Compare commits

..

27 commits

Author SHA1 Message Date
e0b67d41e8
Merge branch 'v3.0' of github.com:traefik/traefik
Signed-off-by: baalajimaestro <me@baalajimaestro.me>
2024-02-09 15:54:24 +05:30
Michael
efa6ca0fa1
fix: go version for conformance tests gateway api 2024-02-08 16:46:06 +01:00
mmatur
bc84fdd006
Merge current v2.11 into v3.0 2024-02-08 14:35:35 +01:00
Ludovic Fernandez
d5cb9b50f4
Update to go1.22
Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
2024-02-07 17:14:07 +01:00
Julien Salleyron
e11ff98608
Fix NTLM and Kerberos 2024-02-06 17:34:07 +01:00
56b53107a6
Merge branch 'v3.0' of github.com:traefik/traefik 2024-02-06 16:26:30 +05:30
Nicolas Mengin
9df04df334
Delete warning in Kubernetes CRD provider about the supported version 2024-02-06 11:20:06 +01:00
Romain
bb6cd581a6
Align OpenTelemetry tracing and metrics configurations
Co-authored-by: Michael <michael.matur@gmail.com>
2024-02-06 10:04:05 +01:00
Andi Sardina Ramos
8f9ad16f54
chore: Upgrade Node.js version 2024-02-06 09:00:07 +01:00
Michael
5d8b1949b7
fix: upgrade actions/upload-artifact to v4 2024-02-01 14:08:06 +01:00
So Koide
d7ec0cedbf
Reload provider file configuration on SIGHUP 2024-02-01 14:06:05 +01:00
Massimiliano D
f1104ada65
Fixes the Header Button 2024-02-01 10:52:07 +01:00
Immánuel!
3ba3ca6eb0
Fix the keepAlive options for the CLI examples 2024-01-31 17:00:06 +01:00
44af01ae7c
Merge branch 'v3.0' of github.com:traefik/traefik 2024-01-31 21:22:56 +05:30
Romain
85039e0d54
Fix brotli response status code when compression is disabled 2024-01-30 17:32:05 +01:00
Pascal Hofmann
9be523d772
Support for cross-namespace references / GatewayAPI ReferenceGrants 2024-01-30 16:44:05 +01:00
Romain
8b77f0c2dd
Remove observability for internal resources 2024-01-30 16:28:05 +01:00
Aofei Sheng
d02be003ab
Add SO_REUSEPORT support for EntryPoints 2024-01-30 14:56:05 +01:00
Asad Rizvi
4d539273ad
docs: include ECS as supported backend 2024-01-29 18:50:05 +01:00
Romain
40de310927
Reintroduce dropped v2 dynamic config
Co-authored-by: Baptiste Mayelle <baptiste.mayelle@traefik.io>
2024-01-29 17:32:05 +01:00
Liam van der Viven
18203f57d2
Add support for sending DogStatsD metrics over Unix Socket 2024-01-29 17:08:05 +01:00
Ludovic Fernandez
ef0e9c6f05
Update go-acme/lego to v4.15.0 2024-01-29 15:10:05 +01:00
Fahrzin Hemmati
d37ea3e882
Add ResponseCode to CircuitBreaker 2024-01-29 10:58:05 +01:00
Andi Sardina Ramos
49f04f2772
fix: URL encode resource's id before calling API endpoints 2024-01-25 09:56:05 +01:00
Ludovic Fernandez
03d2e35488
fix: remove snapshot from release target 2024-01-24 18:54:05 +01:00
Romain
547cd81599
Prepare release v2.11.0-rc2 2024-01-24 15:20:09 +01:00
Halimao
b5251c6ac4
misc(Makefile): add help target to display the help msg 2024-01-24 11:58:05 +01:00
254 changed files with 12072 additions and 7719 deletions

View file

@ -150,18 +150,14 @@ linters-settings:
- github.com/jaguilar/vt100 - github.com/jaguilar/vt100
- github.com/cucumber/godog - github.com/cucumber/godog
testifylint: testifylint:
enable: disable:
- bool-compare - suite-dont-use-pkg
- compares - require-error
- empty - go-require
- error-is-as staticcheck:
- error-nil checks:
- expected-actual - all
- float-compare - -SA1019
- len
- suite-extra-assert-call
- suite-thelper
linters: linters:
enable-all: true enable-all: true
disable: disable:
@ -216,11 +212,12 @@ linters:
issues: issues:
exclude-use-default: false exclude-use-default: false
max-per-linter: 0 max-issues-per-linter: 0
max-same-issues: 0 max-same-issues: 0
exclude: exclude:
- 'Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked' - 'Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked'
- "should have a package comment, unless it's in another file for this package" - "should have a package comment, unless it's in another file for this package"
- 'fmt.Sprintf can be replaced with string addition'
exclude-rules: exclude-rules:
- path: '(.+)_test.go' - path: '(.+)_test.go'
linters: linters:

View file

@ -19,13 +19,13 @@ global_job_config:
prologue: prologue:
commands: commands:
- curl -sSfL https://raw.githubusercontent.com/ldez/semgo/master/godownloader.sh | sudo sh -s -- -b "/usr/local/bin" - curl -sSfL https://raw.githubusercontent.com/ldez/semgo/master/godownloader.sh | sudo sh -s -- -b "/usr/local/bin"
- sudo semgo go1.21 - sudo semgo go1.22
- export "GOPATH=$(go env GOPATH)" - export "GOPATH=$(go env GOPATH)"
- export "SEMAPHORE_GIT_DIR=${GOPATH}/src/github.com/traefik/${SEMAPHORE_PROJECT_NAME}" - export "SEMAPHORE_GIT_DIR=${GOPATH}/src/github.com/traefik/${SEMAPHORE_PROJECT_NAME}"
- export "PATH=${GOPATH}/bin:${PATH}" - export "PATH=${GOPATH}/bin:${PATH}"
- mkdir -vp "${SEMAPHORE_GIT_DIR}" "${GOPATH}/bin" - mkdir -vp "${SEMAPHORE_GIT_DIR}" "${GOPATH}/bin"
- export GOPROXY=https://proxy.golang.org,direct - export GOPROXY=https://proxy.golang.org,direct
- curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.55.2 - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.56.0
- curl -sSfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | bash -s -- -b "${GOPATH}/bin" - curl -sSfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | bash -s -- -b "${GOPATH}/bin"
- checkout - checkout
- cache restore traefik-$(checksum go.sum) - cache restore traefik-$(checksum go.sum)

View file

@ -1,3 +1,13 @@
## [v2.11.0-rc2](https://github.com/traefik/traefik/tree/v2.11.0-rc2) (2024-01-24)
[All Commits](https://github.com/traefik/traefik/compare/v2.11.0-rc1...v2.11.0-rc2)
**Bug fixes:**
- **[middleware,tcp]** Add missing TCP IPAllowList middleware constructor ([#10331](https://github.com/traefik/traefik/pull/10331) by [youkoulayley](https://github.com/youkoulayley))
- **[nomad]** Update the Nomad API dependency to v1.7.2 ([#10327](https://github.com/traefik/traefik/pull/10327) by [jrasell](https://github.com/jrasell))
**Documentation:**
- Improve Concepts documentation page ([#10315](https://github.com/traefik/traefik/pull/10315) by [oliver-dvorski](https://github.com/oliver-dvorski))
## [v2.11.0-rc1](https://github.com/traefik/traefik/tree/v2.11.0-rc1) (2024-01-02) ## [v2.11.0-rc1](https://github.com/traefik/traefik/tree/v2.11.0-rc1) (2024-01-02)
[All Commits](https://github.com/traefik/traefik/compare/0a7964300166d167f68d5502bc245b3b9c8842b4...v2.11.0-rc1) [All Commits](https://github.com/traefik/traefik/compare/0a7964300166d167f68d5502bc245b3b9c8842b4...v2.11.0-rc1)

View file

@ -22,40 +22,41 @@ LINT_EXECUTABLES = misspell shellcheck
DOCKER_BUILD_PLATFORMS ?= linux/amd64,linux/arm64 DOCKER_BUILD_PLATFORMS ?= linux/amd64,linux/arm64
.PHONY: default .PHONY: default
#? default: Run `make generate` and `make binary`
default: generate binary default: generate binary
## Create the "dist" directory #? dist: Create the "dist" directory
dist: dist:
mkdir -p dist mkdir -p dist
## Build WebUI Docker image
.PHONY: build-webui-image .PHONY: build-webui-image
#? build-webui-image: Build WebUI Docker image
build-webui-image: build-webui-image:
docker build -t traefik-webui -f webui/Dockerfile webui docker build -t traefik-webui -f webui/Dockerfile webui
## Clean WebUI static generated assets
.PHONY: clean-webui .PHONY: clean-webui
#? clean-webui: Clean WebUI static generated assets
clean-webui: clean-webui:
rm -r webui/static rm -r webui/static
mkdir -p webui/static mkdir -p webui/static
printf 'For more information see `webui/readme.md`' > webui/static/DONT-EDIT-FILES-IN-THIS-DIRECTORY.md printf 'For more information see `webui/readme.md`' > webui/static/DONT-EDIT-FILES-IN-THIS-DIRECTORY.md
## Generate WebUI
webui/static/index.html: webui/static/index.html:
$(MAKE) build-webui-image $(MAKE) build-webui-image
docker run --rm -v "$(PWD)/webui/static":'/src/webui/static' traefik-webui npm run build:nc docker run --rm -v "$(PWD)/webui/static":'/src/webui/static' traefik-webui npm run build:nc
docker run --rm -v "$(PWD)/webui/static":'/src/webui/static' traefik-webui chown -R $(shell id -u):$(shell id -g) ./static docker run --rm -v "$(PWD)/webui/static":'/src/webui/static' traefik-webui chown -R $(shell id -u):$(shell id -g) ./static
.PHONY: generate-webui .PHONY: generate-webui
#? generate-webui: Generate WebUI
generate-webui: webui/static/index.html generate-webui: webui/static/index.html
## Generate code
.PHONY: generate .PHONY: generate
#? generate: Generate code (Dynamic and Static configuration documentation reference files)
generate: generate:
go generate go generate
## Build the binary
.PHONY: binary .PHONY: binary
#? binary: Build the binary
binary: generate-webui dist binary: generate-webui dist
@echo SHA: $(VERSION) $(CODENAME) $(DATE) @echo SHA: $(VERSION) $(CODENAME) $(DATE)
CGO_ENABLED=0 GOGC=off GOOS=${GOOS} GOARCH=${GOARCH} go build ${FLAGS[*]} -ldflags "-s -w \ CGO_ENABLED=0 GOGC=off GOOS=${GOOS} GOARCH=${GOARCH} go build ${FLAGS[*]} -ldflags "-s -w \
@ -80,38 +81,39 @@ binary-windows-amd64: export BIN_NAME := traefik.exe
binary-windows-amd64: binary-windows-amd64:
@$(MAKE) binary @$(MAKE) binary
## Build the binary for the standard platforms (linux, darwin, windows)
.PHONY: crossbinary-default .PHONY: crossbinary-default
#? crossbinary-default: Build the binary for the standard platforms (linux, darwin, windows)
crossbinary-default: generate generate-webui crossbinary-default: generate generate-webui
$(CURDIR)/script/crossbinary-default.sh $(CURDIR)/script/crossbinary-default.sh
## Run the unit and integration tests
.PHONY: test .PHONY: test
#? test: Run the unit and integration tests
test: test-unit test-integration test: test-unit test-integration
## Run the unit tests
.PHONY: test-unit .PHONY: test-unit
#? test-unit: Run the unit tests
test-unit: test-unit:
GOOS=$(GOOS) GOARCH=$(GOARCH) go test -cover "-coverprofile=cover.out" -v $(TESTFLAGS) ./pkg/... ./cmd/... GOOS=$(GOOS) GOARCH=$(GOARCH) go test -cover "-coverprofile=cover.out" -v $(TESTFLAGS) ./pkg/... ./cmd/...
## Run the integration tests
.PHONY: test-integration .PHONY: test-integration
#? test-integration: Run the integration tests
test-integration: binary test-integration: binary
GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -test.timeout=20m -failfast -v $(TESTFLAGS) GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -test.timeout=20m -failfast -v $(TESTFLAGS)
## Run the conformance tests
.PHONY: test-gateway-api-conformance .PHONY: test-gateway-api-conformance
#? test-gateway-api-conformance: Run the conformance tests
test-gateway-api-conformance: binary test-gateway-api-conformance: binary
GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -v -test.run K8sConformanceSuite -k8sConformance=true $(TESTFLAGS) GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -v -test.run K8sConformanceSuite -k8sConformance=true $(TESTFLAGS)
## TODO: Need to be fixed to work in all situations. ## TODO: Need to be fixed to work in all situations.
## Run the conformance tests
.PHONY: test-gateway-api-conformance-ci .PHONY: test-gateway-api-conformance-ci
#? test-gateway-api-conformance-ci: Run the conformance tests
test-gateway-api-conformance-ci: test-gateway-api-conformance-ci:
GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -v -test.run K8sConformanceSuite -k8sConformance=true $(TESTFLAGS) GOOS=$(GOOS) GOARCH=$(GOARCH) go test ./integration -v -test.run K8sConformanceSuite -k8sConformance=true $(TESTFLAGS)
## Pull all Docker images to avoid timeout during integration tests
.PHONY: pull-images .PHONY: pull-images
#? pull-images: Pull all Docker images to avoid timeout during integration tests
pull-images: pull-images:
grep --no-filename -E '^\s+image:' ./integration/resources/compose/*.yml \ grep --no-filename -E '^\s+image:' ./integration/resources/compose/*.yml \
| awk '{print $$2}' \ | awk '{print $$2}' \
@ -119,21 +121,21 @@ pull-images:
| uniq \ | uniq \
| xargs -P 6 -n 1 docker pull | xargs -P 6 -n 1 docker pull
## Lint run golangci-lint
.PHONY: lint .PHONY: lint
#? lint: Run golangci-lint
lint: lint:
golangci-lint run golangci-lint run
## Validate code and docs
.PHONY: validate-files .PHONY: validate-files
#? validate-files: Validate code and docs
validate-files: lint validate-files: lint
$(foreach exec,$(LINT_EXECUTABLES),\ $(foreach exec,$(LINT_EXECUTABLES),\
$(if $(shell which $(exec)),,$(error "No $(exec) in PATH"))) $(if $(shell which $(exec)),,$(error "No $(exec) in PATH")))
$(CURDIR)/script/validate-misspell.sh $(CURDIR)/script/validate-misspell.sh
$(CURDIR)/script/validate-shell-script.sh $(CURDIR)/script/validate-shell-script.sh
## Validate code, docs, and vendor
.PHONY: validate .PHONY: validate
#? validate: Validate code, docs, and vendor
validate: lint validate: lint
$(foreach exec,$(EXECUTABLES),\ $(foreach exec,$(EXECUTABLES),\
$(if $(shell which $(exec)),,$(error "No $(exec) in PATH"))) $(if $(shell which $(exec)),,$(error "No $(exec) in PATH")))
@ -147,51 +149,57 @@ multi-arch-image-%: binary-linux-amd64 binary-linux-arm64
docker buildx build $(DOCKER_BUILDX_ARGS) -t traefik/traefik:$* --platform=$(DOCKER_BUILD_PLATFORMS) -f Dockerfile . docker buildx build $(DOCKER_BUILDX_ARGS) -t traefik/traefik:$* --platform=$(DOCKER_BUILD_PLATFORMS) -f Dockerfile .
## Clean up static directory and build a Docker Traefik image
.PHONY: build-image .PHONY: build-image
#? build-image: Clean up static directory and build a Docker Traefik image
build-image: export DOCKER_BUILDX_ARGS := --load build-image: export DOCKER_BUILDX_ARGS := --load
build-image: export DOCKER_BUILD_PLATFORMS := linux/$(GOARCH) build-image: export DOCKER_BUILD_PLATFORMS := linux/$(GOARCH)
build-image: clean-webui build-image: clean-webui
@$(MAKE) multi-arch-image-latest @$(MAKE) multi-arch-image-latest
## Build a Docker Traefik image without re-building the webui when it's already built
.PHONY: build-image-dirty .PHONY: build-image-dirty
#? build-image-dirty: Build a Docker Traefik image without re-building the webui when it's already built
build-image-dirty: export DOCKER_BUILDX_ARGS := --load build-image-dirty: export DOCKER_BUILDX_ARGS := --load
build-image-dirty: export DOCKER_BUILD_PLATFORMS := linux/$(GOARCH) build-image-dirty: export DOCKER_BUILD_PLATFORMS := linux/$(GOARCH)
build-image-dirty: build-image-dirty:
@$(MAKE) multi-arch-image-latest @$(MAKE) multi-arch-image-latest
## Build documentation site
.PHONY: docs .PHONY: docs
#? docs: Build documentation site
docs: docs:
make -C ./docs docs make -C ./docs docs
## Serve the documentation site locally
.PHONY: docs-serve .PHONY: docs-serve
#? docs-serve: Serve the documentation site locally
docs-serve: docs-serve:
make -C ./docs docs-serve make -C ./docs docs-serve
## Pull image for doc building
.PHONY: docs-pull-images .PHONY: docs-pull-images
#? docs-pull-images: Pull image for doc building
docs-pull-images: docs-pull-images:
make -C ./docs docs-pull-images make -C ./docs docs-pull-images
## Generate CRD clientset and CRD manifests
.PHONY: generate-crd .PHONY: generate-crd
#? generate-crd: Generate CRD clientset and CRD manifests
generate-crd: generate-crd:
@$(CURDIR)/script/code-gen-docker.sh @$(CURDIR)/script/code-gen-docker.sh
## Generate code from dynamic configuration https://github.com/traefik/genconf
.PHONY: generate-genconf .PHONY: generate-genconf
#? generate-genconf: Generate code from dynamic configuration github.com/traefik/genconf
generate-genconf: generate-genconf:
go run ./cmd/internal/gen/ go run ./cmd/internal/gen/
## Create packages for the release
.PHONY: release-packages .PHONY: release-packages
#? release-packages: Create packages for the release
release-packages: generate-webui release-packages: generate-webui
$(CURDIR)/script/release-packages.sh $(CURDIR)/script/release-packages.sh
## Format the Code
.PHONY: fmt .PHONY: fmt
#? fmt: Format the Code
fmt: fmt:
gofmt -s -l -w $(SRCS) gofmt -s -l -w $(SRCS)
.PHONY: help
#? help: Get more info on make commands
help: Makefile
@echo " Choose a command run in traefik:"
@sed -n 's/^#?//p' $< | column -t -s ':' | sort | sed -e 's/^/ /'

View file

@ -72,6 +72,7 @@ _(But if you'd rather configure some of your routes manually, Traefik supports t
- [Docker](https://doc.traefik.io/traefik/providers/docker/) / [Swarm mode](https://doc.traefik.io/traefik/providers/docker/) - [Docker](https://doc.traefik.io/traefik/providers/docker/) / [Swarm mode](https://doc.traefik.io/traefik/providers/docker/)
- [Kubernetes](https://doc.traefik.io/traefik/providers/kubernetes-crd/) - [Kubernetes](https://doc.traefik.io/traefik/providers/kubernetes-crd/)
- [ECS](https://doc.traefik.io/traefik/providers/ecs/)
- [File](https://doc.traefik.io/traefik/providers/file/) - [File](https://doc.traefik.io/traefik/providers/file/)
## Quickstart ## Quickstart

View file

@ -193,10 +193,13 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
tsProviders := initTailscaleProviders(staticConfiguration, &providerAggregator) tsProviders := initTailscaleProviders(staticConfiguration, &providerAggregator)
// Metrics // Observability
metricRegistries := registerMetricClients(staticConfiguration.Metrics) metricRegistries := registerMetricClients(staticConfiguration.Metrics)
metricsRegistry := metrics.NewMultiRegistry(metricRegistries) metricsRegistry := metrics.NewMultiRegistry(metricRegistries)
accessLog := setupAccessLog(staticConfiguration.AccessLog)
tracer, tracerCloser := setupTracing(staticConfiguration.Tracing)
observabilityMgr := middleware.NewObservabilityMgr(*staticConfiguration, metricsRegistry, accessLog, tracer, tracerCloser)
// Entrypoints // Entrypoints
@ -263,14 +266,11 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
roundTripperManager := service.NewRoundTripperManager(spiffeX509Source) roundTripperManager := service.NewRoundTripperManager(spiffeX509Source)
dialerManager := tcp.NewDialerManager(spiffeX509Source) dialerManager := tcp.NewDialerManager(spiffeX509Source)
acmeHTTPHandler := getHTTPChallengeHandler(acmeProviders, httpChallengeProvider) acmeHTTPHandler := getHTTPChallengeHandler(acmeProviders, httpChallengeProvider)
managerFactory := service.NewManagerFactory(*staticConfiguration, routinesPool, metricsRegistry, roundTripperManager, acmeHTTPHandler) managerFactory := service.NewManagerFactory(*staticConfiguration, routinesPool, observabilityMgr, roundTripperManager, acmeHTTPHandler)
// Router factory // Router factory
accessLog := setupAccessLog(staticConfiguration.AccessLog)
tracer, tracerCloser := setupTracing(staticConfiguration.Tracing) routerFactory := server.NewRouterFactory(*staticConfiguration, managerFactory, tlsManager, observabilityMgr, pluginBuilder, dialerManager)
chainBuilder := middleware.NewChainBuilder(metricsRegistry, accessLog, tracer)
routerFactory := server.NewRouterFactory(*staticConfiguration, managerFactory, tlsManager, chainBuilder, pluginBuilder, metricsRegistry, dialerManager)
// Watcher // Watcher
@ -351,7 +351,7 @@ func setupServer(staticConfiguration *static.Configuration) (*server.Server, err
} }
}) })
return server.NewServer(routinesPool, serverEntryPointsTCP, serverEntryPointsUDP, watcher, chainBuilder, accessLog, tracerCloser), nil return server.NewServer(routinesPool, serverEntryPointsTCP, serverEntryPointsUDP, watcher, observabilityMgr), nil
} }
func getHTTPChallengeHandler(acmeProviders []*acme.Provider, httpChallengeProvider http.Handler) http.Handler { func getHTTPChallengeHandler(acmeProviders []*acme.Provider, httpChallengeProvider http.Handler) http.Handler {
@ -520,15 +520,14 @@ func registerMetricClients(metricsConfig *types.Metrics) []metrics.Registry {
} }
} }
if metricsConfig.OpenTelemetry != nil { if metricsConfig.OTLP != nil {
logger := log.With().Str(logs.MetricsProviderName, "openTelemetry").Logger() logger := log.With().Str(logs.MetricsProviderName, "openTelemetry").Logger()
openTelemetryRegistry := metrics.RegisterOpenTelemetry(logger.WithContext(context.Background()), metricsConfig.OpenTelemetry) openTelemetryRegistry := metrics.RegisterOpenTelemetry(logger.WithContext(context.Background()), metricsConfig.OTLP)
if openTelemetryRegistry != nil { if openTelemetryRegistry != nil {
registries = append(registries, openTelemetryRegistry) registries = append(registries, openTelemetryRegistry)
logger.Debug(). logger.Debug().
Str("address", metricsConfig.OpenTelemetry.Address). Str("pushInterval", metricsConfig.OTLP.PushInterval.String()).
Str("pushInterval", metricsConfig.OpenTelemetry.PushInterval.String()).
Msg("Configured OpenTelemetry metrics") Msg("Configured OpenTelemetry metrics")
} }
} }

View file

@ -361,6 +361,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
| [Hetzner](https://hetzner.com) | `hetzner` | `HETZNER_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/hetzner) | | [Hetzner](https://hetzner.com) | `hetzner` | `HETZNER_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/hetzner) |
| [hosting.de](https://www.hosting.de) | `hostingde` | `HOSTINGDE_API_KEY`, `HOSTINGDE_ZONE_NAME` | [Additional configuration](https://go-acme.github.io/lego/dns/hostingde) | | [hosting.de](https://www.hosting.de) | `hostingde` | `HOSTINGDE_API_KEY`, `HOSTINGDE_ZONE_NAME` | [Additional configuration](https://go-acme.github.io/lego/dns/hostingde) |
| [Hosttech](https://www.hosttech.eu) | `hosttech` | `HOSTTECH_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/hosttech) | | [Hosttech](https://www.hosttech.eu) | `hosttech` | `HOSTTECH_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/hosttech) |
| [http.net](https://www.http.net/) | `httpnet` | `HTTPNET_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/httpnet) |
| [Hurricane Electric](https://dns.he.net) | `hurricane` | `HURRICANE_TOKENS` [^6] | [Additional configuration](https://go-acme.github.io/lego/dns/hurricane) | | [Hurricane Electric](https://dns.he.net) | `hurricane` | `HURRICANE_TOKENS` [^6] | [Additional configuration](https://go-acme.github.io/lego/dns/hurricane) |
| [HyperOne](https://www.hyperone.com) | `hyperone` | `HYPERONE_PASSPORT_LOCATION`, `HYPERONE_LOCATION_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/hyperone) | | [HyperOne](https://www.hyperone.com) | `hyperone` | `HYPERONE_PASSPORT_LOCATION`, `HYPERONE_LOCATION_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/hyperone) |
| [IBM Cloud (SoftLayer)](https://www.ibm.com/cloud/) | `ibmcloud` | `SOFTLAYER_USERNAME`, `SOFTLAYER_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/ibmcloud) | | [IBM Cloud (SoftLayer)](https://www.ibm.com/cloud/) | `ibmcloud` | `SOFTLAYER_USERNAME`, `SOFTLAYER_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/ibmcloud) |
@ -426,6 +427,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
| [VK Cloud](https://mcs.mail.ru/) | `vkcloud` | `VK_CLOUD_PASSWORD`, `VK_CLOUD_PROJECT_ID`, `VK_CLOUD_USERNAME` | [Additional configuration](https://go-acme.github.io/lego/dns/vkcloud) | | [VK Cloud](https://mcs.mail.ru/) | `vkcloud` | `VK_CLOUD_PASSWORD`, `VK_CLOUD_PROJECT_ID`, `VK_CLOUD_USERNAME` | [Additional configuration](https://go-acme.github.io/lego/dns/vkcloud) |
| [Vscale](https://vscale.io/) | `vscale` | `VSCALE_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/vscale) | | [Vscale](https://vscale.io/) | `vscale` | `VSCALE_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/vscale) |
| [VULTR](https://www.vultr.com) | `vultr` | `VULTR_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/vultr) | | [VULTR](https://www.vultr.com) | `vultr` | `VULTR_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/vultr) |
| [Webnames](https://www.webnames.ru/) | `webnames` | `WEBNAMES_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/webnames) |
| [Websupport](https://websupport.sk) | `websupport` | `WEBSUPPORT_API_KEY`, `WEBSUPPORT_SECRET` | [Additional configuration](https://go-acme.github.io/lego/dns/websupport) | | [Websupport](https://websupport.sk) | `websupport` | `WEBSUPPORT_API_KEY`, `WEBSUPPORT_SECRET` | [Additional configuration](https://go-acme.github.io/lego/dns/websupport) |
| [WEDOS](https://www.wedos.com) | `wedos` | `WEDOS_USERNAME`, `WEDOS_WAPI_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/wedos) | | [WEDOS](https://www.wedos.com) | `wedos` | `WEDOS_USERNAME`, `WEDOS_WAPI_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/wedos) |
| [Yandex 360](https://360.yandex.ru) | `yandex360` | `YANDEX360_OAUTH_TOKEN`, `YANDEX360_ORG_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/yandex360) | | [Yandex 360](https://360.yandex.ru) | `yandex360` | `YANDEX360_OAUTH_TOKEN`, `YANDEX360_ORG_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/yandex360) |

View file

@ -85,6 +85,7 @@ At specified intervals (`checkPeriod`), the circuit breaker evaluates `expressio
### Open ### Open
While open, the fallback mechanism takes over the normal service calls for a duration of `FallbackDuration`. While open, the fallback mechanism takes over the normal service calls for a duration of `FallbackDuration`.
The fallback mechanism returns a `HTTP 503` (or `ResponseCode`) to the client.
After this duration, it enters the recovering state. After this duration, it enters the recovering state.
### Recovering ### Recovering
@ -179,3 +180,9 @@ The duration for which the circuit breaker will wait before trying to recover (f
_Optional, Default="10s"_ _Optional, Default="10s"_
The duration for which the circuit breaker will try to recover (as soon as it is in recovering state). The duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
### `ResponseCode`
_Optional, Default="503"_
The status code that the circuit breaker will return while it is in the open state.

View file

@ -52,3 +52,16 @@ http:
[http.middlewares] [http.middlewares]
[http.middlewares.autodetect.contentType] [http.middlewares.autodetect.contentType]
``` ```
## Configuration Options
### `autoDetect`
!!! warning
`autoDetect` option is deprecated and should not be used.
Moreover, it is redundant with an empty ContentType middleware declaration.
`autoDetect` specifies whether to let the `Content-Type` header,
if it has not been set by the backend,
be automatically set to a value derived from the contents of the response.

View file

@ -314,11 +314,43 @@ The `allowedHosts` option lists fully qualified domain names that are allowed.
The `hostsProxyHeaders` option is a set of header keys that may hold a proxied hostname value for the request. The `hostsProxyHeaders` option is a set of header keys that may hold a proxied hostname value for the request.
### `sslRedirect`
!!! warning
Deprecated in favor of [EntryPoint redirection](../../routing/entrypoints.md#redirection) or the [RedirectScheme middleware](./redirectscheme.md).
The `sslRedirect` only allow HTTPS requests when set to `true`.
### `sslTemporaryRedirect`
!!! warning
Deprecated in favor of [EntryPoint redirection](../../routing/entrypoints.md#redirection) or the [RedirectScheme middleware](./redirectscheme.md).
Set `sslTemporaryRedirect` to `true` to force an SSL redirection using a 302 (instead of a 301).
### `sslHost`
!!! warning
Deprecated in favor of the [RedirectRegex middleware](./redirectregex.md).
The `sslHost` option is the host name that is used to redirect HTTP requests to HTTPS.
### `sslProxyHeaders` ### `sslProxyHeaders`
The `sslProxyHeaders` option is set of header keys with associated values that would indicate a valid HTTPS request. The `sslProxyHeaders` option is set of header keys with associated values that would indicate a valid HTTPS request.
It can be useful when using other proxies (example: `"X-Forwarded-Proto": "https"`). It can be useful when using other proxies (example: `"X-Forwarded-Proto": "https"`).
### `sslForceHost`
!!! warning
Deprecated in favor of the [RedirectRegex middleware](./redirectregex.md).
Set `sslForceHost` to `true` and set `sslHost` to force requests to use `SSLHost` regardless of whether they already use SSL.
### `stsSeconds` ### `stsSeconds`
The `stsSeconds` is the max-age of the `Strict-Transport-Security` header. The `stsSeconds` is the max-age of the `Strict-Transport-Security` header.
@ -370,6 +402,14 @@ The `publicKey` implements HPKP to prevent MITM attacks with forged certificates
The `referrerPolicy` allows sites to control whether browsers forward the `Referer` header to other sites. The `referrerPolicy` allows sites to control whether browsers forward the `Referer` header to other sites.
### `featurePolicy`
!!! warning
Deprecated in favor of [`permissionsPolicy`](#permissionsPolicy)
The `featurePolicy` allows sites to control browser features.
### `permissionsPolicy` ### `permissionsPolicy`
The `permissionsPolicy` allows sites to control browser features. The `permissionsPolicy` allows sites to control browser features.

View file

@ -76,3 +76,72 @@ For instance, `/products` also matches `/products/shoes` and `/products/shirts`.
If your backend is serving assets (e.g., images or JavaScript files), it can use the `X-Forwarded-Prefix` header to properly construct relative URLs. If your backend is serving assets (e.g., images or JavaScript files), it can use the `X-Forwarded-Prefix` header to properly construct relative URLs.
Using the previous example, the backend should return `/products/shoes/image.png` (and not `/image.png`, which Traefik would likely not be able to associate with the same backend). Using the previous example, the backend should return `/products/shoes/image.png` (and not `/image.png`, which Traefik would likely not be able to associate with the same backend).
### `forceSlash`
_Optional, Default=true_
!!! warning
`forceSlash` option is deprecated and should not be used.
The `forceSlash` option ensures the resulting stripped path is not the empty string, by replacing it with `/` when necessary.
??? info "Behavior examples"
- `forceSlash=true`
| Path | Prefix to strip | Result |
|------------|-----------------|--------|
| `/` | `/` | `/` |
| `/foo` | `/foo` | `/` |
| `/foo/` | `/foo` | `/` |
| `/foo/` | `/foo/` | `/` |
| `/bar` | `/foo` | `/bar` |
| `/foo/bar` | `/foo` | `/bar` |
- `forceSlash=false`
| Path | Prefix to strip | Result |
|------------|-----------------|--------|
| `/` | `/` | empty |
| `/foo` | `/foo` | empty |
| `/foo/` | `/foo` | `/` |
| `/foo/` | `/foo/` | empty |
| `/bar` | `/foo` | `/bar` |
| `/foo/bar` | `/foo` | `/bar` |
```yaml tab="Docker"
labels:
- "traefik.http.middlewares.example.stripprefix.prefixes=/foobar"
- "traefik.http.middlewares.example.stripprefix.forceSlash=false"
```
```yaml tab="Kubernetes"
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: example
spec:
stripPrefix:
prefixes:
- "/foobar"
forceSlash: false
```
```yaml tab="File (YAML)"
http:
middlewares:
example:
stripPrefix:
prefixes:
- "/foobar"
forceSlash: false
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.example.stripPrefix]
prefixes = ["/foobar"]
forceSlash = false
```

View file

@ -693,3 +693,13 @@ Here are two possible transition strategies:
This allows continued compatibility with the existing infrastructure. This allows continued compatibility with the existing infrastructure.
Please check the [OpenTelemetry Tracing provider documention](../observability/tracing/opentelemetry.md) for more information. Please check the [OpenTelemetry Tracing provider documention](../observability/tracing/opentelemetry.md) for more information.
#### Internal Resources Observability (AccessLogs, Metrics and Tracing)
In v3, observability for internal routers or services (e.g.: `ping@internal`) is disabled by default.
To enable it one should use the new `addInternals` option for AccessLogs, Metrics or Tracing.
Please take a look at the observability documentation for more information:
- [AccessLogs](../observability/access-logs.md#addinternals)
- [Metrics](../observability/metrics/overview.md#addinternals)
- [AccessLogs](../observability/tracing/overview.md#addinternals)

View file

@ -536,3 +536,30 @@ In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowL
### IPWhiteList (TCP) ### IPWhiteList (TCP)
In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowList](../middlewares/tcp/ipallowlist.md) middleware instead. In `v2.11`, the `IPWhiteList` middleware is deprecated, please use the [IPAllowList](../middlewares/tcp/ipallowlist.md) middleware instead.
### TLS CipherSuites
> By default, cipher suites without ECDHE support are no longer offered by either clients or servers during pre-TLS 1.3 handshakes.
> This change can be reverted with the `tlsrsakex=1 GODEBUG` setting.
> (https://go.dev/doc/go1.22#crypto/tls)
The _RSA key exchange_ cipher suites are way less secure than the modern ECDHE cipher suites and exposes to potential vulnerabilities like [the Marvin Attack](https://people.redhat.com/~hkario/marvin).
Decision has been made to support ECDHE cipher suites only by default.
The following ciphers have been removed from the default list:
- `TLS_RSA_WITH_AES_128_CBC_SHA`
- `TLS_RSA_WITH_AES_256_CBC_SHA`
- `TLS_RSA_WITH_AES_128_GCM_SHA256`
- `TLS_RSA_WITH_AES_256_GCM_SHA384`
To enable these ciphers, please set the option `CipherSuites` in your [TLS configuration](https://doc.traefik.io/traefik/https/tls/#cipher-suites) or set the environment variable `GODEBUG=tlsrsakex=1`.
### Minimum TLS Version
> By default, the minimum version offered by `crypto/tls` servers is now TLS 1.2 if not specified with config.MinimumVersion,
> matching the behavior of crypto/tls clients.
> This change can be reverted with the `tls10server=1 GODEBUG` setting.
> (https://go.dev/doc/go1.22#crypto/tls)
To enable TLS 1.0, please set the option `MinVersion` to `VersionTLS10` in your [TLS configuration](https://doc.traefik.io/traefik/https/tls/#cipher-suites) or set the environment variable `GODEBUG=tls10server=1`.

View file

@ -26,6 +26,26 @@ accessLog: {}
--accesslog=true --accesslog=true
``` ```
### `addInternals`
_Optional, Default="false"_
Enables accessLogs for internal resources.
```yaml tab="File (YAML)"
accesslog:
addInternals: true
```
```toml tab="File (TOML)"
[accesslog]
addInternals = true
```
```bash tab="CLI"
--accesslog.addinternals
```
### `filePath` ### `filePath`
By default access logs are written to the standard output. By default access logs are written to the standard output.

