Escape commit message in Notification workflow #2075
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lucacome
requested review from
pleshakov and
soneillf5
and removed request for
a team
soneillf5
approved these changes
Oct 12, 2021
pleshakov
approved these changes
Oct 12, 2021
soneillf5
added a commit
that referenced
this pull request
Oct 14, 2021
* Deregister subscription-manager on nap ubi build (#1965) * Deregister subscription-manager on nap ubi build * Don't print subscription manager details to terminal * Release 2.0.0 (#1994) Release 2.0 * fix: add back anchor links for cmdline arguments (#2006) * fix: KIC-545 fix broken link (#2013) * Increase upstream zone size for NGINX Plus NGINX Plus R25 allocates more memory for storing upstream server (peer) data: +720 bytes per peer. This means upstream server zones will use more memory to accommodate that data. If a zone is full, NGINX Plus will fail to reload and fail to add more upstream servers via the API. To prevent reload failures after an upgrade to R25, this commit increases the default upstream zone size for NGINX Plus from 256K to 512K. * Update python tests * Update Changelog * fix: bumped f5-theme to v12.6 (#2007) Co-authored-by: Travis Martin <t.martin@f5.com> Co-authored-by: Luca Comellini <luca.com@gmail.com> Co-authored-by: Ciara Stacke <18287516+ciarams87@users.noreply.github.com> * Bump NGINX Plus version to R25 (#1998) Bump N+ version in Dockerfile and allow overriding the N+ version in Makefile for NAP. * Use suffix in latest tag, i.e. latest-alpine, don't overwrite latest (#2023) * Bump alpine from 3.13 to 3.14 in /build (#2021) Bumps alpine from 3.13 to 3.14. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix tests upload in the workflow (#2038) * Upload NGINX Ingress Controller binaries to release (#2044) * Use release specific repo for NGINX Plus on Debian (#2042) * Fix Issues workflow (#2054) * Upload Docker images to ghcr.io (#2053) * Use action to automatically rebase PRs with master (#2052) Co-authored-by: nginx-bot <68849795+nginx-bot@users.noreply.github.com> * Remove note from operator installation (#2049) * Use release specific repo for NGINX Plus on Debian (#2051) * Remove sync workflow from master (#2055) * Remove need for extra parameters for Dockerfile (#2045) * fix issues with the 404 and robots.txts redirects * Release 2.0.1 (#2062) * Clarify upstream tls in VirtualServer * Add waiting for response label (#2065) * Use default python image, bump to 3.10 (#2068) * Update packages for CVE-2021-37750 (#2073) * Escape commit message in Notification workflow (#2075) * Bump github.com/aws/aws-sdk-go-v2/config from 1.8.2 to 1.8.3 (#2081) Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md) - [Commits](aws/aws-sdk-go-v2@config/v1.8.2...config/v1.8.3) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go-v2/service/marketplacemetering from 1.5.1 to 1.5.2 (#2080) Bumps [github.com/aws/aws-sdk-go-v2/service/marketplacemetering](https://github.com/aws/aws-sdk-go-v2) from 1.5.1 to 1.5.2. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md) - [Commits](aws/aws-sdk-go-v2@service/mq/v1.5.1...service/mq/v1.5.2) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/marketplacemetering dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump certifi from 2021.5.30 to 2021.10.8 in /tests (#2072) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump certifi from 2021.5.30 to 2021.10.8 in /perf-tests (#2071) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump locust from 2.2.3 to 2.4.0 in /perf-tests (#2070) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove nap plus version override * Temp downgrade the gitlab test image to python 3.9 because of compatability issues * Restore GHA cache (#2083) * Bump cffi from 1.14.6 to 1.15.0 in /tests (#2089) Bumps [cffi](http://cffi.readthedocs.org) from 1.14.6 to 1.15.0. --- updated-dependencies: - dependency-name: cffi dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump cffi from 1.14.6 to 1.15.0 in /perf-tests (#2088) Bumps [cffi](http://cffi.readthedocs.org) from 1.14.6 to 1.15.0. --- updated-dependencies: - dependency-name: cffi dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump kubernetes from 19.15.0a1 to 19.15.0b1 in /tests (#2087) Bumps [kubernetes](https://github.com/kubernetes-client/python) from 19.15.0a1 to 19.15.0b1. - [Release notes](https://github.com/kubernetes-client/python/releases) - [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md) - [Commits](kubernetes-client/python@v19.15.0a1...v19.15.0b1) --- updated-dependencies: - dependency-name: kubernetes dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Segregate AP methods (#2084) * Bados (#1997) * Add app protect dos to NIC 1. Add option to install with bados for makefile and dockerfile 2. new template for nginx-plus.ingress.tmpl and nginx-plus.tmpl 3. new annotation appprotect.f5.com/app-protect-dos-enable 4. new file entrypoint.sh to start admd in background 5. new flag in deployment for bados * Add bados policy to virtualserver Bados policy with 2 argumants: 1. enable 2. name * Add appDosPolicy 1. Add new CRD yaml file to describe APDosPolicy 2. Support APDosPolicy with ingress 3. Support APDosPolicy with virtualServer * Remove entrypoint.sh 1. Remove entry point file 2. Call admdinstall by exec.command 3. Call admd by exec.command * Add security log for app protect dos 1. Add new CRD appprotect.f5.com_apdoslogconfs.yaml 2. Add dos security log properties for bados policy 3. Add security log directive for ingress and virtualServer * Add monitor directive for app protect dos 2. Add apDosMonitor properties for bados policy 3. Add apDosMonitor directive for ingress and virtualServer * Monitor directive for app protect dos cleanup * Add readiness and livensess directive 1. Change file nginx-plus.tmpl - add directives 2. Read file nginx-config.yaml and reads: app-protect-dos-liveness-enable app-protect-dos-liveness-uri app-protect-dos-liveness-port: "4999" app-protect-dos-readiness-enable app-protect-dos-readiness-uri app-protect-dos-readiness-port * Add debug flag to bados * Set server to answer for livness probe case liveness enable (use port 8083) * Minor changes in dokcer file * Add appprotectdos group Change from appprotect to appprotectdos all configuration * Add deployment for appprotect-dos-arb.yaml * Add annotation: app-protect-dos-name * Minor changes if deployment of Arbitrator * Fix addWarningf with extra Specifier * Add unit tests for app protect dos 1. Add units test for app protect dos 2. fix errors in unit tests * Add access log and format for option to kibana log for app protect dos 1. Add option to add via virtual server 2. Add option to add via annotation * Remove unnecessary validation in bados policy * Add app-protect-dos-debug flag Enable debug log for app protect dos inside the deployment args properties * Validation.go app protect dos - minor BUG + add unit tests * Add to config map error-log-destination and worker-rlimit-core default value for error-log-destination - stderr * Add to bados policy dosAccessLogDest properties * Change app protect dos arb image pull policy to ifNotPresent * Add new image for App Protect with App Protect Dos 1. Add new option in Makefile: debian-image-nap-dos-plus 2. Add new option in Dockerfile: debian-plus-ap-apdos * Add example for ingress yaml file with log and policy yaml * Add example for virtual server yaml file with log and policy and bados yaml files * Bados examples minor changes * Add Quotation mark to app protect dos policy files * Add documentation on app protect dos * Change liveness in app protect dos and remove readiness * Add info for manifest doc * Renamed crds app protect dos files * Change troubleshooting.md for app protect dos * Master merge fixes * Add build-arg to nap-napdos image in Makefile * Helm for app protect dos * App Protect Dos - update readme file, create ns for app protect dos * App Protect Dos - nginx-plus.tmpl - refactor log_dos * App Protect Dos - fix duplicate const params from merge * App Protect Dos - add tls_fingerprint policy support * App Protect Dos - fix bug from merge in file configmaps_test.go * App Protect Dos - helm chart change field for arb name from name to arbName * App Protect Dos - Remove unnecessary back quote * Update DockerFile to GA * Remove unnecessary path of app protect dos so module * Fix merge documentation issue for app protect dos * Add arbitrator dockerfile and documentations * Make deployment arb image path to example * Helm app protect dos - add repository arg for arbitrator * Fix CRDs with make update-crds * Fix Lint issue * Change arbitrator repository path * Fix merge typo issue * Minor typo * Change the napdos and nap-napdos Dockerfile. Remove --force-confold Add installation of lsb-release for decide the release of deb * Remove the arbitrator Dockerfile No needed it now, can pull from the registry * Remove copy paste typo * Fix comment of AppProtectDosLogConfDstAnnotation and AppProtectLogConfDstAnnotation * Add app protect