homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch v2.11 into v3.3

Browse source
This commit is contained in:
romain 2025-04-17 15:57:52 +02:00
commit f6fb240eb6
44 changed files with 940 additions and 597 deletions
Download patch file Download diff file Expand all files Collapse all files

5
pkg/middlewares/accesslog/logger.go
View file

@ -386,9 +386,10 @@ func (h *Handler) logTheRoundTrip(ctx context.Context, logDataTable *LogData) {
func (h *Handler) redactHeaders(headers http.Header, fields logrus.Fields, prefix string) {
for k := range headers {
v := h.config.Fields.KeepHeader(k)
if v == types.AccessLogKeep {
switch v {
case types.AccessLogKeep:
fields[prefix+k] = strings.Join(headers.Values(k), ",")
} else if v == types.AccessLogRedact {
case types.AccessLogRedact:
fields[prefix+k] = "REDACTED"
}
}

8
pkg/middlewares/accesslog/logger_test.go
View file

@ -346,7 +346,7 @@ func assertNotEmpty() func(t *testing.T, actual interface{}) {
return func(t *testing.T, actual interface{}) {
t.Helper()
assert.NotEqual(t, "", actual)
assert.NotEmpty(t, actual)
}
}
@ -590,7 +590,7 @@ func TestLoggerJSON(t *testing.T) {
err = json.Unmarshal(logData, &jsonData)
require.NoError(t, err)
assert.Equal(t, len(test.expected), len(jsonData))
assert.Len(t, jsonData, len(test.expected))
for field, assertion := range test.expected {
assertion(t, jsonData[field])
@ -649,7 +649,7 @@ func TestLogger_AbortedRequest(t *testing.T) {
err = json.Unmarshal(logData, &jsonData)
require.NoError(t, err)
assert.Equal(t, len(expected), len(jsonData))
assert.Len(t, jsonData, len(expected))
for field, assertion := range expected {
assertion(t, jsonData[field])
@ -880,7 +880,7 @@ func assertValidLogData(t *testing.T, expected string, logData []byte) {
formatErrMessage := fmt.Sprintf("Expected:\t%q\nActual:\t%q", expected, string(logData))
require.Equal(t, len(resultExpected), len(result), formatErrMessage)
require.Len(t, result, len(resultExpected), formatErrMessage)
assert.Equal(t, resultExpected[ClientHost], result[ClientHost], formatErrMessage)
assert.Equal(t, resultExpected[ClientUsername], result[ClientUsername], formatErrMessage)
assert.Equal(t, resultExpected[RequestMethod], result[RequestMethod], formatErrMessage)

2
pkg/middlewares/accesslog/parser_test.go
View file

@ -65,7 +65,7 @@ func TestParseAccessLog(t *testing.T) {
result, err := ParseAccessLog(test.value)
assert.NoError(t, err)
assert.Equal(t, len(test.expected), len(result))
assert.Len(t, result, len(test.expected))
for key, value := range test.expected {
assert.Equal(t, value, result[key])
}

2
pkg/middlewares/auth/forward_test.go
View file

@ -342,7 +342,7 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) {
assert.Equal(t, http.StatusFound, res.StatusCode, "they should be equal")
for _, header := range forward.HopHeaders {
assert.Equal(t, "", res.Header.Get(header), "hop-by-hop header '%s' mustn't be set", header)
assert.Empty(t, res.Header.Get(header), "hop-by-hop header '%s' mustn't be set", header)
}
location, err := res.Location()