View file

@ -27,6 +27,8 @@ _Required, Default="127.0.0.1:8125"_
Address instructs exporter to send metrics to datadog-agent at this address. Address instructs exporter to send metrics to datadog-agent at this address.
This address can be a Unix Domain Socket (UDS) address with the following form: `unix:///path/to/datadog.socket`.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
datadog: datadog:

View file

@ -5,45 +5,25 @@ description: "Traefik supports several metrics backends, including OpenTelemetry
# OpenTelemetry # OpenTelemetry
To enable the OpenTelemetry: To enable the OpenTelemetry metrics:
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: {} otlp: {}
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp]
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry=true --metrics.otlp=true
``` ```
!!! info "The OpenTelemetry exporter will export metrics to the collector by using HTTP by default, see the [gRPC Section](#grpc-configuration) to use gRPC." !!! info "Default protocol"
#### `address` The OpenTelemetry exporter will export metrics to the collector using HTTP by default to https://localhost:4318/v1/metrics, see the [gRPC Section](#grpc-configuration) to use gRPC.
_Required, Default="localhost:4318", Format="`<host>:<port>`"_
Address of the OpenTelemetry Collector to send metrics to.
```yaml tab="File (YAML)"
metrics:
openTelemetry:
address: localhost:4318
```
```toml tab="File (TOML)"
[metrics]
[metrics.openTelemetry]
address = "localhost:4318"
```
```bash tab="CLI"
--metrics.openTelemetry.address=localhost:4318
```
#### `addEntryPointsLabels` #### `addEntryPointsLabels`
@ -53,18 +33,18 @@ Enable metrics on entry points.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
addEntryPointsLabels: true addEntryPointsLabels: true
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp]
addEntryPointsLabels = true addEntryPointsLabels = true
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.addEntryPointsLabels=true --metrics.otlp.addEntryPointsLabels=true
``` ```
#### `addRoutersLabels` #### `addRoutersLabels`
@ -75,18 +55,18 @@ Enable metrics on routers.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
addRoutersLabels: true addRoutersLabels: true
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp]
addRoutersLabels = true addRoutersLabels = true
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.addRoutersLabels=true --metrics.otlp.addRoutersLabels=true
``` ```
#### `addServicesLabels` #### `addServicesLabels`
@ -97,18 +77,18 @@ Enable metrics on services.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
addServicesLabels: true addServicesLabels: true
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp]
addServicesLabels = true addServicesLabels = true
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.addServicesLabels=true --metrics.otlp.addServicesLabels=true
``` ```
#### `explicitBoundaries` #### `explicitBoundaries`
@ -119,7 +99,7 @@ Explicit boundaries for Histogram data points.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
explicitBoundaries: explicitBoundaries:
- 0.1 - 0.1
- 0.3 - 0.3
@ -129,59 +109,12 @@ metrics:
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp]
explicitBoundaries = [0.1,0.3,1.2,5.0] explicitBoundaries = [0.1,0.3,1.2,5.0]
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.explicitBoundaries=0.1,0.3,1.2,5.0 --metrics.otlp.explicitBoundaries=0.1,0.3,1.2,5.0
```
#### `headers`
_Optional, Default={}_
Additional headers sent with metrics by the reporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
metrics:
openTelemetry:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[metrics]
[metrics.openTelemetry.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--metrics.openTelemetry.headers.foo=bar --metrics.openTelemetry.headers.baz=buz
```
#### `insecure`
_Optional, Default=false_
Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol.
```yaml tab="File (YAML)"
metrics:
openTelemetry:
insecure: true
```
```toml tab="File (TOML)"
[metrics]
[metrics.openTelemetry]
insecure = true
```
```bash tab="CLI"
--metrics.openTelemetry.insecure=true
``` ```
#### `pushInterval` #### `pushInterval`
@ -192,48 +125,95 @@ Interval at which metrics are sent to the OpenTelemetry Collector.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
pushInterval: 10s pushInterval: 10s
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp]
pushInterval = "10s" pushInterval = "10s"
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.pushInterval=10s --metrics.otlp.pushInterval=10s
``` ```
#### `path` ### HTTP configuration
_Required, Default="/v1/metrics"_ _Optional_
Allows to override the default URL path used for sending metrics. This instructs the exporter to send the metrics to the OpenTelemetry Collector using HTTP.
This option has no effect when using gRPC transport.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
path: /foo/v1/metrics http: {}
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry] [metrics.otlp.http]
path = "/foo/v1/metrics"
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.path=/foo/v1/metrics --metrics.otlp.http=true
```
#### `endpoint`
_Required, Default="http://localhost:4318/v1/metrics", Format="`<scheme>://<host>:<port><path>`"_
URL of the OpenTelemetry Collector to send metrics to.
```yaml tab="File (YAML)"
metrics:
otlp:
http:
endpoint: http://localhost:4318/v1/metrics
```
```toml tab="File (TOML)"
[metrics]
[metrics.otlp.http]
endpoint = "http://localhost:4318/v1/metrics"
```
```bash tab="CLI"
--metrics.otlp.http.endpoint=http://localhost:4318/v1/metrics
```
#### `headers`
_Optional, Default={}_
Additional headers sent with metrics by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
metrics:
otlp:
http:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[metrics]
[metrics.otlp.http.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--metrics.otlp.http.headers.foo=bar --metrics.otlp.http.headers.baz=buz
``` ```
#### `tls` #### `tls`
_Optional_ _Optional_
Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. Defines the Client TLS configuration used by the exporter to send metrics to the OpenTelemetry Collector.
##### `ca` ##### `ca`
@ -244,18 +224,19 @@ it defaults to the system bundle.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
http:
tls: tls:
ca: path/to/ca.crt ca: path/to/ca.crt
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics.openTelemetry.tls] [metrics.otlp.http.tls]
ca = "path/to/ca.crt" ca = "path/to/ca.crt"
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.tls.ca=path/to/ca.crt --metrics.otlp.http.tls.ca=path/to/ca.crt
``` ```
##### `cert` ##### `cert`
@ -267,21 +248,22 @@ When using this option, setting the `key` option is required.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
http:
tls: tls:
cert: path/to/foo.cert cert: path/to/foo.cert
key: path/to/foo.key key: path/to/foo.key
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics.openTelemetry.tls] [metrics.otlp.http.tls]
cert = "path/to/foo.cert" cert = "path/to/foo.cert"
key = "path/to/foo.key" key = "path/to/foo.key"
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.tls.cert=path/to/foo.cert --metrics.otlp.http.tls.cert=path/to/foo.cert
--metrics.openTelemetry.tls.key=path/to/foo.key --metrics.otlp.http.tls.key=path/to/foo.key
``` ```
##### `key` ##### `key`
@ -293,21 +275,22 @@ When using this option, setting the `cert` option is required.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
http:
tls: tls:
cert: path/to/foo.cert cert: path/to/foo.cert
key: path/to/foo.key key: path/to/foo.key
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics.openTelemetry.tls] [metrics.otlp.http.tls]
cert = "path/to/foo.cert" cert = "path/to/foo.cert"
key = "path/to/foo.key" key = "path/to/foo.key"
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.tls.cert=path/to/foo.cert --metrics.otlp.http.tls.cert=path/to/foo.cert
--metrics.openTelemetry.tls.key=path/to/foo.key --metrics.otlp.http.tls.key=path/to/foo.key
``` ```
##### `insecureSkipVerify` ##### `insecureSkipVerify`
@ -319,35 +302,218 @@ the TLS connection to the OpenTelemetry Collector accepts any certificate presen
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
http:
tls: tls:
insecureSkipVerify: true insecureSkipVerify: true
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics.openTelemetry.tls] [metrics.otlp.http.tls]
insecureSkipVerify = true insecureSkipVerify = true
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.tls.insecureSkipVerify=true --metrics.otlp.http.tls.insecureSkipVerify=true
``` ```
#### gRPC configuration ### gRPC configuration
This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC. _Optional_
This instructs the exporter to send metrics to the OpenTelemetry Collector using gRPC.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
metrics: metrics:
openTelemetry: otlp:
grpc: {} grpc: {}
``` ```
```toml tab="File (TOML)" ```toml tab="File (TOML)"
[metrics] [metrics]
[metrics.openTelemetry.grpc] [metrics.otlp.grpc]
``` ```
```bash tab="CLI" ```bash tab="CLI"
--metrics.openTelemetry.grpc=true --metrics.otlp.grpc=true
```
#### `endpoint`
_Required, Default="localhost:4317", Format="`<host>:<port>`"_
Address of the OpenTelemetry Collector to send metrics to.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
endpoint: localhost:4317
```
```toml tab="File (TOML)"
[metrics]
[metrics.otlp.grpc]
endpoint = "localhost:4317"
```
```bash tab="CLI"
--metrics.otlp.grpc.endpoint=localhost:4317
```
#### `insecure`
_Optional, Default=false_
Allows exporter to send metrics to the OpenTelemetry Collector without using a secured protocol.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
insecure: true
```
```toml tab="File (TOML)"
[metrics]
[metrics.otlp.grpc]
insecure = true
```
```bash tab="CLI"
--metrics.otlp.grpc.insecure=true
```
#### `headers`
_Optional, Default={}_
Additional headers sent with metrics by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[metrics]
[metrics.otlp.grpc.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--metrics.otlp.grpc.headers.foo=bar --metrics.otlp.grpc.headers.baz=buz
```
#### `tls`
_Optional_
Defines the Client TLS configuration used by the exporter to send metrics to the OpenTelemetry Collector.
##### `ca`
_Optional_
`ca` is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
it defaults to the system bundle.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
tls:
ca: path/to/ca.crt
```
```toml tab="File (TOML)"
[metrics.otlp.grpc.tls]
ca = "path/to/ca.crt"
```
```bash tab="CLI"
--metrics.otlp.grpc.tls.ca=path/to/ca.crt
```
##### `cert`
_Optional_
`cert` is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `key` option is required.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[metrics.otlp.grpc.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--metrics.otlp.grpc.tls.cert=path/to/foo.cert
--metrics.otlp.grpc.tls.key=path/to/foo.key
```
##### `key`
_Optional_
`key` is the path to the private key used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the `cert` option is required.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
```
```toml tab="File (TOML)"
[metrics.otlp.grpc.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```bash tab="CLI"
--metrics.otlp.grpc.tls.cert=path/to/foo.cert
--metrics.otlp.grpc.tls.key=path/to/foo.key
```
##### `insecureSkipVerify`
_Optional, Default=false_
If `insecureSkipVerify` is `true`,
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
```yaml tab="File (YAML)"
metrics:
otlp:
grpc:
tls:
insecureSkipVerify: true
```
```toml tab="File (TOML)"
[metrics.otlp.grpc.tls]
insecureSkipVerify = true
```
```bash tab="CLI"
--metrics.otlp.grpc.tls.insecureSkipVerify=true
``` ```

View file

@ -14,6 +14,28 @@ Traefik supports these metrics backends:
Traefik Proxy hosts an official Grafana dashboard for both [on-premises](https://grafana.com/grafana/dashboards/17346) and [Kubernetes](https://grafana.com/grafana/dashboards/17347) deployments. Traefik Proxy hosts an official Grafana dashboard for both [on-premises](https://grafana.com/grafana/dashboards/17346) and [Kubernetes](https://grafana.com/grafana/dashboards/17347) deployments.
## Common Options
### `addInternals`
_Optional, Default="false"_
Enables metrics for internal resources.
```yaml tab="File (YAML)"
metrics:
addInternals: true
```
```toml tab="File (TOML)"
[metrics]
addInternals = true
```
```bash tab="CLI"
--metrics.addinternals
```
## Global Metrics ## Global Metrics
| Metric | Type | [Labels](#labels) | Description | | Metric | Type | [Labels](#labels) | Description |

View file

@ -0,0 +1,42 @@
---
title: "Traefik Observability Overview"
description: "Traefik provides Logs, Access Logs, Metrics and Tracing. Read the full documentation to get started."
---
# Overview
Traefik's Observability system
{: .subtitle }
## Logs
Traefik logs informs about everything that happens within Traefik (startup, configuration, events, shutdown, and so on).
Read the [Logs documentation](./logs.md) to learn how to configure it.
## Access Logs
Access logs are a key part of observability in Traefik.
They are providing valuable insights about incoming traffic, and allow to monitor it.
The access logs record detailed information about each request received by Traefik,
including the source IP address, requested URL, response status code, and more.
Read the [Access Logs documentation](./access-logs.md) to learn how to configure it.
## Metrics
Traefik offers a metrics feature that provides valuable insights about the performance and usage.
These metrics include the number of requests received, the requests duration, and more.
Traefik supports these metrics systems: Prometheus, Datadog, InfluxDB 2.X, and StatsD.
Read the [Metrics documentation](./metrics/overview.md) to learn how to configure it.
## Tracing
The Traefik tracing system allows developers to gain deep visibility into the flow of requests through their infrastructure.
Traefik supports these tracing with OpenTelemetry.
Read the [Tracing documentation](./tracing/overview.md) to learn how to configure it.

