Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

annotations: print error and skip if malformed #108

Closed
wants to merge 2 commits into from
Closed

annotations: print error and skip if malformed #108

wants to merge 2 commits into from

Conversation

euank
Copy link
Contributor

@euank euank commented Jan 5, 2017

Logging annotation errors at v5 effectively means that errors are
silent.

In addition, continuing to setup an ingress rule after a malformed
authentication, rate limit, or whitelist annotation was noticed seems
a bit bad.
If a user typoes the value of an annotation, they don't deserve to be
left in a horribly insecure state, merely in a broken one.

@euank
annotations: print error and skip if malformed
8b80616 
Logging annotation errors at v5 effectively means that errors are
silent.

In addition, continuing to setup an ingress rule *after* a malformed
authentication, rate limit, or whitelist annotation was noticed seems
a bit bad.
If a user typoes the value of an annotation, they don't deserve to be
left in a horribly insecure state, merely in a broken one.
@euank
annotations: more consistent error handling
6523372
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jan 5, 2017
@k8s-reviewable
Copy link

This change is Reviewable

@coveralls
Copy link

Coverage Status

Coverage decreased (-0.04%) to 40.696% when pulling 6523372 on euank:skip-broken-annos into 567fa3b on kubernetes:master.

@aledbf
Copy link
Member

aledbf commented Jan 5, 2017

@euank something similar to this is what I'm adding in #95.
The idea is to add the error in the generated nginx.conf, and return 403 in the locations where the annotations are malformed (like authentication, rate limit, or whitelist).

@aledbf
Copy link
Member

aledbf commented Jan 5, 2017

@euank give me until tomorrow to get that PR in a state where can be reviewed

@aledbf aledbf mentioned this pull request Jan 8, 2017
Merged
@aledbf aledbf closed this in #95 Jan 13, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@euank @k8s-reviewable @coveralls @aledbf @k8s-ci-robot