Merge branch 'v2.9' into master

This commit is contained in:
Fernandez Ludovic 2022-10-24 11:23:33 +02:00
commit e86f21ae7b
9 changed files with 30 additions and 32 deletions

View file

@ -56,7 +56,7 @@ jobs:
fetch-depth: 0
- name: Cache Go modules
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: |
~/go/pkg/mod

View file

@ -31,7 +31,7 @@ jobs:
fetch-depth: 0
- name: Cache Go modules
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: |
~/go/pkg/mod

View file

@ -33,7 +33,7 @@ jobs:
fetch-depth: 0
- name: Cache Go modules
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: |
~/go/pkg/mod
@ -73,7 +73,7 @@ jobs:
fetch-depth: 0
- name: Cache Go modules
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: |
~/go/pkg/mod

View file

@ -75,7 +75,6 @@ linters-settings:
- github.com/mailgun/minheap
- github.com/mailgun/multibuf
- github.com/jaguilar/vt100
- github.com/BurntSushi/toml
linters:
enable-all: true

View file

@ -93,12 +93,12 @@ rule = "Host(`traefik.example.com`)"
```bash tab="Path Prefix Rule"
# The dashboard can be accessed on http://example.com/dashboard/ or http://traefik.example.com/dashboard/
rule = "PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
rule = "PathPrefix(`/api`, `/dashboard`)"
```
```bash tab="Combination of Rules"
# The dashboard can be accessed on http://traefik.example.com/dashboard/
rule = "Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
rule = "Host(`traefik.example.com`) && PathPrefix(`/api`, `/dashboard`)"
```
??? example "Dashboard Dynamic Configuration Examples"

5
go.mod
View file

@ -3,7 +3,7 @@ module github.com/traefik/traefik/v2
go 1.19
require (
github.com/BurntSushi/toml v1.2.0
github.com/BurntSushi/toml v1.2.1
github.com/ExpediaDotCom/haystack-client-go v0.0.0-20190315171017-e7edbdf53a61
github.com/Masterminds/sprig/v3 v3.2.2
github.com/abbot/go-http-auth v0.0.0-00010101000000-000000000000
@ -358,9 +358,6 @@ replace (
// https://github.com/docker/compose/blob/e44222664abd07ce1d1fe6796d84d93cbc7468c3/go.mod#L131
replace github.com/jaguilar/vt100 => github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305
// https://github.com/BurntSushi/toml/issues/360
replace github.com/BurntSushi/toml v1.2.0 => github.com/BurntSushi/toml v1.1.0
// ambiguous import: found package github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/http in multiple modules
// tencentcloud uses monorepo with multimodule but the go.mod files are incomplete.
exclude github.com/tencentcloud/tencentcloud-sdk-go v3.0.83+incompatible

4
go.sum
View file

@ -112,8 +112,8 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt
github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo=
github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I=
github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak=
github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/DataDog/datadog-agent/pkg/obfuscate v0.0.0-20211129110424-6491aa3bf583 h1:3nVO1nQyh64IUY6BPZUpMYMZ738Pu+LsMt3E0eqqIYw=
github.com/DataDog/datadog-agent/pkg/obfuscate v0.0.0-20211129110424-6491aa3bf583/go.mod h1:EP9f4GqaDJyP1F5jTNMtzdIpw3JpNs3rMSJOnYywCiw=

View file

@ -593,9 +593,11 @@ func TestWebSocketTransferTLSConfig(t *testing.T) {
require.NoError(t, err)
assert.Equal(t, "ok", resp)
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
// Don't alter default transport to prevent side effects on other tests.
defaultTransport := http.DefaultTransport.(*http.Transport).Clone()
defaultTransport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
forwarderWithTLSConfigFromDefaultTransport, err := buildProxy(Bool(true), nil, http.DefaultTransport, nil)
forwarderWithTLSConfigFromDefaultTransport, err := buildProxy(Bool(true), nil, defaultTransport, nil)
require.NoError(t, err)
proxyWithTLSConfigFromDefaultTransport := createProxyWithForwarder(t, forwarderWithTLSConfigFromDefaultTransport, srv.URL)

View file

@ -287,7 +287,7 @@ func TestSpiffeMTLS(t *testing.T) {
config dynamic.Spiffe
clientSource SpiffeX509Source
wantStatusCode int
wantErrorMessage string
wantError bool
}{
{
desc: "supports SPIFFE mTLS",
@ -309,7 +309,7 @@ func TestSpiffeMTLS(t *testing.T) {
IDs: []string{"spiffe://traefik.test/not-server"},
},
clientSource: &clientSource,
wantErrorMessage: `unexpected ID "spiffe://traefik.test/server"`,
wantError: true,
},
{
desc: "allows expected server trust domain",
@ -325,7 +325,7 @@ func TestSpiffeMTLS(t *testing.T) {
TrustDomain: "spiffe://not-traefik.test",
},
clientSource: &clientSource,
wantErrorMessage: `unexpected trust domain "traefik.test"`,
wantError: true,
},
{
desc: "spiffe IDs allowlist takes precedence",
@ -334,13 +334,13 @@ func TestSpiffeMTLS(t *testing.T) {
TrustDomain: "spiffe://not-traefik.test",
},
clientSource: &clientSource,
wantErrorMessage: `unexpected ID "spiffe://traefik.test/server"`,
wantError: true,
},
{
desc: "raises an error when spiffe is enabled on the transport but no workloadapi address is given",
config: dynamic.Spiffe{},
clientSource: nil,
wantErrorMessage: `remote error: tls: bad certificate`,
wantError: true,
},
}
@ -362,8 +362,8 @@ func TestSpiffeMTLS(t *testing.T) {
client := http.Client{Transport: tr}
resp, err := client.Get(srv.URL)
if test.wantErrorMessage != "" {
assert.ErrorContains(t, err, test.wantErrorMessage)
if test.wantError {
require.Error(t, err)
return
}