View file

@ -21,19 +21,20 @@ tracing:
--tracing.otlp=true --tracing.otlp=true
``` ```
!!! info "The OpenTelemetry trace reporter will export traces to the collector using HTTP by default (http://localhost:4318/v1/traces), !!! info "Default protocol"
see the [gRPC Section](#grpc-configuration) to use gRPC."
The OpenTelemetry trace exporter will export traces to the collector using HTTP by default to https://localhost:4318/v1/traces, see the [gRPC Section](#grpc-configuration) to use gRPC.
!!! info "Trace sampling" !!! info "Trace sampling"
By default, the OpenTelemetry trace reporter will sample 100% of traces. By default, the OpenTelemetry trace exporter will sample 100% of traces.
See [OpenTelemetry's SDK configuration](https://opentelemetry.io/docs/reference/specification/sdk-environment-variables/#general-sdk-configuration) to customize the sampling strategy. See [OpenTelemetry's SDK configuration](https://opentelemetry.io/docs/reference/specification/sdk-environment-variables/#general-sdk-configuration) to customize the sampling strategy.
### HTTP configuration ### HTTP configuration
_Optional_ _Optional_
This instructs the reporter to send spans to the OpenTelemetry Collector using HTTP. This instructs the exporter to send spans to the OpenTelemetry Collector using HTTP.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
tracing: tracing:
@ -73,11 +74,37 @@ tracing:
--tracing.otlp.http.endpoint=http://localhost:4318/v1/traces --tracing.otlp.http.endpoint=http://localhost:4318/v1/traces
``` ```
#### `headers`
_Optional, Default={}_
Additional headers sent with traces by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
tracing:
otlp:
http:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[tracing]
[tracing.otlp.http.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--tracing.otlp.http.headers.foo=bar --tracing.otlp.http.headers.baz=buz
```
#### `tls` #### `tls`
_Optional_ _Optional_
Defines the Client TLS configuration used by the reporter to send spans to the OpenTelemetry Collector. Defines the Client TLS configuration used by the exporter to send spans to the OpenTelemetry Collector.
##### `ca` ##### `ca`
@ -181,11 +208,11 @@ tracing:
--tracing.otlp.http.tls.insecureSkipVerify=true --tracing.otlp.http.tls.insecureSkipVerify=true
``` ```
#### gRPC configuration ### gRPC configuration
_Optional_ _Optional_
This instructs the reporter to send spans to the OpenTelemetry Collector using gRPC. This instructs the exporter to send spans to the OpenTelemetry Collector using gRPC.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
tracing: tracing:
@ -228,7 +255,7 @@ tracing:
_Optional, Default=false_ _Optional, Default=false_
Allows reporter to send spans to the OpenTelemetry Collector without using a secured protocol. Allows exporter to send spans to the OpenTelemetry Collector without using a secured protocol.
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
tracing: tracing:
@ -247,11 +274,37 @@ tracing:
--tracing.otlp.grpc.insecure=true --tracing.otlp.grpc.insecure=true
``` ```
#### `headers`
_Optional, Default={}_
Additional headers sent with traces by the exporter to the OpenTelemetry Collector.
```yaml tab="File (YAML)"
tracing:
otlp:
grpc:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[tracing]
[tracing.otlp.grpc.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--tracing.otlp.grpc.headers.foo=bar --tracing.otlp.grpc.headers.baz=buz
```
#### `tls` #### `tls`
_Optional_ _Optional_
Defines the Client TLS configuration used by the reporter to send spans to the OpenTelemetry Collector. Defines the Client TLS configuration used by the exporter to send spans to the OpenTelemetry Collector.
##### `ca` ##### `ca`

View file

@ -14,10 +14,8 @@ Traefik uses [OpenTelemetry](https://opentelemetry.io/ "Link to website of OTel"
Please check our dedicated [OTel docs](./opentelemetry.md) to learn more. Please check our dedicated [OTel docs](./opentelemetry.md) to learn more.
## Configuration ## Configuration
To enable the tracing: To enable the tracing:
```yaml tab="File (YAML)" ```yaml tab="File (YAML)"
@ -34,6 +32,26 @@ tracing: {}
### Common Options ### Common Options
#### `addInternals`
_Optional, Default="false"_
Enables tracing for internal resources.
```yaml tab="File (YAML)"
tracing:
addInternals: true
```
```toml tab="File (TOML)"
[tracing]
addInternals = true
```
```bash tab="CLI"
--tracing.addinternals
```
#### `serviceName` #### `serviceName`
_Required, Default="traefik"_ _Required, Default="traefik"_
@ -74,30 +92,6 @@ tracing:
--tracing.sampleRate=0.2 --tracing.sampleRate=0.2
``` ```
#### `headers`
_Optional, Default={}_
Defines additional headers to be sent with the span's payload.
```yaml tab="File (YAML)"
tracing:
headers:
foo: bar
baz: buz
```
```toml tab="File (TOML)"
[tracing]
[tracing.headers]
foo = "bar"
baz = "buz"
```
```bash tab="CLI"
--tracing.headers.foo=bar --tracing.headers.baz=buz
```
#### `globalAttributes` #### `globalAttributes`
_Optional, Default=empty_ _Optional, Default=empty_

View file

@ -16,11 +16,13 @@
- "traefik.http.middlewares.middleware05.circuitbreaker.expression=foobar" - "traefik.http.middlewares.middleware05.circuitbreaker.expression=foobar"
- "traefik.http.middlewares.middleware05.circuitbreaker.fallbackduration=42s" - "traefik.http.middlewares.middleware05.circuitbreaker.fallbackduration=42s"
- "traefik.http.middlewares.middleware05.circuitbreaker.recoveryduration=42s" - "traefik.http.middlewares.middleware05.circuitbreaker.recoveryduration=42s"
- "traefik.http.middlewares.middleware05.circuitbreaker.responsecode=42"
- "traefik.http.middlewares.middleware06.compress=true" - "traefik.http.middlewares.middleware06.compress=true"
- "traefik.http.middlewares.middleware06.compress.excludedcontenttypes=foobar, foobar" - "traefik.http.middlewares.middleware06.compress.excludedcontenttypes=foobar, foobar"
- "traefik.http.middlewares.middleware06.compress.includedcontenttypes=foobar, foobar" - "traefik.http.middlewares.middleware06.compress.includedcontenttypes=foobar, foobar"
- "traefik.http.middlewares.middleware06.compress.minresponsebodybytes=42" - "traefik.http.middlewares.middleware06.compress.minresponsebodybytes=42"
- "traefik.http.middlewares.middleware07.contenttype=true" - "traefik.http.middlewares.middleware07.contenttype=true"
- "traefik.http.middlewares.middleware07.contenttype.autodetect=true"
- "traefik.http.middlewares.middleware08.digestauth.headerfield=foobar" - "traefik.http.middlewares.middleware08.digestauth.headerfield=foobar"
- "traefik.http.middlewares.middleware08.digestauth.realm=foobar" - "traefik.http.middlewares.middleware08.digestauth.realm=foobar"
- "traefik.http.middlewares.middleware08.digestauth.removeheader=true" - "traefik.http.middlewares.middleware08.digestauth.removeheader=true"
@ -35,6 +37,7 @@
- "traefik.http.middlewares.middleware10.forwardauth.authresponseheaders=foobar, foobar" - "traefik.http.middlewares.middleware10.forwardauth.authresponseheaders=foobar, foobar"
- "traefik.http.middlewares.middleware10.forwardauth.authresponseheadersregex=foobar" - "traefik.http.middlewares.middleware10.forwardauth.authresponseheadersregex=foobar"
- "traefik.http.middlewares.middleware10.forwardauth.tls.ca=foobar" - "traefik.http.middlewares.middleware10.forwardauth.tls.ca=foobar"
- "traefik.http.middlewares.middleware10.forwardauth.tls.caoptional=true"
- "traefik.http.middlewares.middleware10.forwardauth.tls.cert=foobar" - "traefik.http.middlewares.middleware10.forwardauth.tls.cert=foobar"
- "traefik.http.middlewares.middleware10.forwardauth.tls.insecureskipverify=true" - "traefik.http.middlewares.middleware10.forwardauth.tls.insecureskipverify=true"
- "traefik.http.middlewares.middleware10.forwardauth.tls.key=foobar" - "traefik.http.middlewares.middleware10.forwardauth.tls.key=foobar"
@ -58,6 +61,7 @@
- "traefik.http.middlewares.middleware12.headers.customrequestheaders.name1=foobar" - "traefik.http.middlewares.middleware12.headers.customrequestheaders.name1=foobar"
- "traefik.http.middlewares.middleware12.headers.customresponseheaders.name0=foobar" - "traefik.http.middlewares.middleware12.headers.customresponseheaders.name0=foobar"
- "traefik.http.middlewares.middleware12.headers.customresponseheaders.name1=foobar" - "traefik.http.middlewares.middleware12.headers.customresponseheaders.name1=foobar"
- "traefik.http.middlewares.middleware12.headers.featurepolicy=foobar"
- "traefik.http.middlewares.middleware12.headers.forcestsheader=true" - "traefik.http.middlewares.middleware12.headers.forcestsheader=true"
- "traefik.http.middlewares.middleware12.headers.framedeny=true" - "traefik.http.middlewares.middleware12.headers.framedeny=true"
- "traefik.http.middlewares.middleware12.headers.hostsproxyheaders=foobar, foobar" - "traefik.http.middlewares.middleware12.headers.hostsproxyheaders=foobar, foobar"
@ -65,8 +69,12 @@
- "traefik.http.middlewares.middleware12.headers.permissionspolicy=foobar" - "traefik.http.middlewares.middleware12.headers.permissionspolicy=foobar"
- "traefik.http.middlewares.middleware12.headers.publickey=foobar" - "traefik.http.middlewares.middleware12.headers.publickey=foobar"
- "traefik.http.middlewares.middleware12.headers.referrerpolicy=foobar" - "traefik.http.middlewares.middleware12.headers.referrerpolicy=foobar"
- "traefik.http.middlewares.middleware12.headers.sslforcehost=true"
- "traefik.http.middlewares.middleware12.headers.sslhost=foobar"
- "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name0=foobar" - "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name0=foobar"
- "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name1=foobar" - "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name1=foobar"
- "traefik.http.middlewares.middleware12.headers.sslredirect=true"
- "traefik.http.middlewares.middleware12.headers.ssltemporaryredirect=true"
- "traefik.http.middlewares.middleware12.headers.stsincludesubdomains=true" - "traefik.http.middlewares.middleware12.headers.stsincludesubdomains=true"
- "traefik.http.middlewares.middleware12.headers.stspreload=true" - "traefik.http.middlewares.middleware12.headers.stspreload=true"
- "traefik.http.middlewares.middleware12.headers.stsseconds=42" - "traefik.http.middlewares.middleware12.headers.stsseconds=42"
@ -126,6 +134,7 @@
- "traefik.http.middlewares.middleware22.replacepathregex.replacement=foobar" - "traefik.http.middlewares.middleware22.replacepathregex.replacement=foobar"
- "traefik.http.middlewares.middleware23.retry.attempts=42" - "traefik.http.middlewares.middleware23.retry.attempts=42"
- "traefik.http.middlewares.middleware23.retry.initialinterval=42s" - "traefik.http.middlewares.middleware23.retry.initialinterval=42s"
- "traefik.http.middlewares.middleware24.stripprefix.forceslash=true"
- "traefik.http.middlewares.middleware24.stripprefix.prefixes=foobar, foobar" - "traefik.http.middlewares.middleware24.stripprefix.prefixes=foobar, foobar"
- "traefik.http.middlewares.middleware25.stripprefixregex.regex=foobar, foobar" - "traefik.http.middlewares.middleware25.stripprefixregex.regex=foobar, foobar"
- "traefik.http.routers.router0.entrypoints=foobar, foobar" - "traefik.http.routers.router0.entrypoints=foobar, foobar"
@ -213,6 +222,7 @@
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol=true" - "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol=true"
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version=42" - "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version=42"
- "traefik.tcp.services.tcpservice01.loadbalancer.serverstransport=foobar" - "traefik.tcp.services.tcpservice01.loadbalancer.serverstransport=foobar"
- "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay=42"
- "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar" - "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar"
- "traefik.tcp.services.tcpservice01.loadbalancer.server.tls=true" - "traefik.tcp.services.tcpservice01.loadbalancer.server.tls=true"
- "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar" - "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar"

View file

@ -137,6 +137,7 @@
checkPeriod = "42s" checkPeriod = "42s"
fallbackDuration = "42s" fallbackDuration = "42s"
recoveryDuration = "42s" recoveryDuration = "42s"
responseCode = 42
[http.middlewares.Middleware06] [http.middlewares.Middleware06]
[http.middlewares.Middleware06.compress] [http.middlewares.Middleware06.compress]
excludedContentTypes = ["foobar", "foobar"] excludedContentTypes = ["foobar", "foobar"]
@ -144,6 +145,7 @@
minResponseBodyBytes = 42 minResponseBodyBytes = 42
[http.middlewares.Middleware07] [http.middlewares.Middleware07]
[http.middlewares.Middleware07.contentType] [http.middlewares.Middleware07.contentType]
autoDetect = true
[http.middlewares.Middleware08] [http.middlewares.Middleware08]
[http.middlewares.Middleware08.digestAuth] [http.middlewares.Middleware08.digestAuth]
users = ["foobar", "foobar"] users = ["foobar", "foobar"]
@ -169,6 +171,7 @@
cert = "foobar" cert = "foobar"
key = "foobar" key = "foobar"
insecureSkipVerify = true insecureSkipVerify = true
caOptional = true
[http.middlewares.Middleware11] [http.middlewares.Middleware11]
[http.middlewares.Middleware11.grpcWeb] [http.middlewares.Middleware11.grpcWeb]
allowOrigins = ["foobar", "foobar"] allowOrigins = ["foobar", "foobar"]
@ -198,6 +201,11 @@
referrerPolicy = "foobar" referrerPolicy = "foobar"
permissionsPolicy = "foobar" permissionsPolicy = "foobar"
isDevelopment = true isDevelopment = true
featurePolicy = "foobar"
sslRedirect = true
sslTemporaryRedirect = true
sslHost = "foobar"
sslForceHost = true
[http.middlewares.Middleware12.headers.customRequestHeaders] [http.middlewares.Middleware12.headers.customRequestHeaders]
name0 = "foobar" name0 = "foobar"
name1 = "foobar" name1 = "foobar"
@ -297,6 +305,7 @@
[http.middlewares.Middleware24] [http.middlewares.Middleware24]
[http.middlewares.Middleware24.stripPrefix] [http.middlewares.Middleware24.stripPrefix]
prefixes = ["foobar", "foobar"] prefixes = ["foobar", "foobar"]
forceSlash = true
[http.middlewares.Middleware25] [http.middlewares.Middleware25]
[http.middlewares.Middleware25.stripPrefixRegex] [http.middlewares.Middleware25.stripPrefixRegex]
regex = ["foobar", "foobar"] regex = ["foobar", "foobar"]
@ -394,6 +403,7 @@
[tcp.services.TCPService01] [tcp.services.TCPService01]
[tcp.services.TCPService01.loadBalancer] [tcp.services.TCPService01.loadBalancer]
serversTransport = "foobar" serversTransport = "foobar"
terminationDelay = 42
[tcp.services.TCPService01.loadBalancer.proxyProtocol] [tcp.services.TCPService01.loadBalancer.proxyProtocol]
version = 42 version = 42
@ -513,6 +523,7 @@
curvePreferences = ["foobar", "foobar"] curvePreferences = ["foobar", "foobar"]
sniStrict = true sniStrict = true
alpnProtocols = ["foobar", "foobar"] alpnProtocols = ["foobar", "foobar"]
preferServerCipherSuites = true
[tls.options.Options0.clientAuth] [tls.options.Options0.clientAuth]
caFiles = ["foobar", "foobar"] caFiles = ["foobar", "foobar"]
clientAuthType = "foobar" clientAuthType = "foobar"
@ -523,6 +534,7 @@
curvePreferences = ["foobar", "foobar"] curvePreferences = ["foobar", "foobar"]
sniStrict = true sniStrict = true
alpnProtocols = ["foobar", "foobar"] alpnProtocols = ["foobar", "foobar"]
preferServerCipherSuites = true
[tls.options.Options1.clientAuth] [tls.options.Options1.clientAuth]
caFiles = ["foobar", "foobar"] caFiles = ["foobar", "foobar"]
clientAuthType = "foobar" clientAuthType = "foobar"

View file

@ -142,6 +142,7 @@ http:
checkPeriod: 42s checkPeriod: 42s
fallbackDuration: 42s fallbackDuration: 42s
recoveryDuration: 42s recoveryDuration: 42s
responseCode: 42
Middleware06: Middleware06:
compress: compress:
excludedContentTypes: excludedContentTypes:
@ -152,7 +153,8 @@ http:
- foobar - foobar
minResponseBodyBytes: 42 minResponseBodyBytes: 42
Middleware07: Middleware07:
contentType: {} contentType:
autoDetect: true
Middleware08: Middleware08:
digestAuth: digestAuth:
users: users:
@ -177,6 +179,7 @@ http:
cert: foobar cert: foobar
key: foobar key: foobar
insecureSkipVerify: true insecureSkipVerify: true
caOptional: true
trustForwardHeader: true trustForwardHeader: true
authResponseHeaders: authResponseHeaders:
- foobar - foobar
@ -242,6 +245,11 @@ http:
referrerPolicy: foobar referrerPolicy: foobar
permissionsPolicy: foobar permissionsPolicy: foobar
isDevelopment: true isDevelopment: true
featurePolicy: foobar
sslRedirect: true
sslTemporaryRedirect: true
sslHost: foobar
sslForceHost: true
Middleware13: Middleware13:
ipAllowList: ipAllowList:
sourceRange: sourceRange:
@ -346,6 +354,7 @@ http:
prefixes: prefixes:
- foobar - foobar
- foobar - foobar
forceSlash: true
Middleware25: Middleware25:
stripPrefixRegex: stripPrefixRegex:
regex: regex:
@ -463,6 +472,7 @@ tcp:
- address: foobar - address: foobar
tls: true tls: true
serversTransport: foobar serversTransport: foobar
terminationDelay: 42
TCPService02: TCPService02:
weighted: weighted:
services: services:
@ -583,6 +593,7 @@ tls:
alpnProtocols: alpnProtocols:
- foobar - foobar
- foobar - foobar
preferServerCipherSuites: true
Options1: Options1:
minVersion: foobar minVersion: foobar
maxVersion: foobar maxVersion: foobar
@ -601,6 +612,7 @@ tls:
alpnProtocols: alpnProtocols:
- foobar - foobar
- foobar - foobar
preferServerCipherSuites: true
stores: stores:
Store0: Store0:
defaultCertificate: defaultCertificate:

View file

@ -20,12 +20,13 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware05/circuitBreaker/expression` | `foobar` | | `traefik/http/middlewares/Middleware05/circuitBreaker/expression` | `foobar` |
| `traefik/http/middlewares/Middleware05/circuitBreaker/fallbackDuration` | `42s` | | `traefik/http/middlewares/Middleware05/circuitBreaker/fallbackDuration` | `42s` |
| `traefik/http/middlewares/Middleware05/circuitBreaker/recoveryDuration` | `42s` | | `traefik/http/middlewares/Middleware05/circuitBreaker/recoveryDuration` | `42s` |
| `traefik/http/middlewares/Middleware05/circuitBreaker/responseCode` | `42` |
| `traefik/http/middlewares/Middleware06/compress/excludedContentTypes/0` | `foobar` | | `traefik/http/middlewares/Middleware06/compress/excludedContentTypes/0` | `foobar` |
| `traefik/http/middlewares/Middleware06/compress/excludedContentTypes/1` | `foobar` | | `traefik/http/middlewares/Middleware06/compress/excludedContentTypes/1` | `foobar` |
| `traefik/http/middlewares/Middleware06/compress/includedContentTypes/0` | `foobar` | | `traefik/http/middlewares/Middleware06/compress/includedContentTypes/0` | `foobar` |
| `traefik/http/middlewares/Middleware06/compress/includedContentTypes/1` | `foobar` | | `traefik/http/middlewares/Middleware06/compress/includedContentTypes/1` | `foobar` |
| `traefik/http/middlewares/Middleware06/compress/minResponseBodyBytes` | `42` | | `traefik/http/middlewares/Middleware06/compress/minResponseBodyBytes` | `42` |
| `traefik/http/middlewares/Middleware07/contentType` | `` | | `traefik/http/middlewares/Middleware07/contentType/autoDetect` | `true` |
| `traefik/http/middlewares/Middleware08/digestAuth/headerField` | `foobar` | | `traefik/http/middlewares/Middleware08/digestAuth/headerField` | `foobar` |
| `traefik/http/middlewares/Middleware08/digestAuth/realm` | `foobar` | | `traefik/http/middlewares/Middleware08/digestAuth/realm` | `foobar` |
| `traefik/http/middlewares/Middleware08/digestAuth/removeHeader` | `true` | | `traefik/http/middlewares/Middleware08/digestAuth/removeHeader` | `true` |
@ -45,6 +46,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeaders/1` | `foobar` | | `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeaders/1` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeadersRegex` | `foobar` | | `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeadersRegex` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/ca` | `foobar` | | `traefik/http/middlewares/Middleware10/forwardAuth/tls/ca` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/caOptional` | `true` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/cert` | `foobar` | | `traefik/http/middlewares/Middleware10/forwardAuth/tls/cert` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/insecureSkipVerify` | `true` | | `traefik/http/middlewares/Middleware10/forwardAuth/tls/insecureSkipVerify` | `true` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/key` | `foobar` | | `traefik/http/middlewares/Middleware10/forwardAuth/tls/key` | `foobar` |
@ -75,6 +77,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware12/headers/customRequestHeaders/name1` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/customRequestHeaders/name1` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name0` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name0` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name1` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name1` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/featurePolicy` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/forceSTSHeader` | `true` | | `traefik/http/middlewares/Middleware12/headers/forceSTSHeader` | `true` |
| `traefik/http/middlewares/Middleware12/headers/frameDeny` | `true` | | `traefik/http/middlewares/Middleware12/headers/frameDeny` | `true` |
| `traefik/http/middlewares/Middleware12/headers/hostsProxyHeaders/0` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/hostsProxyHeaders/0` | `foobar` |
@ -83,8 +86,12 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware12/headers/permissionsPolicy` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/permissionsPolicy` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/publicKey` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/publicKey` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/referrerPolicy` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/referrerPolicy` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslForceHost` | `true` |
| `traefik/http/middlewares/Middleware12/headers/sslHost` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name0` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name0` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name1` | `foobar` | | `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name1` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslRedirect` | `true` |
| `traefik/http/middlewares/Middleware12/headers/sslTemporaryRedirect` | `true` |
| `traefik/http/middlewares/Middleware12/headers/stsIncludeSubdomains` | `true` | | `traefik/http/middlewares/Middleware12/headers/stsIncludeSubdomains` | `true` |
| `traefik/http/middlewares/Middleware12/headers/stsPreload` | `true` | | `traefik/http/middlewares/Middleware12/headers/stsPreload` | `true` |
| `traefik/http/middlewares/Middleware12/headers/stsSeconds` | `42` | | `traefik/http/middlewares/Middleware12/headers/stsSeconds` | `42` |
@ -148,6 +155,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware22/replacePathRegex/replacement` | `foobar` | | `traefik/http/middlewares/Middleware22/replacePathRegex/replacement` | `foobar` |
| `traefik/http/middlewares/Middleware23/retry/attempts` | `42` | | `traefik/http/middlewares/Middleware23/retry/attempts` | `42` |
| `traefik/http/middlewares/Middleware23/retry/initialInterval` | `42s` | | `traefik/http/middlewares/Middleware23/retry/initialInterval` | `42s` |
| `traefik/http/middlewares/Middleware24/stripPrefix/forceSlash` | `true` |
| `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/0` | `foobar` | | `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/0` | `foobar` |
| `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/1` | `foobar` | | `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/1` | `foobar` |
| `traefik/http/middlewares/Middleware25/stripPrefixRegex/regex/0` | `foobar` | | `traefik/http/middlewares/Middleware25/stripPrefixRegex/regex/0` | `foobar` |
@ -341,6 +349,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/address` | `foobar` | | `traefik/tcp/services/TCPService01/loadBalancer/servers/1/address` | `foobar` |
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/tls` | `true` | | `traefik/tcp/services/TCPService01/loadBalancer/servers/1/tls` | `true` |
| `traefik/tcp/services/TCPService01/loadBalancer/serversTransport` | `foobar` | | `traefik/tcp/services/TCPService01/loadBalancer/serversTransport` | `foobar` |
| `traefik/tcp/services/TCPService01/loadBalancer/terminationDelay` | `42` |
| `traefik/tcp/services/TCPService02/weighted/services/0/name` | `foobar` | | `traefik/tcp/services/TCPService02/weighted/services/0/name` | `foobar` |
| `traefik/tcp/services/TCPService02/weighted/services/0/weight` | `42` | | `traefik/tcp/services/TCPService02/weighted/services/0/weight` | `42` |
| `traefik/tcp/services/TCPService02/weighted/services/1/name` | `foobar` | | `traefik/tcp/services/TCPService02/weighted/services/1/name` | `foobar` |
@ -364,6 +373,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/tls/options/Options0/curvePreferences/1` | `foobar` | | `traefik/tls/options/Options0/curvePreferences/1` | `foobar` |
| `traefik/tls/options/Options0/maxVersion` | `foobar` | | `traefik/tls/options/Options0/maxVersion` | `foobar` |
| `traefik/tls/options/Options0/minVersion` | `foobar` | | `traefik/tls/options/Options0/minVersion` | `foobar` |
| `traefik/tls/options/Options0/preferServerCipherSuites` | `true` |
| `traefik/tls/options/Options0/sniStrict` | `true` | | `traefik/tls/options/Options0/sniStrict` | `true` |
| `traefik/tls/options/Options1/alpnProtocols/0` | `foobar` | | `traefik/tls/options/Options1/alpnProtocols/0` | `foobar` |
| `traefik/tls/options/Options1/alpnProtocols/1` | `foobar` | | `traefik/tls/options/Options1/alpnProtocols/1` | `foobar` |
@ -376,6 +386,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/tls/options/Options1/curvePreferences/1` | `foobar` | | `traefik/tls/options/Options1/curvePreferences/1` | `foobar` |
| `traefik/tls/options/Options1/maxVersion` | `foobar` | | `traefik/tls/options/Options1/maxVersion` | `foobar` |
| `traefik/tls/options/Options1/minVersion` | `foobar` | | `traefik/tls/options/Options1/minVersion` | `foobar` |
| `traefik/tls/options/Options1/preferServerCipherSuites` | `true` |
| `traefik/tls/options/Options1/sniStrict` | `true` | | `traefik/tls/options/Options1/sniStrict` | `true` |
| `traefik/tls/stores/Store0/defaultCertificate/certFile` | `foobar` | | `traefik/tls/stores/Store0/defaultCertificate/certFile` | `foobar` |
| `traefik/tls/stores/Store0/defaultCertificate/keyFile` | `foobar` | | `traefik/tls/stores/Store0/defaultCertificate/keyFile` | `foobar` |

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: ingressroutes.traefik.io name: ingressroutes.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -20,14 +20,19 @@ spec:
description: IngressRoute is the CRD implementation of a Traefik HTTP Router. description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -35,10 +40,11 @@ spec:
description: IngressRouteSpec defines the desired state of IngressRoute. description: IngressRouteSpec defines the desired state of IngressRoute.
properties: properties:
entryPoints: entryPoints:
description: 'EntryPoints defines the list of entry point names to description: |-
bind to. Entry points have to be configured in the static configuration. EntryPoints defines the list of entry point names to bind to.
Entry points have to be configured in the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/ More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
Default: all.' Default: all.
items: items:
type: string type: string
type: array type: array
@ -48,17 +54,21 @@ spec:
description: Route holds the HTTP route configuration. description: Route holds the HTTP route configuration.
properties: properties:
kind: kind:
description: Kind defines the kind of the route. Rule is the description: |-
only supported kind. Kind defines the kind of the route.
Rule is the only supported kind.
enum: enum:
- Rule - Rule
type: string type: string
match: match:
description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule' description: |-
Match defines the router's rule.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule
type: string type: string
middlewares: middlewares:
description: 'Middlewares defines the list of references to description: |-
Middleware resources. More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware' Middlewares defines the list of references to Middleware resources.
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-middleware
items: items:
description: MiddlewareRef is a reference to a Middleware description: MiddlewareRef is a reference to a Middleware
resource. resource.
@ -76,13 +86,14 @@ spec:
type: object type: object
type: array type: array
priority: priority:
description: 'Priority defines the router''s priority. More description: |-
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority' Priority defines the router's priority.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority
type: integer type: integer
services: services:
description: Services defines the list of Service. It can contain description: |-
any combination of TraefikService and/or reference to a Kubernetes Services defines the list of Service.
Service. It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
items: items:
description: Service defines an upstream HTTP service to proxy description: Service defines an upstream HTTP service to proxy
traffic to. traffic to.
@ -94,31 +105,32 @@ spec:
- TraefikService - TraefikService
type: string type: string
name: name:
description: Name defines the name of the referenced Kubernetes description: |-
Service or TraefikService. The differentiation between Name defines the name of the referenced Kubernetes Service or TraefikService.
the two is specified in the Kind field. The differentiation between the two is specified in the Kind field.
type: string type: string
namespace: namespace:
description: Namespace defines the namespace of the referenced description: Namespace defines the namespace of the referenced
Kubernetes Service or TraefikService. Kubernetes Service or TraefikService.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs NativeLB controls, when creating the load-balancer,
or if the only child is the Kubernetes Service clusterIP. whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
The Kubernetes Service itself does load-balance to the The Kubernetes Service itself does load-balance to the pods.
pods. By default, NativeLB is false. By default, NativeLB is false.
type: boolean type: boolean
passHostHeader: passHostHeader:
description: PassHostHeader defines whether the client description: |-
Host header is forwarded to the upstream Kubernetes PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
Service. By default, passHostHeader is true. By default, passHostHeader is true.
type: boolean type: boolean
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. description: |-
Port defines the port of a Kubernetes Service.
This can be a reference to a named port. This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
responseForwarding: responseForwarding:
@ -127,30 +139,29 @@ spec:
the client. the client.
properties: properties:
flushInterval: flushInterval:
description: 'FlushInterval defines the interval, description: |-
in milliseconds, in between flushes to the client FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
while copying the response body. A negative value A negative value means to flush immediately after each write to the client.
means to flush immediately after each write to the This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
client. This configuration is ignored when ReverseProxy for such responses, writes are flushed to the client immediately.
recognizes a response as a streaming response; for Default: 100ms
such responses, writes are flushed to the client
immediately. Default: 100ms'
type: string type: string
type: object type: object
scheme: scheme:
description: Scheme defines the scheme to use for the description: |-
request to the upstream Kubernetes Service. It defaults Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
to https when Kubernetes Service port is 443, http otherwise. It defaults to https when Kubernetes Service port is 443, http otherwise.
type: string type: string
serversTransport: serversTransport:
description: ServersTransport defines the name of ServersTransport description: |-
resource to use. It allows to configure the transport ServersTransport defines the name of ServersTransport resource to use.
between Traefik and your servers. Can only be used on It allows to configure the transport between Traefik and your servers.
a Kubernetes Service. Can only be used on a Kubernetes Service.
type: string type: string
sticky: sticky:
description: 'Sticky defines the sticky sessions configuration. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions' Sticky defines the sticky sessions configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
properties: properties:
cookie: cookie:
description: Cookie defines the sticky cookie configuration. description: Cookie defines the sticky cookie configuration.
@ -161,17 +172,18 @@ spec:
JavaScript. JavaScript.
type: boolean type: boolean
maxAge: maxAge:
description: MaxAge indicates the number of seconds description: |-
until the cookie expires. When set to a negative MaxAge indicates the number of seconds until the cookie expires.
number, the cookie expires immediately. When When set to a negative number, the cookie expires immediately.
set to zero, the cookie never expires. When set to zero, the cookie never expires.
type: integer type: integer
name: name:
description: Name defines the Cookie name. description: Name defines the Cookie name.
type: string type: string
sameSite: sameSite:
description: 'SameSite defines the same site policy. description: |-
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' SameSite defines the same site policy.
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
type: string type: string
secure: secure:
description: Secure defines whether the cookie description: Secure defines whether the cookie
@ -181,23 +193,23 @@ spec:
type: object type: object
type: object type: object
strategy: strategy:
description: Strategy defines the load balancing strategy description: |-
between the servers. RoundRobin is the only supported Strategy defines the load balancing strategy between the servers.
value at the moment. RoundRobin is the only supported value at the moment.
type: string type: string
weight: weight:
description: Weight defines the weight and should only description: |-
be specified when Name references a TraefikService object Weight defines the weight and should only be specified when Name references a TraefikService object
(and to be precise, one that embeds a Weighted Round (and to be precise, one that embeds a Weighted Round Robin).
Robin).
type: integer type: integer
required: required:
- name - name
type: object type: object
type: array type: array
syntax: syntax:
description: 'Syntax defines the router''s rule syntax. More description: |-
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax' Syntax defines the router's rule syntax.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax
type: string type: string
required: required:
- kind - kind
@ -205,16 +217,20 @@ spec:
type: object type: object
type: array type: array
tls: tls:
description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls' description: |-
TLS defines the TLS configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls
properties: properties:
certResolver: certResolver:
description: 'CertResolver defines the name of the certificate description: |-
resolver to use. Cert resolvers have to be configured in the CertResolver defines the name of the certificate resolver to use.
static configuration. More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers' Cert resolvers have to be configured in the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
type: string type: string
domains: domains:
description: 'Domains defines the list of domains that will be description: |-
used to issue certificates. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains' Domains defines the list of domains that will be used to issue certificates.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
items: items:
description: Domain holds a domain name with SANs. description: Domain holds a domain name with SANs.
properties: properties:
@ -230,17 +246,20 @@ spec:
type: object type: object
type: array type: array
options: options:
description: 'Options defines the reference to a TLSOption, that description: |-
specifies the parameters of the TLS connection. If not defined, Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options' If not defined, the `default` TLSOption is used.
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
properties: properties:
name: name:
description: 'Name defines the name of the referenced TLSOption. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption' Name defines the name of the referenced TLSOption.
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
type: string type: string
namespace: namespace:
description: 'Namespace defines the namespace of the referenced description: |-
TLSOption. More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption' Namespace defines the namespace of the referenced TLSOption.
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsoption
type: string type: string
required: required:
- name - name
@ -250,17 +269,19 @@ spec:
Secret to specify the certificate details. Secret to specify the certificate details.
type: string type: string
store: store:
description: Store defines the reference to the TLSStore, that description: |-
will be used to store certificates. Please note that only `default` Store defines the reference to the TLSStore, that will be used to store certificates.
TLSStore can be used. Please note that only `default` TLSStore can be used.
properties: properties:
name: name:
description: 'Name defines the name of the referenced TLSStore. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore' Name defines the name of the referenced TLSStore.
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
type: string type: string
namespace: namespace:
description: 'Namespace defines the namespace of the referenced description: |-
TLSStore. More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore' Namespace defines the namespace of the referenced TLSStore.
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-tlsstore
type: string type: string
required: required:
- name - name

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: ingressroutetcps.traefik.io name: ingressroutetcps.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -20,14 +20,19 @@ spec:
description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -35,10 +40,11 @@ spec:
description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
properties: properties:
entryPoints: entryPoints:
description: 'EntryPoints defines the list of entry point names to description: |-
bind to. Entry points have to be configured in the static configuration. EntryPoints defines the list of entry point names to bind to.
Entry points have to be configured in the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/ More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
Default: all.' Default: all.
items: items:
type: string type: string
type: array type: array
@ -48,7 +54,9 @@ spec:
description: RouteTCP holds the TCP route configuration. description: RouteTCP holds the TCP route configuration.
properties: properties:
match: match:
description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1' description: |-
Match defines the router's rule.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rule_1
type: string type: string
middlewares: middlewares:
description: Middlewares defines the list of references to MiddlewareTCP description: Middlewares defines the list of references to MiddlewareTCP
@ -70,8 +78,9 @@ spec:
type: object type: object
type: array type: array
priority: priority:
description: 'Priority defines the router''s priority. More description: |-
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1' Priority defines the router's priority.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#priority_1
type: integer type: integer
services: services:
description: Services defines the list of TCP services. description: Services defines the list of TCP services.
@ -88,22 +97,24 @@ spec:
Kubernetes Service. Kubernetes Service.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs NativeLB controls, when creating the load-balancer,
or if the only child is the Kubernetes Service clusterIP. whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
The Kubernetes Service itself does load-balance to the The Kubernetes Service itself does load-balance to the pods.
pods. By default, NativeLB is false. By default, NativeLB is false.
type: boolean type: boolean
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. description: |-
Port defines the port of a Kubernetes Service.
This can be a reference to a named port. This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
proxyProtocol: proxyProtocol:
description: 'ProxyProtocol defines the PROXY protocol description: |-
configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol' ProxyProtocol defines the PROXY protocol configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#proxy-protocol
properties: properties:
version: version:
description: Version defines the PROXY Protocol version description: Version defines the PROXY Protocol version
@ -111,11 +122,20 @@ spec:
type: integer type: integer
type: object type: object
serversTransport: serversTransport:
description: ServersTransport defines the name of ServersTransportTCP description: |-
resource to use. It allows to configure the transport ServersTransport defines the name of ServersTransportTCP resource to use.
between Traefik and your servers. Can only be used on It allows to configure the transport between Traefik and your servers.
a Kubernetes Service. Can only be used on a Kubernetes Service.
type: string type: string
terminationDelay:
description: |-
TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates
it has closed the writing capability of its connection, to close the reading capability as well,
hence fully terminating the connection.
It is a duration in milliseconds, defaulting to 100.
A negative value means an infinite deadline (i.e. the reading capability is never closed).
Deprecated: TerminationDelay is not supported APIVersion traefik.io/v1, please use ServersTransport to configure the TerminationDelay instead.
type: integer
tls: tls:
description: TLS determines whether to use TLS when dialing description: TLS determines whether to use TLS when dialing
with the backend. with the backend.
@ -130,25 +150,29 @@ spec:
type: object type: object
type: array type: array
syntax: syntax:
description: 'Syntax defines the router''s rule syntax. More description: |-
info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1' Syntax defines the router's rule syntax.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#rulesyntax_1
type: string type: string
required: required:
- match - match
type: object type: object
type: array type: array
tls: tls:
description: 'TLS defines the TLS configuration on a layer 4 / TCP description: |-
Route. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1' TLS defines the TLS configuration on a layer 4 / TCP Route.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#tls_1
properties: properties:
certResolver: certResolver:
description: 'CertResolver defines the name of the certificate description: |-
resolver to use. Cert resolvers have to be configured in the CertResolver defines the name of the certificate resolver to use.
static configuration. More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers' Cert resolvers have to be configured in the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/https/acme/#certificate-resolvers
type: string type: string
domains: domains:
description: 'Domains defines the list of domains that will be description: |-
used to issue certificates. More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains' Domains defines the list of domains that will be used to issue certificates.
More info: https://doc.traefik.io/traefik/v3.0/routing/routers/#domains
items: items:
description: Domain holds a domain name with SANs. description: Domain holds a domain name with SANs.
properties: properties:
@ -164,9 +188,10 @@ spec:
type: object type: object
type: array type: array
options: options:
description: 'Options defines the reference to a TLSOption, that description: |-
specifies the parameters of the TLS connection. If not defined, Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options' If not defined, the `default` TLSOption is used.
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
properties: properties:
name: name:
description: Name defines the name of the referenced Traefik description: Name defines the name of the referenced Traefik
@ -188,9 +213,9 @@ spec:
Secret to specify the certificate details. Secret to specify the certificate details.
type: string type: string
store: store:
description: Store defines the reference to the TLSStore, that description: |-
will be used to store certificates. Please note that only `default` Store defines the reference to the TLSStore, that will be used to store certificates.
TLSStore can be used. Please note that only `default` TLSStore can be used.
properties: properties:
name: name:
description: Name defines the name of the referenced Traefik description: Name defines the name of the referenced Traefik

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: ingressrouteudps.traefik.io name: ingressrouteudps.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -20,14 +20,19 @@ spec:
description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -35,10 +40,11 @@ spec:
description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
properties: properties:
entryPoints: entryPoints:
description: 'EntryPoints defines the list of entry point names to description: |-
bind to. Entry points have to be configured in the static configuration. EntryPoints defines the list of entry point names to bind to.
Entry points have to be configured in the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/ More info: https://doc.traefik.io/traefik/v3.0/routing/entrypoints/
Default: all.' Default: all.
items: items:
type: string type: string
type: array type: array
@ -62,17 +68,18 @@ spec:
Kubernetes Service. Kubernetes Service.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs NativeLB controls, when creating the load-balancer,
or if the only child is the Kubernetes Service clusterIP. whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
The Kubernetes Service itself does load-balance to the The Kubernetes Service itself does load-balance to the pods.
pods. By default, NativeLB is false. By default, NativeLB is false.
type: boolean type: boolean
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. description: |-
Port defines the port of a Kubernetes Service.
This can be a reference to a named port. This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
weight: weight:

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: middlewares.traefik.io name: middlewares.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,18 +17,24 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'Middleware is the CRD implementation of a Traefik Middleware. description: |-
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/' Middleware is the CRD implementation of a Traefik Middleware.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/overview/
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -36,33 +42,37 @@ spec:
description: MiddlewareSpec defines the desired state of a Middleware. description: MiddlewareSpec defines the desired state of a Middleware.
properties: properties:
addPrefix: addPrefix:
description: 'AddPrefix holds the add prefix middleware configuration. description: |-
This middleware updates the path of a request before forwarding AddPrefix holds the add prefix middleware configuration.
it. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/' This middleware updates the path of a request before forwarding it.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/addprefix/
properties: properties:
prefix: prefix:
description: Prefix is the string to add before the current path description: |-
in the requested URL. It should include a leading slash (/). Prefix is the string to add before the current path in the requested URL.
It should include a leading slash (/).
type: string type: string
type: object type: object
basicAuth: basicAuth:
description: 'BasicAuth holds the basic auth middleware configuration. description: |-
BasicAuth holds the basic auth middleware configuration.
This middleware restricts access to your services to known users. This middleware restricts access to your services to known users.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/
properties: properties:
headerField: headerField:
description: 'HeaderField defines a header field to store the description: |-
authenticated user. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield' HeaderField defines a header field to store the authenticated user.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
type: string type: string
realm: realm:
description: 'Realm allows the protected resources on a server description: |-
to be partitioned into a set of protection spaces, each with Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
its own authentication scheme. Default: traefik.' Default: traefik.
type: string type: string
removeHeader: removeHeader:
description: 'RemoveHeader sets the removeHeader option to true description: |-
to remove the authorization header before forwarding the request RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service.
to your service. Default: false.' Default: false.
type: boolean type: boolean
secret: secret:
description: Secret is the name of the referenced Kubernetes Secret description: Secret is the name of the referenced Kubernetes Secret
@ -70,48 +80,49 @@ spec:
type: string type: string
type: object type: object
buffering: buffering:
description: 'Buffering holds the buffering middleware configuration. description: |-
This middleware retries or limits the size of requests that can Buffering holds the buffering middleware configuration.
be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes' This middleware retries or limits the size of requests that can be forwarded to backends.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#maxrequestbodybytes
properties: properties:
maxRequestBodyBytes: maxRequestBodyBytes:
description: 'MaxRequestBodyBytes defines the maximum allowed description: |-
body size for the request (in bytes). If the request exceeds MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
the allowed size, it is not forwarded to the service, and the If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
client gets a 413 (Request Entity Too Large) response. Default: Default: 0 (no maximum).
0 (no maximum).'
format: int64 format: int64
type: integer type: integer
maxResponseBodyBytes: maxResponseBodyBytes:
description: 'MaxResponseBodyBytes defines the maximum allowed description: |-
response size from the service (in bytes). If the response exceeds MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes).
the allowed size, it is not forwarded to the client. The client If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead.
gets a 500 (Internal Server Error) response instead. Default: Default: 0 (no maximum).
0 (no maximum).'
format: int64 format: int64
type: integer type: integer
memRequestBodyBytes: memRequestBodyBytes:
description: 'MemRequestBodyBytes defines the threshold (in bytes) description: |-
from which the request will be buffered on disk instead of in MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory.
memory. Default: 1048576 (1Mi).' Default: 1048576 (1Mi).
format: int64 format: int64
type: integer type: integer
memResponseBodyBytes: memResponseBodyBytes:
description: 'MemResponseBodyBytes defines the threshold (in bytes) description: |-
from which the response will be buffered on disk instead of MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory.
in memory. Default: 1048576 (1Mi).' Default: 1048576 (1Mi).
format: int64 format: int64
type: integer type: integer
retryExpression: retryExpression:
description: 'RetryExpression defines the retry conditions. It description: |-
is a logical combination of functions with operators AND (&&) RetryExpression defines the retry conditions.
and OR (||). More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression' It is a logical combination of functions with operators AND (&&) and OR (||).
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/buffering/#retryexpression
type: string type: string
type: object type: object
chain: chain:
description: 'Chain holds the configuration of the chain middleware. description: |-
This middleware enables to define reusable combinations of other Chain holds the configuration of the chain middleware.
pieces of middleware. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/' This middleware enables to define reusable combinations of other pieces of middleware.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/chain/
properties: properties:
middlewares: middlewares:
description: Middlewares is the list of MiddlewareRef which composes description: Middlewares is the list of MiddlewareRef which composes
@ -163,15 +174,15 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
compress: compress:
description: 'Compress holds the compress middleware configuration. description: |-
This middleware compresses responses before sending them to the Compress holds the compress middleware configuration.
client, using gzip compression. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/' This middleware compresses responses before sending them to the client, using gzip compression.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/compress/
properties: properties:
excludedContentTypes: excludedContentTypes:
description: ExcludedContentTypes defines the list of content description: |-
types to compare the Content-Type header of the incoming requests ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
and responses before compressing. `application/grpc` is always `application/grpc` is always excluded.
excluded.
items: items:
type: string type: string
type: array type: array
@ -183,30 +194,38 @@ spec:
type: string type: string
type: array type: array
minResponseBodyBytes: minResponseBodyBytes:
description: 'MinResponseBodyBytes defines the minimum amount description: |-
of bytes a response body must have to be compressed. Default: MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed.
1024.' Default: 1024.
type: integer type: integer
type: object type: object
contentType: contentType:
description: ContentType holds the content-type middleware configuration. description: |-
This middleware sets the `Content-Type` header value to the media ContentType holds the content-type middleware configuration.
type detected from the response content, when it is not set by the This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
backend. properties:
autoDetect:
description: |-
AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
be automatically set to a value derived from the contents of the response.
Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.
type: boolean
type: object type: object
digestAuth: digestAuth:
description: 'DigestAuth holds the digest auth middleware configuration. description: |-
DigestAuth holds the digest auth middleware configuration.
This middleware restricts access to your services to known users. This middleware restricts access to your services to known users.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/digestauth/
properties: properties:
headerField: headerField:
description: 'HeaderField defines a header field to store the description: |-
authenticated user. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield' HeaderField defines a header field to store the authenticated user.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/basicauth/#headerfield
type: string type: string
realm: realm:
description: 'Realm allows the protected resources on a server description: |-
to be partitioned into a set of protection spaces, each with Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
its own authentication scheme. Default: traefik.' Default: traefik.
type: string type: string
removeHeader: removeHeader:
description: RemoveHeader defines whether to remove the authorization description: RemoveHeader defines whether to remove the authorization
@ -218,18 +237,20 @@ spec:
type: string type: string
type: object type: object
errors: errors:
description: 'ErrorPage holds the custom error middleware configuration. description: |-
This middleware returns a custom page in lieu of the default, according ErrorPage holds the custom error middleware configuration.
to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/' This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/
properties: properties:
query: query:
description: Query defines the URL for the error page (hosted description: |-
by service). The {status} variable can be used in order to insert Query defines the URL for the error page (hosted by service).
the status code in the URL. The {status} variable can be used in order to insert the status code in the URL.
type: string type: string
service: service:
description: 'Service defines the reference to a Kubernetes Service description: |-
that will serve the error page. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service' Service defines the reference to a Kubernetes Service that will serve the error page.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/errorpages/#service
properties: properties:
kind: kind:
description: Kind defines the kind of the Service. description: Kind defines the kind of the Service.
@ -238,31 +259,32 @@ spec:
- TraefikService - TraefikService
type: string type: string
name: name:
description: Name defines the name of the referenced Kubernetes description: |-
Service or TraefikService. The differentiation between the Name defines the name of the referenced Kubernetes Service or TraefikService.
two is specified in the Kind field. The differentiation between the two is specified in the Kind field.
type: string type: string
namespace: namespace:
description: Namespace defines the namespace of the referenced description: Namespace defines the namespace of the referenced
Kubernetes Service or TraefikService. Kubernetes Service or TraefikService.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs or if NativeLB controls, when creating the load-balancer,
the only child is the Kubernetes Service clusterIP. The whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
Kubernetes Service itself does load-balance to the pods. The Kubernetes Service itself does load-balance to the pods.
By default, NativeLB is false. By default, NativeLB is false.
type: boolean type: boolean
passHostHeader: passHostHeader:
description: PassHostHeader defines whether the client Host description: |-
header is forwarded to the upstream Kubernetes Service. PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
By default, passHostHeader is true. By default, passHostHeader is true.
type: boolean type: boolean
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. description: |-
Port defines the port of a Kubernetes Service.
This can be a reference to a named port. This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
responseForwarding: responseForwarding:
@ -271,29 +293,29 @@ spec:
client. client.
properties: properties:
flushInterval: flushInterval:
description: 'FlushInterval defines the interval, in milliseconds, description: |-
in between flushes to the client while copying the response FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
body. A negative value means to flush immediately after A negative value means to flush immediately after each write to the client.
each write to the client. This configuration is ignored This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
when ReverseProxy recognizes a response as a streaming for such responses, writes are flushed to the client immediately.
response; for such responses, writes are flushed to Default: 100ms
the client immediately. Default: 100ms'
type: string type: string
type: object type: object
scheme: scheme:
description: Scheme defines the scheme to use for the request description: |-
to the upstream Kubernetes Service. It defaults to https Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
when Kubernetes Service port is 443, http otherwise. It defaults to https when Kubernetes Service port is 443, http otherwise.
type: string type: string
serversTransport: serversTransport:
description: ServersTransport defines the name of ServersTransport description: |-
resource to use. It allows to configure the transport between ServersTransport defines the name of ServersTransport resource to use.
Traefik and your servers. Can only be used on a Kubernetes It allows to configure the transport between Traefik and your servers.
Service. Can only be used on a Kubernetes Service.
type: string type: string
sticky: sticky:
description: 'Sticky defines the sticky sessions configuration. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions' Sticky defines the sticky sessions configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
properties: properties:
cookie: cookie:
description: Cookie defines the sticky cookie configuration. description: Cookie defines the sticky cookie configuration.
@ -303,17 +325,18 @@ spec:
be accessed by client-side APIs, such as JavaScript. be accessed by client-side APIs, such as JavaScript.
type: boolean type: boolean
maxAge: maxAge:
description: MaxAge indicates the number of seconds description: |-
until the cookie expires. When set to a negative MaxAge indicates the number of seconds until the cookie expires.
number, the cookie expires immediately. When set When set to a negative number, the cookie expires immediately.
to zero, the cookie never expires. When set to zero, the cookie never expires.
type: integer type: integer
name: name:
description: Name defines the Cookie name. description: Name defines the Cookie name.
type: string type: string
sameSite: sameSite:
description: 'SameSite defines the same site policy. description: |-
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' SameSite defines the same site policy.
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
type: string type: string
secure: secure:
description: Secure defines whether the cookie can description: Secure defines whether the cookie can
@ -323,32 +346,34 @@ spec:
type: object type: object
type: object type: object
strategy: strategy:
description: Strategy defines the load balancing strategy description: |-
between the servers. RoundRobin is the only supported value Strategy defines the load balancing strategy between the servers.
at the moment. RoundRobin is the only supported value at the moment.
type: string type: string
weight: weight:
description: Weight defines the weight and should only be description: |-
specified when Name references a TraefikService object (and Weight defines the weight and should only be specified when Name references a TraefikService object
to be precise, one that embeds a Weighted Round Robin). (and to be precise, one that embeds a Weighted Round Robin).
type: integer type: integer
required: required:
- name - name
type: object type: object
status: status:
description: Status defines which status or range of statuses description: |-
should result in an error page. It can be either a status code Status defines which status or range of statuses should result in an error page.
as a number (500), as multiple comma-separated numbers (500,502), It can be either a status code as a number (500),
as ranges by separating two codes with a dash (500-599), or as multiple comma-separated numbers (500,502),
a combination of the two (404,418,500-599). as ranges by separating two codes with a dash (500-599),
or a combination of the two (404,418,500-599).
items: items:
type: string type: string
type: array type: array
type: object type: object
forwardAuth: forwardAuth:
description: 'ForwardAuth holds the forward auth middleware configuration. description: |-
ForwardAuth holds the forward auth middleware configuration.
This middleware delegates the request authentication to a Service. This middleware delegates the request authentication to a Service.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/
properties: properties:
addAuthCookiesToResponse: addAuthCookiesToResponse:
description: AddAuthCookiesToResponse defines the list of cookies description: AddAuthCookiesToResponse defines the list of cookies
@ -360,9 +385,9 @@ spec:
description: Address defines the authentication server address. description: Address defines the authentication server address.
type: string type: string
authRequestHeaders: authRequestHeaders:
description: AuthRequestHeaders defines the list of the headers description: |-
to copy from the request to the authentication server. If not AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
set or empty then all request headers are passed. If not set or empty then all request headers are passed.
items: items:
type: string type: string
type: array type: array
@ -374,24 +399,27 @@ spec:
type: string type: string
type: array type: array
authResponseHeadersRegex: authResponseHeadersRegex:
description: 'AuthResponseHeadersRegex defines the regex to match description: |-
headers to copy from the authentication server response and AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
set on forwarded request, after stripping all headers that match More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
the regex. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex'
type: string type: string
tls: tls:
description: TLS defines the configuration used to secure the description: TLS defines the configuration used to secure the
connection to the authentication server. connection to the authentication server.
properties: properties:
caOptional:
description: 'Deprecated: TLS client authentication is a server
side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).'
type: boolean
caSecret: caSecret:
description: CASecret is the name of the referenced Kubernetes description: |-
Secret containing the CA to validate the server certificate. CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate.
The CA certificate is extracted from key `tls.ca` or `ca.crt`. The CA certificate is extracted from key `tls.ca` or `ca.crt`.
type: string type: string
certSecret: certSecret:
description: CertSecret is the name of the referenced Kubernetes description: |-
Secret containing the client certificate. The client certificate CertSecret is the name of the referenced Kubernetes Secret containing the client certificate.
is extracted from the keys `tls.crt` and `tls.key`. The client certificate is extracted from the keys `tls.crt` and `tls.key`.
type: string type: string
insecureSkipVerify: insecureSkipVerify:
description: InsecureSkipVerify defines whether the server description: InsecureSkipVerify defines whether the server
@ -404,20 +432,23 @@ spec:
type: boolean type: boolean
type: object type: object
grpcWeb: grpcWeb:
description: GrpcWeb holds the gRPC web middleware configuration. description: |-
GrpcWeb holds the gRPC web middleware configuration.
This middleware converts a gRPC web request to an HTTP/2 gRPC request. This middleware converts a gRPC web request to an HTTP/2 gRPC request.
properties: properties:
allowOrigins: allowOrigins:
description: AllowOrigins is a list of allowable origins. Can description: |-
also be a wildcard origin "*". AllowOrigins is a list of allowable origins.
Can also be a wildcard origin "*".
items: items:
type: string type: string
type: array type: array
type: object type: object
headers: headers:
description: 'Headers holds the headers middleware configuration. description: |-
This middleware manages the requests and responses headers. More Headers holds the headers middleware configuration.
info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders' This middleware manages the requests and responses headers.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
properties: properties:
accessControlAllowCredentials: accessControlAllowCredentials:
description: AccessControlAllowCredentials defines whether the description: AccessControlAllowCredentials defines whether the
@ -482,12 +513,14 @@ spec:
header with the nosniff value. header with the nosniff value.
type: boolean type: boolean
customBrowserXSSValue: customBrowserXSSValue:
description: CustomBrowserXSSValue defines the X-XSS-Protection description: |-
header value. This overrides the BrowserXssFilter option. CustomBrowserXSSValue defines the X-XSS-Protection header value.
This overrides the BrowserXssFilter option.
type: string type: string
customFrameOptionsValue: customFrameOptionsValue:
description: CustomFrameOptionsValue defines the X-Frame-Options description: |-
header value. This overrides the FrameDeny option. CustomFrameOptionsValue defines the X-Frame-Options header value.
This overrides the FrameDeny option.
type: string type: string
customRequestHeaders: customRequestHeaders:
additionalProperties: additionalProperties:
@ -501,6 +534,10 @@ spec:
description: CustomResponseHeaders defines the header names and description: CustomResponseHeaders defines the header names and
values to apply to the response. values to apply to the response.
type: object type: object
featurePolicy:
description: 'Deprecated: FeaturePolicy option is deprecated,
please use PermissionsPolicy instead.'
type: string
forceSTSHeader: forceSTSHeader:
description: ForceSTSHeader defines whether to add the STS header description: ForceSTSHeader defines whether to add the STS header
