Merge branch v2.9 into master
This commit is contained in:
commit
cd0654026a
21 changed files with 254 additions and 322 deletions
8
.github/ISSUE_TEMPLATE/bug_report.yml
vendored
8
.github/ISSUE_TEMPLATE/bug_report.yml
vendored
|
@ -6,12 +6,14 @@ body:
|
||||||
attributes:
|
attributes:
|
||||||
label: Welcome!
|
label: Welcome!
|
||||||
description: |
|
description: |
|
||||||
The issue tracker is for reporting bugs and feature requests only. For end-user related support questions, please refer to one of the following:
|
The issue tracker is for reporting bugs and feature requests only.
|
||||||
- the Traefik community forum: https://community.traefik.io/
|
For end-user related support questions, please use the [Traefik community forum](https://community.traefik.io/).
|
||||||
|
|
||||||
The configurations between 1.X and 2.X are NOT compatible. Please have a look [here](https://doc.traefik.io/traefik/getting-started/configuration-overview/).
|
All new/updated issues are triaged regularly by the maintainers.
|
||||||
|
All issues closed by a bot are subsequently double-checked by the maintainers.
|
||||||
|
|
||||||
DO NOT FILE ISSUES FOR GENERAL SUPPORT QUESTIONS.
|
DO NOT FILE ISSUES FOR GENERAL SUPPORT QUESTIONS.
|
||||||
|
|
||||||
options:
|
options:
|
||||||
- label: Yes, I've searched similar issues on [GitHub](https://github.com/traefik/traefik/issues) and didn't find any.
|
- label: Yes, I've searched similar issues on [GitHub](https://github.com/traefik/traefik/issues) and didn't find any.
|
||||||
required: true
|
required: true
|
||||||
|
|
6
.github/workflows/validate.yaml
vendored
6
.github/workflows/validate.yaml
vendored
|
@ -7,8 +7,8 @@ on:
|
||||||
|
|
||||||
env:
|
env:
|
||||||
GO_VERSION: 1.19
|
GO_VERSION: 1.19
|
||||||
GOLANGCI_LINT_VERSION: v1.49.0
|
GOLANGCI_LINT_VERSION: v1.50.0
|
||||||
MISSSPELL_VERSION: v0.3.4
|
MISSSPELL_VERSION: v0.4.0
|
||||||
IN_DOCKER: ""
|
IN_DOCKER: ""
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
@ -45,7 +45,7 @@ jobs:
|
||||||
run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
|
run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
|
||||||
|
|
||||||
- name: Install missspell ${{ env.MISSSPELL_VERSION }}
|
- name: Install missspell ${{ env.MISSSPELL_VERSION }}
|
||||||
run: curl -sfL https://raw.githubusercontent.com/client9/misspell/master/install-misspell.sh | sh -s -- -b $(go env GOPATH)/bin ${MISSSPELL_VERSION}
|
run: curl -sfL https://raw.githubusercontent.com/golangci/misspell/master/install-misspell.sh | sh -s -- -b $(go env GOPATH)/bin ${MISSSPELL_VERSION}
|
||||||
|
|
||||||
- name: Avoid generating webui
|
- name: Avoid generating webui
|
||||||
run: touch webui/static/index.html
|
run: touch webui/static/index.html
|
||||||
|
|
254
.golangci.toml
254
.golangci.toml
|
@ -1,254 +0,0 @@
|
||||||
[run]
|
|
||||||
timeout = "10m"
|
|
||||||
skip-files = []
|
|
||||||
skip-dirs = [
|
|
||||||
"pkg/provider/kubernetes/crd/generated/",
|
|
||||||
]
|
|
||||||
|
|
||||||
[linters-settings]
|
|
||||||
|
|
||||||
[linters-settings.govet]
|
|
||||||
check-shadowing = false
|
|
||||||
|
|
||||||
[linters-settings.golint]
|
|
||||||
min-confidence = 0.0
|
|
||||||
|
|
||||||
[linters-settings.gocyclo]
|
|
||||||
min-complexity = 14.0
|
|
||||||
|
|
||||||
[linters-settings.goconst]
|
|
||||||
min-len = 3.0
|
|
||||||
min-occurrences = 4.0
|
|
||||||
|
|
||||||
[linters-settings.misspell]
|
|
||||||
locale = "US"
|
|
||||||
|
|
||||||
[linters-settings.funlen]
|
|
||||||
lines = 230 # default 60
|
|
||||||
statements = 120 # default 40
|
|
||||||
|
|
||||||
[linters-settings.forbidigo]
|
|
||||||
forbid = [
|
|
||||||
'^print(ln)?$',
|
|
||||||
'^spew\.Print(f|ln)?$',
|
|
||||||
'^spew\.Dump$',
|
|
||||||
]
|
|
||||||
|
|
||||||
[linters-settings.depguard]
|
|
||||||
list-type = "blacklist"
|
|
||||||
include-go-root = false
|
|
||||||
packages = ["github.com/pkg/errors"]
|
|
||||||
|
|
||||||
[linters-settings.godox]
|
|
||||||
keywords = ["FIXME"]
|
|
||||||
|
|
||||||
[linters-settings.importas]
|
|
||||||
corev1 = "k8s.io/api/core/v1"
|
|
||||||
networkingv1beta1 = "k8s.io/api/networking/v1beta1"
|
|
||||||
extensionsv1beta1 = "k8s.io/api/extensions/v1beta1"
|
|
||||||
metav1 = "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
||||||
kubeerror = "k8s.io/apimachinery/pkg/api/errors"
|
|
||||||
composeapi = "github.com/docker/compose/v2/pkg/api"
|
|
||||||
|
|
||||||
[linters-settings.revive]
|
|
||||||
[[linters-settings.revive.rules]]
|
|
||||||
name = "struct-tag"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "blank-imports"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "context-as-argument"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "context-keys-type"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "dot-imports"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "error-return"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "error-strings"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "error-naming"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "exported"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "if-return"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "increment-decrement"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "var-naming"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "var-declaration"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "package-comments"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "range"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "receiver-naming"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "time-naming"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "unexported-return"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "indent-error-flow"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "errorf"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "empty-block"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "superfluous-else"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "unused-parameter"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "unreachable-code"
|
|
||||||
[[linters-settings.rules]]
|
|
||||||
name = "redefines-builtin-id"
|
|
||||||
|
|
||||||
[linters-settings.gomoddirectives]
|
|
||||||
replace-allow-list = [
|
|
||||||
"github.com/abbot/go-http-auth",
|
|
||||||
"github.com/go-check/check",
|
|
||||||
"github.com/gorilla/mux",
|
|
||||||
"github.com/mailgun/minheap",
|
|
||||||
"github.com/mailgun/multibuf",
|
|
||||||
"github.com/jaguilar/vt100",
|
|
||||||
"github.com/BurntSushi/toml",
|
|
||||||
]
|
|
||||||
|
|
||||||
[linters]
|
|
||||||
enable-all = true
|
|
||||||
disable = [
|
|
||||||
"scopelint", # Deprecated
|
|
||||||
"interfacer", # Deprecated
|
|
||||||
"maligned", # Deprecated
|
|
||||||
"golint", # Deprecated
|
|
||||||
"exhaustivestruct",# Deprecated
|
|
||||||
"nosnakecase", # Deprecated
|
|
||||||
"ifshort", # Deprecated
|
|
||||||
"structcheck", # Deprecated
|
|
||||||
"varcheck", # Deprecated
|
|
||||||
"deadcode", # Deprecated
|
|
||||||
"execinquery", # Not relevant (SQL)
|
|
||||||
"sqlclosecheck", # Not relevant (SQL)
|
|
||||||
"rowserrcheck", # Not relevant (SQL)
|
|
||||||
"lll", # Not relevant
|
|
||||||
"gocyclo", # FIXME must be fixed
|
|
||||||
"cyclop", # Duplicate of gocyclo
|
|
||||||
"gocognit", # Too strict
|
|
||||||
"nestif", # Too many false-positive.
