diff --git a/cmd/nginx-ingress/main.go b/cmd/nginx-ingress/main.go
index ff283b9d6..8608e9380 100644
--- a/cmd/nginx-ingress/main.go
+++ b/cmd/nginx-ingress/main.go
@@ -1068,7 +1068,7 @@ func updateSelfWithVersionInfo(ctx context.Context, eventLog record.EventRecorde
for key, value := range labels {
fmt.Fprintf(labelsString, "%s=\"%s\", ", key, value)
}
- eventLog.Eventf(newPod, api_v1.EventTypeNormal, "UpdatePodLabel", "Successfully added version labels, %s", strings.TrimRight(labelsString.String(), ", "))
+ eventLog.Eventf(newPod, api_v1.EventTypeNormal, nl.EventReasonUpdatePodLabel, "Successfully added version labels, %s", strings.TrimRight(labelsString.String(), ", "))
nl.Infof(l, "Pod label updated: %s", pod.ObjectMeta.Name)
podUpdated = true
}
diff --git a/go.mod b/go.mod
index a3f3ae6ef..a7084c936 100644
--- a/go.mod
+++ b/go.mod
@@ -3,8 +3,8 @@ module github.com/nginx/kubernetes-ingress
go 1.23.5
require (
- github.com/aws/aws-sdk-go-v2/config v1.29.1
- github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.25.11
+ github.com/aws/aws-sdk-go-v2/config v1.29.2
+ github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.25.12
github.com/cert-manager/cert-manager v1.16.3
github.com/dlclark/regexp2 v1.11.4
github.com/gkampitakis/go-snaps v0.5.8
@@ -34,14 +34,14 @@ require (
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
github.com/BurntSushi/toml v1.4.0 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
- github.com/aws/aws-sdk-go-v2 v1.33.0 // indirect
+ github.com/aws/aws-sdk-go-v2 v1.34.0 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.17.54 // indirect
- github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.24 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.17.55 // indirect
+ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25 // indirect
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.41 // indirect
- github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.28 // indirect
- github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.28 // indirect
- github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.29 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.29 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2 // indirect
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24 // indirect
github.com/aws/aws-sdk-go-v2/service/acm v1.30.6 // indirect
github.com/aws/aws-sdk-go-v2/service/autoscaling v1.51.0 // indirect
@@ -51,10 +51,10 @@ require (
github.com/aws/aws-sdk-go-v2/service/ecr v1.36.6 // indirect
github.com/aws/aws-sdk-go-v2/service/ecs v1.52.0 // indirect
github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 // indirect
- github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.5 // indirect
- github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.9 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.37.6 // indirect
github.com/aws/aws-sdk-go-v2/service/lambda v1.69.0 // indirect
@@ -65,10 +65,10 @@ require (
github.com/aws/aws-sdk-go-v2/service/sns v1.33.6 // indirect
github.com/aws/aws-sdk-go-v2/service/sqs v1.37.1 // indirect
github.com/aws/aws-sdk-go-v2/service/ssm v1.56.0 // indirect
- github.com/aws/aws-sdk-go-v2/service/sso v1.24.11 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.10 // indirect
- github.com/aws/aws-sdk-go-v2/service/sts v1.33.9 // indirect
- github.com/aws/smithy-go v1.22.1 // indirect
+ github.com/aws/aws-sdk-go-v2/service/sso v1.24.12 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11 // indirect
+ github.com/aws/aws-sdk-go-v2/service/sts v1.33.10 // indirect
+ github.com/aws/smithy-go v1.22.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
diff --git a/go.sum b/go.sum
index 81bf0e302..88a094b43 100644
--- a/go.sum
+++ b/go.sum
@@ -11,24 +11,24 @@ github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7V
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
-github.com/aws/aws-sdk-go-v2 v1.33.0 h1:Evgm4DI9imD81V0WwD+TN4DCwjUMdc94TrduMLbgZJs=
-github.com/aws/aws-sdk-go-v2 v1.33.0/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U=
+github.com/aws/aws-sdk-go-v2 v1.34.0 h1:9iyL+cjifckRGEVpRKZP3eIxVlL06Qk1Tk13vreaVQU=