dos liveness to helm chart * Liveness default is off and change logic to decide loading param * Fix typo ErrorLogLevel->ErrorLogDst * Remove WorkerRlimitCore * installation.md - Change v from 11 to 12 * Change MainAppProtectDosLivenessEnable and AppProtectDosLivenessEnable from string to bool * revert values.yaml changes * Fix App Protect liveness configmaps.go + Add info to readme file * App Protect liveness add to daemonset * Add configmap-resource.md info for liveness * Add app-protect-dos-log-format to configmap and change the dependencies with security log * Remove ErrorLogDst option * Remove unnecessary check * Change for virtual server access log dest - no dependencies with security log * Change the format of the errorf "Bados policy" from q to v * Change folder for policy and log + simplify code * Set access log off inside the liveness server + add comment on loggable 0 * Add unit tests TestGenerateNginxCfgForAppProtectDos and TestGenerateNginxCfgForMergeableIngressesForAppProtectDos * Add unit test TestAddBadosConfig * Add unit test TestUpdateApDosResourcesForVs * Add unit test TestUpdateApDosResourcesForVs + fix bug * Remove validateRequiredFieldsNoCopy function, used validateRequiredFields instead * Add unit test for ValidateAppProtectDosAccessLogDest * Add unit test for ValidateAppProtectDosLogConf * Add unit test for ValidateAppProtectDosPolicy * change from ValidateAppProtectDosPolicy to validateAppProtectDosPolicy * Add unit test for AddBadosPolicyRefs * Fix typo * removing the Dos part from the names of all methods of dos configuration interface. * Add unit test to getBadosPoliciesForAppProtectLogConf * Add unit test to getBadosPoliciesForAppProtectDosPolicy * Add unit test to validateBados * Remove adding duplicate path dosAccessLogDest * App Protect dos expose logs through stdout * Arbitrator helm chart changes 1. Remove name 2. add image options * Remove local file destination in log of app protect dos * Fix admd debug command * Add annotation table descriptions * Add appprotect_common package * Add app_protecrt_common_resources_test * Set debug log for app protect dos via configmap remove cli option * remove debug log for app protect dos helm chart option * Change webapp-ingress.yaml to v1 in the example * Add extra info for advanced-configuration-with-annotations.md file * Add App Protect Dos validation for the annotation inside the new mechanism Add to validation.go new entries for all App Protect Dos annotations Add new validation for name and monitor directives inside app_protect_dos_resources.go remove validation from func getAppProtectDosLogConfAndDst Add unit tests for new functions * App protect Dos Arbitrator new Helm Chart Add new helm cart for the arbitrator. Remove the arbitrator from ingress helm chart Add new doc installation-with-helm-dos-arbitrator.md * Remove App Protect Dos Liveness * Add ConfigMap key for admd installation app-protect-dos-install-memory app-protect-dos-install-max-daemons app-protect-dos-install-max-workers Co-authored-by: Tomer Pasman <t.pasman@f5.com> Co-authored-by: Tomer <=> * Fix AppProtect resource names collisions Previously if a VS/VSR referenced a waf or a dos policy, and that policy referenced both policy and log configuration resources with the same namespace and name, the IC would incorrectly assume that the policy didn't exist. This commit fixes that bug. * Refactor NAP and DOS resource handling in Configurator * Fix minion annotations deny list * Refactor AddOrUpdateAppProtectResource * Remove the introduced reload bool argument * Split the method into two * Refactor delete methods for NAP and DOS resources * moved appprotect validation into validation package (#2056) * Add Python test for DOS feature (#2047) * Dos fixes (#1999) * Bados (#1997) * Add app protect dos to NIC 1. Add option to install with bados for makefile and dockerfile 2. new template for nginx-plus.ingress.tmpl and nginx-plus.tmpl 3. new annotation appprotect.f5.com/app-protect-dos-enable 4. new file entrypoint.sh to start admd in background 5. new flag in deployment for bados * Add bados policy to virtualserver Bados policy with 2 argumants: 1. enable 2. name * Add appDosPolicy 1. Add new CRD yaml file to describe APDosPolicy 2. Support APDosPolicy with ingress 3. Support APDosPolicy with virtualServer * Remove entrypoint.sh 1. Remove entry point file 2. Call admdinstall by exec.command 3. Call admd by exec.command * Add security log for app protect dos 1. Add new CRD appprotect.f5.com_apdoslogconfs.yaml 