Merge 'v2.3' into master.

This commit is contained in:
romain 2020-10-08 14:03:30 +02:00
commit afcec56be4
27 changed files with 499 additions and 34 deletions

View file

@ -3,11 +3,11 @@ PLEASE READ THIS MESSAGE.
Documentation fixes or enhancements:
- for Traefik v1: use branch v1.7
- for Traefik v2: use branch v2.2
- for Traefik v2: use branch v2.3
Bug fixes:
- for Traefik v1: use branch v1.7
- for Traefik v2: use branch v2.2
- for Traefik v2: use branch v2.3
Enhancements:
- for Traefik v1: we only accept bug fixes

View file

@ -1,3 +1,14 @@
## [v2.3.1](https://github.com/traefik/traefik/tree/v2.3.1) (2020-09-28)
[All Commits](https://github.com/traefik/traefik/compare/v2.3.0...v2.3.1)
**Bug fixes:**
- **[webui]** Fix blank webui on some browsers ([#7364](https://github.com/traefik/traefik/pull/7364) by [matthieuh](https://github.com/matthieuh))
**Documentation:**
- **[k8s/helm]** Update of the helm repo localisation ([#7352](https://github.com/traefik/traefik/pull/7352) by [dgoujard](https://github.com/dgoujard))
- restore traefik logo ([#7344](https://github.com/traefik/traefik/pull/7344) by [notsureifkevin](https://github.com/notsureifkevin))
- Removes invalid items in the changelog. ([#7339](https://github.com/traefik/traefik/pull/7339) by [ldez](https://github.com/ldez))
## [v2.3.0](https://github.com/traefik/traefik/tree/v2.3.0) (2020-09-23)
[All Commits](https://github.com/traefik/traefik/compare/v2.2.0-rc1...v2.3.0)

View file

@ -36,7 +36,7 @@ Representation of a project may be further defined and clarified by project main
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@containo.us
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@traefik.io
All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances.
The project team is obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
@ -48,4 +48,4 @@ Project maintainers who do not follow or enforce the Code of Conduct in good fai
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
[homepage]: http://contributor-covenant.org
[version]: http://contributor-covenant.org/version/1/4/
[version]: http://contributor-covenant.org/version/1/4/

View file

@ -8,7 +8,7 @@
[![Go Report Card](https://goreportcard.com/badge/traefik/traefik)](https://goreportcard.com/report/traefik/traefik)
[![](https://images.microbadger.com/badges/image/traefik.svg)](https://microbadger.com/images/traefik)
[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/traefik/traefik/blob/master/LICENSE.md)
[![Join the community support forum at https://community.containo.us/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.containo.us/)
[![Join the community support forum at https://community.traefik.io/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.traefik.io/)
[![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik)
@ -96,9 +96,9 @@ A collection of contributions around Traefik can be found at [https://awesome.tr
## Support
To get community support, you can:
- join the Traefik community forum: [![Join the chat at https://community.containo.us/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.containo.us/)
- join the Traefik community forum: [![Join the chat at https://community.traefik.io/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.traefik.io/)
If you need commercial support, please contact [Containo.us](https://containo.us) by mail: <mailto:support@containo.us>.
If you need commercial support, please contact [Traefik.io](https://traefik.io) by mail: <mailto:support@traefik.io>.
## Download
@ -122,7 +122,7 @@ git clone https://github.com/traefik/traefik
## Introductory Videos
You can find high level and deep dive videos on [videos.containo.us](https://videos.containo.us).
You can find high level and deep dive videos on [videos.traefik.io](https://videos.traefik.io).
## Maintainers
@ -152,9 +152,9 @@ We use [Semantic Versioning](https://semver.org/).
## Credits
Kudos to [Peka](http://peka.byethost11.com/photoblog/) for his awesome work on the logo ![logo](docs/content/assets/img/traefik.icon.png).
Kudos to [Peka](http://peka.byethost11.com/photoblog/) for his awesome work on the gopher's logo!.
Traefik's logo is licensed under the Creative Commons 3.0 Attributions license.
The gopher's logo of Traefik is licensed under the Creative Commons 3.0 Attributions license.
Traefik's logo was inspired by the gopher stickers made by [Takuya Ueda](https://twitter.com/tenntenn).
The gopher's logo of Traefik was inspired by the gopher stickers made by [Takuya Ueda](https://twitter.com/tenntenn).
The original Go gopher was designed by [Renee French](https://reneefrench.blogspot.com/).

