kubernetes
/
ingress-nginx
mirror of https://github.com/kubernetes/ingress-nginx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,725 Commits 4 Branches 245 Tags 173 MiB
Commit Graph

574 Commits

Author SHA1 Message Date
Daniel Arifin d48d5a61ae Add gzip-min-length as a configurable 2020-02-14 13:29:51 +07:00
Laszlo Janosi 42ec2cc0ed Change the handling of ConfigMap creation 
When a new CM is created Ingress definitions are checked for reference to the new CM an Ingress sync is triggered if such reference is found.
 2020-02-11 11:00:48 +01:00
Ilya Nemakov 46a3e0a6fd Fix X-Forwarded-Proto based on proxy-protocol server port 2020-02-10 18:08:34 +03:00
Manuel Alejandro de Brito Fontes d0423c6d4f
Update code to use pault.ag/go/sniff package (#5038) 
* Update code to use pault.ag/go/sniff package

* Update go dependencies
 2020-02-07 12:27:43 -03:00
Manuel Alejandro de Brito Fontes b3146354d4 Refactor mirror feature 2020-02-05 10:39:55 -03:00
Manuel Alejandro de Brito Fontes b9e944a8a6
Move mod-security logic from template to go code (#5009) 2020-02-04 14:04:11 -03:00
Manuel Alejandro de Brito Fontes 54c30b91c9
Fix server aliases (#5003) 2020-02-02 19:08:55 -03:00
Manuel Alejandro de Brito Fontes 5d6f09fbcd
Calculation algorithm for server_names_hash_bucket_size should consider annotations (#4993) 2020-01-31 13:01:28 -03:00
Brian Kopp 1b523390bb Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility 2020-01-29 14:30:00 -07:00
Manuel Alejandro de Brito Fontes 5d05e19cc3
Fix enable opentracing per location (#4983) 2020-01-29 12:20:05 -03:00
Manuel Alejandro de Brito Fontes d9983cb387 Fix spell errors 2020-01-27 00:01:13 -03:00
Manuel Alejandro de Brito Fontes 7ff49b25d6
Move opentracing configuration for location to go (#4965) 2020-01-25 21:39:20 -03:00
Manuel Alejandro de Brito Fontes 66ef05849f
Refactor how to handle sigterm and nginx process goroutine (#4959) 2020-01-25 14:52:31 -03:00
Manuel Alejandro de Brito Fontes c8015c7734
Update nginx image, use docker buildx and remove qemu (#4923) 
* Update nginx image, use docker buildx and remove qemu