2. Add dos security log properties for bados policy 3. Add security log directive for ingress and virtualServer * Add monitor directive for app protect dos 2. Add apDosMonitor properties for bados policy 3. Add apDosMonitor directive for ingress and virtualServer * Monitor directive for app protect dos cleanup * Add readiness and livensess directive 1. Change file nginx-plus.tmpl - add directives 2. Read file nginx-config.yaml and reads: app-protect-dos-liveness-enable app-protect-dos-liveness-uri app-protect-dos-liveness-port: "4999" app-protect-dos-readiness-enable app-protect-dos-readiness-uri app-protect-dos-readiness-port * Add debug flag to bados * Set server to answer for livness probe case liveness enable (use port 8083) * Minor changes in dokcer file * Add appprotectdos group Change from appprotect to appprotectdos all configuration * Add deployment for appprotect-dos-arb.yaml * Add annotation: app-protect-dos-name * Minor changes if deployment of Arbitrator * Fix addWarningf with extra Specifier * Add unit tests for app protect dos 1. Add units test for app protect dos 2. fix errors in unit tests * Add access log and format for option to kibana log for app protect dos 1. Add option to add via virtual server 2. Add option to add via annotation * Remove unnecessary validation in bados policy * Add app-protect-dos-debug flag Enable debug log for app protect dos inside the deployment args properties * Validation.go app protect dos - minor BUG + add unit tests * Add to config map error-log-destination and worker-rlimit-core default value for error-log-destination - stderr * Add to bados policy dosAccessLogDest properties * Change app protect dos arb image pull policy to ifNotPresent * Add new image for App Protect with App Protect Dos 1. Add new option in Makefile: debian-image-nap-dos-plus 2. Add new option in Dockerfile: debian-plus-ap-apdos * Add example for ingress yaml file with log and policy yaml * Add example for virtual server yaml file with log and policy and bados yaml files * Bados examples minor changes * Add Quotation mark to app protect dos policy files * Add documentation on app protect dos * Change liveness in app protect dos and remove readiness * Add info for manifest doc * Renamed crds app protect dos files * Change troubleshooting.md for app protect dos * Master merge fixes * Add build-arg to nap-napdos image in Makefile * Helm for app protect dos * App Protect Dos - update readme file, create ns for app protect dos * App Protect Dos - nginx-plus.tmpl - refactor log_dos * App Protect Dos - fix duplicate const params from merge * App Protect Dos - add tls_fingerprint policy support * App Protect Dos - fix bug from merge in file configmaps_test.go * App Protect Dos - helm chart change field for arb name from name to arbName * App Protect Dos - Remove unnecessary back quote * Update DockerFile to GA * Remove unnecessary path of app protect dos so module * Fix merge documentation issue for app protect dos * Add arbitrator dockerfile and documentations * Make deployment arb image path to example * Helm app protect dos - add repository arg for arbitrator * Fix CRDs with make update-crds * Fix Lint issue * Change arbitrator repository path * Fix merge typo issue * Minor typo * Change the napdos and nap-napdos Dockerfile. Remove --force-confold Add installation of lsb-release for decide the release of deb * Remove the arbitrator Dockerfile No needed it now, can pull from the registry * Remove copy paste typo * Fix comment of AppProtectDosLogConfDstAnnotation and AppProtectLogConfDstAnnotation * Add app protect dos liveness to helm chart * Liveness default is off and change logic to decide loading param * Fix typo ErrorLogLevel->ErrorLogDst * Remove WorkerRlimitCore * installation.md - Change v from 11 to 12 * Change MainAppProtectDosLivenessEnable and AppProtectDosLivenessEnable from string to bool * revert values.yaml changes * Fix App Protect liveness configmaps.go + Add info to readme file * App Protect liveness add to daemonset * Add configmap-resource.md info for liveness * Add app-protect-dos-log-format to configmap and change the dependencies with security log * Remove ErrorLogDst option * Remove unnecessary check * Change for virtual server access log dest - no dependencies with security log * Change the format of the errorf "Bados policy" from q to v * Change folder for policy and log + simplify code * Set access log off inside the liveness server + add comment on loggable 0 * Add unit tests