.AnnotationsPrefix = "ingress.kubernetes.io"
ing.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/backend-protocol"] = "GRPC" ing.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/backend-protocol"] = "GRPC"
nginx.command = testNginxTestCommand{ nginx.command = testNginxTestCommand{
@ -257,6 +262,44 @@ func TestCheckIngress(t *testing.T) {
} }
}) })
t.Run("When snippets are disabled and user tries to use snippet annotation", func(t *testing.T) {
nginx.store = fakeIngressStore{
ingresses: []*ingress.Ingress{},
configuration: ngx_config.Configuration{
AllowSnippetAnnotations: false,
},
}
nginx.command = testNginxTestCommand{
t: t,
err: nil,
}
ing.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/server-snippet"] = "bla"
if err := nginx.CheckIngress(ing); err == nil {
t.Errorf("with a snippet annotation, ingresses using the default should be rejected")
}
})
t.Run("When invalid directives are used in annotation values", func(t *testing.T) {
nginx.store = fakeIngressStore{
ingresses: []*ingress.Ingress{},
configuration: ngx_config.Configuration{
AnnotationValueWordBlocklist: "invalid_directive, another_directive",
},
}
nginx.command = testNginxTestCommand{
t: t,
err: nil,
}
ing.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/custom-headers"] = "invalid_directive"
if err := nginx.CheckIngress(ing); err == nil {
t.Errorf("with an invalid value in annotation the ingress should be rejected")
}
ing.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/custom-headers"] = "another_directive"
if err := nginx.CheckIngress(ing); err == nil {
t.Errorf("with an invalid value in annotation the ingress should be rejected")
}
})
t.Run("When a new catch-all ingress is being created despite catch-alls being disabled ", func(t *testing.T) { t.Run("When a new catch-all ingress is being created despite catch-alls being disabled ", func(t *testing.T) {
backendBefore := ing.Spec.Backend backendBefore := ing.Spec.Backend
disableCatchAllBefore := nginx.cfg.DisableCatchAll disableCatchAllBefore := nginx.cfg.DisableCatchAll
@ -284,6 +327,9 @@ func TestCheckIngress(t *testing.T) {
}) })
t.Run("When the ingress is in a different namespace than the watched one", func(t *testing.T) { t.Run("When the ingress is in a different namespace than the watched one", func(t *testing.T) {
defer func() {
nginx.cfg.Namespace = "test-namespace"
}()
nginx.command = testNginxTestCommand{ nginx.command = testNginxTestCommand{
t: t, t: t,
err: fmt.Errorf("test error"), err: fmt.Errorf("test error"),
@ -2075,6 +2121,83 @@ func TestGetBackendServers(t *testing.T) {
} }
}, },
}, },
{
Ingresses: []*ingress.Ingress{
{
Ingress: networking.Ingress{
ObjectMeta: metav1.ObjectMeta{
Name: "not-allowed-snippet",
Namespace: "default",
Annotations: map[string]string{
"nginx.ingress.kubernetes.io/server-snippet": "bla",
"nginx.ingress.kubernetes.io/configuration-snippet": "blo",
"nginx.ingress.kubernetes.io/whitelist-source-range": "10.0.0.0/24",
},
},
Spec: networking.IngressSpec{
Rules: []networking.IngressRule{
{
Host: "example.com",
IngressRuleValue: networking.IngressRuleValue{
HTTP: &networking.HTTPIngressRuleValue{
Paths: []networking.HTTPIngressPath{
{
Path: "/path1",
PathType: &pathTypePrefix,
Backend: networking.IngressBackend{
ServiceName: "path1-svc",
ServicePort: intstr.IntOrString{
Type: intstr.Int,
IntVal: 80,
},
},
},
},
},
},
},
},
},
},
ParsedAnnotations: &annotations.Ingress{
Whitelist: ipwhitelist.SourceRange{CIDR: []string{"10.0.0.0/24"}},
ServerSnippet: "bla",
ConfigurationSnippet: "blo",
},
},
},
Validate: func(ingresses []*ingress.Ingress, upstreams []*ingress.Backend, servers []*ingress.Server) {
if len(servers) != 2 {
t.Errorf("servers count should be 2, got %d", len(servers))
return
}
s := servers[1]
if s.ServerSnippet != "" {
t.Errorf("server snippet should be empty, got '%s'", s.ServerSnippet)
}
if s.Locations[0].ConfigurationSnippet != "" {
t.Errorf("config snippet should be empty, got '%s'", s.Locations[0].ConfigurationSnippet)
}
if len(s.Locations[0].Whitelist.CIDR) != 1 || s.Locations[0].Whitelist.CIDR[0] != "10.0.0.0/24" {
t.Errorf("allow list was incorrectly dropped, len should be 1 and contain 10.0.0.0/24")
}
},
SetConfigMap: func(ns string) *v1.ConfigMap {
return &v1.ConfigMap{
ObjectMeta: metav1.ObjectMeta{
Name: "config",
SelfLink: fmt.Sprintf("/api/v1/namespaces/%s/configmaps/config", ns),
},
Data: map[string]string{
"allow-snippet-annotations": "false",
},
}
},
},
} }
for _, testCase := range testCases { for _, testCase := range testCases {