|
|
||||||
"prealloc", # Too many false-positive.
|
|
||||||
"makezero", # Not relevant
|
|
||||||
"dupl", # Too strict
|
|
||||||
"gosec", # Too strict
|
|
||||||
"gochecknoinits",
|
|
||||||
"gochecknoglobals",
|
|
||||||
"wsl", # Too strict
|
|
||||||
"nlreturn", # Not relevant
|
|
||||||
"gomnd", # Too strict
|
|
||||||
"stylecheck", # skip because report issues related to some generated files.
|
|
||||||
"testpackage", # Too strict
|
|
||||||
"tparallel", # Not relevant
|
|
||||||
"paralleltest", # Not relevant
|
|
||||||
"exhaustive", # Not relevant
|
|
||||||
"exhaustruct", # duplicate of exhaustivestruct
|
|
||||||
"goerr113", # Too strict
|
|
||||||
"wrapcheck", # Too strict
|
|
||||||
"noctx", # Too strict
|
|
||||||
"bodyclose", # Too many false-positive and panics.
|
|
||||||
"forcetypeassert", # Too strict
|
|
||||||
"tagliatelle", # Not compatible with current tags.
|
|
||||||
"varnamelen", # not relevant
|
|
||||||
"nilnil", # not relevant
|
|
||||||
"ireturn", # not relevant
|
|
||||||
"contextcheck", # too many false-positive
|
|
||||||
"containedctx", # too many false-positive
|
|
||||||
"maintidx", # kind of duplicate of gocyclo
|
|
||||||
"nonamedreturns", # not relevant
|
|
||||||
]
|
|
||||||
|
|
||||||
[issues]
|
|
||||||
exclude-use-default = false
|
|
||||||
max-per-linter = 0
|
|
||||||
max-same-issues = 0
|
|
||||||
exclude = [
|
|
||||||
"Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked",
|
|
||||||
"should have a package comment, unless it's in another file for this package",
|
|
||||||
"SA1019: http.CloseNotifier has been deprecated", # FIXME must be fixed
|
|
||||||
"SA1019: cfg.SSLRedirect is deprecated",
|
|
||||||
"SA1019: cfg.SSLTemporaryRedirect is deprecated",
|
|
||||||
"SA1019: cfg.SSLHost is deprecated",
|
|
||||||
"SA1019: cfg.SSLForceHost is deprecated",
|
|
||||||
"SA1019: cfg.FeaturePolicy is deprecated",
|
|
||||||
"SA1019: c.Providers.ConsulCatalog.Namespace is deprecated",
|
|
||||||
"SA1019: c.Providers.Consul.Namespace is deprecated",
|
|
||||||
"SA1019: c.Providers.Nomad.Namespace is deprecated",
|
|
||||||
]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "(.+)_test.go"
|
|
||||||
linters = ["goconst", "funlen", "godot", "nosnakecase"]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "(.+)_test.go"
|
|
||||||
text = " always receives "
|
|
||||||
linters = [ "unparam" ]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "integration/.+_test.go"
|
|
||||||
text = "Error return value of `cmd\\.Process\\.Kill` is not checked"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "integration/(consul_catalog_test|constraint_test).go"
|
|
||||||
text = "Error return value of `(s.deregisterService|s.deregisterAgentService)` is not checked"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "integration/grpc_test.go"
|
|
||||||
text = "Error return value of `closer` is not checked"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/h2c/h2c.go"
|
|
||||||
text = "Error return value of `rw.Write` is not checked"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/provider/docker/builder_test.go"
|
|
||||||
text = "(U1000: func )?`(.+)` is unused"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/provider/kubernetes/builder_(endpoint|service)_test.go"
|
|
||||||
text = "(U1000: func )?`(.+)` is unused"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/server/service/bufferpool.go"
|
|
||||||
text = "SA6002: argument should be pointer-like to avoid allocations"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "cmd/configuration.go"
|
|
||||||
text = "string `traefik` has (\\d) occurrences, make it a constant"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/server/middleware/middlewares.go"
|
|
||||||
text = "Function 'buildConstructor' has too many statements"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/tracing/haystack/logger.go"
|
|
||||||
linters = ["goprintffuncname"]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/tracing/tracing.go"
|
|
||||||
text = "printf-like formatting function 'SetErrorWithEvent' should be named 'SetErrorWithEventf'"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/log/deprecated.go"
|
|
||||||
linters = ["godot"]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "(.+)\\.go"
|
|
||||||
text = "struct-tag: unknown option 'inline' in JSON tag"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/server/router/tcp/manager.go"
|
|
||||||
text = "Function 'buildEntryPointHandler' is too long (.+)"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/tls/tlsmanager_test.go"
|
|
||||||
