SW/traefik
2
0
Fork 1
forked from Ivasoft/traefik
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: SW:v1.7.10
Branches Tags
SW:master SW:v2.9 SW:v1.5 SW:v1.4 SW:v3.0 SW:v2.8 SW:v1.6 SW:v1.7 SW:v2.0 SW:v2.1 SW:v2.2 SW:v2.7 SW:v2.6 SW:v2.3 SW:v2.4 SW:v2.5 SW:v1.0 SW:v1.1 SW:v1.2 SW:v1.3 SW:gh-pages
SW:v2.9.6-1 SW:v3.0.0-beta2 SW:v2.9.6 SW:v3.0.0-beta1 SW:v2.9.5 SW:v2.9.4 SW:v2.9.3 SW:v2.9.2 SW:v2.9.1 SW:v2.9.0-rc5 SW:v2.8.8 SW:v2.8.7 SW:v2.9.0-rc4 SW:v2.8.6 SW:v2.9.0-rc3 SW:v2.9.0-rc2 SW:v2.9.0-rc1 SW:v2.8.5 SW:v2.8.4 SW:v2.8.3 SW:v2.8.2 SW:v2.8.1 SW:v2.8.0 SW:v2.7.3 SW:v2.8.0-rc2 SW:v2.7.2 SW:v2.8.0-rc1 SW:v2.7.1 SW:v2.7.0 SW:v2.6.7 SW:v2.6.6 SW:v2.6.5 SW:v2.6.4 SW:v2.7.0-rc2 SW:v2.6.3 SW:v2.7.0-rc1 SW:v2.6.2 SW:v2.6.1 SW:v2.6.0 SW:v2.6.0-rc3 SW:v2.5.7 SW:v2.6.0-rc2 SW:v2.5.6 SW:v2.6.0-rc1 SW:v1.7.34 SW:v2.5.5 SW:v2.5.4 SW:v1.7.33 SW:v1.7.32 SW:v1.7.31 SW:v2.5.3 SW:v2.5.2 SW:v2.5.1 SW:v2.5.0 SW:v2.4.14 SW:v2.5.0-rc6 SW:v2.5.0-rc5 SW:v2.5.0-rc4 SW:v2.4.13 SW:v2.4.12 SW:v2.5.0-rc3 SW:v2.4.11 SW:v2.4.10 SW:v2.5.0-rc2 SW:v2.5.0-rc1 SW:v2.4.9 SW:v1.7.30 SW:v1.7.29 SW:v2.4.8 SW:v2.4.7 SW:v2.4.6 SW:v2.4.5 SW:v2.4.4 SW:v2.4.3 SW:v2.4.2 SW:v2.4.1 SW:v2.4.0 SW:v1.7.28 SW:v1.7.27 SW:v2.4.0-rc2 SW:v2.3.7 SW:v2.3.6 SW:v2.4.0-rc1 SW:v2.3.5 SW:v2.3.4 SW:v2.3.3 SW:v2.3.2 SW:v2.3.1 SW:v2.3.0 SW:v2.3.0-rc7 SW:v2.3.0-rc6 SW:v2.3.0-rc5 SW:v2.2.11 SW:v2.2.10 SW:v2.3.0-rc4 SW:v2.3.0-rc3 SW:v2.2.8 SW:v1.7.26 SW:v2.2.7 SW:v2.2.6 SW:v2.3.0-rc2 SW:v2.3.0-rc1 SW:v1.7.25 SW:v2.2.5 SW:v2.2.4 SW:v2.2.3 SW:v2.2.2 SW:v2.2.1 SW:v2.2.0 SW:v1.7.24 SW:v2.1.9 SW:v1.7.23 SW:v2.2.0-rc4 SW:v2.1.8 SW:v2.2.0-rc3 SW:v2.1.7 SW:v1.7.22 SW:v2.2.0-rc2 SW:v2.2.0-rc1 SW:v2.1.6 SW:v2.1.5 SW:v1.7.21 SW:v2.1.4 SW:v2.1.3 SW:v2.1.2 SW:v2.1.1 SW:v2.1.0 SW:v1.7.20 SW:v2.0.7 SW:v2.1.0-rc3 SW:v2.0.6 SW:v2.1.0-rc2 SW:v2.1.0-rc1 SW:v2.0.5 SW:v2.0.4 SW:v2.0.3 SW:v1.7.19 SW:v2.0.2 SW:v2.0.1 SW:v1.7.18 SW:v1.7.17 SW:v2.0.0 SW:v2.0.0-rc4 SW:v1.7.16 SW:v1.7.15 SW:v2.0.0-rc3 SW:v2.0.0-rc2 SW:v2.0.0-rc1 SW:v1.7.14 SW:v1.7.13 SW:v2.0.0-beta1 SW:v2.0.0-alpha8 SW:v2.0.0-alpha7 SW:v2.0.0-alpha6 SW:v2.0.0-alpha5 SW:v1.7.12 SW:v1.7.11 SW:v2.0.0-alpha4 SW:v2.0.0-alpha3 SW:v1.7.10 SW:v2.0.0-alpha2 SW:v2.0.0-alpha1 SW:v1.7.9 SW:v1.7.8 SW:v1.7.7 SW:v1.7.6 SW:v1.7.5 SW:v1.7.4 SW:v1.7.3 SW:v1.7.2 SW:v1.7.1 SW:v1.7.0 SW:v1.7.0-rc5 SW:v1.7.0-rc4 SW:v1.6.6 SW:v1.7.0-rc3 SW:v1.7.0-rc2 SW:v1.6.5 SW:v1.7.0-rc1 SW:v1.6.4 SW:v1.6.3 SW:v1.6.2 SW:v1.6.1 SW:v1.6.0 SW:v1.6.0-rc6 SW:v1.6.0-rc5 SW:v1.6.0-rc4 SW:v1.6.0-rc3 SW:v1.6.0-rc2 SW:v1.6.0-rc1 SW:v1.5.4 SW:v1.5.3 SW:v1.5.2 SW:v1.5.1 SW:v1.5.0 SW:v1.5.0-rc5 SW:v1.5.0-rc4 SW:v1.4.6 SW:v1.5.0-rc3 SW:v1.5.0-rc2 SW:v1.4.5 SW:v1.5.0-rc1 SW:v1.4.4 SW:v1.4.3 SW:v1.4.2 SW:v1.4.1 SW:v1.4.0 SW:v1.4.0-rc5 SW:v1.4.0-rc4 SW:v1.4.0-rc3 SW:v1.4.0-rc2 SW:v1.3.8 SW:v1.4.0-rc1 SW:v1.3.7 SW:v1.3.6 SW:v1.3.5 SW:v1.3.4 SW:v1.3.3 SW:v1.3.2 SW:v1.3.1 SW:v1.3.0 SW:v1.3.0-rc3 SW:v1.3.0-rc2 SW:v1.3.0-rc1 SW:v1.2.3 SW:v1.2.2 SW:v1.2.1 SW:v1.2.0 SW:v1.2.0-rc2 SW:v1.2.0-rc1 SW:v1.1.2 SW:v1.1.1 SW:v1.1.0 SW:v1.1.0-rc4 SW:v1.1.0-rc3 SW:v1.1.0-rc2 SW:v1.1.0-rc1 SW:v1.0.3 SW:v1.0.2 SW:v1.0.1 SW:v1.0.0 SW:v1.0.0-rc3 SW:v1.0.0-rc2 SW:v1.0.0-rc1 SW:v1.0.0-beta.809 SW:v1.0.0-beta.804 SW:v1.0.0-beta.794 SW:v1.0.0-beta.784 SW:v1.0.0-beta.771 SW:v1.0.0-beta.767 SW:v1.0.0-beta.756 SW:v1.0.0-beta.754 SW:v1.0.0-beta.744 SW:v1.0.0-beta.732 SW:v1.0.0-beta.723 SW:v1.0.0-beta.721 SW:v1.0.0-beta.712 SW:v1.0.0-beta.704 SW:v1.0.0-beta.695 SW:v1.0.0-beta.692 SW:v1.0.0-beta.682 SW:v1.0.0-beta.676 SW:v1.0.0-beta.673 SW:v1.0.0-beta.666 SW:v1.0.0-beta.652 SW:v1.0.0-beta.644 SW:v1.0.0-beta.621 SW:v1.0.0-beta.614 SW:v1.0.0-beta.610 SW:v1.0.0-beta.601 SW:v1.0.0-beta.582 SW:v1.0.0-beta.576 SW:v1.0.0-beta.573 SW:v1.0.0-beta.555 SW:v1.0.0-beta.548 SW:v1.0.0-beta.545 SW:v1.0.0-beta.524 SW:v1.0.0-beta.513 SW:v1.0.0-beta.508 SW:v1.0.0-beta.505 SW:v1.0.0-beta.484 SW:v1.0.0-beta.481 SW:v1.0.0-beta.475 SW:v1.0.0-beta.470 SW:v1.0.0-beta.453 SW:v1.0.0-beta.442 SW:v1.0.0-beta.440 SW:v1.0.0-beta.436 SW:v1.0.0-beta.433 SW:v1.0.0-beta.427 SW:v1.0.0-beta.421 SW:v1.0.0-beta.416 SW:v1.0.0-beta.408 SW:v1.0.0-beta.404 SW:v1.0.0-beta.395 SW:v1.0.0-beta.392 SW:v1.0.0-beta.374 SW:v1.0.0-beta.366 SW:v1.0.0-beta.355 SW:v1.0.0-beta.352 SW:v1.0.0-beta.341 SW:v1.0.0-beta.339 SW:v1.0.0-beta.324 SW:v1.0.0-beta.300 SW:v1.0.0-beta.291 SW:v1.0.0-beta.289 SW:v1.0.0-beta.287 SW:v1.0.0-beta.280 SW:v1.0.0-beta.277 SW:v1.0.0-beta.254 SW:v1.0.0-beta.247 SW:v1.0.0-beta.224 SW:v1.0.0-beta.220 SW:v1.0.0-beta.212 SW:v1.0.0-beta.211 SW:v1.0.alpha.4c447985b63f8c90dcbde70b2eaef19d9a8c5ad2 SW:v1.0.alpha.9830086790caf40ce30eb9ed5d317917f8157708 SW:v1.0.alpha.3af21612b65fc578585a98c30090d1e613f791eb SW:v1.0.alpha.a458018aa2ccb637abacfc696157e00321cf982f SW:v1.0.alpha.4ded2682d2831ed703282b2f4585e17a62ee258e SW:v1.0.alpha.0e683cc5355bc507dabac68bbc7559d3f179e185 SW:v1.0.alpha.11781087cadf9068d1d0b43902b6161ee10ea458 SW:v1.0.alpha.b42b170ad29a0f042ddee0f5a5098aa9a59a9c8e SW:v1.0.alpha.a00eb81f0301f5e61024dea3b92ba632d6a61a8b SW:v1.0.alpha.6c3c5578c64125838abbc437a0242e1742d6f47a SW:v1.0.alpha.b84b95fe97df5c0f234d8693fbff03fa0d6a441b SW:v1.0.alpha.1a5668377cc840a35d233a0eb817ee9bacf0ba3e SW:v1.0.alpha.331cd173ce8ad858d767510fbcbc653e2dde657d SW:v1.0.alpha.e0872b61579c8e6b8fc6124c8836660c11840f5d SW:v1.0.alpha.99646544953d5793f18ccb22dae2458be4ba0e05 SW:v1.0.alpha.7acc2beae0f0235d9408e8ed7a51f0ef3dae3aff SW:v1.0.alpha.ac56c1310c46f9c18dcad9d7ec680926fae821bb SW:v1.0.alpha.71b0e27517841ec7b911bafb109846ee96109f30 SW:v1.0.alpha.60e9282f0adac48cbf283306ceb08ad7a31ac94b SW:v1.0.alpha.522 SW:v1.0.alpha.516 SW:v1.0.alpha.506 SW:v1.0.alpha.481 SW:v1.0.alpha.477 SW:v1.0.alpha.471 SW:v1.0.alpha.469 SW:v1.0.alpha.463 SW:v1.0.alpha.450 SW:v1.0.alpha.443 SW:v1.0.alpha.439 SW:v1.0.alpha.425 SW:v1.0.alpha.421 SW:v1.0.alpha.418 SW:v1.0.alpha.412 SW:v1.0.alpha.404 SW:v1.0.alpha.392 SW:v1.0.alpha.374 SW:v1.0.alpha.367 SW:v1.0.alpha.364 SW:v1.0.alpha.361 SW:v1.0.alpha.358 SW:v1.0.alpha.357 SW:v1.0.alpha.341 SW:v1.0.alpha.338 SW:v1.0.alpha.336 SW:v1.0.alpha.333 SW:v1.0.alpha.329 SW:v1.0.alpha.311 SW:v1.0.alpha.306 SW:v1.0.alpha.302 SW:v1.0.alpha.291 SW:v1.0.alpha.290 SW:v1.0.alpha.288 SW:v1.0.alpha.285 SW:v1.0.alpha.275 SW:v1.0.alpha.274 SW:v1.0.alpha.273 SW:v1.0.alpha.272 SW:v1.0.alpha.271 SW:v1.0.alpha.270 SW:v1.0.alpha.269 SW:v1.0.alpha.268 SW:v1.0.alpha.267 SW:v1.0.alpha.266 SW:v1.0.alpha.263 SW:v1.0.alpha.257 SW:v1.0.alpha.256 SW:v1.0.alpha.252 SW:v1.0.alpha.251 SW:v1.0.alpha.250 SW:v1.0.alpha.249 SW:v1.0.alpha.247 SW:v1.0.alpha.228 SW:v1.0.alpha.217 SW:v1.0.alpha.216 SW:v1.0.alpha.215 SW:v1.0.alpha.212 SW:v1.0.alpha.200 SW:v1.0.alpha.186 SW:v1.0.alpha.182 SW:v1.0.alpha.178 SW:v1.0.alpha.176 SW:v1.0.alpha.171 SW:v1.0.alpha.170 SW:v1.0.alpha.164 SW:v1.0.alpha.157 SW:v1.0
...
compare: SW:v1.7.14
Branches Tags
SW:master SW:v2.9 SW:v1.5 SW:v1.4 SW:v3.0 SW:v2.8 SW:v1.6 SW:v1.7 SW:v2.0 SW:v2.1 SW:v2.2 SW:v2.7 SW:v2.6 SW:v2.3 SW:v2.4 SW:v2.5 SW:v1.0 SW:v1.1 SW:v1.2 SW:v1.3 SW:gh-pages
SW:v2.9.6-1 SW:v3.0.0-beta2 SW:v2.9.6 SW:v3.0.0-beta1 SW:v2.9.5 SW:v2.9.4 SW:v2.9.3 SW:v2.9.2 SW:v2.9.1 SW:v2.9.0-rc5 SW:v2.8.8 SW:v2.8.7 SW:v2.9.0-rc4 SW:v2.8.6 SW:v2.9.0-rc3 SW:v2.9.0-rc2 SW:v2.9.0-rc1 SW:v2.8.5 SW:v2.8.4 SW:v2.8.3 SW:v2.8.2 SW:v2.8.1 SW:v2.8.0 SW:v2.7.3 SW:v2.8.0-rc2 SW:v2.7.2 SW:v2.8.0-rc1 SW:v2.7.1 SW:v2.7.0 SW:v2.6.7 SW:v2.6.6 SW:v2.6.5 SW:v2.6.4 SW:v2.7.0-rc2 SW:v2.6.3 SW:v2.7.0-rc1 SW:v2.6.2 SW:v2.6.1 SW:v2.6.0 SW:v2.6.0-rc3 SW:v2.5.7 SW:v2.6.0-rc2 SW:v2.5.6 SW:v2.6.0-rc1 SW:v1.7.34 SW:v2.5.5 SW:v2.5.4 SW:v1.7.33 SW:v1.7.32 SW:v1.7.31 SW:v2.5.3 SW:v2.5.2 SW:v2.5.1 SW:v2.5.0 SW:v2.4.14 SW:v2.5.0-rc6 SW:v2.5.0-rc5 SW:v2.5.0-rc4 SW:v2.4.13 SW:v2.4.12 SW:v2.5.0-rc3 SW:v2.4.11 SW:v2.4.10 SW:v2.5.0-rc2 SW:v2.5.0-rc1 SW:v2.4.9 SW:v1.7.30 SW:v1.7.29 SW:v2.4.8 SW:v2.4.7 SW:v2.4.6 SW:v2.4.5 SW:v2.4.4 SW:v2.4.3 SW:v2.4.2 SW:v2.4.1 SW:v2.4.0 SW:v1.7.28 SW:v1.7.27 SW:v2.4.0-rc2 SW:v2.3.7 SW:v2.3.6 SW:v2.4.0-rc1 SW:v2.3.5 SW:v2.3.4 SW:v2.3.3 SW:v2.3.2 SW:v2.3.1 SW:v2.3.0 SW:v2.3.0-rc7 SW:v2.3.0-rc6 SW:v2.3.0-rc5 SW:v2.2.11 SW:v2.2.10 SW:v2.3.0-rc4 SW:v2.3.0-rc3 SW:v2.2.8 SW:v1.7.26 SW:v2.2.7 SW:v2.2.6 SW:v2.3.0-rc2 SW:v2.3.0-rc1 SW:v1.7.25 SW:v2.2.5 SW:v2.2.4 SW:v2.2.3 SW:v2.2.2 SW:v2.2.1 SW:v2.2.0 SW:v1.7.24 SW:v2.1.9 SW:v1.7.23 SW:v2.2.0-rc4 SW:v2.1.8 SW:v2.2.0-rc3 SW:v2.1.7 SW:v1.7.22 SW:v2.2.0-rc2 SW:v2.2.0-rc1 SW:v2.1.6 SW:v2.1.5 SW:v1.7.21 SW:v2.1.4 SW:v2.1.3 SW:v2.1.2 SW:v2.1.1 SW:v2.1.0 SW:v1.7.20 SW:v2.0.7 SW:v2.1.0-rc3 SW:v2.0.6 SW:v2.1.0-rc2 SW:v2.1.0-rc1 SW:v2.0.5 SW:v2.0.4 SW:v2.0.3 SW:v1.7.19 SW:v2.0.2 SW:v2.0.1 SW:v1.7.18 SW:v1.7.17 SW:v2.0.0 SW:v2.0.0-rc4 SW:v1.7.16 SW:v1.7.15 SW:v2.0.0-rc3 SW:v2.0.0-rc2 SW:v2.0.0-rc1 SW:v1.7.14 SW:v1.7.13 SW:v2.0.0-beta1 SW:v2.0.0-alpha8 SW:v2.0.0-alpha7 SW:v2.0.0-alpha6 SW:v2.0.0-alpha5 SW:v1.7.12 SW:v1.7.11 SW:v2.0.0-alpha4 SW:v2.0.0-alpha3 SW:v1.7.10 SW:v2.0.0-alpha2 SW:v2.0.0-alpha1 SW:v1.7.9 SW:v1.7.8 SW:v1.7.7 SW:v1.7.6 SW:v1.7.5 SW:v1.7.4 SW:v1.7.3 SW:v1.7.2 SW:v1.7.1 SW:v1.7.0 SW:v1.7.0-rc5 SW:v1.7.0-rc4 SW:v1.6.6 SW:v1.7.0-rc3 SW:v1.7.0-rc2 SW:v1.6.5 SW:v1.7.0-rc1 SW:v1.6.4 SW:v1.6.3 SW:v1.6.2 SW:v1.6.1 SW:v1.6.0 SW:v1.6.0-rc6 SW:v1.6.0-rc5 SW:v1.6.0-rc4 SW:v1.6.0-rc3 SW:v1.6.0-rc2 SW:v1.6.0-rc1 SW:v1.5.4 SW:v1.5.3 SW:v1.5.2 SW:v1.5.1 SW:v1.5.0 SW:v1.5.0-rc5 SW:v1.5.0-rc4 SW:v1.4.6 SW:v1.5.0-rc3 SW:v1.5.0-rc2 SW:v1.4.5 SW:v1.5.0-rc1 SW:v1.4.4 SW:v1.4.3 SW:v1.4.2 SW:v1.4.1 SW:v1.4.0 SW:v1.4.0-rc5 SW:v1.4.0-rc4 SW:v1.4.0-rc3 SW:v1.4.0-rc2 SW:v1.3.8 SW:v1.4.0-rc1 SW:v1.3.7 SW:v1.3.6 SW:v1.3.5 SW:v1.3.4 SW:v1.3.3 SW:v1.3.2 SW:v1.3.1 SW:v1.3.0 SW:v1.3.0-rc3 SW:v1.3.0-rc2 SW:v1.3.0-rc1 SW:v1.2.3 SW:v1.2.2 SW:v1.2.1 SW:v1.2.0 SW:v1.2.0-rc2 SW:v1.2.0-rc1 SW:v1.1.2 SW:v1.1.1 SW:v1.1.0 SW:v1.1.0-rc4 SW:v1.1.0-rc3 SW:v1.1.0-rc2 SW:v1.1.0-rc1 SW:v1.0.3 SW:v1.0.2 SW:v1.0.1 SW:v1.0.0 SW:v1.0.0-rc3 SW:v1.0.0-rc2 SW:v1.0.0-rc1 SW:v1.0.0-beta.809 SW:v1.0.0-beta.804 SW:v1.0.0-beta.794 SW:v1.0.0-beta.784 SW:v1.0.0-beta.771 SW:v1.0.0-beta.767 SW:v1.0.0-beta.756 SW:v1.0.0-beta.754 SW:v1.0.0-beta.744 SW:v1.0.0-beta.732 SW:v1.0.0-beta.723 SW:v1.0.0-beta.721 SW:v1.0.0-beta.712 SW:v1.0.0-beta.704 SW:v1.0.0-beta.695 SW:v1.0.0-beta.692 SW:v1.0.0-beta.682 SW:v1.0.0-beta.676 SW:v1.0.0-beta.673 SW:v1.0.0-beta.666 SW:v1.0.0-beta.652 SW:v1.0.0-beta.644 SW:v1.0.0-beta.621 SW:v1.0.0-beta.614 SW:v1.0.0-beta.610 SW:v1.0.0-beta.601 SW:v1.0.0-beta.582 SW:v1.0.0-beta.576 SW:v1.0.0-beta.573 SW:v1.0.0-beta.555 SW:v1.0.0-beta.548 SW:v1.0.0-beta.545 SW:v1.0.0-beta.524 SW:v1.0.0-beta.513 SW:v1.0.0-beta.508 SW:v1.0.0-beta.505 SW:v1.0.0-beta.484 SW:v1.0.0-beta.481 SW:v1.0.0-beta.475 SW:v1.0.0-beta.470 SW:v1.0.0-beta.453 SW:v1.0.0-beta.442 SW:v1.0.0-beta.440 SW:v1.0.0-beta.436 SW:v1.0.0-beta.433 SW:v1.0.0-beta.427 SW:v1.0.0-beta.421 SW:v1.0.0-beta.416 SW:v1.0.0-beta.408 SW:v1.0.0-beta.404 SW:v1.0.0-beta.395 SW:v1.0.0-beta.392 SW:v1.0.0-beta.374 SW:v1.0.0-beta.366 SW:v1.0.0-beta.355 SW:v1.0.0-beta.352 SW:v1.0.0-beta.341 SW:v1.0.0-beta.339 SW:v1.0.0-beta.324 SW:v1.0.0-beta.300 SW:v1.0.0-beta.291 SW:v1.0.0-beta.289 SW:v1.0.0-beta.287 SW:v1.0.0-beta.280 SW:v1.0.0-beta.277 SW:v1.0.0-beta.254 SW:v1.0.0-beta.247 SW:v1.0.0-beta.224 SW:v1.0.0-beta.220 SW:v1.0.0-beta.212 SW:v1.0.0-beta.211 SW:v1.0.alpha.4c447985b63f8c90dcbde70b2eaef19d9a8c5ad2 SW:v1.0.alpha.9830086790caf40ce30eb9ed5d317917f8157708 SW:v1.0.alpha.3af21612b65fc578585a98c30090d1e613f791eb SW:v1.0.alpha.a458018aa2ccb637abacfc696157e00321cf982f SW:v1.0.alpha.4ded2682d2831ed703282b2f4585e17a62ee258e SW:v1.0.alpha.0e683cc5355bc507dabac68bbc7559d3f179e185 SW:v1.0.alpha.11781087cadf9068d1d0b43902b6161ee10ea458 SW:v1.0.alpha.b42b170ad29a0f042ddee0f5a5098aa9a59a9c8e SW:v1.0.alpha.a00eb81f0301f5e61024dea3b92ba632d6a61a8b SW:v1.0.alpha.6c3c5578c64125838abbc437a0242e1742d6f47a SW:v1.0.alpha.b84b95fe97df5c0f234d8693fbff03fa0d6a441b SW:v1.0.alpha.1a5668377cc840a35d233a0eb817ee9bacf0ba3e SW:v1.0.alpha.331cd173ce8ad858d767510fbcbc653e2dde657d SW:v1.0.alpha.e0872b61579c8e6b8fc6124c8836660c11840f5d SW:v1.0.alpha.99646544953d5793f18ccb22dae2458be4ba0e05 SW:v1.0.alpha.7acc2beae0f0235d9408e8ed7a51f0ef3dae3aff SW:v1.0.alpha.ac56c1310c46f9c18dcad9d7ec680926fae821bb SW:v1.0.alpha.71b0e27517841ec7b911bafb109846ee96109f30 SW:v1.0.alpha.60e9282f0adac48cbf283306ceb08ad7a31ac94b SW:v1.0.alpha.522 SW:v1.0.alpha.516 SW:v1.0.alpha.506 SW:v1.0.alpha.481 SW:v1.0.alpha.477 SW:v1.0.alpha.471 SW:v1.0.alpha.469 SW:v1.0.alpha.463 SW:v1.0.alpha.450 SW:v1.0.alpha.443 SW:v1.0.alpha.439 SW:v1.0.alpha.425 SW:v1.0.alpha.421 SW:v1.0.alpha.418 SW:v1.0.alpha.412 SW:v1.0.alpha.404 SW:v1.0.alpha.392 SW:v1.0.alpha.374 SW:v1.0.alpha.367 SW:v1.0.alpha.364 SW:v1.0.alpha.361 SW:v1.0.alpha.358 SW:v1.0.alpha.357 SW:v1.0.alpha.341 SW:v1.0.alpha.338 SW:v1.0.alpha.336 SW:v1.0.alpha.333 SW:v1.0.alpha.329 SW:v1.0.alpha.311 SW:v1.0.alpha.306 SW:v1.0.alpha.302 SW:v1.0.alpha.291 SW:v1.0.alpha.290 SW:v1.0.alpha.288 SW:v1.0.alpha.285 SW:v1.0.alpha.275 SW:v1.0.alpha.274 SW:v1.0.alpha.273 SW:v1.0.alpha.272 SW:v1.0.alpha.271 SW:v1.0.alpha.270 SW:v1.0.alpha.269 SW:v1.0.alpha.268 SW:v1.0.alpha.267 SW:v1.0.alpha.266 SW:v1.0.alpha.263 SW:v1.0.alpha.257 SW:v1.0.alpha.256 SW:v1.0.alpha.252 SW:v1.0.alpha.251 SW:v1.0.alpha.250 SW:v1.0.alpha.249 SW:v1.0.alpha.247 SW:v1.0.alpha.228 SW:v1.0.alpha.217 SW:v1.0.alpha.216 SW:v1.0.alpha.215 SW:v1.0.alpha.212 SW:v1.0.alpha.200 SW:v1.0.alpha.186 SW:v1.0.alpha.182 SW:v1.0.alpha.178 SW:v1.0.alpha.176 SW:v1.0.alpha.171 SW:v1.0.alpha.170 SW:v1.0.alpha.164 SW:v1.0.alpha.157 SW:v1.0

