From 48a2c8e41c12ae3e83edafd0e293c0f775a4047c Mon Sep 17 00:00:00 2001 From: Romain Date: Tue, 21 Mar 2023 15:32:06 +0100 Subject: [PATCH 1/2] Fix Nomad client TLS defaults --- pkg/provider/nomad/nomad.go | 21 +++++++++++++++------ pkg/provider/nomad/nomad_test.go | 1 - 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/pkg/provider/nomad/nomad.go b/pkg/provider/nomad/nomad.go index 4b28f4707..348edef34 100644 --- a/pkg/provider/nomad/nomad.go +++ b/pkg/provider/nomad/nomad.go @@ -79,13 +79,17 @@ func (p *Provider) SetDefaults() { Address: defConfig.Address, Region: defConfig.Region, Token: defConfig.SecretID, - TLS: &types.ClientTLS{ + } + + if defConfig.TLSConfig != nil && (defConfig.TLSConfig.Insecure || defConfig.TLSConfig.CACert != "" || defConfig.TLSConfig.ClientCert != "" || defConfig.TLSConfig.ClientKey != "") { + p.Endpoint.TLS = &types.ClientTLS{ CA: defConfig.TLSConfig.CACert, Cert: defConfig.TLSConfig.ClientCert, Key: defConfig.TLSConfig.ClientKey, InsecureSkipVerify: defConfig.TLSConfig.Insecure, - }, + } } + p.Prefix = defaultPrefix p.ExposedByDefault = true p.RefreshInterval = ptypes.Duration(15 * time.Second) @@ -173,19 +177,24 @@ func (p *Provider) loadConfiguration(ctx context.Context, configurationC chan<- } func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) { - return api.NewClient(&api.Config{ + config := api.Config{ Address: endpoint.Address, Namespace: namespace, Region: endpoint.Region, SecretID: endpoint.Token, WaitTime: time.Duration(endpoint.EndpointWaitTime), - TLSConfig: &api.TLSConfig{ + } + + if endpoint.TLS != nil { + config.TLSConfig = &api.TLSConfig{ CACert: endpoint.TLS.CA, ClientCert: endpoint.TLS.Cert, ClientKey: endpoint.TLS.Key, Insecure: endpoint.TLS.InsecureSkipVerify, - }, - }) + } + } + + return api.NewClient(&config) } // configuration contains information from the service's tags that are globals diff --git a/pkg/provider/nomad/nomad_test.go b/pkg/provider/nomad/nomad_test.go index 3bfc54dee..7dab2b2a1 100644 --- a/pkg/provider/nomad/nomad_test.go +++ b/pkg/provider/nomad/nomad_test.go @@ -84,7 +84,6 @@ func TestProvider_SetDefaults_Endpoint(t *testing.T) { envs: map[string]string{}, expected: &EndpointConfig{ Address: "http://127.0.0.1:4646", - TLS: &types.ClientTLS{}, }, }, { From a020ab640dda87c1334d9578b155dd60717a3b68 Mon Sep 17 00:00:00 2001 From: Romain Date: Tue, 21 Mar 2023 16:47:43 +0100 Subject: [PATCH 2/2] Prepare release v2.9.9 --- CHANGELOG.md | 16 ++++++++++++++++ script/gcg/traefik-bugfix.toml | 6 +++--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 41e456242..cba002d75 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +## [v2.9.9](https://github.com/traefik/traefik/tree/v2.9.9) (2023-03-21) +[All Commits](https://github.com/traefik/traefik/compare/v2.9.8...v2.9.9) + +**Bug fixes:** +- **[acme]** Update go-acme/lego to v4.10.2 ([#9749](https://github.com/traefik/traefik/pull/9749) by [ldez](https://github.com/ldez)) +- **[http3]** Update quic-go to v0.33.0 ([#9737](https://github.com/traefik/traefik/pull/9737) by [ldez](https://github.com/ldez)) +- **[metrics]** Include user-defined default cert for traefik_tls_certs_not_after metric ([#9742](https://github.com/traefik/traefik/pull/9742) by [rtribotte](https://github.com/rtribotte)) +- **[middleware]** Update vulcand/oxy to a0e9f7ff1040 ([#9750](https://github.com/traefik/traefik/pull/9750) by [ldez](https://github.com/ldez)) +- **[nomad]** Fix default configuration settings for Nomad Provider ([#9758](https://github.com/traefik/traefik/pull/9758) by [aofei](https://github.com/aofei)) +- **[nomad]** Fix Nomad client TLS defaults ([#9795](https://github.com/traefik/traefik/pull/9795) by [rtribotte](https://github.com/rtribotte)) +- **[server]** Remove User-Agent header removal from ReverseProxy director func ([#9752](https://github.com/traefik/traefik/pull/9752) by [rtribotte](https://github.com/rtribotte)) + +**Documentation:** +- **[middleware]** Clarify ratelimit middleware ([#9777](https://github.com/traefik/traefik/pull/9777) by [mpl](https://github.com/mpl)) +- **[tcp]** Correcting variable name 'server address' in TCP Router ([#9743](https://github.com/traefik/traefik/pull/9743) by [ralphg6](https://github.com/ralphg6)) + ## [v2.9.8](https://github.com/traefik/traefik/tree/v2.9.8) (2023-02-15) [All Commits](https://github.com/traefik/traefik/compare/v2.9.7...v2.9.8) diff --git a/script/gcg/traefik-bugfix.toml b/script/gcg/traefik-bugfix.toml index 95128b3e2..189f8c451 100644 --- a/script/gcg/traefik-bugfix.toml +++ b/script/gcg/traefik-bugfix.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example new bugfix v2.9.8 +# example new bugfix v2.9.9 CurrentRef = "v2.9" -PreviousRef = "v2.9.7" +PreviousRef = "v2.9.8" BaseBranch = "v2.9" -FutureCurrentRefName = "v2.9.8" +FutureCurrentRefName = "v2.9.9" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10