homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Prepare release v3.4.0-rc1

Browse source
This commit is contained in:
Kevin Pollet 2025-03-31 15:42:05 +02:00 committed by GitHub
parent ec38a0675f
commit 405be420c9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
52 changed files with 393 additions and 362 deletions
Download patch file Download diff file Expand all files Collapse all files

52
pkg/cli/deprecation.go
View file

@ -195,7 +195,7 @@ func (c *configuration) deprecationNotice(logger zerolog.Logger) bool {
if c.Pilot != nil {
incompatible = true
logger.Error().Msg("Pilot configuration has been removed in v3, please remove all Pilot-related static configuration for Traefik to start." +
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#pilot")
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#pilot")
}
incompatibleCore := c.Core.deprecationNotice(logger)
@ -213,7 +213,7 @@ func (c *core) deprecationNotice(logger zerolog.Logger) bool {
if c != nil && c.DefaultRuleSyntax != "" {
logger.Error().Msg("`Core.DefaultRuleSyntax` option has been deprecated in v3.4, and will be removed in the next major version." +
" Please consider migrating all router rules to v3 syntax." +
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v3/#rule-syntax")
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v3/#rule-syntax")
}
return false
@ -243,13 +243,13 @@ func (p *providers) deprecationNotice(logger zerolog.Logger) bool {
if p.Marathon != nil {
incompatible = true
logger.Error().Msg("Marathon provider has been removed in v3, please remove all Marathon-related static configuration for Traefik to start." +
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#marathon-provider")
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#marathon-provider")
}
if p.Rancher != nil {
incompatible = true
logger.Error().Msg("Rancher provider has been removed in v3, please remove all Rancher-related static configuration for Traefik to start." +
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#rancher-v1-provider")
" For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#rancher-v1-provider")
}
dockerIncompatible := p.Docker.deprecationNotice(logger)
@ -291,14 +291,14 @@ func (d *docker) deprecationNotice(logger zerolog.Logger) bool {
if d.SwarmMode != nil {
incompatible = true
logger.Error().Msg("Docker provider `swarmMode` option has been removed in v3, please use the Swarm Provider instead." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#docker-docker-swarm")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#docker-docker-swarm")
}
if d.TLS != nil && d.TLS.CAOptional != nil {
incompatible = true
logger.Error().Msg("Docker provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tlscaoptional")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tlscaoptional")
}
return incompatible
@ -339,7 +339,7 @@ func (e *etcd) deprecationNotice(logger zerolog.Logger) bool {
incompatible = true
logger.Error().Msg("ETCD provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tlscaoptional_3")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tlscaoptional_3")
}
return incompatible
@ -360,7 +360,7 @@ func (r *redis) deprecationNotice(logger zerolog.Logger) bool {
incompatible = true
logger.Error().Msg("Redis provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tlscaoptional_4")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tlscaoptional_4")
}
return incompatible
@ -381,14 +381,14 @@ func (c *consul) deprecationNotice(logger zerolog.Logger) bool {
if c.Namespace != nil {
incompatible = true
logger.Error().Msg("Consul provider `namespace` option has been removed, please use the `namespaces` option instead." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#consul-provider")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#consul-provider")
}
if c.TLS != nil && c.TLS.CAOptional != nil {
incompatible = true
logger.Error().Msg("Consul provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tlscaoptional_1")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tlscaoptional_1")
}
return incompatible
@ -413,14 +413,14 @@ func (c *consulCatalog) deprecationNotice(logger zerolog.Logger) bool {
if c.Namespace != nil {
incompatible = true
logger.Error().Msg("ConsulCatalog provider `namespace` option has been removed, please use the `namespaces` option instead." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#consulcatalog-provider")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#consulcatalog-provider")
}
if c.Endpoint != nil && c.Endpoint.TLS != nil && c.Endpoint.TLS.CAOptional != nil {
incompatible = true
logger.Error().Msg("ConsulCatalog provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#endpointtlscaoptional")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#endpointtlscaoptional")
}
return incompatible
@ -441,14 +441,14 @@ func (n *nomad) deprecationNotice(logger zerolog.Logger) bool {
if n.Namespace != nil {
incompatible = true
