Skip to content

Commit 2f3091c

Browse files
AlexFenlonAlexFenlon
authored
Add support for Agent V3 and Connecting to NGINX One Console (#7916)
1 parent 1ef76c6 commit 2f3091c

File tree

22 files changed

+2196
-955
lines changed

22 files changed

+2196
-955
lines changed

.github/data/matrix-smoke-oss.json

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,13 @@
7676
"type": "oss",
7777
"marker": "'ts or otel'",
7878
"platforms": "linux/arm64, linux/amd64"
79+
},
80+
{
81+
"label": "agent 1/1",
82+
"image": "debian",
83+
"type": "oss",
84+
"marker": "'agentv3'",
85+
"platforms": "linux/arm64, linux/amd64"
7986
}
8087
],
8188
"k8s": []

.github/data/matrix-smoke-plus.json

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,13 @@
8484
"marker": "policies_rl",
8585
"platforms": "linux/arm64, linux/amd64"
8686
},
87+
{
88+
"label": "agent 1/1",
89+
"image": "debian-plus",
90+
"type": "plus",
91+
"marker": "agentv3",
92+
"platforms": "linux/arm64, linux/amd64"
93+
},
8794
{
8895
"label": "OIDC-UI 1/1",
8996
"image": "debian-plus",

.github/workflows/build-base-images.yml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -213,8 +213,6 @@ jobs:
213213
run: |
214214
[[ "${{ matrix.nap_modules }}" == "waf,dos" ]] && modules="waf-dos" || modules="${{ matrix.nap_modules }}"
215215
echo "modules=${modules}" >> $GITHUB_OUTPUT
216-
[[ "${{ matrix.nap_modules }}" =~ waf ]] && agent="true" || agent="false"
217-
echo "agent=${agent}" >> $GITHUB_OUTPUT
218216
if: ${{ matrix.nap_modules != '' }}
219217

220218
- name: Docker meta
@@ -244,7 +242,6 @@ jobs:
244242
BUILD_OS=${{ matrix.image }}
245243
IC_VERSION=${{ needs.checks.outputs.ic_version }}
246244
NAP_MODULES=${{ matrix.nap_modules }}
247-
${{ contains(matrix.nap_modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
248245
secrets: |
249246
"nginx-repo.crt=${{ secrets.NGINX_AP_CRT }}"
250247
"nginx-repo.key=${{ secrets.NGINX_AP_KEY }}"

.github/workflows/build-plus.yml

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -83,8 +83,6 @@ jobs:
8383
echo "name=${name}" >> $GITHUB_OUTPUT
8484
[[ "${{ inputs.nap-modules }}" == "waf,dos" ]] && modules="both" || modules="${{ inputs.nap-modules }}"
8585
echo "modules=${modules}" >> $GITHUB_OUTPUT
86-
[[ "${{ inputs.nap-modules }}" =~ waf ]] && agent="true" || agent="false"
87-
echo "agent=${agent}" >> $GITHUB_OUTPUT
8886
if: ${{ inputs.nap-modules != '' }}
8987

9088
- name: Docker meta
@@ -145,7 +143,6 @@ jobs:
145143
BUILD_OS=${{ inputs.image }}
146144
IC_VERSION=${{ inputs.ic-version && inputs.ic-version || steps.meta.outputs.version }}
147145
${{ inputs.nap-modules != '' && format('NAP_MODULES={0}', steps.nap_modules.outputs.name) || '' }}
148-
${{ contains(inputs.nap-modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
149146
secrets: |
150147
"nginx-repo.crt=${{ inputs.nap-modules != '' && secrets.NGINX_AP_CRT || secrets.NGINX_CRT }}"
151148
"nginx-repo.key=${{ inputs.nap-modules != '' && secrets.NGINX_AP_KEY || secrets.NGINX_KEY }}"
@@ -190,9 +187,7 @@ jobs:
190187
${{ inputs.authenticated && format('PREBUILT_BASE_IMG={0}', steps.base_name.outputs.image ) }}
191188
IC_VERSION=${{ inputs.ic-version && inputs.ic-version || steps.meta.outputs.version }}
192189
${{ inputs.nap-modules != '' && format('NAP_MODULES={0}', steps.nap_modules.outputs.name) || '' }}
193-
${{ contains(inputs.nap-modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
194190
${{ (contains(inputs.target, 'aws') && inputs.nap-modules != '') && format('NAP_MODULES_AWS={0}', steps.nap_modules.outputs.modules) || '' }}
195-
${{ contains(inputs.image, 'v5') && 'WAF_VERSION=v5' || '' }}
196191
secrets: |
197192
"nginx-repo.crt=${{ inputs.nap-modules != '' && secrets.NGINX_AP_CRT || secrets.NGINX_CRT }}"
198193
"nginx-repo.key=${{ inputs.nap-modules != '' && secrets.NGINX_AP_KEY || secrets.NGINX_KEY }}"