+github.com/aws/aws-sdk-go-v2 v1.34.0/go.mod h1:JgstGg0JjWU1KpVJjD5H0y0yyAIpSdKEq556EI6yOOM=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 h1:lL7IfaFzngfx0ZwUGOZdsFFnQ5uLvR0hWqqhyE7Q9M8=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7/go.mod h1:QraP0UcVlQJsmHfioCrveWOC1nbiWUl3ej08h4mXWoc=
-github.com/aws/aws-sdk-go-v2/config v1.29.1 h1:JZhGawAyZ/EuJeBtbQYnaoftczcb2drR2Iq36Wgz4sQ=
-github.com/aws/aws-sdk-go-v2/config v1.29.1/go.mod h1:7bR2YD5euaxBhzt2y/oDkt3uNRb6tjFp98GlTFueRwk=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.54 h1:4UmqeOqJPvdvASZWrKlhzpRahAulBfyTJQUaYy4+hEI=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.54/go.mod h1:RTdfo0P0hbbTxIhmQrOsC/PquBZGabEPnCaxxKRPSnI=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.24 h1:5grmdTdMsovn9kPZPI23Hhvp0ZyNm5cRO+IZFIYiAfw=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.24/go.mod h1:zqi7TVKTswH3Ozq28PkmBmgzG1tona7mo9G2IJg4Cis=
+github.com/aws/aws-sdk-go-v2/config v1.29.2 h1:JuIxOEPcSKpMB0J+khMjznG9LIhIBdmqNiEcPclnwqc=
+github.com/aws/aws-sdk-go-v2/config v1.29.2/go.mod h1:HktTHregOZwNSM/e7WTfVSu9RCX+3eOv+6ij27PtaYs=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.55 h1:CDhKnDEaGkLA5ZszV/qw5uwN5M8rbv9Cl0JRN+PRsaM=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.55/go.mod h1:kPD/vj+RB5MREDUky376+zdnjZpR+WgdBBvwrmnlmKE=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25 h1:kU7tmXNaJ07LsyN3BUgGqAmVmQtq0w6duVIHAKfp0/w=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25/go.mod h1:OiC8+OiqrURb1wrwmr/UbOVLFSWEGxjinj5C299VQdo=
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.41 h1:hqcxMc2g/MwwnRMod9n6Bd+t+9Nf7d5qRg7RaXKPd6o=
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.41/go.mod h1:d1eH0VrttvPmrCraU68LOyNdu26zFxQFjrVSb5vdhog=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.28 h1:igORFSiH3bfq4lxKFkTSYDhJEUCYo6C8VKiWJjYwQuQ=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.28/go.mod h1:3So8EA/aAYm36L7XIvCVwLa0s5N0P7o2b1oqnx/2R4g=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.28 h1:1mOW9zAUMhTSrMDssEHS/ajx8JcAj/IcftzcmNlmVLI=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.28/go.mod h1:kGlXVIWDfvt2Ox5zEaNglmq0hXPHgQFNMix33Tw22jA=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.29 h1:Ej0Rf3GMv50Qh4G4852j2djtoDb7AzQ7MuQeFHa3D70=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.29/go.mod h1:oeNTC7PwJNoM5AznVr23wxhLnuJv0ZDe5v7w0wqIs9M=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.29 h1:6e8a71X+9GfghragVevC5bZqvATtc3mAMgxpSNbgzF0=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.29/go.mod h1:c4jkZiQ+BWpNqq7VtrxjwISrLrt/VvPq3XiopkUIolI=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2 h1:Pg9URiobXy85kgFev3og2CuOZ8JZUBENF+dcgWBaYNk=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24 h1:JX70yGKLj25+lMC5Yyh8wBtvB01GDilyRuJvXJ4piD0=
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24/go.mod h1:+Ln60j9SUTD0LEwnhEB0Xhg61DHqplBrbZpLgyjoEHg=
github.com/aws/aws-sdk-go-v2/service/acm v1.30.6 h1:fDg0RlN30Xf/yYzEUL/WXqhmgFsjVb/I3230oCfyI5w=
@@ -47,22 +47,22 @@ github.com/aws/aws-sdk-go-v2/service/ecs v1.52.0 h1:7/vgFWplkusJN/m+3QOa+W9FNRqa
github.com/aws/aws-sdk-go-v2/service/ecs v1.52.0/go.mod h1:dPTOvmjJQ1T7Q+2+Xs2KSPrMvx+p0rpyV+HsQVnUK4o=
github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 h1:hfkzDZHBp9jAT4zcd5mtqckpU4E3Ax0LQaEWWk1VgN8=
github.com/aws/aws-sdk-go-v2/service/iam v1.38.1/go.mod h1:u36ahDtZcQHGmVm/r+0L1sfKX4fzLEMdCqiKRKkUMVM=
-github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y=
-github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2 h1:D4oz8/CzT9bAEYtVhSBmFj2dNOtaHOtMKc2vHBwYizA=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2/go.mod h1:Za3IHqTQ+yNcRHxu1OFucBh0ACZT4j4VQFF0BqpZcLY=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5 h1:gvZOjQKPxFXy1ft3QnEyXmT+IqneM9QAUWlM3r0mfqw=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5/go.mod h1:DLWnfvIcm9IET/mmjdxeXbBKmTCm0ZB8p1za9BVteM8=
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.5 h1:3Y457U2eGukmjYjeHG6kanZpDzJADa2m0ADqnuePYVQ=