View file

@ -9,7 +9,10 @@ You can install Traefik with the following flavors:
## Use the Official Docker Image
Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with the [sample configuration file](https://raw.githubusercontent.com/traefik/traefik/v2.3/traefik.sample.toml):
Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file:
* [TOML](https://raw.githubusercontent.com/traefik/traefik/v2.3/traefik.sample.toml)
* [YAML](https://raw.githubusercontent.com/traefik/traefik/v2.3/traefik.sample.yml)
```bash
docker run -d -p 8080:8080 -p 80:80 \
@ -42,7 +45,7 @@ Ensure that the following requirements are met:
Add Traefik's chart repository to Helm:
```bash
helm repo add traefik https://traefik.github.io/traefik-helm-chart
helm repo add traefik https://helm.traefik.io/traefik
```
You can update the chart repository by running:

View file

@ -516,6 +516,34 @@ certificatesResolvers:
# ...
```
### `keyType`
_Optional, Default="RSA4096"_
KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'.
```toml tab="File (TOML)"
[certificatesResolvers.myresolver.acme]
# ...
keyType = "RSA4096"
# ...
```
```yaml tab="File (YAML)"
certificatesResolvers:
myresolver:
acme:
# ...
keyType: 'RSA4096'
# ...
```
```bash tab="CLI"
# ...
--certificatesresolvers.myresolver.acme.keyType="RSA4096"
# ...
```
## Fallback
If Let's Encrypt is not reachable, the following certificates will apply:

View file

@ -251,6 +251,9 @@
addEntryPointsLabels = true
addServicesLabels = true
[pilot]
token = "foobar"
[ping]
entryPoint = "foobar"
manualRouting = true
@ -365,8 +368,6 @@
[certificatesResolvers.CertificateResolver1.acme.tlsChallenge]
[experimental]
[experimental.pilot]
token = "foobar"
[experimental.plugins]
[experimental.plugins.Descriptor0]
moduleName = "foobar"

View file

@ -270,6 +270,8 @@ metrics:
password: foobar
addEntryPointsLabels: true
addServicesLabels: true
pilot:
token: foobar
ping:
entryPoint: foobar
manualRouting: true
@ -384,8 +386,6 @@ certificatesResolvers:
entryPoint: foobar
tlsChallenge: {}
experimental:
pilot:
token: foobar
plugins:
Descriptor0:
moduleName: foobar

View file

@ -23,7 +23,7 @@ type Configuration struct {
TCPRouters map[string]*TCPRouterInfo `json:"tcpRouters,omitempty"`
TCPServices map[string]*TCPServiceInfo `json:"tcpServices,omitempty"`
UDPRouters map[string]*UDPRouterInfo `json:"udpRouters,omitempty"`
UDPServices map[string]*UDPServiceInfo `json:"updServices,omitempty"`
UDPServices map[string]*UDPServiceInfo `json:"udpServices,omitempty"`
}
// NewConfig returns a Configuration initialized with the given conf. It never returns nil.

View file

@ -34,7 +34,10 @@ func (s *LocalStore) save(resolverName string, storedData *StoredData) {
defer s.lock.Unlock()
s.storedData[resolverName] = storedData
s.saveDataChan <- s.storedData
// we cannot pass s.storedData directly, map is reference type and as result
// we can face with race condition, so we need to work with objects copy
s.saveDataChan <- s.unSafeCopyOfStoredData()
}
func (s *LocalStore) get(resolverName string) (*StoredData, error) {
@ -81,7 +84,10 @@ func (s *LocalStore) get(resolverName string) (*StoredData, error) {
}
if len(certificates) < len(storedData.Certificates) {
storedData.Certificates = certificates
s.saveDataChan <- s.storedData
// we cannot pass s.storedData directly, map is reference type and as result
// we can face with race condition, so we need to work with objects copy
s.saveDataChan <- s.unSafeCopyOfStoredData()
}
}
}
@ -111,6 +117,15 @@ func (s *LocalStore) listenSaveAction() {
})
}
// unSafeCopyOfStoredData creates maps copy of storedData. Is not thread safe, you should use `s.lock`.
func (s *LocalStore) unSafeCopyOfStoredData() map[string]*StoredData {
result := map[string]*StoredData{}
for k, v := range s.storedData {
result[k] = v
}
return result
}
// GetAccount returns ACME Account.
func (s *LocalStore) GetAccount(resolverName string) (*Account, error) {
storedData, err := s.get(resolverName)

