e050ff1b9f
disable session tickets by default
2020-09-18 00:08:00 -04:00
d280a344c4
inspect symlinks to auto-reload k8s secrets
2020-09-17 16:11:33 -04:00
87aa96b468
Change server-tokens default value to false
2020-09-17 09:52:07 -03:00
38fc35f206
Add validation support for networking.k8s.io/v1
2020-09-17 08:57:41 -03:00
e659efbfdb
Use dynamic load of modules
2020-09-10 11:39:35 -03:00
91c6d1a081
Merge pull request #6150 from timmysilv/master
...
Reject ingresses that use the default annotation if a custom one was provided
2020-09-10 07:11:45 -07:00
9612180f6e
reject annotations with default prefix in the case of an override
2020-09-10 09:16:44 -04:00
b1c64fa822
Merge pull request #6101 from GianOrtiz/burst
...
Add annotation to set value for burst multiplier on rate limit
2020-09-10 05:09:45 -07:00
b26ebb0050
Update default gzip level
2020-09-08 17:23:47 -03:00
d13fdf01f6
Update zipkin library location
2020-09-08 16:20:03 -03:00
0925f20d05
Refactor load of tracer load
2020-09-08 16:20:03 -03:00
8abe794178
Use net.JoinHostPort to avoid IPV6 issues
2020-09-02 22:58:51 -04:00
b1f0d28634
Require Kubernetes v1.14 or higher and deprecate extensions
2020-09-02 10:00:16 -04:00
3820aa416b
Add annotation to set value for burst multiplier on rate limit
2020-08-30 19:43:08 -03:00
32b8a3a473
Return unique addresses from service
2020-08-30 23:13:59 +02:00
a981862ff2
Fix nginx command env variable reference
2020-08-09 12:06:11 -04:00
cb86c5698c
Migrate to klog v2
2020-08-08 21:01:03 -04:00
c500bd4b3f
Merge pull request #4139 from choffmeister/fix/collect-metrics-if-metrics-per-host-false
...
Always collect metrics when --metrics-per-host=false
2020-08-08 12:02:19 -07:00
7d82903ce9
Fix panic in ingress class validation
...
If an ingress had no class annotation, nor IngressClassName at all, and an IngressClass resource was created for the ingress-nginx there was a panic when the controller tried to check the IngressClassName of the Ingress.
2020-08-07 17:09:14 +00:00
094967cfd9
bump fsnotify to v1.4.9
...
migrate gopkg.in/fsnotify/fsnotify.v1 to github.com/fsnotify/fsnotify
2020-07-31 02:14:03 +09:00
f3537204d2
Adding Zipkin collector to the E2E opentracing test as it is required to load at least one tracer to enable opentracing
...
Work on PR comments
Add tests for template builder
Signed-off-by: Bernard Van De Walle <bernard.vandewalle@getcruise.com>
2020-07-23 15:25:50 -07:00
2baca9e32a
Merge branch 'add-opentracing-operation-name-settings' of https://github.com/JorritSalverda/ingress-nginx into add-opentracing-operation-name-settings
2020-07-23 11:42:44 -07:00
e825af86e1
Merge pull request #5887 from dschwar/force-use-forwarded-for
...
Add force-enable-realip-module
2020-07-17 07:17:02 -07:00
d52141c2b9
Add enable-real-ip
2020-07-15 15:25:29 -04:00
dc3876666b
Revert "use-regex annotation should be applied to only one Location"
...
This reverts commit a8a8b5f6e9
2020-07-15 11:20:47 -04:00
e4c4edd626
Custom default backend service must have ports
2020-07-07 08:49:13 -04:00
a8a8b5f6e9
use-regex annotation should be applied to only one Location
2020-07-06 19:29:39 -04:00
8557677a5e
fix json tag for SSLPreferServerCiphers
...
related https://github.com/kubernetes/ingress-nginx/pull/5534
2020-07-06 23:45:36 +09:00
c0629e92c2
Add proxy-ssl-server-name to enable passing SNI
2020-07-03 14:14:32 +08:00
38447408e1
Remove redundant health check to avoid liveness or readiness timeout
2020-07-01 10:53:31 +08:00
14acc186f0
Update comment about restart of pod
2020-06-24 11:35:37 -04:00
d3832915e1
Merge pull request #5743 from kulong0105/master
...
build/dev-env.sh: remove docker version check
2020-06-23 14:39:17 -07:00
714637bec5
build/dev-env.sh: remove docker version check
...
docker experimental feature is unnecessary, so just remove it
2020-06-23 15:37:41 +08:00
803a76cf8a
Merge pull request #5749 from Bo0km4n/feat-configurable-max-batch-size
...
