baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge current v2.5 into master

Browse source
This commit is contained in:
Tom Moulard 2021-12-20 14:43:35 +01:00
commit bf29417136
No known key found for this signature in database
GPG key ID: 521ABE0C1A0DEAF6
13 changed files with 167 additions and 100 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.semaphore/semaphore.yml
View file

@ -64,7 +64,7 @@ blocks:
- name: GH_VERSION - name: GH_VERSION
value: 1.12.1 value: 1.12.1
- name: CODENAME - name: CODENAME
value: "livarot" value: "brie"
- name: PRE_TARGET - name: PRE_TARGET
value: "" value: ""
prologue: prologue:

20
CHANGELOG.md
View file

@ -1,3 +1,23 @@
## [v2.5.5](https://github.com/traefik/traefik/tree/v2.5.5) (2021-12-09)
[All Commits](https://github.com/traefik/traefik/compare/v2.5.4...v2.5.5)
**Bug fixes:**
- **[acme]** Update go-acme/lego to v4.5.3 ([#8607](https://github.com/traefik/traefik/pull/8607) by [lippertmarkus](https://github.com/lippertmarkus))
- **[k8s/crd,k8s]** fix: propagate source criterion config to RateLimit middleware in Kubernetes CRD ([#8591](https://github.com/traefik/traefik/pull/8591) by [rbailly-talend](https://github.com/rbailly-talend))
- **[plugins]** plugins: start the go routine before calling Provide ([#8620](https://github.com/traefik/traefik/pull/8620) by [ldez](https://github.com/ldez))
- **[plugins]** Update yaegi to v0.11.1 ([#8600](https://github.com/traefik/traefik/pull/8600) by [tomMoulard](https://github.com/tomMoulard))
- **[plugins]** Update yaegi v0.11.0 ([#8564](https://github.com/traefik/traefik/pull/8564) by [ldez](https://github.com/ldez))
- **[udp]** fix: increase UDP read buffer length to max datagram size ([#8560](https://github.com/traefik/traefik/pull/8560) by [kevinpollet](https://github.com/kevinpollet))
**Documentation:**
- **[consul]** docs: removing typo in consul-catalog provider doc ([#8603](https://github.com/traefik/traefik/pull/8603) by [tomMoulard](https://github.com/tomMoulard))
- **[metrics]** docs: remove misleading metrics overview configuration ([#8579](https://github.com/traefik/traefik/pull/8579) by [gsilvapt](https://github.com/gsilvapt))
- **[middleware]** docs: align docker configuration example notes in basicauth HTTP middleware ([#8615](https://github.com/traefik/traefik/pull/8615) by [tomMoulard](https://github.com/tomMoulard))
- **[service]** docs: health check use readiness probe in k8s ([#8575](https://github.com/traefik/traefik/pull/8575) by [Vampouille](https://github.com/Vampouille))
- **[tls]** docs: uniformize client TLS config documentation ([#8602](https://github.com/traefik/traefik/pull/8602) by [kevinpollet](https://github.com/kevinpollet))
- Update CODE_OF_CONDUCT.md ([#8619](https://github.com/traefik/traefik/pull/8619) by [tfny](https://github.com/tfny))
- fixed minor spelling error in Regexp Syntax section ([#8565](https://github.com/traefik/traefik/pull/8565) by [kerrsmith](https://github.com/kerrsmith))
## [v2.5.4](https://github.com/traefik/traefik/tree/v2.5.4) (2021-11-08) ## [v2.5.4](https://github.com/traefik/traefik/tree/v2.5.4) (2021-11-08)
[All Commits](https://github.com/traefik/traefik/compare/v2.5.3...v2.5.4) [All Commits](https://github.com/traefik/traefik/compare/v2.5.3...v2.5.4)

8
CODE_OF_CONDUCT.md
View file

@ -2,7 +2,7 @@
## Our Pledge ## Our Pledge
In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience,nationality, personal appearance, race, religion, or sexual identity and orientation. In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
## Our Standards ## Our Standards
@ -30,15 +30,19 @@ Project maintainers have the right and responsibility to remove, edit, or reject
## Scope ## Scope
This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or our community.
Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
Representation of a project may be further defined and clarified by project maintainers. Representation of a project may be further defined and clarified by project maintainers.
## Enforcement ## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@traefik.io Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@traefik.io
All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances.
The project team is obligated to maintain confidentiality with regard to the reporter of an incident. The project team is obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately. Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.