View file

@ -0,0 +1,87 @@
package acme
import (
"fmt"
"io/ioutil"
"path/filepath"
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestLocalStore_GetAccount(t *testing.T) {
acmeFile := filepath.Join(t.TempDir(), "acme.json")
email := "some42@email.com"
filePayload := fmt.Sprintf(`{
"test": {
"Account": {
"Email": "%s"
}
}
}`, email)
err := ioutil.WriteFile(acmeFile, []byte(filePayload), 0o600)
require.NoError(t, err)
testCases := []struct {
desc string
filename string
expected *Account
}{
{
desc: "empty file",
filename: filepath.Join(t.TempDir(), "acme-empty.json"),
expected: nil,
},
{
desc: "file with data",
filename: acmeFile,
expected: &Account{Email: "some42@email.com"},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
s := NewLocalStore(test.filename)
account, err := s.GetAccount("test")
require.NoError(t, err)
assert.Equal(t, test.expected, account)
})
}
}
func TestLocalStore_SaveAccount(t *testing.T) {
acmeFile := filepath.Join(t.TempDir(), "acme.json")
s := NewLocalStore(acmeFile)
email := "some@email.com"
err := s.SaveAccount("test", &Account{Email: email})
require.NoError(t, err)
time.Sleep(100 * time.Millisecond)
file, err := ioutil.ReadFile(acmeFile)
require.NoError(t, err)
expected := `{
"test": {
"Account": {
"Email": "some@email.com",
"Registration": null,
"PrivateKey": null,
"KeyType": ""
},
"Certificates": null
}
}`
assert.Equal(t, expected, string(file))
}

View file

@ -220,7 +220,7 @@ func (p *Provider) getClient() (*lego.Client, error) {
config := lego.NewConfig(account)
config.CADirURL = caServer
config.Certificate.KeyType = account.KeyType
config.Certificate.KeyType = GetKeyType(ctx, p.KeyType)
config.UserAgent = fmt.Sprintf("containous-traefik/%s", version.Version)
client, err := lego.NewClient(config)

View file

@ -1,7 +1,7 @@
/*
The MIT License (MIT)
Copyright (c) 2016-2020 Containous SAS
Copyright (c) 2016-2020 Containous SAS; 2020-2020 Traefik Labs
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

View file

@ -1,7 +1,7 @@
/*
The MIT License (MIT)
Copyright (c) 2016-2020 Containous SAS
Copyright (c) 2016-2020 Containous SAS; 2020-2020 Traefik Labs
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

View file

@ -1,7 +1,7 @@
/*
The MIT License (MIT)
Copyright (c) 2016-2020 Containous SAS
Copyright (c) 2016-2020 Containous SAS; 2020-2020 Traefik Labs
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

View file

@ -1,7 +1,7 @@
/*
The MIT License (MIT)
Copyright (c) 2016-2020 Containous SAS
Copyright (c) 2016-2020 Containous SAS; 2020-2020 Traefik Labs
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

View file

@ -106,7 +106,7 @@ func (m *Manager) Get(storeName, configName string) (*tls.Config, error) {
tlsConfig.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
domainToCheck := types.CanonicalDomain(clientHello.ServerName)
if m.TLSAlpnGetter != nil {
if m.TLSAlpnGetter != nil && isACMETLS(clientHello) {
cert, err := m.TLSAlpnGetter(domainToCheck)
if err != nil {
return nil, err
@ -282,3 +282,13 @@ func buildDefaultCertificate(defaultCertificate *Certificate) (*tls.Certificate,
}
return &cert, nil
}
func isACMETLS(clientHello *tls.ClientHelloInfo) bool {
for _, proto := range clientHello.SupportedProtos {
if proto == tlsalpn01.ACMETLS1Protocol {
return true
}
}
return false
}