logger.Error().Msg("Nomad provider `namespace` option has been removed, please use the `namespaces` option instead." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#nomad-provider")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#nomad-provider")
}
if n.Endpoint != nil && n.Endpoint.TLS != nil && n.Endpoint.TLS.CAOptional != nil {
incompatible = true
logger.Error().Msg("Nomad provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#endpointtlscaoptional_1")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#endpointtlscaoptional_1")
}
return incompatible
@ -469,7 +469,7 @@ func (h *http) deprecationNotice(logger zerolog.Logger) bool {
incompatible = true
logger.Error().Msg("HTTP provider `tls.CAOptional` option has been removed in v3, as TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634)." +
"Please remove all occurrences from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tlscaoptional_2")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tlscaoptional_2")
}
return incompatible
@ -487,7 +487,7 @@ func (i *ingress) deprecationNotice(logger zerolog.Logger) {
if i.DisableIngressClassLookup != nil {
logger.Error().Msg("Kubernetes Ingress provider `disableIngressClassLookup` option has been deprecated in v3.1, and will be removed in the next major version." +
"Please use the `disableClusterScopeResources` option instead." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v3/#ingressclasslookup")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v3/#ingressclasslookup")
}
}
@ -504,7 +504,7 @@ func (e *experimental) deprecationNotice(logger zerolog.Logger) bool {
if e.HTTP3 != nil {
logger.Error().Msg("HTTP3 is not an experimental feature in v3 and the associated enablement has been removed." +
"Please remove its usage from the static configuration for Traefik to start." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3-details/#http3")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3-details/#http3")
return true
}
@ -512,7 +512,7 @@ func (e *experimental) deprecationNotice(logger zerolog.Logger) bool {
if e.KubernetesGateway != nil {
logger.Error().Msg("KubernetesGateway provider is not an experimental feature starting with v3.1." +
"Please remove its usage from the static configuration." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v3/#gateway-api-kubernetesgateway-provider")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v3/#gateway-api-kubernetesgateway-provider")
}
return false
@ -539,7 +539,7 @@ func (t *tracing) deprecationNotice(logger zerolog.Logger) bool {
if t.SpanNameLimit != nil {
incompatible = true
logger.Error().Msg("SpanNameLimit option for Tracing has been removed in v3, as Span names are now of a fixed length." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
if t.GlobalAttributes != nil {
@ -547,49 +547,49 @@ func (t *tracing) deprecationNotice(logger zerolog.Logger) bool {
logger.Error().Msg("`tracing.globalAttributes` option has been deprecated in v3.3, and will be removed in the next major version." +
"Please use the `tracing.resourceAttributes` option instead." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v3/#tracing-global-attributes")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v3/#tracing-global-attributes")
}
if t.Jaeger != nil {
incompatible = true
logger.Error().Msg("Jaeger Tracing backend has been removed in v3, please remove all Jaeger-related Tracing static configuration for Traefik to start." +
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
if t.Zipkin != nil {
incompatible = true
logger.Error().Msg("Zipkin Tracing backend has been removed in v3, please remove all Zipkin-related Tracing static configuration for Traefik to start." +
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
if t.Datadog != nil {
incompatible = true
logger.Error().Msg("Datadog Tracing backend has been removed in v3, please remove all Datadog-related Tracing static configuration for Traefik to start." +
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
if t.Instana != nil {
incompatible = true
logger.Error().Msg("Instana Tracing backend has been removed in v3, please remove all Instana-related Tracing static configuration for Traefik to start." +
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
if t.Haystack != nil {
incompatible = true
logger.Error().Msg("Haystack Tracing backend has been removed in v3, please remove all Haystack-related Tracing static configuration for Traefik to start." +
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
if t.Elastic != nil {
incompatible = true
logger.Error().Msg("Elastic Tracing backend has been removed in v3, please remove all Elastic-related Tracing static configuration for Traefik to start." +
"In v3, Open Telemetry replaces specific tracing backend implementations, and an collector/exporter can be used to export metrics in a vendor specific format." +
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.3/migration/v2-to-v3/#tracing")
"For more information please read the migration guide: https://doc.traefik.io/traefik/v3.4/migration/v2-to-v3/#tracing")
}
return incompatible

