1
0
mirror of https://github.com/containous/traefik.git synced 2024-12-22 13:34:03 +03:00

Merge v2.6 into v2.7

This commit is contained in:
romain 2022-03-29 15:43:10 +02:00
commit 45328ab719
10 changed files with 157 additions and 12 deletions

View File

@ -12,7 +12,8 @@ builds:
- CGO_ENABLED=0
ldflags:
- -s -w -X github.com/traefik/traefik/v2/pkg/version.Version={{.Version}} -X github.com/traefik/traefik/v2/pkg/version.Codename={{.Env.CODENAME}} -X github.com/traefik/traefik/v2/pkg/version.BuildDate={{.Date}}
flags:
- -trimpath
goos:
- linux
- darwin

View File

@ -73,6 +73,8 @@ blocks:
- curl -sSL -o /tmp/gh_${GH_VERSION}_linux_amd64.tar.gz https://github.com/cli/cli/releases/download/v${GH_VERSION}/gh_${GH_VERSION}_linux_amd64.tar.gz
- tar -zxvf /tmp/gh_${GH_VERSION}_linux_amd64.tar.gz -C /tmp
- sudo mv /tmp/gh_${GH_VERSION}_linux_amd64/bin/gh /usr/local/bin/gh
- sudo rm -rf ~/.phpbrew ~/.kerl ~/.sbt ~/.nvm ~/.npm ~/.kiex /usr/lib/jvm /opt/az /opt/firefox # Remove unnecessary data.
- sudo service docker stop && sudo umount /var/lib/docker && sudo service docker start # Unmounts the docker disk and the whole system disk is usable.
jobs:
- name: Release
commands:

View File

@ -1,3 +1,10 @@
## [v2.6.3](https://github.com/traefik/traefik/tree/v2.6.3) (2022-03-28)
[All Commits](https://github.com/traefik/traefik/compare/v2.6.2...v2.6.3)
**Bug fixes:**
- **[plugins]** Fix slice parsing for plugins ([#8886](https://github.com/traefik/traefik/pull/8886) by [ldez](https://github.com/ldez))
- **[tls]** Return TLS unrecognized_name error when no certificate is available ([#8893](https://github.com/traefik/traefik/pull/8893) by [rtribotte](https://github.com/rtribotte))
## [v2.7.0-rc1](https://github.com/traefik/traefik/tree/v2.7.0-rc1) (2022-03-24)
[All Commits](https://github.com/traefik/traefik/compare/v2.6.0-rc1...v2.7.0-rc1)

View File

@ -1,7 +1,45 @@
mkdocs==1.2.2
pymdown-extensions==7.0
mkdocs-bootswatch==1.0
mkdocs-traefiklabs>=100.0.7
markdown-include==0.5.1
mkdocs-exclude==1.0.2
appdirs==1.4.4
CacheControl==0.12.6
certifi==2020.12.5
chardet==4.0.0
click==8.0.4
colorama==0.4.4
contextlib2==0.6.0
distlib==0.3.1
distro==1.5.0
ghp-import==2.0.2
html5lib==1.1
idna==3.2
importlib-metadata==4.11.3
Jinja2==3.0.0
lockfile==0.12.2
Markdown==3.3.6
markdown-include==0.5.1
MarkupSafe==2.1.1
mergedeep==1.3.4
mkdocs-bootswatch==1.0
mkdocs-exclude==1.0.2
mkdocs-material-extensions==1.0.3
msgpack==1.0.2
ordered-set==4.0.2
packaging==20.9
pep517==0.10.0
progress==1.5
Pygments==2.11.2
pymdown-extensions==7.0
pyparsing==2.4.7
python-dateutil==2.8.2
PyYAML==6.0
pyyaml-env-tag==0.1
requests==2.25.1
retrying==1.3.3
six==1.15.0
toml==0.10.2
urllib3==1.26.5
watchdog==2.1.7
webencodings==0.5.1
zipp==3.7.0

View File

@ -86,7 +86,7 @@ func (p middlewareBuilder) createConfig(config map[string]interface{}) (reflect.
vConfig := results[0]
cfg := &mapstructure.DecoderConfig{
DecodeHook: mapstructure.StringToSliceHookFunc(","),
DecodeHook: stringToSliceHookFunc,
WeaklyTypedInput: true,
Result: vConfig.Interface(),
}