31
script/gcg/readme.md Normal file
View file

@ -0,0 +1,31 @@
# GCG - GitHub Changelog Generator
Installation: https://github.com/ldez/gcg#how-to-install
## Generates Changelog for a Bug Fix Release
```bash
gcg --config-file=./script/gcg/traefik-bugfix.toml
```
## Generates Changelog for a Final Release
```bash
gcg --config-file=./script/gcg/traefik-final-release-part1.toml
```
```bash
gcg --config-file=./script/gcg/traefik-final-release-part2.toml
```
## Generates Changelog for the first RC of a Version
```bash
gcg --config-file=./script/gcg/traefik-rc-first.toml
```
## Generates Changelog for a RC of a Version
```bash
gcg --config-file=./script/gcg/traefik-rc-new.toml
```

View file

@ -0,0 +1,27 @@
Owner = "traefik"
RepositoryName = "traefik"
OutputType = "file"
FileName = "traefik_changelog.md"
# example new bugfix v2.3.1
CurrentRef = "v2.3"
PreviousRef = "v2.3.0"
BaseBranch = "v2.3"
FutureCurrentRefName = "v2.3.1"
ThresholdPreviousRef = 10
ThresholdCurrentRef = 10
Debug = true
DisplayLabel = true
LabelExcludes = ["area/infrastructure"]
LabelEnhancement = "kind/enhancement"
LabelDocumentation = "area/documentation"
LabelBug = "kind/bug/fix"
[DisplayLabelOptions]
FilteredPrefixes = ["area/", "platform/"]
ExcludedSuffixes = ["documentation"]
TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"]

View file

@ -0,0 +1,27 @@
Owner = "traefik"
RepositoryName = "traefik"
OutputType = "file"
FileName = "traefik_changelog.md"
# example final release of v2.3.0
CurrentRef = "v2.3"
PreviousRef = "v2.3.0-rc7"
BaseBranch = "v2.3"
FutureCurrentRefName = "v2.3.0"
ThresholdPreviousRef = 10
ThresholdCurrentRef = 10
Debug = true
DisplayLabel = true
LabelExcludes = ["area/infrastructure"]
LabelEnhancement = "kind/enhancement"
LabelDocumentation = "area/documentation"
LabelBug = "kind/bug/fix"
[DisplayLabelOptions]
FilteredPrefixes = ["area/", "platform/"]
ExcludedSuffixes = ["documentation"]
TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"]

View file

@ -0,0 +1,27 @@
Owner = "traefik"
RepositoryName = "traefik"
OutputType = "file"
FileName = "traefik_changelog.md"
# example final release of v2.3.0
CurrentRef = "v2.3.0-rc1"
PreviousRef = "v2.2.0-rc1"
BaseBranch = "master"
FutureCurrentRefName = "v2.3.0-rc1"
ThresholdPreviousRef = 10
ThresholdCurrentRef = 10
Debug = true
DisplayLabel = true
LabelExcludes = ["area/infrastructure"]
LabelEnhancement = "kind/enhancement"
LabelDocumentation = "area/documentation"
LabelBug = "kind/bug/fix"
[DisplayLabelOptions]
FilteredPrefixes = ["area/", "platform/"]
ExcludedSuffixes = ["documentation"]
TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"]

View file

@ -0,0 +1,27 @@
Owner = "traefik"
RepositoryName = "traefik"
OutputType = "file"
FileName = "traefik_changelog.md"
# example RC1 of v2.3.0
CurrentRef = "master"
PreviousRef = "v2.2.0-rc1"
BaseBranch = "master"
FutureCurrentRefName = "v2.3.0-rc1"
ThresholdPreviousRef = 10
ThresholdCurrentRef = 10
Debug = true
DisplayLabel = true
LabelExcludes = ["area/infrastructure"]
LabelEnhancement = "kind/enhancement"
LabelDocumentation = "area/documentation"
LabelBug = "kind/bug/fix"
[DisplayLabelOptions]
FilteredPrefixes = ["area/", "platform/"]
ExcludedSuffixes = ["documentation"]
TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"]