50
pkg/config/dynamic/middlewares.go
View file

@ -77,7 +77,7 @@ type ContentType struct {
// AddPrefix holds the add prefix middleware configuration.
// This middleware updates the path of a request before forwarding it.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/addprefix/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/addprefix/
type AddPrefix struct {
// Prefix is the string to add before the current path in the requested URL.
// It should include a leading slash (/).
@ -89,7 +89,7 @@ type AddPrefix struct {
// BasicAuth holds the basic auth middleware configuration.
// This middleware restricts access to your services to known users.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/basicauth/
type BasicAuth struct {
// Users is an array of authorized users.
// Each user must be declared using the name:hashed-password format.
@ -104,7 +104,7 @@ type BasicAuth struct {
// Default: false.
RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"`
// HeaderField defines a header field to store the authenticated user.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/basicauth/#headerfield
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
}
@ -112,7 +112,7 @@ type BasicAuth struct {
// Buffering holds the buffering middleware configuration.
// This middleware retries or limits the size of requests that can be forwarded to backends.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#maxrequestbodybytes
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/buffering/#maxrequestbodybytes
type Buffering struct {
// MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
// If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
@ -130,7 +130,7 @@ type Buffering struct {
MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"`
// RetryExpression defines the retry conditions.
// It is a logical combination of functions with operators AND (&&) and OR (||).
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#retryexpression
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/buffering/#retryexpression
RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"`
}
@ -147,7 +147,7 @@ type Chain struct {
// CircuitBreaker holds the circuit breaker middleware configuration.
// This middleware protects the system from stacking requests to unhealthy services, resulting in cascading failures.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/circuitbreaker/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/circuitbreaker/
type CircuitBreaker struct {
// Expression defines the expression that, once matched, opens the circuit breaker and applies the fallback mechanism instead of calling the services.
Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"`
@ -197,7 +197,7 @@ func (c *Compress) SetDefaults() {
// DigestAuth holds the digest auth middleware configuration.
// This middleware restricts access to your services to known users.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/digestauth/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/digestauth/
type DigestAuth struct {
// Users defines the authorized users.
// Each user should be declared using the name:realm:encoded-password format.
@ -210,7 +210,7 @@ type DigestAuth struct {
// Default: traefik.
Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"`
// HeaderField defines a header field to store the authenticated user.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/basicauth/#headerfield
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
}
@ -241,7 +241,7 @@ type ErrorPage struct {
// ForwardAuth holds the forward auth middleware configuration.
// This middleware delegates the request authentication to a Service.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/forwardauth/
type ForwardAuth struct {
// Address defines the authentication server address.
Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
@ -252,7 +252,7 @@ type ForwardAuth struct {
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"`
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#authresponseheadersregex
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/forwardauth/#authresponseheadersregex
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"`
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
// If not set or empty then all request headers are passed.
@ -260,7 +260,7 @@ type ForwardAuth struct {
// AddAuthCookiesToResponse defines the list of cookies to copy from the authentication server response to the response.
AddAuthCookiesToResponse []string `json:"addAuthCookiesToResponse,omitempty" toml:"addAuthCookiesToResponse,omitempty" yaml:"addAuthCookiesToResponse,omitempty" export:"true"`
// HeaderField defines a header field to store the authenticated user.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#headerfield
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/forwardauth/#headerfield
HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"`
// ForwardBody defines whether to send the request body to the authentication server.
ForwardBody bool `json:"forwardBody,omitempty" toml:"forwardBody,omitempty" yaml:"forwardBody,omitempty" export:"true"`
@ -295,7 +295,7 @@ type ClientTLS struct {
// Headers holds the headers middleware configuration.
// This middleware manages the requests and responses headers.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/headers/#customrequestheaders
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/headers/#customrequestheaders
type Headers struct {
// CustomRequestHeaders defines the header names and values to apply to the request.
CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"`