[Fix/metrics] Be configurable max batch size of metrics
2020-06-22 22:07:40 -07:00
f232a264ab
Add default-type as a configurable for default_type
2020-06-21 11:10:51 +08:00
7ab0916c92
Resolve conflicts
2020-06-20 17:13:31 +09:00
53a6b0fd3b
Configurable metrics max batch size
2020-06-20 15:58:14 +09:00
832c4e800f
Merge pull request #5702 from sylr/filter-tiller-configmaps
...
Filter out objects that belong to Helm
2020-06-13 11:57:56 -07:00
c0ae83f891
Use build tags to make it compile on non linux platforms
...
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
2020-06-11 21:50:03 +02:00
c9cb3dd626
Filter out objects that belong to Helm
...
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
2020-06-11 19:18:56 +02:00
3d3efaab29
Fix proxy_protocol duplication in listen definition
2020-06-09 15:00:59 -04:00
fc1c043437
Add http-access-log-path and stream-access-log-path options in configMap
2020-06-05 01:27:26 +08:00
d061375afa
Merge pull request #5571 from agile6v/dev
...
feat: support the combination of Nginx variables for annotation upstream-hash-by.
2020-06-01 15:10:14 -07:00
ea85404acd
Do not reload NGINX if master process dies
2020-06-01 16:00:29 -04:00
c035a144f8
Support the combination of nginx variables and text value for annotation upstream-hash-by.
2020-06-01 06:37:41 +08:00
ee02d897d5
Merge pull request #5534 from agile6v/master
...
Add annotation ssl-prefer-server-ciphers.
2020-05-29 08:35:16 -07:00
0e79ad8e4f
Update unit & e2e tests.
2020-05-21 02:19:13 +08:00
2e4c8233d5
Merge pull request #5522 from kevinfrommelt/remove-duplicate-annotation-parse
...
Remove duplicate annotation parsing for annotationAffinityCookieChangeOnFailure
2020-05-13 17:06:22 -07:00
bced1ed8b8
Ability to separately disable access log in http and stream contexts
...
Two new configuration options:
`disable-http-access-log`
`disable-stream-access-log`
Should resolve issue with enormous amount of `TCP 200` useless entries in logs
Signed-off-by: Andrey Voronkov <voronkovaa@gmail.com>
2020-05-13 21:23:37 +03:00
46cca5ad40
Fix error setting $service_name NGINX variable
2020-05-13 10:01:41 -04:00
38f99cefb2
Update testcase for sslCipher.
2020-05-13 11:03:15 +08:00
38a8556c4f
Add comments for sslcipher.Config struct.
2020-05-13 10:40:56 +08:00
41d82005ec
Add annotation ssl-prefer-server-ciphers.
2020-05-11 16:31:08 +08:00
e775495a56
Remove duplicate Cookie.ChangeOnFailure assertion
2020-05-08 13:51:14 -05:00
3c5e3eda7b
Remove duplicate annotation parsing for annotationAffinityCookieChangeOnFailure
2020-05-08 09:14:10 -05:00
639a8c7871
Enable TLSv1.3 by default
...
Fix for 049b25e566
2020-05-08 12:40:11 +02:00
ef75a2d6fc
Merge remote-tracking branch 'upstream/master' into fix/collect-metrics-if-metrics-per-host-false
2020-05-01 14:57:00 +02:00
a8c7ec6cfb
Changes on services must trigger a sync event
2020-04-29 13:37:39 -04:00
af910a16d4
Refactor ingress validation in webhook
2020-04-28 18:35:03 -04:00
c775b439dc
Case-insensitive TLS host matching
2020-04-28 11:07:43 +02:00
dbaefc8ee9
Ensure webhook validation ingress has a PathTypePrefix
2020-04-27 10:37:26 -04:00
a95d850384
Add support for PathTypeExact
2020-04-23 11:12:37 -04:00
efbb3f9fc8
Add support for IngressClass and ingress.class annotation
2020-04-22 09:15:32 -04:00
ecc20461aa
Removed wrong code
2020-04-20 12:30:18 -04:00
5b8d4baf5c
Merge pull request #5388 from rvillablanca/rm-todos
...