View file

@ -0,0 +1,27 @@
Owner = "traefik"
RepositoryName = "traefik"
OutputType = "file"
FileName = "traefik_changelog.md"
# example RC2 of v2.3.0
CurrentRef = "v2.3"
PreviousRef = "v2.3.0-rc1"
BaseBranch = "v2.3"
FutureCurrentRefName = "v2.3.0-rc2"
ThresholdPreviousRef = 10
ThresholdCurrentRef = 10
Debug = true
DisplayLabel = true
LabelExcludes = ["area/infrastructure"]
LabelEnhancement = "kind/enhancement"
LabelDocumentation = "area/documentation"
LabelBug = "kind/bug/fix"
[DisplayLabelOptions]
FilteredPrefixes = ["area/", "platform/"]
ExcludedSuffixes = ["documentation"]
TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"]

151
traefik.sample.yml Normal file
View file

@ -0,0 +1,151 @@
################################################################
#
# Configuration sample for Traefik v2.
#
# For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml
#
################################################################
################################################################
# Global configuration
################################################################
global:
checkNewVersion: true
sendAnonymousUsage: true
################################################################
# EntryPoints configuration
################################################################
# EntryPoints definition
#
# Optional
#
entryPoints:
web:
address: :80
websecure:
address: :443
################################################################
# Traefik logs configuration
################################################################
# Traefik logs
# Enabled by default and log to stdout
#
# Optional
#
#log:
# Log level
#
# Optional
# Default: "ERROR"
#
# level: DEBUG
# Sets the filepath for the traefik log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath: log/traefik.log
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format: json
################################################################
# Access logs configuration
################################################################
# Enable access logs
# By default it will write to stdout and produce logs in the textual
# Common Log Format (CLF), extended with additional fields.
#
# Optional
#
#accessLog:
# Sets the file path for the access log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
#
# Optional
# Default: os.Stdout
#
# filePath: /path/to/log/log.txt
# Format is either "json" or "common".
#
# Optional
# Default: "common"
#
# format: json
################################################################
# API and dashboard configuration
################################################################
# Enable API and dashboard
#
# Optional
#
#api:
# Enable the API in insecure mode
#
# Optional
# Default: false
#
# insecure: true
# Enabled Dashboard
#
# Optional
# Default: true
#
# dashboard: false
################################################################
# Ping configuration
################################################################
# Enable ping
#ping:
# Name of the related entry point
#
# Optional
# Default: "traefik"
#
# entryPoint: traefik
################################################################
# Docker configuration backend
################################################################
#providers:
# Enable Docker configuration backend
# docker:
# Docker server endpoint. Can be a tcp or a unix socket endpoint.
#
# Required
# Default: "unix:///var/run/docker.sock"
#
# endpoint: tcp://10.10.10.10:2375
# Default host rule.
#
# Optional
# Default: "Host(`{{ normalize .Name }}`)"
#
# defaultRule: Host(`{{ normalize .Name }}.docker.localhost`)
# Expose containers by default in traefik
#
# Optional
# Default: true
#
# exposedByDefault: false

View file

@ -12488,11 +12488,6 @@
"integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==",
"dev": true
},
"semver-regex": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/semver-regex/-/semver-regex-3.1.1.tgz",
"integrity": "sha512-3dPcmFqxblWB/cppQ2qXWqlp9b6GLgAS032+Ec5E0waDVHTkwYIL+7BFI9UqEe0tkoHle2f3pBgvT/Xl95+Dig=="
},
"send": {
"version": "0.17.1",
"resolved": "https://registry.npmjs.org/send/-/send-0.17.1.tgz",

View file

@ -26,7 +26,6 @@
"moment": "^2.24.0",
"quasar": "^1.4.4",
"query-string": "^6.13.1",
"semver-regex": "^3.1.1",
"vh-check": "^2.0.5",
"vue-chartjs": "^3.4.2",
"vuex-map-fields": "^1.3.4"

View file

@ -46,7 +46,6 @@
import config from '../../../package'
import PlatformAuthState from '../platform/PlatformAuthState'
import { mapActions, mapGetters } from 'vuex'
import semverRegex from 'semver-regex'
export default {
name: 'NavBar',
@ -55,7 +54,7 @@ export default {
...mapGetters('core', { coreVersion: 'version' }),
version () {
if (!this.coreVersion.Version) return null
return semverRegex().test(this.coreVersion.Version)
return /^(v?\d+\.\d+)/.test(this.coreVersion.Version)
? this.coreVersion.Version
: this.coreVersion.Version.substring(0, 7)
},