.github/workflows/setup-smoke.yml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -88,8 +88,6 @@ jobs:
8888
run: |
8989
[[ "${{ inputs.nap-modules }}" == "waf,dos" ]] && modules="waf-dos" || modules="${{ inputs.nap-modules }}"
9090
echo "modules=${modules}" >> $GITHUB_OUTPUT
91-
[[ "${{ inputs.nap-modules }}" =~ waf ]] && agent="true" || agent="false"
92-
echo "agent=${agent}" >> $GITHUB_OUTPUT
9391
if: ${{ inputs.nap-modules }}
9492

9593
- name: Pull build image
@@ -139,7 +137,6 @@ jobs:
139137
BUILD_OS=${{ inputs.image }}
140138
IC_VERSION=CI
141139
${{ contains(inputs.image, 'nap') && format('NAP_MODULES={0}', steps.nap_modules.outputs.modules) || '' }}
142-
${{ contains(inputs.nap-modules,'waf') && format('NGINX_AGENT={0}', steps.nap_modules.outputs.agent) || '' }}
143140
${{ contains(inputs.marker, 'appprotect') && 'DEBIAN_VERSION=buster-slim' || '' }}
144141
secrets: |
145142
${{ contains(inputs.image, 'nap') && format('"nginx-repo.crt={0}"', secrets.NGINX_AP_CRT) || format('"nginx-repo.crt={0}"', secrets.NGINX_CRT) }}

Makefile

Lines changed: 17 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,6 @@ PLUS_REPO ?= "pkgs.nginx.com" ## The package repo to install
1414
override DOCKER_BUILD_OPTIONS += --build-arg IC_VERSION=$(VERSION) --build-arg PACKAGE_REPO=$(PLUS_REPO) ## The options for the docker build command. For example, --pull
1515
ARCH ?= amd64 ## The architecture of the image or binary. For example: amd64, arm64, ppc64le, s390x. Not all architectures are supported for all targets
1616
GOOS ?= linux ## The OS of the binary. For example linux, darwin
17-
NGINX_AGENT ?= true
1817
TELEMETRY_ENDPOINT ?= oss.edge.df.f5.com:443
1918

2019
# Additional flags added here can be accessed in main.go.
@@ -151,38 +150,32 @@ alpine-image-plus-fips: build ## Create Docker image for Ingress Controller (Alp
151150

152151
.PHONY: alpine-image-nap-plus-fips
153152
alpine-image-nap-plus-fips: build ## Create Docker image for Ingress Controller (Alpine with NGINX Plus, NGINX App Protect WAF and FIPS)
154-
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=alpine-plus-nap-fips --build-arg NGINX_AGENT=$(NGINX_AGENT)
153+
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=alpine-plus-nap-fips
155154

156155
.PHONY: alpine-image-nap-v5-plus-fips
157156
alpine-image-nap-v5-plus-fips: build ## Create Docker image for Ingress Controller (Alpine with NGINX Plus, NGINX App Protect WAFv5 and FIPS)
158157
$(DOCKER_CMD) $(PLUS_ARGS) \
159-
--build-arg BUILD_OS=alpine-plus-nap-v5-fips \
160-
--build-arg NGINX_AGENT=$(NGINX_AGENT) \
161-
--build-arg WAF_VERSION=v5
158+
--build-arg BUILD_OS=alpine-plus-nap-v5-fips
162159

163160
.PHONY: debian-image-plus
164161
debian-image-plus: build ## Create Docker image for Ingress Controller (Debian with NGINX Plus)
165162
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus
166163

167164
.PHONY: debian-image-nap-plus
168165
debian-image-nap-plus: build ## Create Docker image for Ingress Controller (Debian with NGINX Plus and NGINX App Protect WAF)
169-
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus-nap --build-arg NAP_MODULES=waf --build-arg NGINX_AGENT=$(NGINX_AGENT)
166+
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus-nap --build-arg NAP_MODULES=waf
170167

