feature: Service Fabric white list.

Gopkg.lock

@@ -247,8 +247,8 @@
 [[projects]]
   name = "github.com/containous/traefik-extra-service-fabric"
   packages = ["."]
-  revision = "a0b20089e99069884b060875fc015c13a23e7953"
+  revision = "29a6d70ad0f15175efbaa5fd93d8afdd8b373b93"
-  version = "v1.1.0"
+  version = "v1.1.1"
 
 [[projects]]
   name = "github.com/coreos/bbolt"
@@ -745,6 +745,7 @@
   version = "v1.3.7"
 
 [[projects]]
+  branch = "master"
   name = "github.com/jjcollinge/servicefabric"
   packages = ["."]
   revision = "8eebe170fa1ba25d3dfb928b3f86a7313b13b9fe"
@@ -1643,6 +1644,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "5643c4ca177618882a194021e8894c3dc32950da646048883151bee925416771"
+  inputs-digest = "593d67272ac35ca0fa59df7f2ac077a81ea842b3181b00acffa20553bfe6f2e0"
   solver-name = "gps-cdcl"
   solver-version = 1

Gopkg.toml

@@ -66,7 +66,7 @@
 
 [[constraint]]
   name = "github.com/containous/traefik-extra-service-fabric"
-  version = "1.1.0"
+  version = "1.1.1"
 
 [[constraint]]
   name = "github.com/coreos/go-systemd"

vendor/github.com/containous/traefik-extra-service-fabric/servicefabric_config.go

@@ -15,8 +15,12 @@ import (
 )
 
 func (p *Provider) buildConfiguration(sfClient sfClient) (*types.Configuration, error) {
-	var sfFuncMap = template.FuncMap{
+	services, err := getClusterServices(sfClient)
+	if err != nil {
+		return nil, err
+	}
 
+	var sfFuncMap = template.FuncMap{
 		// Services
 		"getServices":                getServices,
 		"hasLabel":                   hasService,
@@ -42,27 +46,21 @@ func (p *Provider) buildConfiguration(sfClient sfClient) (*types.Configuration,
 		"getLoadBalancer":   getLoadBalancer,
 
 		// Frontend Functions
-		"getPriority":             getFuncServiceStringLabel(label.TraefikFrontendPriority, label.DefaultFrontendPriority),
+		"getPriority":       getFuncServiceStringLabel(label.TraefikFrontendPriority, label.DefaultFrontendPriority),
-		"getPassHostHeader":       getFuncServiceStringLabel(label.TraefikFrontendPassHostHeader, label.DefaultPassHostHeader),
+		"getPassHostHeader": getFuncServiceStringLabel(label.TraefikFrontendPassHostHeader, label.DefaultPassHostHeader),
-		"getPassTLSCert":          getFuncBoolLabel(label.TraefikFrontendPassTLSCert, false),
+		"getPassTLSCert":    getFuncBoolLabel(label.TraefikFrontendPassTLSCert, false),
-		"getEntryPoints":          getFuncServiceSliceStringLabel(label.TraefikFrontendEntryPoints),
+		"getEntryPoints":    getFuncServiceSliceStringLabel(label.TraefikFrontendEntryPoints),
-		"getBasicAuth":            getFuncServiceSliceStringLabel(label.TraefikFrontendAuthBasic),
+		"getBasicAuth":      getFuncServiceSliceStringLabel(label.TraefikFrontendAuthBasic),
-		"getWhitelistSourceRange": getFuncServiceSliceStringLabel(label.TraefikFrontendWhitelistSourceRange),
+		"getFrontendRules":  getFuncServiceLabelWithPrefix(label.TraefikFrontendRule),
-		"getFrontendRules":        getFuncServiceLabelWithPrefix(label.TraefikFrontendRule),
+		"getWhiteList":      getWhiteList,
-
+		"getHeaders":        getHeaders,
-		"getHeaders":  getHeaders,
+		"getRedirect":       getRedirect,
-		"getRedirect": getRedirect,
 
 		// SF Service Grouping
 		"getGroupedServices": getFuncServicesGroupedByLabel(traefikSFGroupName),
 		"getGroupedWeight":   getFuncServiceStringLabel(traefikSFGroupWeight, "1"),
 	}
 
-	services, err := getClusterServices(sfClient)
-	if err != nil {
-		return nil, err
-	}
-
 	templateObjects := struct {
 		Services []ServiceItemExtended
 	}{
@@ -229,6 +227,31 @@ func getHeaders(service ServiceItemExtended) *types.Headers {
 	return headers
 }
 
+func getWhiteList(service ServiceItemExtended) *types.WhiteList {
+	if label.Has(service.Labels, label.TraefikFrontendWhitelistSourceRange) {
+		log.Warnf("Deprecated configuration found: %s. Please use %s.", label.TraefikFrontendWhitelistSourceRange, label.TraefikFrontendWhiteListSourceRange)
+	}
+
+	ranges := label.GetSliceStringValue(service.Labels, label.TraefikFrontendWhiteListSourceRange)
+	if len(ranges) > 0 {
+		return &types.WhiteList{
+			SourceRange:      ranges,
+			UseXForwardedFor: label.GetBoolValue(service.Labels, label.TraefikFrontendWhiteListUseXForwardedFor, false),
+		}
+	}
+
+	// TODO: Deprecated
+	values := label.GetSliceStringValue(service.Labels, label.TraefikFrontendWhitelistSourceRange)
+	if len(values) > 0 {
+		return &types.WhiteList{
+			SourceRange:      values,
+			UseXForwardedFor: false,
+		}
+	}
+
+	return nil
+}
+
 func getRedirect(service ServiceItemExtended) *types.Redirect {
 	permanent := label.GetBoolValue(service.Labels, label.TraefikFrontendRedirectPermanent, false)
 

vendor/github.com/containous/traefik-extra-service-fabric/servicefabric_tmpl.go

@@ -115,13 +115,6 @@ const tmpl = `
           {{end}}]
         {{end}}
   
-        {{ $whitelistSourceRange := getWhitelistSourceRange $service }}
-        {{if $whitelistSourceRange }}
-        whitelistSourceRange = [{{range $whitelistSourceRange }}
-          "{{.}}",
-          {{end}}]
-        {{end}}
-  
         {{ $basicAuth := getBasicAuth $service }}
         {{if $basicAuth }}
          basicAuth = [{{range $basicAuth }}
@@ -129,6 +122,24 @@ const tmpl = `
           {{end}}]
         {{end}}
 
+        {{ $whitelist := getWhiteList $service }}
+        {{if $whitelist }}
+        [frontends."frontend-{{ $frontendName }}".whiteList]
+          sourceRange = [{{range $whitelist.SourceRange }}
+            "{{.}}",
+            {{end}}]
+          useXForwardedFor = {{ $whitelist.UseXForwardedFor }}
+        {{end}}
+
+        {{ $redirect := getRedirect $service }}
+        {{if $redirect }}
+        [frontends."frontend-{{ $frontendName }}".redirect]
+          entryPoint = "{{ $redirect.EntryPoint }}"
+          regex = "{{ $redirect.Regex }}"
+          replacement = "{{ $redirect.Replacement }}"
+          permanent = {{ $redirect.Permanent }}
+        {{end}}
+
         {{ $headers := getHeaders $service }}
         {{if $headers }}
         [frontends."frontend-{{ $frontendName }}".headers]