24
internal/ingress/controller/store/store.go
View file

@ -23,6 +23,7 @@ import (
"os" "os"
"reflect" "reflect"
"sort" "sort"
"strings"
"sync" "sync"
"time" "time"
@ -630,6 +631,21 @@ func hasCatchAllIngressRule(spec networkingv1beta1.IngressSpec) bool {
return spec.Backend != nil return spec.Backend != nil
} }
func checkBadAnnotationValue(annotations map[string]string, badwords string) error {
arraybadWords := strings.Split(strings.TrimSpace(badwords), ",")
for annotation, value := range annotations {
if strings.HasPrefix(annotation, fmt.Sprintf("%s/", parser.AnnotationsPrefix)) {
for _, forbiddenvalue := range arraybadWords {
if strings.Contains(value, forbiddenvalue) {
return fmt.Errorf("%s annotation contains invalid word %s", annotation, forbiddenvalue)
}
}
}
}
return nil
}
// syncIngress parses ingress annotations converting the value of the // syncIngress parses ingress annotations converting the value of the
// annotation to a go struct // annotation to a go struct
func (s *k8sStore) syncIngress(ing *networkingv1beta1.Ingress) { func (s *k8sStore) syncIngress(ing *networkingv1beta1.Ingress) {
@ -638,6 +654,14 @@ func (s *k8sStore) syncIngress(ing *networkingv1beta1.Ingress) {
copyIng := &networkingv1beta1.Ingress{} copyIng := &networkingv1beta1.Ingress{}
ing.ObjectMeta.DeepCopyInto(&copyIng.ObjectMeta) ing.ObjectMeta.DeepCopyInto(&copyIng.ObjectMeta)
if s.backendConfig.AnnotationValueWordBlocklist != "" {
if err := checkBadAnnotationValue(copyIng.Annotations, s.backendConfig.AnnotationValueWordBlocklist); err != nil {
klog.Warningf("skipping ingress %s: %s", key, err)
return
}
}
ing.Spec.DeepCopyInto(&copyIng.Spec) ing.Spec.DeepCopyInto(&copyIng.Spec)
ing.Status.DeepCopyInto(&copyIng.Status) ing.Status.DeepCopyInto(&copyIng.Status)

12
internal/ingress/controller/template/template.go
View file

@ -62,6 +62,9 @@ const (
// Writer is the interface to render a template // Writer is the interface to render a template
type Writer interface { type Writer interface {
// Write renders the template.
// NOTE: Implementors must ensure that the content of the returned slice is not modified by the implementation
// after the return of this function.
Write(conf config.TemplateConfig) ([]byte, error) Write(conf config.TemplateConfig) ([]byte, error)
} }
@ -201,7 +204,12 @@ func (t *Template) Write(conf config.TemplateConfig) ([]byte, error) {
return nil, err return nil, err
} }
return outCmdBuf.Bytes(), nil // make a copy to ensure that we are no longer modifying the content of the buffer
out := outCmdBuf.Bytes()
res := make([]byte, len(out))
copy(res, out)
return res, nil
} }
var ( var (
@ -1103,7 +1111,7 @@ func buildOpentracing(c interface{}, s interface{}) string {
buf := bytes.NewBufferString("") buf := bytes.NewBufferString("")
if cfg.DatadogCollectorHost != "" { if cfg.DatadogCollectorHost != "" {
buf.WriteString("opentracing_load_tracer /usr/local/lib64/libdd_opentracing.so /etc/nginx/opentracing.json;") buf.WriteString("opentracing_load_tracer /usr/local/lib/libdd_opentracing.so /etc/nginx/opentracing.json;")
} else if cfg.ZipkinCollectorHost != "" { } else if cfg.ZipkinCollectorHost != "" {
buf.WriteString("opentracing_load_tracer /usr/local/lib/libzipkin_opentracing_plugin.so /etc/nginx/opentracing.json;") buf.WriteString("opentracing_load_tracer /usr/local/lib/libzipkin_opentracing_plugin.so /etc/nginx/opentracing.json;")
} else if cfg.JaegerCollectorHost != "" || cfg.JaegerEndpoint != "" { } else if cfg.JaegerCollectorHost != "" || cfg.JaegerEndpoint != "" {

