Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: always set auth cookie #8213

Merged
merged 3 commits into from
May 19, 2022
Merged

feat: always set auth cookie #8213

merged 3 commits into from
May 19, 2022

Conversation

nabokihms
Copy link
Member

@nabokihms nabokihms commented Feb 1, 2022
edited
Loading

Signed-off-by: m.nabokikh maksim.nabokikh@flant.com

What this PR does / why we need it:

The purpose of this PR is described in detail in the linked issue. This is a naive implementation that changes default behavior.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation only

Which issue/s this PR fixes

fixes ##8078

How Has This Been Tested?

It was tested manually in a Kubernetes cluster with oauth2 proxy as an authentication provider for the nginx_auth_request module.

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I've read the CONTRIBUTION guide
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@k8s-ci-robot
Copy link
Contributor

@nabokihms: This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Feb 1, 2022
@k8s-ci-robot
Copy link
Contributor

Hi @nabokihms. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. needs-priority cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Feb 1, 2022
@strongjz
Copy link
Member

strongjz commented Feb 14, 2022
edited
Loading

Thank you for the PR, I am concerned with two things, 1 no new tests for this, and while I agree with your assessment, users probably do not want to continuously login if the back end sends a 404, this changes the behavior and should be configurable, Can we use the annotation instead of a default true?

With the annotations, we can add an e2e test and it allows it to be the users choice to set to true.

-James

/kind bug
/triage accepted
/priority important-longterm

@k8s-ci-robot k8s-ci-robot added kind/bug Categorizes issue or PR as related to a bug. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. labels Feb 14, 2022
@k8s-ci-robot
Copy link
Contributor

@strongjz: The label(s) triage/accept cannot be applied, because the repository doesn't have them.

In response to this:

Thank you for the PR, I am concerned with two things, 1 no new tests for this, and while I agree with your assessment, users probably do not want to continuously login if the back end sends a 404, this changes the behavior and should be configurable, Can we use the annotation instead of a default true?

With the annotations, we can add an e2e test and it allows it to be the users choice to set to true.

-James

/kind bug
/triage accept
/priority important-longterm

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot removed needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-priority labels Feb 14, 2022
@strongjz strongjz added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Feb 14, 2022
@rikatz
Copy link
Contributor

rikatz commented Feb 14, 2022

+1 for James comment, let's not change current behavior. A new annotation is desired and some tests on that :)

@tao12345666333
Copy link
Member

+1 for James comment, let's not change current behavior. A new annotation is desired and some tests on that :)

+1 It would be more appropriate to add a new annotation

@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. area/docs and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Feb 15, 2022
@nabokihms
Copy link
Member Author

Folks, the code has been updated according to your suggestions. I also wrote e2e tests to support what I described in the issue.

Btw, I noticed that the e2e tests docs generator is broken, so I also fixed it. Because of the links to the code in this doc, no one can write it by hand 😅 . Please let me know if I need to revert these script changes (I suppose that this is a little out of the scope of this PR).

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 7, 2022
@nabokihms
feat: always set auth cookie
bc703c8 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
@nabokihms
feat: Add annotation to always set auth cookie
3fafde7 
* Add annotation
* Add global configmap key
* Provide unit tests and e2e tests
* Fix e2e documentation autogen script

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
@nabokihms
Regenerate e2e tests
4c0d7f9 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 12, 2022
@nabokihms
Copy link
Member Author

@rikatz @strongjz just a friendly reminder about this PR.

@nabokihms
Copy link
Member Author

@rikatz @strongjz and one more. Do I need to add anything, or is this PR ok to be merged in its current state?

@strongjz
Copy link
Member

/lgtm

Thank you for the changes and the added tests!

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 19, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: nabokihms, strongjz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 19, 2022
@k8s-ci-robot k8s-ci-robot merged commit 2c27e66 into kubernetes:main May 19, 2022
@nabokihms
Copy link
Member Author

Thank you so much for the review. Great work 👍

@nabokihms nabokihms mentioned this pull request Jun 26, 2022
Closed
@nabokihms nabokihms mentioned this pull request Oct 10, 2022
Closed
9 tasks
rchshld pushed a commit to joomcode/ingress-nginx that referenced this pull request May 19, 2023
@nabokihms @rchshld
feat: always set auth cookie (kubernetes#8213)
6ae4881 
* feat: always set auth cookie

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* feat: Add annotation to always set auth cookie

* Add annotation
* Add global configmap key
* Provide unit tests and e2e tests
* Fix e2e documentation autogen script

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Regenerate e2e tests

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rikatz rikatz Awaiting requested review from rikatz

@strongjz strongjz Awaiting requested review from strongjz

Assignees

@strongjz strongjz

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/docs cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@nabokihms @k8s-ci-robot @strongjz @rikatz @tao12345666333