4
docs/content/middlewares/http/basicauth.md
View file

@ -98,9 +98,11 @@ The `users` option is an array of authorized users. Each user must be declared u
```yaml tab="Docker" ```yaml tab="Docker"
# Declaring the user list # Declaring the user list
# #
# Note: all dollar signs in the hash need to be doubled for escaping. # Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.
# To create a user:password pair, the following command can be used: # To create a user:password pair, the following command can be used:
# echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g # echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g
#
# Also note that dollar signs should NOT be doubled when they not evaluated (e.g. Ansible docker_container module).
labels: labels:
- "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0" - "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
``` ```

4
docs/content/middlewares/http/overview.md
View file

@ -84,7 +84,7 @@ labels:
# As TOML Configuration File # As TOML Configuration File
[http.routers] [http.routers]
[http.routers.router1] [http.routers.router1]
service = "myService" service = "service1"
middlewares = ["foo-add-prefix"] middlewares = ["foo-add-prefix"]
rule = "Host(`example.com`)" rule = "Host(`example.com`)"
@ -105,7 +105,7 @@ labels:
http: http:
routers: routers:
router1: router1:
service: myService service: service1
middlewares: middlewares:
- "foo-add-prefix" - "foo-add-prefix"
rule: "Host(`example.com`)" rule: "Host(`example.com`)"

2
docs/content/middlewares/http/passtlsclientcert.md
View file

@ -23,7 +23,7 @@ labels:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: addprefix name: test-passtlsclientcert
spec: spec:
passTLSClientCert: passTLSClientCert:
pem: true pem: true

2
go.mod
View file

@ -72,7 +72,7 @@ require (
go.elastic.co/apm v1.13.1 go.elastic.co/apm v1.13.1
go.elastic.co/apm/module/apmot v1.13.1 go.elastic.co/apm/module/apmot v1.13.1
golang.org/x/mod v0.4.2 golang.org/x/mod v0.4.2
golang.org/x/net v0.0.0-20210614182718-04defd469f4e golang.org/x/net v0.0.0-20211209124913-491a49abca63
golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2 // indirect golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2 // indirect
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac
golang.org/x/tools v0.1.5 golang.org/x/tools v0.1.5

3
go.sum
View file

@ -1939,8 +1939,9 @@ golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy
golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q=
golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY=
golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/oauth2 v0.0.0-20180724155351-3d292e4d0cdc/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180724155351-3d292e4d0cdc/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=

10
pkg/middlewares/forwardedheaders/forwarded_header.go
View file

@ -165,6 +165,12 @@ func (x *XForwarded) rewrite(outreq *http.Request) {
unsafeHeader(outreq.Header).Set(xForwardedHost, outreq.Host) unsafeHeader(outreq.Header).Set(xForwardedHost, outreq.Host)
} }
// Per https://www.rfc-editor.org/rfc/rfc2616#section-4.2, the Forwarded IPs list is in
// the same order as the values in the X-Forwarded-For header(s).
if xffs := unsafeHeader(outreq.Header).Values(xForwardedFor); len(xffs) > 0 {
unsafeHeader(outreq.Header).Set(xForwardedFor, strings.Join(xffs, ", "))
}
if x.hostname != "" { if x.hostname != "" {
unsafeHeader(outreq.Header).Set(xForwardedServer, x.hostname) unsafeHeader(outreq.Header).Set(xForwardedServer, x.hostname)
} }
@ -198,6 +204,10 @@ func (h unsafeHeader) Get(key string) string {
return h[key][0] return h[key][0]
} }
func (h unsafeHeader) Values(key string) []string {
return h[key]
}
func (h unsafeHeader) Del(key string) { func (h unsafeHeader) Del(key string) {
delete(h, key) delete(h, key)
} }