even when the connection is HTTP. even when the connection is HTTP.
@ -516,34 +553,49 @@ spec:
type: string type: string
type: array type: array
isDevelopment: isDevelopment:
description: IsDevelopment defines whether to mitigate the unwanted description: |-
effects of the AllowedHosts, SSL, and STS options when developing. IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing.
Usually testing takes place using HTTP, not HTTPS, and on localhost, Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain.
not your production domain. If you would like your development If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
environment to mimic production with complete Host blocking, and STS headers, leave this as false.
SSL redirects, and STS headers, leave this as false.
type: boolean type: boolean
permissionsPolicy: permissionsPolicy:
description: PermissionsPolicy defines the Permissions-Policy description: |-
header value. This allows sites to control browser features. PermissionsPolicy defines the Permissions-Policy header value.
This allows sites to control browser features.
type: string type: string
publicKey: publicKey:
description: PublicKey is the public key that implements HPKP description: PublicKey is the public key that implements HPKP
to prevent MITM attacks with forged certificates. to prevent MITM attacks with forged certificates.
type: string type: string
referrerPolicy: referrerPolicy:
description: ReferrerPolicy defines the Referrer-Policy header description: |-
value. This allows sites to control whether browsers forward ReferrerPolicy defines the Referrer-Policy header value.
the Referer header to other sites. This allows sites to control whether browsers forward the Referer header to other sites.
type: string
sslForceHost:
description: 'Deprecated: SSLForceHost option is deprecated, please
use RedirectRegex instead.'
type: boolean
sslHost:
description: 'Deprecated: SSLHost option is deprecated, please
use RedirectRegex instead.'
type: string type: string
sslProxyHeaders: sslProxyHeaders:
additionalProperties: additionalProperties:
type: string type: string
description: 'SSLProxyHeaders defines the header keys with associated description: |-
values that would indicate a valid HTTPS request. It can be SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request.
useful when using other proxies (example: "X-Forwarded-Proto": It can be useful when using other proxies (example: "X-Forwarded-Proto": "https").
"https").'
type: object type: object
sslRedirect:
description: 'Deprecated: SSLRedirect option is deprecated, please
use EntryPoint redirection or RedirectScheme instead.'
type: boolean
sslTemporaryRedirect:
description: 'Deprecated: SSLTemporaryRedirect option is deprecated,
please use EntryPoint redirection or RedirectScheme instead.'
type: boolean
stsIncludeSubdomains: stsIncludeSubdomains:
description: STSIncludeSubdomains defines whether the includeSubDomains description: STSIncludeSubdomains defines whether the includeSubDomains
directive is appended to the Strict-Transport-Security header. directive is appended to the Strict-Transport-Security header.
@ -553,33 +605,35 @@ spec:
to the Strict-Transport-Security header. to the Strict-Transport-Security header.
type: boolean type: boolean
stsSeconds: stsSeconds:
description: STSSeconds defines the max-age of the Strict-Transport-Security description: |-
header. If set to 0, the header is not set. STSSeconds defines the max-age of the Strict-Transport-Security header.
If set to 0, the header is not set.
format: int64 format: int64
type: integer type: integer
type: object type: object
inFlightReq: inFlightReq:
description: 'InFlightReq holds the in-flight request middleware configuration. description: |-
This middleware limits the number of requests being processed and InFlightReq holds the in-flight request middleware configuration.
served concurrently. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/' This middleware limits the number of requests being processed and served concurrently.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/
properties: properties:
amount: amount:
description: Amount defines the maximum amount of allowed simultaneous description: |-
in-flight request. The middleware responds with HTTP 429 Too Amount defines the maximum amount of allowed simultaneous in-flight request.
Many Requests if there are already amount requests in progress The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
(based on the same sourceCriterion strategy).
format: int64 format: int64
type: integer type: integer
sourceCriterion: sourceCriterion:
description: 'SourceCriterion defines what criterion is used to description: |-
group requests as originating from a common source. If several SourceCriterion defines what criterion is used to group requests as originating from a common source.
strategies are defined at the same time, an error will be raised. If several strategies are defined at the same time, an error will be raised.
If none are set, the default is to use the requestHost. More If none are set, the default is to use the requestHost.
info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/inflightreq/#sourcecriterion
properties: properties:
ipStrategy: ipStrategy:
description: 'IPStrategy holds the IP strategy configuration description: |-
used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy' IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
properties: properties:
depth: depth:
description: Depth tells Traefik to use the X-Forwarded-For description: Depth tells Traefik to use the X-Forwarded-For
@ -605,13 +659,15 @@ spec:
type: object type: object
type: object type: object
ipAllowList: ipAllowList:
description: 'IPAllowList holds the IP allowlist middleware configuration. description: |-
IPAllowList holds the IP allowlist middleware configuration.
This middleware accepts / refuses requests based on the client IP. This middleware accepts / refuses requests based on the client IP.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/
properties: properties:
ipStrategy: ipStrategy:
description: 'IPStrategy holds the IP strategy configuration used description: |-
by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy' IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
properties: properties:
depth: depth:
description: Depth tells Traefik to use the X-Forwarded-For description: Depth tells Traefik to use the X-Forwarded-For
@ -626,8 +682,9 @@ spec:
type: array type: array
type: object type: object
rejectStatusCode: rejectStatusCode:
description: RejectStatusCode defines the HTTP status code used description: |-
for refused requests. If not set, the default is 403 (Forbidden). RejectStatusCode defines the HTTP status code used for refused requests.
If not set, the default is 403 (Forbidden).
type: integer type: integer
sourceRange: sourceRange:
description: SourceRange defines the set of allowed IPs (or ranges description: SourceRange defines the set of allowed IPs (or ranges
@ -640,8 +697,9 @@ spec:
description: 'Deprecated: please use IPAllowList instead.' description: 'Deprecated: please use IPAllowList instead.'
properties: properties:
ipStrategy: ipStrategy:
description: 'IPStrategy holds the IP strategy configuration used description: |-
by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy' IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
properties: properties:
depth: depth:
description: Depth tells Traefik to use the X-Forwarded-For description: Depth tells Traefik to use the X-Forwarded-For
@ -663,9 +721,10 @@ spec:
type: array type: array
type: object type: object
passTLSClientCert: passTLSClientCert:
description: 'PassTLSClientCert holds the pass TLS client cert middleware description: |-
configuration. This middleware adds the selected data from the passed PassTLSClientCert holds the pass TLS client cert middleware configuration.
client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/' This middleware adds the selected data from the passed client TLS certificate to a header.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/passtlsclientcert/
properties: properties:
info: info:
description: Info selects the specific client certificate details description: Info selects the specific client certificate details
@ -766,46 +825,48 @@ spec:
plugin: plugin:
additionalProperties: additionalProperties:
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
description: 'Plugin defines the middleware plugin configuration. description: |-
More info: https://doc.traefik.io/traefik/plugins/' Plugin defines the middleware plugin configuration.
More info: https://doc.traefik.io/traefik/plugins/
type: object type: object
rateLimit: rateLimit:
description: 'RateLimit holds the rate limit configuration. This middleware description: |-
ensures that services will receive a fair amount of requests, and RateLimit holds the rate limit configuration.
allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/' This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ratelimit/
properties: properties:
average: average:
description: Average is the maximum rate, by default in requests/s, description: |-
allowed for the given source. It defaults to 0, which means Average is the maximum rate, by default in requests/s, allowed for the given source.
no rate limiting. The rate is actually defined by dividing Average It defaults to 0, which means no rate limiting.
by Period. So for a rate below 1req/s, one needs to define a The rate is actually defined by dividing Average by Period. So for a rate below 1req/s,
Period larger than a second. one needs to define a Period larger than a second.
format: int64 format: int64
type: integer type: integer
burst: burst:
description: Burst is the maximum number of requests allowed to description: |-
arrive in the same arbitrarily small period of time. It defaults Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time.
to 1. It defaults to 1.
format: int64 format: int64
type: integer type: integer
period: period:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: 'Period, in combination with Average, defines the description: |-
actual maximum rate, such as: r = Average / Period. It defaults Period, in combination with Average, defines the actual maximum rate, such as:
to a second.' r = Average / Period. It defaults to a second.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
sourceCriterion: sourceCriterion:
description: SourceCriterion defines what criterion is used to description: |-
group requests as originating from a common source. If several SourceCriterion defines what criterion is used to group requests as originating from a common source.
strategies are defined at the same time, an error will be raised. If several strategies are defined at the same time, an error will be raised.
If none are set, the default is to use the request's remote If none are set, the default is to use the request's remote address field (as an ipStrategy).
address field (as an ipStrategy).
properties: properties:
ipStrategy: ipStrategy:
description: 'IPStrategy holds the IP strategy configuration description: |-
used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy' IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/ipallowlist/#ipstrategy
properties: properties:
depth: depth:
description: Depth tells Traefik to use the X-Forwarded-For description: Depth tells Traefik to use the X-Forwarded-For
@ -831,9 +892,10 @@ spec:
type: object type: object
type: object type: object
redirectRegex: redirectRegex:
description: 'RedirectRegex holds the redirect regex middleware configuration. description: |-
RedirectRegex holds the redirect regex middleware configuration.
This middleware redirects a request using regex matching and replacement. This middleware redirects a request using regex matching and replacement.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectregex/#regex
properties: properties:
permanent: permanent:
description: Permanent defines whether the redirection is permanent description: Permanent defines whether the redirection is permanent
@ -849,9 +911,10 @@ spec:
type: string type: string
type: object type: object
redirectScheme: redirectScheme:
description: 'RedirectScheme holds the redirect scheme middleware description: |-
configuration. This middleware redirects requests from a scheme/port RedirectScheme holds the redirect scheme middleware configuration.
to another. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/' This middleware redirects requests from a scheme/port to another.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/redirectscheme/
properties: properties:
permanent: permanent:
description: Permanent defines whether the redirection is permanent description: Permanent defines whether the redirection is permanent
@ -865,9 +928,10 @@ spec:
type: string type: string
type: object type: object
replacePath: replacePath:
description: 'ReplacePath holds the replace path middleware configuration. description: |-
This middleware replaces the path of the request URL and store the ReplacePath holds the replace path middleware configuration.
original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/' This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepath/
properties: properties:
path: path:
description: Path defines the path to use as replacement in the description: Path defines the path to use as replacement in the
@ -875,9 +939,10 @@ spec:
type: string type: string
type: object type: object
replacePathRegex: replacePathRegex:
description: 'ReplacePathRegex holds the replace path regex middleware description: |-
configuration. This middleware replaces the path of a URL using ReplacePathRegex holds the replace path regex middleware configuration.
regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/' This middleware replaces the path of a URL using regex matching and replacement.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/replacepathregex/
properties: properties:
regex: regex:
description: Regex defines the regular expression used to match description: Regex defines the regular expression used to match
@ -889,11 +954,11 @@ spec:
type: string type: string
type: object type: object
retry: retry:
description: 'Retry holds the retry middleware configuration. This description: |-
middleware reissues requests a given number of times to a backend Retry holds the retry middleware configuration.
server if that server does not reply. As soon as the server answers, This middleware reissues requests a given number of times to a backend server if that server does not reply.
the middleware stops retrying, regardless of the response status. As soon as the server answers, the middleware stops retrying, regardless of the response status.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/retry/
properties: properties:
attempts: attempts:
description: Attempts defines how many times the request should description: Attempts defines how many times the request should
@ -903,18 +968,26 @@ spec:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: InitialInterval defines the first wait time in the description: |-
exponential backoff series. The maximum interval is calculated InitialInterval defines the first wait time in the exponential backoff series.
as twice the initialInterval. If unspecified, requests will The maximum interval is calculated as twice the initialInterval.
be retried immediately. The value of initialInterval should If unspecified, requests will be retried immediately.
be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration. The value of initialInterval should be provided in seconds or as a valid duration format,
see https://pkg.go.dev/time#ParseDuration.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
stripPrefix: stripPrefix:
description: 'StripPrefix holds the strip prefix middleware configuration. description: |-
StripPrefix holds the strip prefix middleware configuration.
This middleware removes the specified prefixes from the URL path. This middleware removes the specified prefixes from the URL path.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/' More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/
properties: properties:
forceSlash:
description: |-
Deprecated: ForceSlash option is deprecated, please remove any usage of this option.
ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
Default: true.
type: boolean
prefixes: prefixes:
description: Prefixes defines the prefixes to strip from the request description: Prefixes defines the prefixes to strip from the request
URL. URL.
@ -923,9 +996,10 @@ spec:
type: array type: array
type: object type: object
stripPrefixRegex: stripPrefixRegex:
description: 'StripPrefixRegex holds the strip prefix regex middleware description: |-
configuration. This middleware removes the matching prefixes from StripPrefixRegex holds the strip prefix regex middleware configuration.
the URL path. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/' This middleware removes the matching prefixes from the URL path.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefixregex/
properties: properties:
regex: regex:
description: Regex defines the regular expression to match the description: Regex defines the regular expression to match the

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: middlewaretcps.traefik.io name: middlewaretcps.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,18 +17,24 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. description: |-
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/' MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/overview/
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -39,14 +45,17 @@ spec:
description: InFlightConn defines the InFlightConn middleware configuration. description: InFlightConn defines the InFlightConn middleware configuration.
properties: properties:
amount: amount:
description: Amount defines the maximum amount of allowed simultaneous description: |-
connections. The middleware closes the connection if there are Amount defines the maximum amount of allowed simultaneous connections.
already amount connections opened. The middleware closes the connection if there are already amount connections opened.
format: int64 format: int64
type: integer type: integer
type: object type: object
ipAllowList: ipAllowList:
description: IPAllowList defines the IPAllowList middleware configuration. description: |-
IPAllowList defines the IPAllowList middleware configuration.
This middleware accepts/refuses connections based on the client IP.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/
properties: properties:
sourceRange: sourceRange:
description: SourceRange defines the allowed IPs (or ranges of description: SourceRange defines the allowed IPs (or ranges of
@ -56,8 +65,11 @@ spec:
type: array type: array
type: object type: object
ipWhiteList: ipWhiteList:
description: 'IPWhiteList defines the IPWhiteList middleware configuration. description: |-
Deprecated: please use IPAllowList instead.' IPWhiteList defines the IPWhiteList middleware configuration.
This middleware accepts/refuses connections based on the client IP.
Deprecated: please use IPAllowList instead.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/
properties: properties:
sourceRange: sourceRange:
description: SourceRange defines the allowed IPs (or ranges of description: SourceRange defines the allowed IPs (or ranges of

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: serverstransports.traefik.io name: serverstransports.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,20 +17,26 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'ServersTransport is the CRD implementation of a ServersTransport. description: |-
ServersTransport is the CRD implementation of a ServersTransport.
If no serversTransport is specified, the default@internal will be used. If no serversTransport is specified, the default@internal will be used.
The default@internal serversTransport is created from the static configuration. The default@internal serversTransport is created from the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1' More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_1
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: serverstransporttcps.traefik.io name: serverstransporttcps.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,20 +17,26 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport. description: |-
If no tcpServersTransport is specified, a default one named default@internal ServersTransportTCP is the CRD implementation of a TCPServersTransport.
will be used. The default@internal tcpServersTransport can be configured If no tcpServersTransport is specified, a default one named default@internal will be used.
in the static configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3' The default@internal tcpServersTransport can be configured in the static configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -76,9 +82,9 @@ spec:
description: InsecureSkipVerify disables TLS certificate verification. description: InsecureSkipVerify disables TLS certificate verification.
type: boolean type: boolean
peerCertURI: peerCertURI:
description: MaxIdleConnsPerHost controls the maximum idle (keep-alive) description: |-
to keep per-host. PeerCertURI defines the peer cert URI used MaxIdleConnsPerHost controls the maximum idle (keep-alive) to keep per-host.
to match against SAN URI during the peer certificate verification. PeerCertURI defines the peer cert URI used to match against SAN URI during the peer certificate verification.
type: string type: string
rootCAsSecrets: rootCAsSecrets:
description: RootCAsSecrets defines a list of CA secret used to description: RootCAsSecrets defines a list of CA secret used to

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: tlsoptions.traefik.io name: tlsoptions.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,19 +17,24 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'TLSOption is the CRD implementation of a Traefik TLS Option, description: |-
allowing to configure some parameters of the TLS connection. More info: TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options' More info: https://doc.traefik.io/traefik/v3.0/https/tls/#tls-options
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -37,15 +42,16 @@ spec:
description: TLSOptionSpec defines the desired state of a TLSOption. description: TLSOptionSpec defines the desired state of a TLSOption.
properties: properties:
alpnProtocols: alpnProtocols:
description: 'ALPNProtocols defines the list of supported application description: |-
level protocols for the TLS handshake, in order of preference. More ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols' More info: https://doc.traefik.io/traefik/v3.0/https/tls/#alpn-protocols
items: items:
type: string type: string
type: array type: array
cipherSuites: cipherSuites:
description: 'CipherSuites defines the list of supported cipher suites description: |-
for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites' CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#cipher-suites
items: items:
type: string type: string
type: array type: array
@ -71,21 +77,30 @@ spec:
type: array type: array
type: object type: object
curvePreferences: curvePreferences:
description: 'CurvePreferences defines the preferred elliptic curves description: |-
in a specific order. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences' CurvePreferences defines the preferred elliptic curves in a specific order.
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#curve-preferences
items: items:
type: string type: string
type: array type: array
maxVersion: maxVersion:
description: 'MaxVersion defines the maximum TLS version that Traefik description: |-
will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, MaxVersion defines the maximum TLS version that Traefik will accept.
VersionTLS13. Default: None.' Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
Default: None.
type: string type: string
minVersion: minVersion:
description: 'MinVersion defines the minimum TLS version that Traefik description: |-
will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, MinVersion defines the minimum TLS version that Traefik will accept.
VersionTLS13. Default: VersionTLS10.' Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
Default: VersionTLS10.
type: string type: string
preferServerCipherSuites:
description: |-
PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
It is enabled automatically when minVersion or maxVersion is set.
Deprecated: https://github.com/golang/go/issues/45430
type: boolean
sniStrict: sniStrict:
description: SniStrict defines whether Traefik allows connections description: SniStrict defines whether Traefik allows connections
from clients connections that do not specify a server_name extension. from clients connections that do not specify a server_name extension.

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: tlsstores.traefik.io name: tlsstores.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,20 +17,26 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For description: |-
the time being, only the TLSStore named default is supported. This means TLSStore is the CRD implementation of a Traefik TLS Store.
that you cannot have two stores that are named default in different Kubernetes For the time being, only the TLSStore named default is supported.
namespaces. More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores' This means that you cannot have two stores that are named default in different Kubernetes namespaces.
More info: https://doc.traefik.io/traefik/v3.0/https/tls/#certificates-stores
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object

View file

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.13.0 controller-gen.kubebuilder.io/version: v0.14.0
name: traefikservices.traefik.io name: traefikservices.traefik.io
spec: spec:
group: traefik.io group: traefik.io
@ -17,19 +17,27 @@ spec:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: 'TraefikService is the CRD implementation of a Traefik Service. description: |-
TraefikService object allows to: - Apply weight to Services on load-balancing TraefikService is the CRD implementation of a Traefik Service.
- Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice' TraefikService object allows to:
- Apply weight to Services on load-balancing
- Mirror traffic on services
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#kind-traefikservice
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -46,10 +54,10 @@ spec:
- TraefikService - TraefikService
type: string type: string
maxBodySize: maxBodySize:
description: MaxBodySize defines the maximum size allowed for description: |-
the body of the request. If the body is larger, the request MaxBodySize defines the maximum size allowed for the body of the request.
is not mirrored. Default value is -1, which means unlimited If the body is larger, the request is not mirrored.
size. Default value is -1, which means unlimited size.
format: int64 format: int64
type: integer type: integer
mirrors: mirrors:
@ -65,35 +73,37 @@ spec:
- TraefikService - TraefikService
type: string type: string
name: name:
description: Name defines the name of the referenced Kubernetes description: |-
Service or TraefikService. The differentiation between Name defines the name of the referenced Kubernetes Service or TraefikService.
the two is specified in the Kind field. The differentiation between the two is specified in the Kind field.
type: string type: string
namespace: namespace:
description: Namespace defines the namespace of the referenced description: Namespace defines the namespace of the referenced
Kubernetes Service or TraefikService. Kubernetes Service or TraefikService.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs or NativeLB controls, when creating the load-balancer,
if the only child is the Kubernetes Service clusterIP. whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
The Kubernetes Service itself does load-balance to the The Kubernetes Service itself does load-balance to the pods.
pods. By default, NativeLB is false. By default, NativeLB is false.
type: boolean type: boolean
passHostHeader: passHostHeader:
description: PassHostHeader defines whether the client Host description: |-
header is forwarded to the upstream Kubernetes Service. PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
By default, passHostHeader is true. By default, passHostHeader is true.
type: boolean type: boolean
percent: percent:
description: 'Percent defines the part of the traffic to description: |-
mirror. Supported values: 0 to 100.' Percent defines the part of the traffic to mirror.
Supported values: 0 to 100.
type: integer type: integer
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. description: |-
Port defines the port of a Kubernetes Service.
This can be a reference to a named port. This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
responseForwarding: responseForwarding:
@ -102,30 +112,29 @@ spec:
client. client.
properties: properties:
flushInterval: flushInterval:
description: 'FlushInterval defines the interval, in description: |-
milliseconds, in between flushes to the client while FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
copying the response body. A negative value means A negative value means to flush immediately after each write to the client.
to flush immediately after each write to the client. This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
This configuration is ignored when ReverseProxy recognizes for such responses, writes are flushed to the client immediately.
a response as a streaming response; for such responses, Default: 100ms
writes are flushed to the client immediately. Default:
100ms'
type: string type: string
type: object type: object
scheme: scheme:
description: Scheme defines the scheme to use for the request description: |-
to the upstream Kubernetes Service. It defaults to https Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
when Kubernetes Service port is 443, http otherwise. It defaults to https when Kubernetes Service port is 443, http otherwise.
type: string type: string
serversTransport: serversTransport:
description: ServersTransport defines the name of ServersTransport description: |-
resource to use. It allows to configure the transport ServersTransport defines the name of ServersTransport resource to use.
between Traefik and your servers. Can only be used on It allows to configure the transport between Traefik and your servers.
a Kubernetes Service. Can only be used on a Kubernetes Service.
type: string type: string
sticky: sticky:
description: 'Sticky defines the sticky sessions configuration. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions' Sticky defines the sticky sessions configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
properties: properties:
cookie: cookie:
description: Cookie defines the sticky cookie configuration. description: Cookie defines the sticky cookie configuration.
@ -135,17 +144,18 @@ spec:
can be accessed by client-side APIs, such as JavaScript. can be accessed by client-side APIs, such as JavaScript.
type: boolean type: boolean
maxAge: maxAge:
description: MaxAge indicates the number of seconds description: |-
until the cookie expires. When set to a negative MaxAge indicates the number of seconds until the cookie expires.
number, the cookie expires immediately. When set When set to a negative number, the cookie expires immediately.
to zero, the cookie never expires. When set to zero, the cookie never expires.
type: integer type: integer
name: name:
description: Name defines the Cookie name. description: Name defines the Cookie name.
type: string type: string
sameSite: sameSite:
description: 'SameSite defines the same site policy. description: |-
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' SameSite defines the same site policy.
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
type: string type: string
secure: secure:
description: Secure defines whether the cookie can description: Secure defines whether the cookie can
@ -155,13 +165,13 @@ spec:
type: object type: object
type: object type: object
strategy: strategy:
description: Strategy defines the load balancing strategy description: |-
between the servers. RoundRobin is the only supported Strategy defines the load balancing strategy between the servers.
value at the moment. RoundRobin is the only supported value at the moment.
type: string type: string
weight: weight:
description: Weight defines the weight and should only be description: |-
specified when Name references a TraefikService object Weight defines the weight and should only be specified when Name references a TraefikService object
(and to be precise, one that embeds a Weighted Round Robin). (and to be precise, one that embeds a Weighted Round Robin).
type: integer type: integer
required: required:
@ -169,60 +179,62 @@ spec:
type: object type: object
type: array type: array
name: name:
description: Name defines the name of the referenced Kubernetes description: |-
Service or TraefikService. The differentiation between the two Name defines the name of the referenced Kubernetes Service or TraefikService.
is specified in the Kind field. The differentiation between the two is specified in the Kind field.
type: string type: string
namespace: namespace:
description: Namespace defines the namespace of the referenced description: Namespace defines the namespace of the referenced
Kubernetes Service or TraefikService. Kubernetes Service or TraefikService.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs or if the NativeLB controls, when creating the load-balancer,
only child is the Kubernetes Service clusterIP. The Kubernetes whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
Service itself does load-balance to the pods. By default, NativeLB The Kubernetes Service itself does load-balance to the pods.
is false. By default, NativeLB is false.
type: boolean type: boolean
passHostHeader: passHostHeader:
description: PassHostHeader defines whether the client Host header description: |-
is forwarded to the upstream Kubernetes Service. By default, PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
passHostHeader is true. By default, passHostHeader is true.
type: boolean type: boolean
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. This description: |-
can be a reference to a named port. Port defines the port of a Kubernetes Service.
This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
responseForwarding: responseForwarding:
description: ResponseForwarding defines how Traefik forwards the description: ResponseForwarding defines how Traefik forwards the
response from the upstream Kubernetes Service to the client. response from the upstream Kubernetes Service to the client.
properties: properties:
flushInterval: flushInterval:
description: 'FlushInterval defines the interval, in milliseconds, description: |-
in between flushes to the client while copying the response FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
body. A negative value means to flush immediately after A negative value means to flush immediately after each write to the client.
each write to the client. This configuration is ignored This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
when ReverseProxy recognizes a response as a streaming response;
for such responses, writes are flushed to the client immediately. for such responses, writes are flushed to the client immediately.
Default: 100ms' Default: 100ms
type: string type: string
type: object type: object
scheme: scheme:
description: Scheme defines the scheme to use for the request description: |-
to the upstream Kubernetes Service. It defaults to https when Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
Kubernetes Service port is 443, http otherwise. It defaults to https when Kubernetes Service port is 443, http otherwise.
type: string type: string
serversTransport: serversTransport:
description: ServersTransport defines the name of ServersTransport description: |-
resource to use. It allows to configure the transport between ServersTransport defines the name of ServersTransport resource to use.
Traefik and your servers. Can only be used on a Kubernetes Service. It allows to configure the transport between Traefik and your servers.
Can only be used on a Kubernetes Service.
type: string type: string
sticky: sticky:
description: 'Sticky defines the sticky sessions configuration. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions' Sticky defines the sticky sessions configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
properties: properties:
cookie: cookie:
description: Cookie defines the sticky cookie configuration. description: Cookie defines the sticky cookie configuration.
@ -232,17 +244,18 @@ spec:
accessed by client-side APIs, such as JavaScript. accessed by client-side APIs, such as JavaScript.
type: boolean type: boolean
maxAge: maxAge:
description: MaxAge indicates the number of seconds until description: |-
the cookie expires. When set to a negative number, the MaxAge indicates the number of seconds until the cookie expires.
cookie expires immediately. When set to zero, the cookie When set to a negative number, the cookie expires immediately.
never expires. When set to zero, the cookie never expires.
type: integer type: integer
name: name:
description: Name defines the Cookie name. description: Name defines the Cookie name.
type: string type: string
sameSite: sameSite:
description: 'SameSite defines the same site policy. More description: |-
info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' SameSite defines the same site policy.
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
type: string type: string
secure: secure:
description: Secure defines whether the cookie can only description: Secure defines whether the cookie can only
@ -251,13 +264,14 @@ spec:
type: object type: object
type: object type: object
strategy: strategy:
description: Strategy defines the load balancing strategy between description: |-
the servers. RoundRobin is the only supported value at the moment. Strategy defines the load balancing strategy between the servers.
RoundRobin is the only supported value at the moment.
type: string type: string
weight: weight:
description: Weight defines the weight and should only be specified description: |-
when Name references a TraefikService object (and to be precise, Weight defines the weight and should only be specified when Name references a TraefikService object
one that embeds a Weighted Round Robin). (and to be precise, one that embeds a Weighted Round Robin).
type: integer type: integer
required: required:
- name - name
@ -279,31 +293,32 @@ spec:
- TraefikService - TraefikService
type: string type: string
name: name:
description: Name defines the name of the referenced Kubernetes description: |-
Service or TraefikService. The differentiation between Name defines the name of the referenced Kubernetes Service or TraefikService.
the two is specified in the Kind field. The differentiation between the two is specified in the Kind field.
type: string type: string
namespace: namespace:
description: Namespace defines the namespace of the referenced description: Namespace defines the namespace of the referenced
Kubernetes Service or TraefikService. Kubernetes Service or TraefikService.
type: string type: string
nativeLB: nativeLB:
description: NativeLB controls, when creating the load-balancer, description: |-
whether the LB's children are directly the pods IPs or NativeLB controls, when creating the load-balancer,
if the only child is the Kubernetes Service clusterIP. whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
The Kubernetes Service itself does load-balance to the The Kubernetes Service itself does load-balance to the pods.
pods. By default, NativeLB is false. By default, NativeLB is false.
type: boolean type: boolean
passHostHeader: passHostHeader:
description: PassHostHeader defines whether the client Host description: |-
header is forwarded to the upstream Kubernetes Service. PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
By default, passHostHeader is true. By default, passHostHeader is true.
type: boolean type: boolean
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: Port defines the port of a Kubernetes Service. description: |-
Port defines the port of a Kubernetes Service.
This can be a reference to a named port. This can be a reference to a named port.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
responseForwarding: responseForwarding:
@ -312,30 +327,29 @@ spec:
client. client.
properties: properties:
flushInterval: flushInterval:
description: 'FlushInterval defines the interval, in description: |-
milliseconds, in between flushes to the client while FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
copying the response body. A negative value means A negative value means to flush immediately after each write to the client.
to flush immediately after each write to the client. This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
This configuration is ignored when ReverseProxy recognizes for such responses, writes are flushed to the client immediately.
a response as a streaming response; for such responses, Default: 100ms
writes are flushed to the client immediately. Default:
100ms'
type: string type: string
type: object type: object
scheme: scheme:
description: Scheme defines the scheme to use for the request description: |-
to the upstream Kubernetes Service. It defaults to https Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
when Kubernetes Service port is 443, http otherwise. It defaults to https when Kubernetes Service port is 443, http otherwise.
type: string type: string
serversTransport: serversTransport:
description: ServersTransport defines the name of ServersTransport description: |-
resource to use. It allows to configure the transport ServersTransport defines the name of ServersTransport resource to use.
between Traefik and your servers. Can only be used on It allows to configure the transport between Traefik and your servers.
a Kubernetes Service. Can only be used on a Kubernetes Service.
type: string type: string
sticky: sticky:
description: 'Sticky defines the sticky sessions configuration. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions' Sticky defines the sticky sessions configuration.
More info: https://doc.traefik.io/traefik/v3.0/routing/services/#sticky-sessions
properties: properties:
cookie: cookie:
description: Cookie defines the sticky cookie configuration. description: Cookie defines the sticky cookie configuration.
@ -345,17 +359,18 @@ spec:
can be accessed by client-side APIs, such as JavaScript. can be accessed by client-side APIs, such as JavaScript.
type: boolean type: boolean
maxAge: maxAge:
description: MaxAge indicates the number of seconds description: |-
until the cookie expires. When set to a negative MaxAge indicates the number of seconds until the cookie expires.
number, the cookie expires immediately. When set When set to a negative number, the cookie expires immediately.
to zero, the cookie never expires. When set to zero, the cookie never expires.
type: integer type: integer
name: name:
description: Name defines the Cookie name. description: Name defines the Cookie name.
type: string type: string
sameSite: sameSite:
description: 'SameSite defines the same site policy. description: |-
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' SameSite defines the same site policy.
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
type: string type: string
secure: secure:
description: Secure defines whether the cookie can description: Secure defines whether the cookie can
@ -365,13 +380,13 @@ spec:
type: object type: object
type: object type: object
strategy: strategy:
description: Strategy defines the load balancing strategy description: |-
between the servers. RoundRobin is the only supported Strategy defines the load balancing strategy between the servers.
value at the moment. RoundRobin is the only supported value at the moment.
type: string type: string
weight: weight:
description: Weight defines the weight and should only be description: |-
specified when Name references a TraefikService object Weight defines the weight and should only be specified when Name references a TraefikService object
(and to be precise, one that embeds a Weighted Round Robin). (and to be precise, one that embeds a Weighted Round Robin).
type: integer type: integer
required: required:
@ -379,8 +394,9 @@ spec:
type: object type: object
type: array type: array
sticky: sticky:
description: 'Sticky defines whether sticky sessions are enabled. description: |-
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing' Sticky defines whether sticky sessions are enabled.
More info: https://doc.traefik.io/traefik/v3.0/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
properties: properties:
cookie: cookie:
description: Cookie defines the sticky cookie configuration. description: Cookie defines the sticky cookie configuration.
@ -390,17 +406,18 @@ spec:
accessed by client-side APIs, such as JavaScript. accessed by client-side APIs, such as JavaScript.
type: boolean type: boolean
maxAge: maxAge:
description: MaxAge indicates the number of seconds until description: |-
the cookie expires. When set to a negative number, the MaxAge indicates the number of seconds until the cookie expires.
cookie expires immediately. When set to zero, the cookie When set to a negative number, the cookie expires immediately.
never expires. When set to zero, the cookie never expires.
type: integer type: integer
name: name:
description: Name defines the Cookie name. description: Name defines the Cookie name.
type: string type: string
sameSite: sameSite:
description: 'SameSite defines the same site policy. More description: |-
info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite' SameSite defines the same site policy.
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
type: string type: string
secure: secure:
description: Secure defines whether the cookie can only description: Secure defines whether the cookie can only

View file

@ -6,6 +6,9 @@ THIS FILE MUST NOT BE EDITED BY HAND
`--accesslog`: `--accesslog`:
Access log settings. (Default: ```false```) Access log settings. (Default: ```false```)
`--accesslog.addinternals`:
Enables access log for internal services (ping, dashboard, etc...). (Default: ```false```)
`--accesslog.bufferingsize`: `--accesslog.bufferingsize`:
Number of access log lines to process in a buffered way. (Default: ```0```) Number of access log lines to process in a buffered way. (Default: ```0```)
@ -180,6 +183,9 @@ Trust all. (Default: ```false```)
`--entrypoints.<name>.proxyprotocol.trustedips`: `--entrypoints.<name>.proxyprotocol.trustedips`:
Trust only selected IPs. Trust only selected IPs.
`--entrypoints.<name>.reuseport`:
Enables EntryPoints from the same or different processes listening on the same TCP/UDP port. (Default: ```false```)
`--entrypoints.<name>.transport.keepalivemaxrequests`: `--entrypoints.<name>.transport.keepalivemaxrequests`:
Maximum number of requests before closing a keep-alive connection. (Default: ```0```) Maximum number of requests before closing a keep-alive connection. (Default: ```0```)
@ -264,6 +270,9 @@ Maximum size in megabytes of the log file before it gets rotated. (Default: ```0
`--log.nocolor`: `--log.nocolor`:
When using the 'common' format, disables the colorized output. (Default: ```false```) When using the 'common' format, disables the colorized output. (Default: ```false```)
`--metrics.addinternals`:
Enables metrics for internal services (ping, dashboard, etc...). (Default: ```false```)
`--metrics.datadog`: `--metrics.datadog`:
Datadog metrics exporter type. (Default: ```false```) Datadog metrics exporter type. (Default: ```false```)
@ -315,51 +324,63 @@ InfluxDB v2 push interval. (Default: ```10```)
`--metrics.influxdb2.token`: `--metrics.influxdb2.token`:
InfluxDB v2 access token. InfluxDB v2 access token.
`--metrics.opentelemetry`: `--metrics.otlp`:
OpenTelemetry metrics exporter type. (Default: ```false```) OpenTelemetry metrics exporter type. (Default: ```false```)
`--metrics.opentelemetry.addentrypointslabels`: `--metrics.otlp.addentrypointslabels`:
Enable metrics on entry points. (Default: ```true```) Enable metrics on entry points. (Default: ```true```)
`--metrics.opentelemetry.address`: `--metrics.otlp.addrouterslabels`:
Address (host:port) of the collector endpoint. (Default: ```localhost:4318```)
`--metrics.opentelemetry.addrouterslabels`:
Enable metrics on routers. (Default: ```false```) Enable metrics on routers. (Default: ```false```)
`--metrics.opentelemetry.addserviceslabels`: `--metrics.otlp.addserviceslabels`:
Enable metrics on services. (Default: ```true```) Enable metrics on services. (Default: ```true```)
`--metrics.opentelemetry.explicitboundaries`: `--metrics.otlp.explicitboundaries`:
Boundaries for latency metrics. (Default: ```0.005000, 0.010000, 0.025000, 0.050000, 0.100000, 0.250000, 0.500000, 1.000000, 2.500000, 5.000000, 10.000000```) Boundaries for latency metrics. (Default: ```0.005000, 0.010000, 0.025000, 0.050000, 0.100000, 0.250000, 0.500000, 1.000000, 2.500000, 5.000000, 10.000000```)
`--metrics.opentelemetry.grpc`: `--metrics.otlp.grpc.endpoint`:
gRPC specific configuration for the OpenTelemetry collector. (Default: ```true```) Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`--metrics.opentelemetry.headers.<name>`: `--metrics.otlp.grpc.headers.<name>`:
Headers sent with payload. Headers sent with payload.
`--metrics.opentelemetry.insecure`: `--metrics.otlp.grpc.insecure`:
Disables client transport security for the exporter. (Default: ```false```) Disables client transport security for the exporter. (Default: ```false```)
`--metrics.opentelemetry.path`: `--metrics.otlp.grpc.tls.ca`:
Set the URL path of the collector endpoint.
`--metrics.opentelemetry.pushinterval`:
Period between calls to collect a checkpoint. (Default: ```10```)
`--metrics.opentelemetry.tls.ca`:
TLS CA TLS CA
`--metrics.opentelemetry.tls.cert`: `--metrics.otlp.grpc.tls.cert`:
TLS cert TLS cert
`--metrics.opentelemetry.tls.insecureskipverify`: `--metrics.otlp.grpc.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```) TLS insecure skip verify (Default: ```false```)
`--metrics.opentelemetry.tls.key`: `--metrics.otlp.grpc.tls.key`:
TLS key TLS key
`--metrics.otlp.http.endpoint`:
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`--metrics.otlp.http.headers.<name>`:
Headers sent with payload.
`--metrics.otlp.http.tls.ca`:
TLS CA
`--metrics.otlp.http.tls.cert`:
TLS cert
`--metrics.otlp.http.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```)
`--metrics.otlp.http.tls.key`:
TLS key
`--metrics.otlp.pushinterval`:
Period between calls to collect a checkpoint. (Default: ```10```)
`--metrics.prometheus`: `--metrics.prometheus`:
Prometheus metrics exporter type. (Default: ```false```) Prometheus metrics exporter type. (Default: ```false```)
@ -990,18 +1011,21 @@ Defines the allowed SPIFFE trust domain.
`--tracing`: `--tracing`:
OpenTracing configuration. (Default: ```false```) OpenTracing configuration. (Default: ```false```)
`--tracing.addinternals`:
Enables tracing for internal services (ping, dashboard, etc...). (Default: ```false```)
`--tracing.globalattributes.<name>`: `--tracing.globalattributes.<name>`:
Defines additional attributes (key:value) on all spans. Defines additional attributes (key:value) on all spans.
`--tracing.headers.<name>`:
Defines additional headers to be sent with the payloads.
`--tracing.otlp`: `--tracing.otlp`:
Settings for OpenTelemetry. (Default: ```false```) Settings for OpenTelemetry. (Default: ```false```)
`--tracing.otlp.grpc.endpoint`: `--tracing.otlp.grpc.endpoint`:
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```) Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`--tracing.otlp.grpc.headers.<name>`:
Headers sent with payload.
`--tracing.otlp.grpc.insecure`: `--tracing.otlp.grpc.insecure`:
Disables client transport security for the exporter. (Default: ```false```) Disables client transport security for the exporter. (Default: ```false```)
@ -1018,7 +1042,10 @@ TLS insecure skip verify (Default: ```false```)
TLS key TLS key
`--tracing.otlp.http.endpoint`: `--tracing.otlp.http.endpoint`:
Sets the HTTP endpoint (scheme://host:port/v1/traces) of the collector. (Default: ```localhost:4318```) Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`--tracing.otlp.http.headers.<name>`:
Headers sent with payload.
`--tracing.otlp.http.tls.ca`: `--tracing.otlp.http.tls.ca`:
TLS CA TLS CA

View file

@ -6,6 +6,9 @@ THIS FILE MUST NOT BE EDITED BY HAND
`TRAEFIK_ACCESSLOG`: `TRAEFIK_ACCESSLOG`:
Access log settings. (Default: ```false```) Access log settings. (Default: ```false```)
`TRAEFIK_ACCESSLOG_ADDINTERNALS`:
Enables access log for internal services (ping, dashboard, etc...). (Default: ```false```)
`TRAEFIK_ACCESSLOG_BUFFERINGSIZE`: `TRAEFIK_ACCESSLOG_BUFFERINGSIZE`:
Number of access log lines to process in a buffered way. (Default: ```0```) Number of access log lines to process in a buffered way. (Default: ```0```)
@ -180,6 +183,9 @@ Trust all. (Default: ```false```)
`TRAEFIK_ENTRYPOINTS_<NAME>_PROXYPROTOCOL_TRUSTEDIPS`: `TRAEFIK_ENTRYPOINTS_<NAME>_PROXYPROTOCOL_TRUSTEDIPS`:
Trust only selected IPs. Trust only selected IPs.
`TRAEFIK_ENTRYPOINTS_<NAME>_REUSEPORT`:
Enables EntryPoints from the same or different processes listening on the same TCP/UDP port. (Default: ```false```)
`TRAEFIK_ENTRYPOINTS_<NAME>_TRANSPORT_KEEPALIVEMAXREQUESTS`: `TRAEFIK_ENTRYPOINTS_<NAME>_TRANSPORT_KEEPALIVEMAXREQUESTS`:
Maximum number of requests before closing a keep-alive connection. (Default: ```0```) Maximum number of requests before closing a keep-alive connection. (Default: ```0```)
@ -264,6 +270,9 @@ Maximum size in megabytes of the log file before it gets rotated. (Default: ```0
`TRAEFIK_LOG_NOCOLOR`: `TRAEFIK_LOG_NOCOLOR`:
When using the 'common' format, disables the colorized output. (Default: ```false```) When using the 'common' format, disables the colorized output. (Default: ```false```)
`TRAEFIK_METRICS_ADDINTERNALS`:
Enables metrics for internal services (ping, dashboard, etc...). (Default: ```false```)
`TRAEFIK_METRICS_DATADOG`: `TRAEFIK_METRICS_DATADOG`:
Datadog metrics exporter type. (Default: ```false```) Datadog metrics exporter type. (Default: ```false```)
@ -315,51 +324,63 @@ InfluxDB v2 push interval. (Default: ```10```)
`TRAEFIK_METRICS_INFLUXDB2_TOKEN`: `TRAEFIK_METRICS_INFLUXDB2_TOKEN`:
InfluxDB v2 access token. InfluxDB v2 access token.
`TRAEFIK_METRICS_OPENTELEMETRY`: `TRAEFIK_METRICS_OTLP`:
OpenTelemetry metrics exporter type. (Default: ```false```) OpenTelemetry metrics exporter type. (Default: ```false```)
`TRAEFIK_METRICS_OPENTELEMETRY_ADDENTRYPOINTSLABELS`: `TRAEFIK_METRICS_OTLP_ADDENTRYPOINTSLABELS`:
Enable metrics on entry points. (Default: ```true```) Enable metrics on entry points. (Default: ```true```)
`TRAEFIK_METRICS_OPENTELEMETRY_ADDRESS`: `TRAEFIK_METRICS_OTLP_ADDROUTERSLABELS`:
Address (host:port) of the collector endpoint. (Default: ```localhost:4318```)
`TRAEFIK_METRICS_OPENTELEMETRY_ADDROUTERSLABELS`:
Enable metrics on routers. (Default: ```false```) Enable metrics on routers. (Default: ```false```)
`TRAEFIK_METRICS_OPENTELEMETRY_ADDSERVICESLABELS`: `TRAEFIK_METRICS_OTLP_ADDSERVICESLABELS`:
Enable metrics on services. (Default: ```true```) Enable metrics on services. (Default: ```true```)
`TRAEFIK_METRICS_OPENTELEMETRY_EXPLICITBOUNDARIES`: `TRAEFIK_METRICS_OTLP_EXPLICITBOUNDARIES`:
Boundaries for latency metrics. (Default: ```0.005000, 0.010000, 0.025000, 0.050000, 0.100000, 0.250000, 0.500000, 1.000000, 2.500000, 5.000000, 10.000000```) Boundaries for latency metrics. (Default: ```0.005000, 0.010000, 0.025000, 0.050000, 0.100000, 0.250000, 0.500000, 1.000000, 2.500000, 5.000000, 10.000000```)
`TRAEFIK_METRICS_OPENTELEMETRY_GRPC`: `TRAEFIK_METRICS_OTLP_GRPC_ENDPOINT`:
gRPC specific configuration for the OpenTelemetry collector. (Default: ```true```) Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`TRAEFIK_METRICS_OPENTELEMETRY_HEADERS_<NAME>`: `TRAEFIK_METRICS_OTLP_GRPC_HEADERS_<NAME>`:
Headers sent with payload. Headers sent with payload.
`TRAEFIK_METRICS_OPENTELEMETRY_INSECURE`: `TRAEFIK_METRICS_OTLP_GRPC_INSECURE`:
Disables client transport security for the exporter. (Default: ```false```) Disables client transport security for the exporter. (Default: ```false```)
`TRAEFIK_METRICS_OPENTELEMETRY_PATH`: `TRAEFIK_METRICS_OTLP_GRPC_TLS_CA`:
Set the URL path of the collector endpoint.
`TRAEFIK_METRICS_OPENTELEMETRY_PUSHINTERVAL`:
Period between calls to collect a checkpoint. (Default: ```10```)
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_CA`:
TLS CA TLS CA
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_CERT`: `TRAEFIK_METRICS_OTLP_GRPC_TLS_CERT`:
TLS cert TLS cert
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_INSECURESKIPVERIFY`: `TRAEFIK_METRICS_OTLP_GRPC_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```) TLS insecure skip verify (Default: ```false```)
`TRAEFIK_METRICS_OPENTELEMETRY_TLS_KEY`: `TRAEFIK_METRICS_OTLP_GRPC_TLS_KEY`:
TLS key TLS key
`TRAEFIK_METRICS_OTLP_HTTP_ENDPOINT`:
Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`TRAEFIK_METRICS_OTLP_HTTP_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_METRICS_OTLP_HTTP_TLS_CA`:
TLS CA
`TRAEFIK_METRICS_OTLP_HTTP_TLS_CERT`:
TLS cert
`TRAEFIK_METRICS_OTLP_HTTP_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```)
`TRAEFIK_METRICS_OTLP_HTTP_TLS_KEY`:
TLS key
`TRAEFIK_METRICS_OTLP_PUSHINTERVAL`:
Period between calls to collect a checkpoint. (Default: ```10```)
`TRAEFIK_METRICS_PROMETHEUS`: `TRAEFIK_METRICS_PROMETHEUS`:
Prometheus metrics exporter type. (Default: ```false```) Prometheus metrics exporter type. (Default: ```false```)
@ -990,18 +1011,21 @@ Defines the allowed SPIFFE trust domain.
`TRAEFIK_TRACING`: `TRAEFIK_TRACING`:
OpenTracing configuration. (Default: ```false```) OpenTracing configuration. (Default: ```false```)
`TRAEFIK_TRACING_ADDINTERNALS`:
Enables tracing for internal services (ping, dashboard, etc...). (Default: ```false```)
`TRAEFIK_TRACING_GLOBALATTRIBUTES_<NAME>`: `TRAEFIK_TRACING_GLOBALATTRIBUTES_<NAME>`:
Defines additional attributes (key:value) on all spans. Defines additional attributes (key:value) on all spans.
`TRAEFIK_TRACING_HEADERS_<NAME>`:
Defines additional headers to be sent with the payloads.
`TRAEFIK_TRACING_OTLP`: `TRAEFIK_TRACING_OTLP`:
Settings for OpenTelemetry. (Default: ```false```) Settings for OpenTelemetry. (Default: ```false```)
`TRAEFIK_TRACING_OTLP_GRPC_ENDPOINT`: `TRAEFIK_TRACING_OTLP_GRPC_ENDPOINT`:
Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```) Sets the gRPC endpoint (host:port) of the collector. (Default: ```localhost:4317```)
`TRAEFIK_TRACING_OTLP_GRPC_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_TRACING_OTLP_GRPC_INSECURE`: `TRAEFIK_TRACING_OTLP_GRPC_INSECURE`:
Disables client transport security for the exporter. (Default: ```false```) Disables client transport security for the exporter. (Default: ```false```)
@ -1018,7 +1042,10 @@ TLS insecure skip verify (Default: ```false```)
TLS key TLS key
`TRAEFIK_TRACING_OTLP_HTTP_ENDPOINT`: `TRAEFIK_TRACING_OTLP_HTTP_ENDPOINT`:
Sets the HTTP endpoint (scheme://host:port/v1/traces) of the collector. (Default: ```localhost:4318```) Sets the HTTP endpoint (scheme://host:port/path) of the collector. (Default: ```https://localhost:4318```)
`TRAEFIK_TRACING_OTLP_HTTP_HEADERS_<NAME>`:
Headers sent with payload.
`TRAEFIK_TRACING_OTLP_HTTP_TLS_CA`: `TRAEFIK_TRACING_OTLP_HTTP_TLS_CA`:
TLS CA TLS CA

View file

@ -30,6 +30,7 @@
[entryPoints] [entryPoints]
[entryPoints.EntryPoint0] [entryPoints.EntryPoint0]
address = "foobar" address = "foobar"
reusePort = true
asDefault = true asDefault = true
[entryPoints.EntryPoint0.transport] [entryPoints.EntryPoint0.transport]
keepAliveMaxTime = "42s" keepAliveMaxTime = "42s"
@ -276,6 +277,7 @@
disableDashboardAd = true disableDashboardAd = true
[metrics] [metrics]
addInternals = true
[metrics.prometheus] [metrics.prometheus]
buckets = [42.0, 42.0] buckets = [42.0, 42.0]
addEntryPointsLabels = true addEntryPointsLabels = true
@ -312,24 +314,33 @@
[metrics.influxDB2.additionalLabels] [metrics.influxDB2.additionalLabels]
name0 = "foobar" name0 = "foobar"
name1 = "foobar" name1 = "foobar"
[metrics.openTelemetry] [metrics.otlp]
address = "foobar"
addEntryPointsLabels = true addEntryPointsLabels = true
addRoutersLabels = true addRoutersLabels = true
addServicesLabels = true addServicesLabels = true
explicitBoundaries = [42.0, 42.0] explicitBoundaries = [42.0, 42.0]
insecure = true
path = "foobar"
pushInterval = "42s" pushInterval = "42s"
[metrics.openTelemetry.grpc] [metrics.otlp.grpc]
[metrics.openTelemetry.headers] endpoint = "foobar"
name0 = "foobar" insecure = true
name1 = "foobar" [metrics.otlp.grpc.tls]
[metrics.openTelemetry.tls]
ca = "foobar" ca = "foobar"
cert = "foobar" cert = "foobar"
key = "foobar" key = "foobar"
insecureSkipVerify = true insecureSkipVerify = true
[metrics.otlp.grpc.headers]
name0 = "foobar"
name1 = "foobar"
[metrics.otlp.http]
endpoint = "foobar"
[metrics.otlp.http.tls]
ca = "foobar"
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
[metrics.otlp.http.headers]
name0 = "foobar"
name1 = "foobar"
[ping] [ping]
entryPoint = "foobar" entryPoint = "foobar"
@ -350,6 +361,7 @@
filePath = "foobar" filePath = "foobar"
format = "foobar" format = "foobar"
bufferingSize = 42 bufferingSize = 42
addInternals = true
[accessLog.filters] [accessLog.filters]
statusCodes = ["foobar", "foobar"] statusCodes = ["foobar", "foobar"]
retryAttempts = true retryAttempts = true
@ -368,9 +380,7 @@
[tracing] [tracing]
serviceName = "foobar" serviceName = "foobar"
sampleRate = 42.0 sampleRate = 42.0
[tracing.headers] addInternals = true
name0 = "foobar"
name1 = "foobar"
[tracing.globalAttributes] [tracing.globalAttributes]
name0 = "foobar" name0 = "foobar"
name1 = "foobar" name1 = "foobar"
@ -383,6 +393,9 @@
cert = "foobar" cert = "foobar"
key = "foobar" key = "foobar"
insecureSkipVerify = true insecureSkipVerify = true
[tracing.otlp.grpc.headers]
name0 = "foobar"
name1 = "foobar"
[tracing.otlp.http] [tracing.otlp.http]
endpoint = "foobar" endpoint = "foobar"
[tracing.otlp.http.tls] [tracing.otlp.http.tls]
@ -390,6 +403,9 @@
cert = "foobar" cert = "foobar"
key = "foobar" key = "foobar"
insecureSkipVerify = true insecureSkipVerify = true
[tracing.otlp.http.headers]
name0 = "foobar"
name1 = "foobar"
[hostResolver] [hostResolver]
cnameFlattening = true cnameFlattening = true

View file

@ -35,6 +35,7 @@ tcpServersTransport:
entryPoints: entryPoints:
EntryPoint0: EntryPoint0:
address: foobar address: foobar
reusePort: true
asDefault: true asDefault: true
transport: transport:
lifeCycle: lifeCycle:
@ -307,6 +308,7 @@ api:
debug: true debug: true
disableDashboardAd: true disableDashboardAd: true
metrics: metrics:
addInternals: true
prometheus: prometheus:
buckets: buckets:
- 42 - 42
@ -345,26 +347,35 @@ metrics:
additionalLabels: additionalLabels:
name0: foobar name0: foobar
name1: foobar name1: foobar
openTelemetry: otlp:
grpc: {} grpc:
address: foobar endpoint: foobar
insecure: true
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
http:
endpoint: foobar
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
addEntryPointsLabels: true addEntryPointsLabels: true
addRoutersLabels: true addRoutersLabels: true
addServicesLabels: true addServicesLabels: true
explicitBoundaries: explicitBoundaries:
- 42 - 42
- 42 - 42
headers:
name0: foobar
name1: foobar
insecure: true
path: foobar
pushInterval: 42s pushInterval: 42s
tls:
ca: foobar
cert: foobar
key: foobar
insecureSkipVerify: true
ping: ping:
entryPoint: foobar entryPoint: foobar
manualRouting: true manualRouting: true
@ -398,15 +409,14 @@ accessLog:
name0: foobar name0: foobar
name1: foobar name1: foobar
bufferingSize: 42 bufferingSize: 42
addInternals: true
tracing: tracing:
serviceName: foobar serviceName: foobar
headers:
name0: foobar
name1: foobar
globalAttributes: globalAttributes:
name0: foobar name0: foobar
name1: foobar name1: foobar
sampleRate: 42 sampleRate: 42
addInternals: true
otlp: otlp:
grpc: grpc:
endpoint: foobar endpoint: foobar
@ -416,6 +426,9 @@ tracing:
cert: foobar cert: foobar
key: foobar key: foobar
insecureSkipVerify: true insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
http: http:
endpoint: foobar endpoint: foobar
tls: tls:
@ -423,6 +436,9 @@ tracing:
cert: foobar cert: foobar
key: foobar key: foobar
insecureSkipVerify: true insecureSkipVerify: true
headers:
name0: foobar
name1: foobar
hostResolver: hostResolver:
cnameFlattening: true cnameFlattening: true
resolvConfig: foobar resolvConfig: foobar

View file

@ -233,6 +233,79 @@ If both TCP and UDP are wanted for the same port, two entryPoints definitions ar
Full details for how to specify `address` can be found in [net.Listen](https://golang.org/pkg/net/#Listen) (and [net.Dial](https://golang.org/pkg/net/#Dial)) of the doc for go. Full details for how to specify `address` can be found in [net.Listen](https://golang.org/pkg/net/#Listen) (and [net.Dial](https://golang.org/pkg/net/#Dial)) of the doc for go.
### ReusePort
_Optional, Default=false_
The `ReusePort` option enables EntryPoints from the same or different processes
listening on the same TCP/UDP port by utilizing the `SO_REUSEPORT` socket option.
It also allows the kernel to act like a load balancer to distribute incoming
connections between entry points.
For example, you can use it with the [transport.lifeCycle](#lifecycle) to do
canary deployments against Traefik itself. Like upgrading Traefik version or
reloading the static configuration without any service downtime.
!!! warning "Supported platforms"
The `ReusePort` option currently works only on Linux, FreeBSD, OpenBSD and Darwin.
It will be ignored on other platforms.
There is a known bug in the Linux kernel that may cause unintended TCP connection failures when using the `ReusePort` option.
For more details, see https://lwn.net/Articles/853637/.
??? example "Listen on the same port"
```yaml tab="File (yaml)"
entryPoints:
web:
address: ":80"
reusePort: true
```
```toml tab="File (TOML)"
[entryPoints.web]
address = ":80"
reusePort = true
```
```bash tab="CLI"
--entrypoints.web.address=:80
--entrypoints.web.reusePort=true
```
Now it is possible to run multiple Traefik processes with the same EntryPoint configuration.
??? example "Listen on the same port but bind to a different host"
```yaml tab="File (yaml)"
entryPoints:
web:
address: ":80"
reusePort: true
privateWeb:
address: "192.168.1.2:80"
reusePort: true
```
```toml tab="File (TOML)"
[entryPoints.web]
address = ":80"
reusePort = true
[entryPoints.privateWeb]
address = "192.168.1.2:80"
reusePort = true
```
```bash tab="CLI"
--entrypoints.web.address=:80
--entrypoints.web.reusePort=true
--entrypoints.privateWeb.address=192.168.1.2:80
--entrypoints.privateWeb.reusePort=true
```
Requests to `192.168.1.2:80` will only be handled by routers that have `privateWeb` as the entry point.
### AsDefault ### AsDefault
_Optional, Default=false_ _Optional, Default=false_
@ -650,7 +723,7 @@ The maximum number of requests Traefik can handle before sending a `Connection:
```bash tab="CLI" ```bash tab="CLI"
## Static configuration ## Static configuration
--entryPoints.name.address=:8888 --entryPoints.name.address=:8888
--entryPoints.name.transport.keepAliveRequests=42 --entryPoints.name.transport.keepAliveMaxRequests=42
``` ```
#### `keepAliveMaxTime` #### `keepAliveMaxTime`
@ -680,7 +753,7 @@ The maximum duration Traefik can handle requests before sending a `Connection: C
```bash tab="CLI" ```bash tab="CLI"
## Static configuration ## Static configuration
--entryPoints.name.address=:8888 --entryPoints.name.address=:8888
--entryPoints.name.transport.keepAliveTime=42s --entryPoints.name.transport.keepAliveMaxTime=42s
``` ```
### ProxyProtocol ### ProxyProtocol

View file

@ -1617,6 +1617,46 @@ Below are the available options for the PROXY protocol:
version = 1 version = 1
``` ```
#### Termination Delay
!!! warning
Deprecated in favor of [`serversTransport.terminationDelay`](#terminationdelay).
Please note that if any `serversTransport` configuration on the servers load balancer is found,
it will take precedence over the servers load balancer `terminationDelay` value,
even if the `serversTransport.terminationDelay` is undefined.
As a proxy between a client and a server, it can happen that either side (e.g. client side) decides to terminate its writing capability on the connection (i.e. issuance of a FIN packet).
The proxy needs to propagate that intent to the other side, and so when that happens, it also does the same on its connection with the other side (e.g. backend side).
However, if for some reason (bad implementation, or malicious intent) the other side does not eventually do the same as well,
the connection would stay half-open, which would lock resources for however long.
To that end, as soon as the proxy enters this termination sequence, it sets a deadline on fully terminating the connections on both sides.
The termination delay controls that deadline.
It is a duration in milliseconds, defaulting to 100.
A negative value means an infinite deadline (i.e. the connection is never fully terminated by the proxy itself).
??? example "A Service with a termination delay -- Using the [File Provider](../../providers/file.md)"
```yaml tab="YAML"
## Dynamic configuration
tcp:
services:
my-service:
loadBalancer:
terminationDelay: 200
```
```toml tab="TOML"
## Dynamic configuration
[tcp.services]
[tcp.services.my-service.loadBalancer]
[[tcp.services.my-service.loadBalancer]]
terminationDelay = 200
```
### Weighted Round Robin ### Weighted Round Robin
The Weighted Round Robin (alias `WRR`) load-balancer of services is in charge of balancing the requests between multiple services based on provided weights. The Weighted Round Robin (alias `WRR`) load-balancer of services is in charge of balancing the requests between multiple services based on provided weights.