TestGenerateNginxCfgForAppProtectDos and TestGenerateNginxCfgForMergeableIngressesForAppProtectDos * Add unit test TestAddBadosConfig * Add unit test TestUpdateApDosResourcesForVs * Add unit test TestUpdateApDosResourcesForVs + fix bug * Remove validateRequiredFieldsNoCopy function, used validateRequiredFields instead * Add unit test for ValidateAppProtectDosAccessLogDest * Add unit test for ValidateAppProtectDosLogConf * Add unit test for ValidateAppProtectDosPolicy * change from ValidateAppProtectDosPolicy to validateAppProtectDosPolicy * Add unit test for AddBadosPolicyRefs * Fix typo * removing the Dos part from the names of all methods of dos configuration interface. * Add unit test to getBadosPoliciesForAppProtectLogConf * Add unit test to getBadosPoliciesForAppProtectDosPolicy * Add unit test to validateBados * Remove adding duplicate path dosAccessLogDest * App Protect dos expose logs through stdout * Arbitrator helm chart changes 1. Remove name 2. add image options * Remove local file destination in log of app protect dos * Fix admd debug command * Add annotation table descriptions * Add appprotect_common package * Add app_protecrt_common_resources_test * Set debug log for app protect dos via configmap remove cli option * remove debug log for app protect dos helm chart option * Change webapp-ingress.yaml to v1 in the example * Add extra info for advanced-configuration-with-annotations.md file * Add App Protect Dos validation for the annotation inside the new mechanism Add to validation.go new entries for all App Protect Dos annotations Add new validation for name and monitor directives inside app_protect_dos_resources.go remove validation from func getAppProtectDosLogConfAndDst Add unit tests for new functions * App protect Dos Arbitrator new Helm Chart Add new helm cart for the arbitrator. Remove the arbitrator from ingress helm chart Add new doc installation-with-helm-dos-arbitrator.md * Remove App Protect Dos Liveness * Add ConfigMap key for admd installation app-protect-dos-install-memory app-protect-dos-install-max-daemons app-protect-dos-install-max-workers Co-authored-by: Tomer Pasman <t.pasman@f5.com> Co-authored-by: Tomer <=> * fix brackets * Bados (#1997) * Add app protect dos to NIC 1. Add option to install with bados for makefile and dockerfile 2. new template for nginx-plus.ingress.tmpl and nginx-plus.tmpl 3. new annotation appprotect.f5.com/app-protect-dos-enable 4. new file entrypoint.sh to start admd in background 5. new flag in deployment for bados * Add bados policy to virtualserver Bados policy with 2 argumants: 1. enable 2. name * Add appDosPolicy 1. Add new CRD yaml file to describe APDosPolicy 2. Support APDosPolicy with ingress 3. Support APDosPolicy with virtualServer * Remove entrypoint.sh 1. Remove entry point file 2. Call admdinstall by exec.command 3. Call admd by exec.command * Add security log for app protect dos 1. Add new CRD appprotect.f5.com_apdoslogconfs.yaml 2. Add dos security log properties for bados policy 3. Add security log directive for ingress and virtualServer * Add monitor directive for app protect dos 2. Add apDosMonitor properties for bados policy 3. Add apDosMonitor directive for ingress and virtualServer * Monitor directive for app protect dos cleanup * Add readiness and livensess directive 1. Change file nginx-plus.tmpl - add directives 2. Read file nginx-config.yaml and reads: app-protect-dos-liveness-enable app-protect-dos-liveness-uri app-protect-dos-liveness-port: "4999" app-protect-dos-readiness-enable app-protect-dos-readiness-uri app-protect-dos-readiness-port * Add debug flag to bados * Set server to answer for livness probe case liveness enable (use port 8083) * Minor changes in dokcer file * Add appprotectdos group Change from appprotect to appprotectdos all configuration * Add deployment for appprotect-dos-arb.yaml * Add annotation: app-protect-dos-name * Minor changes if deployment of Arbitrator * Fix addWarningf with extra Specifier * Add unit tests for app protect dos 1. Add units test for app protect dos 2. fix errors in unit tests * Add access log and format for option to kibana log for app protect dos 1. Add option to add via virtual server 2. Add option to add via annotation * Remove unnecessary validation in bados policy * Add app-protect-dos-debug flag Enable debug log for app protect dos inside the deployment args properties * Validation.go app protect dos - minor BUG + add unit tests * Add to config map error-log-destination and worker-rlimit-core default value for