4
internal/ingress/controller/template/template_test.go
View file

@ -1288,7 +1288,7 @@ func TestBuildOpenTracing(t *testing.T) {
EnableOpentracing: true, EnableOpentracing: true,
DatadogCollectorHost: "datadog-host.com", DatadogCollectorHost: "datadog-host.com",
} }
expected = "opentracing_load_tracer /usr/local/lib64/libdd_opentracing.so /etc/nginx/opentracing.json;\r\n" expected = "opentracing_load_tracer /usr/local/lib/libdd_opentracing.so /etc/nginx/opentracing.json;\r\n"
actual = buildOpentracing(cfgDatadog, []*ingress.Server{}) actual = buildOpentracing(cfgDatadog, []*ingress.Server{})
if expected != actual { if expected != actual {
@ -1312,7 +1312,7 @@ func TestBuildOpenTracing(t *testing.T) {
OpentracingOperationName: "my-operation-name", OpentracingOperationName: "my-operation-name",
OpentracingLocationOperationName: "my-location-operation-name", OpentracingLocationOperationName: "my-location-operation-name",
} }
expected = "opentracing_load_tracer /usr/local/lib64/libdd_opentracing.so /etc/nginx/opentracing.json;\r\n" expected = "opentracing_load_tracer /usr/local/lib/libdd_opentracing.so /etc/nginx/opentracing.json;\r\n"
expected += "opentracing_operation_name \"my-operation-name\";\n" expected += "opentracing_operation_name \"my-operation-name\";\n"
expected += "opentracing_location_operation_name \"my-location-operation-name\";\n" expected += "opentracing_location_operation_name \"my-location-operation-name\";\n"
actual = buildOpentracing(cfgOpenTracing, []*ingress.Server{}) actual = buildOpentracing(cfgOpenTracing, []*ingress.Server{})

15
internal/ingress/status/status.go
View file

@ -215,8 +215,21 @@ func (s *statusSync) runningAddresses() ([]string, error) {
} }
func (s *statusSync) isRunningMultiplePods() bool { func (s *statusSync) isRunningMultiplePods() bool {
// As a standard, app.kubernetes.io are "reserved well-known" labels.
// In our case, we add those labels as identifiers of the Ingress
// deployment in this namespace, so we can select it as a set of Ingress instances.
// As those labels are also generated as part of a HELM deployment, we can be "safe" they
// cover 95% of the cases
podLabel := make(map[string]string)
for k, v := range k8s.IngressPodDetails.Labels {
if k != "pod-template-hash" && k != "controller-revision-hash" && k != "pod-template-generation" {
podLabel[k] = v
}
}
pods, err := s.Client.CoreV1().Pods(k8s.IngressPodDetails.Namespace).List(context.TODO(), metav1.ListOptions{ pods, err := s.Client.CoreV1().Pods(k8s.IngressPodDetails.Namespace).List(context.TODO(), metav1.ListOptions{
LabelSelector: labels.SelectorFromSet(k8s.IngressPodDetails.Labels).String(), LabelSelector: labels.SelectorFromSet(podLabel).String(),
}) })
if err != nil { if err != nil {
return false return false

1
internal/ingress/zz_generated.deepcopy.go
View file

@ -1,3 +1,4 @@
//go:build !ignore_autogenerated
// +build !ignore_autogenerated // +build !ignore_autogenerated
/* /*

1
internal/k8s/zz_generated.deepcopy.go
View file

@ -1,3 +1,4 @@
//go:build !ignore_autogenerated
// +build !ignore_autogenerated // +build !ignore_autogenerated
/* /*

1
internal/runtime/cpu_linux.go
View file

@ -1,3 +1,4 @@
//go:build linux
// +build linux // +build linux
/* /*

1
internal/runtime/cpu_notlinux.go
View file

@ -1,3 +1,4 @@
//go:build !linux
// +build !linux // +build !linux
/* /*

2
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -429,7 +429,7 @@ http {
# turn on session caching to drastically improve performance # turn on session caching to drastically improve performance
{{ if $cfg.SSLSessionCache }} {{ if $cfg.SSLSessionCache }}
ssl_session_cache builtin:1000 shared:SSL:{{ $cfg.SSLSessionCacheSize }}; ssl_session_cache shared:SSL:{{ $cfg.SSLSessionCacheSize }};
ssl_session_timeout {{ $cfg.SSLSessionTimeout }}; ssl_session_timeout {{ $cfg.SSLSessionTimeout }};
{{ end }} {{ end }}

2
stable.txt
View file

@ -1 +1 @@
controller-v0.49.0 controller-v0.50.0

2
test/e2e-image/Dockerfile
View file

@ -1,4 +1,4 @@
FROM k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210810-g820a21a74@sha256:7d7393a8c6c72d76145282df53ea0679a5b769211fd1cd6b8910b6dda1bd986d AS BASE FROM k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210822-g5e5faa24d@sha256:55c568d9e35e15d94b3ab41fe549b8ee4cd910cc3e031ddcccd06256755c5d89 AS BASE
FROM alpine:3.12 FROM alpine:3.12

