Merge branch 'v2.9' into master

2022-10-24 11:23:33 +02:00 · 2022-10-24 11:23:33 +02:00 · e86f21ae7b
parent 194247caae ccbbd0d766
commit e86f21ae7b
9 changed files with 30 additions and 32 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@ -56,7 +56,7 @@ jobs:
          fetch-depth: 0
      - name: Cache Go modules
-        uses: actions/cache@v2
+        uses: actions/cache@v3
        with:
          path: |
            ~/go/pkg/mod
--- a/.github/workflows/test-unit.yaml
+++ b/.github/workflows/test-unit.yaml
@ -31,7 +31,7 @@ jobs:
          fetch-depth: 0
      - name: Cache Go modules
-        uses: actions/cache@v2
+        uses: actions/cache@v3
        with:
          path: |
            ~/go/pkg/mod
--- a/.github/workflows/validate.yaml
+++ b/.github/workflows/validate.yaml
@ -33,7 +33,7 @@ jobs:
          fetch-depth: 0
      - name: Cache Go modules
-        uses: actions/cache@v2
+        uses: actions/cache@v3
        with:
          path: |
            ~/go/pkg/mod
@ -73,7 +73,7 @@ jobs:
          fetch-depth: 0
      - name: Cache Go modules
-        uses: actions/cache@v2
+        uses: actions/cache@v3
        with:
          path: |
            ~/go/pkg/mod
--- a/.golangci.yml
+++ b/.golangci.yml
@ -75,7 +75,6 @@ linters-settings:
      - github.com/mailgun/minheap
      - github.com/mailgun/multibuf
      - github.com/jaguilar/vt100
      - github.com/BurntSushi/toml
 linters:
  enable-all: true
--- a/docs/content/operations/dashboard.md
+++ b/docs/content/operations/dashboard.md
@ -93,12 +93,12 @@ rule = "Host(`traefik.example.com`)"
 ```bash tab="Path Prefix Rule"
 # The dashboard can be accessed on http://example.com/dashboard/ or http://traefik.example.com/dashboard/
-rule = "PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
+rule = "PathPrefix(`/api`, `/dashboard`)"
 ```
 ```bash tab="Combination of Rules"
 # The dashboard can be accessed on http://traefik.example.com/dashboard/
-rule = "Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
+rule = "Host(`traefik.example.com`) && PathPrefix(`/api`, `/dashboard`)"
 ```
 ??? example "Dashboard Dynamic Configuration Examples"
--- a/go.mod
+++ b/go.mod
@ -3,7 +3,7 @@ module github.com/traefik/traefik/v2
 go 1.19
 require (
-	github.com/BurntSushi/toml v1.2.0
+	github.com/BurntSushi/toml v1.2.1
 	github.com/ExpediaDotCom/haystack-client-go v0.0.0-20190315171017-e7edbdf53a61
 	github.com/Masterminds/sprig/v3 v3.2.2
 	github.com/abbot/go-http-auth v0.0.0-00010101000000-000000000000
@ -358,9 +358,6 @@ replace (
 // https://github.com/docker/compose/blob/e44222664abd07ce1d1fe6796d84d93cbc7468c3/go.mod#L131
 replace github.com/jaguilar/vt100 => github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305
 // https://github.com/BurntSushi/toml/issues/360
 replace github.com/BurntSushi/toml v1.2.0 => github.com/BurntSushi/toml v1.1.0
 // ambiguous import: found package github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http in multiple modules
 // tencentcloud uses monorepo with multimodule but the go.mod files are incomplete.