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.5/go.mod h1:CfwEHGkTjYZpkQ/5PvcbEtT7AJlG68KkEvmtwU8z3/U=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.9 h1:TQmKDyETFGiXVhZfQ/I0cCFziqqX58pi4tKJGYGFSz0=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.9/go.mod h1:HVLPK2iHQBUx7HfZeOQSEu3v2ubZaAY2YPbAm5/WUyY=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10 h1:hN4yJBGswmFTOVYqmbz1GBs9ZMtQe8SrYxPwrkrlRv8=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10/go.mod h1:TsxON4fEZXyrKY+D+3d2gSTyJkGORexIYab9PTf56DA=
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5 h1:P1doBzv5VEg1ONxnJss1Kh5ZG/ewoIE4MQtKKc6Crgg=
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5/go.mod h1:NOP+euMW7W3Ukt28tAxPuoWao4rhhqJD3QEBk7oCg7w=
github.com/aws/aws-sdk-go-v2/service/kms v1.37.6 h1:CZImQdb1QbU9sGgJ9IswhVkxAcjkkD1eQTMA1KHWk+E=
github.com/aws/aws-sdk-go-v2/service/kms v1.37.6/go.mod h1:YJDdlK0zsyxVBxGU48AR/Mi8DMrGdc1E3Yij4fNrONA=
github.com/aws/aws-sdk-go-v2/service/lambda v1.69.0 h1:BXt75frE/FYtAmEDBJRBa2HexOw+oAZWZl6QknZEFgg=
github.com/aws/aws-sdk-go-v2/service/lambda v1.69.0/go.mod h1:guz2K3x4FKSdDaoeB+TPVgJNU9oj2gftbp5cR8ela1A=
-github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.25.11 h1:66jFuTB2v503cLlJObjiVxvb9k2pmZVHFIpmJDAuf2M=
-github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.25.11/go.mod h1:2dNOiMua8GzY46c4/b/lmyyYxrq/ADZdIy8PtPlE7c4=
+github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.25.12 h1:oHw1ZHPYRc3Gdsi3T6CLOiBu5khQvV0epgEQ4hAL+KE=
+github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.25.12/go.mod h1:Msdo6yUvCjRLPQpInleoX676ZeVy4kIl2LzQcjgZVNM=
github.com/aws/aws-sdk-go-v2/service/rds v1.91.0 h1:eqHz3Uih+gb0vLE5Cc4Xf733vOxsxDp6GFUUVQU4d7w=
github.com/aws/aws-sdk-go-v2/service/rds v1.91.0/go.mod h1:h2jc7IleH3xHY7y+h8FH7WAZcz3IVLOB6/jXotIQ/qU=
github.com/aws/aws-sdk-go-v2/service/route53 v1.46.2 h1:wmt05tPp/CaRZpPV5B4SaJ5TwkHKom07/BzHoLdkY1o=
@@ -77,14 +77,14 @@ github.com/aws/aws-sdk-go-v2/service/sqs v1.37.1 h1:39WvSrVq9DD6UHkD+fx5x19P5KpR
github.com/aws/aws-sdk-go-v2/service/sqs v1.37.1/go.mod h1:3gwPzC9LER/BTQdQZ3r6dUktb1rSjABF1D3Sr6nS7VU=
github.com/aws/aws-sdk-go-v2/service/ssm v1.56.0 h1:mADKqoZaodipGgiZfuAjtlcr4IVBtXPZKVjkzUZCCYM=
github.com/aws/aws-sdk-go-v2/service/ssm v1.56.0/go.mod h1:l9qF25TzH95FhcIak6e4vt79KE4I7M2Nf59eMUVjj6c=
-github.com/aws/aws-sdk-go-v2/service/sso v1.24.11 h1:kuIyu4fTT38Kj7YCC7ouNbVZSSpqkZ+LzIfhCr6Dg+I=
-github.com/aws/aws-sdk-go-v2/service/sso v1.24.11/go.mod h1:Ro744S4fKiCCuZECXgOi760TiYylUM8ZBf6OGiZzJtY=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.10 h1:l+dgv/64iVlQ3WsBbnn+JSbkj01jIi+SM0wYsj3y/hY=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.10/go.mod h1:Fzsj6lZEb8AkTE5S68OhcbBqeWPsR8RnGuKPr8Todl8=
-github.com/aws/aws-sdk-go-v2/service/sts v1.33.9 h1:BRVDbewN6VZcwr+FBOszDKvYeXY1kJ+GGMCcpghlw0U=
-github.com/aws/aws-sdk-go-v2/service/sts v1.33.9/go.mod h1:f6vjfZER1M17Fokn0IzssOTMT2N8ZSq+7jnNF0tArvw=
-github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro=
-github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
+github.com/aws/aws-sdk-go-v2/service/sso v1.24.12 h1:kznaW4f81mNMlREkU9w3jUuJvU5g/KsqDV43ab7Rp6s=
+github.com/aws/aws-sdk-go-v2/service/sso v1.24.12/go.mod h1:bZy9r8e0/s0P7BSDHgMLXK2KvdyRRBIQ2blKlvLt0IU=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11 h1:mUwIpAvILeKFnRx4h1dEgGEFGuV8KJ3pEScZWVFYuZA=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11/go.mod h1:JDJtD+b8HNVv71axz8+S5492KM8wTzHRFpMKQbPlYxw=
+github.com/aws/aws-sdk-go-v2/service/sts v1.33.10 h1:g9d+TOsu3ac7SgmY2dUf1qMgu/uJVTlQ4VCbH6hRxSw=
+github.com/aws/aws-sdk-go-v2/service/sts v1.33.10/go.mod h1:WZfNmntu92HO44MVZAubQaz3qCuIdeOdog2sADfU6hU=
+github.com/aws/smithy-go v1.22.2 h1:6D9hW43xKFrRx/tXXfAlIZc4JI+yQe6snnWcQyxSyLQ=
+github.com/aws/smithy-go v1.22.2/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
diff --git a/internal/certmanager/sync.go b/internal/certmanager/sync.go
index 9b9bb7612..5b362a7b8 100644
--- a/internal/certmanager/sync.go
+++ b/internal/certmanager/sync.go
@@ -40,13 +40,6 @@ import (
vsapi "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/v1"
)
-const (
- reasonBadConfig = "BadConfig"
- reasonCreateCertificate = "CreateCertificate"
- reasonUpdateCertificate = "UpdateCertificate"
- reasonDeleteCertificate = "DeleteCertificate"
-)
-
var vsGVK = vsapi.SchemeGroupVersion.WithKind("VirtualServer")
// SyncFn is the reconciliation function passed to cert manager VS controller.