@ -425,7 +425,7 @@ func (h *Headers) HasSecureHeadersDefined() bool {
// +k8s:deepcopy-gen=true
// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/ipallowlist/#ipstrategy
type IPStrategy struct {
// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
// +kubebuilder:validation:Minimum=0
@ -480,7 +480,7 @@ func (s *IPStrategy) Get() (ip.Strategy, error) {
// IPWhiteList holds the IP whitelist middleware configuration.
// This middleware limits allowed requests based on the client IP.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipwhitelist/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/ipwhitelist/
// Deprecated: please use IPAllowList instead.
type IPWhiteList struct {
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
@ -492,7 +492,7 @@ type IPWhiteList struct {
// IPAllowList holds the IP allowlist middleware configuration.
// This middleware limits allowed requests based on the client IP.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/ipallowlist/
type IPAllowList struct {
// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`
@ -506,7 +506,7 @@ type IPAllowList struct {
// InFlightReq holds the in-flight request middleware configuration.
// This middleware limits the number of requests being processed and served concurrently.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/inflightreq/
type InFlightReq struct {
// Amount defines the maximum amount of allowed simultaneous in-flight request.
// The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
@ -515,7 +515,7 @@ type InFlightReq struct {
// SourceCriterion defines what criterion is used to group requests as originating from a common source.
// If several strategies are defined at the same time, an error will be raised.
// If none are set, the default is to use the requestHost.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/#sourcecriterion
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/inflightreq/#sourcecriterion
SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"`
}
@ -523,7 +523,7 @@ type InFlightReq struct {
// PassTLSClientCert holds the pass TLS client cert middleware configuration.
// This middleware adds the selected data from the passed client TLS certificate to a header.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/passtlsclientcert/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/passtlsclientcert/
type PassTLSClientCert struct {
// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"`
@ -635,7 +635,7 @@ func (r *Redis) SetDefaults() {
// RedirectRegex holds the redirect regex middleware configuration.
// This middleware redirects a request using regex matching and replacement.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectregex/#regex
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/redirectregex/#regex
type RedirectRegex struct {
// Regex defines the regex used to match and capture elements from the request URL.
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"`
@ -649,7 +649,7 @@ type RedirectRegex struct {
// RedirectScheme holds the redirect scheme middleware configuration.
// This middleware redirects requests from a scheme/port to another.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectscheme/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/redirectscheme/
type RedirectScheme struct {
// Scheme defines the scheme of the new URL.
Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"`
@ -663,7 +663,7 @@ type RedirectScheme struct {
// ReplacePath holds the replace path middleware configuration.
// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepath/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/replacepath/
type ReplacePath struct {
// Path defines the path to use as replacement in the request URL.
Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"`
@ -673,7 +673,7 @@ type ReplacePath struct {
// ReplacePathRegex holds the replace path regex middleware configuration.
// This middleware replaces the path of a URL using regex matching and replacement.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepathregex/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/replacepathregex/
type ReplacePathRegex struct {
// Regex defines the regular expression used to match and capture the path from the request URL.
Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`
@ -686,7 +686,7 @@ type ReplacePathRegex struct {
// Retry holds the retry middleware configuration.
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/retry/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/retry/
type Retry struct {
// Attempts defines how many times the request should be retried.
Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"`
@ -702,7 +702,7 @@ type Retry struct {
// StripPrefix holds the strip prefix middleware configuration.
// This middleware removes the specified prefixes from the URL path.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefix/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/stripprefix/
type StripPrefix struct {
// Prefixes defines the prefixes to strip from the request URL.
Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"`
@ -717,7 +717,7 @@ type StripPrefix struct {
// StripPrefixRegex holds the strip prefix regex middleware configuration.
// This middleware removes the matching prefixes from the URL path.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefixregex/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/stripprefixregex/
type StripPrefixRegex struct {
// Regex defines the regular expression to match the path prefix from the request URL.
Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"`