39
test/e2e/admission/admission.go
View file

@ -146,6 +146,34 @@ var _ = framework.IngressNginxDescribe("[Serial] admission controller", func() {
} }
}) })
ginkgo.It("should return an error if there is an invalid value in some annotation", func() {
host := "admission-test"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/connection-proxy-header": "a;}",
}
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "}")
firstIngress := framework.NewSingleIngress("first-ingress", "/", host, f.Namespace, framework.EchoService, 80, annotations)
_, err := f.KubeClientSet.NetworkingV1beta1().Ingresses(f.Namespace).Create(context.TODO(), firstIngress, metav1.CreateOptions{})
assert.NotNil(ginkgo.GinkgoT(), err, "creating an ingress with invalid annotation value should return an error")
})
ginkgo.It("should return an error if there is a forbidden value in some annotation", func() {
host := "admission-test"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/connection-proxy-header": "set_by_lua",
}
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "set_by_lua")
firstIngress := framework.NewSingleIngress("first-ingress", "/", host, f.Namespace, framework.EchoService, 80, annotations)
_, err := f.KubeClientSet.NetworkingV1beta1().Ingresses(f.Namespace).Create(context.TODO(), firstIngress, metav1.CreateOptions{})
assert.NotNil(ginkgo.GinkgoT(), err, "creating an ingress with invalid annotation value should return an error")
})
ginkgo.It("should not return an error if the Ingress V1 definition is valid", func() { ginkgo.It("should not return an error if the Ingress V1 definition is valid", func() {
if !f.IsIngressV1Ready { if !f.IsIngressV1Ready {
ginkgo.Skip("Test requires Kubernetes v1.19 or higher") ginkgo.Skip("Test requires Kubernetes v1.19 or higher")
@ -178,6 +206,17 @@ var _ = framework.IngressNginxDescribe("[Serial] admission controller", func() {
assert.NotNil(ginkgo.GinkgoT(), err, "creating an ingress with invalid configuration should return an error") assert.NotNil(ginkgo.GinkgoT(), err, "creating an ingress with invalid configuration should return an error")
} }
}) })
ginkgo.It("should return an error if there is an invalid value in some annotation", func() {
host := "admission-test"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/connection-proxy-header": "a;}",
}
firstIngress := framework.NewSingleIngress("first-ingress", "/", host, f.Namespace, framework.EchoService, 80, annotations)
_, err := f.KubeClientSet.NetworkingV1beta1().Ingresses(f.Namespace).Create(context.TODO(), firstIngress, metav1.CreateOptions{})
assert.NotNil(ginkgo.GinkgoT(), err, "creating an ingress with invalid annotation value should return an error")
})
}) })
func uninstallChart(f *framework.Framework) error { func uninstallChart(f *framework.Framework) error {

5
test/e2e/annotations/globalratelimit.go
View file

@ -40,6 +40,11 @@ var _ = framework.DescribeAnnotation("annotation-global-rate-limit", func() {
annotations["nginx.ingress.kubernetes.io/global-rate-limit"] = "5" annotations["nginx.ingress.kubernetes.io/global-rate-limit"] = "5"
annotations["nginx.ingress.kubernetes.io/global-rate-limit-window"] = "2m" annotations["nginx.ingress.kubernetes.io/global-rate-limit-window"] = "2m"
// We need to allow { and } characters for this annotation to work
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "load_module, lua_package, _by_lua, location, root")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
ing = f.EnsureIngress(ing) ing = f.EnsureIngress(ing)
namespace := strings.Replace(string(ing.UID), "-", "", -1) namespace := strings.Replace(string(ing.UID), "-", "", -1)

