8000 Merge branch 'main' into ap-log-escaping-chars · nginx/kubernetes-ingress@322badd · GitHub
[go: up one dir, main page]
Skip to content

Commit 322badd

Browse files
lucacomelucacome
authored
Merge branch 'main' into ap-log-escaping-chars
2 parents be26ccb + 5caa13d commit 322badd

File tree

23 files changed

+99
-53
lines changed

23 files changed

+99
-53
lines changed

.github/workflows/ci.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -104,7 +104,7 @@ jobs:
104104
with:
105105
go-version: ${{ needs.checks.outputs.go_version }}
106106
- name: Build binary
107-
uses: goreleaser/goreleaser-action@v2
107+
uses: goreleaser/goreleaser-action@v3
108108
with:
109109
version: latest
110110
args: build --snapshot --rm-dist --single-target
@@ -324,7 +324,7 @@ jobs:
324324
if: startsWith(github.ref, 'refs/tags/')
325325

326326
- name: Build binaries
327-
uses: goreleaser/goreleaser-action@v2
327+
uses: goreleaser/goreleaser-action@v3
328328
with:
329329
version: latest
330330
args: ${{ startsWith(github.ref, 'refs/tags/') && 'release' || 'build --snapshot' }} ${{ github.event_name == 'pull_request' && '--single-target' || '' }} --rm-dist

.github/workflows/update-docker-images.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -113,7 +113,7 @@ jobs:
113113
id: go
114114
run: echo "::set-output name=go_path::$(go env GOPATH)"
115115
- name: Build binaries
116-
uses: goreleaser/goreleaser-action@v2
116+
uses: goreleaser/goreleaser-action@v3
117117
with:
118118
version: latest
119119
args: build --rm-dist --id kubernetes-ingress

build/Dockerfile

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@ FROM nginx:1.21.6 AS debian
1616
RUN --mount=type=bind,from=opentracing-lib,target=/tmp/ot/ \
1717
apt-get update \
1818
&& apt-get install --no-install-recommends --no-install-suggests -y libcap2-bin \
19+
# temp fix for CVE-2022-1292, CVE-2022-29155 and CVE-2022-29824
20+
&& apt-get install -y libssl1.1 libldap-2.4-2 libxml2 \
1921
&& rm -rf /var/lib/apt/lists/* \
2022
&& cp -av /tmp/ot/usr/local/lib/libopentracing.so* /tmp/ot/usr/local/lib/libjaegertracing*so* /tmp/ot/usr/local/lib/libzipkin*so* /tmp/ot/usr/local/lib/libdd*so* /tmp/ot/usr/local/lib/libyaml*so* /usr/local/lib/ \
2123
&& cp -av /tmp/ot/usr/lib/nginx/modules/ngx_http_opentracing_module.so /usr/lib/nginx/modules/ \
@@ -29,8 +31,8 @@ FROM docker.io/library/nginx:1.21.6-alpine AS alpine
2931

3032
RUN --mount=type=bind,from=alpine-opentracing-lib,target=/tmp/ot/ \
3133
apk add --no-cache libcap libstdc++ \
32-
# temp fix for CVE-2022-1271, CVE-2022-22576, CVE-2022-27404 and CVE-2022-29824
33-
&& apk upgrade --no-cache xz-libs curl libcurl freetype libxml2 \
34+
# temp fix for CVE-2022-27405
35+
&& apk upgrade --no-cache freetype \
3436
&& cp -av /tmp/ot/usr/local/lib/libopentracing.so* /tmp/ot/usr/local/lib/libjaegertracing*so* /tmp/ot/usr/local/lib/libzipkin*so* /tmp/ot/usr/local/lib/libdd*so* /tmp/ot/usr/local/lib/libyaml*so* /usr/local/lib/ \
3537
&& cp -av /tmp/ot/usr/lib/nginx/modules/ngx_http_opentracing_module.so /usr/lib/nginx/modules/ \
3638
&& ldconfig /usr/local/lib/
@@ -62,6 +64,8 @@ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode
6264
--mount=type=bind,from=opentracing-lib,target=/tmp/ot/ \
6365
apt-get update \
6466
&& apt-get install --no-install-recommends --no-install-suggests -y ca-certificates gnupg curl apt-transport-https libcap2-bin \
67+
# temp fix for CVE-2022-1292
68+
&& apt-get install -y libssl1.1 \
6569
&& curl -fsSL https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx_signing.gpg \
6670
&& curl -fsSL -o /etc/apt/apt.conf.d/90pkgs-nginx https://cs.nginx.com/static/files/90pkgs-nginx \
6771
&& DEBIAN_VERSION=$(awk -F '=' '/^VERSION_CODENAME=/ {print $2}' /etc/os-release) \

