DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Jail/chroot nginx process inside controller container (#8337)

Browse source 
* Initial work on chrooting nginx process

* More improvements in chroot

* Fix charts and some file locations

* Fix symlink on non chrooted container

* fix psp test

* Add e2e tests to chroot image

* Fix logger

* Add internal logger in controller

* Fix overlay for chrooted tests

* Fix tests

* fix boilerplates

* Fix unittest to point to the right pid

* Fix PR review
This commit is contained in:
Ricardo Katz 2022-04-09 01:48:04 -03:00 committed by GitHub
parent 83ce21b4dd
commit 3def835a6a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
41 changed files with 456 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

4
internal/nginx/main.go
View file

@ -28,7 +28,7 @@ import (
"time"
ps "github.com/mitchellh/go-ps"
"k8s.io/klog/v2"
klog "k8s.io/klog/v2"
)
// TODO: Check https://github.com/kubernetes/kubernetes/blob/master/pkg/master/ports/ports.go for ports already being used
@ -40,7 +40,7 @@ var ProfilerPort = 10245
var TemplatePath = "/etc/nginx/template/nginx.tmpl"
// PID defines the location of the pid file used by NGINX
var PID = "/tmp/nginx.pid"
var PID = "/tmp/nginx/nginx.pid"
// StatusPort port used by NGINX for the status server
var StatusPort = 10246