@@ -71,7 +64,7 @@ func SyncFnFor(
issuerName, issuerKind, issuerGroup, err := issuerForVirtualServer(vs)
if err != nil {
nl.Errorf(l, "Failed to determine issuer to be used for VirtualServer resource: %v", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Could not determine issuer for virtual server due to bad config: %s",
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Could not determine issuer for virtual server due to bad config: %s",
err)
return err
}
@@ -81,7 +74,7 @@ func SyncFnFor(
newCrts, updateCrts, err := buildCertificates(ctx, nsi.cmLister, vs, issuerName, issuerKind, issuerGroup)
if err != nil {
nl.Errorf(l, "Incorrect cert-manager configuration for VirtualServer resource: %v", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Incorrect cert-manager configuration for VirtualServer resource: %s",
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Incorrect cert-manager configuration for VirtualServer resource: %s",
err)
return err
}
@@ -90,22 +83,22 @@ func SyncFnFor(
_, err := cmClient.CertmanagerV1().Certificates(crt.Namespace).Create(ctx, crt, metav1.CreateOptions{})
if err != nil {
nl.Errorf(l, "Error issuing Certificate for VirtualServer resource: %v", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error issuing Certificate for VirtualServer resource: %s",
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error issuing Certificate for VirtualServer resource: %s",
err)
return err
}
- rec.Eventf(vs, corev1.EventTypeNormal, reasonCreateCertificate, "Successfully created Certificate %q", crt.Name)
+ rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonCreateCertificate, "Successfully created Certificate %q", crt.Name)
}
for _, crt := range updateCrts {
_, err := cmClient.CertmanagerV1().Certificates(crt.Namespace).Update(ctx, crt, metav1.UpdateOptions{})
if err != nil {
nl.Errorf(l, "Error updating Certificate for VirtualServer resource: %v", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error updating Certificate for VirtualServer resource: %s",
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error updating Certificate for VirtualServer resource: %s",
err)
return err
}
- rec.Eventf(vs, corev1.EventTypeNormal, reasonUpdateCertificate, "Successfully updated Certificate %q", crt.Name)
+ rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonUpdateCertificate, "Successfully updated Certificate %q", crt.Name)
}
var certs []*cmapi.Certificate
@@ -121,7 +114,7 @@ func SyncFnFor(
nl.Errorf(l, "Error deleting Certificate for VirtualServer resource: %v", err)
return err
}
- rec.Eventf(vs, corev1.EventTypeNormal, reasonDeleteCertificate, "Successfully deleted unrequired Certificate %q", certName)
+ rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonDeleteCertificate, "Successfully deleted unrequired Certificate %q", certName)
}
return nil
diff --git a/internal/configs/configmaps.go b/internal/configs/configmaps.go
index 38bc21578..9bcdfe254 100644
--- a/internal/configs/configmaps.go
+++ b/internal/configs/configmaps.go
@@ -16,8 +16,7 @@ import (
)
const (
- minimumInterval = 60
- invalidValueReason = "InvalidValue"
+ minimumInterval = 60
)
// ParseConfigMap parses ConfigMap into ConfigParams.
@@ -38,7 +37,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
errorText := fmt.Sprintf("ConfigMap %s/%s: 'server-tokens' must be a bool for OSS, ignoring", cfgm.GetNamespace(), cfgm.GetName())
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
} else {
@@ -54,7 +53,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if parsedMethod, err := ParseLBMethodForPlus(lbMethod); err != nil {
errorText := fmt.Sprintf("ConfigMap %s/%s: invalid value for 'lb-method': %q: %v, ignoring", cfgm.GetNamespace(), cfgm.GetName(), lbMethod, err)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
} else {
cfgParams.LBMethod = parsedMethod
@@ -63,7 +62,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if parsedMethod, err := ParseLBMethod(lbMethod); err != nil {
errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the lb-method key: got %q: %v", cfgm.GetNamespace(), cfgm.GetName(), lbMethod, err)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
} else {
cfgParams.LBMethod = parsedMethod
@@ -114,7 +113,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if HTTP2, exists, err := GetMapKeyAsBool(cfgm.Data, "http2", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.HTTP2 = HTTP2
@@ -124,7 +123,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if redirectToHTTPS, exists, err := GetMapKeyAsBool(cfgm.Data, "redirect-to-https", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.RedirectToHTTPS = redirectToHTTPS
@@ -134,7 +133,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if sslRedirect, exists, err := GetMapKeyAsBool(cfgm.Data, "ssl-redirect", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.SSLRedirect = sslRedirect
@@ -144,7 +143,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if hsts, exists, err := GetMapKeyAsBool(cfgm.Data, "hsts", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
parsingErrors := false
@@ -152,21 +151,21 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
hstsMaxAge, existsMA, err := GetMapKeyAsInt64(cfgm.Data, "hsts-max-age", cfgm)
if existsMA && err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
parsingErrors = true
configOk = false
}
hstsIncludeSubdomains, existsIS, err := GetMapKeyAsBool(cfgm.Data, "hsts-include-subdomains", cfgm)
if existsIS && err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
parsingErrors = true
configOk = false
}
hstsBehindProxy, existsBP, err := GetMapKeyAsBool(cfgm.Data, "hsts-behind-proxy", cfgm)
if existsBP && err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
parsingErrors = true
configOk = false
}
@@ -174,7 +173,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if parsingErrors {