47 Commits
v1.7.10 ... v1.7.14

Author SHA1 Message Date
Ludovic Fernandez
f397342f16 Prepare release v1.7.14 2019-08-14 02:06:03 -07:00
Ludovic Fernandez
989a59cc29 Update to go1.12.8 2019-08-14 01:52:05 -07:00
Julien Levesy
c5b71592c8 Make hijackConnectionTracker.Close thread safe 2019-08-12 02:34:04 -07:00
Ludovic Fernandez
9de3129a55 Prepare release v1.7.13 2019-08-08 09:04:03 -07:00
Douglas Wagner
40ab1f325c Wrr loadbalancer honors old weight on recovered servers 2019-08-07 08:14:04 -07:00
Daniel Becker
73e0561610 Update lego 2019-08-05 09:08:04 -07:00
Jean Prat
0a89cccdc0 warning should not be a fail status 2019-08-05 08:40:04 -07:00
Daniel Tomcej
b102e6de5a Add missing KeyUsages for default generated certificate 2019-08-05 06:20:05 -07:00
alvarezbruned
2064a6f805 Add example for CLI 2019-08-01 05:38:04 -07:00
Amir Keibi
72e2ddff98 Updating Service Fabric documentation 2019-07-26 02:30:05 -07:00
David Dymko
7db41967c6 Fixed doc link for AlibabaCloud 2019-07-16 16:02:04 +02:00
Jean-Baptiste Doumenjou
a8680a8719 Fixes the TLS Mutual Authentication documentation 2019-07-15 08:46:04 +02:00
Ludovic Fernandez
7e11fa1193 Update Docker version. 2019-07-15 07:04:02 +02:00
gurayyildirim
489b5a6150 Format YAML example on user guide 2019-07-08 10:40:03 +02:00
Daniel Tomcej
8027e8ee23 Check for multiport services on Global Backend Ingress 2019-06-27 09:42:03 +02:00
Damien Duportal
d35d5bd2e8 Update documentation to clarify the default format for logs 2019-06-26 14:28:04 +02:00
stffabi
8e47bdedc6 Clear TLS client headers if TLSMutualAuth is optional 2019-06-26 11:32:04 +02:00
Damien Duportal
51419a9235 Update Slack support channel references to Discourse community forum 2019-06-25 10:06:03 +02:00
Ludovic Fernandez
32fd52c698 Use dynamodbav tags to override json tags. 2019-06-24 09:14:03 +02:00
Ludovic Fernandez
468e4ebd98 Add remarks about Rancher 2 2019-06-21 19:04:04 +02:00
Damien Duportal
92a57384a4 Allows logs to use local time zone instead of UTC 
Co-authored-by: Ludovic Fernandez <ldez@users.noreply.github.com>
 2019-06-17 09:20:03 +02:00
Damien Duportal
2067a433cd Improve API / Dashboard wording in documentation 2019-06-04 00:42:05 +02:00
kolaente
16f1f851cc Use the latest stable version of traefik in the docs 2019-06-03 17:38:07 +02:00
Daniel Tomcej
8e992c7cfb Update docker api version 2019-06-03 11:28:06 +02:00
Ludovic Fernandez
9da0bcf3aa Prepare release v1.7.12 2019-05-29 20:42:06 +02:00
Ludovic Fernandez
51287d9316 Remove authentication hashes from API 2019-05-29 19:22:07 +02:00
Ludovic Fernandez
29307fe9fa fix: update-lego. 2019-05-28 17:32:05 +02:00
ravilr
52772c9642 fix kubernetes template for backend responseforwarding flushinterval setting 2019-05-23 18:14:05 +02:00
ravilr
8f135fdb0a Add missing callback on close of hijacked connections 2019-05-23 09:40:04 +02:00
Ludovic Fernandez
7722a41270 Adds a log fields documentation. 2019-05-21 17:02:11 +02:00
Alex Antonov
cd11b1aab4 Upgraded DataDog tracing library to 1.13.0 2019-05-15 18:04:06 +02:00
Ludovic Fernandez
e7564d4cf8 Enhance KV logs. 2019-05-15 17:20:08 +02:00
Wenxuan Zhao
cc130fb673 Allow SANs for wildcards domain. (#4821) 2019-05-03 18:08:37 +02:00
Greg Berns
4106cf647b Docs: Troubleshooting help for Docker Swarm labels 2019-05-03 10:28:05 +02:00
Ludovic Fernandez
8a1c3510ea Prepare release v1.7.11 2019-04-26 10:34:06 +02:00
Jean-Baptiste Doumenjou
787b0a3ac7 Enhance KV client error management 
Co-authored-by: Ludovic Fernandez <ldez@users.noreply.github.com>
 2019-04-26 09:36:03 +02:00
Ludovic Fernandez
a6d86cdddb fix: update lego. 2019-04-23 11:40:05 +02:00
mpl
9559a56011 Improve log message about redundant TLS certificate 2019-04-15 12:32:03 +02:00
ctas582
07e8042192 Forward all header values from forward auth response 2019-04-10 17:18:06 +02:00
Martin Hoefling
edd8e36dcc Documentation Update: Hosting.de wildcard support tested 2019-04-09 16:52:05 +02:00
Ludovic Fernandez
e291dcb8d1 Get Structor version from CI env var. 2019-04-08 08:44:03 +02:00
Ludovic Fernandez
de6e365b74 Update zipkin-go-opentracing. 2019-04-05 11:18:04 +02:00
Amir Aslaminejad
98a5e08553 Remove usage of github.com/satori/go.uuid 2019-04-05 08:44:03 +02:00
Brandon McNama
ba44619828 Update Wildcard Domain documentation 2019-04-01 17:42:04 +02:00
Ludovic Fernandez
86d700c845 Enhance k8s tests maintainability 2019-04-01 17:02:06 +02:00
Ludovic Fernandez
b2f11afcc2 Update certificates for some Docker images 2019-04-01 00:54:03 +02:00
Maxim Fominykh
cfb356c68e Keep consistent order 2019-03-29 16:40:03 +01:00
1188 changed files with 136361 additions and 24692 deletions
Expand all files Collapse all files

20
.semaphoreci/golang.sh Executable file
View File

@@ -0,0 +1,20 @@
#!/usr/bin/env bash
set -e
curl -O https://dl.google.com/go/go1.12.linux-amd64.tar.gz
tar -xvf go1.12.linux-amd64.tar.gz
rm -rf go1.12.linux-amd64.tar.gz
sudo mkdir -p /usr/local/golang/1.12/go
sudo mv go /usr/local/golang/1.12/
sudo rm /usr/local/bin/go
sudo chmod +x /usr/local/golang/1.12/go/bin/go
sudo ln -s /usr/local/golang/1.12/go/bin/go /usr/local/bin/go
export GOROOT="/usr/local/golang/1.12/go"
export GOTOOLDIR="/usr/local/golang/1.12/go/pkg/tool/linux_amd64"
go version

2
.semaphoreci/setup.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash
set -e
export DOCKER_VERSION=17.03.1
export DOCKER_VERSION=18.09.7
source .semaphoreci/vars

2
.travis.yml
View File

@@ -30,7 +30,7 @@ before_deploy:
make -j${N_MAKE_JOBS} crossbinary-parallel;
tar cfz dist/traefik-${VERSION}.src.tar.gz --exclude-vcs --exclude dist .;
fi;
curl -sfL https://raw.githubusercontent.com/containous/structor/master/godownloader.sh | bash -s -- -b "${GOPATH}/bin" v1.7.0
curl -sfL https://raw.githubusercontent.com/containous/structor/master/godownloader.sh | bash -s -- -b "${GOPATH}/bin" ${STRUCTOR_VERSION}
structor -o containous -r traefik --dockerfile-url="https://raw.githubusercontent.com/containous/traefik/v1.7/docs.Dockerfile" --menu.js-url="https://raw.githubusercontent.com/containous/structor/master/traefik-menu.js.gotmpl" --rqts-url="https://raw.githubusercontent.com/containous/structor/master/requirements-override.txt" --exp-branch=master --force-edit-url --debug;
fi
deploy:

68
CHANGELOG.md
View File

@@ -1,5 +1,73 @@
# Change Log
## [v1.7.14](https://github.com/containous/traefik/tree/v1.7.14) (2019-08-14)
[All Commits](https://github.com/containous/traefik/compare/v1.7.13...v1.7.14)
**Bug fixes:**
- Update to go1.12.8 ([#5201](https://github.com/containous/traefik/pull/5201) by [ldez](https://github.com/ldez)). HTTP/2 Denial of Service [CVE-2019-9512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512) and [CVE-2019-9514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514)
- **[server]** Make hijackConnectionTracker.Close thread safe ([#5194](https://github.com/containous/traefik/pull/5194) by [jlevesy](https://github.com/jlevesy))
## [v1.7.13](https://github.com/containous/traefik/tree/v1.7.13) (2019-08-07)
[All Commits](https://github.com/containous/traefik/compare/v1.7.12...v1.7.13)
**Bug fixes:**
- **[acme]** Update lego ([#5166](https://github.com/containous/traefik/pull/5166) by [dabeck](https://github.com/dabeck))
- **[consulcatalog]** warning should not be a fail status ([#4537](https://github.com/containous/traefik/pull/4537) by [saez0pub](https://github.com/saez0pub))
- **[docker]** Update docker api version ([#4909](https://github.com/containous/traefik/pull/4909) by [dtomcej](https://github.com/dtomcej))
- **[dynamodb]** Use dynamodbav tags to override json tags. ([#5002](https://github.com/containous/traefik/pull/5002) by [ldez](https://github.com/ldez))
- **[healthcheck]** Wrr loadbalancer honors old weight on recovered servers ([#5051](https://github.com/containous/traefik/pull/5051) by [DougWagner](https://github.com/DougWagner))
- **[k8s]** Check for multiport services on Global Backend Ingress ([#5021](https://github.com/containous/traefik/pull/5021) by [dtomcej](https://github.com/dtomcej))
- **[logs]** Allows logs to use local time zone instead of UTC ([#4954](https://github.com/containous/traefik/pull/4954) by [dduportal](https://github.com/dduportal))
- **[middleware]** Clear TLS client headers if TLSMutualAuth is optional ([#4963](https://github.com/containous/traefik/pull/4963) by [stffabi](https://github.com/stffabi))
- **[tls]** Add missing KeyUsages for default generated certificate ([#5150](https://github.com/containous/traefik/pull/5150) by [dtomcej](https://github.com/dtomcej))
**Documentation:**
- **[acme]** Fixed doc link for AlibabaCloud ([#5109](https://github.com/containous/traefik/pull/5109) by [ddymko](https://github.com/ddymko))
- **[docker]** Add example for CLI ([#5131](https://github.com/containous/traefik/pull/5131) by [alvarezbruned](https://github.com/alvarezbruned))
- **[docker]** Use the latest stable version of traefik in the docs ([#4927](https://github.com/containous/traefik/pull/4927) by [kolaente](https://github.com/kolaente))
- **[logs]** Update documentation to clarify the default format for logs ([#4953](https://github.com/containous/traefik/pull/4953) by [dduportal](https://github.com/dduportal))
- **[rancher]** Add remarks about Rancher 2 ([#4999](https://github.com/containous/traefik/pull/4999) by [ldez](https://github.com/ldez))
- **[tls]** Fixes the TLS Mutual Authentication documentation ([#5085](https://github.com/containous/traefik/pull/5085) by [jbdoumenjou](https://github.com/jbdoumenjou))
- Format YAML example on user guide ([#5067](https://github.com/containous/traefik/pull/5067) by [gurayyildirim](https://github.com/gurayyildirim))
- Update Slack support channel references to Discourse community forum ([#5014](https://github.com/containous/traefik/pull/5014) by [dduportal](https://github.com/dduportal))
- Updating Service Fabric documentation ([#5160](https://github.com/containous/traefik/pull/5160) by [gheibia](https://github.com/gheibia))
- Improve API / Dashboard wording in documentation ([#4929](https://github.com/containous/traefik/pull/4929) by [dduportal](https://github.com/dduportal))
## [v1.7.12](https://github.com/containous/traefik/tree/v1.7.12) (2019-05-29)
[All Commits](https://github.com/containous/traefik/compare/v1.7.11...v1.7.12)
**Bug fixes:**
- **[acme]** Allow SANs for wildcards domain. ([#4821](https://github.com/containous/traefik/pull/4821) by [vizv](https://github.com/vizv))
- **[acme]** fix: update lego. ([#4910](https://github.com/containous/traefik/pull/4910) by [ldez](https://github.com/ldez))
- **[api,authentication]** Remove authentication hashes from API ([#4918](https://github.com/containous/traefik/pull/4918) by [ldez](https://github.com/ldez))
- **[consul]** Enhance KV logs. ([#4877](https://github.com/containous/traefik/pull/4877) by [ldez](https://github.com/ldez))
- **[k8s]** Fix kubernetes template for backend responseforwarding flushinterval setting ([#4901](https://github.com/containous/traefik/pull/4901) by [ravilr](https://github.com/ravilr))
- **[metrics]** Upgraded DataDog tracing library to 1.13.0 ([#4878](https://github.com/containous/traefik/pull/4878) by [aantono](https://github.com/aantono))
- **[server]** Add missing callback on close of hijacked connections ([#4900](https://github.com/containous/traefik/pull/4900) by [ravilr](https://github.com/ravilr))
**Documentation:**
- **[docker]** Docs: Troubleshooting help for Docker Swarm labels ([#4751](https://github.com/containous/traefik/pull/4751) by [gregberns](https://github.com/gregberns))
- **[logs]** Adds a log fields documentation. ([#4890](https://github.com/containous/traefik/pull/4890) by [ldez](https://github.com/ldez))
## [v1.7.11](https://github.com/containous/traefik/tree/v1.7.11) (2019-04-26)
[All Commits](https://github.com/containous/traefik/compare/v1.7.10...v1.7.11)
**Enhancements:**
- **[k8s,k8s/ingress]** Enhance k8s tests maintainability ([#4696](https://github.com/containous/traefik/pull/4696) by [ldez](https://github.com/ldez))
**Bug fixes:**
- **[acme]** fix: update lego. ([#4800](https://github.com/containous/traefik/pull/4800) by [ldez](https://github.com/ldez))
- **[authentication,middleware]** Forward all header values from forward auth response ([#4515](https://github.com/containous/traefik/pull/4515) by [ctas582](https://github.com/ctas582))
- **[cluster]** Remove usage of github.com/satori/go.uuid ([#4722](https://github.com/containous/traefik/pull/4722) by [aaslamin](https://github.com/aaslamin))
- **[kv]** Enhance KV client error management ([#4819](https://github.com/containous/traefik/pull/4819) by [jbdoumenjou](https://github.com/jbdoumenjou))
- **[tls]** Improve log message about redundant TLS certificate ([#4765](https://github.com/containous/traefik/pull/4765) by [mpl](https://github.com/mpl))
- **[tracing]** Update zipkin-go-opentracing. ([#4720](https://github.com/containous/traefik/pull/4720) by [ldez](https://github.com/ldez))
**Documentation:**
- **[acme]** Documentation Update: Hosting.de wildcard support tested ([#4747](https://github.com/containous/traefik/pull/4747) by [martinhoefling](https://github.com/martinhoefling))
- **[acme]** Update Wildcard Domain documentation ([#4682](https://github.com/containous/traefik/pull/4682) by [DWSR](https://github.com/DWSR))
- **[middleware]** Keep consistent order ([#4690](https://github.com/containous/traefik/pull/4690) by [maxifom](https://github.com/maxifom))
## [v1.7.10](https://github.com/containous/traefik/tree/v1.7.10) (2019-03-28)
[All Commits](https://github.com/containous/traefik/compare/v1.7.9...v1.7.10)