text = "SA1019: config.ClientCAs.Subjects has been deprecated since Go 1.18"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/types/tls_test.go"
|
|
||||||
text = "SA1019: tlsConfig.RootCAs.Subjects has been deprecated since Go 1.18"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/provider/kubernetes/(crd|gateway)/client.go"
|
|
||||||
linters = ["interfacebloat"]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/metrics/metrics.go"
|
|
||||||
linters = ["interfacebloat"]
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/provider/acme/provider.go"
|
|
||||||
text = "\\(\\*Provider\\)\\.resolveCertificate - result 0 \\(\\*github.com/go-acme/lego/v4/certificate.Resource\\) is never used"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "integration/healthcheck_test.go"
|
|
||||||
text = "Duplicate words \\(wsp2,\\) found"
|
|
||||||
[[issues.exclude-rules]]
|
|
||||||
path = "pkg/types/domain_test.go"
|
|
||||||
text = "Duplicate words \\(sub\\) found"
|
|
||||||
|
|
191
.golangci.yml
Normal file
191
.golangci.yml
Normal file
|
@ -0,0 +1,191 @@
|
||||||
|
run:
|
||||||
|
timeout: 10m
|
||||||
|
skip-files: []
|
||||||
|
skip-dirs:
|
||||||
|
- pkg/provider/kubernetes/crd/generated/
|
||||||
|
|
||||||
|
linters-settings:
|
||||||
|
govet:
|
||||||
|
check-shadowing: false
|
||||||
|
golint:
|
||||||
|
min-confidence: 0
|
||||||
|
gocyclo:
|
||||||
|
min-complexity: 14
|
||||||
|
goconst:
|
||||||
|
min-len: 3
|
||||||
|
min-occurrences: 4
|
||||||
|
misspell:
|
||||||
|
locale: US
|
||||||
|
funlen:
|
||||||
|
lines: -1
|
||||||
|
statements: 120
|
||||||
|
forbidigo:
|
||||||
|
forbid:
|
||||||
|
- ^print(ln)?$
|
||||||
|
- ^spew\.Print(f|ln)?$
|
||||||
|
- ^spew\.Dump$
|
||||||
|
depguard:
|
||||||
|
list-type: denylist
|
||||||
|
include-go-root: false
|
||||||
|
packages:
|
||||||
|
- github.com/pkg/errors
|
||||||
|
godox:
|
||||||
|
keywords:
|
||||||
|
- FIXME
|
||||||
|
importas:
|
||||||
|
corev1: k8s.io/api/core/v1
|
||||||
|
networkingv1beta1: k8s.io/api/networking/v1beta1
|
||||||
|
extensionsv1beta1: k8s.io/api/extensions/v1beta1
|
||||||
|
metav1: k8s.io/apimachinery/pkg/apis/meta/v1
|
||||||
|
kubeerror: k8s.io/apimachinery/pkg/api/errors
|
||||||
|
composeapi: github.com/docker/compose/v2/pkg/api
|
||||||
|
revive:
|
||||||
|
rules:
|
||||||
|
- name: struct-tag
|
||||||
|
rules:
|
||||||
|
- name: blank-imports
|
||||||
|
- name: context-as-argument
|
||||||
|
- name: context-keys-type
|
||||||
|
- name: dot-imports
|
||||||
|
- name: error-return
|
||||||
|
- name: error-strings
|
||||||
|
- name: error-naming
|
||||||
|
- name: exported
|
||||||
|
- name: if-return
|
||||||
|
- name: increment-decrement
|
||||||
|
- name: var-naming
|
||||||
|
- name: var-declaration
|
||||||
|
- name: package-comments
|
||||||
|
- name: range
|
||||||
|
- name: receiver-naming
|
||||||
|
- name: time-naming
|
||||||
|
- name: unexported-return
|
||||||
|
- name: indent-error-flow
|
||||||
|
- name: errorf
|
||||||
|
- name: empty-block
|
||||||
|
- name: superfluous-else
|
||||||
|
- name: unused-parameter
|
||||||
|
- name: unreachable-code
|
||||||
|
- name: redefines-builtin-id
|
||||||
|
gomoddirectives:
|
||||||
|
replace-allow-list:
|
||||||
|
- github.com/abbot/go-http-auth
|
||||||
|
- github.com/go-check/check
|
||||||
|
- github.com/gorilla/mux
|
||||||
|
- github.com/mailgun/minheap
|
||||||
|
- github.com/mailgun/multibuf
|
||||||
|
- github.com/jaguilar/vt100
|
||||||
|
- github.com/BurntSushi/toml
|
||||||
|
|
||||||
|
linters:
|
||||||
|
enable-all: true
|
||||||
|
disable:
|
||||||
|
- deadcode # deprecated
|
||||||
|
- exhaustivestruct # deprecated
|
||||||
|
- golint # deprecated
|
||||||
|
- ifshort # deprecated
|
||||||
|
- interfacer # deprecated
|
||||||
|
- maligned # deprecated
|
||||||
|
- nosnakecase # deprecated
|
||||||
|
- scopelint # deprecated
|
||||||
|
- scopelint # deprecated
|
||||||
|
- structcheck # deprecated
|
||||||
|
- varcheck # deprecated
|
||||||
|
- sqlclosecheck # not relevant (SQL)
|
||||||
|
- rowserrcheck # not relevant (SQL)
|
||||||
|
- execinquery # not relevant (SQL)
|
||||||
|
- cyclop # duplicate of gocyclo
|
||||||
|
- lll # Not relevant
|
||||||
|
- gocyclo # FIXME must be fixed
|
||||||
|
- gocognit # Too strict
|
||||||
|
- nestif # Too many false-positive.
|
||||||
|
- prealloc # Too many false-positive.
|
||||||
|
- makezero # Not relevant
|
||||||
|
- dupl # Too strict
|
||||||
|
- gosec # Too strict
|
||||||
|
- gochecknoinits
|
||||||
|
- gochecknoglobals
|
||||||
|
- wsl # Too strict
|
||||||
|
- nlreturn # Not relevant
|
||||||
|
- gomnd # Too strict
|
||||||
|
- stylecheck # skip because report issues related to some generated files.