errorText := fmt.Sprintf("ConfigMap %s/%s: there are configuration issues with HSTS settings, ignoring all HSTS options", cfgm.GetNamespace(), cfgm.GetName())
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
} else {
cfgParams.HSTS = hsts
@@ -194,7 +193,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if proxyProtocol, exists, err := GetMapKeyAsBool(cfgm.Data, "proxy-protocol", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.ProxyProtocol = proxyProtocol
@@ -209,7 +208,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
nl.Error(l, errorText)
configOk = false
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
}
} else {
cfgParams.RealIPHeader = realIPHeader
@@ -223,7 +222,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if realIPRecursive, exists, err := GetMapKeyAsBool(cfgm.Data, "real-ip-recursive", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.RealIPRecursive = realIPRecursive
@@ -237,7 +236,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if sslPreferServerCiphers, exists, err := GetMapKeyAsBool(cfgm.Data, "ssl-prefer-server-ciphers", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.MainServerSSLPreferServerCiphers = sslPreferServerCiphers
@@ -261,7 +260,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if !strings.HasPrefix(accessLog, "syslog:") {
errorText := fmt.Sprintf("ConfigMap %s/%s: invalid value for 'access-log': %q, ignoring", cfgm.GetNamespace(), cfgm.GetName(), accessLog)
nl.Warn(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
} else {
cfgParams.MainAccessLog = accessLog
@@ -271,7 +270,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if accessLogOff, exists, err := GetMapKeyAsBool(cfgm.Data, "access-log-off", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
if accessLogOff {
@@ -305,7 +304,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if defaultServerAccessLogOff, exists, err := GetMapKeyAsBool(cfgm.Data, "default-server-access-log-off", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.DefaultServerAccessLogOff = defaultServerAccessLogOff
@@ -319,7 +318,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if proxyBuffering, exists, err := GetMapKeyAsBool(cfgm.Data, "proxy-buffering", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.ProxyBuffering = proxyBuffering
@@ -357,7 +356,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if _, exists, err := GetMapKeyAsInt(cfgm.Data, "worker-processes", cfgm); exists {
if err != nil && cfgm.Data["worker-processes"] != "auto" {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.MainWorkerProcesses = cfgm.Data["worker-processes"]
@@ -383,7 +382,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if keepalive, exists, err := GetMapKeyAsInt(cfgm.Data, "keepalive", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.Keepalive = keepalive
@@ -393,7 +392,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if maxFails, exists, err := GetMapKeyAsInt(cfgm.Data, "max-fails", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.MaxFails = maxFails
@@ -442,7 +441,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-addresses")
nl.Warn(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -450,7 +449,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if resolverIpv6, exists, err := GetMapKeyAsBool(cfgm.Data, "resolver-ipv6", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
if nginxPlus {
@@ -458,7 +457,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-ipv6")
nl.Warn(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -470,7 +469,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-valid")
nl.Warn(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -481,7 +480,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-timeout")
nl.Warn(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -493,7 +492,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if keepaliveRequests, exists, err := GetMapKeyAsInt64(cfgm.Data, "keepalive-requests", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.MainKeepaliveRequests = keepaliveRequests
@@ -503,7 +502,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if varHashBucketSize, exists, err := GetMapKeyAsUint64(cfgm.Data, "variables-hash-bucket-size", cfgm, true); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.VariablesHashBucketSize = varHashBucketSize
@@ -513,7 +512,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if varHashMaxSize, exists, err := GetMapKeyAsUint64(cfgm.Data, "variables-hash-max-size", cfgm, false); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
cfgParams.VariablesHashMaxSize = varHashMaxSize
@@ -535,7 +534,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
if openTracing, exists, err := GetMapKeyAsBool(cfgm.Data, "opentracing", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configOk = false
} else {
if cfgParams.MainOpenTracingLoadModule {
@@ -543,7 +542,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
} else {
errorText := "ConfigMap key 'opentracing' requires both 'opentracing-tracer' and 'opentracing-tracer-config' keys configured, Opentracing will be disabled, ignoring"
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -561,7 +560,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
appProtectFailureModeAction,
)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -577,7 +576,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
appProtectCompressedRequestsAction,
)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -597,7 +596,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
appProtectCPUThresholds,
)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -613,7 +612,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
appProtectPhysicalMemoryThresholds,
)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -630,7 +629,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has
appProtectReconnectPeriod,
