Skip to content

Move basic auth policy validation to CRD #7257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Move basic auth policy validation to CRD #7257

wants to merge 1 commit into from

Conversation

pdabelf5
Copy link
Collaborator

@pdabelf5 pdabelf5 commented Jan 31, 2025
edited
Loading

Proposed changes

This change moved the basic auth policy validation to the CRD level, this ensures that the NIC process does not need to be involved in the Policy validation.

Tested with
valid full spec:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: basic-auth-policy
spec:
  basicAuth:
    secret: abc123
    realm: "f f f"

missing required field:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: basic-auth-policy
spec:
  basicAuth:
    realm: "a.b.c"

missing optional field:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: basic-auth-policy
spec:
  basicAuth:
    secret: mysecret

invalid secret name:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: basic-auth-policy
spec:
  basicAuth:
    secret: ABC123
    realm: "a.b.c"

invalid realm name:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: basic-auth-policy
spec:
  basicAuth:
    secret: abc123
    realm: a.b.ci$

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

@pdabelf5 pdabelf5 requested a review from a team as a code owner January 31, 2025 11:02
@github-actions github-actions bot added the go Pull requests that update Go code label Jan 31, 2025
@codecov Codecov
Copy link

codecov bot commented Jan 31, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 52.70%. Comparing base (3f73934) to head (570d80d).
Report is 161 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7257      +/-   ##
==========================================
- Coverage   52.72%   52.70%   -0.03%     
==========================================
  Files          89       89              
  Lines       20843    20833      -10     
==========================================
- Hits        10989    10979      -10     
+ Misses       9396     9395       -1     
- Partials      458      459       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@pdabelf5 pdabelf5 marked this pull request as draft January 31, 2025 11:37
@pdabelf5 pdabelf5 closed this Apr 28, 2025
@github-project-automation github-project-automation bot moved this from Todo ☑ to Done 🚀 in NGINX Ingress Controller Apr 28, 2025
@pdabelf5 pdabelf5 deleted the basic-auth-policy-validation branch April 28, 2025 12:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
go Pull requests that update Go code
Projects
NGINX Ingress Controller
Status: Done 🚀
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@pdabelf5