|
||||||
|
- testpackage # Too strict
|
||||||
|
- tparallel # Not relevant
|
||||||
|
- paralleltest # Not relevant
|
||||||
|
- exhaustive # Not relevant
|
||||||
|
- exhaustruct # Not relevant
|
||||||
|
- goerr113 # Too strict
|
||||||
|
- wrapcheck # Too strict
|
||||||
|
- noctx # Too strict
|
||||||
|
- bodyclose # too many false-positive
|
||||||
|
- forcetypeassert # Too strict
|
||||||
|
- tagliatelle # Too strict
|
||||||
|
- varnamelen # Not relevant
|
||||||
|
- nilnil # Not relevant
|
||||||
|
- ireturn # Not relevant
|
||||||
|
- contextcheck # too many false-positive
|
||||||
|
- containedctx # too many false-positive
|
||||||
|
- maintidx # kind of duplicate of gocyclo
|
||||||
|
- nonamedreturns # Too strict
|
||||||
|
|
||||||
|
issues:
|
||||||
|
exclude-use-default: false
|
||||||
|
max-per-linter: 0
|
||||||
|
max-same-issues: 0
|
||||||
|
exclude:
|
||||||
|
- 'Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked'
|
||||||
|
- "should have a package comment, unless it's in another file for this package"
|
||||||
|
- 'SA1019: http.CloseNotifier has been deprecated' # FIXME must be fixed
|
||||||
|
- 'SA1019: cfg.SSLRedirect is deprecated'
|
||||||
|
- 'SA1019: cfg.SSLTemporaryRedirect is deprecated'
|
||||||
|
- 'SA1019: cfg.SSLHost is deprecated'
|
||||||
|
- 'SA1019: cfg.SSLForceHost is deprecated'
|
||||||
|
- 'SA1019: cfg.FeaturePolicy is deprecated'
|
||||||
|
- 'SA1019: c.Providers.ConsulCatalog.Namespace is deprecated'
|
||||||
|
- 'SA1019: c.Providers.Consul.Namespace is deprecated'
|
||||||
|
- 'SA1019: c.Providers.Nomad.Namespace is deprecated'
|
||||||
|
exclude-rules:
|
||||||
|
- path: '(.+)_test.go'
|
||||||
|
linters:
|
||||||
|
- goconst
|
||||||
|
- funlen
|
||||||
|
- godot
|
||||||
|
- path: '(.+)_test.go'
|
||||||
|
text: ' always receives '
|
||||||
|
linters:
|
||||||
|
- unparam
|
||||||
|
- path: '(.+)\.go'
|
||||||
|
text: 'struct-tag: unknown option ''inline'' in JSON tag'
|
||||||
|
linters:
|
||||||
|
- revive
|
||||||
|
- path: pkg/server/service/bufferpool.go
|
||||||
|
text: 'SA6002: argument should be pointer-like to avoid allocations'
|
||||||
|
- path: pkg/server/middleware/middlewares.go
|
||||||
|
text: "Function 'buildConstructor' has too many statements"
|
||||||
|
linters:
|
||||||
|
- funlen
|
||||||
|
- path: pkg/tracing/haystack/logger.go
|
||||||
|
linters:
|
||||||
|
- goprintffuncname
|
||||||
|
- path: pkg/tracing/tracing.go
|
||||||
|
text: "printf-like formatting function 'SetErrorWithEvent' should be named 'SetErrorWithEventf'"
|
||||||
|
linters:
|
||||||
|
- goprintffuncname
|
||||||
|
- path: pkg/tls/tlsmanager_test.go
|
||||||
|
text: 'SA1019: config.ClientCAs.Subjects has been deprecated since Go 1.18'
|
||||||
|
- path: pkg/types/tls_test.go
|
||||||
|
text: 'SA1019: tlsConfig.RootCAs.Subjects has been deprecated since Go 1.18'
|
||||||
|
- path: pkg/provider/kubernetes/(crd|gateway)/client.go
|
||||||
|
linters:
|
||||||
|
- interfacebloat
|
||||||
|
- path: pkg/metrics/metrics.go
|
||||||
|
linters:
|
||||||
|
- interfacebloat
|
||||||
|
- path: integration/healthcheck_test.go
|
||||||
|
text: 'Duplicate words \(wsp2,\) found'
|
||||||
|
linters:
|
||||||
|
- dupword
|
||||||
|
- path: pkg/types/domain_test.go
|
||||||
|
text: 'Duplicate words \(sub\) found'
|
||||||
|
linters:
|
||||||
|
- dupword
|
|
@ -16,7 +16,7 @@ RUN mkdir -p /usr/local/bin \
|
||||||
RUN curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b $GOPATH/bin v1.50.0
|
RUN curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b $GOPATH/bin v1.50.0
|
||||||
|
|
||||||
# Download misspell binary to bin folder in $GOPATH
|
# Download misspell binary to bin folder in $GOPATH
|
||||||
RUN curl -sfL https://raw.githubusercontent.com/client9/misspell/master/install-misspell.sh | bash -s -- -b $GOPATH/bin v0.3.4
|
RUN curl -sfL https://raw.githubusercontent.com/golangci/misspell/master/install-misspell.sh | bash -s -- -b $GOPATH/bin v0.4.0
|
||||||
|
|
||||||
# Download goreleaser binary to bin folder in $GOPATH
|
# Download goreleaser binary to bin folder in $GOPATH
|
||||||
RUN curl -sfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | sh
|
RUN curl -sfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | sh
|
||||||
|
|
|
@ -6,7 +6,8 @@ Below is a non-exhaustive list of versions and their maintenance status:
|
||||||
|
|
||||||
| Version | Release Date | Active Support | Security Support |
|
| Version | Release Date | Active Support | Security Support |
|
||||||
|---------|--------------|--------------------|------------------|
|
|---------|--------------|--------------------|------------------|
|
||||||
| 2.8 | Jun 29, 2022 | Yes | Yes |
|
| 2.9 | Oct 03, 2022 | Yes | Yes |
|
||||||
|
| 2.8 | Jun 29, 2022 | Ended Oct 03, 2022 | No |
|
||||||
| 2.7 | May 24, 2022 | Ended Jun 29, 2022 | No |
|
| 2.7 | May 24, 2022 | Ended Jun 29, 2022 | No |
|
||||||
| 2.6 | Jan 24, 2022 | Ended May 24, 2022 | No |
|
| 2.6 | Jan 24, 2022 | Ended May 24, 2022 | No |
|
||||||
| 2.5 | Aug 17, 2021 | Ended Jan 24, 2022 | No |
|
| 2.5 | Aug 17, 2021 | Ended Jan 24, 2022 | No |
|
||||||
|
|
|
@ -16,10 +16,10 @@ PassTLSClientCert adds the selected data from the passed client TLS certificate
|
||||||
|
|
||||||
## Configuration Examples
|
## Configuration Examples
|
||||||
|
|
||||||
Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
|
Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
||||||
|
|
||||||
```yaml tab="Docker"
|
```yaml tab="Docker"
|
||||||
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
|
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
||||||
labels:
|
labels:
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
||||||
```
|
```
|
||||||
|
@ -35,7 +35,7 @@ spec:
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Consul Catalog"
|
```yaml tab="Consul Catalog"
|
||||||
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header
|
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -46,13 +46,13 @@ spec:
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Rancher"
|
```yaml tab="Rancher"
|
||||||
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
|
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
||||||
labels:
|
labels:
|
||||||
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="File (YAML)"
|
```yaml tab="File (YAML)"
|
||||||
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
|
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
test-passtlsclientcert:
|
test-passtlsclientcert:
|
||||||
|
@ -61,13 +61,13 @@ http:
|
||||||
```
|
```
|
||||||
|
|
||||||
```toml tab="File (TOML)"
|
```toml tab="File (TOML)"
|
||||||
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
|
# Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
|
||||||
[http.middlewares]
|
[http.middlewares]
|
||||||
[http.middlewares.test-passtlsclientcert.passTLSClientCert]
|
[http.middlewares.test-passtlsclientcert.passTLSClientCert]
|
||||||
pem = true
|
pem = true
|
||||||
```
|
```
|
||||||
|
|
||||||
??? example "Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header"
|
??? example "Pass the pem in the `X-Forwarded-Tls-Client-Cert` header"
|
||||||
|
|
||||||
```yaml tab="Docker"
|
```yaml tab="Docker"
|
||||||
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
|
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
|
||||||
|
@ -254,12 +254,12 @@ http:
|
||||||
|
|
||||||
PassTLSClientCert can add two headers to the request:
|
PassTLSClientCert can add two headers to the request:
|
||||||
|
|
||||||
- `X-Forwarded-Tls-Client-Cert` that contains the escaped pem.
|
- `X-Forwarded-Tls-Client-Cert` that contains the pem.
|
||||||
- `X-Forwarded-Tls-Client-Cert-Info` that contains all the selected certificate information in an escaped string.
|
- `X-Forwarded-Tls-Client-Cert-Info` that contains all the selected certificate information in an escaped string.
|
||||||
|
|
||||||
!!! info
|
!!! info
|
||||||
|
|
||||||
* Each header value is a string that has been escaped in order to be a valid URL query.
|
* `X-Forwarded-Tls-Client-Cert-Info` header value is a string that has been escaped in order to be a valid URL query.
|
||||||
* These options only work accordingly to the [MutualTLS configuration](../../https/tls.md#client-authentication-mtls).
|
* These options only work accordingly to the [MutualTLS configuration](../../https/tls.md#client-authentication-mtls).
|
||||||
That is to say, only the certificates that match the `clientAuth.clientAuthType` policy are passed.
|
That is to say, only the certificates that match the `clientAuth.clientAuthType` policy are passed.
|
||||||
|
|
||||||
|
@ -371,7 +371,7 @@ The following example shows a complete certificate and explains each of the midd
|
||||||
|
|
||||||
### `pem`
|
### `pem`
|
||||||
|
|
||||||
The `pem` option sets the `X-Forwarded-Tls-Client-Cert` header with the escaped certificate.
|
The `pem` option sets the `X-Forwarded-Tls-Client-Cert` header with the certificate.
|
||||||
|
|
||||||
In the example, it is the part between `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` delimiters:
|
In the example, it is the part between `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` delimiters:
|
||||||
|
|
||||||
|
|
|
@ -444,7 +444,7 @@ To enable HTTP/3 on an EntryPoint, please check out the [HTTP/3 configuration](.
|
||||||
|
|
||||||
### Kubernetes Gateway API Provider
|
### Kubernetes Gateway API Provider
|
||||||
|
|
||||||
In `v2.6`, the [Kubernetes Gateway API provider](../providers/kubernetes-gateway.md) now only supports the version [v1alpha2](https://gateway-api.sigs.k8s.io/v1alpha2/guides/getting-started/) of the specification and
|
In `v2.6`, the [Kubernetes Gateway API provider](../providers/kubernetes-gateway.md) now only supports the version [v1alpha2](https://gateway-api.sigs.k8s.io/v1alpha2/guides/) of the specification and
|
||||||
[route namespaces](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.RouteNamespaces) selectors, which requires Traefik to fetch and watch the cluster namespaces.
|
[route namespaces](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.RouteNamespaces) selectors, which requires Traefik to fetch and watch the cluster namespaces.
|
||||||
Therefore, the [RBAC](../reference/dynamic-configuration/kubernetes-gateway.md#rbac) and [CRD](../reference/dynamic-configuration/kubernetes-gateway.md#definitions) definitions must be updated.
|
Therefore, the [RBAC](../reference/dynamic-configuration/kubernetes-gateway.md#rbac) and [CRD](../reference/dynamic-configuration/kubernetes-gateway.md#definitions) definitions must be updated.
|
||||||
|
|
||||||
|
|
|
@ -78,7 +78,7 @@ This provider is proposed as an experimental feature and partially supports the
|
||||||
|
|
||||||
The Kubernetes Gateway API project provides several guides on how to use the APIs.
|
The Kubernetes Gateway API project provides several guides on how to use the APIs.
|
||||||
These guides can help you to go further than the example above.
|
These guides can help you to go further than the example above.
|
||||||
The [getting started guide](https://gateway-api.sigs.k8s.io/v1alpha2/guides/getting-started/) details how to install the CRDs from their repository.
|
The [getting started guide](https://gateway-api.sigs.k8s.io/v1alpha2/guides/) details how to install the CRDs from their repository.
|
||||||
|
|
||||||
!!! note ""
|
!!! note ""
|
||||||
|
|
||||||
|
|
|
@ -1300,7 +1300,7 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
pem:
|
pem:
|
||||||
description: PEM sets the X-Forwarded-Tls-Client-Cert header with
|
description: PEM sets the X-Forwarded-Tls-Client-Cert header with
|
||||||
the escaped certificate.
|
the certificate.
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
plugin:
|
plugin:
|
||||||
|
|
|
@ -723,7 +723,7 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
pem:
|
pem:
|
||||||
description: PEM sets the X-Forwarded-Tls-Client-Cert header with
|
description: PEM sets the X-Forwarded-Tls-Client-Cert header with
|
||||||
the escaped certificate.
|
the certificate.