)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configOk = false
}
}
@@ -680,7 +679,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record
if err != nil {
errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the ssl-verify key: got %t: %v. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), sslVerify, err)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configWarnings = true
} else {
mgmtCfgParams.SSLVerify = BoolToPointerBool(sslVerify)
@@ -694,7 +693,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record
if resolverIpv6, exists, err := GetMapKeyAsBool(cfgm.Data, "resolver-ipv6", cfgm); exists {
if err != nil {
nl.Error(l, err)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error())
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error())
configWarnings = true
} else {
mgmtCfgParams.ResolverIPV6 = BoolToPointerBool(resolverIpv6)
@@ -709,7 +708,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record
if err != nil {
errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the enforce-initial-report key: got %t: %v. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), enforceInitialReport, err)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configWarnings = true
} else {
mgmtCfgParams.EnforceInitialReport = BoolToPointerBool(enforceInitialReport)
@@ -722,7 +721,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record
if err != nil {
errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the usage-report-endpoint key: got %q: %v. Using default endpoint.", cfgm.GetNamespace(), cfgm.GetName(), endpoint, err)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configWarnings = true
} else {
mgmtCfgParams.Endpoint = strings.TrimSpace(endpoint)
@@ -735,13 +734,13 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record
if err != nil {
errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the interval key: got %q: %v. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), i, err)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configWarnings = true
}
if t.Seconds() < minimumInterval {
errorText := fmt.Sprintf("Configmap %s/%s: Value too low for the interval key, got: %v, need higher than %ds. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), i, minimumInterval)
nl.Error(l, errorText)
- eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText)
+ eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText)
configWarnings = true
mgmtCfgParams.Interval = ""
} else {
diff --git a/internal/externaldns/sync.go b/internal/externaldns/sync.go
index 3024b8bd3..1b55c2709 100644
--- a/internal/externaldns/sync.go
+++ b/internal/externaldns/sync.go
@@ -23,12 +23,9 @@ import (
)
const (
- reasonBadConfig = "BadConfig"
- reasonCreateDNSEndpoint = "CreateDNSEndpoint"
- reasonUpdateDNSEndpoint = "UpdateDNSEndpoint"
- recordTypeA = "A"
- recordTypeAAAA = "AAAA"
- recordTypeCNAME = "CNAME"
+ recordTypeA = "A"
+ recordTypeAAAA = "AAAA"
+ recordTypeCNAME = "CNAME"
)
var vsGVK = vsapi.SchemeGroupVersion.WithKind("VirtualServer")
@@ -54,7 +51,7 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri
targets, recordType, err := getValidTargets(ctx, vs.Status.ExternalEndpoints)
if err != nil {
nl.Error(l, "Invalid external endpoint")
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Invalid external endpoint")
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Invalid external endpoint")
return err
}
@@ -63,7 +60,7 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri
newDNSEndpoint, updateDNSEndpoint, err := buildDNSEndpoint(ctx, nsi.extdnslister, vs, targets, recordType)
if err != nil {
nl.Errorf(l, "incorrect DNSEndpoint config for VirtualServer resource: %s", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Incorrect DNSEndpoint config for VirtualServer resource: %s", err)
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Incorrect DNSEndpoint config for VirtualServer resource: %s", err)
return err
}
@@ -80,11 +77,11 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri
return fmt.Errorf("DNSEndpoint has already been created")
}
nl.Errorf(l, "Error creating DNSEndpoint for VirtualServer resource: %v", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error creating DNSEndpoint for VirtualServer resource %s", err)
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error creating DNSEndpoint for VirtualServer resource %s", err)
return err
}
- rec.Eventf(vs, corev1.EventTypeNormal, reasonCreateDNSEndpoint, "Successfully created DNSEndpoint %q", newDNSEndpoint.Name)
- rec.Eventf(dep, corev1.EventTypeNormal, reasonCreateDNSEndpoint, "Successfully created DNSEndpoint for VirtualServer %q", vs.Name)
+ rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonCreateDNSEndpoint, "Successfully created DNSEndpoint %q", newDNSEndpoint.Name)
+ rec.Eventf(dep, corev1.EventTypeNormal, nl.EventReasonCreateDNSEndpoint, "Successfully created DNSEndpoint for VirtualServer %q", vs.Name)
}
// Update existing DNSEndpoint object
@@ -93,11 +90,11 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri
dep, err = client.ExternaldnsV1().DNSEndpoints(updateDNSEndpoint.Namespace).Update(ctx, updateDNSEndpoint, metav1.UpdateOptions{})
if err != nil {
nl.Errorf(l, "Error updating DNSEndpoint endpoint for VirtualServer resource: %v", err)
- rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error updating DNSEndpoint for VirtualServer resource: %s", err)
+ rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error updating DNSEndpoint for VirtualServer resource: %s", err)
return err
}
- rec.Eventf(vs, corev1.EventTypeNormal, reasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint %q", updateDNSEndpoint.Name)
- rec.Eventf(dep, corev1.EventTypeNormal, reasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint for VirtualServer %q", vs.Name)
+ rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint %q", updateDNSEndpoint.Name)