2
pkg/config/dynamic/tcp_config.go
View file

@ -126,7 +126,7 @@ type TCPServer struct {
// +k8s:deepcopy-gen=true
// ProxyProtocol holds the PROXY Protocol configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#proxy-protocol
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#proxy-protocol
type ProxyProtocol struct {
// Version defines the PROXY Protocol version to use.
// +kubebuilder:validation:Minimum=1

4
pkg/config/dynamic/tcp_middlewares.go
View file

@ -15,7 +15,7 @@ type TCPMiddleware struct {
// TCPInFlightConn holds the TCP InFlightConn middleware configuration.
// This middleware prevents services from being overwhelmed with high load,
// by limiting the number of allowed simultaneous connections for one IP.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/inflightconn/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/tcp/inflightconn/
type TCPInFlightConn struct {
// Amount defines the maximum amount of allowed simultaneous connections.
// The middleware closes the connection if there are already amount connections opened.
@ -36,7 +36,7 @@ type TCPIPWhiteList struct {
// TCPIPAllowList holds the TCP IPAllowList middleware configuration.
// This middleware limits allowed requests based on the client IP.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipallowlist/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/tcp/ipallowlist/
type TCPIPAllowList struct {
// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).
SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"`

30
pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroute.go
View file

@ -13,18 +13,18 @@ type IngressRouteSpec struct {
Routes []Route `json:"routes"`
// EntryPoints defines the list of entry point names to bind to.
// Entry points have to be configured in the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/
// More info: https://doc.traefik.io/traefik/v3.4/routing/entrypoints/
// Default: all.
EntryPoints []string `json:"entryPoints,omitempty"`
// TLS defines the TLS configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#tls
TLS *TLS `json:"tls,omitempty"`
}
// Route holds the HTTP route configuration.
type Route struct {
// Match defines the router's rule.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rule
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#rule
Match string `json:"match"`
// Kind defines the kind of the route.
// Rule is the only supported kind.
@ -32,18 +32,18 @@ type Route struct {
// +kubebuilder:validation:Enum=Rule
Kind string `json:"kind,omitempty"`
// Priority defines the router's priority.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#priority
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#priority
// +kubebuilder:validation:Maximum=9223372036854774807
Priority int `json:"priority,omitempty"`
// Syntax defines the router's rule syntax.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rulesyntax
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#rulesyntax
// Deprecated: Please do not use this field and rewrite the router rules to use the v3 syntax.
Syntax string `json:"syntax,omitempty"`
// Services defines the list of Service.
// It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
Services []Service `json:"services,omitempty"`
// Middlewares defines the list of references to Middleware resources.
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-middleware
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#kind-middleware
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
// Observability defines the observability configuration for a router.
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#observability
@ -51,43 +51,43 @@ type Route struct {
}
// TLS holds the TLS configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#tls
type TLS struct {
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
SecretName string `json:"secretName,omitempty"`
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
// If not defined, the `default` TLSOption is used.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#tls-options
Options *TLSOptionRef `json:"options,omitempty"`
// Store defines the reference to the TLSStore, that will be used to store certificates.
// Please note that only `default` TLSStore can be used.
Store *TLSStoreRef `json:"store,omitempty"`
// CertResolver defines the name of the certificate resolver to use.
// Cert resolvers have to be configured in the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/https/acme/#certificate-resolvers
// More info: https://doc.traefik.io/traefik/v3.4/https/acme/#certificate-resolvers
CertResolver string `json:"certResolver,omitempty"`
// Domains defines the list of domains that will be used to issue certificates.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#domains
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#domains
Domains []types.Domain `json:"domains,omitempty"`
}
// TLSOptionRef is a reference to a TLSOption resource.
type TLSOptionRef struct {
// Name defines the name of the referenced TLSOption.
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsoption
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#kind-tlsoption
Name string `json:"name"`
// Namespace defines the namespace of the referenced TLSOption.
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsoption
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#kind-tlsoption
Namespace string `json:"namespace,omitempty"`
}
// TLSStoreRef is a reference to a TLSStore resource.
type TLSStoreRef struct {
// Name defines the name of the referenced TLSStore.
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsstore
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#kind-tlsstore
Name string `json:"name"`
// Namespace defines the namespace of the referenced TLSStore.
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsstore
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#kind-tlsstore
Namespace string `json:"namespace,omitempty"`
}
@ -104,7 +104,7 @@ type LoadBalancerSpec struct {
// Namespace defines the namespace of the referenced Kubernetes Service or TraefikService.
Namespace string `json:"namespace,omitempty"`
// Sticky defines the sticky sessions configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#sticky-sessions
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
// Port defines the port of a Kubernetes Service.
// This can be a reference to a named port.

20
pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressroutetcp.go
View file

@ -13,25 +13,25 @@ type IngressRouteTCPSpec struct {
Routes []RouteTCP `json:"routes"`
// EntryPoints defines the list of entry point names to bind to.
// Entry points have to be configured in the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/
// More info: https://doc.traefik.io/traefik/v3.4/routing/entrypoints/
// Default: all.
EntryPoints []string `json:"entryPoints,omitempty"`
// TLS defines the TLS configuration on a layer 4 / TCP Route.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls_1
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#tls_1
TLS *TLSTCP `json:"tls,omitempty"`
}
// RouteTCP holds the TCP route configuration.
type RouteTCP struct {
// Match defines the router's rule.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rule_1
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#rule_1
Match string `json:"match"`
// Priority defines the router's priority.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#priority_1
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#priority_1
// +kubebuilder:validation:Maximum=9223372036854774807
Priority int `json:"priority,omitempty"`
// Syntax defines the router's rule syntax.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rulesyntax_1
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#rulesyntax_1
// +kubebuilder:validation:Enum=v3;v2
// Deprecated: Please do not use this field and rewrite the router rules to use the v3 syntax.
Syntax string `json:"syntax,omitempty"`
@ -42,7 +42,7 @@ type RouteTCP struct {
}
// TLSTCP holds the TLS configuration for an IngressRouteTCP.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls_1
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#tls_1
type TLSTCP struct {
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
SecretName string `json:"secretName,omitempty"`
@ -50,17 +50,17 @@ type TLSTCP struct {
Passthrough bool `json:"passthrough,omitempty"`
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
// If not defined, the `default` TLSOption is used.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#tls-options
Options *ObjectReference `json:"options,omitempty"`
// Store defines the reference to the TLSStore, that will be used to store certificates.
// Please note that only `default` TLSStore can be used.
Store *ObjectReference `json:"store,omitempty"`
// CertResolver defines the name of the certificate resolver to use.
// Cert resolvers have to be configured in the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/https/acme/#certificate-resolvers
// More info: https://doc.traefik.io/traefik/v3.4/https/acme/#certificate-resolvers
CertResolver string `json:"certResolver,omitempty"`
// Domains defines the list of domains that will be used to issue certificates.
// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#domains
// More info: https://doc.traefik.io/traefik/v3.4/routing/routers/#domains
Domains []types.Domain `json:"domains,omitempty"`
}
@ -85,7 +85,7 @@ type ServiceTCP struct {
// Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead.
TerminationDelay *int `json:"terminationDelay,omitempty"`
// ProxyProtocol defines the PROXY protocol configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#proxy-protocol
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#proxy-protocol
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
// ServersTransport defines the name of ServersTransportTCP resource to use.
// It allows to configure the transport between Traefik and your servers.

2
pkg/provider/kubernetes/crd/traefikio/v1alpha1/ingressrouteudp.go
View file

@ -11,7 +11,7 @@ type IngressRouteUDPSpec struct {
Routes []RouteUDP `json:"routes"`
// EntryPoints defines the list of entry point names to bind to.
// Entry points have to be configured in the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/
// More info: https://doc.traefik.io/traefik/v3.4/routing/entrypoints/
// Default: all.
EntryPoints []string `json:"entryPoints,omitempty"`
}