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
plugin:
|
plugin:
|
||||||
|
|
8
go.mod
8
go.mod
|
@ -36,11 +36,11 @@ require (
|
||||||
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d
|
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d
|
||||||
github.com/instana/go-sensor v1.38.3
|
github.com/instana/go-sensor v1.38.3
|
||||||
github.com/klauspost/compress v1.14.2
|
github.com/klauspost/compress v1.14.2
|
||||||
github.com/kvtools/consul v1.0.1
|
github.com/kvtools/consul v1.0.2
|
||||||
github.com/kvtools/etcdv3 v1.0.1
|
github.com/kvtools/etcdv3 v1.0.2
|
||||||
github.com/kvtools/redis v1.0.1
|
github.com/kvtools/redis v1.0.2
|
||||||
github.com/kvtools/valkeyrie v1.0.0
|
github.com/kvtools/valkeyrie v1.0.0
|
||||||
github.com/kvtools/zookeeper v1.0.1
|
github.com/kvtools/zookeeper v1.0.2
|
||||||
github.com/lucas-clemente/quic-go v0.28.1
|
github.com/lucas-clemente/quic-go v0.28.1
|
||||||
github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f
|
github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f
|
||||||
github.com/miekg/dns v1.1.50
|
github.com/miekg/dns v1.1.50
|
||||||
|
|
16
go.sum
16
go.sum
|
@ -1305,16 +1305,16 @@ github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
|
||||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||||
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||||
github.com/kvtools/consul v1.0.1 h1:RHwW0qTPL8Gwb+ueH6kpAIZ3fuNnSdAZaydfKjMIr/4=
|
github.com/kvtools/consul v1.0.2 h1:ltPgs4Ld09Xaa7zrOJ/TewBYKAsr11/LRFpErdkb8AA=
|
||||||
github.com/kvtools/consul v1.0.1/go.mod h1:bFnzfGJ5ZIRRXCBGBmwhJlLdEWOlrjOcS1WjyAQzaJA=
|
github.com/kvtools/consul v1.0.2/go.mod h1:bFnzfGJ5ZIRRXCBGBmwhJlLdEWOlrjOcS1WjyAQzaJA=
|
||||||
github.com/kvtools/etcdv3 v1.0.1 h1:Ugr5ryI+FIeZQh0RCmtGFJptgSlbrVGjAnJWk9r//WI=
|
github.com/kvtools/etcdv3 v1.0.2 h1:EB0mAtzqe1folE7m7Q6wnCXcGwaOmrYmsVmF3hNsTKI=
|
||||||
github.com/kvtools/etcdv3 v1.0.1/go.mod h1:Xr6DbwqjuCEcXAIWmXxw0DX+N5BhuvablXgN90XeqMM=
|
github.com/kvtools/etcdv3 v1.0.2/go.mod h1:Xr6DbwqjuCEcXAIWmXxw0DX+N5BhuvablXgN90XeqMM=
|
||||||
github.com/kvtools/redis v1.0.1 h1:vtLE3D3xfMbXfenRGuclDU8pe64OiqcBMmKm2RY4Wuo=
|
github.com/kvtools/redis v1.0.2 h1:D3GjGGtssJF2w8mniWtIxcT/YX9YnRc4jNCm0hrVygQ=
|
||||||
github.com/kvtools/redis v1.0.1/go.mod h1:wuUNwwKOHi2TYxDxj1sGF74Jdg0jywydnatXtnOR3hA=
|
github.com/kvtools/redis v1.0.2/go.mod h1:wuUNwwKOHi2TYxDxj1sGF74Jdg0jywydnatXtnOR3hA=
|
||||||
github.com/kvtools/valkeyrie v1.0.0 h1:LAITop2wPoYCMitR24GZZsW0b57hmI+ePD18VRTtOf0=
|
github.com/kvtools/valkeyrie v1.0.0 h1:LAITop2wPoYCMitR24GZZsW0b57hmI+ePD18VRTtOf0=
|
||||||
github.com/kvtools/valkeyrie v1.0.0/go.mod h1:bDi/OdhJCSbGPMsCgUQl881yuEweKCSItAtTBI+ZjpU=
|
github.com/kvtools/valkeyrie v1.0.0/go.mod h1:bDi/OdhJCSbGPMsCgUQl881yuEweKCSItAtTBI+ZjpU=
|
||||||
github.com/kvtools/zookeeper v1.0.1 h1:CBKNOuesj4CgW5PisK2jVx1+XP+T51bVgYHrZPQL5OM=
|
github.com/kvtools/zookeeper v1.0.2 h1:uK0CzQa+mtKGxDDH+DeqXo2HC1Kx4hWXZ7pX/zS4aTo=
|
||||||
github.com/kvtools/zookeeper v1.0.1/go.mod h1:6TfxUwJ7IuBk5srgnoe528W0ftanNECHgOiShx/t0Aw=
|
github.com/kvtools/zookeeper v1.0.2/go.mod h1:6TfxUwJ7IuBk5srgnoe528W0ftanNECHgOiShx/t0Aw=
|
||||||
github.com/kylelemons/go-gypsy v0.0.0-20160905020020-08cad365cd28/go.mod h1:T/T7jsxVqf9k/zYOqbgNAsANsjxTd1Yq3htjDhQ1H0c=
|
github.com/kylelemons/go-gypsy v0.0.0-20160905020020-08cad365cd28/go.mod h1:T/T7jsxVqf9k/zYOqbgNAsANsjxTd1Yq3htjDhQ1H0c=
|
||||||
github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
|
github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
|
||||||
github.com/labbsr0x/bindman-dns-webhook v1.0.2 h1:I7ITbmQPAVwrDdhd6dHKi+MYJTJqPCK0jE6YNBAevnk=
|
github.com/labbsr0x/bindman-dns-webhook v1.0.2 h1:I7ITbmQPAVwrDdhd6dHKi+MYJTJqPCK0jE6YNBAevnk=
|
||||||
|
|
|
@ -1300,7 +1300,7 @@ spec:
|
||||||
type: object
|
type: object
|
||||||
pem:
|
pem:
|
||||||
description: PEM sets the X-Forwarded-Tls-Client-Cert header with
|
description: PEM sets the X-Forwarded-Tls-Client-Cert header with
|
||||||
the escaped certificate.
|
the certificate.