View file

@ -149,11 +149,16 @@ nav:
- 'API': 'operations/api.md' - 'API': 'operations/api.md'
- 'Ping': 'operations/ping.md' - 'Ping': 'operations/ping.md'
- 'Observability': - 'Observability':
- 'Overview': 'observability/overview.md'
- 'Logs': 'observability/logs.md' - 'Logs': 'observability/logs.md'
- 'Access Logs': 'observability/access-logs.md' - 'Access Logs': 'observability/access-logs.md'
- 'Metrics': - 'Metrics':
- 'Overview': 'observability/metrics/overview.md' - 'Overview': 'observability/metrics/overview.md'
- 'Datadog': 'observability/metrics/datadog.md'
- 'InfluxDB2': 'observability/metrics/influxdb2.md'
- 'OpenTelemetry': 'observability/metrics/opentelemetry.md' - 'OpenTelemetry': 'observability/metrics/opentelemetry.md'
- 'Prometheus': 'observability/metrics/prometheus.md'
- 'StatsD': 'observability/metrics/statsd.md'
- 'Tracing': - 'Tracing':
- 'Overview': 'observability/tracing/overview.md' - 'Overview': 'observability/tracing/overview.md'
- 'OpenTelemetry': 'observability/tracing/opentelemetry.md' - 'OpenTelemetry': 'observability/tracing/opentelemetry.md'

91
go.mod
View file

@ -1,6 +1,6 @@
module github.com/traefik/traefik/v3 module github.com/traefik/traefik/v3
go 1.21 go 1.22
require ( require (
github.com/BurntSushi/toml v1.3.2 github.com/BurntSushi/toml v1.3.2
@ -17,7 +17,7 @@ require (
github.com/docker/go-connections v0.4.0 github.com/docker/go-connections v0.4.0
github.com/fatih/structs v1.1.0 github.com/fatih/structs v1.1.0
github.com/fsnotify/fsnotify v1.7.0 github.com/fsnotify/fsnotify v1.7.0
github.com/go-acme/lego/v4 v4.14.0 github.com/go-acme/lego/v4 v4.15.0
github.com/go-kit/kit v0.10.1-0.20200915143503-439c4d2ed3ea github.com/go-kit/kit v0.10.1-0.20200915143503-439c4d2ed3ea
github.com/golang/protobuf v1.5.3 github.com/golang/protobuf v1.5.3
github.com/google/go-github/v28 v28.1.1 github.com/google/go-github/v28 v28.1.1
@ -26,7 +26,7 @@ require (
github.com/hashicorp/consul/api v1.26.1 github.com/hashicorp/consul/api v1.26.1
github.com/hashicorp/go-hclog v1.5.0 github.com/hashicorp/go-hclog v1.5.0
github.com/hashicorp/go-multierror v1.1.1 github.com/hashicorp/go-multierror v1.1.1
github.com/hashicorp/go-retryablehttp v0.7.4 github.com/hashicorp/go-retryablehttp v0.7.5
github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/go-version v1.6.0
github.com/hashicorp/nomad/api v0.0.0-20240122103822-8a4bd61caf74 github.com/hashicorp/nomad/api v0.0.0-20240122103822-8a4bd61caf74
github.com/http-wasm/http-wasm-host-go v0.5.2 github.com/http-wasm/http-wasm-host-go v0.5.2
@ -39,7 +39,7 @@ require (
github.com/kvtools/valkeyrie v1.0.0 github.com/kvtools/valkeyrie v1.0.0
github.com/kvtools/zookeeper v1.0.2 github.com/kvtools/zookeeper v1.0.2
github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f
github.com/miekg/dns v1.1.55 github.com/miekg/dns v1.1.58
github.com/mitchellh/copystructure v1.2.0 github.com/mitchellh/copystructure v1.2.0
github.com/mitchellh/hashstructure v1.0.0 github.com/mitchellh/hashstructure v1.0.0
github.com/mitchellh/mapstructure v1.5.0 github.com/mitchellh/mapstructure v1.5.0
@ -78,11 +78,12 @@ require (
go.opentelemetry.io/otel/sdk/metric v1.21.0 go.opentelemetry.io/otel/sdk/metric v1.21.0
go.opentelemetry.io/otel/trace v1.21.0 go.opentelemetry.io/otel/trace v1.21.0
golang.org/x/exp v0.0.0-20231006140011-7918f672742d golang.org/x/exp v0.0.0-20231006140011-7918f672742d
golang.org/x/mod v0.13.0 golang.org/x/mod v0.14.0
golang.org/x/net v0.17.0 golang.org/x/net v0.20.0
golang.org/x/text v0.13.0 golang.org/x/sys v0.16.0
golang.org/x/time v0.3.0 golang.org/x/text v0.14.0
golang.org/x/tools v0.14.0 golang.org/x/time v0.5.0
golang.org/x/tools v0.17.0
google.golang.org/grpc v1.59.0 google.golang.org/grpc v1.59.0
gopkg.in/yaml.v3 v3.0.1 gopkg.in/yaml.v3 v3.0.1
k8s.io/api v0.28.4 k8s.io/api v0.28.4
@ -108,8 +109,8 @@ require (
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.1.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.1.0 // indirect
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.27 // indirect github.com/Azure/go-autorest/autorest v0.11.29 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect github.com/Azure/go-autorest/autorest/adal v0.9.22 // indirect
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 // indirect github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 // indirect
github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
@ -128,26 +129,27 @@ require (
github.com/aliyun/alibaba-cloud-sdk-go v1.61.1755 // indirect github.com/aliyun/alibaba-cloud-sdk-go v1.61.1755 // indirect
github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 // indirect github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 // indirect
github.com/armon/go-metrics v0.4.1 // indirect github.com/armon/go-metrics v0.4.1 // indirect
github.com/aws/aws-sdk-go-v2 v1.20.3 // indirect github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
github.com/aws/aws-sdk-go-v2/config v1.18.28 // indirect github.com/aws/aws-sdk-go-v2/config v1.26.6 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.13.27 // indirect github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.40 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.34 // indirect github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.34 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
github.com/aws/aws-sdk-go-v2/service/lightsail v1.27.2 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
github.com/aws/aws-sdk-go-v2/service/route53 v1.28.4 // indirect github.com/aws/aws-sdk-go-v2/service/lightsail v1.34.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 // indirect github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 // indirect github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/smithy-go v1.14.2 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/aws/smithy-go v1.19.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect github.com/beorn7/perks v1.0.1 // indirect
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
github.com/bytedance/sonic v1.10.0 // indirect github.com/bytedance/sonic v1.10.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/civo/civogo v0.3.11 // indirect github.com/civo/civogo v0.3.11 // indirect
github.com/cloudflare/cloudflare-go v0.70.0 // indirect github.com/cloudflare/cloudflare-go v0.86.0 // indirect
github.com/containerd/containerd v1.7.11 // indirect github.com/containerd/containerd v1.7.11 // indirect
github.com/containerd/log v0.1.0 // indirect github.com/containerd/log v0.1.0 // indirect
github.com/coreos/go-semver v0.3.1 // indirect github.com/coreos/go-semver v0.3.1 // indirect
@ -164,12 +166,12 @@ require (
github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/evanphx/json-patch v5.7.0+incompatible // indirect github.com/evanphx/json-patch v5.7.0+incompatible // indirect
github.com/evanphx/json-patch/v5 v5.7.0 // indirect github.com/evanphx/json-patch/v5 v5.7.0 // indirect
github.com/exoscale/egoscale v0.100.1 // indirect github.com/exoscale/egoscale v0.102.3 // indirect
github.com/fatih/color v1.15.0 // indirect github.com/fatih/color v1.15.0 // indirect
github.com/ghodss/yaml v1.0.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect
github.com/gin-gonic/gin v1.9.1 // indirect github.com/gin-gonic/gin v1.9.1 // indirect
github.com/go-errors/errors v1.0.1 // indirect github.com/go-errors/errors v1.0.1 // indirect
github.com/go-jose/go-jose/v3 v3.0.0 // indirect github.com/go-jose/go-jose/v3 v3.0.1 // indirect
github.com/go-logfmt/logfmt v0.5.1 // indirect github.com/go-logfmt/logfmt v0.5.1 // indirect
github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/logr v1.3.0 // indirect
github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect
@ -178,9 +180,10 @@ require (
github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.4 // indirect github.com/go-openapi/swag v0.22.4 // indirect
github.com/go-playground/validator/v10 v10.15.1 // indirect github.com/go-playground/validator/v10 v10.15.1 // indirect
github.com/go-resty/resty/v2 v2.7.0 // indirect github.com/go-resty/resty/v2 v2.11.0 // indirect
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
github.com/go-zookeeper/zk v1.0.3 // indirect github.com/go-zookeeper/zk v1.0.3 // indirect
github.com/goccy/go-json v0.10.2 // indirect
github.com/gofrs/uuid v4.4.0+incompatible // indirect github.com/gofrs/uuid v4.4.0+incompatible // indirect
github.com/gogo/protobuf v1.3.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
@ -220,10 +223,9 @@ require (
github.com/kylelemons/godebug v1.1.0 // indirect github.com/kylelemons/godebug v1.1.0 // indirect
github.com/labbsr0x/bindman-dns-webhook v1.0.2 // indirect github.com/labbsr0x/bindman-dns-webhook v1.0.2 // indirect
github.com/labbsr0x/goh v1.0.1 // indirect github.com/labbsr0x/goh v1.0.1 // indirect
github.com/linode/linodego v1.17.2 // indirect github.com/linode/linodego v1.28.0 // indirect
github.com/liquidweb/go-lwApi v0.0.5 // indirect
github.com/liquidweb/liquidweb-cli v0.6.9 // indirect github.com/liquidweb/liquidweb-cli v0.6.9 // indirect
github.com/liquidweb/liquidweb-go v1.6.3 // indirect github.com/liquidweb/liquidweb-go v1.6.4 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/magiconair/properties v1.8.7 // indirect github.com/magiconair/properties v1.8.7 // indirect
github.com/mailgun/minheap v0.0.0-20170619185613-3dbe6c6bf55f // indirect github.com/mailgun/minheap v0.0.0-20170619185613-3dbe6c6bf55f // indirect
@ -247,13 +249,14 @@ require (
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
github.com/nrdcg/auroradns v1.1.0 // indirect github.com/nrdcg/auroradns v1.1.0 // indirect
github.com/nrdcg/bunny-go v0.0.0-20230728143221-c9dda82568d9 // indirect
github.com/nrdcg/desec v0.7.0 // indirect github.com/nrdcg/desec v0.7.0 // indirect
github.com/nrdcg/dnspod-go v0.4.0 // indirect github.com/nrdcg/dnspod-go v0.4.0 // indirect
github.com/nrdcg/freemyip v0.2.0 // indirect github.com/nrdcg/freemyip v0.2.0 // indirect
github.com/nrdcg/goinwx v0.8.2 // indirect github.com/nrdcg/goinwx v0.10.0 // indirect
github.com/nrdcg/namesilo v0.2.1 // indirect github.com/nrdcg/namesilo v0.2.1 // indirect
github.com/nrdcg/nodion v0.1.0 // indirect github.com/nrdcg/nodion v0.1.0 // indirect
github.com/nrdcg/porkbun v0.2.0 // indirect github.com/nrdcg/porkbun v0.3.0 // indirect
github.com/nzdjb/go-metaname v1.0.0 // indirect github.com/nzdjb/go-metaname v1.0.0 // indirect
github.com/onsi/ginkgo v1.16.5 // indirect github.com/onsi/ginkgo v1.16.5 // indirect
github.com/onsi/ginkgo/v2 v2.11.0 // indirect github.com/onsi/ginkgo/v2 v2.11.0 // indirect
@ -261,7 +264,7 @@ require (
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
github.com/opencontainers/runc v1.1.5 // indirect github.com/opencontainers/runc v1.1.5 // indirect
github.com/oracle/oci-go-sdk v24.3.0+incompatible // indirect github.com/oracle/oci-go-sdk v24.3.0+incompatible // indirect
github.com/ovh/go-ovh v1.4.1 // indirect github.com/ovh/go-ovh v1.4.3 // indirect
github.com/pelletier/go-toml/v2 v2.0.9 // indirect github.com/pelletier/go-toml/v2 v2.0.9 // indirect
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
github.com/pkg/errors v0.9.1 // indirect github.com/pkg/errors v0.9.1 // indirect
@ -277,13 +280,12 @@ require (
github.com/sacloud/go-http v0.1.6 // indirect github.com/sacloud/go-http v0.1.6 // indirect
github.com/sacloud/iaas-api-go v1.11.1 // indirect github.com/sacloud/iaas-api-go v1.11.1 // indirect
github.com/sacloud/packages-go v0.0.9 // indirect github.com/sacloud/packages-go v0.0.9 // indirect
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17 // indirect github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22 // indirect
github.com/shirou/gopsutil/v3 v3.23.11 // indirect github.com/shirou/gopsutil/v3 v3.23.11 // indirect
github.com/shoenig/go-m1cpu v0.1.6 // indirect github.com/shoenig/go-m1cpu v0.1.6 // indirect
github.com/shopspring/decimal v1.2.0 // indirect github.com/shopspring/decimal v1.2.0 // indirect
github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04 // indirect
github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect
github.com/softlayer/softlayer-go v1.1.2 // indirect github.com/softlayer/softlayer-go v1.1.3 // indirect
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
github.com/spf13/cast v1.3.1 // indirect github.com/spf13/cast v1.3.1 // indirect
github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/pflag v1.0.5 // indirect
@ -294,8 +296,8 @@ require (
github.com/tidwall/pretty v1.2.1 // indirect github.com/tidwall/pretty v1.2.1 // indirect
github.com/tklauser/go-sysconf v0.3.12 // indirect github.com/tklauser/go-sysconf v0.3.12 // indirect
github.com/tklauser/numcpus v0.6.1 // indirect github.com/tklauser/numcpus v0.6.1 // indirect
github.com/transip/gotransip/v6 v6.20.0 // indirect github.com/transip/gotransip/v6 v6.23.0 // indirect
github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c // indirect github.com/ultradns/ultradns-go-sdk v1.6.1-20231103022937-8589b6a // indirect
github.com/vinyldns/go-vinyldns v0.9.16 // indirect github.com/vinyldns/go-vinyldns v0.9.16 // indirect
github.com/vultr/govultr/v2 v2.17.2 // indirect github.com/vultr/govultr/v2 v2.17.2 // indirect
github.com/yandex-cloud/go-genproto v0.0.0-20220805142335-27b56ddae16f // indirect github.com/yandex-cloud/go-genproto v0.0.0-20220805142335-27b56ddae16f // indirect
@ -313,10 +315,9 @@ require (
go.uber.org/ratelimit v0.2.0 // indirect go.uber.org/ratelimit v0.2.0 // indirect
go.uber.org/zap v1.26.0 // indirect go.uber.org/zap v1.26.0 // indirect
golang.org/x/arch v0.4.0 // indirect golang.org/x/arch v0.4.0 // indirect
golang.org/x/crypto v0.14.0 // indirect golang.org/x/crypto v0.18.0 // indirect
golang.org/x/oauth2 v0.13.0 // indirect golang.org/x/oauth2 v0.16.0 // indirect
golang.org/x/sys v0.15.0 // indirect golang.org/x/term v0.16.0 // indirect
golang.org/x/term v0.13.0 // indirect
google.golang.org/api v0.128.0 // indirect google.golang.org/api v0.128.0 // indirect
google.golang.org/appengine v1.6.8 // indirect google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect
@ -326,7 +327,7 @@ require (
gopkg.in/h2non/gock.v1 v1.0.16 // indirect gopkg.in/h2non/gock.v1 v1.0.16 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/ns1/ns1-go.v2 v2.7.6 // indirect gopkg.in/ns1/ns1-go.v2 v2.7.13 // indirect
gopkg.in/square/go-jose.v2 v2.5.1 // indirect gopkg.in/square/go-jose.v2 v2.5.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect
k8s.io/klog/v2 v2.100.1 // indirect k8s.io/klog/v2 v2.100.1 // indirect