View File

@ -4,6 +4,7 @@ import (
"context"
"errors"
"fmt"
"reflect"
"strings"
"github.com/hashicorp/go-multierror"
@ -166,3 +167,26 @@ func checkLocalPluginManifest(descriptor LocalDescriptor) error {
return errs.ErrorOrNil()
}
func stringToSliceHookFunc(f reflect.Kind, t reflect.Kind, data interface{}) (interface{}, error) {
if f != reflect.String || t != reflect.Slice {
return data, nil
}
raw := data.(string)
if raw == "" {
return []string{}, nil
}
if strings.Contains(raw, "║") {
values := strings.Split(raw, "║")
// Removes the first value if the slice has a length of 2 and a first value empty.
// It's a workaround to escape the parsing on `,`.
if len(values) == 2 && values[0] == "" {
return values[1:], nil
}
return values, nil
}
return strings.Split(raw, ","), nil
}

View File

@ -0,0 +1,60 @@
package plugins
import (
"reflect"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func Test_stringToSliceHookFunc(t *testing.T) {
testCases := []struct {
desc string
data string
expected []string
}{
{
desc: "without separator",
data: "abc",
expected: []string{"abc"},
},
{
desc: "with the file separator",
data: "a║b║c",
expected: []string{"a", "b", "c"},
},
{
desc: "with the label separator",
data: "a,b,c",
expected: []string{"a", "b", "c"},
},
{
desc: "with the file separator and values with commas",
data: "a,z║b,w║c,x,y",
expected: []string{"a,z", "b,w", "c,x,y"},
},
{
desc: "escaping workaround",
data: "║a,z",
expected: []string{"a,z"},
},
{
desc: "with the file separator and empty item",
data: "║a║z",
expected: []string{"", "a", "z"},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
values, err := stringToSliceHookFunc(reflect.String, reflect.Slice, test.data)
require.NoError(t, err)
assert.EqualValues(t, test.expected, values)
})
}
}

View File

@ -93,7 +93,7 @@ func newProvider(builder providerBuilder, config map[string]interface{}, provide
}
cfg := &mapstructure.DecoderConfig{
DecodeHook: mapstructure.StringToSliceHookFunc(","),
DecodeHook: stringToSliceHookFunc,
WeaklyTypedInput: true,
Result: vConfig.Interface(),
}

View File

@ -143,7 +143,18 @@ func (m *Manager) Get(storeName, configName string) (*tls.Config, error) {
if isACMETLS(clientHello) {
certificate := acmeTLSStore.GetBestCertificate(clientHello)
if certificate == nil {
return nil, fmt.Errorf("no certificate for TLSALPN challenge: %s", domainToCheck)
log.WithoutContext().Debugf("TLS: no certificate for TLSALPN challenge: %s", domainToCheck)
// We want the user to eventually get the (alertUnrecognizedName) "unrecognized
// name" error.
// Unfortunately, if we returned an error here, since we can't use
// the unexported error (errNoCertificates) that our caller (config.getCertificate
// in crypto/tls) uses as a sentinel, it would report an (alertInternalError)
// "internal error" instead of an alertUnrecognizedName.
// Which is why we return no error, and we let the caller detect that there's
// actually no certificate, and fall back into the flow that will report
// the desired error.
// https://cs.opensource.google/go/go/+/dev.boringcrypto.go1.17:src/crypto/tls/common.go;l=1058
return nil, nil
}
return certificate, nil
@ -155,7 +166,9 @@ func (m *Manager) Get(storeName, configName string) (*tls.Config, error) {
}
if sniStrict {
return nil, fmt.Errorf("strict SNI enabled - No certificate found for domain: %q, closing connection", domainToCheck)
log.WithoutContext().Debugf("TLS: strict SNI enabled - No certificate found for domain: %q, closing connection", domainToCheck)
// Same comment as above, as in the isACMETLS case.
return nil, nil
}
log.WithoutContext().Debugf("Serving default certificate for request: %q", domainToCheck)

View File

@ -4,11 +4,11 @@ RepositoryName = "traefik"
OutputType = "file"
FileName = "traefik_changelog.md"
# example new bugfix v2.6.2
# example new bugfix v2.6.3
CurrentRef = "v2.6"
PreviousRef = "v2.6.1"
PreviousRef = "v2.6.2"
BaseBranch = "v2.6"
FutureCurrentRefName = "v2.6.2"
FutureCurrentRefName = "v2.6.3"
ThresholdPreviousRef = 10
ThresholdCurrentRef = 10