DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #5534 from agile6v/master

Browse source 
Add annotation ssl-prefer-server-ciphers.
This commit is contained in:
Kubernetes Prow Robot 2020-05-29 08:35:16 -07:00 committed by GitHub
commit ee02d897d5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 73 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

6
test/e2e/annotations/sslciphers.go
View file

@ -34,7 +34,8 @@ var _ = framework.DescribeAnnotation("ssl-ciphers", func() {
ginkgo.It("should change ssl ciphers", func() {
host := "ciphers.foo.com"
annotations := map[string]string{
"nginx.ingress.kubernetes.io/ssl-ciphers": "ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP",
"nginx.ingress.kubernetes.io/ssl-ciphers": "ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP",
"nginx.ingress.kubernetes.io/ssl-prefer-server-ciphers": "false",
}
ing := framework.NewSingleIngress(host, "/something", host, f.Namespace, framework.EchoService, 80, annotations)
@ -42,7 +43,8 @@ var _ = framework.DescribeAnnotation("ssl-ciphers", func() {
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, "ssl_ciphers ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;")
return strings.Contains(server, "ssl_ciphers ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;") &&
strings.Contains(server, "ssl_prefer_server_ciphers off;")
})
})
})