28
pkg/provider/kubernetes/crd/traefikio/v1alpha1/middleware.go
View file

@ -12,7 +12,7 @@ import (
// +kubebuilder:storageversion
// Middleware is the CRD implementation of a Traefik Middleware.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/overview/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/overview/
type Middleware struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
@ -60,7 +60,7 @@ type MiddlewareSpec struct {
// ErrorPage holds the custom error middleware configuration.
// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/errorpages/
type ErrorPage struct {
// Status defines which status or range of statuses should result in an error page.
// It can be either a status code as a number (500),
@ -73,7 +73,7 @@ type ErrorPage struct {
// For example: "418": 404 or "410-418": 404
StatusRewrites map[string]int `json:"statusRewrites,omitempty"`
// Service defines the reference to a Kubernetes Service that will serve the error page.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/#service
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/errorpages/#service
Service Service `json:"service,omitempty"`
// Query defines the URL for the error page (hosted by service).
// The {status} variable can be used in order to insert the status code in the URL.
@ -108,7 +108,7 @@ type CircuitBreaker struct {
// Chain holds the configuration of the chain middleware.
// This middleware enables to define reusable combinations of other pieces of middleware.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/chain/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/chain/
type Chain struct {
// Middlewares is the list of MiddlewareRef which composes the chain.
Middlewares []MiddlewareRef `json:"middlewares,omitempty"`
@ -118,7 +118,7 @@ type Chain struct {
// BasicAuth holds the basic auth middleware configuration.
// This middleware restricts access to your services to known users.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/basicauth/
type BasicAuth struct {
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
Secret string `json:"secret,omitempty"`
@ -129,7 +129,7 @@ type BasicAuth struct {
// Default: false.
RemoveHeader bool `json:"removeHeader,omitempty"`
// HeaderField defines a header field to store the authenticated user.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/basicauth/#headerfield
HeaderField string `json:"headerField,omitempty"`
}
@ -137,7 +137,7 @@ type BasicAuth struct {
// DigestAuth holds the digest auth middleware configuration.
// This middleware restricts access to your services to known users.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/digestauth/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/digestauth/
type DigestAuth struct {
// Secret is the name of the referenced Kubernetes Secret containing user credentials.
Secret string `json:"secret,omitempty"`
@ -147,7 +147,7 @@ type DigestAuth struct {
// Default: traefik.
Realm string `json:"realm,omitempty"`
// HeaderField defines a header field to store the authenticated user.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/basicauth/#headerfield
HeaderField string `json:"headerField,omitempty"`
}
@ -155,7 +155,7 @@ type DigestAuth struct {
// ForwardAuth holds the forward auth middleware configuration.
// This middleware delegates the request authentication to a Service.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/forwardauth/
type ForwardAuth struct {
// Address defines the authentication server address.
Address string `json:"address,omitempty"`
@ -164,7 +164,7 @@ type ForwardAuth struct {
// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
AuthResponseHeaders []string `json:"authResponseHeaders,omitempty"`
// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#authresponseheadersregex
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/forwardauth/#authresponseheadersregex
AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty"`
// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
// If not set or empty then all request headers are passed.
@ -174,7 +174,7 @@ type ForwardAuth struct {
// AddAuthCookiesToResponse defines the list of cookies to copy from the authentication server response to the response.
AddAuthCookiesToResponse []string `json:"addAuthCookiesToResponse,omitempty"`
// HeaderField defines a header field to store the authenticated user.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#headerfield
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/forwardauth/#headerfield
HeaderField string `json:"headerField,omitempty"`
// ForwardBody defines whether to send the request body to the authentication server.
ForwardBody bool `json:"forwardBody,omitempty"`
@ -201,7 +201,7 @@ type ClientTLSWithCAOptional struct {
// RateLimit holds the rate limit configuration.
// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ratelimit/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/ratelimit/
type RateLimit struct {
// Average is the maximum rate, by default in requests/s, allowed for the given source.
// It defaults to 0, which means no rate limiting.
@ -286,7 +286,7 @@ type ClientTLS struct {
// Compress holds the compress middleware configuration.
// This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/compress/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/compress/
type Compress struct {
// ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
// `application/grpc` is always excluded.
@ -308,7 +308,7 @@ type Compress struct {
// Retry holds the retry middleware configuration.
// This middleware reissues requests a given number of times to a backend server if that server does not reply.
// As soon as the server answers, the middleware stops retrying, regardless of the response status.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/retry/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/http/retry/
type Retry struct {
// Attempts defines how many times the request should be retried.
// +kubebuilder:validation:Minimum=0

