baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Prevent unparsable strings from being rendered in the Kubernetes template

Browse source
This commit is contained in:
Daniel Tomcej 2018-08-14 08:48:04 -06:00 committed by Traefiker Bot
parent bb2686a08f
commit 278b3180c3
2 changed files with 40 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
provider/kubernetes/kubernetes.go
View file

@ -883,7 +883,19 @@ func getFrontendRedirect(i *extensionsv1beta1.Ingress, baseName, path string) *t
} }
redirectRegex := getStringValue(i.Annotations, annotationKubernetesRedirectRegex, "") redirectRegex := getStringValue(i.Annotations, annotationKubernetesRedirectRegex, "")
_, err := strconv.Unquote(`"` + redirectRegex + `"`)
if err != nil {
log.Debugf("Skipping Redirect on Ingress %s/%s due to invalid regex: %s", i.Namespace, i.Name, redirectRegex)
return nil
}
redirectReplacement := getStringValue(i.Annotations, annotationKubernetesRedirectReplacement, "") redirectReplacement := getStringValue(i.Annotations, annotationKubernetesRedirectReplacement, "")
_, err = strconv.Unquote(`"` + redirectReplacement + `"`)
if err != nil {
log.Debugf("Skipping Redirect on Ingress %s/%s due to invalid replacement: %q", i.Namespace, i.Name, redirectRegex)
return nil
}
if len(redirectRegex) > 0 && len(redirectReplacement) > 0 { if len(redirectRegex) > 0 && len(redirectReplacement) > 0 {
return &types.Redirect{ return &types.Redirect{
Regex: redirectRegex, Regex: redirectRegex,

28
provider/kubernetes/kubernetes_test.go
View file

@ -741,6 +741,34 @@ func TestGetPassTLSCert(t *testing.T) {
assert.Equal(t, expected, actual) assert.Equal(t, expected, actual)
} }
func TestInvalidRedirectAnnotation(t *testing.T) {
ingresses := []*extensionsv1beta1.Ingress{
buildIngress(iNamespace("awesome"),
iAnnotation(annotationKubernetesRedirectRegex, `bad\.regex`),
iAnnotation(annotationKubernetesRedirectReplacement, "test"),
iRules(iRule(
iHost("foo"),
iPaths(onePath(iPath("/bar"), iBackend("service1", intstr.FromInt(80))))),
),
),
buildIngress(iNamespace("awesome"),
iAnnotation(annotationKubernetesRedirectRegex, `test`),
iAnnotation(annotationKubernetesRedirectReplacement, `bad\.replacement`),
iRules(iRule(
iHost("foo"),
iPaths(onePath(iPath("/bar"), iBackend("service1", intstr.FromInt(80))))),
),
),
}
for _, ingress := range ingresses {
actual := getFrontendRedirect(ingress, "test", "/")
var expected *types.Redirect
assert.Equal(t, expected, actual)
}
}
func TestOnlyReferencesServicesFromOwnNamespace(t *testing.T) { func TestOnlyReferencesServicesFromOwnNamespace(t *testing.T) {
ingresses := []*extensionsv1beta1.Ingress{ ingresses := []*extensionsv1beta1.Ingress{
buildIngress(iNamespace("awesome"), buildIngress(iNamespace("awesome"),