4
CONTRIBUTING.md
View File

@@ -13,7 +13,7 @@ You need to run the `binary` target. This will create binaries for Linux platfor
$ make binary
docker build -t "traefik-dev:no-more-godep-ever" -f build.Dockerfile .
Sending build context to Docker daemon 295.3 MB
Step 0 : FROM golang:1.11-alpine
Step 0 : FROM golang:1.12-alpine
---> 8c6473912976
Step 1 : RUN go get github.com/golang/dep/cmd/dep
[...]
@@ -158,7 +158,7 @@ Integration tests must be run from the `integration/` directory and require the
## Documentation
The [documentation site](http://docs.traefik.io/) is built with [mkdocs](http://mkdocs.org/)
The [documentation site](https://docs.traefik.io/) is built with [mkdocs](https://mkdocs.org/)
### Building Documentation

387
Gopkg.lock generated
View File

@@ -17,6 +17,14 @@
pruneopts = "NUT"
revision = "02e53af36e6c978af692887ed449b74026d76fec"
[[projects]]
digest = "1:3fb854fc35fafced21615a93db3c0e324c8cb1d5a89f39dd1e72db0c4200345a"
name = "contrib.go.opencensus.io/exporter/ocagent"
packages = ["."]
pruneopts = "NUT"
revision = "dcb33c7f3b7cfe67e8a2cea10207ede1b7c40764"
version = "v0.4.12"
[[projects]]
branch = "master"
digest = "1:24afd6a7be85997c981693ddcc5f7b37fd3ed5cb119901e14737b9635b944cfb"
@@ -34,15 +42,15 @@
revision = "72eebf980f467d3ab3a8b4ddf660f664911ce519"
[[projects]]
digest = "1:59f6c2fd10ad014d2907eaa48a19070d5e7af35624328a4fbbf93b7b1c4a19e8"
digest = "1:1a06fd7e9325a0b2d1b44ff0253afac49857863cb86ba30ea8212690b7c6287e"
name = "github.com/Azure/azure-sdk-for-go"
packages = [
"services/dns/mgmt/2017-09-01/dns",
"version",
]
pruneopts = "NUT"
revision = "068ec4d616be5b2175509bf1fb3e4c8ea160d5c8"
version = "v15.0.1"
revision = "98f2f9ff6ad63a307bb3438b7631af594b11f32b"
version = "v31.2.0"
[[projects]]
branch = "master"
@@ -56,19 +64,23 @@
revision = "d6e3b3328b783f23731bc4d058875b0371ff8109"
[[projects]]
digest = "1:2526235ff8cae0162b34e8af3779621de71b3a020dead9bcce74d3f43a18c988"
digest = "1:847ae8f26c6796f0dbed826b7bc0297eae976fa2b24045e3e2ddb26846378a65"
name = "github.com/Azure/go-autorest"
packages = [
"autorest",
"autorest/adal",
"autorest/azure",
"autorest/azure/auth",
"autorest/azure/cli",
"autorest/date",
"autorest/to",
"autorest/validation",
"logger",
"tracing",
]
pruneopts = "NUT"
revision = "9ad9326b278af8fa5cc67c30c0ce9a58cc0862b2"
version = "v10.6.0"
revision = "ba1147dc57f993013ef255c128ca1cac8a557409"
version = "v12.4.1"
[[projects]]
branch = "master"
@@ -90,11 +102,12 @@
revision = "6add9cd6ad42d389d6ead1dde60b4ad71e46fd74"
[[projects]]
digest = "1:ab7fee312bbdc8070d0325d841de8704cc78bf032b076200f1458659b74b8ed6"
name = "github.com/JamesClonk/vultr"
packages = ["lib"]
digest = "1:25870183293a3fb61cc9afd060a61d63a486f091db72af01a8ea3449f5ca530d"
name = "github.com/Masterminds/goutils"
packages = ["."]
pruneopts = "NUT"
revision = "2fd0705ce648e602e6c9c57329a174270a4f6688"
revision = "41ac8693c5c10a92ea1ff5ac3a7f95646f6123b0"
version = "v1.1.0"
[[projects]]
digest = "1:0ce2a409217f52078c6b8642993deb1025940cded6d5054047c1d5c7379f753c"
@@ -105,11 +118,12 @@
version = "v1.2.2"
[[projects]]
digest = "1:a49472e7d73071005f436b7da85567220f24bb26fbfccbec45d2cd1359d4c67d"
digest = "1:876a1121171c083c4e3a4789683d02a40c0f644c8190da521d15b59799f556d6"
name = "github.com/Masterminds/sprig"
packages = ["."]
pruneopts = "NUT"
revision = "e039e20e500c2c025d9145be375e27cf42a94174"
revision = "9f8fceff796fb9f4e992cd2bece016be0121ab74"
version = "2.19.0"
[[projects]]
digest = "1:c8e7aea759874984f67a75e43fe764137188b1b062e27639efcba4b801fbcf42"
@@ -206,7 +220,7 @@
revision = "063d875e3c5fd734fa2aa12fac83829f62acfc70"
[[projects]]
digest = "1:47071ecf8d840dd357ede1b2aed46576bdd0a866adecef3c9e85a00db9672202"
digest = "1:dddee1f9ce7caecc95ae089c721a65ed42b35f8cc8a8b8a3ee6e3758ec93ec4b"
name = "github.com/akamai/AkamaiOPEN-edgegrid-golang"
packages = [
"client-v1",
@@ -215,16 +229,17 @@
"jsonhooks-v1",
]
pruneopts = "NUT"
revision = "1471ce9c14c6d8c007516e129262962a628fecdf"
version = "v0.7.3"
revision = "009960c8b2c7c57a0c5c488a3c8c778c16f3f586"
version = "v0.7.4"
[[projects]]
digest = "1:823e87ae25170339e2bfd1d6f7c2e27554c6bb5655f91c67b37bd5be45bb6b32"
digest = "1:cd8348ab7b1ce85f965157e966791bb13514ea933902ecd1c010b5c529657f3d"
name = "github.com/aliyun/alibaba-cloud-sdk-go"
packages = [
"sdk",
"sdk/auth",
"sdk/auth/credentials",
"sdk/auth/credentials/provider",
"sdk/auth/signers",
"sdk/endpoints",
"sdk/errors",
@@ -234,24 +249,16 @@
"services/alidns",
]
pruneopts = "NUT"
revision = "cad214d7d71fba7883fcf3b7e550ba782c15b400"
version = "1.27.7"
revision = "26f0a5c2d5dc6d4a73c62651d146bdd51dc3bdde"
version = "1.60.84"
[[projects]]
digest = "1:975108e8d4f5dab096fc991326e96a5716ee8d02e5e7386bb4796171afc4ab9a"
name = "github.com/aokoli/goutils"
packages = ["."]
pruneopts = "NUT"
revision = "3391d3790d23d03408670993e957e8f408993c34"
version = "v1.0.1"
[[projects]]
digest = "1:9752dad5e89cd779096bf2477a4ded16bea7ac62de453c8d6b4bf841d51a8512"
digest = "1:b39cf81d5f440b9c0757a25058432d33af867e5201109bf53621356d9dab4b73"
name = "github.com/apache/thrift"
packages = ["lib/go/thrift"]
pruneopts = "NUT"
revision = "b2a4d4ae21c789b689dd162deb819665567f481c"
version = "0.10.0"
revision = "384647d290e2e4a55a14b1b7ef1b7e66293a2c33"
version = "v0.12.0"
[[projects]]
branch = "master"
@@ -262,7 +269,7 @@
revision = "48572f11356f1843b694f21a290d4f1006bc5e47"
[[projects]]
digest = "1:bfb036834a43e76abd318f0db39b0bbec6f7865680c1e443475c0297250a89ed"
digest = "1:bd56ffde8e12e9faca92f3ac54347c665d931856fba8784007b02e004fbcc30d"
name = "github.com/aws/aws-sdk-go"
packages = [
"aws",
@@ -274,15 +281,20 @@
"aws/credentials",
"aws/credentials/ec2rolecreds",
"aws/credentials/endpointcreds",
"aws/credentials/processcreds",
"aws/credentials/stscreds",
"aws/crr",
"aws/csm",
"aws/defaults",
"aws/ec2metadata",
"aws/endpoints",
"aws/request",
"aws/session",
"aws/signer/v4",
"internal/ini",
"internal/sdkio",
"internal/sdkrand",
"internal/sdkuri",
"internal/shareddefaults",
"private/protocol",
"private/protocol/ec2query",
@@ -301,10 +313,11 @@
"service/lightsail",
"service/route53",
"service/sts",
"service/sts/stsiface",
]
pruneopts = "NUT"
revision = "fad131ddc707880428615dc8bc1587b55fb46d74"
version = "v1.13.54"
revision = "f3fe96892dc0e8e8e9862456e1455e62e4cb55d4"
version = "v1.21.9"
[[projects]]
branch = "master"
@@ -331,12 +344,27 @@
version = "v2.1.1"
[[projects]]
digest = "1:03cfacdc6bfd46007c15786c1ece3fa074f89e5193a292f0f26d9e98c99c7cc2"
digest = "1:8f5acd4d4462b5136af644d25101f0968a7a94ee90fcb2059cec5b7cc42e0b20"
name = "github.com/census-instrumentation/opencensus-proto"
packages = [
"gen-go/agent/common/v1",
"gen-go/agent/metrics/v1",
"gen-go/agent/trace/v1",
"gen-go/metrics/v1",
"gen-go/resource/v1",
"gen-go/trace/v1",
]
pruneopts = "NUT"
revision = "d89fa54de508111353cb0b06403c00569be780d8"
version = "v0.2.1"
[[projects]]
digest = "1:b63319bd1e224704c8a4d7d65c82791ef5ceb168b7c2c028193595064c910f1a"
name = "github.com/cloudflare/cloudflare-go"
packages = ["."]
pruneopts = "NUT"
revision = "1f9007fbecae20711133c60519338c41cef1ffb4"
version = "v0.8.5"
revision = "b59d4f05eec361422b388c7ed74293ce8a3d5f97"
version = "v0.9.4"
[[projects]]
branch = "master"
@@ -449,12 +477,12 @@
version = "v1.1.0"
[[projects]]
branch = "master"
digest = "1:d3972abc351cd5578e3281d332ac9e7a04dafc6e5af97c064fe396c4f90ee769"
digest = "1:fa62421bd924623ac10a160686cc55d529f7274b2caedf7d2c607d14bc50c118"
name = "github.com/decker502/dnspod-go"
packages = ["."]
pruneopts = "NUT"
revision = "f33a2c6040fc2550a631de7b3a53bddccdcd73fb"
revision = "71fbbdbdf1a7eeac949586de15bf96d416d3dd63"
version = "v0.2.0"
[[projects]]
digest = "1:7a6852b35eb5bbc184561443762d225116ae630c26a7c4d90546619f1e7d2ad2"
@@ -465,20 +493,20 @@
version = "v3.2.0"
[[projects]]
branch = "master"
digest = "1:f9adc21a937e5da643ea14a3488cb7506788876737a5e205394e508627a6eec8"
name = "github.com/dimchansky/utfbom"
packages = ["."]
pruneopts = "NUT"
revision = "d2133a1ce379ef6fa992b0514a77146c60db9d1c"
version = "v1.1.0"
[[projects]]
digest = "1:e856fc44ab196970612bdc8c15e65ccf92ed8d4ccb3a2e65b88dc240a2fe5d0b"
digest = "1:d9688055094edd046a71ee85204ea97090ecce6f316b739be3a50f5ca6403ebb"
name = "github.com/dnsimple/dnsimple-go"
packages = ["dnsimple"]
pruneopts = "NUT"
revision = "f5ead9c20763fd925dea1362f2af5d671ed2a459"
version = "v0.21.0"
revision = "7e193cc468a07cdf74d76de1e6736c709c5a3872"
version = "v0.30.0"
[[projects]]
digest = "1:cf7cba074c4d2f8e2a5cc2f10b1f6762c86cff2e39917b9f9a6dbd7df57fe9c9"
@@ -689,12 +717,12 @@
revision = "89ef8af493ab468a45a42bb0d89a06fccdd2fb22"
[[projects]]
digest = "1:6f26e34204ddad638d25456c6443c2763aa38954558226722c253e08e9f491fa"
digest = "1:efcc176c5cfbe8421dd3eb2562be91c3272e80f61b181e31d5745b7fee29a669"
name = "github.com/exoscale/egoscale"
packages = ["."]
pruneopts = "NUT"
revision = "0a91ac8209d6a805f259ff881d0c2654221d0346"
version = "v0.14.3"
revision = "8f608c40ae891e0240bb6e696a72437be7069d83"
version = "v0.18.1"
[[projects]]
digest = "1:b0d5e98ac0f0a509eb320f542e748582d637aae09e74538212e9712d1e71064b"
@@ -734,7 +762,7 @@
revision = "73d445a93680fa1a78ae23a5839bad48f32ba1ee"
[[projects]]
digest = "1:a04af13190b67ff69cf8fcd79ee133a24c4a7a900cacbc296261dd43f3fbde5c"
digest = "1:896402a6d43c4fb1e21512e7473a51e7fd2b03a4e1a420a730a4b712d20e5d6a"
name = "github.com/go-acme/lego"
packages = [
"acme",
@@ -758,6 +786,7 @@
"providers/dns/alidns",
"providers/dns/auroradns",
"providers/dns/azure",
"providers/dns/bindman",
"providers/dns/bluecat",
"providers/dns/cloudflare",
"providers/dns/cloudns",
@@ -776,6 +805,7 @@
"providers/dns/dreamhost",
"providers/dns/duckdns",
"providers/dns/dyn",
"providers/dns/easydns",
"providers/dns/exec",
"providers/dns/exoscale",
"providers/dns/fastdns",
@@ -788,12 +818,14 @@
"providers/dns/httpreq",
"providers/dns/iij",
"providers/dns/inwx",
"providers/dns/joker",
"providers/dns/lightsail",
"providers/dns/linode",
"providers/dns/linodev4",
"providers/dns/mydnsjp",
"providers/dns/namecheap",
"providers/dns/namedotcom",
"providers/dns/namesilo",
"providers/dns/netcup",
"providers/dns/netcup/internal",
"providers/dns/nifcloud",
@@ -812,6 +844,7 @@
"providers/dns/stackpath",
"providers/dns/transip",
"providers/dns/vegadns",
"providers/dns/versio",
"providers/dns/vscale",
"providers/dns/vscale/internal",
"providers/dns/vultr",
@@ -819,8 +852,8 @@
"registration",
]
pruneopts = "NUT"
revision = "aaecc1ca7254190b71c5f01f57ee3bb6701bc937"
version = "v2.4.0"
revision = "295dd66f2aa549685e3d6b95c1813881a7807158"
version = "v2.7.2"
[[projects]]
branch = "fork-containous"
@@ -831,6 +864,14 @@
revision = "ca0bf163426aa183d03fd4949101785c0347f273"
source = "github.com/containous/check"
[[projects]]
digest = "1:ea1d5bfdb4ec5c2ee48c97865e6de1a28fa8c4849a3f56b27d521aa619038e06"
name = "github.com/go-errors/errors"
packages = ["."]
pruneopts = "NUT"
revision = "a6af135bd4e28680facf08a3d206b454abc877a4"
version = "v1.0.1"
[[projects]]
digest = "1:5e92676b56ce4c69edf9ee1f6343c56f637e30af11b9d8b5edd1b6530f3fbc3d"
name = "github.com/go-ini/ini"
@@ -894,14 +935,6 @@
pruneopts = "NUT"
revision = "1d0bd113de87027671077d3c71eb3ac5d7dbba72"
[[projects]]
digest = "1:00f1b1d722a012f54670ecc09ee92557d7314bfd9152a085ce91933c1c14b026"
name = "github.com/go-resty/resty"
packages = ["."]
pruneopts = "NUT"
revision = "d4920dcf5b7689548a6db640278a9b35a5b48ec6"
version = "v1.9.1"
[[projects]]
digest = "1:8cf58169eb0a8c009ed3a4c36486980d602ab4cc4e478130493d6cd0404f889b"
name = "github.com/go-stack/stack"
@@ -910,6 +943,14 @@
revision = "54be5f394ed2c3e19dac9134a40a95ba5a017f7b"
version = "v1.5.4"
[[projects]]
digest = "1:bde9f189072512ba353f3641d4839cb4c9c7edf421e467f2c03f267b402bd16c"
name = "github.com/gofrs/uuid"
packages = ["."]
pruneopts = "NUT"
revision = "6b08a5c5172ba18946672b49749cde22873dd7c2"
version = "v3.2.0"
[[projects]]
digest = "1:b518b9be1fc76244e246afe09113e3dd6246073b444787d30883877b82a0b90d"
name = "github.com/gogo/protobuf"
@@ -931,18 +972,25 @@
revision = "44145f04b68cf362d9c4df2182967c2275eaefed"
[[projects]]
digest = "1:03e14cff610a8a58b774e36bd337fa979482be86aab01be81fb8bbd6d0f07fc8"
digest = "1:1e21a0bbb10d73b781e87a9a123b96f6ebe08d0451e50f1b97c1213b302af46f"
name = "github.com/golang/protobuf"
packages = [
"jsonpb",
"proto",
"protoc-gen-go/descriptor",
"protoc-gen-go/generator",
"protoc-gen-go/generator/internal/remap",
"protoc-gen-go/plugin",
"ptypes",
"ptypes/any",
"ptypes/duration",
"ptypes/struct",
"ptypes/timestamp",
"ptypes/wrappers",
]
pruneopts = "NUT"
revision = "b4deda0973fb4c70b50d226b1af49f3da59f5265"
version = "v1.1.0"
revision = "6c65a5562fc06764971b7c5d05c76c75e84bdbf7"
version = "v1.3.2"
[[projects]]
branch = "master"
@@ -1061,6 +1109,18 @@
pruneopts = "NUT"
revision = "2bcd89a1743fd4b373f7370ce8ddc14dfbd18229"
[[projects]]
digest = "1:3107a6ef51bb9f3bc7cf235af0d92303b39afaa841f02dfc87f1d0a5d05a3fca"
name = "github.com/grpc-ecosystem/grpc-gateway"
packages = [
"internal",
"runtime",
"utilities",
]
pruneopts = "NUT"
revision = "ad529a448ba494a88058f9e5be0988713174ac86"
version = "v1.9.5"
[[projects]]
digest = "1:c3f14b698c0f5c5729896489f4b526f519d1d2522e697d63f532901d0e183dff"
name = "github.com/hashicorp/consul"
@@ -1110,11 +1170,12 @@
revision = "19f2c401e122352c047a84d6584dd51e2fb8fcc4"
[[projects]]
digest = "1:45e66b20393507035c6a7d15bef5ffe8faf5b083621c1284d9824cc052776de5"
digest = "1:dc54242755f5b6721dd880843de6e45fe234838ea9149ec8249951880fd5802f"
name = "github.com/huandu/xstrings"
packages = ["."]
pruneopts = "NUT"
revision = "3959339b333561bf62a38b424fd41517c2c90f40"
revision = "f02667b379e2fb5916c3cda2cf31e0eb885d79f8"
version = "v1.2.0"
[[projects]]
branch = "master"
@@ -1163,11 +1224,11 @@
revision = "8eebe170fa1ba25d3dfb928b3f86a7313b13b9fe"
[[projects]]
digest = "1:ac6d01547ec4f7f673311b4663909269bfb8249952de3279799289467837c3cc"
digest = "1:1f2aebae7e7c856562355ec0198d8ca2fa222fb05e5b1b66632a1fce39631885"
name = "github.com/jmespath/go-jmespath"
packages = ["."]
pruneopts = "NUT"
revision = "0b12d6b5"
revision = "c2b33e84"
[[projects]]
digest = "1:273d270076cfc02c2d481b187203ebb3891825f46fe78b925141a22631c52503"
@@ -1177,12 +1238,12 @@
revision = "72f9bd7c4e0c2a40055ab3d0f09654f730cce982"
[[projects]]
digest = "1:63d8b364f0768ffda64b8e6e15c10535f3431e3c69d051dbb37f467ada02df98"
digest = "1:92f6419f388bd31a433b1388910f15a882c9980e383e89ebf8fb2524583707ac"
name = "github.com/json-iterator/go"
packages = ["."]
pruneopts = "NUT"
revision = "28452fcdec4e44348d2af0d91d1e9e38da3a9e0a"
version = "1.0.5"
revision = "27518f6661eba504be5a7a9a9f6d9460d892ade3"
version = "v1.1.7"
[[projects]]
digest = "1:8b3234b10eacd5edea45bf0c13a585b608749da23f94aaf29b46d9ef8a8babf4"
@@ -1216,6 +1277,25 @@
pruneopts = "NUT"
revision = "b84e30acd515aadc4b783ad4ff83aff3299bdfe0"
[[projects]]
digest = "1:1082aeb059ff66b4fb6da53f9e7591726c6a81901f05ce48a470091784b23914"
name = "github.com/labbsr0x/bindman-dns-webhook"
packages = [
"src/client",
"src/types",
]
pruneopts = "NUT"
revision = "234ca2a50eebc2095f42a884709a6e9013366d86"
version = "v1.0.0"
[[projects]]
branch = "master"
digest = "1:ad2a63b2d6dfe7d66bf14c01f1171a3951abef6e0fb136170359c3f7c4f51615"
name = "github.com/labbsr0x/goh"
packages = ["gohclient"]
pruneopts = "NUT"
revision = "94bcf1cb07b70b26b72ad54b2b050bcd0a66a9c8"
[[projects]]
branch = "master"
digest = "1:5a96e1f04259484b3dd183ca95d1e7bff768b1bab36c530e308a8d56243b50c7"
@@ -1244,12 +1324,12 @@
revision = "1113af38e5916529ad7317b0fe12e273e6e92af5"
[[projects]]
digest = "1:111ff5a09a32895248270bfaef9b8b6ac163a8cde9cdd603fed64b3e4b59e8ab"
digest = "1:7981caf0d67995c0acbd352785f45b177a2d089ed40f2005794c0772d0fbfff9"
name = "github.com/linode/linodego"
packages = ["."]
pruneopts = "NUT"
revision = "d0d31d8ca62fa3f7e4526ca0ce95de81e4ed001e"
version = "v0.5.1"
revision = "7adba57685c129bcd29a9edc7008ec3b05680240"
version = "v0.10.0"
[[projects]]
digest = "1:196b0d7580e898df15a7cc5371cbfe2b8e22904f5c6c883ed5db0130e551c8fb"
@@ -1362,12 +1442,12 @@
revision = "d23ffcb85de31694d6ccaa23ccb4a03e55c1303f"
[[projects]]
branch = "master"
digest = "1:b62c4f18ad6eb454ac5253e7791ded3d7867330015ca4b37b6336e57f514585e"
digest = "1:f9f72e583aaacf1d1ac5d6121abd4afd3c690baa9e14e1d009df26bf831ba347"
name = "github.com/mitchellh/go-homedir"
packages = ["."]
pruneopts = "NUT"
revision = "b8bc1bf767474819792c23f32d8286a45736f1c6"
revision = "af06845cf3004701891bf4fdb884bfe4920b3727"
version = "v1.1.0"
[[projects]]
branch = "master"
@@ -1393,6 +1473,22 @@
pruneopts = "NUT"
revision = "63d60e9d0dbc60cf9164e6510889b0db6683d98c"
[[projects]]
digest = "1:2f42fa12d6911c7b7659738758631bec870b7e9b4c6be5444f963cdcfccc191f"
name = "github.com/modern-go/concurrent"
packages = ["."]
pruneopts = "NUT"
revision = "bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94"
version = "1.0.3"
[[projects]]
digest = "1:c6aca19413b13dc59c220ad7430329e2ec454cc310bc6d8de2c7e2b93c18a0f6"
name = "github.com/modern-go/reflect2"
packages = ["."]
pruneopts = "NUT"
revision = "4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd"
version = "1.0.1"
[[projects]]
digest = "1:7bb97a5f80a2429fa605e176e16cf682cbb5ac681f421a06efb4e3b8efae6e5f"
name = "github.com/mvdan/xurls"
@@ -1424,6 +1520,14 @@
revision = "d8152159450570012552f924a0ae6ab3d8c617e0"
version = "v0.6.0"
[[projects]]
digest = "1:a1e8eda841bca324a6b4d88824d625b3ba8d86bf9ec68677d595c02d7502918b"
name = "github.com/nrdcg/namesilo"
packages = ["."]
pruneopts = "NUT"
revision = "1b10d027904464789f889ee4cd76af15c3bf4943"
version = "v0.2.1"
[[projects]]
branch = "master"
digest = "1:95d27e49401b61dd203a4cf8237037bd6cd49599651f855ac1988c4ae27b090e"
@@ -1480,8 +1584,8 @@
version = "v1.0.2"
[[projects]]
digest = "1:07c44a0ce6012eafd2f05b715d30852d576aeda7798b8760a2ff51b1e90eb753"
name = "github.com/openzipkin/zipkin-go-opentracing"
digest = "1:0f4793617dc898d3ee99fe1abab076d3976a9d17d14f8327af2dc3f1ec0fd92c"
name = "github.com/openzipkin-contrib/zipkin-go-opentracing"
packages = [
".",
"flag",
@@ -1491,18 +1595,19 @@
"wire",
]
pruneopts = "NUT"
revision = "1f5c07e90700ae93ddcba0c7af7d9c7201646ccc"
revision = "f0f479ad013a498e4cbfb369414e5d3880903779"
version = "v0.3.5"
[[projects]]
digest = "1:8a5a270130e940b167027e8c9a07c20d01410bd6053160432351139ddc2cb501"
digest = "1:3b8fccf07d5825ca15ec7c14855ea3ff9cb62f565d8b0e1c97e0b37a0bee30b0"
name = "github.com/oracle/oci-go-sdk"
packages = [
"common",
"dns",
]
pruneopts = "NUT"
revision = "5295b14d42d1417490d318ff91475c5868e0fd8f"
version = "v4.1.0"
revision = "bf9cc5e4c798e1e0b0749ce89c861cb13f37862d"
version = "v5.15.0"
[[projects]]
branch = "master"
@@ -1645,17 +1750,18 @@
revision = "256dc444b735e061061cf46c809487313d5b0065"
[[projects]]
branch = "master"
digest = "1:fff470b0a7bbf05cfe8bfc73bfdf4d21eb009ea84e601f3d27781474e5da960f"
digest = "1:09ba8f72048eacb4b5545d81392e594f4e5622cd670e517847c47b5a194bb31c"
name = "github.com/sacloud/libsacloud"
packages = [
".",
"api",
"sacloud",
"sacloud/ostype",
"utils/mutexkv",
]
pruneopts = "NUT"
revision = "306ea89b6ef19334614f7b0fc5aa19595022bb8c"
revision = "5294ac87ea76a7dffd4fb6b088f3a6ce6c4f91b9"
version = "v1.26.1"
[[projects]]
digest = "1:142520cf3c9bb85449dd0000f820b8c604531587ee654793c54909be7dabadac"
@@ -1664,14 +1770,6 @@
pruneopts = "NUT"
revision = "1d7be4effb13d2d908342d349d71a284a7542693"
[[projects]]
digest = "1:6bc0652ea6e39e22ccd522458b8bdd8665bf23bdc5a20eec90056e4dc7e273ca"
name = "github.com/satori/go.uuid"
packages = ["."]
pruneopts = "NUT"
revision = "f58768cc1a7a7e77a3bd49e98cdd21419399b6a3"
version = "v1.2.0"
[[projects]]
digest = "1:01252cd79aac70f16cac02a72a1067dd136e0ad6d5b597d0129cf74c739fd8d1"
name = "github.com/sirupsen/logrus"
@@ -1716,13 +1814,11 @@
revision = "c4434f09ec131ecf30f986d5dcb1636508bfa49a"
[[projects]]
branch = "containous-fork"
digest = "1:84b9a5318d8ce3b8a9b1509bf15734f4f9dcd4decf9d9e9c7346a16c7b64d49e"
name = "github.com/thoas/stats"
packages = ["."]
pruneopts = "NUT"
revision = "4975baf6a358ed3ddaa42133996e1959f96c9300"
source = "github.com/containous/stats"
[[projects]]
branch = "master"
@@ -1744,8 +1840,7 @@
version = "1.0.2"
[[projects]]
branch = "master"
digest = "1:21ef4b12d6b6c6dfe389caa82f859d1e35eeb24ce61c60d09db57addb6a95781"
digest = "1:4da573eeacb95c9452ae7ddc14b06148a99b29bf98522abb221ef9799426187c"
name = "github.com/transip/gotransip"
packages = [
".",
@@ -1753,7 +1848,8 @@
"util",
]
pruneopts = "NUT"
revision = "c6e2ce0bbb4a601a909e3b7a773358d6b503e663"
revision = "efb64632cab7701ec33f1eaeaa738e2207efe68e"
version = "v5.14"
[[projects]]
digest = "1:9b2996458a2f7d1f3e0ebf08152acfe8c1106f3fe855d08121c5ee7d801a063f"
@@ -1836,7 +1932,7 @@
[[projects]]
branch = "master"
digest = "1:c878a802780168c80738d74607d14e7cb8765706990ae1260a3fd271c2c3b133"
digest = "1:86f14aadf288fe3ad8ac060bcb2b5083cec3829dd883803486ec834d031060c9"
name = "github.com/vulcand/oxy"
packages = [
"buffer",
@@ -1849,7 +1945,7 @@
"utils",
]
pruneopts = "NUT"
revision = "c34b0c501e43223bc816ac9b40b0ac29c44c8952"
revision = "0d102f45103cf49a95b5c6e810e092973cbcb68c"
[[projects]]
digest = "1:ca6bac407fedc14fbeeba861dd33a821ba3a1624c10126ec6003b0a28d4139c5"
@@ -1859,6 +1955,14 @@
revision = "939c094524d124c55fa8afe0e077701db4a865e2"
version = "v1.0.0"
[[projects]]
digest = "1:b1d2c51a689eef501cb5726f8d9997c0ca4415cbfa7105fe6e64b1844eddf1fb"
name = "github.com/vultr/govultr"
packages = ["."]
pruneopts = "NUT"
revision = "ca447e056e08d93aa6e5b09e6ae3565dd1825281"
version = "v0.1.4"
[[projects]]
branch = "master"
digest = "1:669d39abbe79469bb50e32a26541026fd91326ac0ca56a9ad83be5b9887e5a8c"
@@ -1882,6 +1986,44 @@
pruneopts = "NUT"
revision = "0c8571ac0ce161a5feb57375a9cdf148c98c0f70"
[[projects]]
digest = "1:a6f0a3485a3edbe3d66a5036d5dd8be1da89b8e077d98bf8a95ccfdad854d6cf"
name = "go.opencensus.io"
packages = [
".",
"internal",
"internal/tagencoding",
"metric/metricdata",
"metric/metricproducer",
"plugin/ocgrpc",
"plugin/ochttp",
"plugin/ochttp/propagation/b3",
"plugin/ochttp/propagation/tracecontext",
"resource",
"stats",
"stats/internal",
"stats/view",
"tag",
"trace",
"trace/internal",
"trace/propagation",
"trace/tracestate",
]
pruneopts = "NUT"
revision = "df6e2001952312404b06f5f6f03fcb4aec1648e5"
version = "v0.21.0"
[[projects]]
branch = "master"
digest = "1:02fe59517e10f9b400b500af8ac228c74cecb0cba7a5f438d8283edb97e14270"
name = "go.uber.org/ratelimit"
packages = [
".",
"internal/clock",
]
pruneopts = "NUT"
revision = "c15da02342779cb6dc027fc95ee2277787698f36"
[[projects]]
branch = "master"
digest = "1:30c1930f8c9fee79f3af60c8b7cd92edd12a4f22187f5527d53509b1a794f555"
@@ -1942,6 +2084,14 @@
pruneopts = "NUT"
revision = "ec22f46f877b4505e0117eeaab541714644fdd28"
[[projects]]
branch = "master"
digest = "1:382bb5a7fb4034db3b6a2d19e5a4a6bcf52f4750530603c01ca18a172fa3089b"
name = "golang.org/x/sync"
packages = ["semaphore"]
pruneopts = "NUT"
revision = "112230192c580c3556b8cee6403af37a4fc5f28c"
[[projects]]
branch = "master"
digest = "1:4e67fdd7a13cbdb3c0dff0a7505abbdf4f42b12b27da350d66bffdc700db2899"
@@ -1986,16 +2136,22 @@
[[projects]]
branch = "master"
digest = "1:da32ebe70dd3ec97d2df26281b08b18d05c2f12491ae79f389813f6c8d3006b3"
digest = "1:87f5f837cf3bee0aedbb43d1eeec6dd7d741a1e382d2f3b488fe8fa6c3486cbc"
name = "google.golang.org/api"
packages = [
"dns/v1",
"gensupport",
"googleapi",
"googleapi/internal/uritemplates",
"googleapi/transport",
"internal",
"option",
"support/bundler",
"transport/http",
"transport/http/internal/propagation",
]
pruneopts = "NUT"
revision = "de943baf05a022a8f921b544b7827bacaba1aed5"
revision = "bbbc0e98e3cc6ddcebca23f9ac35acda33bd5b38"
[[projects]]
digest = "1:7206d98ec77c90c72ec2c405181a1dcf86965803b6dbc4f98ceab7a5047c37a9"
@@ -2016,9 +2172,13 @@
revision = "4f7eeb5305a4ba1966344836ba4af9996b7b4e05"
[[projects]]
digest = "1:93180612a69db36a06d801302b867d53a50a8a5f0943b34db66adc0574ea57df"
digest = "1:a9d09c09842a02162edf759a35329c180e8ce82c2c6ae455a3c56d67b549be5b"
name = "google.golang.org/genproto"
packages = ["googleapis/rpc/status"]
packages = [
"googleapis/api/httpbody",
"googleapis/rpc/status",
"protobuf/field_mask",
]
pruneopts = "NUT"
revision = "09f6ed296fc66555a25fe4ce95173148778dfa85"
@@ -2057,7 +2217,7 @@
version = "v1.12.0"
[[projects]]
digest = "1:b886012746f19e2a7c6c3901ea9f86e8a5e32ff2b4407086f4f3181269976957"
digest = "1:2d9005f36a1bd4f00c3fd501f87cd82909aa69b5fe15aee28636cced39c9ecfe"
name = "gopkg.in/DataDog/dd-trace-go.v1"
packages = [
"ddtrace",
@@ -2065,10 +2225,11 @@
"ddtrace/internal",
"ddtrace/opentracer",
"ddtrace/tracer",
"internal/globalconfig",
]
pruneopts = "NUT"
revision = "7fb2bce4b1ed6ab61f7a9e1be30dea56de19db7c"
version = "v1.8.0"
revision = "eed4d38387cb9c74f7a29cb3eb9b06155a09d259"
version = "v1.13.0"
[[projects]]
digest = "1:c970218a20933dd0a2eb2006de922217fa9276f57d25009b2a934eb1c50031cc"
@@ -2111,7 +2272,15 @@
revision = "a5bcac82d3f637d3928d30476610891935b2d691"
[[projects]]
digest = "1:85a9c61c8d566fbbb108da8714893e6fc892fdb7a2910612a27f551ce30a0dd3"
digest = "1:0942599d1f614d9ca4dfe052db1f60d4547b1b581206006be352f629a8b37d8d"
name = "gopkg.in/resty.v1"
packages = ["."]
pruneopts = "NUT"
revision = "fa5875c0caa5c260ab78acec5a244215a730247f"
version = "v1.12.0"
[[projects]]
digest = "1:a56dc1133e9c449d41d22ffabd6c2343cd25ab31c9cad0e74a144006810d1544"
name = "gopkg.in/square/go-jose.v2"
packages = [
".",
@@ -2119,8 +2288,8 @@
"json",
]
pruneopts = "NUT"
revision = "6ee92191fea850cdcab9a18867abf5f521cdbadb"
version = "v2.1.4"
revision = "730df5f748271903322feb182be83b43ebbbe27d"
version = "v2.3.1"
[[projects]]
digest = "1:302ad18387350c3d9792da66de666f76d2ca8c62c47dd6b9434269c7cfa18971"
@@ -2408,6 +2577,7 @@
"github.com/go-kit/kit/metrics/statsd",
"github.com/golang/protobuf/proto",
"github.com/google/go-github/github",
"github.com/google/uuid",
"github.com/gorilla/websocket",
"github.com/hashicorp/consul/api",
"github.com/hashicorp/go-version",
@@ -2433,7 +2603,7 @@
"github.com/opentracing/opentracing-go",
"github.com/opentracing/opentracing-go/ext",
"github.com/opentracing/opentracing-go/log",
"github.com/openzipkin/zipkin-go-opentracing",
"github.com/openzipkin-contrib/zipkin-go-opentracing",
"github.com/patrickmn/go-cache",
"github.com/pkg/errors",
"github.com/prometheus/client_golang/prometheus",
@@ -2442,7 +2612,6 @@
"github.com/rancher/go-rancher-metadata/metadata",
"github.com/rancher/go-rancher/v2",
"github.com/ryanuber/go-glob",
"github.com/satori/go.uuid",
"github.com/sirupsen/logrus",
"github.com/stretchr/testify/assert",
"github.com/stretchr/testify/mock",
@@ -2478,11 +2647,13 @@
"k8s.io/apimachinery/pkg/api/errors",
"k8s.io/apimachinery/pkg/apis/meta/v1",
"k8s.io/apimachinery/pkg/labels",
"k8s.io/apimachinery/pkg/runtime",
"k8s.io/apimachinery/pkg/runtime/schema",
"k8s.io/apimachinery/pkg/types",
"k8s.io/apimachinery/pkg/util/intstr",
"k8s.io/client-go/informers",
"k8s.io/client-go/kubernetes",
"k8s.io/client-go/kubernetes/scheme",
"k8s.io/client-go/rest",
"k8s.io/client-go/tools/cache",
]