6
pkg/provider/kubernetes/crd/traefikio/v1alpha1/middlewaretcp.go
View file

@ -9,7 +9,7 @@ import (
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/overview/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/overview/
type MiddlewareTCP struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
@ -28,11 +28,11 @@ type MiddlewareTCPSpec struct {
// IPWhiteList defines the IPWhiteList middleware configuration.
// This middleware accepts/refuses connections based on the client IP.
// Deprecated: please use IPAllowList instead.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipwhitelist/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/tcp/ipwhitelist/
IPWhiteList *dynamic.TCPIPWhiteList `json:"ipWhiteList,omitempty"`
// IPAllowList defines the IPAllowList middleware configuration.
// This middleware accepts/refuses connections based on the client IP.
// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipallowlist/
// More info: https://doc.traefik.io/traefik/v3.4/middlewares/tcp/ipallowlist/
IPAllowList *dynamic.TCPIPAllowList `json:"ipAllowList,omitempty"`
}

2
pkg/provider/kubernetes/crd/traefikio/v1alpha1/serverstransport.go
View file

@ -13,7 +13,7 @@ import (
// ServersTransport is the CRD implementation of a ServersTransport.
// If no serversTransport is specified, the default@internal will be used.
// The default@internal serversTransport is created from the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#serverstransport_1
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#serverstransport_1
type ServersTransport struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.

2
pkg/provider/kubernetes/crd/traefikio/v1alpha1/serverstransporttcp.go
View file

@ -13,7 +13,7 @@ import (
// ServersTransportTCP is the CRD implementation of a TCPServersTransport.
// If no tcpServersTransport is specified, a default one named default@internal will be used.
// The default@internal tcpServersTransport can be configured in the static configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#serverstransport_3
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#serverstransport_3
type ServersTransportTCP struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.

8
pkg/provider/kubernetes/crd/traefikio/v1alpha1/service.go
View file

@ -13,7 +13,7 @@ import (
// TraefikService object allows to:
// - Apply weight to Services on load-balancing
// - Mirror traffic on services
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-traefikservice
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#kind-traefikservice
type TraefikService struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
@ -49,7 +49,7 @@ type TraefikServiceSpec struct {
// +k8s:deepcopy-gen=true
// Mirroring holds the mirroring service configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#mirroring-service
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#mirroring-service
type Mirroring struct {
LoadBalancerSpec `json:",inline"`
@ -78,11 +78,11 @@ type MirrorService struct {
// +k8s:deepcopy-gen=true
// WeightedRoundRobin holds the weighted round-robin configuration.
// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#weighted-round-robin-service
// More info: https://doc.traefik.io/traefik/v3.4/routing/services/#weighted-round-robin-service
type WeightedRoundRobin struct {
// Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight.
Services []Service `json:"services,omitempty"`
// Sticky defines whether sticky sessions are enabled.
// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
// More info: https://doc.traefik.io/traefik/v3.4/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
Sticky *dynamic.Sticky `json:"sticky,omitempty"`
}

8
pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go
View file

@ -9,7 +9,7 @@ import (
// +kubebuilder:storageversion
// TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#tls-options
type TLSOption struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
@ -32,17 +32,17 @@ type TLSOptionSpec struct {
// Default: None.
MaxVersion string `json:"maxVersion,omitempty"`
// CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#cipher-suites
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#cipher-suites
CipherSuites []string `json:"cipherSuites,omitempty"`
// CurvePreferences defines the preferred elliptic curves in a specific order.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#curve-preferences
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#curve-preferences
CurvePreferences []string `json:"curvePreferences,omitempty"`
// ClientAuth defines the server's policy for TLS Client Authentication.
ClientAuth ClientAuth `json:"clientAuth,omitempty"`
// SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
SniStrict bool `json:"sniStrict,omitempty"`
// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#alpn-protocols
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#alpn-protocols
ALPNProtocols []string `json:"alpnProtocols,omitempty"`
// DisableSessionTickets disables TLS session resumption via session tickets.
DisableSessionTickets bool `json:"disableSessionTickets,omitempty"`

2
pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsstore.go
View file

@ -12,7 +12,7 @@ import (
// TLSStore is the CRD implementation of a Traefik TLS Store.
// For the time being, only the TLSStore named default is supported.
// This means that you cannot have two stores that are named default in different Kubernetes namespaces.
// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#certificates-stores
// More info: https://doc.traefik.io/traefik/v3.4/https/tls/#certificates-stores
type TLSStore struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.