178
pkg/middlewares/forwardedheaders/forwarded_header_test.go
View file

@ -15,7 +15,7 @@ func TestServeHTTP(t *testing.T) {
desc string desc string
insecure bool insecure bool
trustedIps []string trustedIps []string
incomingHeaders map[string]string incomingHeaders map[string][]string
remoteAddr string remoteAddr string
expectedHeaders map[string]string expectedHeaders map[string]string
tls bool tls bool
@ -27,13 +27,13 @@ func TestServeHTTP(t *testing.T) {
insecure: true, insecure: true,
trustedIps: nil, trustedIps: nil,
remoteAddr: "", remoteAddr: "",
incomingHeaders: map[string]string{}, incomingHeaders: map[string][]string{},
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "", xForwardedFor: "",
"X-Forwarded-Uri": "", xForwardedURI: "",
"X-Forwarded-Method": "", xForwardedMethod: "",
"X-Forwarded-Tls-Client-Cert": "", xForwardedTLSClientCert: "",
"X-Forwarded-Tls-Client-Cert-Info": "", xForwardedTLSClientCertInfo: "",
}, },
}, },
{ {
@ -41,19 +41,19 @@ func TestServeHTTP(t *testing.T) {
insecure: true, insecure: true,
trustedIps: nil, trustedIps: nil,
remoteAddr: "", remoteAddr: "",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: {"10.0.1.0, 10.0.1.12"},
"X-Forwarded-Uri": "/bar", xForwardedURI: {"/bar"},
"X-Forwarded-Method": "GET", xForwardedMethod: {"GET"},
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: {"Cert"},
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: {"CertInfo"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: "10.0.1.0, 10.0.1.12",
"X-Forwarded-Uri": "/bar", xForwardedURI: "/bar",
"X-Forwarded-Method": "GET", xForwardedMethod: "GET",
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: "Cert",
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: "CertInfo",
}, },
}, },
{ {
@ -61,19 +61,19 @@ func TestServeHTTP(t *testing.T) {
insecure: false, insecure: false,
trustedIps: nil, trustedIps: nil,
remoteAddr: "", remoteAddr: "",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: {"10.0.1.0, 10.0.1.12"},
"X-Forwarded-Uri": "/bar", xForwardedURI: {"/bar"},
"X-Forwarded-Method": "GET", xForwardedMethod: {"GET"},
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: {"Cert"},
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: {"CertInfo"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "", xForwardedFor: "",
"X-Forwarded-Uri": "", xForwardedURI: "",
"X-Forwarded-Method": "", xForwardedMethod: "",
"X-Forwarded-Tls-Client-Cert": "", xForwardedTLSClientCert: "",
"X-Forwarded-Tls-Client-Cert-Info": "", xForwardedTLSClientCertInfo: "",
}, },
}, },
{ {
@ -81,19 +81,19 @@ func TestServeHTTP(t *testing.T) {
insecure: false, insecure: false,
trustedIps: []string{"10.0.1.100"}, trustedIps: []string{"10.0.1.100"},
remoteAddr: "10.0.1.100:80", remoteAddr: "10.0.1.100:80",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: {"10.0.1.0, 10.0.1.12"},
"X-Forwarded-Uri": "/bar", xForwardedURI: {"/bar"},
"X-Forwarded-Method": "GET", xForwardedMethod: {"GET"},
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: {"Cert"},
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: {"CertInfo"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: "10.0.1.0, 10.0.1.12",
"X-Forwarded-Uri": "/bar", xForwardedURI: "/bar",
"X-Forwarded-Method": "GET", xForwardedMethod: "GET",
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: "Cert",
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: "CertInfo",
}, },
}, },
{ {
@ -101,19 +101,19 @@ func TestServeHTTP(t *testing.T) {
insecure: false, insecure: false,
trustedIps: []string{"10.0.1.100"}, trustedIps: []string{"10.0.1.100"},
remoteAddr: "10.0.1.101:80", remoteAddr: "10.0.1.101:80",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: {"10.0.1.0, 10.0.1.12"},
"X-Forwarded-Uri": "/bar", xForwardedURI: {"/bar"},
"X-Forwarded-Method": "GET", xForwardedMethod: {"GET"},
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: {"Cert"},
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: {"CertInfo"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "", xForwardedFor: "",
"X-Forwarded-Uri": "", xForwardedURI: "",
"X-Forwarded-Method": "", xForwardedMethod: "",
"X-Forwarded-Tls-Client-Cert": "", xForwardedTLSClientCert: "",