Remove TODO that were done
2020-04-17 19:59:35 -07:00
d18fa90cfd
Add e2e test for OCSP and new configmap setting
2020-04-17 12:53:47 -04:00
dc1adaec6b
Remove TODO that were done
2020-04-17 03:37:37 -04:00
1dab12fb81
Lua OCSP stapling
2020-04-16 21:29:16 -04:00
ad04fbe8b5
Cleanup parsing of annotations with lists
2020-04-13 17:02:31 -04:00
c0db19b0ec
Enable configuration of plugins using configmap
2020-04-13 11:38:42 -04:00
ae88a7d2a8
remove unused test and function
2020-04-08 19:37:23 +03:00
01351a6bf8
remove unused test and function
2020-04-08 19:37:15 +03:00
5390ce4879
Fix definition order of modsecurity directives
2020-04-03 10:53:20 -03:00
51f0ef052b
Set new default PathType to prefix
2020-04-01 10:05:48 -03:00
1216ed03f7
Fix condition in server-alias annotation
2020-04-01 08:37:14 -03:00
04ef782c57
Migrate ingress.class annotation to new IngressClassName field
2020-03-31 12:20:01 -03:00
a46126a034
Update client-go methods to support context and and new create and delete options
2020-03-27 19:52:51 -03:00
380ef3a92c
Fix the ability to disable ModSecurity at location level
...
- Adds 'modsecurity off;' to the nginx config if the
'enable-modsecurity' annotation is set to false.
- Update tests and e2e tests accordingly
Signed-off-by: Bhavin Gandhi <bhavin7392@gmail.com>
2020-03-22 23:51:02 +05:30
07b70f68bd
Redirect for app-root should preserve current scheme ( #5266 )
2020-03-19 15:49:18 -03:00
78576a9bbc
Add Maxmind Editions support
2020-03-19 19:36:10 +07:00
19770f5b41
Merge remote-tracking branch 'base/master' into fix/collect-metrics-if-metrics-per-host-false
2020-03-13 07:17:49 +01:00
96327b12cd
Fix $service_name and $service_port variables values without host ( #5226 )
2020-03-07 23:06:03 -03:00
ad460e16ce
Avoid secret without tls.crt and tls.key but a valid ca.crt ( #5225 )
2020-03-07 21:15:24 -03:00
ed30be05bc
Fix quote function in template to render pointers properly
2020-03-05 16:45:27 +04:00
0ab2e72e95
Doesn't fail if proxy-ssl-name annotation is not specified
2020-02-25 13:32:14 +01:00
141ea59b7f
Allows overriding the server name used to verify the certificate of the proxied HTTPS server
2020-02-25 13:32:14 +01:00
35264d6e8f
Merge pull request #5114 from whalecold/match
...
Feat: add header-pattern annotation.
2020-02-24 17:07:36 -08:00
6cd223558f
Merge pull request #4981 from janosi/proxy-ssl-scope
...
Applying proxy-ssl-* directives on locations only
2020-02-24 15:53:36 -08:00
07686f894a
Check there is a difference in the template besides the checksum ( #5151 )
2020-02-21 16:41:03 -03:00
c5db20ace4
Update default VariablesHashBucketSize value to 256 ( #5150 )
2020-02-21 16:01:33 -03:00
cd94ac7f84
Allow service type ExternalName with different port and targetPort ( #5141 )
2020-02-20 23:06:05 -03:00
0b33650bb8
Feat: canary supports using specific match strategy to match header value.
2020-02-21 10:02:20 +08:00
37c24b0df5
Migration e2e installation to helm ( #5086 )
2020-02-16 11:58:37 -03:00
d48d5a61ae
Add gzip-min-length as a configurable
2020-02-14 13:29:51 +07:00
281139d1a7
Only set mirror source when a target is configured ( #5055 )
2020-02-11 13:48:42 -03:00
77586dd83b
Validation of header in authreq should be done only in the key ( #5053 )
2020-02-11 10:30:14 -03:00
42ec2cc0ed
Change the handling of ConfigMap creation
...
When a new CM is created Ingress definitions are checked for reference to the new CM an Ingress sync is triggered if such reference is found.
2020-02-11 11:00:48 +01:00
2c5819e1b3
Add flag to allow custom ingress status update intervals ( #5050 )
2020-02-10 16:52:50 -03:00
46a3e0a6fd
Fix X-Forwarded-Proto based on proxy-protocol server port
2020-02-10 18:08:34 +03:00
d0423c6d4f
Update code to use pault.ag/go/sniff package ( #5038 )
...
* Update code to use pault.ag/go/sniff package
* Update go dependencies
2020-02-07 12:27:43 -03:00
Elvin Efendi
Julien Laffaye
Manuel Alejandro de Brito Fontes
Kubernetes Prow Robot
Matthew Silverman
Gian Ortz
hazim1093
Laszlo Janosi
Mitsuo Heijo
Bernard Van De Walle
David Schwartz
Zhongcheng Lao
agile6v
Yilong Ren
mengqi.wmq
Bo0km4n
Sylvain Rabot
Andrey Voronkov
Kevin Frommelt
Mark Janssen
Christian Hoffmeister
Andreas Sommer
Rodrigo Villablanca
Artem Miroshnychenko
Bhavin Gandhi
Maxim Pogozhiy
m.nabokikh
schaefec
Lisheng Zheng
Daniel Arifin
Ilya Nemakov