20
Gopkg.toml
View File

@@ -36,6 +36,10 @@
branch = "master"
name = "github.com/BurntSushi/ty"
[[constraint]]
name = "github.com/Masterminds/sprig"
version = "2.19.0"
[[constraint]]
branch = "master"
name = "github.com/NYTimes/gziphandler"
@@ -146,10 +150,6 @@
branch = "master"
name = "github.com/ryanuber/go-glob"
[[constraint]]
name = "github.com/satori/go.uuid"
version = "1.1.0"
[[constraint]]
branch = "master"
name = "github.com/stvp/go-udp-testing"
@@ -180,7 +180,11 @@
[[constraint]]
name = "github.com/go-acme/lego"
version = "2.4.0"
version = "2.7.2"
[[constraint]]
name = "github.com/golang/protobuf"
version = "v1.3.0"
[[constraint]]
name = "google.golang.org/grpc"
@@ -255,4 +259,8 @@
[[constraint]]
name = "gopkg.in/DataDog/dd-trace-go.v1"
version = "1.7.0"
version = "1.13.0"
[[constraint]]
name = "github.com/google/uuid"
version = "0.2.0"

2
Makefile
View File

@@ -76,7 +76,7 @@ test-integration: build ## run the integration tests
TEST_HOST=1 ./script/make.sh test-integration
validate: build ## validate code, vendor and autogen
$(DOCKER_RUN_TRAEFIK) ./script/make.sh validate-gofmt validate-govet validate-golint validate-misspell validate-vendor validate-autogen
$(DOCKER_RUN_TRAEFIK) ./script/make.sh validate-gofmt validate-golint validate-misspell validate-vendor validate-autogen
build: dist
docker build $(DOCKER_BUILD_ARGS) -t "$(TRAEFIK_DEV_IMAGE)" -f build.Dockerfile .