60
test/e2e/annotations/modsecurity.go
View file

@ -165,7 +165,9 @@ var _ = framework.DescribeAnnotation("modsecurity owasp", func() {
"nginx.ingress.kubernetes.io/enable-modsecurity": "true", "nginx.ingress.kubernetes.io/enable-modsecurity": "true",
"nginx.ingress.kubernetes.io/modsecurity-snippet": snippet, "nginx.ingress.kubernetes.io/modsecurity-snippet": snippet,
} }
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "load_module, lua_package, _by_lua, location, root, {, }")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing) f.EnsureIngress(ing)
@ -198,7 +200,9 @@ var _ = framework.DescribeAnnotation("modsecurity owasp", func() {
annotations := map[string]string{ annotations := map[string]string{
"nginx.ingress.kubernetes.io/modsecurity-snippet": snippet, "nginx.ingress.kubernetes.io/modsecurity-snippet": snippet,
} }
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "load_module, lua_package, _by_lua, location, root, {, }")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing) f.EnsureIngress(ing)
@ -232,7 +236,9 @@ var _ = framework.DescribeAnnotation("modsecurity owasp", func() {
annotations := map[string]string{ annotations := map[string]string{
"nginx.ingress.kubernetes.io/modsecurity-snippet": snippet, "nginx.ingress.kubernetes.io/modsecurity-snippet": snippet,
} }
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "load_module, lua_package, _by_lua, location, root, {, }")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing) f.EnsureIngress(ing)
@ -268,7 +274,9 @@ var _ = framework.DescribeAnnotation("modsecurity owasp", func() {
annotations := map[string]string{ annotations := map[string]string{
"nginx.ingress.kubernetes.io/modsecurity-snippet": snippet, "nginx.ingress.kubernetes.io/modsecurity-snippet": snippet,
} }
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "load_module, lua_package, _by_lua, location, root, {, }")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing) f.EnsureIngress(ing)
@ -282,7 +290,7 @@ var _ = framework.DescribeAnnotation("modsecurity owasp", func() {
f.WaitForNginxServer(host, f.WaitForNginxServer(host,
func(server string) bool { func(server string) bool {
return true return strings.Contains(server, "SecRequestBodyAccess On")
}) })
f.HTTPTestClient(). f.HTTPTestClient().
@ -292,4 +300,46 @@ var _ = framework.DescribeAnnotation("modsecurity owasp", func() {
Expect(). Expect().
Status(http.StatusForbidden) Status(http.StatusForbidden)
}) })
ginkgo.It("should enable modsecurity through the config map but ignore snippet as disabled by admin", func() {
host := "modsecurity.foo.com"
nameSpace := f.Namespace
snippet := `SecRequestBodyAccess On
SecAuditEngine RelevantOnly
SecAuditLogParts ABIJDEFHZ
SecAuditLog /dev/stdout
SecAuditLogType Serial
SecRule REQUEST_HEADERS:User-Agent \"block-ua\" \"log,deny,id:107,status:403,msg:\'UA blocked\'\"`
annotations := map[string]string{
"nginx.ingress.kubernetes.io/modsecurity-snippet": snippet,
}
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "load_module, lua_package, _by_lua, location, root, {, }")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
ing := framework.NewSingleIngress(host, "/", host, nameSpace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing)
expectedComment := "SecRuleEngine On"
f.SetNginxConfigMapData(map[string]string{
"enable-modsecurity": "true",
"enable-owasp-modsecurity-crs": "true",
"allow-snippet-annotations": "false",
"modsecurity-snippet": expectedComment,
})
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, "block-ua")
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
WithHeader("User-Agent", "block-ua").
Expect().
Status(http.StatusOK)
})
}) })

51
test/e2e/annotations/serversnippet.go
View file

@ -17,6 +17,7 @@ limitations under the License.
package annotations package annotations
import ( import (
"net/http"
"strings" "strings"
"github.com/onsi/ginkgo" "github.com/onsi/ginkgo"
@ -35,8 +36,8 @@ var _ = framework.DescribeAnnotation("server-snippet", func() {
host := "serversnippet.foo.com" host := "serversnippet.foo.com"
annotations := map[string]string{ annotations := map[string]string{
"nginx.ingress.kubernetes.io/server-snippet": ` "nginx.ingress.kubernetes.io/server-snippet": `
more_set_headers "Content-Length: $content_length"; more_set_headers "Foo: Bar";
more_set_headers "Content-Type: $content_type";`, more_set_headers "Xpto: Lalala";`,
} }
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
@ -44,8 +45,50 @@ var _ = framework.DescribeAnnotation("server-snippet", func() {
f.WaitForNginxServer(host, f.WaitForNginxServer(host,
func(server string) bool { func(server string) bool {
return strings.Contains(server, `more_set_headers "Content-Length: $content_length`) && return strings.Contains(server, `more_set_headers "Foo: Bar`) &&
strings.Contains(server, `more_set_headers "Content-Type: $content_type";`) strings.Contains(server, `more_set_headers "Xpto: Lalala";`)
}) })
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).Headers().
ValueEqual("Foo", []string{"Bar"}).
ValueEqual("Xpto", []string{"Lalala"})
})
ginkgo.It(`drops server snippet if disabled by the administrator`, func() {
host := "noserversnippet.foo.com"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/server-snippet": `
more_set_headers "Foo: Bar";
more_set_headers "Xpto: Lalala";`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.UpdateNginxConfigMapData("allow-snippet-annotations", "false")
defer func() {
// Return to the original value
f.UpdateNginxConfigMapData("allow-snippet-annotations", "true")
}()
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, `more_set_headers "Foo: Bar`) &&
!strings.Contains(server, `more_set_headers "Xpto: Lalala";`)
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).Headers().
NotContainsKey("Foo").
NotContainsKey("Xpto")
}) })
}) })