+ rec.Eventf(dep, corev1.EventTypeNormal, nl.EventReasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint for VirtualServer %q", vs.Name)
}
return nil
}
diff --git a/internal/k8s/appprotect/app_protect_configuration.go b/internal/k8s/appprotect/app_protect_configuration.go
index 587b4aca0..5fd3b5374 100644
--- a/internal/k8s/appprotect/app_protect_configuration.go
+++ b/internal/k8s/appprotect/app_protect_configuration.go
@@ -7,9 +7,9 @@ import (
"sort"
"time"
- "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation"
-
"github.com/nginx/kubernetes-ingress/internal/k8s/appprotectcommon"
+ nl "github.com/nginx/kubernetes-ingress/internal/logger"
+ "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"k8s.io/apimachinery/pkg/runtime/schema"
@@ -354,7 +354,7 @@ func (ci *ConfigurationImpl) AddOrUpdatePolicy(policyObj *unstructured.Unstructu
if err != nil {
ci.Policies[resNsName] = policy
return append(changes, Change{Op: Delete, Resource: policy}),
- append(problems, Problem{Object: policyObj, Reason: "Rejected", Message: err.Error()})
+ append(problems, Problem{Object: policyObj, Reason: nl.EventReasonRejected, Message: err.Error()})
}
if ci.verifyPolicyAgainstUserSigs(policy) {
ci.Policies[resNsName] = policy
@@ -364,7 +364,7 @@ func (ci *ConfigurationImpl) AddOrUpdatePolicy(policyObj *unstructured.Unstructu
policy.ErrorMsg = missingUserSigErrorMsg
ci.Policies[resNsName] = policy
return append(changes, Change{Op: Delete, Resource: policy}),
- append(problems, Problem{Object: policyObj, Reason: "Rejected", Message: missingUserSigErrorMsg})
+ append(problems, Problem{Object: policyObj, Reason: nl.EventReasonRejected, Message: missingUserSigErrorMsg})
}
// AddOrUpdateLogConf adds or updates App Protect Log Configuration to App Protect Configuration
@@ -374,7 +374,7 @@ func (ci *ConfigurationImpl) AddOrUpdateLogConf(logconfObj *unstructured.Unstruc
ci.LogConfs[resNsName] = logConf
if err != nil {
return append(changes, Change{Op: Delete, Resource: logConf}),
- append(problems, Problem{Object: logconfObj, Reason: "Rejected", Message: err.Error()})
+ append(problems, Problem{Object: logconfObj, Reason: nl.EventReasonRejected, Message: err.Error()})
}
return append(changes, Change{Op: AddOrUpdate, Resource: logConf}), problems
}
@@ -385,7 +385,7 @@ func (ci *ConfigurationImpl) AddOrUpdateUserSig(userSigObj *unstructured.Unstruc
userSig, err := createAppProtectUserSigEx(userSigObj)
ci.UserSigs[resNsName] = userSig
if err != nil {
- problems = append(problems, Problem{Object: userSigObj, Reason: "Rejected", Message: err.Error()})
+ problems = append(problems, Problem{Object: userSigObj, Reason: nl.EventReasonRejected, Message: err.Error()})
}
change.UserSigs = append(change.UserSigs, userSigObj)
ci.buildUserSigChangeAndProblems(&problems, &change)
@@ -489,7 +489,7 @@ func (ci *ConfigurationImpl) reconcileUserSigs() (changes []Change, problems []P
for _, sig := range sigs[1:] {
if sig.IsValid {
sig.setInvalid(duplicatedTagsErrorMsg)
- looserProblem := Problem{Object: sig.Obj, Reason: "Rejected", Message: duplicatedTagsErrorMsg}
+ looserProblem := Problem{Object: sig.Obj, Reason: nl.EventReasonRejected, Message: duplicatedTagsErrorMsg}
looserChange := Change{Op: Delete, Resource: sig}
changes = append(changes, looserChange)
problems = append(problems, looserProblem)
@@ -511,7 +511,7 @@ func (ci *ConfigurationImpl) verifyPolicies() (changes []Change, problems []Prob
if pol.IsValid {
if !ci.verifyPolicyAgainstUserSigs(pol) {
pol.setInvalid(missingUserSigErrorMsg)
- polProb := Problem{Object: pol.Obj, Reason: "Rejected", Message: missingUserSigErrorMsg}
+ polProb := Problem{Object: pol.Obj, Reason: nl.EventReasonRejected, Message: missingUserSigErrorMsg}
polCh := Change{Op: Delete, Resource: pol}
changes = append(changes, polCh)
problems = append(problems, polProb)
diff --git a/internal/k8s/appprotect/app_protect_configuration_test.go b/internal/k8s/appprotect/app_protect_configuration_test.go
index 732892448..3fe5de84f 100644
--- a/internal/k8s/appprotect/app_protect_configuration_test.go
+++ b/internal/k8s/appprotect/app_protect_configuration_test.go
@@ -6,6 +6,7 @@ import (
"testing"
"time"
+ nl "github.com/nginx/kubernetes-ingress/internal/logger"
nic_glog "github.com/nginx/kubernetes-ingress/internal/logger/glog"
"github.com/nginx/kubernetes-ingress/internal/logger/levels"
@@ -577,7 +578,7 @@ func TestAddOrUpdatePolicy(t *testing.T) {
expectedProblems: []Problem{
{
Object: invalidTestPolicy,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Error validating policy : error validating App Protect Policy : required field map[] not found",
},
},
@@ -606,7 +607,7 @@ func TestAddOrUpdatePolicy(t *testing.T) {
expectedProblems: []Problem{
{
Object: testPolicyUnsatisfied,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "policy has unsatisfied signature requirements",
},
},
@@ -686,7 +687,7 @@ func TestAddOrUpdateLogConf(t *testing.T) {
expectedProblems: []Problem{
{
Object: invalidLogConf,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "error validating App Protect Log Configuration testlogconf: required field map[] not found",
},
},
@@ -846,7 +847,7 @@ func TestAddOrUpdateUserSig(t *testing.T) {
expectedProblems: []Problem{
{
Object: invalidTestUserSig2,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "validation failed",
},
},
@@ -863,7 +864,7 @@ func TestAddOrUpdateUserSig(t *testing.T) {
{
Object: testUserSigDupTag,
Message: "duplicate tag set",
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
},
},
msg: "Duplicate tags",
@@ -879,7 +880,7 @@ func TestAddOrUpdateUserSig(t *testing.T) {
{
Object: testUserSig1Invalid,
Message: "validation failed",
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
},
},
msg: "UserSig becomes valid after previous tag holder became invalid",