6
acme/acme.go
View File

@@ -751,12 +751,6 @@ func (a *ACME) getValidDomains(domains []string, wildcardAllowed bool) ([]string
return nil, fmt.Errorf("unable to generate a wildcard certificate for domain %q : ACME does not allow '*.*' wildcard domain", strings.Join(domains, ","))
}
}
for _, san := range domains[1:] {
if strings.HasPrefix(san, "*") {
return nil, fmt.Errorf("unable to generate a certificate for domains %q: SANs can not be a wildcard domain", strings.Join(domains, ","))
}
}
domains = fun.Map(types.CanonicalDomain, domains).([]string)
return domains, nil

6
acme/acme_test.go
View File

@@ -419,12 +419,12 @@ func TestAcme_getValidDomain(t *testing.T) {
expectedDomains: []string{"*.traefik.wtf", "traefik.wtf"},
},
{
desc: "unexpected SANs",
desc: "wildcard SANs",
domains: []string{"*.traefik.wtf", "*.acme.wtf"},
dnsChallenge: &acmeprovider.DNSChallenge{},
wildcardAllowed: true,
expectedErr: "unable to generate a certificate for domains \"*.traefik.wtf,*.acme.wtf\": SANs can not be a wildcard domain",
expectedDomains: nil,
expectedErr: "",
expectedDomains: []string{"*.traefik.wtf", "*.acme.wtf"},
},
}
for _, test := range testCases {

2
autogen/gentemplates/gen.go
View File

@@ -1316,7 +1316,7 @@ var _templatesKubernetesTmpl = []byte(`[backends]
{{if $backend.ResponseForwarding }}
[backends."{{ $backendName }}".responseForwarding]
flushInterval = "{{ $backend.responseForwarding.FlushInterval }}"
flushInterval = "{{ $backend.ResponseForwarding.FlushInterval }}"
{{end}}
[backends."{{ $backendName }}".loadBalancer]

12
build.Dockerfile
View File

@@ -1,15 +1,15 @@
FROM golang:1.11-alpine
FROM golang:1.12-alpine
RUN apk --update upgrade \
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar \
&& rm -rf /var/cache/apk/*
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \
&& update-ca-certificates \
&& rm -rf /var/cache/apk/*
RUN go get golang.org/x/lint/golint \
&& go get github.com/kisielk/errcheck \
&& go get github.com/client9/misspell/cmd/misspell
# Which docker version to test on
ARG DOCKER_VERSION=17.03.2
ARG DOCKER_VERSION=18.09.7
ARG DEP_VERSION=0.5.1
# Download go-bindata binary to bin folder in $GOPATH
@@ -24,7 +24,7 @@ RUN mkdir -p /usr/local/bin \
# Download docker
RUN mkdir -p /usr/local/bin \
&& curl -fL https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}-ce.tgz \
&& curl -fL https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz \
| tar -xzC /usr/local/bin --transform 's#^.+/##x'
WORKDIR /go/src/github.com/containous/traefik

4
cluster/datastore.go
View File

@@ -13,7 +13,7 @@ import (
"github.com/containous/traefik/job"
"github.com/containous/traefik/log"
"github.com/containous/traefik/safe"
uuid "github.com/satori/go.uuid"
"github.com/google/uuid"
)
// Metadata stores Object plus metadata
@@ -125,7 +125,7 @@ func (d *Datastore) reload() error {
// Begin creates a transaction with the KV store.
func (d *Datastore) Begin() (Transaction, Object, error) {
id := uuid.NewV4().String()
id := uuid.New().String()
log.Debugf("Transaction %s begins", id)
remoteLock, err := d.kv.NewLock(d.lockKey, &store.LockOptions{TTL: 20 * time.Second, Value: []byte(id)})
if err != nil {

1
cmd/configuration.go
View File

@@ -111,6 +111,7 @@ func NewTraefikDefaultPointersConfiguration() *TraefikConfiguration {
defaultConsulCatalog.Prefix = "traefik"
defaultConsulCatalog.FrontEndRule = "Host:{{.ServiceName}}.{{.Domain}}"
defaultConsulCatalog.Stale = false
defaultConsulCatalog.StrictChecks = true
// default Etcd
var defaultEtcd etcd.Provider

10
docs/configuration/acme.md
View File

@@ -279,9 +279,10 @@ For example, `CF_API_EMAIL_FILE=/run/secrets/traefik_cf-api-email` could be used
| Provider Name | Provider Code | Environment Variables | Wildcard & Root Domain Support |
|-------------------------------------------------------------|----------------|---------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------|
| [ACME DNS](https://github.com/joohoi/acme-dns) | `acme-dns` | `ACME_DNS_API_BASE`, `ACME_DNS_STORAGE_PATH` | Not tested yet |
| [Alibaba Cloud](https://www.vultr.com) | `alidns` | `ALICLOUD_ACCESS_KEY`, `ALICLOUD_SECRET_KEY`, `ALICLOUD_REGION_ID` | Not tested yet |
| [Alibaba Cloud](https://www.alibabacloud.com) | `alidns` | `ALICLOUD_ACCESS_KEY`, `ALICLOUD_SECRET_KEY`, `ALICLOUD_REGION_ID` | Not tested yet |
| [Auroradns](https://www.pcextreme.com/aurora/dns) | `auroradns` | `AURORA_USER_ID`, `AURORA_KEY`, `AURORA_ENDPOINT` | Not tested yet |
| [Azure](https://azure.microsoft.com/services/dns/) | `azure` | `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, `AZURE_SUBSCRIPTION_ID`, `AZURE_TENANT_ID`, `AZURE_RESOURCE_GROUP`, `[AZURE_METADATA_ENDPOINT]` | Not tested yet |
| [Bindman](https://github.com/labbsr0x/bindman-dns-webhook) | `bindman` | `BINDMAN_MANAGER_ADDRESS` | YES |
| [Blue Cat](https://www.bluecatnetworks.com/) | `bluecat` | `BLUECAT_SERVER_URL`, `BLUECAT_USER_NAME`, `BLUECAT_PASSWORD`, `BLUECAT_CONFIG_NAME`, `BLUECAT_DNS_VIEW` | Not tested yet |
| [ClouDNS](https://www.cloudns.net/) | `cloudns` | `CLOUDNS_AUTH_ID`, `CLOUDNS_AUTH_PASSWORD` | YES |
| [Cloudflare](https://www.cloudflare.com) | `cloudflare` | `CF_API_EMAIL`, `CF_API_KEY` - The `Global API Key` needs to be used, not the `Origin CA Key` | YES |
@@ -295,6 +296,7 @@ For example, `CF_API_EMAIL_FILE=/run/secrets/traefik_cf-api-email` could be used
| [DreamHost](https://www.dreamhost.com/) | `dreamhost` | `DREAMHOST_API_KEY` | YES |
| [Duck DNS](https://www.duckdns.org/) | `duckdns` | `DUCKDNS_TOKEN` | YES |
| [Dyn](https://dyn.com) | `dyn` | `DYN_CUSTOMER_NAME`, `DYN_USER_NAME`, `DYN_PASSWORD` | Not tested yet |
| [EasyDNS](https://easydns.com/) | `easydns` | `EASYDNS_TOKEN`, `EASYDNS_KEY` | YES |
| External Program | `exec` | `EXEC_PATH` | YES |
| [Exoscale](https://www.exoscale.com) | `exoscale` | `EXOSCALE_API_KEY`, `EXOSCALE_API_SECRET`, `EXOSCALE_ENDPOINT` | YES |
| [Fast DNS](https://www.akamai.com/) | `fastdns` | `AKAMAI_CLIENT_TOKEN`, `AKAMAI_CLIENT_SECRET`, `AKAMAI_ACCESS_TOKEN` | YES |
@@ -303,16 +305,18 @@ For example, `CF_API_EMAIL_FILE=/run/secrets/traefik_cf-api-email` could be used
| [Glesys](https://glesys.com/) | `glesys` | `GLESYS_API_USER`, `GLESYS_API_KEY`, `GLESYS_DOMAIN` | Not tested yet |
| [GoDaddy](https://godaddy.com/domains) | `godaddy` | `GODADDY_API_KEY`, `GODADDY_API_SECRET` | Not tested yet |
| [Google Cloud DNS](https://cloud.google.com/dns/docs/) | `gcloud` | `GCE_PROJECT`, Application Default Credentials (2) (3), [`GCE_SERVICE_ACCOUNT_FILE`] | YES |
| [hosting.de](https://www.hosting.de) | `hostingde` | `HOSTINGDE_API_KEY`, `HOSTINGDE_ZONE_NAME` | Not tested yet |
| [hosting.de](https://www.hosting.de) | `hostingde` | `HOSTINGDE_API_KEY`, `HOSTINGDE_ZONE_NAME` | YES |
| HTTP request | `httpreq` | `HTTPREQ_ENDPOINT`, `HTTPREQ_MODE`, `HTTPREQ_USERNAME`, `HTTPREQ_PASSWORD` (1) | YES |
| [IIJ](https://www.iij.ad.jp/) | `iij` | `IIJ_API_ACCESS_KEY`, `IIJ_API_SECRET_KEY`, `IIJ_DO_SERVICE_CODE` | Not tested yet |
| [INWX](https://www.inwx.de/en) | `inwx` | `INWX_USERNAME`, `INWX_PASSWORD` | YES |
| [Joker.com](https://joker.com) | `joker` | `JOKER_API_KEY` or `JOKER_USERNAME`, `JOKER_PASSWORD` | YES |
| [Lightsail](https://aws.amazon.com/lightsail/) | `lightsail` | `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `DNS_ZONE` | Not tested yet |
| [Linode](https://www.linode.com) | `linode` | `LINODE_API_KEY` | Not tested yet |
| [Linode v4](https://www.linode.com) | `linodev4` | `LINODE_TOKEN` | Not tested yet |
| manual | - | none, but you need to run Traefik interactively, turn on `acmeLogging` to see instructions and press <kbd>Enter</kbd>. | YES |
| [MyDNS.jp](https://www.mydns.jp/) | `mydnsjp` | `MYDNSJP_MASTER_ID`, `MYDNSJP_PASSWORD` | YES |
| [Namecheap](https://www.namecheap.com) | `namecheap` | `NAMECHEAP_API_USER`, `NAMECHEAP_API_KEY` | YES |
| [Namesilo](https://www.namesilo.com/) | `namesilo` | `NAMESILO_API_KEY` | YES |
| [name.com](https://www.name.com/) | `namedotcom` | `NAMECOM_USERNAME`, `NAMECOM_API_TOKEN`, `NAMECOM_SERVER` | Not tested yet |
| [Netcup](https://www.netcup.eu/) | `netcup` | `NETCUP_CUSTOMER_NUMBER`, `NETCUP_API_KEY`, `NETCUP_API_PASSWORD` | Not tested yet |
| [NIFCloud](https://cloud.nifty.com/service/dns.htm) | `nifcloud` | `NIFCLOUD_ACCESS_KEY_ID`, `NIFCLOUD_SECRET_ACCESS_KEY` | Not tested yet |
@@ -330,6 +334,7 @@ For example, `CF_API_EMAIL_FILE=/run/secrets/traefik_cf-api-email` could be used
| [Stackpath](https://www.stackpath.com/) | `stackpath` | `STACKPATH_CLIENT_ID`, `STACKPATH_CLIENT_SECRET`, `STACKPATH_STACK_ID` | Not tested yet |
| [TransIP](https://www.transip.nl/) | `transip` | `TRANSIP_ACCOUNT_NAME`, `TRANSIP_PRIVATE_KEY_PATH` | YES |
| [VegaDNS](https://github.com/shupp/VegaDNS-API) | `vegadns` | `SECRET_VEGADNS_KEY`, `SECRET_VEGADNS_SECRET`, `VEGADNS_URL` | Not tested yet |
| [Versio](https://www.versio.nl/domeinnamen) | `versio` | `VERSIO_USERNAME`, `VERSIO_PASSWORD` | YES |
| [Vscale](https://vscale.io/) | `vscale` | `VSCALE_API_TOKEN` | YES |
| [VULTR](https://www.vultr.com) | `vultr` | `VULTR_API_KEY` | Not tested yet |
| [Zone.ee](https://www.zone.ee) | `zoneee` | `ZONEEE_API_USER`, `ZONEEE_API_KEY` | YES |
@@ -394,7 +399,6 @@ As described in [Let's Encrypt's post](https://community.letsencrypt.org/t/stagi
```
It is not possible to request a double wildcard certificate for a domain (for example `*.*.local.com`).
Due to ACME limitation it is not possible to define wildcards in SANs (alternative domains). Thus, the wildcard domain has to be defined as a main domain.
Most likely the root domain should receive a certificate too, so it needs to be specified as SAN and 2 `DNS-01` challenges are executed.
In this case the generated DNS TXT record for both domains is the same.
Even though this behaviour is [DNS RFC](https://community.letsencrypt.org/t/wildcard-issuance-two-txt-records-for-the-same-name/54528/2) compliant, it can lead to problems as all DNS providers keep DNS records cached for a certain time (TTL) and this TTL can be superior to the challenge timeout making the `DNS-01` challenge fail.

9
docs/configuration/api.md
View File

@@ -35,7 +35,7 @@
For more customization, see [entry points](/configuration/entrypoints/) documentation and the examples below.
## Web UI
## Dashboard (Web UI)
![Web UI Providers](/img/web.frontend.png)
@@ -322,9 +322,12 @@ curl -s "http://localhost:8080/health" | jq .
}
```
## Metrics
## Dashboard Statistics
You can enable Traefik to export internal metrics to different monitoring systems.
You can control how the Traefik's internal metrics are shown in the Dashboard.
If you want to export internal metrics to different monitoring systems,
please check the page [Metrics](./metrics.md).
```toml
[api]

9
docs/configuration/backends/consulcatalog.md
View File

@@ -37,6 +37,15 @@ stale = false
#
domain = "consul.localhost"
# Keep a Consul node only if all checks status are passing
# If true, only the Consul nodes with checks status 'passing' will be kept.
# if false, only the Consul nodes with checks status 'passing' or 'warning' will be kept.
#
# Optional
# Default: true
#
strictChecks = true
# Prefix for Consul catalog tags.
#
# Optional

14
docs/configuration/backends/docker.md
View File

@@ -257,6 +257,20 @@ services:
traefik.docker.network: traefik
```
Required labels:
- `traefik.frontend.rule`
- `traefik.port` - Without this the debug logs will show this service is deliberately filtered out.
- `traefik.docker.network` - Without this a 504 may occur.
#### Troubleshooting
If service doesn't show up in the dashboard, check the debug logs to see if the port is missing:
`Filtering container without port, <SERVICE_NAME>: port label is missing, ...')`
If `504 Gateway Timeout` occurs and there are networks used, ensure that `traefik.docker.network` is defined.
The complete name is required, meaning if the network is internal the name needs to be `<project_name>_<network_name>`.
### Using Docker Compose
If you are intending to use only Docker Compose commands (e.g. `docker-compose up --scale whoami=2 -d`), labels should be under your service, otherwise they will be ignored.

5
docs/configuration/backends/rancher.md
View File

@@ -2,6 +2,11 @@
Traefik can be configured to use Rancher as a provider.
!!! important
This provider is specific to Rancher 1.x.
Rancher 2.x requires Kubernetes and does not have a metadata endpoint of its own for Traefik to query.
As such, Rancher 2.x users should utilize the [Kubernetes provider](./kubernetes.md) directly.
## Global Configuration
```toml

2
docs/configuration/backends/servicefabric.md
View File

@@ -69,6 +69,8 @@ Here is an example of an extension setting Traefik labels:
</StatelessServiceType>
```
> **Note**: The `Label` tag and its `Key` attribute are case sensitive. That is, if you use `label` instead of `Label` or `key` instead of `Key`, they will be silently ignored.
#### Property Manager
Set Labels with the property manager API to overwrite and add labels, while your service is running.

4
docs/configuration/commons.md
View File

@@ -249,8 +249,8 @@ Multiple sets of rates can be added to each frontend, but the time periods must
```
In the above example, frontend1 is configured to limit requests by the client's ip address.
An average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.
These can "burst" up to 10 and 200 in each period respectively.
An average of 100 requests every 10 seconds is allowed and an average of 5 requests every 3 seconds.
These can "burst" up to 200 and 10 in each period respectively.
Valid values for `extractorfunc` are:
* `client.ip`

6
docs/configuration/entrypoints.md
View File

@@ -235,8 +235,10 @@ If you need to add or remove TLS certificates while Traefik is started, Dynamic
## TLS Mutual Authentication
TLS Mutual Authentication can be `optional` or not.
If it's `optional`, Traefik will authorize connection with certificates not signed by a specified Certificate Authority (CA).
Otherwise, Traefik will only accept clients that present a certificate signed by a specified Certificate Authority (CA).
* If `optional = true`, if a certificate is provided, verifies if it is signed by a specified Certificate Authority (CA). Otherwise proceeds without any certificate.
* If `optional = false`, Traefik will only accept clients that present a certificate signed by a specified Certificate Authority (CA).
`ClientCAFiles` can be configured with multiple `CA:s` in the same file or use multiple files containing one or several `CA:s`.
The `CA:s` has to be in PEM format.

118
docs/configuration/logs.md
View File

@@ -39,7 +39,7 @@ logLevel = "INFO"
For more information about the CLI, see the documentation about [Traefik command](/basics/#traefik).
```shell
```bash
--logLevel="DEBUG"
--traefikLog.filePath="/path/to/traefik.log"
--traefikLog.format="json"
@@ -54,7 +54,6 @@ For more information about the CLI, see the documentation about [Traefik command
--accessLog.fields.headers.names="User-Agent=redact Authorization=drop Content-Type=keep"
```
## Traefik Logs
By default the Traefik log is written to stdout in text format.
@@ -66,7 +65,7 @@ To write the logs into a log file specify the `filePath`:
filePath = "/path/to/traefik.log"
```
To write JSON format logs, specify `json` as the format:
To switch to JSON format instead of standard format (`common`), specify `json` as the format:
```toml
[traefikLog]
@@ -74,7 +73,6 @@ To write JSON format logs, specify `json` as the format:
format = "json"
```
Deprecated way (before 1.4):
!!! danger "DEPRECATED"
@@ -105,11 +103,10 @@ To customize the log level:
logLevel = "ERROR"
```
## Access Logs
Access logs are written when `[accessLog]` is defined.
By default it will write to stdout and produce logs in the textual Common Log Format (CLF), extended with additional fields.
By default it will write to stdout and produce logs in the textual [Common Log Format (CLF)](#clf-common-log-format), extended with additional fields.
To enable access logs using the default settings just add the `[accessLog]` entry:
@@ -124,12 +121,12 @@ To write the logs into a log file specify the `filePath`:
filePath = "/path/to/access.log"
```
To write JSON format logs, specify `json` as the format:
To switch to JSON format instead of [Common Log Format (CLF)](#clf-common-log-format), specify `json` as the format:
```toml
[accessLog]
filePath = "/path/to/access.log"
format = "json"
format = "json" # Default: "common"
```
To write the logs in async, specify `bufferingSize` as the format (must be >0):
@@ -152,7 +149,7 @@ To filter logs you can specify a set of filters which are logically "OR-connecte
```toml
[accessLog]
filePath = "/path/to/access.log"
format = "json"
format = "json" # Default: "common"
[accessLog.filters]
@@ -178,12 +175,12 @@ format = "json"
minDuration = "10ms"
```
To customize logs format:
To customize logs format, you must switch to the JSON format:
```toml
[accessLog]
filePath = "/path/to/access.log"
format = "json"
format = "json" # Default: "common"
[accessLog.filters]
@@ -227,41 +224,40 @@ format = "json"
# ...
```
### List of all available fields
```ini
StartUTC
StartLocal
Duration
FrontendName
BackendName
BackendURL
BackendAddr
ClientAddr
ClientHost
ClientPort
ClientUsername
RequestAddr
RequestHost
RequestPort
RequestMethod
RequestPath
RequestProtocol
RequestLine
RequestContentSize
OriginDuration
OriginContentSize
OriginStatus
OriginStatusLine
DownstreamStatus
DownstreamStatusLine
DownstreamContentSize
RequestCount
GzipRatio
Overhead
RetryAttempts
```
| Field | Description |
|-------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `StartUTC` | The time at which request processing started. |
| `StartLocal` | The local time at which request processing started. |
| `Duration` | The total time taken by processing the response, including the origin server's time but not the log writing time. |
| `FrontendName` | The name of the Traefik frontend. |
| `BackendName` | The name of the Traefik backend. |
| `BackendURL` | The URL of the Traefik backend. |
| `BackendAddr` | The IP:port of the Traefik backend (extracted from `BackendURL`) |
| `ClientAddr` | The remote address in its original form (usually IP:port). |
| `ClientHost` | The remote IP address from which the client request was received. |
| `ClientPort` | The remote TCP port from which the client request was received. |
| `ClientUsername` | The username provided in the URL, if present. |
| `RequestAddr` | The HTTP Host header (usually IP:port). This is treated as not a header by the Go API. |
| `RequestHost` | The HTTP Host server name (not including port). |
| `RequestPort` | The TCP port from the HTTP Host. |
| `RequestMethod` | The HTTP method. |
| `RequestPath` | The HTTP request URI, not including the scheme, host or port. |
| `RequestProtocol` | The version of HTTP requested. |
| `RequestLine` | `RequestMethod` + `RequestPath` + `RequestProtocol` |
| `RequestContentSize` | The number of bytes in the request entity (a.k.a. body) sent by the client. |
| `OriginDuration` | The time taken by the origin server ('upstream') to return its response. |
| `OriginContentSize` | The content length specified by the origin server, or 0 if unspecified. |
| `OriginStatus` | The HTTP status code returned by the origin server. If the request was handled by this Traefik instance (e.g. with a redirect), then this value will be absent. |
| `OriginStatusLine` | `OriginStatus` + Status code explanation |
| `DownstreamStatus` | The HTTP status code returned to the client. |
| `DownstreamStatusLine` | `DownstreamStatus` + Status code explanation |
| `DownstreamContentSize` | The number of bytes in the response entity returned to the client. This is in addition to the "Content-Length" header, which may be present in the origin response. |
| `RequestCount` | The number of requests received since the Traefik instance started. |
| `GzipRatio` | The response body compression ratio achieved. |
| `Overhead` | The processing time overhead caused by Traefik. |
| `RetryAttempts` | The amount of attempts the request was retried. |
Deprecated way (before 1.4):
@@ -281,10 +277,9 @@ accessLogsFile = "log/access.log"
By default, Traefik use the CLF (`common`) as access log format.
```html
<remote_IP_address> - <client_user_name_if_available> [<timestamp>] "<request_method> <request_path> <request_protocol>" <origin_server_HTTP_status> <origin_server_content_size> "<request_referrer>" "<request_user_agent>" <number_of_requests_received_since_Traefik_started> "<Traefik_frontend_name>" "<Traefik_backend_URL>" <request_duration_in_ms>ms
<remote_IP_address> - <client_user_name_if_available> [<timestamp>] "<request_method> <request_path> <request_protocol>" <origin_server_HTTP_status> <origin_server_content_size> "<request_referrer>" "<request_user_agent>" <number_of_requests_received_since_Traefik_started> "<Traefik_frontend_name>" "<Traefik_backend_URL>" <request_duration_in_ms>ms
```
## Log Rotation
Traefik will close and reopen its log files, assuming they're configured, on receipt of a USR1 signal.
@@ -292,3 +287,34 @@ This allows the logs to be rotated and processed by an external program, such as
!!! note
This does not work on Windows due to the lack of USR signals.
## Time Zones
The timestamp of each log line is in UTC time by default.
If you want to use local timezone, you need to ensure the 3 following elements:
1. Provide the timezone data into /usr/share/zoneinfo
2. Set the environement variable TZ to the timezone to be used
3. Specify the field StartLocal instead of StartUTC (works on default Common Log Format (CLF) as well as JSON)
Example using docker-compose:
```yml
version: '3'
services:
traefik:
image: containous/traefik:[latest stable version]
ports:
- "80:80"
environment:
- "TZ=US/Alaska"
command:
- --docker
- --accesslog
- --accesslog.fields.names="StartUTC=drop"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/usr/share/zoneinfo:/usr/share/zoneinfo:ro"
```

2
docs/index.md
View File

@@ -6,7 +6,7 @@
[![Docs](https://img.shields.io/badge/docs-current-brightgreen.svg)](/)
[![Go Report Card](https://goreportcard.com/badge/github.com/containous/traefik)](https://goreportcard.com/report/github.com/containous/traefik)
[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/containous/traefik/blob/master/LICENSE.md)
[![Join the chat at https://slack.traefik.io](https://img.shields.io/badge/style-register-green.svg?style=social&label=Slack)](https://slack.traefik.io)
[![Join the community support forum at https://community.containo.us/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.containo.us/)
[![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik)

4
docs/theme/partials/footer.html vendored
View File

@@ -88,9 +88,9 @@
</div>
{% endif %}
powered by
<a href="http://www.mkdocs.org" title="MkDocs">MkDocs</a>
<a href="https://www.mkdocs.org" title="MkDocs">MkDocs</a>
and
<a href="http://squidfunk.github.io/mkdocs-material/"
<a href="https://squidfunk.github.io/mkdocs-material/"
title="Material for MkDocs">
Material for MkDocs</a>
</div>

10
docs/user-guide/cluster-docker-consul.md
View File

@@ -91,7 +91,7 @@ To watch docker events, add `--docker.watch`.
version: "3"
services:
traefik:
image: traefik:1.5
image: traefik:<stable version from https://hub.docker.com/_/traefik>
command:
- "--api"
- "--entrypoints=Name:http Address::80 Redirect.EntryPoint:https"
@@ -156,7 +156,7 @@ The initializer in a docker-compose file will be:
```yaml
traefik_init:
image: traefik:1.5
image: traefik:<stable version from https://hub.docker.com/_/traefik>
command:
- "storeconfig"
- "--api"
@@ -177,7 +177,7 @@ And now, the Traefik part will only have the Consul configuration.
```yaml
traefik:
image: traefik:1.5
image: traefik:<stable version from https://hub.docker.com/_/traefik>
depends_on:
- traefik_init
- consul
@@ -200,7 +200,7 @@ The new configuration will be stored in Consul, and you need to restart the Trae
version: "3.4"
services:
traefik_init:
image: traefik:1.5
image: traefik:<stable version from https://hub.docker.com/_/traefik>
command:
- "storeconfig"
- "--api"
@@ -229,7 +229,7 @@ services:
depends_on:
- consul
traefik:
image: traefik:1.5
image: traefik:<stable version from https://hub.docker.com/_/traefik>
depends_on:
- traefik_init
- consul

24
docs/user-guide/docker-and-lets-encrypt.md
View File

@@ -50,7 +50,7 @@ version: '2'
services:
traefik:
image: traefik:1.5.4
image: traefik:<stable version from https://hub.docker.com/_/traefik>
restart: always
ports:
- 80:80
@@ -108,6 +108,28 @@ onHostRule = true
entryPoint = "http"
```
Alternatively, the `TOML` file above can also be translated into command line switches.
This is the `command` value of the `traefik` service in the `docker-compose.yml` manifest:
```yaml
command:
- --debug=false
- --logLevel=ERROR
- --defaultentrypoints=https,http
- --entryPoints=Name:http Address::80 Redirect.EntryPoint:https
- --entryPoints=Name:https Address::443 TLS
- --retry
- --docker.endpoint=unix:///var/run/docker.sock
- --docker.domain=my-awesome-app.org
- --docker.watch=true
- --docker.exposedbydefault=false
- --acme.email=your-email-here@my-awesome-app.org
- --acme.storage=acme.json
- --acme.entryPoint=https
- --acme.onHostRule=true
- --acme.httpchallenge.entrypoint=http
```
This is the minimum configuration required to do the following:
- Log `ERROR`-level messages (or more severe) to the console, but silence `DEBUG`-level messages