error-log-destination - stderr * Add to bados policy dosAccessLogDest properties * Change app protect dos arb image pull policy to ifNotPresent * Add new image for App Protect with App Protect Dos 1. Add new option in Makefile: debian-image-nap-dos-plus 2. Add new option in Dockerfile: debian-plus-ap-apdos * Add example for ingress yaml file with log and policy yaml * Add example for virtual server yaml file with log and policy and bados yaml files * Bados examples minor changes * Add Quotation mark to app protect dos policy files * Add documentation on app protect dos * Change liveness in app protect dos and remove readiness * Add info for manifest doc * Renamed crds app protect dos files * Change troubleshooting.md for app protect dos * Master merge fixes * Add build-arg to nap-napdos image in Makefile * Helm for app protect dos * App Protect Dos - update readme file, create ns for app protect dos * App Protect Dos - nginx-plus.tmpl - refactor log_dos * App Protect Dos - fix duplicate const params from merge * App Protect Dos - add tls_fingerprint policy support * App Protect Dos - fix bug from merge in file configmaps_test.go * App Protect Dos - helm chart change field for arb name from name to arbName * App Protect Dos - Remove unnecessary back quote * Update DockerFile to GA * Remove unnecessary path of app protect dos so module * Fix merge documentation issue for app protect dos * Add arbitrator dockerfile and documentations * Make deployment arb image path to example * Helm app protect dos - add repository arg for arbitrator * Fix CRDs with make update-crds * Fix Lint issue * Change arbitrator repository path * Fix merge typo issue * Minor typo * Change the napdos and nap-napdos Dockerfile. Remove --force-confold Add installation of lsb-release for decide the release of deb * Remove the arbitrator Dockerfile No needed it now, can pull from the registry * Remove copy paste typo * Fix comment of AppProtectDosLogConfDstAnnotation and AppProtectLogConfDstAnnotation * Add app protect dos liveness to helm chart * Liveness default is off and change logic to decide loading param * Fix typo ErrorLogLevel->ErrorLogDst * Remove WorkerRlimitCore * installation.md - Change v from 11 to 12 * Change MainAppProtectDosLivenessEnable and AppProtectDosLivenessEnable from string to bool * revert values.yaml changes * Fix App Protect liveness configmaps.go + Add info to readme file * App Protect liveness add to daemonset * Add configmap-resource.md info for liveness * Add app-protect-dos-log-format to configmap and change the dependencies with security log * Remove ErrorLogDst option * Remove unnecessary check * Change for virtual server access log dest - no dependencies with security log * Change the format of the errorf "Bados policy" from q to v * Change folder for policy and log + simplify code * Set access log off inside the liveness server + add comment on loggable 0 * Add unit tests TestGenerateNginxCfgForAppProtectDos and TestGenerateNginxCfgForMergeableIngressesForAppProtectDos * Add unit test TestAddBadosConfig * Add unit test TestUpdateApDosResourcesForVs * Add unit test TestUpdateApDosResourcesForVs + fix bug * Remove validateRequiredFieldsNoCopy function, used validateRequiredFields instead * Add unit test for ValidateAppProtectDosAccessLogDest * Add unit test for ValidateAppProtectDosLogConf * Add unit test for ValidateAppProtectDosPolicy * change from ValidateAppProtectDosPolicy to validateAppProtectDosPolicy * Add unit test for AddBadosPolicyRefs * Fix typo * removing the Dos part from the names of all methods of dos configuration interface. * Add unit test to getBadosPoliciesForAppProtectLogConf * Add unit test to getBadosPoliciesForAppProtectDosPolicy * Add unit test to validateBados * Remove adding duplicate path dosAccessLogDest * App Protect dos expose logs through stdout * Arbitrator helm chart changes 1. Remove name 2. add image options * Remove local file destination in log of app protect dos * Fix admd debug command * Add annotation table descriptions * Add appprotect_common package * Add app_protecrt_common_resources_test * Set debug log for app protect dos via configmap remove cli option * remove debug log for app protect dos helm chart option * Change webapp-ingress.yaml to v1 in the example * Add extra info for advanced-configuration-with-annotations.md file * Add App Protect Dos validation for the annotation inside the new mechanism Add to validation.go new entries for all App Protect Dos annotations Add new validation for name