24
pkg/middlewares/compress/compress_test.go
View file

@ -176,7 +176,7 @@ func TestShouldNotCompressWhenContentEncodingHeader(t *testing.T) {
assert.Equal(t, gzipName, rw.Header().Get(contentEncodingHeader))
assert.Equal(t, acceptEncodingHeader, rw.Header().Get(varyHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeCompressedBody)
assert.Equal(t, rw.Body.Bytes(), fakeCompressedBody)
}
func TestShouldNotCompressWhenNoAcceptEncodingHeader(t *testing.T) {
@ -197,7 +197,7 @@ func TestShouldNotCompressWhenNoAcceptEncodingHeader(t *testing.T) {
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.Empty(t, rw.Header().Get(varyHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeBody)
assert.Equal(t, rw.Body.Bytes(), fakeBody)
}
func TestEmptyAcceptEncoding(t *testing.T) {
@ -219,7 +219,7 @@ func TestEmptyAcceptEncoding(t *testing.T) {
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.Empty(t, rw.Header().Get(varyHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeBody)
assert.Equal(t, rw.Body.Bytes(), fakeBody)
}
func TestShouldNotCompressWhenIdentityAcceptEncodingHeader(t *testing.T) {
@ -246,7 +246,7 @@ func TestShouldNotCompressWhenIdentityAcceptEncodingHeader(t *testing.T) {
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.Empty(t, rw.Header().Get(varyHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeBody)
assert.Equal(t, rw.Body.Bytes(), fakeBody)
}
func TestShouldNotCompressWhenEmptyAcceptEncodingHeader(t *testing.T) {
@ -273,7 +273,7 @@ func TestShouldNotCompressWhenEmptyAcceptEncodingHeader(t *testing.T) {
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.Empty(t, rw.Header().Get(varyHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeBody)
assert.Equal(t, rw.Body.Bytes(), fakeBody)
}
func TestShouldNotCompressHeadRequest(t *testing.T) {
@ -295,7 +295,7 @@ func TestShouldNotCompressHeadRequest(t *testing.T) {
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.Empty(t, rw.Header().Get(varyHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeBody)
assert.Equal(t, rw.Body.Bytes(), fakeBody)
}
func TestShouldNotCompressWhenSpecificContentType(t *testing.T) {
@ -385,7 +385,7 @@ func TestShouldNotCompressWhenSpecificContentType(t *testing.T) {
assert.Empty(t, rw.Header().Get(acceptEncodingHeader))
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.EqualValues(t, rw.Body.Bytes(), baseBody)
assert.Equal(t, rw.Body.Bytes(), baseBody)
})
}
}
@ -431,7 +431,7 @@ func TestShouldCompressWhenSpecificContentType(t *testing.T) {
assert.Equal(t, gzipName, rw.Header().Get(contentEncodingHeader))
assert.Equal(t, acceptEncodingHeader, rw.Header().Get(varyHeader))
assert.NotEqualValues(t, rw.Body.Bytes(), baseBody)
assert.NotEqual(t, rw.Body.Bytes(), baseBody)
})
}
}
@ -492,7 +492,7 @@ func TestIntegrationShouldNotCompress(t *testing.T) {
body, err := io.ReadAll(resp.Body)
require.NoError(t, err)
assert.EqualValues(t, fakeCompressedBody, body)
assert.Equal(t, fakeCompressedBody, body)
})
}
}
@ -627,12 +627,12 @@ func TestMinResponseBodyBytes(t *testing.T) {
if test.expectedCompression {
assert.Equal(t, gzipName, rw.Header().Get(contentEncodingHeader))
assert.NotEqualValues(t, rw.Body.Bytes(), fakeBody)
assert.NotEqual(t, rw.Body.Bytes(), fakeBody)
return
}
assert.Empty(t, rw.Header().Get(contentEncodingHeader))
assert.EqualValues(t, rw.Body.Bytes(), fakeBody)
assert.Equal(t, rw.Body.Bytes(), fakeBody)
})
}
}
@ -738,7 +738,7 @@ func Test1xxResponses(t *testing.T) {
assert.Equal(t, test.encoding, res.Header.Get(contentEncodingHeader))
body, _ := io.ReadAll(res.Body)
assert.NotEqualValues(t, body, fakeBody)
assert.NotEqual(t, body, fakeBody)
})
}
}

1
pkg/middlewares/headers/header.go
View file

@ -49,6 +49,7 @@ func NewHeader(next http.Handler, cfg dynamic.Headers) (*Header, error) {
func (s *Header) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
// Handle Cors headers and preflight if configured.
if isPreflight := s.processCorsHeaders(rw, req); isPreflight {
rw.Header().Set("Content-Length", "0")
rw.WriteHeader(http.StatusOK)
return
}