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
plugin:
|
plugin:
|
||||||
|
|
|
@ -65,6 +65,6 @@ func (s *TLSClientHeadersSuite) TestTLSClientHeaders(c *check.C) {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
err = try.RequestWithTransport(request, 2*time.Second, tr, try.BodyContains("Forwarded-Tls-Client-Cert: MIIDNTCCAh0CFD0QQcHXUJuKwMBYDA%2BbBExVSP26MA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxFTATBgNVBAoMDFRyYWVmaWsgTGFiczEQMA4GA1UECwwHdHJhZWZpazENMAsGA1UEAwwEcm9vdDAeFw0yMTAxMDgxNzQ0MjRaFw0zMTAxMDYxNzQ0MjRaMFgxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxFTATBgNVBAoMDFRyYWVmaWsgTGFiczEQMA4GA1UECwwHdHJhZWZpazEPMA0GA1UEAwwGc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYK2z8gLPOfFLgXNWP2460aeJ9vrH47x%2FlhKLlv4amSDHDx8Cmz%2F6blOUM8XOfMRW1xx%2B%2BAgChWN9dx%2Fkf7G2xlA5grZxRvUQ6xj7AvFG9TQUA3muNh2hvm9c3IjaZBNKH27bRKuDIBvZBvXdX4NL%2FaaFy7w7v7IKxk8j4WkfB23sgyH43g4b7NqKHJugZiedFu5GALmtLbShVOFbjWcre7Wvatdw8dIBmiFJqZQT3UjIuGAgqczIShtLxo4V%2BXyVkIPmzfPrRV%2B4zoMFIFOIaj3syyxb4krPBtxhe7nz2cWvvq0wePB2y4YbAAoVY8NYpd5JsMFwZtG6Uk59ygv4QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDaPg69wNeFNFisfBJTrscqVCTW%2BB80gMhpLdxXD%2BKO0%2FWgc5xpB%2FwLSirNtRQyxAa3%2BEEcIwJv%2Fwdh8EyjlDLSpFm%2F8ghntrKhkOfIOPDFE41M5HNfx%2FFuh5btKEenOL%2FXdapqtNUt2ZE4RrsfbL79sPYepa9kDUVi2mCbeH5ollZ0MDU68HpB2YwHbCEuQNk5W3pjYK2NaDkVnxTkfEDM1k%2B3QydO1lqB5JJmcrs59BEveTqaJ3eeh%2F0I4OOab6OkTTZ0JNjJp1573oxO%2Bfce%2FbfGud8xHY5gSN9huU7U6RsgvO7Dhmal%2FsDNl8XC8oU90hVDVXZdA7ewh4jjaoIv"))
|
err = try.RequestWithTransport(request, 2*time.Second, tr, try.BodyContains("Forwarded-Tls-Client-Cert: MIIDNTCCAh0CFD0QQcHXUJuKwMBYDA+bBExVSP26MA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxFTATBgNVBAoMDFRyYWVmaWsgTGFiczEQMA4GA1UECwwHdHJhZWZpazENMAsGA1UEAwwEcm9vdDAeFw0yMTAxMDgxNzQ0MjRaFw0zMTAxMDYxNzQ0MjRaMFgxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxFTATBgNVBAoMDFRyYWVmaWsgTGFiczEQMA4GA1UECwwHdHJhZWZpazEPMA0GA1UEAwwGc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYK2z8gLPOfFLgXNWP2460aeJ9vrH47x/lhKLlv4amSDHDx8Cmz/6blOUM8XOfMRW1xx++AgChWN9dx/kf7G2xlA5grZxRvUQ6xj7AvFG9TQUA3muNh2hvm9c3IjaZBNKH27bRKuDIBvZBvXdX4NL/aaFy7w7v7IKxk8j4WkfB23sgyH43g4b7NqKHJugZiedFu5GALmtLbShVOFbjWcre7Wvatdw8dIBmiFJqZQT3UjIuGAgqczIShtLxo4V+XyVkIPmzfPrRV+4zoMFIFOIaj3syyxb4krPBtxhe7nz2cWvvq0wePB2y4YbAAoVY8NYpd5JsMFwZtG6Uk59ygv4QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDaPg69wNeFNFisfBJTrscqVCTW+B80gMhpLdxXD+KO0/Wgc5xpB/wLSirNtRQyxAa3+EEcIwJv/wdh8EyjlDLSpFm/8ghntrKhkOfIOPDFE41M5HNfx/Fuh5btKEenOL/XdapqtNUt2ZE4RrsfbL79sPYepa9kDUVi2mCbeH5ollZ0MDU68HpB2YwHbCEuQNk5W3pjYK2NaDkVnxTkfEDM1k+3QydO1lqB5JJmcrs59BEveTqaJ3eeh/0I4OOab6OkTTZ0JNjJp1573oxO+fce/bfGud8xHY5gSN9huU7U6RsgvO7Dhmal/sDNl8XC8oU90hVDVXZdA7ewh4jjaoIv"))
|
||||||
c.Assert(err, checker.IsNil)
|
c.Assert(err, checker.IsNil)
|
||||||
}
|
}
|
||||||
|
|
|
@ -416,7 +416,7 @@ type InFlightReq struct {
|
||||||
// This middleware adds the selected data from the passed client TLS certificate to a header.
|
// This middleware adds the selected data from the passed client TLS certificate to a header.
|
||||||
// More info: https://doc.traefik.io/traefik/v2.9/middlewares/http/passtlsclientcert/
|
// More info: https://doc.traefik.io/traefik/v2.9/middlewares/http/passtlsclientcert/
|
||||||
type PassTLSClientCert struct {
|
type PassTLSClientCert struct {
|
||||||
// PEM sets the X-Forwarded-Tls-Client-Cert header with the escaped certificate.
|
// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
|
||||||
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
|
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
|
||||||
// Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
|
// Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
|
||||||
Info *TLSClientCertificateInfo `json:"info,omitempty" toml:"info,omitempty" yaml:"info,omitempty" export:"true"`
|
Info *TLSClientCertificateInfo `json:"info,omitempty" toml:"info,omitempty" yaml:"info,omitempty" export:"true"`
|
||||||
|
|
|
@ -9,67 +9,67 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
// Debug logs a message at level Debug on the standard logger.
|
// Debug logs a message at level Debug on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Debug(...) instead.
|
||||||
func Debug(args ...interface{}) {
|
func Debug(args ...interface{}) {
|
||||||
mainLogger.Debug(args...)