"X-Forwarded-Tls-Client-Cert-Info": "", xForwardedTLSClientCertInfo: "",
}, },
}, },
{ {
@ -121,19 +121,19 @@ func TestServeHTTP(t *testing.T) {
insecure: false, insecure: false,
trustedIps: []string{"1.2.3.4/24"}, trustedIps: []string{"1.2.3.4/24"},
remoteAddr: "1.2.3.156:80", remoteAddr: "1.2.3.156:80",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: {"10.0.1.0, 10.0.1.12"},
"X-Forwarded-Uri": "/bar", xForwardedURI: {"/bar"},
"X-Forwarded-Method": "GET", xForwardedMethod: {"GET"},
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: {"Cert"},
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: {"CertInfo"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: "10.0.1.0, 10.0.1.12",
"X-Forwarded-Uri": "/bar", xForwardedURI: "/bar",
"X-Forwarded-Method": "GET", xForwardedMethod: "GET",
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: "Cert",
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: "CertInfo",
}, },
}, },
{ {
@ -141,19 +141,33 @@ func TestServeHTTP(t *testing.T) {
insecure: false, insecure: false,
trustedIps: []string{"1.2.3.4/24"}, trustedIps: []string{"1.2.3.4/24"},
remoteAddr: "10.0.1.101:80", remoteAddr: "10.0.1.101:80",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
"X-Forwarded-for": "10.0.1.0, 10.0.1.12", xForwardedFor: {"10.0.1.0, 10.0.1.12"},
"X-Forwarded-Uri": "/bar", xForwardedURI: {"/bar"},
"X-Forwarded-Method": "GET", xForwardedMethod: {"GET"},
"X-Forwarded-Tls-Client-Cert": "Cert", xForwardedTLSClientCert: {"Cert"},
"X-Forwarded-Tls-Client-Cert-Info": "CertInfo", xForwardedTLSClientCertInfo: {"CertInfo"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
"X-Forwarded-for": "", xForwardedFor: "",
"X-Forwarded-Uri": "", xForwardedURI: "",
"X-Forwarded-Method": "", xForwardedMethod: "",
"X-Forwarded-Tls-Client-Cert": "", xForwardedTLSClientCert: "",
"X-Forwarded-Tls-Client-Cert-Info": "", xForwardedTLSClientCertInfo: "",
},
},
{
desc: "xForwardedFor with multiple header(s) values",
insecure: true,
incomingHeaders: map[string][]string{
xForwardedFor: {
"10.0.0.4, 10.0.0.3",
"10.0.0.2, 10.0.0.1",
"10.0.0.0",
},
},
expectedHeaders: map[string]string{
xForwardedFor: "10.0.0.4, 10.0.0.3, 10.0.0.2, 10.0.0.1, 10.0.0.0",
}, },
}, },
{ {
@ -167,8 +181,8 @@ func TestServeHTTP(t *testing.T) {
desc: "xRealIP was already populated from previous headers", desc: "xRealIP was already populated from previous headers",
insecure: true, insecure: true,
remoteAddr: "10.0.1.101:80", remoteAddr: "10.0.1.101:80",
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
xRealIP: "10.0.1.12", xRealIP: {"10.0.1.12"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
xRealIP: "10.0.1.12", xRealIP: "10.0.1.12",
@ -208,8 +222,8 @@ func TestServeHTTP(t *testing.T) {
desc: "xForwardedProto with websocket and tls and already x-forwarded-proto with wss", desc: "xForwardedProto with websocket and tls and already x-forwarded-proto with wss",
tls: true, tls: true,
websocket: true, websocket: true,
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
xForwardedProto: "wss", xForwardedProto: {"wss"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
xForwardedProto: "wss", xForwardedProto: "wss",
@ -226,8 +240,8 @@ func TestServeHTTP(t *testing.T) {
desc: "xForwardedPort with implicit tls port from proto header", desc: "xForwardedPort with implicit tls port from proto header",
// setting insecure just so our initial xForwardedProto does not get cleaned // setting insecure just so our initial xForwardedProto does not get cleaned
insecure: true, insecure: true,
incomingHeaders: map[string]string{ incomingHeaders: map[string][]string{
xForwardedProto: "https", xForwardedProto: {"https"},
}, },
expectedHeaders: map[string]string{ expectedHeaders: map[string]string{
xForwardedProto: "https", xForwardedProto: "https",
@ -280,8 +294,10 @@ func TestServeHTTP(t *testing.T) {
req.Host = test.host req.Host = test.host
} }
for k, v := range test.incomingHeaders { for k, values := range test.incomingHeaders {
req.Header.Set(k, v) for _, value := range values {
req.Header.Add(k, value)
}
} }
m, err := NewXForwarded(test.insecure, test.trustedIps, m, err := NewXForwarded(test.insecure, test.trustedIps,