deployments/helm-chart/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -232,6 +232,8 @@ Parameter | Description | Default
232232
`controller.readyStatus.enable` | Enables the readiness endpoint `"/nginx-ready"`. The endpoint returns a success code when NGINX has loaded all the config after the startup. This also configures a readiness probe for the Ingress Controller pods that uses the readiness endpoint. | true
233233
`controller.readyStatus.port` | The HTTP port for the readiness endpoint. | 8081
234234
`controller.enableLatencyMetrics` | Enable collection of latency metrics for upstreams. Requires `prometheus.create`. | false
235+
`controller.minReadySeconds` | Specifies the minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available. [docs](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds) | 0
236+
`controller.strategy` | Specifies the strategy used to replace old Pods by new ones. [docs](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) | {}
235237
`rbac.create` | Configures RBAC. | true
236238
`prometheus.create` | Expose NGINX or NGINX Plus metrics in the Prometheus format. | false
237239
`prometheus.port` | Configures the port to scrape the metrics. | 9113

deployments/helm-chart/templates/controller-daemonset.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -208,3 +208,10 @@ spec:
208208
initContainers: {{ toYaml .Values.controller.initContainers | nindent 8 }}
209209
{{- end }}
210210
{{- end }}
211+
{{- if .Values.controller.strategy }}
212+
updateStrategy:
213+
{{ toYaml .Values.controller.strategy | indent 4 }}
214+
{{- end }}
215+
{{- if .Values.controller.minReadySeconds }}
216+
minReadySeconds: {{ .Values.controller.minReadySeconds }}
217+
{{- end }}

deployments/helm-chart/templates/controller-deployment.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -207,3 +207,10 @@ spec:
207207
initContainers: {{ toYaml .Values.controller.initContainers | nindent 8 }}
208208
{{- end }}
209209
{{- end }}
210+
{{- if .Values.controller.strategy }}
211+
strategy:
212+
{{ toYaml .Values.controller.strategy | indent 4 }}
213+
{{- end }}
214+
{{- if .Values.controller.minReadySeconds }}
215+
minReadySeconds: {{ .Values.controller.minReadySeconds }}
216+
{{- end }}

deployments/helm-chart/values.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -136,6 +136,12 @@ controller:
136136
# image: busybox:1.34
137137
# command: ['sh', '-c', 'echo this is initial setup!']
138138

139+
## The minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available.
140+
minReadySeconds: 0
141+
142+
## Strategy used to replace old Pods by new ones. .spec.strategy.type can be "Recreate" or "RollingUpdate". "RollingUpdate" is the default value.
143+
strategy: {}
144+
139145
## Extra containers for the Ingress Controller pods.
140146
extraContainers: []
141147
# - name: container

docs/_vendor/gitlab.com/f5/nginx/controller/poc/f5-hugo/assets/css/docs-nginx-com/style.css

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

docs/_vendor/gitlab.com/f5/nginx/controller/poc/f5-hugo/assets/css/f5-hugo.css

Lines changed: 11 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

docs/_vendor/gitlab.com/f5/nginx/controller/poc/f5-hugo/layouts/_default/docs.html

Lines changed: 6 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)
0