 exclude github.com/tencentcloud/tencentcloud-sdk-go v3.0.83+incompatible
--- a/go.sum
+++ b/go.sum
@ -112,8 +112,8 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt
 github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo=
 github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I=
+github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak=
-github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/DataDog/datadog-agent/pkg/obfuscate v0.0.0-20211129110424-6491aa3bf583 h1:3nVO1nQyh64IUY6BPZUpMYMZ738Pu+LsMt3E0eqqIYw=
 github.com/DataDog/datadog-agent/pkg/obfuscate v0.0.0-20211129110424-6491aa3bf583/go.mod h1:EP9f4GqaDJyP1F5jTNMtzdIpw3JpNs3rMSJOnYywCiw=
--- a/pkg/server/service/proxy_websocket_test.go
+++ b/pkg/server/service/proxy_websocket_test.go
@ -593,9 +593,11 @@ func TestWebSocketTransferTLSConfig(t *testing.T) {
 	require.NoError(t, err)
 	assert.Equal(t, "ok", resp)
-	http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
+	// Don't alter default transport to prevent side effects on other tests.
 	defaultTransport := http.DefaultTransport.(*http.Transport).Clone()
 	defaultTransport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-	forwarderWithTLSConfigFromDefaultTransport, err := buildProxy(Bool(true), nil, http.DefaultTransport, nil)
+	forwarderWithTLSConfigFromDefaultTransport, err := buildProxy(Bool(true), nil, defaultTransport, nil)
 	require.NoError(t, err)
 	proxyWithTLSConfigFromDefaultTransport := createProxyWithForwarder(t, forwarderWithTLSConfigFromDefaultTransport, srv.URL)
--- a/pkg/server/service/roundtripper_test.go
+++ b/pkg/server/service/roundtripper_test.go
@ -283,11 +283,11 @@ func TestSpiffeMTLS(t *testing.T) {
 	}
 	testCases := []struct {
-		desc             string
+		desc           string
-		config           dynamic.Spiffe
+		config         dynamic.Spiffe
-		clientSource     SpiffeX509Source
+		clientSource   SpiffeX509Source
-		wantStatusCode   int
+		wantStatusCode int
-		wantErrorMessage string
+		wantError      bool
 	}{
 		{
 			desc:           "supports SPIFFE mTLS",
@ -308,8 +308,8 @@ func TestSpiffeMTLS(t *testing.T) {
 			config: dynamic.Spiffe{
 				IDs: []string{"spiffe://traefik.test/not-server"},
 			},
-			clientSource:     &clientSource,
+			clientSource: &clientSource,
-			wantErrorMessage: `unexpected ID "spiffe://traefik.test/server"`,
+			wantError:    true,
 		},
 		{
 			desc: "allows expected server trust domain",
@ -324,8 +324,8 @@ func TestSpiffeMTLS(t *testing.T) {
 			config: dynamic.Spiffe{
 				TrustDomain: "spiffe://not-traefik.test",
 			},
-			clientSource:     &clientSource,
+			clientSource: &clientSource,
-			wantErrorMessage: `unexpected trust domain "traefik.test"`,
+			wantError:    true,
 		},
 		{
 			desc: "spiffe IDs allowlist takes precedence",
@ -333,14 +333,14 @@ func TestSpiffeMTLS(t *testing.T) {
 				IDs:         []string{"spiffe://traefik.test/not-server"},
 				TrustDomain: "spiffe://not-traefik.test",
 			},
-			clientSource:     &clientSource,
+			clientSource: &clientSource,
-			wantErrorMessage: `unexpected ID "spiffe://traefik.test/server"`,
+			wantError:    true,
 		},
 		{
-			desc:             "raises an error when spiffe is enabled on the transport but no workloadapi address is given",
+			desc:         "raises an error when spiffe is enabled on the transport but no workloadapi address is given",
-			config:           dynamic.Spiffe{},
+			config:       dynamic.Spiffe{},
-			clientSource:     nil,
+			clientSource: nil,
-			wantErrorMessage: `remote error: tls: bad certificate`,
+			wantError:    true,
 		},
 	}
@ -362,8 +362,8 @@ func TestSpiffeMTLS(t *testing.T) {
 			client := http.Client{Transport: tr}
 			resp, err := client.Get(srv.URL)
-			if test.wantErrorMessage != "" {
+			if test.wantError {
-				assert.ErrorContains(t, err, test.wantErrorMessage)
+				require.Error(t, err)
 				return
 			}