193
go.sum
View file

@ -42,11 +42,11 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg6
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc=
github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw=
github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs=
github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ=
github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= github.com/Azure/go-autorest/autorest/adal v0.9.22 h1:/GblQdIudfEM3AWWZ0mrYJQSd7JS4S/Mbzh6F0ov0Xc=
github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk=
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 h1:wkAZRgT/pn8HhFyzfe9UnqOjJYqlembgCTi72Bm/xKk= github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 h1:wkAZRgT/pn8HhFyzfe9UnqOjJYqlembgCTi72Bm/xKk=
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12/go.mod h1:84w/uV8E37feW2NCJ08uT9VBfjfUHpgLVnG2InYD6cg= github.com/Azure/go-autorest/autorest/azure/auth v0.5.12/go.mod h1:84w/uV8E37feW2NCJ08uT9VBfjfUHpgLVnG2InYD6cg=
github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 h1:0W/yGmFdTIT77fvdlGZ0LMISoLHFJ7Tx4U0yeB+uFs4= github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 h1:0W/yGmFdTIT77fvdlGZ0LMISoLHFJ7Tx4U0yeB+uFs4=
@ -122,39 +122,36 @@ github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN
github.com/aws/aws-sdk-go v1.44.327 h1:ZS8oO4+7MOBLhkdwIhgtVeDzCeWOlTfKJS7EgggbIEY= github.com/aws/aws-sdk-go v1.44.327 h1:ZS8oO4+7MOBLhkdwIhgtVeDzCeWOlTfKJS7EgggbIEY=
github.com/aws/aws-sdk-go v1.44.327/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.44.327/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
github.com/aws/aws-sdk-go-v2 v1.19.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= github.com/aws/aws-sdk-go-v2 v1.24.1 h1:xAojnj+ktS95YZlDf0zxWBkbFtymPeDP+rvUQIH3uAU=
github.com/aws/aws-sdk-go-v2 v1.20.3 h1:lgeKmAZhlj1JqN43bogrM75spIvYnRxqTAh1iupu1yE= github.com/aws/aws-sdk-go-v2 v1.24.1/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4=
github.com/aws/aws-sdk-go-v2 v1.20.3/go.mod h1:/RfNgGmRxI+iFOB1OeJUyxiU+9s88k3pfHvDagGEp0M= github.com/aws/aws-sdk-go-v2/config v1.26.6 h1:Z/7w9bUqlRI0FFQpetVuFYEsjzE3h7fpU6HuGmfPL/o=
github.com/aws/aws-sdk-go-v2/config v1.18.28 h1:TINEaKyh1Td64tqFvn09iYpKiWjmHYrG1fa91q2gnqw= github.com/aws/aws-sdk-go-v2/config v1.26.6/go.mod h1:uKU6cnDmYCvJ+pxO9S4cWDb2yWWIH5hra+32hVh1MI4=
github.com/aws/aws-sdk-go-v2/config v1.18.28/go.mod h1:nIL+4/8JdAuNHEjn/gPEXqtnS02Q3NXB/9Z7o5xE4+A= github.com/aws/aws-sdk-go-v2/credentials v1.16.16 h1:8q6Rliyv0aUFAVtzaldUEcS+T5gbadPbWdV1WcAddK8=
github.com/aws/aws-sdk-go-v2/credentials v1.13.27 h1:dz0yr/yR1jweAnsCx+BmjerUILVPQ6FS5AwF/OyG1kA= github.com/aws/aws-sdk-go-v2/credentials v1.16.16/go.mod h1:UHVZrdUsv63hPXFo1H7c5fEneoVo9UXiz36QG1GEPi0=
github.com/aws/aws-sdk-go-v2/credentials v1.13.27/go.mod h1:syOqAek45ZXZp29HlnRS/BNgMIW6uiRmeuQsz4Qh2UE= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 h1:c5I5iH+DZcH3xOIMlz3/tCKJDaHFwYEmxvlh2fAcFo8=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 h1:kP3Me6Fy3vdi+9uHd7YLr6ewPxRL+PU6y15urfTaamU= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11/go.mod h1:cRrYDYAMUohBJUtUnOhydaMHtiK/1NZ0Otc9lIb6O0Y=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5/go.mod h1:Gj7tm95r+QsDoN2Fhuz/3npQvcZbkEf5mL70n3Xfluc= github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 h1:vF+Zgd9s+H4vOXd5BMaPWykta2a6Ih0AKLq/X6NYKn4=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35/go.mod h1:ipR5PvpSPqIqL5Mi82BxLnfMkHVbmco8kUwO2xrCi0M= github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10/go.mod h1:6BkRjejp/GR4411UGqkX8+wFMbFbqsUIimfK4XjOKR4=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.40 h1:CXceCS9BrDInRc74GDCQ8Qyk/Gp9VLdK+Rlve+zELSE= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 h1:nYPe006ktcqUji8S2mqXf9c/7NdiKriOwMvWQHgYztw=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.40/go.mod h1:5kKmFhLeOVy6pwPDpDNA6/hK/d6URC98pqDDqHgdBx4= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10/go.mod h1:6UV4SZkVvmODfXKql4LCbaZUpF7HO2BX38FgBf9ZOLw=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29/go.mod h1:M/eUABlDbw2uVrdAn+UsI6M727qp2fxkp8K0ejcBDUY= github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 h1:n3GDfwqF2tzEkXlv5cuy4iy7LpKDtqDMcNLfZDu9rls=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.34 h1:B+nZtd22cbko5+793hg7LEaTeLMiZwlgCLUrN5Y0uzg= github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.34/go.mod h1:RZP0scceAyhMIQ9JvFp7HvkpcgqjL4l/4C+7RAeGbuM= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 h1:8r5m1BoAWkn0TDC34lUculryf7nUF25EgIMdjvGCkgo= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ=
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36/go.mod h1:Rmw2M1hMVTwiUhjwMoIBFWFJMhvJbct06sSidxInkhY= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 h1:DBYTXwIGQSGs9w4jKm60F5dmCQ3EEruxdc0MFh+3EY4=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29/go.mod h1:fDbkK4o7fpPXWn8YAPmTieAMuB9mk/VgvW64uaUqxd4= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10/go.mod h1:wohMUQiFdzo0NtxbBg0mSRGZ4vL3n0dKjLTINdcIino=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.34 h1:JwvXk+1ePAD9xkFHprhHYqwsxLDcbNFsPI1IAT2sPS0= github.com/aws/aws-sdk-go-v2/service/lightsail v1.34.0 h1:LvWkxBi/bsWHqj3bFTUuDLl4OAlbaM1HDZ9YPhj5+jg=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.34/go.mod h1:ytsF+t+FApY2lFnN51fJKPhH6ICKOPXKEcwwgmJEdWI= github.com/aws/aws-sdk-go-v2/service/lightsail v1.34.0/go.mod h1:35MKNS46RX7Lb9EIFP2bPy3WrJu+bxU6QgLis8K1aa4=
github.com/aws/aws-sdk-go-v2/service/lightsail v1.27.2 h1:PwNeYoonBzmTdCztKiiutws3U24KrnDBuabzRfIlZY4= github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0 h1:f3hBZWtpn9clZGXJoqahQeec9ZPZnu22g8pg+zNyif0=
github.com/aws/aws-sdk-go-v2/service/lightsail v1.27.2/go.mod h1:gQhLZrTEath4zik5ixIe6axvgY5jJrgSBDJ360Fxnco= github.com/aws/aws-sdk-go-v2/service/route53 v1.37.0/go.mod h1:8qqfpG4mug2JLlEyWPSFhEGvJiaZ9iPmMDDMYc5Xtas=
github.com/aws/aws-sdk-go-v2/service/route53 v1.28.4 h1:p4mTxJfCAyiTT4Wp6p/mOPa6j5MqCSRGot8qZwFs+Z0= github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 h1:eajuO3nykDPdYicLlP3AGgOyVN3MOlFmZv7WGTuJPow=
github.com/aws/aws-sdk-go-v2/service/route53 v1.28.4/go.mod h1:VBLWpaHvhQNeu7N9rMEf00SWeOONb/HvaDUxe/7b44k= github.com/aws/aws-sdk-go-v2/service/sso v1.18.7/go.mod h1:+mJNDdF+qiUlNKNC3fxn74WWNN+sOiGOEImje+3ScPM=
github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 h1:sWDv7cMITPcZ21QdreULwxOOAmE05JjEsT6fCDtDA9k= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 h1:QPMJf+Jw8E1l7zqhZmMlFw6w1NmfkfiSK8mS4zOx3BA=
github.com/aws/aws-sdk-go-v2/service/sso v1.12.13/go.mod h1:DfX0sWuT46KpcqbMhJ9QWtxAIP1VozkDWf8VAkByjYY= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7/go.mod h1:ykf3COxYI0UJmxcfcxcVuz7b6uADi1FkiUz6Eb7AgM8=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 h1:BFubHS/xN5bjl818QaroN6mQdjneYQ+AOx44KNXlyH4= github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 h1:NzO4Vrau795RkUdSHKEwiR01FaGzGOH1EETJ+5QHnm0=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13/go.mod h1:BzqsVVFduubEmzrVtUFQQIQdFqvUItF8XUq2EnS8Wog= github.com/aws/aws-sdk-go-v2/service/sts v1.26.7/go.mod h1:6h2YuIoxaMSCFf5fi1EgZAwdfkGMgDY+DVfa61uLe4U=
github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 h1:e5mnydVdCVWxP+5rPAGi2PYxC7u2OZgH1ypC114H04U= github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM=
github.com/aws/aws-sdk-go-v2/service/sts v1.19.3/go.mod h1:yVGZA1CPkmUhBdA039jXNJJG7/6t+G+EBWmFq23xqnY= github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE=
github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/aws/smithy-go v1.14.2 h1:MJU9hqBGbvWZdApzpvoF2WAIJDbtjK2NDJSiJP7HblQ=
github.com/aws/smithy-go v1.14.2/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@ -199,8 +196,8 @@ github.com/civo/civogo v0.3.11 h1:mON/fyrV946Sbk6paRtOSGsN+asCgCmHCgArf5xmGxM=
github.com/civo/civogo v0.3.11/go.mod h1:7+GeeFwc4AYTULaEshpT2vIcl3Qq8HPoxA17viX3l6g= github.com/civo/civogo v0.3.11/go.mod h1:7+GeeFwc4AYTULaEshpT2vIcl3Qq8HPoxA17viX3l6g=
github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE= github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cloudflare/cloudflare-go v0.70.0 h1:4opGbUygM8DjirUuaz23jn3akuAcnOCEx+0nQtQEcFo= github.com/cloudflare/cloudflare-go v0.86.0 h1:jEKN5VHNYNYtfDL2lUFLTRo+nOVNPFxpXTstVx0rqHI=
github.com/cloudflare/cloudflare-go v0.70.0/go.mod h1:VW6GuazkaZ4xEDkFt24lkXQUsE8q7BiGqDniC2s8WEM= github.com/cloudflare/cloudflare-go v0.86.0/go.mod h1:wYW/5UP02TUfBToa/yKbQHV+r6h1NnJ1Je7XjuGM4Jw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
@ -306,8 +303,8 @@ github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ
github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc=
github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
github.com/exoscale/egoscale v0.100.1 h1:iXsV1Ei7daqe/6FYSCSDyrFs1iUG1l1X9qNh2uMw6z0= github.com/exoscale/egoscale v0.102.3 h1:DYqN2ipoLKpiFoprRGQkp2av/Ze7sUYYlGhi1N62tfY=
github.com/exoscale/egoscale v0.100.1/go.mod h1:BAb9p4rmyU+Wl400CJZO5270H2sXtdsZjLcm5xMKkz4= github.com/exoscale/egoscale v0.102.3/go.mod h1:RPf2Gah6up+6kAEayHTQwqapzXlm93f0VQas/UEGU5c=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
@ -338,15 +335,15 @@ github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwv
github.com/gin-gonic/gin v1.7.4/go.mod h1:jD2toBW3GZUr5UMcdrwQA10I7RuaFOl/SGeDjXkfUtY= github.com/gin-gonic/gin v1.7.4/go.mod h1:jD2toBW3GZUr5UMcdrwQA10I7RuaFOl/SGeDjXkfUtY=
github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg= github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
github.com/go-acme/lego/v4 v4.14.0 h1:/skZoRHgVh0d2RK7l1g3Ch8HqeqP9LB8ZEjLdGEpcDE= github.com/go-acme/lego/v4 v4.15.0 h1:A7MHEU3b+TDFqhC/HmzMJnzPbyeaYvMZQBbqgvbThhU=
github.com/go-acme/lego/v4 v4.14.0/go.mod h1:zjmvNCDLGz7GrC1OqdVpVmZFKSRabEDtWbdzmcpBsGo= github.com/go-acme/lego/v4 v4.15.0/go.mod h1:eeGhjW4zWT7Ccqa3sY7ayEqFLCAICx+mXgkMHKIkLxg=
github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJpoZOs= github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJpoZOs=
github.com/go-cmd/cmd v1.0.5/go.mod h1:y8q8qlK5wQibcw63djSl/ntiHUHXHGdCkPk0j4QeW4s= github.com/go-cmd/cmd v1.0.5/go.mod h1:y8q8qlK5wQibcw63djSl/ntiHUHXHGdCkPk0j4QeW4s=
github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w=
github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA=
github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.10.1-0.20200915143503-439c4d2ed3ea h1:CnEQOUv4ilElSwFB9g/lVmz206oLE4aNZDYngIY1Gvg= github.com/go-kit/kit v0.10.1-0.20200915143503-439c4d2ed3ea h1:CnEQOUv4ilElSwFB9g/lVmz206oLE4aNZDYngIY1Gvg=
@ -390,8 +387,8 @@ github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn
github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
github.com/go-playground/validator/v10 v10.15.1 h1:BSe8uhN+xQ4r5guV/ywQI4gO59C2raYcGffYWZEjZzM= github.com/go-playground/validator/v10 v10.15.1 h1:BSe8uhN+xQ4r5guV/ywQI4gO59C2raYcGffYWZEjZzM=
github.com/go-playground/validator/v10 v10.15.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= github.com/go-playground/validator/v10 v10.15.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY= github.com/go-resty/resty/v2 v2.11.0 h1:i7jMfNOJYMp69lq7qozJP+bjgzfAzeOhuGlyDrqxT/8=
github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I= github.com/go-resty/resty/v2 v2.11.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A=
github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
@ -480,7 +477,6 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
@ -569,8 +565,8 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
@ -709,15 +705,13 @@ github.com/lestrrat-go/jwx v1.2.7/go.mod h1:bw24IXWbavc0R2RsOtpXL7RtMyP589yZ1+L7
github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM= github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4= github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
github.com/linode/linodego v1.17.2 h1:b32dj4662PGG5P9qVa6nBezccWdqgukndlMIuPGq1CQ= github.com/linode/linodego v1.28.0 h1:lzxxJebsYg5cCWRNDLyL2StW3sfMyAwf/FYfxFjFrlk=
github.com/linode/linodego v1.17.2/go.mod h1:C2iyT3Vg2O2sPxkWka4XAQ5WSUtm5LmTZ3Adw43Ra7Q= github.com/linode/linodego v1.28.0/go.mod h1:5oAsx+uinHtVo6U77nXXXtox7MWzUW6aEkTOKXxA9uo=
github.com/liquidweb/go-lwApi v0.0.0-20190605172801-52a4864d2738/go.mod h1:0sYF9rMXb0vlG+4SzdiGMXHheCZxjguMq+Zb4S2BfBs= github.com/liquidweb/go-lwApi v0.0.0-20190605172801-52a4864d2738/go.mod h1:0sYF9rMXb0vlG+4SzdiGMXHheCZxjguMq+Zb4S2BfBs=
github.com/liquidweb/go-lwApi v0.0.5 h1:CT4cdXzJXmo0bon298kS7NeSk+Gt8/UHpWBBol1NGCA=
github.com/liquidweb/go-lwApi v0.0.5/go.mod h1:0sYF9rMXb0vlG+4SzdiGMXHheCZxjguMq+Zb4S2BfBs=
github.com/liquidweb/liquidweb-cli v0.6.9 h1:acbIvdRauiwbxIsOCEMXGwF75aSJDbDiyAWPjVnwoYM= github.com/liquidweb/liquidweb-cli v0.6.9 h1:acbIvdRauiwbxIsOCEMXGwF75aSJDbDiyAWPjVnwoYM=
github.com/liquidweb/liquidweb-cli v0.6.9/go.mod h1:cE1uvQ+x24NGUL75D0QagOFCG8Wdvmwu8aL9TLmA/eQ= github.com/liquidweb/liquidweb-cli v0.6.9/go.mod h1:cE1uvQ+x24NGUL75D0QagOFCG8Wdvmwu8aL9TLmA/eQ=
github.com/liquidweb/liquidweb-go v1.6.3 h1:NVHvcnX3eb3BltiIoA+gLYn15nOpkYkdizOEYGSKrk4= github.com/liquidweb/liquidweb-go v1.6.4 h1:6S0m3hHSpiLqGD7AFSb7lH/W/qr1wx+tKil9fgIbjMc=
github.com/liquidweb/liquidweb-go v1.6.3/go.mod h1:SuXXp+thr28LnjEw18AYtWwIbWMHSUiajPQs8T9c/Rc= github.com/liquidweb/liquidweb-go v1.6.4/go.mod h1:B934JPIIcdA+uTq2Nz5PgOtG6CuCaEvQKe/Ge/5GgZ4=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4= github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I= github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
@ -771,8 +765,8 @@ github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3N
github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI=
github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo= github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
github.com/miekg/dns v1.1.55/go.mod h1:uInx36IzPl7FYnDcMeVWxj9byh7DutNykX4G9Sj60FY= github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
github.com/mimuret/golang-iij-dpf v0.9.1 h1:Gj6EhHJkOhr+q2RnvRPJsPMcjuVnWPSccEHyoEehU34= github.com/mimuret/golang-iij-dpf v0.9.1 h1:Gj6EhHJkOhr+q2RnvRPJsPMcjuVnWPSccEHyoEehU34=
github.com/mimuret/golang-iij-dpf v0.9.1/go.mod h1:sl9KyOkESib9+KRD3HaGpgi1xk7eoN2+d96LCLsME2M= github.com/mimuret/golang-iij-dpf v0.9.1/go.mod h1:sl9KyOkESib9+KRD3HaGpgi1xk7eoN2+d96LCLsME2M=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
@ -839,20 +833,22 @@ github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uY
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
github.com/nrdcg/auroradns v1.1.0 h1:KekGh8kmf2MNwqZVVYo/fw/ZONt8QMEmbMFOeljteWo= github.com/nrdcg/auroradns v1.1.0 h1:KekGh8kmf2MNwqZVVYo/fw/ZONt8QMEmbMFOeljteWo=
github.com/nrdcg/auroradns v1.1.0/go.mod h1:O7tViUZbAcnykVnrGkXzIJTHoQCHcgalgAe6X1mzHfk= github.com/nrdcg/auroradns v1.1.0/go.mod h1:O7tViUZbAcnykVnrGkXzIJTHoQCHcgalgAe6X1mzHfk=
github.com/nrdcg/bunny-go v0.0.0-20230728143221-c9dda82568d9 h1:qpB3wZR4+MPK92cTC9zZPnndkJgDgPvQqPUAgVc1NXU=
github.com/nrdcg/bunny-go v0.0.0-20230728143221-c9dda82568d9/go.mod h1:HUoHXDrFvidN1NK9Wb/mZKNOfDNutKkzF2Pg71M9hHA=
github.com/nrdcg/desec v0.7.0 h1:iuGhi4pstF3+vJWwt292Oqe2+AsSPKDynQna/eu1fDs= github.com/nrdcg/desec v0.7.0 h1:iuGhi4pstF3+vJWwt292Oqe2+AsSPKDynQna/eu1fDs=
github.com/nrdcg/desec v0.7.0/go.mod h1:e1uRqqKv1mJdd5+SQROAhmy75lKMphLzWIuASLkpeFY= github.com/nrdcg/desec v0.7.0/go.mod h1:e1uRqqKv1mJdd5+SQROAhmy75lKMphLzWIuASLkpeFY=
github.com/nrdcg/dnspod-go v0.4.0 h1:c/jn1mLZNKF3/osJ6mz3QPxTudvPArXTjpkmYj0uK6U= github.com/nrdcg/dnspod-go v0.4.0 h1:c/jn1mLZNKF3/osJ6mz3QPxTudvPArXTjpkmYj0uK6U=
github.com/nrdcg/dnspod-go v0.4.0/go.mod h1:vZSoFSFeQVm2gWLMkyX61LZ8HI3BaqtHZWgPTGKr6KQ= github.com/nrdcg/dnspod-go v0.4.0/go.mod h1:vZSoFSFeQVm2gWLMkyX61LZ8HI3BaqtHZWgPTGKr6KQ=
github.com/nrdcg/freemyip v0.2.0 h1:/GscavT4GVqAY13HExl5UyoB4wlchv6Cg5NYDGsUoJ8= github.com/nrdcg/freemyip v0.2.0 h1:/GscavT4GVqAY13HExl5UyoB4wlchv6Cg5NYDGsUoJ8=
github.com/nrdcg/freemyip v0.2.0/go.mod h1:HjF0Yz0lSb37HD2ihIyGz9esyGcxbCrrGFLPpKevbx4= github.com/nrdcg/freemyip v0.2.0/go.mod h1:HjF0Yz0lSb37HD2ihIyGz9esyGcxbCrrGFLPpKevbx4=
github.com/nrdcg/goinwx v0.8.2 h1:RmjiHlEA+lzi3toXyPSaE6hWnBQ0+G+1u7w8C6Fpp4g= github.com/nrdcg/goinwx v0.10.0 h1:6W630bjDxQD6OuXKqrFRYVpTt0G/9GXXm3CeOrN0zJM=
github.com/nrdcg/goinwx v0.8.2/go.mod h1:mnMSTi7CXBu2io4DzdOBoGFA1XclD0sEPWJaDhNgkA4= github.com/nrdcg/goinwx v0.10.0/go.mod h1:mnMSTi7CXBu2io4DzdOBoGFA1XclD0sEPWJaDhNgkA4=
github.com/nrdcg/namesilo v0.2.1 h1:kLjCjsufdW/IlC+iSfAqj0iQGgKjlbUUeDJio5Y6eMg= github.com/nrdcg/namesilo v0.2.1 h1:kLjCjsufdW/IlC+iSfAqj0iQGgKjlbUUeDJio5Y6eMg=
github.com/nrdcg/namesilo v0.2.1/go.mod h1:lwMvfQTyYq+BbjJd30ylEG4GPSS6PII0Tia4rRpRiyw= github.com/nrdcg/namesilo v0.2.1/go.mod h1:lwMvfQTyYq+BbjJd30ylEG4GPSS6PII0Tia4rRpRiyw=
github.com/nrdcg/nodion v0.1.0 h1:zLKaqTn2X0aDuBHHfyA1zFgeZfiCpmu/O9DM73okavw= github.com/nrdcg/nodion v0.1.0 h1:zLKaqTn2X0aDuBHHfyA1zFgeZfiCpmu/O9DM73okavw=
github.com/nrdcg/nodion v0.1.0/go.mod h1:inbuh3neCtIWlMPZHtEpe43TmRXxHV6+hk97iCZicms= github.com/nrdcg/nodion v0.1.0/go.mod h1:inbuh3neCtIWlMPZHtEpe43TmRXxHV6+hk97iCZicms=
github.com/nrdcg/porkbun v0.2.0 h1:ghaqPtIKcffba99epWFkK3VWf6TKJT9WMXMgaTqv95Y= github.com/nrdcg/porkbun v0.3.0 h1:jnRV7j2zd3hmh+tSDOGetJyy3+WklaMxbs7HtTTmWMs=
github.com/nrdcg/porkbun v0.2.0/go.mod h1:i0uLMn9ItFsLsSQIAeEu1wQ9/+6EvX1eQw15hulMMRw= github.com/nrdcg/porkbun v0.3.0/go.mod h1:jh1DKz96jGHW+NCdG3AmTbbnQeBlNUz1KeSgeN/cBVw=
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
@ -899,8 +895,8 @@ github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnh
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
github.com/oracle/oci-go-sdk v24.3.0+incompatible h1:x4mcfb4agelf1O4/1/auGlZ1lr97jXRSSN5MxTgG/zU= github.com/oracle/oci-go-sdk v24.3.0+incompatible h1:x4mcfb4agelf1O4/1/auGlZ1lr97jXRSSN5MxTgG/zU=
github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888=
github.com/ovh/go-ovh v1.4.1 h1:VBGa5wMyQtTP7Zb+w97zRCh9sLtM/2YKRyy+MEJmWaM= github.com/ovh/go-ovh v1.4.3 h1:Gs3V823zwTFpzgGLZNI6ILS4rmxZgJwJCz54Er9LwD0=
github.com/ovh/go-ovh v1.4.1/go.mod h1:6bL6pPyUT7tBfI0pqOegJgRjgjuO+mOo+MyXd1EEC0M= github.com/ovh/go-ovh v1.4.3/go.mod h1:AkPXVtgwB6xlKblMjRKJJmjRp+ogrE7fz2lVgcQY8SY=
github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM= github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
@ -1003,8 +999,8 @@ github.com/sacloud/iaas-api-go v1.11.1/go.mod h1:uBDSa06F/V0OnoR66jGdbH0PVnCJw+N
github.com/sacloud/packages-go v0.0.9 h1:GbinkBLC/eirFhHpLjoDW6JV7+95Rnd2d8RWj7Afeks= github.com/sacloud/packages-go v0.0.9 h1:GbinkBLC/eirFhHpLjoDW6JV7+95Rnd2d8RWj7Afeks=
github.com/sacloud/packages-go v0.0.9/go.mod h1:k+EEUMF2LlncjbNIJNOqLyZ9wjTESPIWIk1OA7x9j2Q= github.com/sacloud/packages-go v0.0.9/go.mod h1:k+EEUMF2LlncjbNIJNOqLyZ9wjTESPIWIk1OA7x9j2Q=
github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17 h1:1WuWJu7/e8SqK+uQl7lfk/N/oMZTL2NE/TJsNKRNMc4= github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22 h1:wJrcTdddKOI8TFxs8cemnhKP2EmKy3yfUKHj3ZdfzYo=
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.17/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg= github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I=
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg=
@ -1020,8 +1016,6 @@ github.com/shoenig/test v1.7.0/go.mod h1:UxJ6u/x2v/TNs/LoLxBNJRV9DiwBBKYxXSyczsB
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04 h1:ZTzdx88+AcnjqUfJwnz89UBrMSBQ1NEysg9u5d+dU9c=
github.com/simplesurance/bunny-go v0.0.0-20221115111006-e11d9dc91f04/go.mod h1:5KS21fpch8TIMyAUv/qQqTa3GZfBDYgjaZbd2KXKYfg=
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
@ -1036,8 +1030,8 @@ github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
github.com/smartystreets/gunit v1.0.4 h1:tpTjnuH7MLlqhoD21vRoMZbMIi5GmBsAJDFyF67GhZA= github.com/smartystreets/gunit v1.0.4 h1:tpTjnuH7MLlqhoD21vRoMZbMIi5GmBsAJDFyF67GhZA=
github.com/smartystreets/gunit v1.0.4/go.mod h1:EH5qMBab2UclzXUcpR8b93eHsIlp9u+pDQIRp5DZNzQ= github.com/smartystreets/gunit v1.0.4/go.mod h1:EH5qMBab2UclzXUcpR8b93eHsIlp9u+pDQIRp5DZNzQ=
github.com/softlayer/softlayer-go v1.1.2 h1:rUSSGCyaxymvTOsaFjwr+cGxA8muw3xg2LSrIMNcN/c= github.com/softlayer/softlayer-go v1.1.3 h1:dfFzt5eOKIAyB/b78fHMyDu5ICx0ZtxL9NRhBlf831A=
github.com/softlayer/softlayer-go v1.1.2/go.mod h1:hvAbzGH4LRXA6yXY8BNx99yoqZ7urfDdtl9mvBf0G+g= github.com/softlayer/softlayer-go v1.1.3/go.mod h1:Pc7F57OgUKaAam7TtpqkUeqL7QyKknfiUI4R49h41/U=
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e h1:3OgWYFw7jxCZPcvAg+4R8A50GZ+CCkARF10lxu2qDsQ= github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e h1:3OgWYFw7jxCZPcvAg+4R8A50GZ+CCkARF10lxu2qDsQ=
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e/go.mod h1:fKZCUVdirrxrBpwd9wb+lSoVixvpwAu8eHzbQB2tums= github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e/go.mod h1:fKZCUVdirrxrBpwd9wb+lSoVixvpwAu8eHzbQB2tums=
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
@ -1115,8 +1109,8 @@ github.com/traefik/paerser v0.2.0 h1:zqCLGSXoNlcBd+mzqSCLjon/I6phqIjeJL2xFB2ysgQ
github.com/traefik/paerser v0.2.0/go.mod h1:afzaVcgF8A+MpTnPG4wBr4whjanCSYA6vK5RwaYVtRc= github.com/traefik/paerser v0.2.0/go.mod h1:afzaVcgF8A+MpTnPG4wBr4whjanCSYA6vK5RwaYVtRc=
github.com/traefik/yaegi v0.15.1 h1:YA5SbaL6HZA0Exh9T/oArRHqGN2HQ+zgmCY7dkoTXu4= github.com/traefik/yaegi v0.15.1 h1:YA5SbaL6HZA0Exh9T/oArRHqGN2HQ+zgmCY7dkoTXu4=
github.com/traefik/yaegi v0.15.1/go.mod h1:AVRxhaI2G+nUsaM1zyktzwXn69G3t/AuTDrCiTds9p0= github.com/traefik/yaegi v0.15.1/go.mod h1:AVRxhaI2G+nUsaM1zyktzwXn69G3t/AuTDrCiTds9p0=
github.com/transip/gotransip/v6 v6.20.0 h1:AuvwyOZ51f2brzMbTqlRy/wmaM3kF7Vx5Wds8xcDflY= github.com/transip/gotransip/v6 v6.23.0 h1:PsTdjortrEZ8IFFifEryzjVjOy9SgK4ahlnhKBBIQgA=
github.com/transip/gotransip/v6 v6.20.0/go.mod h1:nzv9eN2tdsUrm5nG5ZX6AugYIU4qgsMwIn2c0EZLk8c= github.com/transip/gotransip/v6 v6.23.0/go.mod h1:nzv9eN2tdsUrm5nG5ZX6AugYIU4qgsMwIn2c0EZLk8c=
github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
@ -1127,8 +1121,8 @@ github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLY
github.com/ugorji/go/codec v1.2.6/go.mod h1:V6TCNZ4PHqoHGFZuSG1W8nrCzzdgA2DozYxWFFpvxTw= github.com/ugorji/go/codec v1.2.6/go.mod h1:V6TCNZ4PHqoHGFZuSG1W8nrCzzdgA2DozYxWFFpvxTw=
github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c h1:mKnW6IGLw7uXu6DL6RitufZWcXS6hCnauXRUFof7rKM= github.com/ultradns/ultradns-go-sdk v1.6.1-20231103022937-8589b6a h1:w4PK5/N9kq8PfNxBv8a5t1bqlYRrVT7XzT7iTPTtiPk=
github.com/ultradns/ultradns-go-sdk v1.5.0-20230427130837-23c9b0c/go.mod h1:F4UyVEmq4/m5lAmx+GccrxyRCXmnBjzUL09JLTQFp94= github.com/ultradns/ultradns-go-sdk v1.6.1-20231103022937-8589b6a/go.mod h1:Xwz7o+ExFtxR/i0aJDnTXuiccQJlOxDgNe6FsZC4TzQ=
github.com/unrolled/render v1.0.2 h1:dGS3EmChQP3yOi1YeFNO/Dx+MbWZhdvhQJTXochM5bs= github.com/unrolled/render v1.0.2 h1:dGS3EmChQP3yOi1YeFNO/Dx+MbWZhdvhQJTXochM5bs=
github.com/unrolled/render v1.0.2/go.mod h1:gN9T0NhL4Bfbwu8ann7Ry/TGHYfosul+J0obPf6NBdM= github.com/unrolled/render v1.0.2/go.mod h1:gN9T0NhL4Bfbwu8ann7Ry/TGHYfosul+J0obPf6NBdM=
github.com/unrolled/secure v1.0.9 h1:BWRuEb1vDrBFFDdbCnKkof3gZ35I/bnHGyt0LB0TNyQ= github.com/unrolled/secure v1.0.9 h1:BWRuEb1vDrBFFDdbCnKkof3gZ35I/bnHGyt0LB0TNyQ=
@ -1253,9 +1247,12 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y
golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@ -1286,8 +1283,9 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -1322,20 +1320,22 @@ golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy
golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -1346,8 +1346,9 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@ -1424,15 +1425,20 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
@ -1443,16 +1449,20 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@ -1487,8 +1497,9 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f
golang.org/x/tools v0.0.0-20210114065538-d78b04bdf963/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210114065538-d78b04bdf963/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc=
golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@ -1598,8 +1609,8 @@ gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/ns1/ns1-go.v2 v2.7.6 h1:mCPl7q0jbIGACXvGBljAuuApmKZo3rRi4tlRIEbMvjA= gopkg.in/ns1/ns1-go.v2 v2.7.13 h1:r07CLALg18f/L1KIK1ZJdbirBV349UtYT1rDWGjnaTk=
gopkg.in/ns1/ns1-go.v2 v2.7.6/go.mod h1:GMnKY+ZuoJ+lVLL+78uSTjwTz2jMazq6AfGKQOYhsPk= gopkg.in/ns1/ns1-go.v2 v2.7.13/go.mod h1:pfaU0vECVP7DIOr453z03HXS6dFJpXdNRwOyRzwmPSc=
gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w=

View file

@ -61,7 +61,7 @@ func (s *AccessLogSuite) TestAccessLog() {
ensureWorkingDirectoryIsClean() ensureWorkingDirectoryIsClean()
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
defer func() { defer func() {
traefikLog, err := os.ReadFile(traefikTestLogFile) traefikLog, err := os.ReadFile(traefikTestLogFile)
@ -130,7 +130,7 @@ func (s *AccessLogSuite) TestAccessLogAuthFrontend() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -194,7 +194,7 @@ func (s *AccessLogSuite) TestAccessLogDigestAuthMiddleware() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -304,7 +304,7 @@ func (s *AccessLogSuite) TestAccessLogFrontendRedirect() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -410,7 +410,7 @@ func (s *AccessLogSuite) TestAccessLogRateLimit() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -454,7 +454,7 @@ func (s *AccessLogSuite) TestAccessLogBackendNotFound() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.waitForTraefik("server1") s.waitForTraefik("server1")
@ -494,7 +494,7 @@ func (s *AccessLogSuite) TestAccessLogFrontendAllowlist() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -534,7 +534,7 @@ func (s *AccessLogSuite) TestAccessLogAuthFrontendSuccess() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -575,7 +575,7 @@ func (s *AccessLogSuite) TestAccessLogPreflightHeadersMiddleware() {
} }
// Start Traefik // Start Traefik
s.traefikCmd(withConfigFile("fixtures/access_log_config.toml")) s.traefikCmd(withConfigFile("fixtures/access_log/access_log_base.toml"))
s.checkStatsForLogFile() s.checkStatsForLogFile()
@ -603,6 +603,56 @@ func (s *AccessLogSuite) TestAccessLogPreflightHeadersMiddleware() {
s.checkNoOtherTraefikProblems() s.checkNoOtherTraefikProblems()
} }
func (s *AccessLogSuite) TestAccessLogDisabledForInternals() {
ensureWorkingDirectoryIsClean()
file := s.adaptFile("fixtures/access_log/access_log_ping.toml", struct{}{})
// Start Traefik.
s.traefikCmd(withConfigFile(file))
defer func() {
traefikLog, err := os.ReadFile(traefikTestLogFile)
require.NoError(s.T(), err)
log.Info().Msg(string(traefikLog))
}()
// waitForTraefik makes at least one call to the rawdata api endpoint,
// but the logs for this endpoint are ignored in checkAccessLogOutput.
s.waitForTraefik("customPing")
s.checkStatsForLogFile()
// Verify Traefik started OK.
s.checkTraefikStarted()
// Make some requests on the internal ping router.
req, err := http.NewRequest(http.MethodGet, "http://127.0.0.1:8080/ping", nil)
require.NoError(s.T(), err)
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
require.NoError(s.T(), err)
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
require.NoError(s.T(), err)
// Make some requests on the custom ping router.
req, err = http.NewRequest(http.MethodGet, "http://127.0.0.1:8000/ping", nil)
require.NoError(s.T(), err)
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
require.NoError(s.T(), err)
err = try.Request(req, 500*time.Millisecond, try.StatusCodeIs(http.StatusOK), try.HasBody())
require.NoError(s.T(), err)
// Verify access.log output as expected.
count := s.checkAccessLogOutput()
require.Equal(s.T(), 0, count)
// Verify no other Traefik problems.
s.checkNoOtherTraefikProblems()
}
func (s *AccessLogSuite) checkNoOtherTraefikProblems() { func (s *AccessLogSuite) checkNoOtherTraefikProblems() {
traefikLog, err := os.ReadFile(traefikTestLogFile) traefikLog, err := os.ReadFile(traefikTestLogFile)
require.NoError(s.T(), err) require.NoError(s.T(), err)
@ -612,6 +662,8 @@ func (s *AccessLogSuite) checkNoOtherTraefikProblems() {
} }
func (s *AccessLogSuite) checkAccessLogOutput() int { func (s *AccessLogSuite) checkAccessLogOutput() int {
s.T().Helper()
lines := s.extractLines() lines := s.extractLines()
count := 0 count := 0
for i, line := range lines { for i, line := range lines {
@ -624,6 +676,8 @@ func (s *AccessLogSuite) checkAccessLogOutput() int {
} }
func (s *AccessLogSuite) checkAccessLogExactValuesOutput(values []accessLogValue) int { func (s *AccessLogSuite) checkAccessLogExactValuesOutput(values []accessLogValue) int {
s.T().Helper()
lines := s.extractLines() lines := s.extractLines()
count := 0 count := 0
for i, line := range lines { for i, line := range lines {
@ -641,6 +695,8 @@ func (s *AccessLogSuite) checkAccessLogExactValuesOutput(values []accessLogValue
} }
func (s *AccessLogSuite) extractLines() []string { func (s *AccessLogSuite) extractLines() []string {
s.T().Helper()
accessLog, err := os.ReadFile(traefikTestAccessLogFile) accessLog, err := os.ReadFile(traefikTestAccessLogFile)
require.NoError(s.T(), err) require.NoError(s.T(), err)
@ -656,6 +712,8 @@ func (s *AccessLogSuite) extractLines() []string {
} }
func (s *AccessLogSuite) checkStatsForLogFile() { func (s *AccessLogSuite) checkStatsForLogFile() {
s.T().Helper()
err := try.Do(1*time.Second, func() error { err := try.Do(1*time.Second, func() error {
if _, errStat := os.Stat(traefikTestLogFile); errStat != nil { if _, errStat := os.Stat(traefikTestLogFile); errStat != nil {
return fmt.Errorf("could not get stats for log file: %w", errStat) return fmt.Errorf("could not get stats for log file: %w", errStat)
@ -671,6 +729,8 @@ func ensureWorkingDirectoryIsClean() {
} }
func (s *AccessLogSuite) checkTraefikStarted() []byte { func (s *AccessLogSuite) checkTraefikStarted() []byte {
s.T().Helper()
traefikLog, err := os.ReadFile(traefikTestLogFile) traefikLog, err := os.ReadFile(traefikTestLogFile)
require.NoError(s.T(), err) require.NoError(s.T(), err)
if len(traefikLog) > 0 { if len(traefikLog) > 0 {
@ -680,6 +740,8 @@ func (s *AccessLogSuite) checkTraefikStarted() []byte {
} }
func (s *BaseSuite) CheckAccessLogFormat(line string, i int) { func (s *BaseSuite) CheckAccessLogFormat(line string, i int) {
s.T().Helper()
results, err := accesslog.ParseAccessLog(line) results, err := accesslog.ParseAccessLog(line)
require.NoError(s.T(), err) require.NoError(s.T(), err)
assert.Len(s.T(), results, 14) assert.Len(s.T(), results, 14)
@ -692,6 +754,8 @@ func (s *BaseSuite) CheckAccessLogFormat(line string, i int) {
} }
func (s *AccessLogSuite) checkAccessLogExactValues(line string, i int, v accessLogValue) { func (s *AccessLogSuite) checkAccessLogExactValues(line string, i int, v accessLogValue) {
s.T().Helper()
results, err := accesslog.ParseAccessLog(line) results, err := accesslog.ParseAccessLog(line)
require.NoError(s.T(), err) require.NoError(s.T(), err)
assert.Len(s.T(), results, 14) assert.Len(s.T(), results, 14)

View file

@ -0,0 +1,30 @@
[global]
checkNewVersion = false
sendAnonymousUsage = false
[log]
level = "ERROR"
filePath = "traefik.log"
[accessLog]
filePath = "access.log"
[entryPoints]
[entryPoints.web]
address = ":8000"
[api]
insecure = true
[ping]
[providers]
[providers.file]
filename = "{{ .SelfFilename }}"
## dynamic configuration ##
[http.routers]
[http.routers.customPing]
entryPoints = ["web"]
rule = "PathPrefix(`/ping`)"
service = "ping@internal"

File diff suppressed because it is too large Load diff

View file

@ -19,5 +19,6 @@
insecure = true insecure = true
[metrics] [metrics]
addInternals = true
[metrics.prometheus] [metrics.prometheus]
buckets = [0.1,0.3,1.2,5.0] buckets = [0.1,0.3,1.2,5.0]

View file

@ -9,6 +9,8 @@
[api] [api]
insecure = true insecure = true
[ping]
[entryPoints] [entryPoints]
[entryPoints.web] [entryPoints.web]
address = ":8000" address = ":8000"
@ -47,6 +49,10 @@
Service = "service3" Service = "service3"
Middlewares = ["retry", "basic-auth"] Middlewares = ["retry", "basic-auth"]
Rule = "Path(`/auth`)" Rule = "Path(`/auth`)"
[http.routers.customPing]
entryPoints = ["web"]
rule = "PathPrefix(`/ping`)"
service = "ping@internal"
[http.middlewares] [http.middlewares]
[http.middlewares.retry.retry] [http.middlewares.retry.retry]

View file

@ -153,17 +153,16 @@ func (s *K8sConformanceSuite) TestK8sGatewayAPIConformance() {
RequiredConsecutiveSuccesses: 0, RequiredConsecutiveSuccesses: 0,
}, },
SupportedFeatures: sets.New[ksuite.SupportedFeature](). SupportedFeatures: sets.New[ksuite.SupportedFeature]().
Insert(ksuite.GatewayCoreFeatures.UnsortedList()...), Insert(ksuite.GatewayCoreFeatures.UnsortedList()...).
Insert(ksuite.ReferenceGrantCoreFeatures.UnsortedList()...),
EnableAllSupportedFeatures: false, EnableAllSupportedFeatures: false,
RunTest: *k8sConformanceRunTest, RunTest: *k8sConformanceRunTest,
// Until the feature are all supported, following tests are skipped. // Until the feature are all supported, following tests are skipped.
SkipTests: []string{ SkipTests: []string{
"HTTPExactPathMatching", "HTTPExactPathMatching",
"HTTPRouteHostnameIntersection", "HTTPRouteHostnameIntersection",
"GatewaySecretReferenceGrantAllInNamespace",
"HTTPRouteListenerHostnameMatching", "HTTPRouteListenerHostnameMatching",
"HTTPRouteRequestHeaderModifier", "HTTPRouteRequestHeaderModifier",
"GatewaySecretInvalidReferenceGrant",
"GatewayClassObservedGenerationBump", "GatewayClassObservedGenerationBump",
"HTTPRouteInvalidNonExistentBackendRef", "HTTPRouteInvalidNonExistentBackendRef",
"GatewayWithAttachedRoutes", "GatewayWithAttachedRoutes",
@ -171,14 +170,11 @@ func (s *K8sConformanceSuite) TestK8sGatewayAPIConformance() {
"HTTPRouteDisallowedKind", "HTTPRouteDisallowedKind",
"HTTPRouteInvalidReferenceGrant", "HTTPRouteInvalidReferenceGrant",
"HTTPRouteObservedGenerationBump", "HTTPRouteObservedGenerationBump",
"GatewayInvalidRouteKind",
"TLSRouteSimpleSameNamespace", "TLSRouteSimpleSameNamespace",
"TLSRouteInvalidReferenceGrant", "TLSRouteInvalidReferenceGrant",
"HTTPRouteInvalidCrossNamespaceParentRef", "HTTPRouteInvalidCrossNamespaceParentRef",
"HTTPRouteInvalidParentRefNotMatchingSectionName", "HTTPRouteInvalidParentRefNotMatchingSectionName",
"GatewaySecretReferenceGrantSpecific",
"GatewayModifyListeners", "GatewayModifyListeners",
"GatewaySecretMissingReferenceGrant",
"GatewayInvalidTLSConfiguration", "GatewayInvalidTLSConfiguration",
"HTTPRouteInvalidCrossNamespaceBackendRef", "HTTPRouteInvalidCrossNamespaceBackendRef",
"HTTPRouteMatchingAcrossRoutes", "HTTPRouteMatchingAcrossRoutes",

View file

@ -57,7 +57,7 @@ func (s *LogRotationSuite) TearDownSuite() {
func (s *LogRotationSuite) TestAccessLogRotation() { func (s *LogRotationSuite) TestAccessLogRotation() {
// Start Traefik // Start Traefik
cmd, _ := s.cmdTraefik(withConfigFile("fixtures/access_log_config.toml")) cmd, _ := s.cmdTraefik(withConfigFile("fixtures/access_log/access_log_base.toml"))
defer s.displayTraefikLogFile(traefikTestLogFile) defer s.displayTraefikLogFile(traefikTestLogFile)
// Verify Traefik started ok // Verify Traefik started ok

View file

@ -287,6 +287,10 @@ func (s *SimpleSuite) TestMetricsPrometheusDefaultEntryPoint() {
err = try.GetRequest("http://127.0.0.1:8080/metrics", 1*time.Second, try.BodyContains("_service_")) err = try.GetRequest("http://127.0.0.1:8080/metrics", 1*time.Second, try.BodyContains("_service_"))
require.NoError(s.T(), err) require.NoError(s.T(), err)
// No metrics for internals.
err = try.GetRequest("http://127.0.0.1:8080/metrics", 1*time.Second, try.BodyNotContains("router=\"api@internal\"", "service=\"api@internal\""))
require.NoError(s.T(), err)
} }
func (s *SimpleSuite) TestMetricsPrometheusTwoRoutersOneService() { func (s *SimpleSuite) TestMetricsPrometheusTwoRoutersOneService() {

View file

@ -302,7 +302,7 @@ func (s *TCPSuite) TestWRR() {
time.Sleep(time.Second) time.Sleep(time.Second)
} }
assert.EqualValues(s.T(), call, map[string]int{"whoami-b": 3, "whoami-ab": 1}) assert.EqualValues(s.T(), map[string]int{"whoami-b": 3, "whoami-ab": 1}, call)
} }
func welcome(addr string) (string, error) { func welcome(addr string) (string, error) {
@ -404,7 +404,6 @@ func guessWhoTLSPassthrough(addr, serverName string) (string, error) {
return fmt.Errorf("tls: no valid certificate for serverName %s", serverName) return fmt.Errorf("tls: no valid certificate for serverName %s", serverName)
}, },
}) })
if err != nil { if err != nil {
return "", err return "", err
} }

View file

@ -414,6 +414,67 @@ func (s *TracingSuite) TestOpentelemetryAuth() {
s.checkTraceContent(contains) s.checkTraceContent(contains)
} }
func (s *TracingSuite) TestNoInternals() {
file := s.adaptFile("fixtures/tracing/simple-opentelemetry.toml", TracingTemplate{
WhoamiIP: s.whoamiIP,
WhoamiPort: s.whoamiPort,
IP: s.otelCollectorIP,
IsHTTP: true,
})
s.traefikCmd(withConfigFile(file))
// wait for traefik
err := try.GetRequest("http://127.0.0.1:8080/api/rawdata", time.Second, try.BodyContains("basic-auth"))
require.NoError(s.T(), err)
err = try.GetRequest("http://127.0.0.1:8000/ratelimit", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
require.NoError(s.T(), err)
err = try.GetRequest("http://127.0.0.1:8000/ping", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
require.NoError(s.T(), err)
err = try.GetRequest("http://127.0.0.1:8080/ping", 500*time.Millisecond, try.StatusCodeIs(http.StatusOK))
require.NoError(s.T(), err)
baseURL, err := url.Parse("http://" + s.tempoIP + ":3200/api/search")
require.NoError(s.T(), err)
req := &http.Request{
Method: http.MethodGet,
URL: baseURL,
}
// Wait for traces to be available.
time.Sleep(10 * time.Second)
resp, err := try.Response(req, 5*time.Second)
require.NoError(s.T(), err)
out := &TraceResponse{}
content, err := io.ReadAll(resp.Body)
require.NoError(s.T(), err)
err = json.Unmarshal(content, &out)
require.NoError(s.T(), err)
s.NotEmptyf(len(out.Traces), "expected at least one trace")
for _, t := range out.Traces {
baseURL, err := url.Parse("http://" + s.tempoIP + ":3200/api/traces/" + t.TraceID)
require.NoError(s.T(), err)
req := &http.Request{
Method: http.MethodGet,
URL: baseURL,
}
resp, err := try.Response(req, 5*time.Second)
require.NoError(s.T(), err)
content, err := io.ReadAll(resp.Body)
require.NoError(s.T(), err)
require.NotContains(s.T(), content, "@internal")
}
}
func (s *TracingSuite) checkTraceContent(expectedJSON []map[string]string) { func (s *TracingSuite) checkTraceContent(expectedJSON []map[string]string) {
s.T().Helper() s.T().Helper()

View file

@ -96,7 +96,7 @@ func (s *UDPSuite) TestWRR() {
call["unknown"]++ call["unknown"]++
} }
} }
assert.EqualValues(s.T(), call, map[string]int{"whoami-a": 3, "whoami-b": 2, "whoami-c": 3}) assert.EqualValues(s.T(), map[string]int{"whoami-a": 3, "whoami-b": 2, "whoami-c": 3}, call)
close(stop) close(stop)
}() }()

View file

@ -76,7 +76,7 @@ func New(staticConfig static.Configuration, runtimeConfig *runtime.Configuration
// createRouter creates API routes and router. // createRouter creates API routes and router.
func (h Handler) createRouter() *mux.Router { func (h Handler) createRouter() *mux.Router {
router := mux.NewRouter() router := mux.NewRouter().UseEncodedPath()
if h.staticConfig.API.Debug { if h.staticConfig.API.Debug {
DebugHandler{}.Append(router) DebugHandler{}.Append(router)

View file

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"net/url"
"sort" "sort"
"strconv" "strconv"
@ -49,7 +50,13 @@ func (h Handler) getEntryPoints(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getEntryPoint(rw http.ResponseWriter, request *http.Request) { func (h Handler) getEntryPoint(rw http.ResponseWriter, request *http.Request) {
entryPointID := mux.Vars(request)["entryPointID"] scapedEntryPointID := mux.Vars(request)["entryPointID"]
entryPointID, err := url.PathUnescape(scapedEntryPointID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode entryPointID %q: %s", scapedEntryPointID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -64,7 +71,7 @@ func (h Handler) getEntryPoint(rw http.ResponseWriter, request *http.Request) {
Name: entryPointID, Name: entryPointID,
} }
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)

View file

@ -6,6 +6,7 @@ import (
"io" "io"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url"
"os" "os"
"strconv" "strconv"
"testing" "testing"
@ -169,6 +170,21 @@ func TestHandler_EntryPoints(t *testing.T) {
jsonFile: "testdata/entrypoint-bar.json", jsonFile: "testdata/entrypoint-bar.json",
}, },
}, },
{
desc: "one entry point by id containing slash",
path: "/api/entrypoints/" + url.PathEscape("foo / bar"),
conf: static.Configuration{
Global: &static.Global{},
API: &static.API{},
EntryPoints: map[string]*static.EntryPoint{
"foo / bar": {Address: ":81"},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/entrypoint-foo-slash-bar.json",
},
},
{ {
desc: "one entry point by id, that does not exist", desc: "one entry point by id, that does not exist",
path: "/api/entrypoints/foo", path: "/api/entrypoints/foo",

View file

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"net/url"
"strconv" "strconv"
"strings" "strings"
@ -97,7 +98,13 @@ func (h Handler) getRouters(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getRouter(rw http.ResponseWriter, request *http.Request) { func (h Handler) getRouter(rw http.ResponseWriter, request *http.Request) {
routerID := mux.Vars(request)["routerID"] scapedRouterID := mux.Vars(request)["routerID"]
routerID, err := url.PathUnescape(scapedRouterID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode routerID %q: %s", scapedRouterID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -109,7 +116,7 @@ func (h Handler) getRouter(rw http.ResponseWriter, request *http.Request) {
result := newRouterRepresentation(routerID, router) result := newRouterRepresentation(routerID, router)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)
@ -148,7 +155,13 @@ func (h Handler) getServices(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getService(rw http.ResponseWriter, request *http.Request) { func (h Handler) getService(rw http.ResponseWriter, request *http.Request) {
serviceID := mux.Vars(request)["serviceID"] scapedServiceID := mux.Vars(request)["serviceID"]
serviceID, err := url.PathUnescape(scapedServiceID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode serviceID %q: %s", scapedServiceID, err), http.StatusBadRequest)
return
}
rw.Header().Add("Content-Type", "application/json") rw.Header().Add("Content-Type", "application/json")
@ -160,7 +173,7 @@ func (h Handler) getService(rw http.ResponseWriter, request *http.Request) {
result := newServiceRepresentation(serviceID, service) result := newServiceRepresentation(serviceID, service)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)
@ -199,7 +212,13 @@ func (h Handler) getMiddlewares(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getMiddleware(rw http.ResponseWriter, request *http.Request) { func (h Handler) getMiddleware(rw http.ResponseWriter, request *http.Request) {
middlewareID := mux.Vars(request)["middlewareID"] scapedMiddlewareID := mux.Vars(request)["middlewareID"]
middlewareID, err := url.PathUnescape(scapedMiddlewareID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode middlewareID %q: %s", scapedMiddlewareID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -211,7 +230,7 @@ func (h Handler) getMiddleware(rw http.ResponseWriter, request *http.Request) {
result := newMiddlewareRepresentation(middlewareID, middleware) result := newMiddlewareRepresentation(middlewareID, middleware)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)