132
docs/user-guide/examples.md
View File

@@ -336,37 +336,37 @@ Pay attention to the **labels** section:
```
home:
image: abiosoft/caddy:0.10.14
networks:
- ntw_front
volumes:
- ./www/home/srv/:/srv/
deploy:
mode: replicated
replicas: 2
#placement:
# constraints: [node.role==manager]
restart_policy:
condition: on-failure
max_attempts: 5
resources:
limits:
cpus: '0.20'
memory: 9M
reservations:
cpus: '0.05'
memory: 9M
labels:
- "traefik.frontend.rule=PathPrefixStrip:/"
- "traefik.backend=home"
- "traefik.port=2015"
- "traefik.weight=10"
- "traefik.enable=true"
- "traefik.passHostHeader=true"
- "traefik.docker.network=ntw_front"
- "traefik.frontend.entryPoints=http"
- "traefik.backend.loadbalancer.swarm=true"
- "traefik.backend.loadbalancer.method=drr"
image: abiosoft/caddy:0.10.14
networks:
- ntw_front
volumes:
- ./www/home/srv/:/srv/
deploy:
mode: replicated
replicas: 2
#placement:
# constraints: [node.role==manager]
restart_policy:
condition: on-failure
max_attempts: 5
resources:
limits:
cpus: '0.20'
memory: 9M
reservations:
cpus: '0.05'
memory: 9M
labels:
- "traefik.frontend.rule=PathPrefixStrip:/"
- "traefik.backend=home"
- "traefik.port=2015"
- "traefik.weight=10"
- "traefik.enable=true"
- "traefik.passHostHeader=true"
- "traefik.docker.network=ntw_front"
- "traefik.frontend.entryPoints=http"
- "traefik.backend.loadbalancer.swarm=true"
- "traefik.backend.loadbalancer.method=drr"
```
Something more tricky using `regex`.
@@ -377,39 +377,39 @@ The double sign `$$` are variables managed by the docker compose file ([document
```
portainer:
image: portainer/portainer:1.16.5
networks:
- ntw_front
volumes:
- /var/run/docker.sock:/var/run/docker.sock
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role==manager]
restart_policy:
condition: on-failure
max_attempts: 5
resources:
limits:
cpus: '0.33'
memory: 20M
reservations:
cpus: '0.05'
memory: 10M
labels:
- "traefik.frontend.rule=PathPrefixStrip:/portainer"
- "traefik.backend=portainer"
- "traefik.port=9000"
- "traefik.weight=10"
- "traefik.enable=true"
- "traefik.passHostHeader=true"
- "traefik.docker.network=ntw_front"
- "traefik.frontend.entryPoints=http"
- "traefik.backend.loadbalancer.swarm=true"
- "traefik.backend.loadbalancer.method=drr"
# https://github.com/containous/traefik/issues/563#issuecomment-421360934
- "traefik.frontend.redirect.regex=^(.*)/portainer$$"
- "traefik.frontend.redirect.replacement=$$1/portainer/"
- "traefik.frontend.rule=PathPrefix:/portainer;ReplacePathRegex: ^/portainer/(.*) /$$1"
image: portainer/portainer:1.16.5
networks:
- ntw_front
volumes:
- /var/run/docker.sock:/var/run/docker.sock
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role==manager]
restart_policy:
condition: on-failure
max_attempts: 5
resources:
limits:
cpus: '0.33'
memory: 20M
reservations:
cpus: '0.05'
memory: 10M
labels:
- "traefik.frontend.rule=PathPrefixStrip:/portainer"
- "traefik.backend=portainer"
- "traefik.port=9000"
- "traefik.weight=10"
- "traefik.enable=true"
- "traefik.passHostHeader=true"
- "traefik.docker.network=ntw_front"
- "traefik.frontend.entryPoints=http"
- "traefik.backend.loadbalancer.swarm=true"
- "traefik.backend.loadbalancer.method=drr"
# https://github.com/containous/traefik/issues/563#issuecomment-421360934
- "traefik.frontend.redirect.regex=^(.*)/portainer$$"
- "traefik.frontend.redirect.replacement=$$1/portainer/"
- "traefik.frontend.rule=PathPrefix:/portainer;ReplacePathRegex: ^/portainer/(.*) /$$1"
```