5
pkg/middlewares/headers/header_test.go
View file

@ -134,6 +134,7 @@ func TestNewHeader_CORSPreflights(t *testing.T) {
"Origin": {"https://foo.bar.org"},
},
expected: map[string][]string{
"Content-Length": {"0"},
"Access-Control-Allow-Origin": {"https://foo.bar.org"},
"Access-Control-Max-Age": {"600"},
"Access-Control-Allow-Methods": {"GET,OPTIONS,PUT"},
@ -152,6 +153,7 @@ func TestNewHeader_CORSPreflights(t *testing.T) {
"Origin": {"https://foo.bar.org"},
},
expected: map[string][]string{
"Content-Length": {"0"},
"Access-Control-Allow-Origin": {"*"},
"Access-Control-Max-Age": {"600"},
"Access-Control-Allow-Methods": {"GET,OPTIONS,PUT"},
@ -171,6 +173,7 @@ func TestNewHeader_CORSPreflights(t *testing.T) {
"Origin": {"https://foo.bar.org"},
},
expected: map[string][]string{
"Content-Length": {"0"},
"Access-Control-Allow-Origin": {"*"},
"Access-Control-Max-Age": {"600"},
"Access-Control-Allow-Methods": {"GET,OPTIONS,PUT"},
@ -191,6 +194,7 @@ func TestNewHeader_CORSPreflights(t *testing.T) {
"Origin": {"https://foo.bar.org"},
},
expected: map[string][]string{
"Content-Length": {"0"},
"Access-Control-Allow-Origin": {"*"},
"Access-Control-Max-Age": {"600"},
"Access-Control-Allow-Methods": {"GET,OPTIONS,PUT"},
@ -210,6 +214,7 @@ func TestNewHeader_CORSPreflights(t *testing.T) {
"Origin": {"https://foo.bar.org"},
},
expected: map[string][]string{
"Content-Length": {"0"},
"Access-Control-Allow-Origin": {"*"},
"Access-Control-Max-Age": {"600"},
"Access-Control-Allow-Methods": {"GET,OPTIONS,PUT"},

6
pkg/middlewares/passtlsclientcert/pass_tls_client_cert.go
View file

@ -226,11 +226,11 @@ func getIssuerDNInfo(ctx context.Context, options *IssuerDistinguishedNameOption
content := &strings.Builder{}
// Manage non standard attributes
// Manage non-standard attributes
for _, name := range cs.Names {
// Domain Component - RFC 2247
if options.DomainComponent && attributeTypeNames[name.Type.String()] == "DC" {
content.WriteString(fmt.Sprintf("DC=%s%s", name.Value, subFieldSeparator))
_, _ = fmt.Fprintf(content, "DC=%s%s", name.Value, subFieldSeparator)
}
}
@ -272,7 +272,7 @@ func getSubjectDNInfo(ctx context.Context, options *SubjectDistinguishedNameOpti
for _, name := range cs.Names {
// Domain Component - RFC 2247
if options.DomainComponent && attributeTypeNames[name.Type.String()] == "DC" {
content.WriteString(fmt.Sprintf("DC=%s%s", name.Value, subFieldSeparator))
_, _ = fmt.Fprintf(content, "DC=%s%s", name.Value, subFieldSeparator)
}
}

6
pkg/middlewares/ratelimiter/rate_limiter_test.go
View file

@ -266,11 +266,7 @@ func TestRateLimit(t *testing.T) {
end := start.Add(test.loadDuration)
ticker := time.NewTicker(loadPeriod)
defer ticker.Stop()
for {
if time.Now().After(end) {
break
}
for !time.Now().After(end) {
req := testhelpers.MustNewRequest(http.MethodGet, "http://localhost", nil)
req.RemoteAddr = "127.0.0.1:1234"
w := httptest.NewRecorder()