View file

@ -7,6 +7,7 @@ import (
"io" "io"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url"
"os" "os"
"strconv" "strconv"
"testing" "testing"
@ -301,6 +302,27 @@ func TestHandler_HTTP(t *testing.T) {
jsonFile: "testdata/router-bar.json", jsonFile: "testdata/router-bar.json",
}, },
}, },
{
desc: "one router by id containing slash",
path: "/api/http/routers/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
Routers: map[string]*runtime.RouterInfo{
"foo / bar@myprovider": {
Router: &dynamic.Router{
EntryPoints: []string{"web"},
Service: "foo-service@myprovider",
Rule: "Host(`foo.bar`)",
Middlewares: []string{"auth", "addPrefixTest@anotherprovider"},
},
Status: "enabled",
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/router-foo-slash-bar.json",
},
},
{ {
desc: "one router by id, implicitly using default TLS options", desc: "one router by id, implicitly using default TLS options",
path: "/api/http/routers/baz@myprovider", path: "/api/http/routers/baz@myprovider",
@ -661,6 +683,35 @@ func TestHandler_HTTP(t *testing.T) {
jsonFile: "testdata/service-bar.json", jsonFile: "testdata/service-bar.json",
}, },
}, },
{
desc: "one service by id containing slash",
path: "/api/http/services/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
Services: map[string]*runtime.ServiceInfo{
"foo / bar@myprovider": func() *runtime.ServiceInfo {
si := &runtime.ServiceInfo{
Service: &dynamic.Service{
LoadBalancer: &dynamic.ServersLoadBalancer{
PassHostHeader: Bool(true),
Servers: []dynamic.Server{
{
URL: "http://127.0.0.1",
},
},
},
},
UsedBy: []string{"foo@myprovider", "test@myprovider"},
}
si.UpdateServerStatus("http://127.0.0.1", "UP")
return si
}(),
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/service-foo-slash-bar.json",
},
},
{ {
desc: "one service by id, that does not exist", desc: "one service by id, that does not exist",
path: "/api/http/services/nono@myprovider", path: "/api/http/services/nono@myprovider",
@ -897,6 +948,26 @@ func TestHandler_HTTP(t *testing.T) {
jsonFile: "testdata/middleware-auth.json", jsonFile: "testdata/middleware-auth.json",
}, },
}, },
{
desc: "one middleware by id containing slash",
path: "/api/http/middlewares/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
Middlewares: map[string]*runtime.MiddlewareInfo{
"foo / bar@myprovider": {
Middleware: &dynamic.Middleware{
AddPrefix: &dynamic.AddPrefix{
Prefix: "/titi",
},
},
UsedBy: []string{"test@myprovider"},
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/middleware-foo-slash-bar.json",
},
},
{ {
desc: "one middleware by id, that does not exist", desc: "one middleware by id, that does not exist",
path: "/api/http/middlewares/foo@myprovider", path: "/api/http/middlewares/foo@myprovider",

View file

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"net/url"
"strconv" "strconv"
"strings" "strings"
@ -90,7 +91,13 @@ func (h Handler) getTCPRouters(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getTCPRouter(rw http.ResponseWriter, request *http.Request) { func (h Handler) getTCPRouter(rw http.ResponseWriter, request *http.Request) {
routerID := mux.Vars(request)["routerID"] scapedRouterID := mux.Vars(request)["routerID"]
routerID, err := url.PathUnescape(scapedRouterID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode routerID %q: %s", scapedRouterID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -102,7 +109,7 @@ func (h Handler) getTCPRouter(rw http.ResponseWriter, request *http.Request) {
result := newTCPRouterRepresentation(routerID, router) result := newTCPRouterRepresentation(routerID, router)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)
@ -141,7 +148,13 @@ func (h Handler) getTCPServices(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getTCPService(rw http.ResponseWriter, request *http.Request) { func (h Handler) getTCPService(rw http.ResponseWriter, request *http.Request) {
serviceID := mux.Vars(request)["serviceID"] scapedServiceID := mux.Vars(request)["serviceID"]
serviceID, err := url.PathUnescape(scapedServiceID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode serviceID %q: %s", scapedServiceID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -153,7 +166,7 @@ func (h Handler) getTCPService(rw http.ResponseWriter, request *http.Request) {
result := newTCPServiceRepresentation(serviceID, service) result := newTCPServiceRepresentation(serviceID, service)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)
@ -192,7 +205,13 @@ func (h Handler) getTCPMiddlewares(rw http.ResponseWriter, request *http.Request
} }
func (h Handler) getTCPMiddleware(rw http.ResponseWriter, request *http.Request) { func (h Handler) getTCPMiddleware(rw http.ResponseWriter, request *http.Request) {
middlewareID := mux.Vars(request)["middlewareID"] scapedMiddlewareID := mux.Vars(request)["middlewareID"]
middlewareID, err := url.PathUnescape(scapedMiddlewareID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode middlewareID %q: %s", scapedMiddlewareID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -204,7 +223,7 @@ func (h Handler) getTCPMiddleware(rw http.ResponseWriter, request *http.Request)
result := newTCPMiddlewareRepresentation(middlewareID, middleware) result := newTCPMiddlewareRepresentation(middlewareID, middleware)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)

View file

@ -6,6 +6,7 @@ import (
"io" "io"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url"
"os" "os"
"testing" "testing"
@ -295,6 +296,25 @@ func TestHandler_TCP(t *testing.T) {
jsonFile: "testdata/tcprouter-bar.json", jsonFile: "testdata/tcprouter-bar.json",
}, },
}, },
{
desc: "one TCP router by id containing slash",
path: "/api/tcp/routers/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
TCPRouters: map[string]*runtime.TCPRouterInfo{
"foo / bar@myprovider": {
TCPRouter: &dynamic.TCPRouter{
EntryPoints: []string{"web"},
Service: "foo-service@myprovider",
Rule: "Host(`foo.bar`)",
},
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/tcprouter-foo-slash-bar.json",
},
},
{ {
desc: "one TCP router by id, that does not exist", desc: "one TCP router by id, that does not exist",
path: "/api/tcp/routers/foo@myprovider", path: "/api/tcp/routers/foo@myprovider",
@ -559,6 +579,30 @@ func TestHandler_TCP(t *testing.T) {
jsonFile: "testdata/tcpservice-bar.json", jsonFile: "testdata/tcpservice-bar.json",
}, },
}, },
{
desc: "one tcp service by id containing slash",
path: "/api/tcp/services/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
TCPServices: map[string]*runtime.TCPServiceInfo{
"foo / bar@myprovider": {
TCPService: &dynamic.TCPService{
LoadBalancer: &dynamic.TCPServersLoadBalancer{
Servers: []dynamic.TCPServer{
{
Address: "127.0.0.1:2345",
},
},
},
},
UsedBy: []string{"foo@myprovider", "test@myprovider"},
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/tcpservice-foo-slash-bar.json",
},
},
{ {
desc: "one tcp service by id, that does not exist", desc: "one tcp service by id, that does not exist",
path: "/api/tcp/services/nono@myprovider", path: "/api/tcp/services/nono@myprovider",
@ -780,6 +824,26 @@ func TestHandler_TCP(t *testing.T) {
jsonFile: "testdata/tcpmiddleware-ipallowlist.json", jsonFile: "testdata/tcpmiddleware-ipallowlist.json",
}, },
}, },
{
desc: "one middleware by id containing slash",
path: "/api/tcp/middlewares/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
TCPMiddlewares: map[string]*runtime.TCPMiddlewareInfo{
"foo / bar@myprovider": {
TCPMiddleware: &dynamic.TCPMiddleware{
IPWhiteList: &dynamic.TCPIPWhiteList{
SourceRange: []string{"127.0.0.1/32"},
},
},
UsedBy: []string{"bar@myprovider", "test@myprovider"},
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/tcpmiddleware-foo-slash-bar.json",
},
},
{ {
desc: "one middleware by id, that does not exist", desc: "one middleware by id, that does not exist",
path: "/api/tcp/middlewares/foo@myprovider", path: "/api/tcp/middlewares/foo@myprovider",

View file

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"net/url"
"strconv" "strconv"
"strings" "strings"
@ -74,7 +75,13 @@ func (h Handler) getUDPRouters(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getUDPRouter(rw http.ResponseWriter, request *http.Request) { func (h Handler) getUDPRouter(rw http.ResponseWriter, request *http.Request) {
routerID := mux.Vars(request)["routerID"] scapedRouterID := mux.Vars(request)["routerID"]
routerID, err := url.PathUnescape(scapedRouterID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode routerID %q: %s", scapedRouterID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -86,7 +93,7 @@ func (h Handler) getUDPRouter(rw http.ResponseWriter, request *http.Request) {
result := newUDPRouterRepresentation(routerID, router) result := newUDPRouterRepresentation(routerID, router)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)
@ -125,7 +132,13 @@ func (h Handler) getUDPServices(rw http.ResponseWriter, request *http.Request) {
} }
func (h Handler) getUDPService(rw http.ResponseWriter, request *http.Request) { func (h Handler) getUDPService(rw http.ResponseWriter, request *http.Request) {
serviceID := mux.Vars(request)["serviceID"] scapedServiceID := mux.Vars(request)["serviceID"]
serviceID, err := url.PathUnescape(scapedServiceID)
if err != nil {
writeError(rw, fmt.Sprintf("unable to decode serviceID %q: %s", scapedServiceID, err), http.StatusBadRequest)
return
}
rw.Header().Set("Content-Type", "application/json") rw.Header().Set("Content-Type", "application/json")
@ -137,7 +150,7 @@ func (h Handler) getUDPService(rw http.ResponseWriter, request *http.Request) {
result := newUDPServiceRepresentation(serviceID, service) result := newUDPServiceRepresentation(serviceID, service)
err := json.NewEncoder(rw).Encode(result) err = json.NewEncoder(rw).Encode(result)
if err != nil { if err != nil {
log.Ctx(request.Context()).Error().Err(err).Send() log.Ctx(request.Context()).Error().Err(err).Send()
writeError(rw, err.Error(), http.StatusInternalServerError) writeError(rw, err.Error(), http.StatusInternalServerError)

View file

@ -6,6 +6,7 @@ import (
"io" "io"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url"
"os" "os"
"testing" "testing"
@ -224,6 +225,24 @@ func TestHandler_UDP(t *testing.T) {
jsonFile: "testdata/udprouter-bar.json", jsonFile: "testdata/udprouter-bar.json",
}, },
}, },
{
desc: "one UDP router by id containing slash",
path: "/api/udp/routers/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
UDPRouters: map[string]*runtime.UDPRouterInfo{
"foo / bar@myprovider": {
UDPRouter: &dynamic.UDPRouter{
EntryPoints: []string{"web"},
Service: "foo-service@myprovider",
},
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/udprouter-foo-slash-bar.json",
},
},
{ {
desc: "one UDP router by id, that does not exist", desc: "one UDP router by id, that does not exist",
path: "/api/udp/routers/foo@myprovider", path: "/api/udp/routers/foo@myprovider",
@ -487,6 +506,30 @@ func TestHandler_UDP(t *testing.T) {
jsonFile: "testdata/udpservice-bar.json", jsonFile: "testdata/udpservice-bar.json",
}, },
}, },
{
desc: "one udp service by id containing slash",
path: "/api/udp/services/" + url.PathEscape("foo / bar@myprovider"),
conf: runtime.Configuration{
UDPServices: map[string]*runtime.UDPServiceInfo{
"foo / bar@myprovider": {
UDPService: &dynamic.UDPService{
LoadBalancer: &dynamic.UDPServersLoadBalancer{
Servers: []dynamic.UDPServer{
{
Address: "127.0.0.1:2345",
},
},
},
},
UsedBy: []string{"foo@myprovider", "test@myprovider"},
},
},
},
expected: expected{
statusCode: http.StatusOK,
jsonFile: "testdata/udpservice-foo-slash-bar.json",
},
},
{ {
desc: "one udp service by id, that does not exist", desc: "one udp service by id, that does not exist",
path: "/api/udp/services/nono@myprovider", path: "/api/udp/services/nono@myprovider",

View file

@ -0,0 +1,5 @@
{
"address": ":81",
"http": {},
"name": "foo / bar"
}

View file

@ -0,0 +1,12 @@
{
"addPrefix": {
"prefix": "/titi"
},
"name": "foo / bar@myprovider",
"provider": "myprovider",
"status": "enabled",
"type": "addprefix",
"usedBy": [
"test@myprovider"
]
}

View file

@ -0,0 +1,17 @@
{
"entryPoints": [
"web"
],
"middlewares": [
"auth",
"addPrefixTest@anotherprovider"
],
"name": "foo / bar@myprovider",
"provider": "myprovider",
"rule": "Host(`foo.bar`)",
"service": "foo-service@myprovider",
"status": "enabled",
"using": [
"web"
]
}

View file

@ -0,0 +1,21 @@
{
"loadBalancer": {
"passHostHeader": true,
"servers": [
{
"url": "http://127.0.0.1"
}
]
},
"name": "foo / bar@myprovider",
"provider": "myprovider",
"serverStatus": {
"http://127.0.0.1": "UP"
},
"status": "enabled",
"type": "loadbalancer",
"usedBy": [
"foo@myprovider",
"test@myprovider"
]
}

View file

@ -0,0 +1,13 @@
{
"ipWhiteList": {
"sourceRange": ["127.0.0.1/32"]
},
"name": "foo / bar@myprovider",
"provider": "myprovider",
"status": "enabled",
"type": "ipwhitelist",
"usedBy": [
"bar@myprovider",
"test@myprovider"
]
}

View file

@ -0,0 +1,13 @@
{
"entryPoints": [
"web"
],
"name": "foo / bar@myprovider",
"provider": "myprovider",
"rule": "Host(`foo.bar`)",
"service": "foo-service@myprovider",
"status": "enabled",
"using": [
"web"
]
}

View file

@ -0,0 +1,17 @@
{
"loadBalancer": {
"servers": [
{
"address": "127.0.0.1:2345"
}
]
},
"name": "foo / bar@myprovider",
"provider": "myprovider",
"status": "enabled",
"type": "loadbalancer",
"usedBy": [
"foo@myprovider",
"test@myprovider"
]
}

View file

@ -0,0 +1,12 @@
{
"entryPoints": [
"web"
],
"name": "foo / bar@myprovider",
"provider": "myprovider",
"service": "foo-service@myprovider",
"status": "enabled",
"using": [
"web"
]
}

View file

@ -0,0 +1,17 @@
{
"loadBalancer": {
"servers": [
{
"address": "127.0.0.1:2345"
}
]
},
"name": "foo / bar@myprovider",
"provider": "myprovider",
"status": "enabled",
"type": "loadbalancer",
"usedBy": [
"foo@myprovider",
"test@myprovider"
]
}

View file

@ -20,8 +20,6 @@ import (
const collectorURL = "https://collect.traefik.io/yYaUej3P42cziRVzv6T5w2aYy9po2Mrn" const collectorURL = "https://collect.traefik.io/yYaUej3P42cziRVzv6T5w2aYy9po2Mrn"
// Collected data. // Collected data.
//
//nolint:musttag // cannot be changed for historical reasons.
type data struct { type data struct {
Version string Version string
Codename string Codename string
@ -67,7 +65,7 @@ func createBody(staticConfiguration *static.Configuration) (*bytes.Buffer, error
} }
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
err = json.NewEncoder(buf).Encode(data) err = json.NewEncoder(buf).Encode(data) //nolint:musttag // cannot be changed for historical reasons.
if err != nil { if err != nil {
return nil, err return nil, err
} }

View file

@ -1,11 +1,11 @@
package dynamic package dynamic
import ( import (
"net/http"
"time" "time"
ptypes "github.com/traefik/paerser/types" ptypes "github.com/traefik/paerser/types"
"github.com/traefik/traefik/v3/pkg/ip" "github.com/traefik/traefik/v3/pkg/ip"
"github.com/traefik/traefik/v3/pkg/types"
) )
// +k8s:deepcopy-gen=true // +k8s:deepcopy-gen=true
@ -54,9 +54,13 @@ type GrpcWeb struct {
// +k8s:deepcopy-gen=true // +k8s:deepcopy-gen=true
// ContentType holds the content-type middleware configuration. // ContentType holds the content-type middleware configuration.
// This middleware sets the `Content-Type` header value to the media type detected from the response content, // This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
// when it is not set by the backend. type ContentType struct {
type ContentType struct{} // AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
// be automatically set to a value derived from the contents of the response.
// Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.
AutoDetect *bool `json:"autoDetect,omitempty" toml:"autoDetect,omitempty" yaml:"autoDetect,omitempty" export:"true"`
}
// +k8s:deepcopy-gen=true // +k8s:deepcopy-gen=true
@ -141,6 +145,8 @@ type CircuitBreaker struct {
FallbackDuration ptypes.Duration `json:"fallbackDuration,omitempty" toml:"fallbackDuration,omitempty" yaml:"fallbackDuration,omitempty" export:"true"` FallbackDuration ptypes.Duration `json:"fallbackDuration,omitempty" toml:"fallbackDuration,omitempty" yaml:"fallbackDuration,omitempty" export:"true"`
// RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state). // RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
RecoveryDuration ptypes.Duration `json:"recoveryDuration,omitempty" toml:"recoveryDuration,omitempty" yaml:"recoveryDuration,omitempty" export:"true"` RecoveryDuration ptypes.Duration `json:"recoveryDuration,omitempty" toml:"recoveryDuration,omitempty" yaml:"recoveryDuration,omitempty" export:"true"`
// ResponseCode is the status code that the circuit breaker will return while it is in the open state.
ResponseCode int `json:"responseCode,omitempty" toml:"responseCode,omitempty" yaml:"responseCode,omitempty" export:"true"`
} }
// SetDefaults sets the default values on a RateLimit. // SetDefaults sets the default values on a RateLimit.
@ -148,6 +154,7 @@ func (c *CircuitBreaker) SetDefaults() {
c.CheckPeriod = ptypes.Duration(100 * time.Millisecond) c.CheckPeriod = ptypes.Duration(100 * time.Millisecond)
c.FallbackDuration = ptypes.Duration(10 * time.Second) c.FallbackDuration = ptypes.Duration(10 * time.Second)
c.RecoveryDuration = ptypes.Duration(10 * time.Second) c.RecoveryDuration = ptypes.Duration(10 * time.Second)
c.ResponseCode = http.StatusServiceUnavailable
} }
// +k8s:deepcopy-gen=true // +k8s:deepcopy-gen=true
@ -214,7 +221,7 @@ type ForwardAuth struct {
// Address defines the authentication server address. // Address defines the authentication server address.
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"` Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
// TLS defines the configuration used to secure the connection to the authentication server. // TLS defines the configuration used to secure the connection to the authentication server.
TLS *types.ClientTLS `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"` TLS *ClientTLS `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
// TrustForwardHeader defines whether to trust (ie: forward) all X-Forwarded-* headers. // TrustForwardHeader defines whether to trust (ie: forward) all X-Forwarded-* headers.
TrustForwardHeader bool `json:"trustForwardHeader,omitempty" toml:"trustForwardHeader,omitempty" yaml:"trustForwardHeader,omitempty" export:"true"` TrustForwardHeader bool `json:"trustForwardHeader,omitempty" toml:"trustForwardHeader,omitempty" yaml:"trustForwardHeader,omitempty" export:"true"`
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers. // AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
@ -231,6 +238,20 @@ type ForwardAuth struct {
// +k8s:deepcopy-gen=true // +k8s:deepcopy-gen=true
// ClientTLS holds TLS specific configurations as client
// CA, Cert and Key can be either path or file contents.
// TODO: remove this struct when CAOptional option will be removed.
type ClientTLS struct {
CA string `description:"TLS CA" json:"ca,omitempty" toml:"ca,omitempty" yaml:"ca,omitempty"`
Cert string `description:"TLS cert" json:"cert,omitempty" toml:"cert,omitempty" yaml:"cert,omitempty"`
Key string `description:"TLS key" json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty" loggable:"false"`
InsecureSkipVerify bool `description:"TLS insecure skip verify" json:"insecureSkipVerify,omitempty" toml:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty" export:"true"`
// Deprecated: TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).
CAOptional *bool `description:"TLS CA.Optional" json:"caOptional,omitempty" toml:"caOptional,omitempty" yaml:"caOptional,omitempty" export:"true"`
}
// +k8s:deepcopy-gen=true
// Headers holds the headers middleware configuration. // Headers holds the headers middleware configuration.
// This middleware manages the requests and responses headers. // This middleware manages the requests and responses headers.
// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders // More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/headers/#customrequestheaders
@ -299,6 +320,17 @@ type Headers struct {
// If you would like your development environment to mimic production with complete Host blocking, SSL redirects, // If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
// and STS headers, leave this as false. // and STS headers, leave this as false.
IsDevelopment bool `json:"isDevelopment,omitempty" toml:"isDevelopment,omitempty" yaml:"isDevelopment,omitempty" export:"true"` IsDevelopment bool `json:"isDevelopment,omitempty" toml:"isDevelopment,omitempty" yaml:"isDevelopment,omitempty" export:"true"`
// Deprecated: FeaturePolicy option is deprecated, please use PermissionsPolicy instead.
FeaturePolicy *string `json:"featurePolicy,omitempty" toml:"featurePolicy,omitempty" yaml:"featurePolicy,omitempty" export:"true"`
// Deprecated: SSLRedirect option is deprecated, please use EntryPoint redirection or RedirectScheme instead.
SSLRedirect *bool `json:"sslRedirect,omitempty" toml:"sslRedirect,omitempty" yaml:"sslRedirect,omitempty" export:"true"`
// Deprecated: SSLTemporaryRedirect option is deprecated, please use EntryPoint redirection or RedirectScheme instead.
SSLTemporaryRedirect *bool `json:"sslTemporaryRedirect,omitempty" toml:"sslTemporaryRedirect,omitempty" yaml:"sslTemporaryRedirect,omitempty" export:"true"`
// Deprecated: SSLHost option is deprecated, please use RedirectRegex instead.
SSLHost *string `json:"sslHost,omitempty" toml:"sslHost,omitempty" yaml:"sslHost,omitempty"`
// Deprecated: SSLForceHost option is deprecated, please use RedirectRegex instead.
SSLForceHost *bool `json:"sslForceHost,omitempty" toml:"sslForceHost,omitempty" yaml:"sslForceHost,omitempty" export:"true"`
} }
// HasCustomHeadersDefined checks to see if any of the custom header elements have been set. // HasCustomHeadersDefined checks to see if any of the custom header elements have been set.
@ -323,6 +355,10 @@ func (h *Headers) HasCorsHeadersDefined() bool {
func (h *Headers) HasSecureHeadersDefined() bool { func (h *Headers) HasSecureHeadersDefined() bool {
return h != nil && (len(h.AllowedHosts) != 0 || return h != nil && (len(h.AllowedHosts) != 0 ||
len(h.HostsProxyHeaders) != 0 || len(h.HostsProxyHeaders) != 0 ||
(h.SSLRedirect != nil && *h.SSLRedirect) ||
(h.SSLTemporaryRedirect != nil && *h.SSLTemporaryRedirect) ||
(h.SSLForceHost != nil && *h.SSLForceHost) ||
(h.SSLHost != nil && *h.SSLHost != "") ||
len(h.SSLProxyHeaders) != 0 || len(h.SSLProxyHeaders) != 0 ||
h.STSSeconds != 0 || h.STSSeconds != 0 ||
h.STSIncludeSubdomains || h.STSIncludeSubdomains ||
@ -336,6 +372,7 @@ func (h *Headers) HasSecureHeadersDefined() bool {
h.ContentSecurityPolicy != "" || h.ContentSecurityPolicy != "" ||
h.PublicKey != "" || h.PublicKey != "" ||
h.ReferrerPolicy != "" || h.ReferrerPolicy != "" ||
(h.FeaturePolicy != nil && *h.FeaturePolicy != "") ||
h.PermissionsPolicy != "" || h.PermissionsPolicy != "" ||
h.IsDevelopment) h.IsDevelopment)
} }
@ -553,6 +590,11 @@ type Retry struct {
type StripPrefix struct { type StripPrefix struct {
// Prefixes defines the prefixes to strip from the request URL. // Prefixes defines the prefixes to strip from the request URL.
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"` Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
// Deprecated: ForceSlash option is deprecated, please remove any usage of this option.
// ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
// Default: true.
ForceSlash *bool `json:"forceSlash,omitempty" toml:"forceSlash,omitempty" yaml:"forceSlash,omitempty" export:"true"`
} }
// +k8s:deepcopy-gen=true // +k8s:deepcopy-gen=true

View file

@ -86,6 +86,14 @@ type TCPServersLoadBalancer struct {
ProxyProtocol *ProxyProtocol `json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"` ProxyProtocol *ProxyProtocol `json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" kv:"allowEmpty" export:"true"`
Servers []TCPServer `json:"servers,omitempty" toml:"servers,omitempty" yaml:"servers,omitempty" label-slice-as-struct:"server" export:"true"` Servers []TCPServer `json:"servers,omitempty" toml:"servers,omitempty" yaml:"servers,omitempty" label-slice-as-struct:"server" export:"true"`
ServersTransport string `json:"serversTransport,omitempty" toml:"serversTransport,omitempty" yaml:"serversTransport,omitempty" export:"true"` ServersTransport string `json:"serversTransport,omitempty" toml:"serversTransport,omitempty" yaml:"serversTransport,omitempty" export:"true"`
// TerminationDelay, corresponds to the deadline that the proxy sets, after one
// of its connected peers indicates it has closed the writing capability of its
// connection, to close the reading capability as well, hence fully terminating the
// connection. It is a duration in milliseconds, defaulting to 100. A negative value
// means an infinite deadline (i.e. the reading capability is never closed).
// Deprecated: use ServersTransport to configure the TerminationDelay instead.
TerminationDelay *int `json:"terminationDelay,omitempty" toml:"terminationDelay,omitempty" yaml:"terminationDelay,omitempty" export:"true"`
} }
// Mergeable tells if the given service is mergeable. // Mergeable tells if the given service is mergeable.

View file

@ -124,6 +124,27 @@ func (in *CircuitBreaker) DeepCopy() *CircuitBreaker {
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClientTLS) DeepCopyInto(out *ClientTLS) {
*out = *in
if in.CAOptional != nil {
in, out := &in.CAOptional, &out.CAOptional
*out = new(bool)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientTLS.
func (in *ClientTLS) DeepCopy() *ClientTLS {
if in == nil {
return nil
}
out := new(ClientTLS)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Compress) DeepCopyInto(out *Compress) { func (in *Compress) DeepCopyInto(out *Compress) {
*out = *in *out = *in
@ -219,6 +240,11 @@ func (in Configurations) DeepCopy() Configurations {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ContentType) DeepCopyInto(out *ContentType) { func (in *ContentType) DeepCopyInto(out *ContentType) {
*out = *in *out = *in
if in.AutoDetect != nil {
in, out := &in.AutoDetect, &out.AutoDetect
*out = new(bool)
**out = **in
}
return return
} }
@ -316,8 +342,8 @@ func (in *ForwardAuth) DeepCopyInto(out *ForwardAuth) {
*out = *in *out = *in
if in.TLS != nil { if in.TLS != nil {
in, out := &in.TLS, &out.TLS in, out := &in.TLS, &out.TLS
*out = new(types.ClientTLS) *out = new(ClientTLS)
**out = **in (*in).DeepCopyInto(*out)
} }
if in.AuthResponseHeaders != nil { if in.AuthResponseHeaders != nil {
in, out := &in.AuthResponseHeaders, &out.AuthResponseHeaders in, out := &in.AuthResponseHeaders, &out.AuthResponseHeaders
@ -534,6 +560,31 @@ func (in *Headers) DeepCopyInto(out *Headers) {
(*out)[key] = val (*out)[key] = val
} }
} }
if in.FeaturePolicy != nil {
in, out := &in.FeaturePolicy, &out.FeaturePolicy
*out = new(string)
**out = **in
}
if in.SSLRedirect != nil {
in, out := &in.SSLRedirect, &out.SSLRedirect
*out = new(bool)
**out = **in
}
if in.SSLTemporaryRedirect != nil {
in, out := &in.SSLTemporaryRedirect, &out.SSLTemporaryRedirect
*out = new(bool)
**out = **in
}
if in.SSLHost != nil {
in, out := &in.SSLHost, &out.SSLHost
*out = new(string)
**out = **in
}
if in.SSLForceHost != nil {
in, out := &in.SSLForceHost, &out.SSLForceHost
*out = new(bool)
**out = **in
}
return return
} }
@ -794,7 +845,7 @@ func (in *Middleware) DeepCopyInto(out *Middleware) {
if in.ContentType != nil { if in.ContentType != nil {
in, out := &in.ContentType, &out.ContentType in, out := &in.ContentType, &out.ContentType
*out = new(ContentType) *out = new(ContentType)
**out = **in (*in).DeepCopyInto(*out)
} }
if in.GrpcWeb != nil { if in.GrpcWeb != nil {
in, out := &in.GrpcWeb, &out.GrpcWeb in, out := &in.GrpcWeb, &out.GrpcWeb
@ -1362,6 +1413,11 @@ func (in *StripPrefix) DeepCopyInto(out *StripPrefix) {
*out = make([]string, len(*in)) *out = make([]string, len(*in))
copy(*out, *in) copy(*out, *in)
} }
if in.ForceSlash != nil {
in, out := &in.ForceSlash, &out.ForceSlash
*out = new(bool)
**out = **in
}
return return
} }
@ -1652,6 +1708,11 @@ func (in *TCPServersLoadBalancer) DeepCopyInto(out *TCPServersLoadBalancer) {
*out = make([]TCPServer, len(*in)) *out = make([]TCPServer, len(*in))
copy(*out, *in) copy(*out, *in)
} }
if in.TerminationDelay != nil {
in, out := &in.TerminationDelay, &out.TerminationDelay
*out = new(int)
**out = **in
}
return return
} }

View file

@ -9,9 +9,11 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
ptypes "github.com/traefik/paerser/types" ptypes "github.com/traefik/paerser/types"
"github.com/traefik/traefik/v3/pkg/config/dynamic" "github.com/traefik/traefik/v3/pkg/config/dynamic"
"github.com/traefik/traefik/v3/pkg/types"
) )
func Bool(v bool) *bool { return &v }
func String(v string) *string { return &v }
func TestDecodeConfiguration(t *testing.T) { func TestDecodeConfiguration(t *testing.T) {
labels := map[string]string{ labels := map[string]string{
"traefik.http.middlewares.Middleware0.addprefix.prefix": "foobar", "traefik.http.middlewares.Middleware0.addprefix.prefix": "foobar",
@ -30,6 +32,7 @@ func TestDecodeConfiguration(t *testing.T) {
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.checkperiod": "1s", "traefik.HTTP.Middlewares.Middleware4.circuitbreaker.checkperiod": "1s",
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.fallbackduration": "1s", "traefik.HTTP.Middlewares.Middleware4.circuitbreaker.fallbackduration": "1s",
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.recoveryduration": "1s", "traefik.HTTP.Middlewares.Middleware4.circuitbreaker.recoveryduration": "1s",
"traefik.HTTP.Middlewares.Middleware4.circuitbreaker.responsecode": "403",
"traefik.http.middlewares.Middleware5.digestauth.headerfield": "foobar", "traefik.http.middlewares.Middleware5.digestauth.headerfield": "foobar",
"traefik.http.middlewares.Middleware5.digestauth.realm": "foobar", "traefik.http.middlewares.Middleware5.digestauth.realm": "foobar",
"traefik.http.middlewares.Middleware5.digestauth.removeheader": "true", "traefik.http.middlewares.Middleware5.digestauth.removeheader": "true",
@ -42,6 +45,7 @@ func TestDecodeConfiguration(t *testing.T) {
"traefik.http.middlewares.Middleware7.forwardauth.authresponseheaders": "foobar, fiibar", "traefik.http.middlewares.Middleware7.forwardauth.authresponseheaders": "foobar, fiibar",
"traefik.http.middlewares.Middleware7.forwardauth.authrequestheaders": "foobar, fiibar", "traefik.http.middlewares.Middleware7.forwardauth.authrequestheaders": "foobar, fiibar",
"traefik.http.middlewares.Middleware7.forwardauth.tls.ca": "foobar", "traefik.http.middlewares.Middleware7.forwardauth.tls.ca": "foobar",
"traefik.http.middlewares.Middleware7.forwardauth.tls.caoptional": "true",
"traefik.http.middlewares.Middleware7.forwardauth.tls.cert": "foobar", "traefik.http.middlewares.Middleware7.forwardauth.tls.cert": "foobar",
"traefik.http.middlewares.Middleware7.forwardauth.tls.insecureskipverify": "true", "traefik.http.middlewares.Middleware7.forwardauth.tls.insecureskipverify": "true",
"traefik.http.middlewares.Middleware7.forwardauth.tls.key": "foobar", "traefik.http.middlewares.Middleware7.forwardauth.tls.key": "foobar",
@ -70,9 +74,14 @@ func TestDecodeConfiguration(t *testing.T) {
"traefik.http.middlewares.Middleware8.headers.isdevelopment": "true", "traefik.http.middlewares.Middleware8.headers.isdevelopment": "true",
"traefik.http.middlewares.Middleware8.headers.publickey": "foobar", "traefik.http.middlewares.Middleware8.headers.publickey": "foobar",
"traefik.http.middlewares.Middleware8.headers.referrerpolicy": "foobar", "traefik.http.middlewares.Middleware8.headers.referrerpolicy": "foobar",
"traefik.http.middlewares.Middleware8.headers.featurepolicy": "foobar",
"traefik.http.middlewares.Middleware8.headers.permissionspolicy": "foobar", "traefik.http.middlewares.Middleware8.headers.permissionspolicy": "foobar",
"traefik.http.middlewares.Middleware8.headers.sslforcehost": "true",
"traefik.http.middlewares.Middleware8.headers.sslhost": "foobar",
"traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name0": "foobar", "traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name0": "foobar",
"traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name1": "foobar", "traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name1": "foobar",
"traefik.http.middlewares.Middleware8.headers.sslredirect": "true",
"traefik.http.middlewares.Middleware8.headers.ssltemporaryredirect": "true",
"traefik.http.middlewares.Middleware8.headers.stsincludesubdomains": "true", "traefik.http.middlewares.Middleware8.headers.stsincludesubdomains": "true",
"traefik.http.middlewares.Middleware8.headers.stspreload": "true", "traefik.http.middlewares.Middleware8.headers.stspreload": "true",
"traefik.http.middlewares.Middleware8.headers.stsseconds": "42", "traefik.http.middlewares.Middleware8.headers.stsseconds": "42",
@ -123,6 +132,7 @@ func TestDecodeConfiguration(t *testing.T) {
"traefik.http.middlewares.Middleware16.retry.attempts": "42", "traefik.http.middlewares.Middleware16.retry.attempts": "42",
"traefik.http.middlewares.Middleware16.retry.initialinterval": "1s", "traefik.http.middlewares.Middleware16.retry.initialinterval": "1s",
"traefik.http.middlewares.Middleware17.stripprefix.prefixes": "foobar, fiibar", "traefik.http.middlewares.Middleware17.stripprefix.prefixes": "foobar, fiibar",
"traefik.http.middlewares.Middleware17.stripprefix.forceslash": "true",
"traefik.http.middlewares.Middleware18.stripprefixregex.regex": "foobar, fiibar", "traefik.http.middlewares.Middleware18.stripprefixregex.regex": "foobar, fiibar",
"traefik.http.middlewares.Middleware19.compress.minresponsebodybytes": "42", "traefik.http.middlewares.Middleware19.compress.minresponsebodybytes": "42",
"traefik.http.middlewares.Middleware20.plugin.tomato.aaa": "foo1", "traefik.http.middlewares.Middleware20.plugin.tomato.aaa": "foo1",
@ -193,9 +203,11 @@ func TestDecodeConfiguration(t *testing.T) {
"traefik.tcp.routers.Router1.tls.options": "foo", "traefik.tcp.routers.Router1.tls.options": "foo",
"traefik.tcp.routers.Router1.tls.passthrough": "false", "traefik.tcp.routers.Router1.tls.passthrough": "false",
"traefik.tcp.services.Service0.loadbalancer.server.Port": "42", "traefik.tcp.services.Service0.loadbalancer.server.Port": "42",
"traefik.tcp.services.Service0.loadbalancer.TerminationDelay": "42",
"traefik.tcp.services.Service0.loadbalancer.proxyProtocol.version": "42", "traefik.tcp.services.Service0.loadbalancer.proxyProtocol.version": "42",
"traefik.tcp.services.Service0.loadbalancer.serversTransport": "foo", "traefik.tcp.services.Service0.loadbalancer.serversTransport": "foo",
"traefik.tcp.services.Service1.loadbalancer.server.Port": "42", "traefik.tcp.services.Service1.loadbalancer.server.Port": "42",
"traefik.tcp.services.Service1.loadbalancer.TerminationDelay": "42",
"traefik.tcp.services.Service1.loadbalancer.proxyProtocol": "true", "traefik.tcp.services.Service1.loadbalancer.proxyProtocol": "true",
"traefik.tcp.services.Service1.loadbalancer.serversTransport": "foo", "traefik.tcp.services.Service1.loadbalancer.serversTransport": "foo",
@ -260,6 +272,7 @@ func TestDecodeConfiguration(t *testing.T) {
Port: "42", Port: "42",
}, },
}, },
TerminationDelay: func(i int) *int { return &i }(42),
ProxyProtocol: &dynamic.ProxyProtocol{Version: 42}, ProxyProtocol: &dynamic.ProxyProtocol{Version: 42},
ServersTransport: "foo", ServersTransport: "foo",
}, },
@ -271,6 +284,7 @@ func TestDecodeConfiguration(t *testing.T) {
Port: "42", Port: "42",
}, },
}, },
TerminationDelay: func(i int) *int { return &i }(42),
ProxyProtocol: &dynamic.ProxyProtocol{Version: 2}, ProxyProtocol: &dynamic.ProxyProtocol{Version: 2},
ServersTransport: "foo", ServersTransport: "foo",
}, },
@ -458,6 +472,7 @@ func TestDecodeConfiguration(t *testing.T) {
"foobar", "foobar",
"fiibar", "fiibar",
}, },
ForceSlash: Bool(true),
}, },
}, },
"Middleware18": { "Middleware18": {
@ -496,6 +511,7 @@ func TestDecodeConfiguration(t *testing.T) {
CheckPeriod: ptypes.Duration(time.Second), CheckPeriod: ptypes.Duration(time.Second),
FallbackDuration: ptypes.Duration(time.Second), FallbackDuration: ptypes.Duration(time.Second),
RecoveryDuration: ptypes.Duration(time.Second), RecoveryDuration: ptypes.Duration(time.Second),
ResponseCode: 403,
}, },
}, },
"Middleware5": { "Middleware5": {
@ -523,11 +539,12 @@ func TestDecodeConfiguration(t *testing.T) {
"Middleware7": { "Middleware7": {
ForwardAuth: &dynamic.ForwardAuth{ ForwardAuth: &dynamic.ForwardAuth{
Address: "foobar", Address: "foobar",
TLS: &types.ClientTLS{ TLS: &dynamic.ClientTLS{
CA: "foobar", CA: "foobar",
Cert: "foobar", Cert: "foobar",
Key: "foobar", Key: "foobar",
InsecureSkipVerify: true, InsecureSkipVerify: true,
CAOptional: Bool(true),
}, },
TrustForwardHeader: true, TrustForwardHeader: true,
AuthResponseHeaders: []string{ AuthResponseHeaders: []string{
@ -581,10 +598,14 @@ func TestDecodeConfiguration(t *testing.T) {
"foobar", "foobar",
"fiibar", "fiibar",
}, },
SSLRedirect: Bool(true),
SSLTemporaryRedirect: Bool(true),
SSLHost: String("foobar"),
SSLProxyHeaders: map[string]string{ SSLProxyHeaders: map[string]string{
"name0": "foobar", "name0": "foobar",
"name1": "foobar", "name1": "foobar",
}, },
SSLForceHost: Bool(true),
STSSeconds: 42, STSSeconds: 42,
STSIncludeSubdomains: true, STSIncludeSubdomains: true,
STSPreload: true, STSPreload: true,
@ -597,6 +618,7 @@ func TestDecodeConfiguration(t *testing.T) {
ContentSecurityPolicy: "foobar", ContentSecurityPolicy: "foobar",
PublicKey: "foobar", PublicKey: "foobar",
ReferrerPolicy: "foobar", ReferrerPolicy: "foobar",
FeaturePolicy: String("foobar"),
PermissionsPolicy: "foobar", PermissionsPolicy: "foobar",
IsDevelopment: true, IsDevelopment: true,
}, },
@ -756,6 +778,7 @@ func TestEncodeConfiguration(t *testing.T) {
}, },
}, },
ServersTransport: "foo", ServersTransport: "foo",
TerminationDelay: func(i int) *int { return &i }(42),
}, },
}, },
"Service1": { "Service1": {
@ -766,6 +789,7 @@ func TestEncodeConfiguration(t *testing.T) {
}, },
}, },
ServersTransport: "foo", ServersTransport: "foo",
TerminationDelay: func(i int) *int { return &i }(42),
}, },
}, },
}, },
@ -950,6 +974,7 @@ func TestEncodeConfiguration(t *testing.T) {
"foobar", "foobar",
"fiibar", "fiibar",
}, },
ForceSlash: Bool(true),
}, },
}, },
"Middleware18": { "Middleware18": {
@ -996,6 +1021,7 @@ func TestEncodeConfiguration(t *testing.T) {
CheckPeriod: ptypes.Duration(time.Second), CheckPeriod: ptypes.Duration(time.Second),
FallbackDuration: ptypes.Duration(time.Second), FallbackDuration: ptypes.Duration(time.Second),
RecoveryDuration: ptypes.Duration(time.Second), RecoveryDuration: ptypes.Duration(time.Second),
ResponseCode: 404,
}, },
}, },
"Middleware5": { "Middleware5": {
@ -1023,11 +1049,12 @@ func TestEncodeConfiguration(t *testing.T) {
"Middleware7": { "Middleware7": {
ForwardAuth: &dynamic.ForwardAuth{ ForwardAuth: &dynamic.ForwardAuth{
Address: "foobar", Address: "foobar",
TLS: &types.ClientTLS{ TLS: &dynamic.ClientTLS{
CA: "foobar", CA: "foobar",
Cert: "foobar", Cert: "foobar",
Key: "foobar", Key: "foobar",
InsecureSkipVerify: true, InsecureSkipVerify: true,
CAOptional: Bool(true),
}, },
TrustForwardHeader: true, TrustForwardHeader: true,
AuthResponseHeaders: []string{ AuthResponseHeaders: []string{
@ -1081,10 +1108,14 @@ func TestEncodeConfiguration(t *testing.T) {
"foobar", "foobar",
"fiibar", "fiibar",
}, },
SSLRedirect: Bool(true),
SSLTemporaryRedirect: Bool(true),
SSLHost: String("foobar"),
SSLProxyHeaders: map[string]string{ SSLProxyHeaders: map[string]string{
"name0": "foobar", "name0": "foobar",
"name1": "foobar", "name1": "foobar",
}, },
SSLForceHost: Bool(true),
STSSeconds: 42, STSSeconds: 42,
STSIncludeSubdomains: true, STSIncludeSubdomains: true,
STSPreload: true, STSPreload: true,
@ -1097,6 +1128,7 @@ func TestEncodeConfiguration(t *testing.T) {
ContentSecurityPolicy: "foobar", ContentSecurityPolicy: "foobar",
PublicKey: "foobar", PublicKey: "foobar",
ReferrerPolicy: "foobar", ReferrerPolicy: "foobar",
FeaturePolicy: String("foobar"),
PermissionsPolicy: "foobar", PermissionsPolicy: "foobar",
IsDevelopment: true, IsDevelopment: true,
}, },
@ -1206,6 +1238,7 @@ func TestEncodeConfiguration(t *testing.T) {
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.CheckPeriod": "1000000000", "traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.CheckPeriod": "1000000000",
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.FallbackDuration": "1000000000", "traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.FallbackDuration": "1000000000",
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.RecoveryDuration": "1000000000", "traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.RecoveryDuration": "1000000000",
"traefik.HTTP.Middlewares.Middleware4.CircuitBreaker.ResponseCode": "404",
"traefik.HTTP.Middlewares.Middleware5.DigestAuth.HeaderField": "foobar", "traefik.HTTP.Middlewares.Middleware5.DigestAuth.HeaderField": "foobar",
"traefik.HTTP.Middlewares.Middleware5.DigestAuth.Realm": "foobar", "traefik.HTTP.Middlewares.Middleware5.DigestAuth.Realm": "foobar",
"traefik.HTTP.Middlewares.Middleware5.DigestAuth.RemoveHeader": "true", "traefik.HTTP.Middlewares.Middleware5.DigestAuth.RemoveHeader": "true",
@ -1218,6 +1251,7 @@ func TestEncodeConfiguration(t *testing.T) {
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.AuthResponseHeaders": "foobar, fiibar", "traefik.HTTP.Middlewares.Middleware7.ForwardAuth.AuthResponseHeaders": "foobar, fiibar",
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.AuthRequestHeaders": "foobar, fiibar", "traefik.HTTP.Middlewares.Middleware7.ForwardAuth.AuthRequestHeaders": "foobar, fiibar",
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.CA": "foobar", "traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.CA": "foobar",
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.CAOptional": "true",
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.Cert": "foobar", "traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.Cert": "foobar",
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.InsecureSkipVerify": "true", "traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.InsecureSkipVerify": "true",
"traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.Key": "foobar", "traefik.HTTP.Middlewares.Middleware7.ForwardAuth.TLS.Key": "foobar",
@ -1246,9 +1280,14 @@ func TestEncodeConfiguration(t *testing.T) {
"traefik.HTTP.Middlewares.Middleware8.Headers.IsDevelopment": "true", "traefik.HTTP.Middlewares.Middleware8.Headers.IsDevelopment": "true",
"traefik.HTTP.Middlewares.Middleware8.Headers.PublicKey": "foobar", "traefik.HTTP.Middlewares.Middleware8.Headers.PublicKey": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.ReferrerPolicy": "foobar", "traefik.HTTP.Middlewares.Middleware8.Headers.ReferrerPolicy": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.FeaturePolicy": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.PermissionsPolicy": "foobar", "traefik.HTTP.Middlewares.Middleware8.Headers.PermissionsPolicy": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLForceHost": "true",
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLHost": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name0": "foobar", "traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name0": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name1": "foobar", "traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name1": "foobar",
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLRedirect": "true",
"traefik.HTTP.Middlewares.Middleware8.Headers.SSLTemporaryRedirect": "true",
"traefik.HTTP.Middlewares.Middleware8.Headers.STSIncludeSubdomains": "true", "traefik.HTTP.Middlewares.Middleware8.Headers.STSIncludeSubdomains": "true",
"traefik.HTTP.Middlewares.Middleware8.Headers.STSPreload": "true", "traefik.HTTP.Middlewares.Middleware8.Headers.STSPreload": "true",
"traefik.HTTP.Middlewares.Middleware8.Headers.STSSeconds": "42", "traefik.HTTP.Middlewares.Middleware8.Headers.STSSeconds": "42",
@ -1300,6 +1339,7 @@ func TestEncodeConfiguration(t *testing.T) {
"traefik.HTTP.Middlewares.Middleware16.Retry.Attempts": "42", "traefik.HTTP.Middlewares.Middleware16.Retry.Attempts": "42",
"traefik.HTTP.Middlewares.Middleware16.Retry.InitialInterval": "1000000000", "traefik.HTTP.Middlewares.Middleware16.Retry.InitialInterval": "1000000000",
"traefik.HTTP.Middlewares.Middleware17.StripPrefix.Prefixes": "foobar, fiibar", "traefik.HTTP.Middlewares.Middleware17.StripPrefix.Prefixes": "foobar, fiibar",
"traefik.HTTP.Middlewares.Middleware17.StripPrefix.ForceSlash": "true",
"traefik.HTTP.Middlewares.Middleware18.StripPrefixRegex.Regex": "foobar, fiibar", "traefik.HTTP.Middlewares.Middleware18.StripPrefixRegex.Regex": "foobar, fiibar",
"traefik.HTTP.Middlewares.Middleware19.Compress.MinResponseBodyBytes": "42", "traefik.HTTP.Middlewares.Middleware19.Compress.MinResponseBodyBytes": "42",
"traefik.HTTP.Middlewares.Middleware20.Plugin.tomato.aaa": "foo1", "traefik.HTTP.Middlewares.Middleware20.Plugin.tomato.aaa": "foo1",
@ -1369,9 +1409,11 @@ func TestEncodeConfiguration(t *testing.T) {
"traefik.TCP.Services.Service0.LoadBalancer.server.Port": "42", "traefik.TCP.Services.Service0.LoadBalancer.server.Port": "42",
"traefik.TCP.Services.Service0.LoadBalancer.server.TLS": "false", "traefik.TCP.Services.Service0.LoadBalancer.server.TLS": "false",
"traefik.TCP.Services.Service0.LoadBalancer.ServersTransport": "foo", "traefik.TCP.Services.Service0.LoadBalancer.ServersTransport": "foo",
"traefik.TCP.Services.Service0.LoadBalancer.TerminationDelay": "42",
"traefik.TCP.Services.Service1.LoadBalancer.server.Port": "42", "traefik.TCP.Services.Service1.LoadBalancer.server.Port": "42",
"traefik.TCP.Services.Service1.LoadBalancer.server.TLS": "false", "traefik.TCP.Services.Service1.LoadBalancer.server.TLS": "false",
"traefik.TCP.Services.Service1.LoadBalancer.ServersTransport": "foo", "traefik.TCP.Services.Service1.LoadBalancer.ServersTransport": "foo",
"traefik.TCP.Services.Service1.LoadBalancer.TerminationDelay": "42",
"traefik.UDP.Routers.Router0.EntryPoints": "foobar, fiibar", "traefik.UDP.Routers.Router0.EntryPoints": "foobar, fiibar",
"traefik.UDP.Routers.Router0.Service": "foobar", "traefik.UDP.Routers.Router0.Service": "foobar",