2
docs/user-guide/kv-config.md
View File

@@ -139,7 +139,7 @@ Here is the [docker-compose file](https://docs.docker.com/compose/compose-file/)
```yaml
traefik:
image: traefik
image: traefik:<stable version from https://hub.docker.com/_/traefik>
command: --consul --consul.endpoint=127.0.0.1:8500
ports:
- "80:80"

2
docs/user-guide/swarm-mode.md
View File

@@ -85,7 +85,7 @@ docker-machine ssh manager "docker service create \
--publish 80:80 --publish 8080:8080 \
--mount type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock \
--network traefik-net \
traefik \
traefik:<stable version from https://hub.docker.com/_/traefik> \
--docker \
--docker.swarmMode \
--docker.domain=traefik \

2
docs/user-guide/swarm.md
View File

@@ -81,7 +81,7 @@ docker $(docker-machine config mhs-demo0) run \
-p 80:80 -p 8080:8080 \
--net=my-net \
-v /var/lib/boot2docker/:/ssl \
traefik \
traefik:<stable version from https://hub.docker.com/_/traefik> \
-l DEBUG \
-c /dev/null \
--docker \

10
exp.Dockerfile
View File

@@ -12,11 +12,12 @@ RUN yarn install
RUN npm run build
# BUILD
FROM golang:1.11-alpine as gobuild
FROM golang:1.12-alpine as gobuild
RUN apk --update upgrade \
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar \
&& rm -rf /var/cache/apk/*
&& apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \
&& update-ca-certificates \
&& rm -rf /var/cache/apk/*
RUN mkdir -p /usr/local/bin \
&& curl -fsSL -o /usr/local/bin/go-bindata https://github.com/containous/go-bindata/releases/download/v1.0.0/go-bindata \
@@ -33,7 +34,8 @@ RUN ./script/make.sh generate binary
## IMAGE
FROM scratch
COPY script/ca-certificates.crt /etc/ssl/certs/
COPY --from=gobuild /usr/share/zoneinfo /usr/share/zoneinfo
COPY --from=gobuild /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=gobuild /go/src/github.com/containous/traefik/dist/traefik /
EXPOSE 80

36
healthcheck/healthcheck.go
View File

@@ -49,11 +49,16 @@ func (opt Options) String() string {
return fmt.Sprintf("[Hostname: %s Headers: %v Path: %s Port: %d Interval: %s]", opt.Hostname, opt.Headers, opt.Path, opt.Port, opt.Interval)
}
type backendURL struct {
url *url.URL
weight int
}
// BackendConfig HealthCheck configuration for a backend
type BackendConfig struct {
Options
name string
disabledURLs []*url.URL
disabledURLs []backendURL
requestTimeout time.Duration
}
@@ -129,18 +134,18 @@ func (hc *HealthCheck) execute(ctx context.Context, backend *BackendConfig) {
func (hc *HealthCheck) checkBackend(backend *BackendConfig) {
enabledURLs := backend.LB.Servers()
var newDisabledURLs []*url.URL
for _, url := range backend.disabledURLs {
var newDisabledURLs []backendURL
for _, backendurl := range backend.disabledURLs {
serverUpMetricValue := float64(0)
if err := checkHealth(url, backend); err == nil {
log.Warnf("Health check up: Returning to server list. Backend: %q URL: %q", backend.name, url.String())
backend.LB.UpsertServer(url, roundrobin.Weight(1))
if err := checkHealth(backendurl.url, backend); err == nil {
log.Warnf("Health check up: Returning to server list. Backend: %q URL: %q Weight: %d", backend.name, backendurl.url.String(), backendurl.weight)
backend.LB.UpsertServer(backendurl.url, roundrobin.Weight(backendurl.weight))
serverUpMetricValue = 1
} else {
log.Warnf("Health check still failing. Backend: %q URL: %q Reason: %s", backend.name, url.String(), err)
newDisabledURLs = append(newDisabledURLs, url)
log.Warnf("Health check still failing. Backend: %q URL: %q Reason: %s", backend.name, backendurl.url.String(), err)
newDisabledURLs = append(newDisabledURLs, backendurl)
}
labelValues := []string{"backend", backend.name, "url", url.String()}
labelValues := []string{"backend", backend.name, "url", backendurl.url.String()}
hc.metrics.BackendServerUpGauge().With(labelValues...).Set(serverUpMetricValue)
}
backend.disabledURLs = newDisabledURLs
@@ -148,9 +153,18 @@ func (hc *HealthCheck) checkBackend(backend *BackendConfig) {
for _, url := range enabledURLs {
serverUpMetricValue := float64(1)
if err := checkHealth(url, backend); err != nil {
log.Warnf("Health check failed: Remove from server list. Backend: %q URL: %q Reason: %s", backend.name, url.String(), err)
weight := 1
rr, ok := backend.LB.(*roundrobin.RoundRobin)
if ok {
var gotWeight bool
weight, gotWeight = rr.ServerWeight(url)
if !gotWeight {
weight = 1
}
}
log.Warnf("Health check failed: Remove from server list. Backend: %q URL: %q Weight: %d Reason: %s", backend.name, url.String(), weight, err)
backend.LB.RemoveServer(url)
backend.disabledURLs = append(backend.disabledURLs, url)
backend.disabledURLs = append(backend.disabledURLs, backendURL{url, weight})
serverUpMetricValue = 0
}
labelValues := []string{"backend", backend.name, "url", url.String()}

2
healthcheck/healthcheck_test.go
View File

@@ -112,7 +112,7 @@ func TestSetBackendsConfiguration(t *testing.T) {
if test.startHealthy {
lb.servers = append(lb.servers, serverURL)
} else {
backend.disabledURLs = append(backend.disabledURLs, serverURL)
backend.disabledURLs = append(backend.disabledURLs, backendURL{serverURL, 1})
}
collectingMetrics := testhelpers.NewCollectingHealthCheckMetrics()

4
integration/resources/compose/tracing.yml
View File

@@ -1,7 +1,5 @@
zipkin:
# Fix zipkin version 2.4.2
# due to a bug in latest version https://github.com/openzipkin/zipkin/releases/tag/2.4.4
image: openzipkin/zipkin:2.4.2
image: openzipkin/zipkin:2.12.6
environment:
STORAGE_TYPE: mem
JAVA_OPTS: -Dlogging.level.zipkin=DEBUG

2
middlewares/accesslog/logger_formatters.go
View File

@@ -24,6 +24,8 @@ func (f *CommonLogFormatter) Format(entry *logrus.Entry) ([]byte, error) {
var timestamp = defaultValue
if v, ok := entry.Data[StartUTC]; ok {
timestamp = v.(time.Time).Format(commonLogTimeFormat)
} else if v, ok := entry.Data[StartLocal]; ok {
timestamp = v.(time.Time).Local().Format(commonLogTimeFormat)
}
var elapsedMillis int64

25
middlewares/accesslog/logger_formatters_test.go
View File

@@ -2,6 +2,7 @@ package accesslog
import (
"net/http"
"os"
"testing"
"time"
@@ -57,10 +58,34 @@ func TestCommonLogFormatter_Format(t *testing.T) {
BackendURL: "http://10.0.0.2/toto",
},
expectedLog: `10.0.0.1 - Client [10/Nov/2009:23:00:00 +0000] "GET /foo http" 123 132 "referer" "agent" - "foo" "http://10.0.0.2/toto" 123000ms
`,
},
{
name: "all data with local time",
data: map[string]interface{}{
StartLocal: time.Date(2009, time.November, 10, 23, 0, 0, 0, time.UTC),
Duration: 123 * time.Second,
ClientHost: "10.0.0.1",
ClientUsername: "Client",
RequestMethod: http.MethodGet,
RequestPath: "/foo",
RequestProtocol: "http",
OriginStatus: 123,
OriginContentSize: 132,
RequestRefererHeader: "referer",
RequestUserAgentHeader: "agent",
RequestCount: nil,
FrontendName: "foo",
BackendURL: "http://10.0.0.2/toto",
},
expectedLog: `10.0.0.1 - Client [10/Nov/2009:14:00:00 -0900] "GET /foo http" 123 132 "referer" "agent" - "foo" "http://10.0.0.2/toto" 123000ms
`,
},
}
// Set timezone to Alaska to have a constant behavior
os.Setenv("TZ", "US/Alaska")
for _, test := range testCases {
test := test
t.Run(test.name, func(t *testing.T) {

6
middlewares/auth/forward.go
View File

@@ -96,7 +96,11 @@ func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next
}
for _, headerName := range config.AuthResponseHeaders {
r.Header.Set(headerName, forwardResponse.Header.Get(headerName))
headerKey := http.CanonicalHeaderKey(headerName)
r.Header.Del(headerKey)
if len(forwardResponse.Header[headerKey]) > 0 {
r.Header[headerKey] = append([]string(nil), forwardResponse.Header[headerKey]...)
}
}
r.RequestURI = r.URL.RequestURI()

6
middlewares/auth/forward_test.go
View File

@@ -50,6 +50,8 @@ func TestForwardAuthFail(t *testing.T) {
func TestForwardAuthSuccess(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Auth-User", "user@example.com")
w.Header().Add("X-Auth-Group", "group1")
w.Header().Add("X-Auth-Group", "group2")
w.Header().Set("X-Auth-Secret", "secret")
fmt.Fprintln(w, "Success")
}))
@@ -58,13 +60,14 @@ func TestForwardAuthSuccess(t *testing.T) {
middleware, err := NewAuthenticator(&types.Auth{
Forward: &types.Forward{
Address: server.URL,
AuthResponseHeaders: []string{"X-Auth-User"},
AuthResponseHeaders: []string{"X-Auth-User", "X-Auth-Group"},
},
}, &tracing.Tracing{})
assert.NoError(t, err, "there should be no error")
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "user@example.com", r.Header.Get("X-Auth-User"))
assert.Equal(t, []string{"group1", "group2"}, r.Header["X-Auth-Group"])
assert.Empty(t, r.Header.Get("X-Auth-Secret"))
fmt.Fprintln(w, "traefik")
})
@@ -74,6 +77,7 @@ func TestForwardAuthSuccess(t *testing.T) {
defer ts.Close()
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
req.Header.Set("X-Auth-Group", "admin_group")
res, err := http.DefaultClient.Do(req)
assert.NoError(t, err, "there should be no error")
assert.Equal(t, http.StatusOK, res.StatusCode, "they should be equal")

19
middlewares/retry_test.go
View File

@@ -5,6 +5,7 @@ import (
"net/http"
"net/http/httptest"
"net/http/httptrace"
"strconv"
"strings"
"testing"
@@ -35,7 +36,7 @@ func TestRetry(t *testing.T) {
desc: "no retry when max request attempts is one",
maxRequestAttempts: 1,
wantRetryAttempts: 0,
wantResponseStatus: http.StatusInternalServerError,
wantResponseStatus: http.StatusBadGateway,
amountFaultyEndpoints: 1,
},
{
@@ -56,7 +57,7 @@ func TestRetry(t *testing.T) {
desc: "max attempts exhausted delivers the 5xx response",
maxRequestAttempts: 3,
wantRetryAttempts: 2,
wantResponseStatus: http.StatusInternalServerError,
wantResponseStatus: http.StatusBadGateway,
amountFaultyEndpoints: 3,
},
}
@@ -82,17 +83,18 @@ func TestRetry(t *testing.T) {
t.Fatalf("Error creating load balancer: %s", err)
}
basePort := 33444
// out of range port
basePort := 1133444
for i := 0; i < test.amountFaultyEndpoints; i++ {
// 192.0.2.0 is a non-routable IP for testing purposes.
// See: https://stackoverflow.com/questions/528538/non-routable-ip-address/18436928#18436928
// We only use the port specification here because the URL is used as identifier
// in the load balancer and using the exact same URL would not add a new server.
loadBalancer.UpsertServer(testhelpers.MustParseURL("http://192.0.2.0:" + string(basePort+i)))
_ = loadBalancer.UpsertServer(testhelpers.MustParseURL("http://192.0.2.0:" + strconv.Itoa(basePort+i)))
}
// add the functioning server to the end of the load balancer list
loadBalancer.UpsertServer(testhelpers.MustParseURL(backendServer.URL))
_ = loadBalancer.UpsertServer(testhelpers.MustParseURL(backendServer.URL))
retryListener := &countingRetryListener{}
retry := NewRetry(test.maxRequestAttempts, loadBalancer, retryListener)
@@ -154,17 +156,18 @@ func TestRetryWebsocket(t *testing.T) {
t.Fatalf("Error creating load balancer: %s", err)
}
basePort := 33444
// out of range port
basePort := 1133444
for i := 0; i < test.amountFaultyEndpoints; i++ {
// 192.0.2.0 is a non-routable IP for testing purposes.
// See: https://stackoverflow.com/questions/528538/non-routable-ip-address/18436928#18436928
// We only use the port specification here because the URL is used as identifier
// in the load balancer and using the exact same URL would not add a new server.
loadBalancer.UpsertServer(testhelpers.MustParseURL("http://192.0.2.0:" + string(basePort+i)))
_ = loadBalancer.UpsertServer(testhelpers.MustParseURL("http://192.0.2.0:" + strconv.Itoa(basePort+i)))
}
// add the functioning server to the end of the load balancer list
loadBalancer.UpsertServer(testhelpers.MustParseURL(backendServer.URL))
_ = loadBalancer.UpsertServer(testhelpers.MustParseURL(backendServer.URL))
retryListener := &countingRetryListener{}
retry := NewRetry(test.maxRequestAttempts, loadBalancer, retryListener)

25
middlewares/tlsClientHeaders.go
View File

@@ -44,7 +44,7 @@ type DistinguishedNameOptions struct {
// TLSClientHeaders is a middleware that helps setup a few tls info features.
type TLSClientHeaders struct {
Infos *TLSClientCertificateInfos // pass selected informations from the client certificate
Infos *TLSClientCertificateInfos // pass selected information from the client certificate
PEM bool // pass the sanitized pem to the backend in a specific header
}
@@ -79,23 +79,14 @@ func newTLSClientInfos(infos *types.TLSClientCertificateInfos) *TLSClientCertifi
}
// NewTLSClientHeaders constructs a new TLSClientHeaders instance from supplied frontend header struct.
func NewTLSClientHeaders(frontend *types.Frontend) *TLSClientHeaders {
if frontend == nil {
func NewTLSClientHeaders(passTLSClientCert *types.TLSClientHeaders) *TLSClientHeaders {
if passTLSClientCert == nil {
return nil
}
var addPEM bool
var infos *TLSClientCertificateInfos
if frontend.PassTLSClientCert != nil {
conf := frontend.PassTLSClientCert
addPEM = conf.PEM
infos = newTLSClientInfos(conf.Infos)
}
return &TLSClientHeaders{
Infos: infos,
PEM: addPEM,
Infos: newTLSClientInfos(passTLSClientCert.Infos),
PEM: passTLSClientCert.PEM,
}
}
@@ -221,7 +212,7 @@ func writePart(content *strings.Builder, entry string, prefix string) {
}
}
// getXForwardedTLSClientCertInfo Build a string with the wanted client certificates informations
// getXForwardedTLSClientCertInfo Build a string with the wanted client certificates information
// like Subject="DC=%s,C=%s,ST=%s,L=%s,O=%s,CN=%s",NB=%d,NA=%d,SAN=%s;
func (s *TLSClientHeaders) getXForwardedTLSClientCertInfo(certs []*x509.Certificate) string {
var headerValues []string
@@ -268,8 +259,9 @@ func (s *TLSClientHeaders) getXForwardedTLSClientCertInfo(certs []*x509.Certific
return strings.Join(headerValues, ";")
}
// ModifyRequestHeaders set the wanted headers with the certificates informations
// ModifyRequestHeaders set the wanted headers with the certificates information
func (s *TLSClientHeaders) ModifyRequestHeaders(r *http.Request) {
r.Header.Del(xForwardedTLSClientCert)
if s.PEM {
if r.TLS != nil && len(r.TLS.PeerCertificates) > 0 {
r.Header.Set(xForwardedTLSClientCert, getXForwardedTLSClientCert(r.TLS.PeerCertificates))
@@ -278,6 +270,7 @@ func (s *TLSClientHeaders) ModifyRequestHeaders(r *http.Request) {
}
}
r.Header.Del(xForwardedTLSClientCertInfos)
if s.Infos != nil {
if r.TLS != nil && len(r.TLS.PeerCertificates) > 0 {
headerContent := s.getXForwardedTLSClientCertInfo(r.TLS.PeerCertificates)

343
middlewares/tlsClientHeaders_test.go
View File

@@ -240,26 +240,6 @@ mxcl71pV8i3NDU3kgVi2440JYpoMveTlXPCV2svHNCw0X238YHsSW4b93yGJO0gI
ML9n/4zmm1PMhzZHcEA72ZAq0tKCxpz10djg5v2qL5V+Oaz8TtTOZbPsxpiKMQ==
-----END CERTIFICATE-----
`
minimalCert = `-----BEGIN CERTIFICATE-----
MIIDGTCCAgECCQCqLd75YLi2kDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJG
UjETMBEGA1UECAwKU29tZS1TdGF0ZTERMA8GA1UEBwwIVG91bG91c2UxITAfBgNV
BAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODA3MTgwODI4MTZaFw0x
ODA4MTcwODI4MTZaMEUxCzAJBgNVBAYTAkZSMRMwEQYDVQQIDApTb21lLVN0YXRl
MSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQC/+frDMMTLQyXG34F68BPhQq0kzK4LIq9Y0/gl
FjySZNn1C0QDWA1ubVCAcA6yY204I9cxcQDPNrhC7JlS5QA8Y5rhIBrqQlzZizAi
Rj3NTrRjtGUtOScnHuJaWjLy03DWD+aMwb7q718xt5SEABmmUvLwQK+EjW2MeDwj
y8/UEIpvrRDmdhGaqv7IFpIDkcIF7FowJ/hwDvx3PMc+z/JWK0ovzpvgbx69AVbw
ZxCimeha65rOqVi+lEetD26le+WnOdYsdJ2IkmpPNTXGdfb15xuAc+gFXfMCh7Iw
3Ynl6dZtZM/Ok2kiA7/OsmVnRKkWrtBfGYkI9HcNGb3zrk6nAgMBAAEwDQYJKoZI
hvcNAQELBQADggEBAC/R+Yvhh1VUhcbK49olWsk/JKqfS3VIDQYZg1Eo+JCPbwgS
I1BSYVfMcGzuJTX6ua3m/AHzGF3Tap4GhF4tX12jeIx4R4utnjj7/YKkTvuEM2f4
xT56YqI7zalGScIB0iMeyNz1QcimRl+M/49au8ow9hNX8C2tcA2cwd/9OIj/6T8q
SBRHc6ojvbqZSJCO0jziGDT1L3D+EDgTjED4nd77v/NRdP+egb0q3P0s4dnQ/5AV
aQlQADUn61j3ScbGJ4NSeZFFvsl38jeRi/MEzp0bGgNBcPj6JHi7qbbauZcZfQ05
jECvgAY7Nfd9mZ1KtyNaW31is+kag7NsvjxU/kM=
-----END CERTIFICATE-----`
)
func getCleanCertContents(certContents []string) string {
@@ -303,10 +283,6 @@ func buildTLSWith(certContents []string) *tls.ConnectionState {
return &tls.ConnectionState{PeerCertificates: peerCertificates}
}
var myPassTLSClientCustomHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("bar"))
})
func getExpectedSanitized(s string) string {
return url.QueryEscape(strings.Replace(s, "\n", "", -1))
}
@@ -360,20 +336,13 @@ WqeUSNGYV//RunTeuRDAf5OxehERb1srzBXhRZ3cZdzXbgR/`),
}
func TestTlsClientheadersWithPEM(t *testing.T) {
func TestTlsClientHeadersWithPEM(t *testing.T) {
testCases := []struct {
desc string
certContents []string // set the request TLS attribute if defined
tlsClientCertHeaders *types.TLSClientHeaders
expectedHeader string
}{
{
desc: "No TLS, no option",
},
{
desc: "TLS, no option",
certContents: []string{minimalCheeseCrt},
},
{
desc: "No TLS, with pem option true",
tlsClientCertHeaders: &types.TLSClientHeaders{PEM: true},
@@ -399,20 +368,24 @@ func TestTlsClientheadersWithPEM(t *testing.T) {
}
for _, test := range testCases {
tlsClientHeaders := NewTLSClientHeaders(&types.Frontend{PassTLSClientCert: test.tlsClientCertHeaders})
res := httptest.NewRecorder()
req := testhelpers.MustNewRequest(http.MethodGet, "http://example.com/foo", nil)
if test.certContents != nil && len(test.certContents) > 0 {
req.TLS = buildTLSWith(test.certContents)
}
tlsClientHeaders.ServeHTTP(res, req, myPassTLSClientCustomHandler)
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
tlsClientHeaders := NewTLSClientHeaders(test.tlsClientCertHeaders)
res := httptest.NewRecorder()
req := testhelpers.MustNewRequest(http.MethodGet, "http://example.com/foo", nil)
if test.tlsClientCertHeaders != nil {
req.Header.Set(xForwardedTLSClientCert, "Unsanitized HEADER")
}
if test.certContents != nil && len(test.certContents) > 0 {
req.TLS = buildTLSWith(test.certContents)
}
tlsClientHeaders.ServeHTTP(res, req, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("bar"))
}))
require.Equal(t, http.StatusOK, res.Code, "Http Status should be OK")
require.Equal(t, "bar", res.Body.String(), "Should be the expected body")
@@ -477,7 +450,7 @@ func TestGetSans(t *testing.T) {
}
func TestTlsClientheadersWithCertInfos(t *testing.T) {
func TestTlsClientHeadersWithCertInfos(t *testing.T) {
minimalCheeseCertAllInfos := `Subject="C=FR,ST=Some-State,O=Cheese",Issuer="DC=org,DC=cheese,C=FR,C=US,ST=Signing State,ST=Signing State 2,L=TOULOUSE,L=LYON,O=Cheese,O=Cheese 2,CN=Simple Signing CA 2",NB=1544094636,NA=1632568236,SAN=`
completeCertAllInfos := `Subject="DC=org,DC=cheese,C=FR,C=US,ST=Cheese org state,ST=Cheese com state,L=TOULOUSE,L=LYON,O=Cheese,O=Cheese 2,CN=*.cheese.com",Issuer="DC=org,DC=cheese,C=FR,C=US,ST=Signing State,ST=Signing State 2,L=TOULOUSE,L=LYON,O=Cheese,O=Cheese 2,CN=Simple Signing CA 2",NB=1544094616,NA=1607166616,SAN=*.cheese.org,*.cheese.net,*.cheese.com,test@cheese.org,test@cheese.net,10.0.1.0,10.0.1.2`
@@ -487,13 +460,6 @@ func TestTlsClientheadersWithCertInfos(t *testing.T) {
tlsClientCertHeaders *types.TLSClientHeaders
expectedHeader string
}{
{
desc: "No TLS, no option",
},
{
desc: "TLS, no option",
certContents: []string{minimalCert},
},
{
desc: "No TLS, with pem option true",
tlsClientCertHeaders: &types.TLSClientHeaders{
@@ -627,20 +593,24 @@ func TestTlsClientheadersWithCertInfos(t *testing.T) {
},
}
for _, test := range testCases {
tlsClientHeaders := NewTLSClientHeaders(&types.Frontend{PassTLSClientCert: test.tlsClientCertHeaders})
res := httptest.NewRecorder()
req := testhelpers.MustNewRequest(http.MethodGet, "http://example.com/foo", nil)
if test.certContents != nil && len(test.certContents) > 0 {
req.TLS = buildTLSWith(test.certContents)
}
tlsClientHeaders.ServeHTTP(res, req, myPassTLSClientCustomHandler)
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
tlsClientHeaders := NewTLSClientHeaders(test.tlsClientCertHeaders)
res := httptest.NewRecorder()
req := testhelpers.MustNewRequest(http.MethodGet, "http://example.com/foo", nil)
if test.tlsClientCertHeaders != nil {
req.Header.Set(xForwardedTLSClientCertInfos, "Unsanitized HEADER")
}
if test.certContents != nil && len(test.certContents) > 0 {
req.TLS = buildTLSWith(test.certContents)
}
tlsClientHeaders.ServeHTTP(res, req, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("bar"))
}))
require.Equal(t, http.StatusOK, res.Code, "Http Status should be OK")
require.Equal(t, "bar", res.Body.String(), "Should be the expected body")
@@ -664,45 +634,31 @@ func TestTlsClientheadersWithCertInfos(t *testing.T) {
func TestNewTLSClientHeadersFromStruct(t *testing.T) {
testCases := []struct {
desc string
frontend *types.Frontend
expected *TLSClientHeaders
desc string
tlsClientHeaders *types.TLSClientHeaders
expected *TLSClientHeaders
}{
{
desc: "Without frontend",
},
{
desc: "frontend without the option",
frontend: &types.Frontend{},
expected: &TLSClientHeaders{},
},
{
desc: "frontend with the pem set false",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
PEM: false,
},
desc: "TLS client headers with the pem set false",
tlsClientHeaders: &types.TLSClientHeaders{
PEM: false,
},
expected: &TLSClientHeaders{PEM: false},
},
{
desc: "frontend with the pem set true",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
PEM: true,
},
desc: "TLS client headers with the pem set true",
tlsClientHeaders: &types.TLSClientHeaders{
PEM: true,
},
expected: &TLSClientHeaders{PEM: true},
},
{
desc: "frontend with the Infos with no flag",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: false,
NotBefore: false,
Sans: false,
},
desc: "TLS client headers with the Infos with no flag",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: false,
NotBefore: false,
Sans: false,
},
},
expected: &TLSClientHeaders{
@@ -711,14 +667,12 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos basic",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: true,
NotBefore: true,
Sans: true,
},
desc: "TLS client headers with the Infos basic",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: true,
NotBefore: true,
Sans: true,
},
},
expected: &TLSClientHeaders{
@@ -731,12 +685,10 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos NotAfter",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: true,
},
desc: "TLS client headers with the Infos NotAfter",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: true,
},
},
expected: &TLSClientHeaders{
@@ -747,12 +699,10 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos NotBefore",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotBefore: true,
},
desc: "TLS client headers with the Infos NotBefore",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotBefore: true,
},
},
expected: &TLSClientHeaders{
@@ -763,12 +713,10 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Sans",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Sans: true,
},
desc: "TLS client headers with the Infos Sans",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Sans: true,
},
},
expected: &TLSClientHeaders{
@@ -779,13 +727,11 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Subject Organization",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Organization: true,
},
desc: "TLS client headers with the Infos Subject Organization",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Organization: true,
},
},
},
@@ -799,13 +745,11 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Subject Country",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Country: true,
},
desc: "TLS client headers with the Infos Subject Country",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Country: true,
},
},
},
@@ -819,13 +763,11 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Subject SerialNumber",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
SerialNumber: true,
},
desc: "TLS client headers with the Infos Subject SerialNumber",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
SerialNumber: true,
},
},
},
@@ -839,13 +781,11 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Subject Province",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Province: true,
},
desc: "TLS client headers with the Infos Subject Province",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Province: true,
},
},
},
@@ -859,13 +799,11 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Subject Locality",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Locality: true,
},
desc: "TLS client headers with the Infos Subject Locality",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
Locality: true,
},
},
},
@@ -879,13 +817,11 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Subject CommonName",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
CommonName: true,
},
desc: "TLS client headers with the Infos Subject CommonName",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Subject: &types.TLSCLientCertificateDNInfos{
CommonName: true,
},
},
},
@@ -899,19 +835,17 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos Issuer",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Issuer: &types.TLSCLientCertificateDNInfos{
CommonName: true,
Country: true,
DomainComponent: true,
Locality: true,
Organization: true,
SerialNumber: true,
Province: true,
},
desc: "TLS client headers with the Infos Issuer",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Issuer: &types.TLSCLientCertificateDNInfos{
CommonName: true,
Country: true,
DomainComponent: true,
Locality: true,
Organization: true,
SerialNumber: true,
Province: true,
},
},
},
@@ -931,12 +865,10 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Sans Infos",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Sans: true,
},
desc: "TLS client headers with the Sans Infos",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
Sans: true,
},
},
expected: &TLSClientHeaders{
@@ -947,30 +879,28 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
},
},
{
desc: "frontend with the Infos all",
frontend: &types.Frontend{
PassTLSClientCert: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: true,
NotBefore: true,
Subject: &types.TLSCLientCertificateDNInfos{
CommonName: true,
Country: true,
Locality: true,
Organization: true,
Province: true,
SerialNumber: true,
},
Issuer: &types.TLSCLientCertificateDNInfos{
Country: true,
DomainComponent: true,
Locality: true,
Organization: true,
SerialNumber: true,
Province: true,
},
Sans: true,
desc: "TLS client headers with the Infos all",
tlsClientHeaders: &types.TLSClientHeaders{
Infos: &types.TLSClientCertificateInfos{
NotAfter: true,
NotBefore: true,
Subject: &types.TLSCLientCertificateDNInfos{
CommonName: true,
Country: true,
Locality: true,
Organization: true,
Province: true,
SerialNumber: true,
},
Issuer: &types.TLSCLientCertificateDNInfos{
Country: true,
DomainComponent: true,
Locality: true,
Organization: true,
SerialNumber: true,
Province: true,
},
Sans: true,
},
},
expected: &TLSClientHeaders{
@@ -1004,8 +934,7 @@ func TestNewTLSClientHeadersFromStruct(t *testing.T) {
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
require.Equal(t, test.expected, NewTLSClientHeaders(test.frontend))
require.Equal(t, test.expected, NewTLSClientHeaders(test.tlsClientHeaders))
})
}
}

2
middlewares/tracing/zipkin/zipkin.go
View File

@@ -5,7 +5,7 @@ import (
"github.com/containous/traefik/log"
"github.com/opentracing/opentracing-go"
zipkin "github.com/openzipkin/zipkin-go-opentracing"
zipkin "github.com/openzipkin-contrib/zipkin-go-opentracing"
)
// Name sets the name of this tracer

8
provider/acme/provider.go
View File

@@ -49,7 +49,7 @@ type Configuration struct {
DNSChallenge *DNSChallenge `description:"Activate DNS-01 Challenge"`
HTTPChallenge *HTTPChallenge `description:"Activate HTTP-01 Challenge"`
