Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
k8s-ingress
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
3
Merge Requests
3
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
uplex-varnish
k8s-ingress
Commits
29cbce3a
Commit
29cbce3a
authored
Aug 27, 2020
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add helm deployments and a Makefile for the auth examples/tests.
parent
f438bbd1
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
289 additions
and
0 deletions
+289
-0
Makefile
examples/authentication/Makefile
+166
-0
values-acl-or-auth.yaml
examples/authentication/values-acl-or-auth.yaml
+48
-0
values-basic-auth.yaml
examples/authentication/values-basic-auth.yaml
+49
-0
values-proxy-auth.yaml
examples/authentication/values-proxy-auth.yaml
+26
-0
No files found.
examples/authentication/Makefile
0 → 100644
View file @
29cbce3a
# Copyright (c) 2020 UPLEX Nils Goroll Systemoptimierung
# All rights reserved
#
# Author: Geoffrey Simmons <geoffrey.simmons@uplex.de>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
# GNU make is required.
mkpath
:=
$
(
abspath
$
(
lastword
$(MAKEFILE_LIST)
))
mkdir
:=
$
(
dir
$(mkpath)
)
CHARTDIR
=
$(mkdir)
/../../charts
TESTDIR
=
$(mkdir)
/../../test
all
:
deploy
deploy-basic-auth-helm
:
@
helm
install
viking-ingress-basic-auth
$(CHARTDIR)
/viking-test-app
\
--values
values-basic-auth.yaml
deploy-proxy-auth-helm
:
@
helm
install
viking-ingress-proxy-auth
$(CHARTDIR)
/viking-test-app
\
--values
values-proxy-auth.yaml
deploy-acl-or-auth-helm
:
@
helm
install
viking-ingress-acl-or-auth
$(CHARTDIR)
/viking-test-app
\
--values
values-acl-or-auth.yaml
deploy-basic-auth-kubectl
:
@
kubectl apply
-f
$(mkdir)
/../hello/cafe.yaml
@
kubectl apply
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl apply
-f
basic-secrets.yaml
@
kubectl apply
-f
basic-auth.yaml
deploy-proxy-auth-kubectl
:
@
kubectl apply
-f
$(mkdir)
/../hello/cafe.yaml
@
kubectl apply
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl apply
-f
proxy-auth-secrets.yaml
@
kubectl apply
-f
proxy-auth.yaml
deploy-acl-or-auth-kubectl
:
@
kubectl apply
-f
$(mkdir)
/../hello/cafe.yaml
@
kubectl apply
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl apply
-f
basic-secrets.yaml
@
kubectl apply
-f
acl-or-auth.yaml
# TESTOPTS are passed to varnishtest, e.g.: make TESTOPTS=-v verify
verify-basic-auth
:
$(mkdir)
/verify_basic_auth.sh
verify-proxy-auth
:
$(mkdir)
/verify_proxy_auth.sh
verify-acl-or-auth
:
$(mkdir)
/verify_acl_or_auth.sh
wait
:
$(TESTDIR)
/wait.sh
app
=
varnish-ingress
uninstall-basic-auth-kubectl
:
@
kubectl delete
-f
basic-auth.yaml
@
kubectl delete
-f
basic-secrets.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe.yaml
uninstall-proxy-auth-kubectl
:
@
kubectl delete
-f
proxy-auth.yaml
@
kubectl delete
-f
proxy-auth-secrets.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe.yaml
uninstall-acl-or-auth-kubectl
:
@
kubectl delete
-f
acl-or-auth.yaml
@
kubectl delete
-f
basic-secrets.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe.yaml
uninstall-basic-auth-helm
:
@
helm uninstall viking-ingress-basic-auth
uninstall-proxy-auth-helm
:
@
helm uninstall viking-ingress-proxy-auth
uninstall-acl-or-auth-helm
:
@
helm uninstall viking-ingress-acl-or-auth
undeploy-basic-auth-kubectl
:
uninstall-basic-auth-kubectl wait
undeploy-proxy-auth-kubectl
:
uninstall-proxy-auth-kubectl wait
undeploy-acl-or-auth-kubectl
:
uninstall-acl-or-auth-kubectl wait
undeploy-basic-auth-helm
:
uninstall-basic-auth-helm wait
undeploy-proxy-auth-helm
:
uninstall-proxy-auth-helm wait
undeploy-acl-or-auth-helm
:
uninstall-acl-or-auth-helm wait
deploy-basic-auth
:
deploy-proxy-auth
:
deploy-acl-or-auth
:
undeploy-basic-auth
:
undeploy-proxy-auth
:
undeploy-acl-or-auth
:
ifeq
($(DEPLOY),kubectl)
deploy-basic-auth
:
deploy-basic-auth-kubectl
deploy-proxy-auth
:
deploy-proxy-auth-kubectl
deploy-acl-or-auth
:
deploy-acl-or-auth-kubectl
undeploy-basic-auth
:
undeploy-basic-auth-kubectl
undeploy-proxy-auth
:
undeploy-proxy-auth-kubectl
undeploy-acl-or-auth
:
undeploy-acl-or-auth-kubectl
else
deploy-basic-auth
:
deploy-basic-auth-helm
deploy-proxy-auth
:
deploy-proxy-auth-helm
deploy-acl-or-auth
:
deploy-acl-or-auth-helm
undeploy-basic-auth
:
undeploy-basic-auth-helm
undeploy-proxy-auth
:
undeploy-proxy-auth-helm
undeploy-acl-or-auth
:
undeploy-acl-or-auth-helm
endif
deploy verify undeploy
:
ifndef
EXAMPLE
$(error
EXAMPLE
must
be
set
to
basic-auth,
proxy-auth,
or
acl-or-auth)
endif
ifeq
($(EXAMPLE),basic-auth)
deploy
:
deploy-basic-auth
verify
:
verify-basic-auth
undeploy
:
undeploy-basic-auth
else
ifeq
($(EXAMPLE),proxy-auth)
deploy
:
deploy-proxy-auth
verify
:
verify-proxy-auth
undeploy
:
undeploy-proxy-auth
else
ifeq
($(EXAMPLE),acl-or-auth)
deploy
:
deploy-acl-or-auth
verify
:
verify-acl-or-auth
undeploy
:
undeploy-acl-or-auth
endif
.PHONY
:
all $(MAKECMDGOALS)
examples/authentication/values-acl-or-auth.yaml
0 → 100644
View file @
29cbce3a
apps
:
coffee
:
image
:
nginxdemos/hello:plain-text
replicas
:
2
tea
:
image
:
nginxdemos/hello:plain-text
replicas
:
3
ingress
:
name
:
cafe-ingress
rules
:
-
host
:
cafe.example.com
paths
:
-
path
:
/tea
app
:
tea
-
path
:
/coffee
app
:
coffee
vikingAdmSvc
:
varnish-ingress-admin
acls
:
-
name
:
ip-whitelist
addrs
:
-
addr
:
192.0.2.0
mask-bits
:
24
-
addr
:
198.51.100.0
mask-bits
:
24
-
addr
:
203.0.113.0
mask-bits
:
24
comparand
:
req.http.X-Real-IP
type
:
whitelist
fail-status
:
0
result-header
:
header
:
req.http.X-Whitelisted
success
:
"
true"
failure
:
"
false"
auth
:
-
realm
:
cafe
conditions
:
-
comparand
:
req.http.X-Whitelisted
value
:
"
false"
compare
:
equal
creds
:
coffee-admin
:
superpowers
foo
:
bar
baz
:
quux
Aladdin
:
open sesame
examples/authentication/values-basic-auth.yaml
0 → 100644
View file @
29cbce3a
apps
:
coffee
:
image
:
nginxdemos/hello:plain-text
replicas
:
2
tea
:
image
:
nginxdemos/hello:plain-text
replicas
:
3
ingress
:
name
:
cafe-ingress
rules
:
-
host
:
cafe.example.com
paths
:
-
path
:
/tea
app
:
tea
-
path
:
/coffee
app
:
coffee
vikingAdmSvc
:
varnish-ingress-admin
auth
:
-
realm
:
coffee
type
:
basic
utf8
:
true
conditions
:
-
comparand
:
req.http.Host
value
:
cafe.example.com
compare
:
equal
-
comparand
:
req.url
value
:
^/coffee($|/)
compare
:
match
creds
:
coffee-admin
:
superpowers
foo
:
bar
baz
:
quux
Aladdin
:
open sesame
-
realm
:
tea
conditions
:
-
comparand
:
req.http.Host
value
:
cafe.example.com
compare
:
equal
-
comparand
:
req.url
value
:
^/tea($|/)
compare
:
match
creds
:
tea-admin
:
awesomeness
valerian
:
sleep
matcha
:
wakeup
AlbertAddin
:
open sez me
examples/authentication/values-proxy-auth.yaml
0 → 100644
View file @
29cbce3a
apps
:
coffee
:
image
:
nginxdemos/hello:plain-text
replicas
:
2
tea
:
image
:
nginxdemos/hello:plain-text
replicas
:
3
ingress
:
name
:
cafe-ingress
rules
:
-
host
:
cafe.example.com
paths
:
-
path
:
/tea
app
:
tea
-
path
:
/coffee
app
:
coffee
vikingAdmSvc
:
varnish-ingress-admin
auth
:
-
realm
:
ingress
type
:
proxy
creds
:
proxy-admin
:
studly
proxy-user
:
password1
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment