DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable security features by default (#11819)

Browse source
This commit is contained in:
Ricardo Katz 2024-08-23 00:45:51 -03:00 committed by GitHub
parent b79551287e
commit 7b4e4e2fa1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
28 changed files with 103 additions and 262 deletions
Download patch file Download diff file Expand all files Collapse all files

21
test/e2e/annotations/auth.go
View file

@ -277,14 +277,8 @@ var _ = framework.DescribeAnnotation("auth-*", func() {
"nginx.ingress.kubernetes.io/auth-snippet": `
proxy_set_header My-Custom-Header 42;`,
}
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "true",
})
defer func() {
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "false",
})
}()
disableSnippet := f.AllowSnippetConfiguration()
defer disableSnippet()
ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing)
@ -297,15 +291,8 @@ var _ = framework.DescribeAnnotation("auth-*", func() {
ginkgo.It(`should not set snippet "proxy_set_header My-Custom-Header 42;" when external auth is not configured`, func() {
host := authHost
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "true",
})
defer func() {
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "false",
})
}()
disableSnippet := f.AllowSnippetConfiguration()
defer disableSnippet()
annotations := map[string]string{
"nginx.ingress.kubernetes.io/auth-snippet": `