44
test/e2e/annotations/snippet.go
View file

@ -17,6 +17,7 @@ limitations under the License.
package annotations package annotations
import ( import (
"net/http"
"strings" "strings"
"github.com/onsi/ginkgo" "github.com/onsi/ginkgo"
@ -31,11 +32,11 @@ var _ = framework.DescribeAnnotation("configuration-snippet", func() {
f.NewEchoDeployment() f.NewEchoDeployment()
}) })
ginkgo.It(`set snippet "more_set_headers "Request-Id: $req_id";" in all locations"`, func() { ginkgo.It(`set snippet "more_set_headers "Foo1: Bar1";" in all locations"`, func() {
host := "configurationsnippet.foo.com" host := "configurationsnippet.foo.com"
annotations := map[string]string{ annotations := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": ` "nginx.ingress.kubernetes.io/configuration-snippet": `
more_set_headers "Request-Id: $req_id";`, more_set_headers "Foo1: Bar1";`,
} }
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
@ -43,7 +44,44 @@ var _ = framework.DescribeAnnotation("configuration-snippet", func() {
f.WaitForNginxServer(host, f.WaitForNginxServer(host,
func(server string) bool { func(server string) bool {
return strings.Contains(server, `more_set_headers "Request-Id: $req_id";`) return strings.Contains(server, `more_set_headers "Foo1: Bar1";`)
}) })
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).Headers().
ValueEqual("Foo1", []string{"Bar1"})
})
ginkgo.It(`drops snippet "more_set_headers "Foo1: Bar1";" in all locations if disabled by admin"`, func() {
host := "noconfigurationsnippet.foo.com"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `
more_set_headers "Foo1: Bar1";`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.UpdateNginxConfigMapData("allow-snippet-annotations", "false")
defer func() {
// Return to the original value
f.UpdateNginxConfigMapData("allow-snippet-annotations", "true")
}()
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, `more_set_headers "Foo1: Bar1";`)
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).Headers().
NotContainsKey("Foo1")
}) })
}) })

2
test/e2e/framework/deployment.go
View file

@ -38,7 +38,7 @@ const SlowEchoService = "slow-echo"
const HTTPBinService = "httpbin" const HTTPBinService = "httpbin"
// NginxBaseImage use for testing // NginxBaseImage use for testing
const NginxBaseImage = "k8s.gcr.io/ingress-nginx/nginx:v20210809-g98288bc3c@sha256:f9363669cf26514c9548c1fe4f8f4e2f58dfb76616bcd638a0ff7f0ec3457c17" const NginxBaseImage = "k8s.gcr.io/ingress-nginx/nginx:v20210926-g5662db450@sha256:1ef404b5e8741fe49605a1f40c3fdd8ef657aecdb9526ea979d1672eeabd0cd9"
// NewEchoDeployment creates a new single replica deployment of the echoserver image in a particular namespace // NewEchoDeployment creates a new single replica deployment of the echoserver image in a particular namespace
func (f *Framework) NewEchoDeployment() { func (f *Framework) NewEchoDeployment() {

2
test/e2e/framework/util.go
View file

@ -38,7 +38,7 @@ const (
Poll = 2 * time.Second Poll = 2 * time.Second
// DefaultTimeout time to wait for operations to complete // DefaultTimeout time to wait for operations to complete
DefaultTimeout = 5 * time.Minute DefaultTimeout = 90 * time.Second
) )
func nowStamp() string { func nowStamp() string {

