DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable security features by default (#11819)

Browse source
This commit is contained in:
Ricardo Katz 2024-08-23 00:45:51 -03:00 committed by GitHub
parent b79551287e
commit 7b4e4e2fa1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
28 changed files with 103 additions and 262 deletions
Download patch file Download diff file Expand all files Collapse all files

14
test/e2e/framework/framework.go
View file

@ -383,6 +383,20 @@ func (f *Framework) SetNginxConfigMapData(cmData map[string]string) {
f.WaitForReload(fn)
}
// SetNginxConfigMapData sets ingress-nginx's nginx-ingress-controller configMap data
func (f *Framework) AllowSnippetConfiguration() func() {
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "true",
"annotations-risk-level": "Critical", // To enable snippet configurations
})
return func() {
f.SetNginxConfigMapData(map[string]string{
"allow-snippet-annotations": "false",
"annotations-risk-level": "High",
})
}
}
// CreateConfigMap creates a new configmap in the current namespace
func (f *Framework) CreateConfigMap(name string, data map[string]string) {
_, err := f.KubeClientSet.CoreV1().ConfigMaps(f.Namespace).Create(context.TODO(), &v1.ConfigMap{