DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add annotation to allow to add custom response headers (#9742)

Browse source 
* add custom headers

Signed-off-by: Christian Groschupp <christian@groschupp.org>

* add tests

Signed-off-by: Christian Groschupp <christian@groschupp.org>

* add docs

* update copyright

* change comments

* add e2e test customheaders

* add custom headers validation

* remove escapeLiteralDollar filter

* validate value in custom headers

* add regex for header value

* fix annotation test

* Revert "remove escapeLiteralDollar filter"

This reverts commit ab48392b60dee4ce146a4c17e046849f9633c7fb.

* add annotationConfig

* fix test

* fix golangci-lint findings

* fix: add missung exp module

---------

Signed-off-by: Christian Groschupp <christian@groschupp.org>
This commit is contained in:
Christian Groschupp 2024-04-09 12:25:22 +02:00 committed by GitHub
parent d56aacdb31
commit 1f4ee0e235
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
15 changed files with 537 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

17
docs/user-guide/nginx-configuration/annotations.md
View file

@ -50,6 +50,7 @@ You can add these Kubernetes annotations to specific Ingress objects to customiz
|[nginx.ingress.kubernetes.io/client-body-buffer-size](#client-body-buffer-size)|string|
|[nginx.ingress.kubernetes.io/configuration-snippet](#configuration-snippet)|string|
|[nginx.ingress.kubernetes.io/custom-http-errors](#custom-http-errors)|[]int|
|[nginx.ingress.kubernetes.io/custom-headers](#custom-headers)|string|
|[nginx.ingress.kubernetes.io/default-backend](#default-backend)|string|
|[nginx.ingress.kubernetes.io/enable-cors](#enable-cors)|"true" or "false"|
|[nginx.ingress.kubernetes.io/cors-allow-origin](#enable-cors)|string|
@ -338,6 +339,22 @@ Example usage:
nginx.ingress.kubernetes.io/custom-http-errors: "404,415"
```
### Custom Headers
This annotation is of the form `nginx.ingress.kubernetes.io/custom-headers: custom-headers-configmap` to specify a configmap name that contains custom headers. This annotation uses `more_set_headers` nginx directive.
Example configmap:
```yaml
apiVersion: v1
data:
Content-Type: application/json
kind: ConfigMap
metadata:
name: custom-headers-configmap
```
!!! attention
First define the allowed response headers in [global-allowed-response-headers](https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/configmap.md#global-allowed-response-headers).
### Default Backend
This annotation is of the form `nginx.ingress.kubernetes.io/default-backend: <svc name>` to specify a custom default backend. This `<svc name>` is a reference to a service inside of the same namespace in which you are applying this annotation. This annotation overrides the global default backend. In case the service has [multiple ports](https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services), the first one is the one which will receive the backend traffic.

5
docs/user-guide/nginx-configuration/configmap.md
View file

@ -209,6 +209,7 @@ The following table shows a configuration option's name, type, and the default v
|[syslog-host](#syslog-host)| string | "" ||
|[syslog-port](#syslog-port)| int | 514 ||
|[no-tls-redirect-locations](#no-tls-redirect-locations)| string | "/.well-known/acme-challenge" ||
|[global-allowed-response-headers](#global-allowed-response-headers)|string|""||
|[global-auth-url](#global-auth-url)| string | "" ||
|[global-auth-method](#global-auth-method)| string | "" ||
|[global-auth-signin](#global-auth-signin)| string | "" ||
@ -1285,6 +1286,10 @@ Sets the port of syslog server. _**default:**_ 514
A comma-separated list of locations on which http requests will never get redirected to their https counterpart.
_**default:**_ "/.well-known/acme-challenge"
## global-allowed-response-headers
A comma-separated list of allowed response headers inside the [custom headers annotations](https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md#custom-headers)
## global-auth-url
A url to an existing service that provides authentication for all the locations.