TLSChallenge *TLSChallenge `description:"Activate TLS-ALPN-01 Challenge"`
Domains []types.Domain `description:"CN and SANs (alternative domains) to each main domain using format: --acme.domains='main.com,san1.com,san2.com' --acme.domains='*.main.net'. No SANs for wildcards domain. Wildcard domains only accepted with DNSChallenge"`
Domains []types.Domain `description:"CN and SANs (alternative domains) to each main domain using format: --acme.domains='main.com,san1.com,san2.com' --acme.domains='*.main.net'. Wildcard domains only accepted with DNSChallenge"`
}
// Provider holds configurations of the provider.
@@ -756,12 +756,6 @@ func (p *Provider) getValidDomains(domain types.Domain, wildcardAllowed bool) ([
}
}
for _, san := range domain.SANs {
if strings.HasPrefix(san, "*") {
return nil, fmt.Errorf("unable to generate a certificate in ACME provider for domains %q: SAN %q can not be a wildcard domain", strings.Join(domains, ","), san)
}
}
var cleanDomains []string
for _, domain := range domains {
canonicalDomain := types.CanonicalDomain(domain)

6
provider/acme/provider_test.go
View File

@@ -267,12 +267,12 @@ func TestGetValidDomain(t *testing.T) {
expectedDomains: []string{"*.traefik.wtf", "traefik.wtf"},
},
{
desc: "unexpected SANs",
desc: "wildcard SANs",
domains: types.Domain{Main: "*.traefik.wtf", SANs: []string{"*.acme.wtf"}},
dnsChallenge: &DNSChallenge{},
wildcardAllowed: true,
expectedErr: "unable to generate a certificate in ACME provider for domains \"*.traefik.wtf,*.acme.wtf\": SAN \"*.acme.wtf\" can not be a wildcard domain",
expectedDomains: nil,
expectedErr: "",
expectedDomains: []string{"*.traefik.wtf", "*.acme.wtf"},
},
}

14
provider/consulcatalog/consul_catalog.go
View File

@@ -34,6 +34,7 @@ type Provider struct {
Stale bool `description:"Use stale consistency for catalog reads" export:"true"`
ExposedByDefault bool `description:"Expose Consul services by default" export:"true"`
Prefix string `description:"Prefix used for Consul catalog tags" export:"true"`
StrictChecks bool `description:"Keep a Consul node only if all checks status are passing" export:"true"`
FrontEndRule string `description:"Frontend rule used for Consul services" export:"true"`
TLS *types.ClientTLS `description:"Enable TLS support" export:"true"`
client *api.Client
@@ -301,6 +302,8 @@ func (p *Provider) watchHealthState(stopCh <-chan struct{}, watchCh chan<- map[s
_, failing := currentFailing[key]
if healthy.Status == "passing" && !failing {
current[key] = append(current[key], healthy.Node)
} else if !p.StrictChecks && healthy.Status == "warning" && !failing {
current[key] = append(current[key], healthy.Node)
} else if strings.HasPrefix(healthy.CheckID, "_service_maintenance") || strings.HasPrefix(healthy.CheckID, "_node_maintenance") {
maintenance = append(maintenance, healthy.CheckID)
} else {
@@ -489,7 +492,8 @@ func getServiceAddresses(services []*api.CatalogService) []string {
func (p *Provider) healthyNodes(service string) (catalogUpdate, error) {
health := p.client.Health()
data, _, err := health.Service(service, "", true, &api.QueryOptions{AllowStale: p.Stale})
// You can't filter with assigning passingOnly here, nodeFilter will do this later
data, _, err := health.Service(service, "", false, &api.QueryOptions{AllowStale: p.Stale})
if err != nil {
log.WithError(err).Errorf("Failed to fetch details of %s", service)
return catalogUpdate{}, err
@@ -533,7 +537,8 @@ func (p *Provider) nodeFilter(service string, node *api.ServiceEntry) bool {
log.Debugf("Service %v pruned by '%v' constraint", service, failingConstraint.String())
return false
}
return true
return p.hasPassingChecks(node)
}
func (p *Provider) isServiceEnabled(node *api.ServiceEntry) bool {
@@ -567,6 +572,11 @@ func (p *Provider) getConstraintTags(tags []string) []string {
return values
}
func (p *Provider) hasPassingChecks(node *api.ServiceEntry) bool {
status := node.Checks.AggregatedStatus()
return status == "passing" || !p.StrictChecks && status == "warning"
}
func (p *Provider) generateFrontends(service *serviceUpdate) []*serviceUpdate {
frontends := make([]*serviceUpdate, 0)
// to support <prefix>.frontend.xxx

9
provider/docker/docker.go
View File

@@ -28,7 +28,9 @@ import (
)
const (
// SwarmAPIVersion is a constant holding the version of the Provider API traefik will use
// DockerAPIVersion is a constant holding the version of the Provider API traefik will use
DockerAPIVersion = "1.24"
// SwarmAPIVersion is a constant holding the version of the Provider API traefik will use.
SwarmAPIVersion = "1.24"
)
@@ -110,11 +112,10 @@ func (p *Provider) createClient() (client.APIClient, error) {
"User-Agent": "Traefik " + version.Version,
}
var apiVersion string
apiVersion := DockerAPIVersion
if p.SwarmMode {
apiVersion = SwarmAPIVersion
} else {
apiVersion = DockerAPIVersion
}
return client.NewClient(p.Endpoint, apiVersion, httpClient, httpHeaders)

8
provider/docker/docker_unix.go
View File

@@ -1,8 +0,0 @@
// +build !windows
package docker
const (
// DockerAPIVersion is a constant holding the version of the Provider API traefik will use
DockerAPIVersion = "1.21"
)

6
provider/docker/docker_windows.go
View File

@@ -1,6 +0,0 @@
package docker
const (
// DockerAPIVersion is a constant holding the version of the Provider API traefik will use
DockerAPIVersion string = "1.24"
)

20
provider/kubernetes/builder_configuration_test.go
View File

@@ -230,9 +230,25 @@ func auth(opt func(*types.Auth)) func(*types.Frontend) {
}
}
func basicAuth(users ...string) func(*types.Auth) {
func basicAuth(opts ...func(*types.Basic)) func(*types.Auth) {
return func(a *types.Auth) {
a.Basic = &types.Basic{Users: users}
basic := &types.Basic{}
for _, opt := range opts {
opt(basic)
}
a.Basic = basic
}
}
func baUsers(users ...string) func(*types.Basic) {
return func(b *types.Basic) {
b.Users = users
}
}
func baRemoveHeaders() func(*types.Basic) {
return func(b *types.Basic) {
b.RemoveHeader = true
}
}

7
provider/kubernetes/builder_endpoint_test.go
View File

@@ -61,13 +61,6 @@ func eAddress(ip string) func(*corev1.EndpointAddress) {
}
}
func eAddressWithTargetRef(targetRef, ip string) func(*corev1.EndpointAddress) {
return func(address *corev1.EndpointAddress) {
address.TargetRef = &corev1.ObjectReference{Name: targetRef}
address.IP = ip
}
}
func ePorts(opts ...func(port *corev1.EndpointPort)) func(*corev1.EndpointSubset) {
return func(spec *corev1.EndpointSubset) {
for _, opt := range opts {

33
provider/kubernetes/builder_service_test.go
View File

@@ -35,15 +35,6 @@ func sUID(value types.UID) func(*corev1.Service) {
}
}
func sAnnotation(name string, value string) func(*corev1.Service) {
return func(s *corev1.Service) {
if s.Annotations == nil {
s.Annotations = make(map[string]string)
}
s.Annotations[name] = value
}
}
func sSpec(opts ...func(*corev1.ServiceSpec)) func(*corev1.Service) {
return func(s *corev1.Service) {
spec := &corev1.ServiceSpec{}
@@ -54,30 +45,6 @@ func sSpec(opts ...func(*corev1.ServiceSpec)) func(*corev1.Service) {
}
}
func sLoadBalancerStatus(opts ...func(*corev1.LoadBalancerStatus)) func(service *corev1.Service) {
return func(s *corev1.Service) {
loadBalancer := &corev1.LoadBalancerStatus{}
for _, opt := range opts {
if opt != nil {
opt(loadBalancer)
}
}
s.Status = corev1.ServiceStatus{
LoadBalancer: *loadBalancer,
}
}
}
func sLoadBalancerIngress(ip string, hostname string) func(*corev1.LoadBalancerStatus) {
return func(status *corev1.LoadBalancerStatus) {
ingress := corev1.LoadBalancerIngress{
IP: ip,
Hostname: hostname,
}
status.Ingress = append(status.Ingress, ingress)
}
}
func clusterIP(ip string) func(*corev1.ServiceSpec) {
return func(spec *corev1.ServiceSpec) {
spec.ClusterIP = ip

38
provider/kubernetes/client_mock_test.go
View File

@@ -1,21 +1,57 @@
package kubernetes
import (
"fmt"
"io/ioutil"
corev1 "k8s.io/api/core/v1"
extensionsv1beta1 "k8s.io/api/extensions/v1beta1"
v1beta12 "k8s.io/api/extensions/v1beta1"
)
var _ Client = (*clientMock)(nil)
type clientMock struct {
ingresses []*extensionsv1beta1.Ingress
services []*corev1.Service
secrets []*corev1.Secret
endpoints []*corev1.Endpoints
watchChan chan interface{}
apiServiceError error
apiSecretError error
apiEndpointsError error
apiIngressStatusError error
watchChan chan interface{}
}
func newClientMock(paths ...string) clientMock {
var c clientMock
for _, path := range paths {
yamlContent, err := ioutil.ReadFile(path)
if err != nil {
panic(err)
}
k8sObjects := MustDecodeYaml(yamlContent)
for _, obj := range k8sObjects {
switch o := obj.(type) {
case *corev1.Service:
c.services = append(c.services, o)
case *corev1.Secret:
c.secrets = append(c.secrets, o)
case *corev1.Endpoints:
c.endpoints = append(c.endpoints, o)
case *v1beta12.Ingress:
c.ingresses = append(c.ingresses, o)
default:
panic(fmt.Sprintf("Unknown runtime object %+v %T", o, o))
}
}
}
return c
}
func (c clientMock) GetIngresses() []*extensionsv1beta1.Ingress {

21
provider/kubernetes/fixtures/computeServiceWeights/1_path_2_service_ingresses.yml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: |2
service1: 10%
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: service1
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /foo

31
provider/kubernetes/fixtures/computeServiceWeights/1_path_4_service_ingresses.yml Normal file
View File

@@ -0,0 +1,31 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: |2
service1: 20%
service2: 40%
service3: 40%
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: service1
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /foo
- backend:
serviceName: service3
servicePort: 8080
path: /foo
- backend:
serviceName: service4
servicePort: 8080
path: /foo

29
provider/kubernetes/fixtures/computeServiceWeights/2_path_2_service_ingresses.yml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: |2
service1: 60%
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: service1
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /foo
- backend:
serviceName: service1
servicePort: 8080
path: /bar
- backend:
serviceName: service3
servicePort: 8080
path: /bar

30
provider/kubernetes/fixtures/computeServiceWeights/2_path_3_service_ingresses.yml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: |2
service1: 20%
service3: 20%
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: service1
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /bar
- backend:
serviceName: service3
servicePort: 8080
path: /bar

23
provider/kubernetes/fixtures/computeServiceWeights/2_path_no_service_ingresses.yml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: |2
service1: 20%
service2: 40%
service3: 40%
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: noservice
servicePort: 8080
path: /foo
- backend:
serviceName: noservice
servicePort: 8080
path: /bar

22
provider/kubernetes/fixtures/computeServiceWeights/2_path_overflow_ingresses.yml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: |2
service1: 70%
service2: 80%
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: service1
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /foo

19
provider/kubernetes/fixtures/computeServiceWeights/2_path_without_weight_ingresses.yml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/service-weights: ""
namespace: testing
spec:
rules:
- host: foo.test
http:
paths:
- backend:
serviceName: service1
servicePort: 8080
path: /foo
- backend:
serviceName: service2
servicePort: 8080
path: /bar

62
provider/kubernetes/fixtures/computeServiceWeights_endpoints.yml Normal file
View File

@@ -0,0 +1,62 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- port: 8080
- addresses:
- ip: 10.21.0.2
ports:
- port: 8080
---
apiVersion: v1
kind: Endpoints
metadata:
name: service2
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.3
ports:
- port: 8080
---
apiVersion: v1
kind: Endpoints
metadata:
name: service3
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.4
ports:
- port: 8080
- addresses:
- ip: 10.21.0.5
ports:
- port: 8080
- addresses:
- ip: 10.21.0.6
ports:
- port: 8080
- addresses:
- ip: 10.21.0.7
ports:
- port: 8080
---
apiVersion: v1
kind: Endpoints
metadata:
name: service4
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.7
ports:
- port: 8080

26
provider/kubernetes/fixtures/computeServiceWeights_services.yml Normal file
View File

@@ -0,0 +1,26 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
---
apiVersion: v1
kind: Service
metadata:
name: service2
namespace: testing
---
apiVersion: v1
kind: Service
metadata:
name: service3
namespace: testing
---
apiVersion: v1
kind: Service
metadata:
name: service4
namespace: testing

16
provider/kubernetes/fixtures/divergingIngressDefinitions_endpoints.yml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- name: http
port: 80
- addresses:
- ip: 10.10.0.2
ports:
- name: http
port: 80

26
provider/kubernetes/fixtures/divergingIngressDefinitions_ingresses.yml Normal file
View File

@@ -0,0 +1,26 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
rules:
- host: host-a
http:
paths:
- backend:
serviceName: service1
servicePort: "80"
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
rules:
- host: host-a
http:
paths:
- backend:
serviceName: missing
servicePort: "80"

10
provider/kubernetes/fixtures/divergingIngressDefinitions_services.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
ports:
- name: http
port: 80

13
provider/kubernetes/fixtures/getPassHostHeader_ingresses.yml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: awesome
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 801
path: /bar

9
provider/kubernetes/fixtures/getPassHostHeader_services.yml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: awesome
spec:
ports:
- name: http
port: 801

13
provider/kubernetes/fixtures/getPassTLSCert_ingresses.yml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: awesome
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar

9
provider/kubernetes/fixtures/getPassTLSCert_services.yml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: awesome
spec:
ports:
- name: http
port: 801

12
provider/kubernetes/fixtures/hostlessIngress_ingresses.yml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: awesome
spec:
rules:
- http:
paths:
- backend:
serviceName: service1
servicePort: 801
path: /bar

10
provider/kubernetes/fixtures/hostlessIngress_services.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: awesome
spec:
clusterIP: 10.0.0.1
ports:
- name: http
port: 801

431
provider/kubernetes/fixtures/ingressAnnotations_ingresses.yml Normal file
View File

@@ -0,0 +1,431 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/preserve-host: "false"
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/preserve-host: "true"
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: other
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /stuff
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/pass-client-tls-cert: |2
pem: true
infos:
notafter: true
notbefore: true
sans: true
subject:
country: true
province: true
locality: true
organization: true
commonname: true
serialnumber: true
domaincomponent: true
issuer:
country: true
province: true
locality: true
organization: true
commonname: true
serialnumber: true
domaincomponent: true
ingress.kubernetes.io/pass-tls-cert: "true"
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: other
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /sslstuff
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/frontend-entry-points: http,https
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: other
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/auth-secret: mySecret
ingress.kubernetes.io/auth-type: basic
namespace: testing
spec:
rules:
- host: basic
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /auth
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik-other
namespace: testing
spec:
rules:
- host: herp
http:
paths:
- backend:
serviceName: service2
servicePort: 80
path: /derp
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/whitelist-source-range: 1.1.1.1/24, 1234:abcd::42/32
ingress.kubernetes.io/whitelist-x-forwarded-for: "true"
namespace: testing
spec:
rules:
- host: test
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /whitelist-source-range
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/rewrite-target: /
namespace: testing
spec:
rules:
- host: rewrite
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /api
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/auth-realm: customized
namespace: testing
spec:
rules:
- host: auth-realm-customized
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /auth-realm-customized
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/redirect-entry-point: https
namespace: testing
spec:
rules:
- host: redirect
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /https
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/error-pages: |2
foo:
status:
- "123"
- "456"
backend: bar
query: /bar
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: error-pages
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /errorpages
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/rate-limit: |2
extractorfunc: client.ip
rateset:
bar:
period: 3s
average: 6
burst: 9
foo:
period: 6s
average: 12
burst: 18
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: rate-limit
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /ratelimit
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/app-root: /root
namespace: testing
spec:
rules:
- host: root
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /
- backend:
serviceName: service1
servicePort: 80
path: /root1
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/app-root: /root2
ingress.kubernetes.io/rewrite-target: /abc
namespace: testing
spec:
rules:
- host: root2
http:
paths:
- backend:
serviceName: service2
servicePort: 80
path: /
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/rewrite-target: /abc
ingress.kubernetes.io/rule-type: ReplacePath
namespace: testing
spec:
rules:
- host: root2
http:
paths:
- backend:
serviceName: service2
servicePort: 80
path: /
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/app-root: /root
namespace: testing
spec:
rules:
- host: root3
http:
paths:
- backend:
serviceName: service1
servicePort: 80
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/allowed-hosts: foo, fii, fuu
ingress.kubernetes.io/browser-xss-filter: "true"
ingress.kubernetes.io/content-security-policy: foo
ingress.kubernetes.io/content-type-nosniff: "true"
ingress.kubernetes.io/custom-browser-xss-value: foo
ingress.kubernetes.io/custom-frame-options-value: foo
ingress.kubernetes.io/custom-request-headers: 'Access-Control-Allow-Methods:POST,GET,OPTIONS
|| Content-type: application/json; charset=utf-8'
ingress.kubernetes.io/custom-response-headers: 'Access-Control-Allow-Methods:POST,GET,OPTIONS
|| Content-type: application/json; charset=utf-8'
ingress.kubernetes.io/force-hsts: "true"
ingress.kubernetes.io/frame-deny: "true"
ingress.kubernetes.io/hsts-include-subdomains: "true"
ingress.kubernetes.io/hsts-max-age: "666"
ingress.kubernetes.io/hsts-preload: "true"
ingress.kubernetes.io/is-development: "true"
ingress.kubernetes.io/proxy-headers: foo, fii, fuu
ingress.kubernetes.io/public-key: foo
ingress.kubernetes.io/referrer-policy: foo
ingress.kubernetes.io/ssl-force-host: "true"
ingress.kubernetes.io/ssl-host: foo
ingress.kubernetes.io/ssl-proxy-headers: 'Access-Control-Allow-Methods:POST,GET,OPTIONS
|| Content-type: application/json; charset=utf-8'
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/ssl-temporary-redirect: "true"
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: custom-headers
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /customheaders
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/protocol: h2c
namespace: testing
spec:
rules:
- host: protocol
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /valid
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/protocol: foobar
namespace: testing
spec:
rules:
- host: protocol
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /notvalid
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/protocol: http
namespace: testing
spec:
rules:
- host: protocol
http:
paths:
- backend:
serviceName: serviceHTTPS
servicePort: 443
path: /missmatch
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
rules:
- host: protocol
http:
paths:
- backend:
serviceName: serviceHTTPS
servicePort: 443
path: /noAnnotation

7
provider/kubernetes/fixtures/ingressAnnotations_secrets.yml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v1
data:
auth: bXlVc2VyOm15RW5jb2RlZFBX
kind: Secret
metadata:
name: mySecret
namespace: testing

37
provider/kubernetes/fixtures/ingressAnnotations_services.yml Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
externalName: example.com
ports:
- name: http
port: 80
type: ExternalName
---
apiVersion: v1
kind: Service
metadata:
name: service2
namespace: testing
spec:
clusterIP: 10.0.0.2
ports:
- port: 802
---
apiVersion: v1
kind: Service
metadata:
name: serviceHTTPS
namespace: testing
spec:
clusterIP: 10.0.0.3
externalName: example.com
ports:
- name: https
port: 443
type: ExternalName

11
provider/kubernetes/fixtures/ingressClassAnnotation_endpoints.yml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service2
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- name: http
port: 80

81
provider/kubernetes/fixtures/ingressClassAnnotation_ingresses.yml Normal file
View File

@@ -0,0 +1,81 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik
namespace: testing
spec:
rules:
- host: other
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /stuff
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: ""
namespace: testing
spec:
rules:
- host: other
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /sslstuff
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
rules:
- host: other
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik-other
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: custom
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service2
servicePort: 80
path: /bar

24
provider/kubernetes/fixtures/ingressClassAnnotation_services.yml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
externalName: example.com
ports:
- name: http
port: 80
type: ExternalName
---
apiVersion: v1
kind: Service
metadata:
name: service2
namespace: testing
spec:
clusterIP: 10.0.0.2
ports:
- name: http
port: 80

15
provider/kubernetes/fixtures/invalidPassHostHeaderValue_ingresses.yml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/preserve-host: herpderp
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar

12
provider/kubernetes/fixtures/invalidPassHostHeaderValue_services.yml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
externalName: example.com
ports:
- name: http
port: 80
type: ExternalName

15
provider/kubernetes/fixtures/invalidPassTLSCertValue_ingresses.yml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/pass-tls-cert: herpderp
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar

12
provider/kubernetes/fixtures/invalidPassTLSCertValue_services.yml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
externalName: example.com
ports:
- name: http
port: 80
type: ExternalName

8
provider/kubernetes/fixtures/loadGlobalIngressWithExternalName_ingresses.yml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
backend:
serviceName: service1
servicePort: 80

10
provider/kubernetes/fixtures/loadGlobalIngressWithExternalName_services.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
externalName: some-external-name
ports:
- port: 80
type: ExternalName

11
provider/kubernetes/fixtures/loadGlobalIngressWithHttpsPortNames_endpoints.yml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- name: https-global
port: 8080

8
provider/kubernetes/fixtures/loadGlobalIngressWithHttpsPortNames_ingresses.yml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
backend:
serviceName: service1
servicePort: https-global

10
provider/kubernetes/fixtures/loadGlobalIngressWithHttpsPortNames_services.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
ports:
- name: https-global
port: 8443

13
provider/kubernetes/fixtures/loadGlobalIngressWithMultiplePortNumbers_endpoints.yml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- port: 8080
name: http
- port: 1111
name: foo

8
provider/kubernetes/fixtures/loadGlobalIngressWithMultiplePortNumbers_ingresses.yml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
backend:
serviceName: service1
servicePort: 80

14
provider/kubernetes/fixtures/loadGlobalIngressWithMultiplePortNumbers_services.yml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
ports:
- name: http
port: 80
targetPort: 8080
- name: foo
port: 1111
targetPort: 1111

10
provider/kubernetes/fixtures/loadGlobalIngressWithPortNumbers_endpoints.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- port: 8080

8
provider/kubernetes/fixtures/loadGlobalIngressWithPortNumbers_ingresses.yml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: testing
spec:
backend:
serviceName: service1
servicePort: 80

9
provider/kubernetes/fixtures/loadGlobalIngressWithPortNumbers_services.yml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
ports:
- port: 80

17
provider/kubernetes/fixtures/loadIngressesBasicAuth_ingresses.yml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/auth-remove-header: "true"
ingress.kubernetes.io/auth-secret: mySecret
ingress.kubernetes.io/auth-type: basic
namespace: testing
spec:
rules:
- host: basic
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /auth

7
provider/kubernetes/fixtures/loadIngressesBasicAuth_secrets.yml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v1
data:
auth: bXlVc2VyOm15RW5jb2RlZFBX
kind: Secret
metadata:
name: mySecret
namespace: testing

12
provider/kubernetes/fixtures/loadIngressesBasicAuth_services.yml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
externalName: example.com
ports:
- name: http
port: 80
type: ExternalName

10
provider/kubernetes/fixtures/loadIngressesForwardAuthMissingURL_endpoints.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- port: 8080

15
provider/kubernetes/fixtures/loadIngressesForwardAuthMissingURL_ingresses.yml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/auth-type: forward
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar

9
provider/kubernetes/fixtures/loadIngressesForwardAuthMissingURL_services.yml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: service1
namespace: testing
spec:
clusterIP: 10.0.0.1
ports:
- port: 80

10
provider/kubernetes/fixtures/loadIngressesForwardAuthWithTLSSecretFailures_endpoints.yml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: Endpoints
metadata:
name: service1
namespace: testing
subsets:
- addresses:
- ip: 10.10.0.1
ports:
- port: 8080

17
provider/kubernetes/fixtures/loadIngressesForwardAuthWithTLSSecretFailures_ingresses.yml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/auth-tls-secret: secret
ingress.kubernetes.io/auth-type: forward
ingress.kubernetes.io/auth-url: https://auth.host
namespace: testing
spec:
rules:
- host: foo
http:
paths:
- backend:
serviceName: service1
servicePort: 80
path: /bar

Some files were not shown because too many files have changed in this diff Show More