and monitor directives inside app_protect_dos_resources.go remove validation from func getAppProtectDosLogConfAndDst Add unit tests for new functions * App protect Dos Arbitrator new Helm Chart Add new helm cart for the arbitrator. Remove the arbitrator from ingress helm chart Add new doc installation-with-helm-dos-arbitrator.md * Remove App Protect Dos Liveness * Add ConfigMap key for admd installation app-protect-dos-install-memory app-protect-dos-install-max-daemons app-protect-dos-install-max-workers Co-authored-by: Tomer Pasman <t.pasman@f5.com> Co-authored-by: Tomer <=> * fix brackets * Change bados policy name to dos * Remove duplicate lines from the merge * Remove app-protect-dos-arb from Makefile * Dockerfile - mkdir for dos inside dos part and remove dos list * Remove comment: "Add Debug bool option via config file" * nginx-plus.ingress.tmpl remove {{end}} and fix indentation * Fix comment for DeleteAppProtectDosLogConf funx * Fix typo in comment validateAppProtectDosLogConf func in file app_protect_dos_resources.go * Fix nginx-plus.ingress.tmpl file EOF error * Change error info for validateExistAnnotation * fix duplicate functions from merge * Remove keys * Make DosPolicies and DosLogConfs private * Change fun from DeleteAppProtectLogConf to DeleteAppProtectDosLogConf * fix brackets * Change bados policy name to dos * Dockerfile - mkdir for dos inside dos part and remove dos list * Remove comment: "Add Debug bool option via config file" * nginx-plus.ingress.tmpl remove {{end}} and fix indentation * Fix comment for DeleteAppProtectDosLogConf funx * Fix typo in comment validateAppProtectDosLogConf func in file app_protect_dos_resources.go * Fix nginx-plus.ingress.tmpl file EOF error * Change error info for validateExistAnnotation * fix duplicate functions from merge * Remove keys * Make DosPolicies and DosLogConfs private * Change fun from DeleteAppProtectLogConf to DeleteAppProtectDosLogConf * apdos-policy.yaml Change values to on * Change typo of copy past * Fix links in policy-resource.md * Max name length change to 63 include the '\0' * MaxNamLength add info on advanced-configuration-with-annotations.md and policy-resource.md * make MaxNamLength by sprintf not a const value * Change msg info for test of app-protect-dos-security-log-destination annotation for stderr * Change validation message for validateQualifiedName in validation.go * Helm for arbitrator - make separate yaml file for deployment and service * Add default value for log_dos * Chnage in helm for arb in Chart.yaml the appVersion to 1.0.0 * Add validation to dos name and monitor * Add unit tests TestValidatePolicy - for dos enable TestValidatePolicyFails - without: plus, enablePreviewPolicies, enableAppProtectDos TestValidateDos - DosAccessLogDest, ApDosMonitor, Name TestValidateDosInvalid - DosAccessLogDest, ApDosMonitor, Name * Chane app protect dos configuration policy and log to private * Add documentation about the monitor requests that appears in the log file * virtualserver_test.go fix merge typo * Fix merge compilation error * restore dos-related images from Makefile * Add rm -rf /var/lib/apt/lists/* and fix indentation * fix func name TestGenerateNginxCfgForMergeableIngressesForAppProtectDos * fix local var Dos *conf_v1.Dos lowercase letter * Fix msg for test TestValidateDosInvalid for ApDosMonitor * log_dos: support configuring log format across multiple lines and escaping * nginx-plus.tmpl - fix identation Co-authored-by: Tomer Pasman <t.pasman@f5.com> Co-authored-by: = <=> Co-authored-by: nginx-bot <68849795+nginx-bot@users.noreply.github.com> * use dns name for syslog destination service (#2067) Co-authored-by: Ciara Stacke <18287516+ciarams87@users.noreply.github.com> Co-authored-by: Jcahilltorre <78599298+Jcahilltorre@users.noreply.github.com> Co-authored-by: Michael Pleshakov <michael@nginx.com> Co-authored-by: Ciara Stacke <c.stacke@f5.com> Co-authored-by: Jodie Putrino <j.putrino@f5.com> Co-authored-by: Travis Martin <t.martin@f5.com> Co-authored-by: Luca Comellini <luca.com@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: nginx-bot <68849795+nginx-bot@users.noreply.github.com> Co-authored-by: Michael Pleshakov <pleshakov@users.noreply.github.com> Co-authored-by: Venktesh Shivam Patel <ve.patel@f5.com> Co-authored-by: pasmant <78279234+pasmant@users.noreply.github.com> Co-authored-by: Tomer Pasman <t.pasman@f5.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Escape special characters in commit message so it doesn't break the text.