View file

@ -2,6 +2,7 @@ package runtime
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"slices" "slices"
"sort" "sort"
@ -43,7 +44,7 @@ func (c *Configuration) GetRoutersByEntryPoints(ctx context.Context, entryPoints
} }
if entryPointsCount == 0 { if entryPointsCount == 0 {
rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true) rt.AddError(errors.New("no valid entryPoint for this router"), true)
logger.Error().Msg("No valid entryPoint for this router") logger.Error().Msg("No valid entryPoint for this router")
} }

View file

@ -2,6 +2,7 @@ package runtime
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"slices" "slices"
@ -37,7 +38,7 @@ func (c *Configuration) GetTCPRoutersByEntryPoints(ctx context.Context, entryPoi
} }
if entryPointsCount == 0 { if entryPointsCount == 0 {
rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true) rt.AddError(errors.New("no valid entryPoint for this router"), true)
logger.Error().Msg("No valid entryPoint for this router") logger.Error().Msg("No valid entryPoint for this router")
} }
} }

View file

@ -2,6 +2,7 @@ package runtime
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"slices" "slices"
@ -43,7 +44,7 @@ func (c *Configuration) GetUDPRoutersByEntryPoints(ctx context.Context, entryPoi
} }
if entryPointsCount == 0 { if entryPointsCount == 0 {
rt.AddError(fmt.Errorf("no valid entryPoint for this router"), true) rt.AddError(errors.New("no valid entryPoint for this router"), true)
logger.Error().Msg("No valid entryPoint for this router") logger.Error().Msg("No valid entryPoint for this router")
} }
} }

View file

@ -12,6 +12,7 @@ import (
// EntryPoint holds the entry point configuration. // EntryPoint holds the entry point configuration.
type EntryPoint struct { type EntryPoint struct {
Address string `description:"Entry point address." json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"` Address string `description:"Entry point address." json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
ReusePort bool `description:"Enables EntryPoints from the same or different processes listening on the same TCP/UDP port." json:"reusePort,omitempty" toml:"reusePort,omitempty" yaml:"reusePort,omitempty"`
AsDefault bool `description:"Adds this EntryPoint to the list of default EntryPoints to be used on routers that don't have any Entrypoint defined." json:"asDefault,omitempty" toml:"asDefault,omitempty" yaml:"asDefault,omitempty"` AsDefault bool `description:"Adds this EntryPoint to the list of default EntryPoints to be used on routers that don't have any Entrypoint defined." json:"asDefault,omitempty" toml:"asDefault,omitempty" yaml:"asDefault,omitempty"`
Transport *EntryPointsTransport `description:"Configures communication between clients and Traefik." json:"transport,omitempty" toml:"transport,omitempty" yaml:"transport,omitempty" export:"true"` Transport *EntryPointsTransport `description:"Configures communication between clients and Traefik." json:"transport,omitempty" toml:"transport,omitempty" yaml:"transport,omitempty" export:"true"`
ProxyProtocol *ProxyProtocol `description:"Proxy-Protocol configuration." json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` ProxyProtocol *ProxyProtocol `description:"Proxy-Protocol configuration." json:"proxyProtocol,omitempty" toml:"proxyProtocol,omitempty" yaml:"proxyProtocol,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`

View file

@ -194,9 +194,9 @@ func (a *LifeCycle) SetDefaults() {
// Tracing holds the tracing configuration. // Tracing holds the tracing configuration.
type Tracing struct { type Tracing struct {
ServiceName string `description:"Set the name for this service." json:"serviceName,omitempty" toml:"serviceName,omitempty" yaml:"serviceName,omitempty" export:"true"` ServiceName string `description:"Set the name for this service." json:"serviceName,omitempty" toml:"serviceName,omitempty" yaml:"serviceName,omitempty" export:"true"`
Headers map[string]string `description:"Defines additional headers to be sent with the payloads." json:"headers,omitempty" toml:"headers,omitempty" yaml:"headers,omitempty" export:"true"`
GlobalAttributes map[string]string `description:"Defines additional attributes (key:value) on all spans." json:"globalAttributes,omitempty" toml:"globalAttributes,omitempty" yaml:"globalAttributes,omitempty" export:"true"` GlobalAttributes map[string]string `description:"Defines additional attributes (key:value) on all spans." json:"globalAttributes,omitempty" toml:"globalAttributes,omitempty" yaml:"globalAttributes,omitempty" export:"true"`
SampleRate float64 `description:"Sets the rate between 0.0 and 1.0 of requests to trace." json:"sampleRate,omitempty" toml:"sampleRate,omitempty" yaml:"sampleRate,omitempty" export:"true"` SampleRate float64 `description:"Sets the rate between 0.0 and 1.0 of requests to trace." json:"sampleRate,omitempty" toml:"sampleRate,omitempty" yaml:"sampleRate,omitempty" export:"true"`
AddInternals bool `description:"Enables tracing for internal services (ping, dashboard, etc...)." json:"addInternals,omitempty" toml:"addInternals,omitempty" yaml:"addInternals,omitempty" export:"true"`
OTLP *opentelemetry.Config `description:"Settings for OpenTelemetry." json:"otlp,omitempty" toml:"otlp,omitempty" yaml:"otlp,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` OTLP *opentelemetry.Config `description:"Settings for OpenTelemetry." json:"otlp,omitempty" toml:"otlp,omitempty" yaml:"otlp,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"`
} }
@ -341,19 +341,17 @@ func (c *Configuration) ValidateConfiguration() error {
} }
if c.Tracing != nil && c.Tracing.OTLP != nil { if c.Tracing != nil && c.Tracing.OTLP != nil {
if c.Tracing.OTLP.HTTP == nil && c.Tracing.OTLP.GRPC == nil {
return errors.New("tracing OTLP: at least one of HTTP and gRPC options should be defined")
}
if c.Tracing.OTLP.HTTP != nil && c.Tracing.OTLP.GRPC != nil {
return errors.New("tracing OTLP: HTTP and gRPC options are mutually exclusive")
}
if c.Tracing.OTLP.GRPC != nil && c.Tracing.OTLP.GRPC.TLS != nil && c.Tracing.OTLP.GRPC.Insecure { if c.Tracing.OTLP.GRPC != nil && c.Tracing.OTLP.GRPC.TLS != nil && c.Tracing.OTLP.GRPC.Insecure {
return errors.New("tracing OTLP GRPC: TLS and Insecure options are mutually exclusive") return errors.New("tracing OTLP GRPC: TLS and Insecure options are mutually exclusive")
} }
} }
if c.Metrics != nil && c.Metrics.OTLP != nil {
if c.Metrics.OTLP.GRPC != nil && c.Metrics.OTLP.GRPC.TLS != nil && c.Metrics.OTLP.GRPC.Insecure {
return errors.New("metrics OTLP GRPC: TLS and Insecure options are mutually exclusive")
}
}
return nil return nil
} }

View file

@ -2,6 +2,7 @@ package metrics
import ( import (
"context" "context"
"strings"
"time" "time"
"github.com/go-kit/kit/metrics/dogstatsd" "github.com/go-kit/kit/metrics/dogstatsd"
@ -16,6 +17,8 @@ var (
datadogLoopCancelFunc context.CancelFunc datadogLoopCancelFunc context.CancelFunc
) )
const unixAddressPrefix = "unix://"
// Metric names consistent with https://github.com/DataDog/integrations-extras/pull/64 // Metric names consistent with https://github.com/DataDog/integrations-extras/pull/64
const ( const (
ddConfigReloadsName = "config.reload.total" ddConfigReloadsName = "config.reload.total"
@ -99,10 +102,7 @@ func RegisterDatadog(ctx context.Context, config *types.Datadog) Registry {
} }
func initDatadogClient(ctx context.Context, config *types.Datadog) { func initDatadogClient(ctx context.Context, config *types.Datadog) {
address := config.Address network, address := parseDatadogAddress(config.Address)
if len(address) == 0 {
address = "localhost:8125"
}
ctx, datadogLoopCancelFunc = context.WithCancel(ctx) ctx, datadogLoopCancelFunc = context.WithCancel(ctx)
@ -110,10 +110,27 @@ func initDatadogClient(ctx context.Context, config *types.Datadog) {
ticker := time.NewTicker(time.Duration(config.PushInterval)) ticker := time.NewTicker(time.Duration(config.PushInterval))
defer ticker.Stop() defer ticker.Stop()
datadogClient.SendLoop(ctx, ticker.C, "udp", address) datadogClient.SendLoop(ctx, ticker.C, network, address)
}) })
} }
func parseDatadogAddress(address string) (string, string) {
network := "udp"
var addr string
switch {
case strings.HasPrefix(address, unixAddressPrefix):
network = "unix"
addr = address[len(unixAddressPrefix):]
case address != "":
addr = address
default:
addr = "localhost:8125"
}
return network, addr
}
// StopDatadog stops the Datadog metrics pusher. // StopDatadog stops the Datadog metrics pusher.
func StopDatadog() { func StopDatadog() {
if datadogLoopCancelFunc != nil { if datadogLoopCancelFunc != nil {

View file

@ -7,6 +7,7 @@ import (
"testing" "testing"
"time" "time"
"github.com/stretchr/testify/assert"
"github.com/stvp/go-udp-testing" "github.com/stvp/go-udp-testing"
ptypes "github.com/traefik/paerser/types" ptypes "github.com/traefik/paerser/types"
"github.com/traefik/traefik/v3/pkg/types" "github.com/traefik/traefik/v3/pkg/types"
@ -39,6 +40,44 @@ func TestDatadogWithPrefix(t *testing.T) {
testDatadogRegistry(t, "testPrefix", datadogRegistry) testDatadogRegistry(t, "testPrefix", datadogRegistry)
} }
func TestDatadog_parseDatadogAddress(t *testing.T) {
tests := []struct {
desc string
address string
expNetwork string
expAddress string
}{
{
desc: "empty address",
expNetwork: "udp",
expAddress: "localhost:8125",
},
{
desc: "udp address",
address: "127.0.0.1:8080",
expNetwork: "udp",
expAddress: "127.0.0.1:8080",
},
{
desc: "unix address",
address: "unix:///path/to/datadog.socket",
expNetwork: "unix",
expAddress: "/path/to/datadog.socket",
},
}
for _, test := range tests {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
gotNetwork, gotAddress := parseDatadogAddress(test.address)
assert.Equal(t, test.expNetwork, gotNetwork)
assert.Equal(t, test.expAddress, gotAddress)
})
}
}
func testDatadogRegistry(t *testing.T, metricsPrefix string, datadogRegistry Registry) { func testDatadogRegistry(t *testing.T, metricsPrefix string, datadogRegistry Registry) {
t.Helper() t.Helper()

View file

@ -4,6 +4,7 @@ import (
"context" "context"
"fmt" "fmt"
"net" "net"
"net/url"
"strings" "strings"
"sync" "sync"
"time" "time"
@ -30,7 +31,7 @@ var (
) )
// RegisterOpenTelemetry registers all OpenTelemetry metrics. // RegisterOpenTelemetry registers all OpenTelemetry metrics.
func RegisterOpenTelemetry(ctx context.Context, config *types.OpenTelemetry) Registry { func RegisterOpenTelemetry(ctx context.Context, config *types.OTLP) Registry {
if openTelemetryMeterProvider == nil { if openTelemetryMeterProvider == nil {
var err error var err error
if openTelemetryMeterProvider, err = newOpenTelemetryMeterProvider(ctx, config); err != nil { if openTelemetryMeterProvider, err = newOpenTelemetryMeterProvider(ctx, config); err != nil {
@ -123,15 +124,15 @@ func StopOpenTelemetry() {
} }
// newOpenTelemetryMeterProvider creates a new controller.Controller. // newOpenTelemetryMeterProvider creates a new controller.Controller.
func newOpenTelemetryMeterProvider(ctx context.Context, config *types.OpenTelemetry) (*sdkmetric.MeterProvider, error) { func newOpenTelemetryMeterProvider(ctx context.Context, config *types.OTLP) (*sdkmetric.MeterProvider, error) {
var ( var (
exporter sdkmetric.Exporter exporter sdkmetric.Exporter
err error err error
) )
if config.GRPC != nil { if config.GRPC != nil {
exporter, err = newGRPCExporter(ctx, config) exporter, err = newGRPCExporter(ctx, config.GRPC)
} else { } else {
exporter, err = newHTTPExporter(ctx, config) exporter, err = newHTTPExporter(ctx, config.HTTP)
} }
if err != nil { if err != nil {
return nil, fmt.Errorf("creating exporter: %w", err) return nil, fmt.Errorf("creating exporter: %w", err)
@ -168,24 +169,24 @@ func newOpenTelemetryMeterProvider(ctx context.Context, config *types.OpenTeleme
return meterProvider, nil return meterProvider, nil
} }
func newHTTPExporter(ctx context.Context, config *types.OpenTelemetry) (sdkmetric.Exporter, error) { func newHTTPExporter(ctx context.Context, config *types.OtelHTTP) (sdkmetric.Exporter, error) {
host, port, err := net.SplitHostPort(config.Address) endpoint, err := url.Parse(config.Endpoint)
if err != nil { if err != nil {
return nil, fmt.Errorf("invalid collector address %q: %w", config.Address, err) return nil, fmt.Errorf("invalid collector endpoint %q: %w", config.Endpoint, err)
} }
opts := []otlpmetrichttp.Option{ opts := []otlpmetrichttp.Option{
otlpmetrichttp.WithEndpoint(fmt.Sprintf("%s:%s", host, port)), otlpmetrichttp.WithEndpoint(endpoint.Host),
otlpmetrichttp.WithHeaders(config.Headers), otlpmetrichttp.WithHeaders(config.Headers),
otlpmetrichttp.WithCompression(otlpmetrichttp.GzipCompression), otlpmetrichttp.WithCompression(otlpmetrichttp.GzipCompression),
} }
if config.Insecure { if endpoint.Scheme == "http" {
opts = append(opts, otlpmetrichttp.WithInsecure()) opts = append(opts, otlpmetrichttp.WithInsecure())
} }
if config.Path != "" { if endpoint.Path != "" {
opts = append(opts, otlpmetrichttp.WithURLPath(config.Path)) opts = append(opts, otlpmetrichttp.WithURLPath(endpoint.Path))
} }
if config.TLS != nil { if config.TLS != nil {
@ -200,10 +201,10 @@ func newHTTPExporter(ctx context.Context, config *types.OpenTelemetry) (sdkmetri
return otlpmetrichttp.New(ctx, opts...) return otlpmetrichttp.New(ctx, opts...)
} }
func newGRPCExporter(ctx context.Context, config *types.OpenTelemetry) (sdkmetric.Exporter, error) { func newGRPCExporter(ctx context.Context, config *types.OtelGRPC) (sdkmetric.Exporter, error) {
host, port, err := net.SplitHostPort(config.Address) host, port, err := net.SplitHostPort(config.Endpoint)
if err != nil { if err != nil {
return nil, fmt.Errorf("invalid collector address %q: %w", config.Address, err) return nil, fmt.Errorf("invalid collector endpoint %q: %w", config.Endpoint, err)
} }
opts := []otlpmetricgrpc.Option{ opts := []otlpmetricgrpc.Option{

View file

@ -8,7 +8,6 @@ import (
"io" "io"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url"
"regexp" "regexp"
"strconv" "strconv"
"testing" "testing"
@ -316,14 +315,12 @@ func TestOpenTelemetry(t *testing.T) {
ts.Close() ts.Close()
}) })
sURL, err := url.Parse(ts.URL) var cfg types.OTLP
require.NoError(t, err)
var cfg types.OpenTelemetry
(&cfg).SetDefaults() (&cfg).SetDefaults()
cfg.AddRoutersLabels = true cfg.AddRoutersLabels = true
cfg.Address = sURL.Host cfg.HTTP = &types.OtelHTTP{
cfg.Insecure = true Endpoint: ts.URL,
}
cfg.PushInterval = ptypes.Duration(10 * time.Millisecond) cfg.PushInterval = ptypes.Duration(10 * time.Millisecond)
registry := RegisterOpenTelemetry(context.Background(), &cfg) registry := RegisterOpenTelemetry(context.Background(), &cfg)

View file

@ -27,6 +27,8 @@ import (
"github.com/traefik/traefik/v3/pkg/types" "github.com/traefik/traefik/v3/pkg/types"
) )
const delta float64 = 1e-10
var ( var (
logFileNameSuffix = "/traefik/logger/test.log" logFileNameSuffix = "/traefik/logger/test.log"
testContent = "Hello, World" testContent = "Hello, World"
@ -280,7 +282,7 @@ func assertFloat64(exp float64) func(t *testing.T, actual interface{}) {
return func(t *testing.T, actual interface{}) { return func(t *testing.T, actual interface{}) {
t.Helper() t.Helper()
assert.Equal(t, exp, actual) assert.InDelta(t, exp, actual, delta)
} }
} }

View file

@ -2,7 +2,7 @@ package addprefix
import ( import (
"context" "context"
"fmt" "errors"
"net/http" "net/http"
"github.com/traefik/traefik/v3/pkg/config/dynamic" "github.com/traefik/traefik/v3/pkg/config/dynamic"
@ -33,7 +33,7 @@ func New(ctx context.Context, next http.Handler, config dynamic.AddPrefix, name
name: name, name: name,
} }
} else { } else {
return nil, fmt.Errorf("prefix cannot be empty") return nil, errors.New("prefix cannot be empty")
} }
return result, nil return result, nil

View file

@ -15,6 +15,7 @@ import (
"github.com/traefik/traefik/v3/pkg/middlewares" "github.com/traefik/traefik/v3/pkg/middlewares"
"github.com/traefik/traefik/v3/pkg/middlewares/connectionheader" "github.com/traefik/traefik/v3/pkg/middlewares/connectionheader"
"github.com/traefik/traefik/v3/pkg/tracing" "github.com/traefik/traefik/v3/pkg/tracing"
"github.com/traefik/traefik/v3/pkg/types"
"github.com/vulcand/oxy/v2/forward" "github.com/vulcand/oxy/v2/forward"
"github.com/vulcand/oxy/v2/utils" "github.com/vulcand/oxy/v2/utils"
"go.opentelemetry.io/otel/trace" "go.opentelemetry.io/otel/trace"
@ -53,7 +54,8 @@ type forwardAuth struct {
// NewForward creates a forward auth middleware. // NewForward creates a forward auth middleware.
func NewForward(ctx context.Context, next http.Handler, config dynamic.ForwardAuth, name string) (http.Handler, error) { func NewForward(ctx context.Context, next http.Handler, config dynamic.ForwardAuth, name string) (http.Handler, error) {
middlewares.GetLogger(ctx, name, typeNameForward).Debug().Msg("Creating middleware") logger := middlewares.GetLogger(ctx, name, typeNameForward)
logger.Debug().Msg("Creating middleware")
addAuthCookiesToResponse := make(map[string]struct{}) addAuthCookiesToResponse := make(map[string]struct{})
for _, cookieName := range config.AddAuthCookiesToResponse { for _, cookieName := range config.AddAuthCookiesToResponse {
@ -79,7 +81,18 @@ func NewForward(ctx context.Context, next http.Handler, config dynamic.ForwardAu
} }
if config.TLS != nil { if config.TLS != nil {
tlsConfig, err := config.TLS.CreateTLSConfig(ctx) if config.TLS.CAOptional != nil {
logger.Warn().Msg("CAOptional option is deprecated, TLS client authentication is a server side option, please remove any usage of this option.")
}
clientTLS := &types.ClientTLS{
CA: config.TLS.CA,
Cert: config.TLS.Cert,
Key: config.TLS.Key,
InsecureSkipVerify: config.TLS.InsecureSkipVerify,
}
tlsConfig, err := clientTLS.CreateTLSConfig(ctx)
if err != nil { if err != nil {
return nil, fmt.Errorf("unable to create client TLS configuration: %w", err) return nil, fmt.Errorf("unable to create client TLS configuration: %w", err)
} }

View file

@ -17,6 +17,7 @@ import (
"github.com/traefik/traefik/v3/pkg/testhelpers" "github.com/traefik/traefik/v3/pkg/testhelpers"
"github.com/traefik/traefik/v3/pkg/tracing" "github.com/traefik/traefik/v3/pkg/tracing"
"github.com/traefik/traefik/v3/pkg/tracing/opentelemetry" "github.com/traefik/traefik/v3/pkg/tracing/opentelemetry"
"github.com/traefik/traefik/v3/pkg/types"
"github.com/traefik/traefik/v3/pkg/version" "github.com/traefik/traefik/v3/pkg/version"
"github.com/vulcand/oxy/v2/forward" "github.com/vulcand/oxy/v2/forward"
"go.opentelemetry.io/otel" "go.opentelemetry.io/otel"
@ -500,7 +501,7 @@ func TestForwardAuthUsesTracing(t *testing.T) {
ServiceName: "testApp", ServiceName: "testApp",
SampleRate: 1, SampleRate: 1,
OTLP: &opentelemetry.Config{ OTLP: &opentelemetry.Config{
HTTP: &opentelemetry.HTTP{ HTTP: &types.OtelHTTP{
Endpoint: "http://127.0.0.1:8080", Endpoint: "http://127.0.0.1:8080",
}, },
}, },

View file

@ -30,12 +30,14 @@ func New(ctx context.Context, next http.Handler, confCircuitBreaker dynamic.Circ
logger.Debug().Msg("Creating middleware") logger.Debug().Msg("Creating middleware")
logger.Debug().Msgf("Setting up with expression: %s", expression) logger.Debug().Msgf("Setting up with expression: %s", expression)
responseCode := confCircuitBreaker.ResponseCode
cbOpts := []cbreaker.Option{ cbOpts := []cbreaker.Option{
cbreaker.Fallback(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { cbreaker.Fallback(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
tracing.SetStatusErrorf(req.Context(), "blocked by circuit-breaker (%q)", expression) tracing.SetStatusErrorf(req.Context(), "blocked by circuit-breaker (%q)", expression)
rw.WriteHeader(http.StatusServiceUnavailable) rw.WriteHeader(responseCode)
if _, err := rw.Write([]byte(http.StatusText(http.StatusServiceUnavailable))); err != nil { if _, err := rw.Write([]byte(http.StatusText(responseCode))); err != nil {
log.Ctx(req.Context()).Error().Err(err).Send() log.Ctx(req.Context()).Error().Err(err).Send()
} }
})), })),

View file

@ -2,6 +2,7 @@ package brotli
import ( import (
"bufio" "bufio"
"errors"
"fmt" "fmt"
"io" "io"
"mime" "mime"
@ -34,11 +35,11 @@ type Config struct {
// NewWrapper returns a new Brotli compressing wrapper. // NewWrapper returns a new Brotli compressing wrapper.
func NewWrapper(cfg Config) (func(http.Handler) http.HandlerFunc, error) { func NewWrapper(cfg Config) (func(http.Handler) http.HandlerFunc, error) {
if cfg.MinSize < 0 { if cfg.MinSize < 0 {
return nil, fmt.Errorf("minimum size must be greater than or equal to zero") return nil, errors.New("minimum size must be greater than or equal to zero")
} }
if len(cfg.ExcludedContentTypes) > 0 && len(cfg.IncludedContentTypes) > 0 { if len(cfg.ExcludedContentTypes) > 0 && len(cfg.IncludedContentTypes) > 0 {
return nil, fmt.Errorf("excludedContentTypes and includedContentTypes options are mutually exclusive") return nil, errors.New("excludedContentTypes and includedContentTypes options are mutually exclusive")
} }
var excludedContentTypes []parsedContentType var excludedContentTypes []parsedContentType
@ -138,6 +139,7 @@ func (r *responseWriter) Write(p []byte) (int, error) {
// If we detect a contentEncoding, we know we are never going to compress. // If we detect a contentEncoding, we know we are never going to compress.
if r.rw.Header().Get(contentEncoding) != "" { if r.rw.Header().Get(contentEncoding) != "" {
r.compressionDisabled = true r.compressionDisabled = true
r.rw.WriteHeader(r.statusCode)
return r.rw.Write(p) return r.rw.Write(p)
} }

View file

@ -27,7 +27,7 @@ func Test_Vary(t *testing.T) {
rw := httptest.NewRecorder() rw := httptest.NewRecorder()
h.ServeHTTP(rw, req) h.ServeHTTP(rw, req)
assert.Equal(t, http.StatusOK, rw.Code) assert.Equal(t, http.StatusAccepted, rw.Code)
assert.Equal(t, acceptEncoding, rw.Header().Get(vary)) assert.Equal(t, acceptEncoding, rw.Header().Get(vary))
} }
@ -41,7 +41,7 @@ func Test_SmallBodyNoCompression(t *testing.T) {
h.ServeHTTP(rw, req) h.ServeHTTP(rw, req)
// With less than 1024 bytes the response should not be compressed. // With less than 1024 bytes the response should not be compressed.
assert.Equal(t, http.StatusOK, rw.Code) assert.Equal(t, http.StatusAccepted, rw.Code)
assert.Empty(t, rw.Header().Get(contentEncoding)) assert.Empty(t, rw.Header().Get(contentEncoding))
assert.Equal(t, smallTestBody, rw.Body.Bytes()) assert.Equal(t, smallTestBody, rw.Body.Bytes())
} }
@ -55,6 +55,7 @@ func Test_AlreadyCompressed(t *testing.T) {
rw := httptest.NewRecorder() rw := httptest.NewRecorder()
h.ServeHTTP(rw, req) h.ServeHTTP(rw, req)
assert.Equal(t, http.StatusAccepted, rw.Code)
assert.Equal(t, bigTestBody, rw.Body.Bytes()) assert.Equal(t, bigTestBody, rw.Body.Bytes())
} }
@ -749,6 +750,7 @@ func newTestHandler(t *testing.T, body []byte) http.Handler {
rw.Header().Set("Content-Encoding", "br") rw.Header().Set("Content-Encoding", "br")
} }
rw.WriteHeader(http.StatusAccepted)
_, err := rw.Write(body) _, err := rw.Write(body)
require.NoError(t, err) require.NoError(t, err)
}), }),

View file

@ -2,6 +2,7 @@ package compress
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"mime" "mime"
"net/http" "net/http"
@ -38,7 +39,7 @@ func New(ctx context.Context, next http.Handler, conf dynamic.Compress, name str
middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware") middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware")
if len(conf.ExcludedContentTypes) > 0 && len(conf.IncludedContentTypes) > 0 { if len(conf.ExcludedContentTypes) > 0 && len(conf.IncludedContentTypes) > 0 {
return nil, fmt.Errorf("excludedContentTypes and includedContentTypes options are mutually exclusive") return nil, errors.New("excludedContentTypes and includedContentTypes options are mutually exclusive")
} }
excludes := []string{"application/grpc"} excludes := []string{"application/grpc"}

View file

@ -4,6 +4,7 @@ import (
"context" "context"
"net/http" "net/http"
"github.com/traefik/traefik/v3/pkg/config/dynamic"
"github.com/traefik/traefik/v3/pkg/middlewares" "github.com/traefik/traefik/v3/pkg/middlewares"
) )
@ -18,8 +19,19 @@ type contentType struct {
} }
// New creates a new handler. // New creates a new handler.
func New(ctx context.Context, next http.Handler, name string) (http.Handler, error) { func New(ctx context.Context, next http.Handler, config dynamic.ContentType, name string) (http.Handler, error) {
middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware") logger := middlewares.GetLogger(ctx, name, typeName)
logger.Debug().Msg("Creating middleware")
if config.AutoDetect != nil {
logger.Warn().Msg("AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.")
// Disable content-type detection (idempotent).
if !*config.AutoDetect {
return next, nil
}
}
return &contentType{next: next, name: name}, nil return &contentType{next: next, name: name}, nil
} }

View file

@ -8,6 +8,7 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/traefik/traefik/v3/pkg/config/dynamic"
"github.com/traefik/traefik/v3/pkg/testhelpers" "github.com/traefik/traefik/v3/pkg/testhelpers"
) )
@ -60,7 +61,7 @@ func TestAutoDetection(t *testing.T) {
if test.autoDetect { if test.autoDetect {
var err error var err error
next, err = New(context.Background(), next, "foo-content-type") next, err = New(context.Background(), next, dynamic.ContentType{}, "foo-content-type")
require.NoError(t, err) require.NoError(t, err)
} }

View file

@ -21,15 +21,27 @@ type stripPrefix struct {
next http.Handler next http.Handler
prefixes []string prefixes []string
name string name string
// Deprecated: Must be removed (breaking), the default behavior must be forceSlash=false
forceSlash bool
} }
// New creates a new strip prefix middleware. // New creates a new strip prefix middleware.
func New(ctx context.Context, next http.Handler, config dynamic.StripPrefix, name string) (http.Handler, error) { func New(ctx context.Context, next http.Handler, config dynamic.StripPrefix, name string) (http.Handler, error) {
middlewares.GetLogger(ctx, name, typeName).Debug().Msg("Creating middleware") logger := middlewares.GetLogger(ctx, name, typeName)
logger.Debug().Msg("Creating middleware")
if config.ForceSlash != nil {
logger.Warn().Msgf("`ForceSlash` option is deprecated, please remove any usage of this option.")
}
// Handle default value (here because of deprecation and the removal of setDefault).
forceSlash := config.ForceSlash != nil && *config.ForceSlash
return &stripPrefix{ return &stripPrefix{
prefixes: config.Prefixes, prefixes: config.Prefixes,
next: next, next: next,
name: name, name: name,
forceSlash: forceSlash,
}, nil }, nil
} }
@ -58,6 +70,13 @@ func (s *stripPrefix) serveRequest(rw http.ResponseWriter, req *http.Request, pr
} }
func (s *stripPrefix) getPrefixStripped(urlPath, prefix string) string { func (s *stripPrefix) getPrefixStripped(urlPath, prefix string) string {
if s.forceSlash {
// Only for compatibility reason with the previous behavior,
// but the previous behavior is wrong.
// This needs to be removed in the next breaking version.
return "/" + strings.TrimPrefix(strings.TrimPrefix(urlPath, prefix), "/")
}
return ensureLeadingSlash(strings.TrimPrefix(urlPath, prefix)) return ensureLeadingSlash(strings.TrimPrefix(urlPath, prefix))
} }

View file

@ -146,6 +146,9 @@ func TestStripPrefix(t *testing.T) {
requestURI = r.RequestURI requestURI = r.RequestURI
}) })
pointer := func(v bool) *bool { return &v }
test.config.ForceSlash = pointer(false)
handler, err := New(context.Background(), next, test.config, "foo-strip-prefix") handler, err := New(context.Background(), next, test.config, "foo-strip-prefix")
require.NoError(t, err) require.NoError(t, err)

Some files were not shown because too many files have changed in this diff Show more