171168
.PHONY: debian-image-nap-v5-plus
172169
debian-image-nap-v5-plus: build ## Create Docker image for Ingress Controller (Debian with NGINX Plus and NGINX App Protect WAFv5)
173-
$(DOCKER_CMD) $(PLUS_ARGS) \
174-
--build-arg BUILD_OS=debian-plus-nap-v5 \
175-
--build-arg NAP_MODULES=waf \
176-
--build-arg NGINX_AGENT=$(NGINX_AGENT) \
177-
--build-arg WAF_VERSION=v5
170+
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus-nap-v5
178171

179172
.PHONY: debian-image-dos-plus
180173
debian-image-dos-plus: build ## Create Docker image for Ingress Controller (Debian with NGINX Plus and NGINX App Protect DoS)
181174
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus-nap --build-arg NAP_MODULES=dos
182175

183176
.PHONY: debian-image-nap-dos-plus
184177
debian-image-nap-dos-plus: build ## Create Docker image for Ingress Controller (Debian with NGINX Plus, NGINX App Protect WAF and DoS)
185-
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus-nap --build-arg NAP_MODULES=waf,dos --build-arg NGINX_AGENT=$(NGINX_AGENT)
178+
$(DOCKER_CMD) $(PLUS_ARGS) --build-arg BUILD_OS=debian-plus-nap --build-arg NAP_MODULES=waf,dos
186179

187180
.PHONY: ubi-image
188181
ubi-image: build ## Create Docker image for Ingress Controller (UBI)
@@ -194,23 +187,29 @@ ubi-image-plus: build ## Create Docker image for Ingress Controller (UBI with NG
194187

195188
.PHONY: ubi-image-nap-plus
196189
ubi-image-nap-plus: build ## Create Docker image for Ingress Controller (UBI with NGINX Plus and NGINX App Protect WAF)
197-
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license --build-arg BUILD_OS=ubi-9-plus-nap --build-arg NAP_MODULES=waf --build-arg NGINX_AGENT=$(NGINX_AGENT)
190+
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license --build-arg BUILD_OS=ubi-9-plus-nap --build-arg NAP_MODULES=waf
191+
192+
.PHONY: ubi8-image-nap-plus
193+
ubi8-image-nap-plus: build ## Create Docker image for Ingress Controller (UBI with NGINX Plus and NGINX App Protect WAF)
194+
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license --build-arg BUILD_OS=ubi-8-plus-nap --build-arg NAP_MODULES=waf
198195

199196
.PHONY: ubi-image-nap-v5-plus
200197
ubi-image-nap-v5-plus: build ## Create Docker image for Ingress Controller (UBI with NGINX Plus and NGINX App Protect WAFv5)
201198
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license \
202-
--build-arg BUILD_OS=ubi-9-plus-nap-v5 \
203-
--build-arg NAP_MODULES=waf \
204-
--build-arg NGINX_AGENT=$(NGINX_AGENT) \
205-
--build-arg WAF_VERSION=v5
199+
--build-arg BUILD_OS=ubi-9-plus-nap-v5
200+
201+
.PHONY: ubi8-image-nap-v5-plus
202+
ubi8-image-nap-v5-plus: build ## Create Docker image for Ingress Controller (UBI with NGINX Plus and NGINX App Protect WAFv5)
203+
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license \
204+
--build-arg BUILD_OS=ubi-8-plus-nap-v5
206205

207206
.PHONY: ubi-image-dos-plus
208207
ubi-image-dos-plus: build ## Create Docker image for Ingress Controller (UBI with NGINX Plus and NGINX App Protect DoS)
209208
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license --build-arg BUILD_OS=ubi-9-plus-nap --build-arg NAP_MODULES=dos
210209

211210
.PHONY: ubi-image-nap-dos-plus
212211
ubi-image-nap-dos-plus: build ## Create Docker image for Ingress Controller (UBI with NGINX Plus, NGINX App Protect WAF and DoS)
213-
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license --build-arg BUILD_OS=ubi-9-plus-nap --build-arg NAP_MODULES=waf,dos --build-arg NGINX_AGENT=$(NGINX_AGENT)
212+
$(DOCKER_CMD) $(PLUS_ARGS) --secret id=rhel_license,src=rhel_license --build-arg BUILD_OS=ubi-9-plus-nap --build-arg NAP_MODULES=waf,dos
214213

215214
.PHONY: all-images ## Create all the Docker images for Ingress Controller
216215
all-images: alpine-image alpine-image-plus alpine-image-plus-fips alpine-image-nap-plus-fips debian-image debian-image-plus debian-image-nap-plus debian-image-dos-plus debian-image-nap-dos-plus ubi-image ubi-image-plus ubi-image-nap-plus ubi-image-dos-plus ubi-image-nap-dos-plus

0 commit comments

Comments
 (0)