* Update e2e image
 2020-01-14 20:52:57 -03:00
Manuel Alejandro de Brito Fontes 74944b99e9
Enable download of GeoLite2 databases (#4896) 2020-01-08 19:46:43 -03:00
Sungmin Lee d7be5db7de Support sample rate and global sampling configuration for Datadog in ConfigMap 2020-01-07 16:59:59 -08:00
Manuel Alejandro de Brito Fontes 5f6c4cff3e
Add help task (#4891) 
* Add help task
* Fix vet errors
 2020-01-07 10:53:12 -03:00
Manuel Alejandro de Brito Fontes b30115aba7
Merge pull request #4862 from aledbf/update-nginx-image 
Update nginx image
 2020-01-04 15:51:23 -03:00
Manuel Alejandro de Brito Fontes fbdd924a45 Update nginx image 2020-01-04 13:23:16 -03:00
Manuel Alejandro de Brito Fontes 965ecd4b15
Default backend protocol only supports http (#4870) 2020-01-04 11:09:00 -03:00
Manuel Alejandro de Brito Fontes a0523c3c8a
Use a named location for authSignURL (#4859) 2019-12-24 22:50:25 -03:00
Manuel Alejandro de Brito Fontes facf841992
Return specific type (#4840) 2019-12-17 12:06:17 -03:00
Manuel Alejandro de Brito Fontes 5c30820d1f Remove hard-coded annotation and don't use map pointers 2019-12-13 03:05:20 -03:00
Kubernetes Prow Robot be1907142b
Merge pull request #4823 from aledbf/go-modules 
Update go dependencies to v1.17.0
 2019-12-12 11:40:32 -08:00
Manuel Alejandro de Brito Fontes fe2ae8a1ec Check the configmap is valid 2019-12-10 22:45:02 -03:00
Kubernetes Prow Robot d5e197c3e2
Merge pull request #4816 from kdomanski/fix-ssl-redirect 
apply default certificate again in cases of invalid or incomplete cert config
 2019-12-10 17:40:05 -08:00
Kamil Domański 5c8522cdab apply default certificate again in cases of invalid or incomplete cert config 
Signed-off-by: Kamil Domański <kamil@domanski.co>
 2019-12-06 12:15:52 +01:00
Manuel Alejandro de Brito Fontes cfccc2acc0 Update default SSL ciphers 2019-12-05 19:34:53 -03:00
Manuel Alejandro de Brito Fontes 19d596b72b
Allow custom CA certificate when flag --api-server is specified (#4807) 2019-12-05 19:12:54 -03:00
Kubernetes Prow Robot a85d5ed93a
Merge pull request #4779 from aledbf/update-image 
Remove lua-resty-waf feature
 2019-11-27 11:45:05 -08:00
Kubernetes Prow Robot b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames 0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00
Manuel Alejandro de Brito Fontes 61d902db14 Remove Lua resty waf feature 2019-11-26 10:37:43 -03:00
Kubernetes Prow Robot 62518b60b4
Merge pull request #4689 from janosi/upstream_ssl 
Server-only authentication of backends and per-location SSL config
 2019-11-18 19:49:43 -08:00
Kubernetes Prow Robot 0d244e1c41
Merge pull request #4730 from stamm/master 
add configuration for http2_max_concurrent_streams
 2019-11-08 07:12:29 -08:00
Kubernetes Prow Robot a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret 
Removing secure-verify-ca-secret support
 2019-11-08 07:12:21 -08:00
Kubernetes Prow Robot f808f955ee
Merge pull request #4664 from bryanhanner/master 
warn when ConfigMap is missing or not parsable instead of erroring
 2019-11-08 07:12:14 -08:00
Rustam Zagirov d9cfad1894 add configuration for http2_max_concurrent_streams 2019-10-31 15:13:38 +03:00
Laszlo Janosi cc84bd4ab6 Server level proxy_ssl parameters are applied again, following the comments received. 
Also writing tls.crt and tls.key to disk is according to the original code.
 2019-10-26 20:20:18 +02:00
Laszlo Janosi 31227d61c2 Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition 2019-10-18 10:58:57 +02:00
Peter Pan 6aa48def3a add remote_addr in layer 4 access log 
original:
[18/Oct/2019:00:47:53 +0000]  TCP 200 4333 81 0.002
new:
[10.6.124.202]  [18/Oct/2019:01:05:15 +0000]  TCP 200 4333  81 0.002
 2019-10-18 09:21:01 +08:00
Laszlo Janosi 37fe9c9876 Enabling per-location proxy-ssl parameters, so locations of the same server but with own unique Ingress definitions can have different SSL configs 2019-10-17 10:15:53 +02:00
Thomas Jackson 500b043f27 Don't use DNS resolution to "validate FQDN" 
As the controller stands today this "validation" is done once per config load, which means if the DNS query fails for any reason the endpoint will remain dead until both (1) a change happens to the ingress and (2) the DNS resolution works. If the user configured the name we should just pass it through, this way the lua dns can attempt to re-query it at its leisure.
 2019-10-13 13:16:47 -07:00
Arthur Axel 'fREW' Schmidt ea8f7ea8b7 Simplify initialization function of bytes.Buffer 2019-10-12 08:36:54 -07:00
Bryan Hanner 9957d30048 warn when ConfigMap is missing or unparsable instead of erroring 2019-10-11 17:15:38 -07:00
Kubernetes Prow Robot fb025ab501
Merge pull request #4087 from MRoci/master 
Define Modsecurity Snippet via ConfigMap
 2019-09-30 15:19:32 -07:00
Andrea Spacca 203a3ed455 ISSUE-4244 comply with --health-check-path (#4619) 2019-09-29 14:37:57 -03:00
Manuel Alejandro de Brito Fontes d5d2b4037c
Fix ports collision when hostNetwork=true (#4617) 2019-09-28 17:30:57 -03:00
MRoci 72c4ffa8b5
add modsecurity-snippet key 2019-09-28 09:54:07 +02:00
Manuel Alejandro de Brito Fontes 6715108d8a
Release 0.26.0 2019-09-27 10:23:12 -03:00