18
pkg/plugins/builder.go
View file

@ -6,6 +6,8 @@ import (
"net/http" "net/http"
"os" "os"
"github.com/sirupsen/logrus"
"github.com/traefik/traefik/v2/pkg/log"
"github.com/traefik/yaegi/interp" "github.com/traefik/yaegi/interp"
"github.com/traefik/yaegi/stdlib" "github.com/traefik/yaegi/stdlib"
) )
@ -47,7 +49,13 @@ func NewBuilder(client *Client, plugins map[string]Descriptor, localPlugins map[
return nil, fmt.Errorf("%s: failed to read manifest: %w", desc.ModuleName, err) return nil, fmt.Errorf("%s: failed to read manifest: %w", desc.ModuleName, err)
} }
i := interp.New(interp.Options{GoPath: client.GoPath(), Env: os.Environ()}) logger := log.WithoutContext().WithFields(logrus.Fields{"plugin": "plugin-" + pName, "module": desc.ModuleName})
i := interp.New(interp.Options{
GoPath: client.GoPath(),
Env: os.Environ(),
Stdout: logger.WriterLevel(logrus.DebugLevel),
Stderr: logger.WriterLevel(logrus.ErrorLevel),
})
err = i.Use(stdlib.Symbols) err = i.Use(stdlib.Symbols)
if err != nil { if err != nil {
@ -90,7 +98,13 @@ func NewBuilder(client *Client, plugins map[string]Descriptor, localPlugins map[
return nil, fmt.Errorf("%s: failed to read manifest: %w", desc.ModuleName, err) return nil, fmt.Errorf("%s: failed to read manifest: %w", desc.ModuleName, err)
} }
i := interp.New(interp.Options{GoPath: localGoPath, Env: os.Environ()}) logger := log.WithoutContext().WithFields(logrus.Fields{"plugin": "plugin-" + pName, "module": desc.ModuleName})
i := interp.New(interp.Options{
GoPath: localGoPath,
Env: os.Environ(),
Stdout: logger.WriterLevel(logrus.DebugLevel),
Stderr: logger.WriterLevel(logrus.ErrorLevel),
})
err = i.Use(stdlib.Symbols) err = i.Use(stdlib.Symbols)
if err != nil { if err != nil {

10
pkg/plugins/providers.go
View file

@ -153,11 +153,6 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe.
cfgChan := make(chan json.Marshaler) cfgChan := make(chan json.Marshaler)
err := p.pp.Provide(cfgChan)
if err != nil {
return fmt.Errorf("error from %s: %w", p.name, err)
}
pool.GoCtx(func(ctx context.Context) { pool.GoCtx(func(ctx context.Context) {
logger := log.FromContext(log.With(ctx, log.Str(log.ProviderName, p.name))) logger := log.FromContext(log.With(ctx, log.Str(log.ProviderName, p.name)))
@ -193,5 +188,10 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe.
} }
}) })
err := p.pp.Provide(cfgChan)
if err != nil {
return fmt.Errorf("error from %s: %w", p.name, err)
}
return nil return nil
} }

6
script/gcg/traefik-bugfix.toml
View file

@ -4,11 +4,11 @@ RepositoryName = "traefik"
OutputType = "file" OutputType = "file"
FileName = "traefik_changelog.md" FileName = "traefik_changelog.md"
# example new bugfix v2.5.4 # example new bugfix v2.5.5
CurrentRef = "v2.5" CurrentRef = "v2.5"
PreviousRef = "v2.5.3" PreviousRef = "v2.5.4"
BaseBranch = "v2.5" BaseBranch = "v2.5"
FutureCurrentRefName = "v2.5.4" FutureCurrentRefName = "v2.5.5"
ThresholdPreviousRef = 10 ThresholdPreviousRef = 10
ThresholdCurrentRef = 10 ThresholdCurrentRef = 10