18
test/e2e/ingress/pathtype_mixed.go
View file

@ -44,14 +44,14 @@ var _ = framework.IngressNginxDescribe("[Ingress] [PathType] mix Exact and Prefi
host := "mixed.path" host := "mixed.path"
annotations := map[string]string{ annotations := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: exact";more_set_input_headers "pathlocation: /";`, "nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: exact";more_set_input_headers "pathheader: /";`,
} }
ing := framework.NewSingleIngress("exact-root", "/", host, f.Namespace, framework.EchoService, 80, annotations) ing := framework.NewSingleIngress("exact-root", "/", host, f.Namespace, framework.EchoService, 80, annotations)
ing.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].PathType = &exactPathType ing.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].PathType = &exactPathType
f.EnsureIngress(ing) f.EnsureIngress(ing)
annotations = map[string]string{ annotations = map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: prefix";more_set_input_headers "pathlocation: /";`, "nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: prefix";more_set_input_headers "pathheader: /";`,
} }
ing = framework.NewSingleIngress("prefix-root", "/", host, f.Namespace, framework.EchoService, 80, annotations) ing = framework.NewSingleIngress("prefix-root", "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing) f.EnsureIngress(ing)
@ -74,7 +74,7 @@ var _ = framework.IngressNginxDescribe("[Ingress] [PathType] mix Exact and Prefi
assert.NotContains(ginkgo.GinkgoT(), body, "pathtype=prefix") assert.NotContains(ginkgo.GinkgoT(), body, "pathtype=prefix")
assert.Contains(ginkgo.GinkgoT(), body, "pathtype=exact") assert.Contains(ginkgo.GinkgoT(), body, "pathtype=exact")
assert.Contains(ginkgo.GinkgoT(), body, "pathlocation=/") assert.Contains(ginkgo.GinkgoT(), body, "pathheader=/")
ginkgo.By("Checking prefix request to /bar") ginkgo.By("Checking prefix request to /bar")
body = f.HTTPTestClient(). body = f.HTTPTestClient().
@ -87,17 +87,17 @@ var _ = framework.IngressNginxDescribe("[Ingress] [PathType] mix Exact and Prefi
assert.Contains(ginkgo.GinkgoT(), body, "pathtype=prefix") assert.Contains(ginkgo.GinkgoT(), body, "pathtype=prefix")
assert.NotContains(ginkgo.GinkgoT(), body, "pathtype=exact") assert.NotContains(ginkgo.GinkgoT(), body, "pathtype=exact")
assert.Contains(ginkgo.GinkgoT(), body, "pathlocation=/") assert.Contains(ginkgo.GinkgoT(), body, "pathheader=/")
annotations = map[string]string{ annotations = map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: exact";more_set_input_headers "pathlocation: /foo";`, "nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: exact";more_set_input_headers "pathheader: /foo";`,
} }
ing = framework.NewSingleIngress("exact-foo", "/foo", host, f.Namespace, framework.EchoService, 80, annotations) ing = framework.NewSingleIngress("exact-foo", "/foo", host, f.Namespace, framework.EchoService, 80, annotations)
ing.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].PathType = &exactPathType ing.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].PathType = &exactPathType
f.EnsureIngress(ing) f.EnsureIngress(ing)
annotations = map[string]string{ annotations = map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: prefix";more_set_input_headers "pathlocation: /foo";`, "nginx.ingress.kubernetes.io/configuration-snippet": `more_set_input_headers "pathType: prefix";more_set_input_headers "pathheader: /foo";`,
} }
ing = framework.NewSingleIngress("prefix-foo", "/foo", host, f.Namespace, framework.EchoService, 80, annotations) ing = framework.NewSingleIngress("prefix-foo", "/foo", host, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing) f.EnsureIngress(ing)
@ -120,7 +120,7 @@ var _ = framework.IngressNginxDescribe("[Ingress] [PathType] mix Exact and Prefi
assert.NotContains(ginkgo.GinkgoT(), body, "pathtype=prefix") assert.NotContains(ginkgo.GinkgoT(), body, "pathtype=prefix")
assert.Contains(ginkgo.GinkgoT(), body, "pathtype=exact") assert.Contains(ginkgo.GinkgoT(), body, "pathtype=exact")
assert.Contains(ginkgo.GinkgoT(), body, "pathlocation=/foo") assert.Contains(ginkgo.GinkgoT(), body, "pathheader=/foo")
ginkgo.By("Checking prefix request to /foo/bar") ginkgo.By("Checking prefix request to /foo/bar")
body = f.HTTPTestClient(). body = f.HTTPTestClient().
@ -132,7 +132,7 @@ var _ = framework.IngressNginxDescribe("[Ingress] [PathType] mix Exact and Prefi
Raw() Raw()
assert.Contains(ginkgo.GinkgoT(), body, "pathtype=prefix") assert.Contains(ginkgo.GinkgoT(), body, "pathtype=prefix")
assert.Contains(ginkgo.GinkgoT(), body, "pathlocation=/foo") assert.Contains(ginkgo.GinkgoT(), body, "pathheader=/foo")
ginkgo.By("Checking prefix request to /foobar") ginkgo.By("Checking prefix request to /foobar")
body = f.HTTPTestClient(). body = f.HTTPTestClient().
@ -144,6 +144,6 @@ var _ = framework.IngressNginxDescribe("[Ingress] [PathType] mix Exact and Prefi
Raw() Raw()
assert.Contains(ginkgo.GinkgoT(), body, "pathtype=prefix") assert.Contains(ginkgo.GinkgoT(), body, "pathtype=prefix")
assert.Contains(ginkgo.GinkgoT(), body, "pathlocation=/") assert.Contains(ginkgo.GinkgoT(), body, "pathheader=/")
}) })
}) })

164
test/e2e/settings/badannotationvalues.go Normal file
View file

@ -0,0 +1,164 @@
/*
Copyright 2021 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package settings
import (
"fmt"
"net/http"
"strings"
"github.com/onsi/ginkgo"
"k8s.io/ingress-nginx/test/e2e/framework"
)
var _ = framework.DescribeAnnotation("Bad annotation values", func() {
f := framework.NewDefaultFramework("bad-annotation")
ginkgo.BeforeEach(func() {
f.NewEchoDeployment()
})
ginkgo.It("[BAD_ANNOTATIONS] should drop an ingress if there is an invalid character in some annotation", func() {
host := "invalid-value-test"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `
# abc { }`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.UpdateNginxConfigMapData("allow-snippet-annotations", "true")
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "something_forbidden,otherthing_forbidden,{")
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, fmt.Sprintf("server_name %s ;", host))
})
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, "# abc { }")
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusNotFound)
})
ginkgo.It("[BAD_ANNOTATIONS] should drop an ingress if there is a forbidden word in some annotation", func() {
host := "forbidden-value-test"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `
default_type text/plain;
content_by_lua_block {
ngx.say("Hello World")
}`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.UpdateNginxConfigMapData("allow-snippet-annotations", "true")
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "something_forbidden,otherthing_forbidden,content_by_lua_block")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, fmt.Sprintf("server_name %s ;", host))
})
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, `ngx.say("Hello World")`)
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusNotFound)
})
ginkgo.It("[BAD_ANNOTATIONS] should allow an ingress if there is a default blocklist config in place", func() {
hostValid := "custom-allowed-value-test"
annotationsValid := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `
# bla_by_lua`,
}
ingValid := framework.NewSingleIngress(hostValid, "/", hostValid, f.Namespace, framework.EchoService, 80, annotationsValid)
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.EnsureIngress(ingValid)
f.WaitForNginxServer(hostValid,
func(server string) bool {
return strings.Contains(server, fmt.Sprintf("server_name %s ;", hostValid))
})
f.WaitForNginxServer(hostValid,
func(server string) bool {
return strings.Contains(server, "# bla_by_lua")
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", hostValid).
Expect().
Status(http.StatusOK)
})
ginkgo.It("[BAD_ANNOTATIONS] should drop an ingress if there is a custom blocklist config in place and allow others to pass", func() {
host := "custom-forbidden-value-test"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/configuration-snippet": `
# something_forbidden`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.UpdateNginxConfigMapData("annotation-value-word-blocklist", "something_forbidden,otherthing_forbidden")
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, fmt.Sprintf("server_name %s ;", host))
})
f.WaitForNginxServer(host,
func(server string) bool {
return !strings.Contains(server, "# something_forbidden")
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusNotFound)
})
})