|
mainLogger.Debug(args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Debugf logs a message at level Debug on the standard logger.
|
// Debugf logs a message at level Debug on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Debugf(...) instead.
|
||||||
func Debugf(format string, args ...interface{}) {
|
func Debugf(format string, args ...interface{}) {
|
||||||
mainLogger.Debugf(format, args...)
|
mainLogger.Debugf(format, args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Info logs a message at level Info on the standard logger.
|
// Info logs a message at level Info on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Info(...) instead.
|
||||||
func Info(args ...interface{}) {
|
func Info(args ...interface{}) {
|
||||||
mainLogger.Info(args...)
|
mainLogger.Info(args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Infof logs a message at level Info on the standard logger.
|
// Infof logs a message at level Info on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Infof(...) instead.
|
||||||
func Infof(format string, args ...interface{}) {
|
func Infof(format string, args ...interface{}) {
|
||||||
mainLogger.Infof(format, args...)
|
mainLogger.Infof(format, args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Warn logs a message at level Warn on the standard logger.
|
// Warn logs a message at level Warn on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Warn(...) instead.
|
||||||
func Warn(args ...interface{}) {
|
func Warn(args ...interface{}) {
|
||||||
mainLogger.Warn(args...)
|
mainLogger.Warn(args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Warnf logs a message at level Warn on the standard logger.
|
// Warnf logs a message at level Warn on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Warnf(...) instead.
|
||||||
func Warnf(format string, args ...interface{}) {
|
func Warnf(format string, args ...interface{}) {
|
||||||
mainLogger.Warnf(format, args...)
|
mainLogger.Warnf(format, args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Error logs a message at level Error on the standard logger.
|
// Error logs a message at level Error on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Error(...) instead.
|
||||||
func Error(args ...interface{}) {
|
func Error(args ...interface{}) {
|
||||||
mainLogger.Error(args...)
|
mainLogger.Error(args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Errorf logs a message at level Error on the standard logger.
|
// Errorf logs a message at level Error on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Errorf(...) instead.
|
||||||
func Errorf(format string, args ...interface{}) {
|
func Errorf(format string, args ...interface{}) {
|
||||||
mainLogger.Errorf(format, args...)
|
mainLogger.Errorf(format, args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Panic logs a message at level Panic on the standard logger.
|
// Panic logs a message at level Panic on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Panic(...) instead.
|
||||||
func Panic(args ...interface{}) {
|
func Panic(args ...interface{}) {
|
||||||
mainLogger.Panic(args...)
|
mainLogger.Panic(args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Fatal logs a message at level Fatal on the standard logger.
|
// Fatal logs a message at level Fatal on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Fatal(...) instead.
|
||||||
func Fatal(args ...interface{}) {
|
func Fatal(args ...interface{}) {
|
||||||
mainLogger.Fatal(args...)
|
mainLogger.Fatal(args...)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Fatalf logs a message at level Fatal on the standard logger.
|
// Fatalf logs a message at level Fatal on the standard logger.
|
||||||
// Deprecated
|
// Deprecated: use log.FromContext(ctx).Fatalf(...) instead.
|
||||||
func Fatalf(format string, args ...interface{}) {
|
func Fatalf(format string, args ...interface{}) {
|
||||||
mainLogger.Fatalf(format, args...)
|
mainLogger.Fatalf(format, args...)
|
||||||
}
|
}
|
||||||
|
|
|
@ -325,13 +325,11 @@ func writePart(ctx context.Context, content io.StringWriter, entry, prefix strin
|
||||||
|
|
||||||
// sanitize As we pass the raw certificates, remove the useless data and make it http request compliant.
|
// sanitize As we pass the raw certificates, remove the useless data and make it http request compliant.
|
||||||
func sanitize(cert []byte) string {
|
func sanitize(cert []byte) string {
|
||||||
cleaned := strings.NewReplacer(
|
return strings.NewReplacer(
|
||||||
"-----BEGIN CERTIFICATE-----", "",
|
"-----BEGIN CERTIFICATE-----", "",
|
||||||
"-----END CERTIFICATE-----", "",
|
"-----END CERTIFICATE-----", "",
|
||||||
"\n", "",
|
"\n", "",
|
||||||
).Replace(string(cert))
|
).Replace(string(cert))
|
||||||
|
|
||||||
return url.QueryEscape(cleaned)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// getCertificates Build a string with the client certificates.
|
// getCertificates Build a string with the client certificates.
|
||||||
|
|
|
@ -610,7 +610,7 @@ WqeUSNGYV//RunTeuRDAf5OxehERb1srzBXhRZ3cZdzXbgR/`,
|
||||||
|
|
||||||
content := sanitize(test.toSanitize)
|
content := sanitize(test.toSanitize)
|
||||||
|
|
||||||
expected := url.QueryEscape(strings.ReplaceAll(test.expected, "\n", ""))
|
expected := strings.ReplaceAll(test.expected, "\n", "")
|
||||||
assert.Equal(t, expected, content, "The sanitized certificates should be equal")
|
assert.Equal(t, expected, content, "The sanitized certificates should be equal")
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,12 +47,6 @@ func nodeIP(ip string) func(*docker.ContainerJSON) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func labels(labels map[string]string) func(*docker.ContainerJSON) {
|
|
||||||
return func(c *docker.ContainerJSON) {
|
|
||||||
c.Config.Labels = labels
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func ports(portMap nat.PortMap) func(*docker.ContainerJSON) {
|
func ports(portMap nat.PortMap) func(*docker.ContainerJSON) {
|
||||||
return func(c *docker.ContainerJSON) {
|
return func(c *docker.ContainerJSON) {
|
||||||
c.NetworkSettings.NetworkSettingsBase.Ports = portMap
|
c.NetworkSettings.NetworkSettingsBase.Ports = portMap
|
||||||
|
|
|
@ -30,7 +30,7 @@ func (p *Provider) SetDefaults() {
|
||||||
|
|
||||||
// Init the provider.
|
// Init the provider.
|
||||||
func (p *Provider) Init() error {
|
func (p *Provider) Init() error {
|
||||||
config := redis.Config{
|
config := &redis.Config{
|
||||||
Username: p.Username,
|
Username: p.Username,
|
||||||
Password: p.Password,
|
Password: p.Password,
|
||||||
DB: p.DB,
|
DB: p.DB,
|
||||||
|
|
Loading…
Reference in a new issue