149
test/e2e/settings/server_snippet.go Normal file
View file

@ -0,0 +1,149 @@
/*
Copyright 2021 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package settings
import (
"net/http"
"strings"
"github.com/onsi/ginkgo"
"k8s.io/ingress-nginx/test/e2e/framework"
)
var _ = framework.DescribeSetting("configmap server-snippet", func() {
f := framework.NewDefaultFramework("cm-server-snippet")
ginkgo.BeforeEach(func() {
f.NewEchoDeployment()
})
ginkgo.It("should add value of server-snippet setting to all ingress config", func() {
host := "serverglobalsnippet1.foo.com"
hostAnnots := "serverannotssnippet1.foo.com"
f.SetNginxConfigMapData(map[string]string{
"server-snippet": `
more_set_headers "Globalfoo: Foooo";`,
})
annotations := map[string]string{
"nginx.ingress.kubernetes.io/server-snippet": `
more_set_headers "Foo: Bar";
more_set_headers "Xpto: Lalala";`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, nil)
f.EnsureIngress(ing)
ing1 := framework.NewSingleIngress(hostAnnots, "/", hostAnnots, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing1)
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, `more_set_headers "Globalfoo: Foooo`) &&
!strings.Contains(server, `more_set_headers "Foo: Bar";`) &&
!strings.Contains(server, `more_set_headers "Xpto: Lalala";`)
})
f.WaitForNginxServer(hostAnnots,
func(server string) bool {
return strings.Contains(server, `more_set_headers "Globalfoo: Foooo`) &&
strings.Contains(server, `more_set_headers "Foo: Bar";`) &&
strings.Contains(server, `more_set_headers "Xpto: Lalala";`)
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).Headers().
ValueEqual("Globalfoo", []string{"Foooo"}).
NotContainsKey("Foo").
NotContainsKey("Xpto")
f.HTTPTestClient().
GET("/").
WithHeader("Host", hostAnnots).
Expect().
Status(http.StatusOK).Headers().
ValueEqual("Foo", []string{"Bar"}).
ValueEqual("Xpto", []string{"Lalala"}).
ValueEqual("Globalfoo", []string{"Foooo"})
})
ginkgo.It("should add global server-snippet and drop annotations per admin config", func() {
host := "serverglobalsnippet2.foo.com"
hostAnnots := "serverannotssnippet2.foo.com"
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "false",
"server-snippet": `
more_set_headers "Globalfoo: Foooo";`,
})
annotations := map[string]string{
"nginx.ingress.kubernetes.io/server-snippet": `
more_set_headers "Foo: Bar";
more_set_headers "Xpto: Lalala";`,
}
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, nil)
f.EnsureIngress(ing)
ing1 := framework.NewSingleIngress(hostAnnots, "/", hostAnnots, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing1)
// Sleep a while just to guarantee that the configmap is applied
framework.Sleep()
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, `more_set_headers "Globalfoo: Foooo`) &&
!strings.Contains(server, `more_set_headers "Foo: Bar";`) &&
!strings.Contains(server, `more_set_headers "Xpto: Lalala";`)
})
f.WaitForNginxServer(hostAnnots,
func(server string) bool {
return strings.Contains(server, `more_set_headers "Globalfoo: Foooo`) &&
!strings.Contains(server, `more_set_headers "Foo: Bar";`) &&
!strings.Contains(server, `more_set_headers "Xpto: Lalala";`)
})
f.HTTPTestClient().
GET("/").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).Headers().
ValueEqual("Globalfoo", []string{"Foooo"}).
NotContainsKey("Foo").
NotContainsKey("Xpto")
f.HTTPTestClient().
GET("/").
WithHeader("Host", hostAnnots).
Expect().
Status(http.StatusOK).Headers().
ValueEqual("Globalfoo", []string{"Foooo"}).
NotContainsKey("Foo").
NotContainsKey("Xpto")
})
})