@@ -1071,7 +1072,7 @@ func TestDeleteUserSig(t *testing.T) {
},
expectedProblems: []Problem{
{
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "policy has unsatisfied signature requirements",
Object: &unstructured.Unstructured{
Object: map[string]interface{}{},
diff --git a/internal/k8s/appprotect_dos.go b/internal/k8s/appprotect_dos.go
index 96f0c1d7e..babfcd242 100644
--- a/internal/k8s/appprotect_dos.go
+++ b/internal/k8s/appprotect_dos.go
@@ -216,17 +216,17 @@ func (lbc *LoadBalancerController) processAppProtectDosChanges(changes []appprot
warnings, err := lbc.configurator.AddOrUpdateResourcesThatUseDosProtected(resourceExes.IngressExes, resourceExes.MergeableIngresses, resourceExes.VirtualServerExes)
lbc.updateResourcesStatusAndEvents(resources, warnings, err)
msg := fmt.Sprintf("Configuration for %s/%s was added or updated", impl.Obj.Namespace, impl.Obj.Name)
- lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", msg)
+ lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, msg)
case *appprotectdos.DosPolicyEx:
msg := "Configuration was added or updated"
- lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", msg)
+ lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, msg)
case *appprotectdos.DosLogConfEx:
eventType := api_v1.EventTypeNormal
- eventTitle := "AddedOrUpdated"
+ eventTitle := nl.EventReasonAddedOrUpdated
msg := "Configuration was added or updated"
if impl.ErrorMsg != "" {
msg += fmt.Sprintf(" ; with warning(s): %s", impl.ErrorMsg)
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventType = api_v1.EventTypeWarning
}
lbc.recorder.Event(impl.Obj, eventType, eventTitle, msg)
diff --git a/internal/k8s/appprotect_waf.go b/internal/k8s/appprotect_waf.go
index adfd8ad89..8ed8748f2 100644
--- a/internal/k8s/appprotect_waf.go
+++ b/internal/k8s/appprotect_waf.go
@@ -371,7 +371,7 @@ func (lbc *LoadBalancerController) processAppProtectChanges(changes []appprotect
warnings, updateErr := lbc.configurator.AddOrUpdateAppProtectResource(impl.Obj, resourceExes.IngressExes, resourceExes.MergeableIngresses, resourceExes.VirtualServerExes)
lbc.updateResourcesStatusAndEvents(resources, warnings, updateErr)
- lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", "AppProtectPolicy %v was added or updated", namespace+"/"+name)
+ lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, "AppProtectPolicy %v was added or updated", namespace+"/"+name)
case *appprotect.LogConfEx:
namespace := impl.Obj.GetNamespace()
name := impl.Obj.GetName()
@@ -385,7 +385,7 @@ func (lbc *LoadBalancerController) processAppProtectChanges(changes []appprotect
warnings, updateErr := lbc.configurator.AddOrUpdateAppProtectResource(impl.Obj, resourceExes.IngressExes, resourceExes.MergeableIngresses, resourceExes.VirtualServerExes)
lbc.updateResourcesStatusAndEvents(resources, warnings, updateErr)
- lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", "AppProtectLogConfig %v was added or updated", namespace+"/"+name)
+ lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, "AppProtectLogConfig %v was added or updated", namespace+"/"+name)
}
} else if c.Op == appprotect.Delete {
switch impl := c.Resource.(type) {
diff --git a/internal/k8s/appprotectdos/app_protect_dos_configuration.go b/internal/k8s/appprotectdos/app_protect_dos_configuration.go
index 5a30bf387..0546ca2a2 100644
--- a/internal/k8s/appprotectdos/app_protect_dos_configuration.go
+++ b/internal/k8s/appprotectdos/app_protect_dos_configuration.go
@@ -6,6 +6,7 @@ import (
"github.com/nginx/kubernetes-ingress/internal/configs"
"github.com/nginx/kubernetes-ingress/internal/k8s/appprotectcommon"
+ nl "github.com/nginx/kubernetes-ingress/internal/logger"
"github.com/nginx/kubernetes-ingress/pkg/apis/dos/v1beta1"
"github.com/nginx/kubernetes-ingress/pkg/apis/dos/validation"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@@ -117,7 +118,7 @@ func (ci *Configuration) AddOrUpdatePolicy(policyObj *unstructured.Unstructured)
op := AddOrUpdate
if err != nil {
op = Delete
- problems = append(problems, Problem{Object: policyObj, Reason: "Rejected", Message: err.Error()})
+ problems = append(problems, Problem{Object: policyObj, Reason: nl.EventReasonRejected, Message: err.Error()})
}
changes = append(changes, Change{Op: op, Resource: policy})
@@ -140,7 +141,7 @@ func (ci *Configuration) AddOrUpdateLogConf(logConfObj *unstructured.Unstructure
op := AddOrUpdate
if err != nil {
op = Delete
- problems = append(problems, Problem{Object: logConfObj, Reason: "Rejected", Message: err.Error()})
+ problems = append(problems, Problem{Object: logConfObj, Reason: nl.EventReasonRejected, Message: err.Error()})
}
changes = append(changes, Change{Op: op, Resource: logConf})
@@ -162,7 +163,7 @@ func (ci *Configuration) AddOrUpdateDosProtectedResource(protectedConf *v1beta1.
ci.dosProtectedResource[resNsName] = protectedEx
if err != nil {
return []Change{{Op: Delete, Resource: protectedEx}},
- []Problem{{Object: protectedConf, Reason: "Rejected", Message: err.Error()}}
+ []Problem{{Object: protectedConf, Reason: nl.EventReasonRejected, Message: err.Error()}}
}
if protectedEx.Obj.Spec.ApDosPolicy != "" {
policyReference := protectedEx.Obj.Spec.ApDosPolicy
@@ -173,7 +174,7 @@ func (ci *Configuration) AddOrUpdateDosProtectedResource(protectedConf *v1beta1.
_, err := ci.getPolicy(policyReference)
if err != nil {
return []Change{{Op: Delete, Resource: protectedEx}},
- []Problem{{Object: protectedConf, Reason: "Rejected", Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosPolicy: %s", policyReference, err.Error())}}
+ []Problem{{Object: protectedConf, Reason: nl.EventReasonRejected, Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosPolicy: %s", policyReference, err.Error())}}
}
}
if protectedEx.Obj.Spec.DosSecurityLog != nil && protectedEx.Obj.Spec.DosSecurityLog.ApDosLogConf != "" {
@@ -185,7 +186,7 @@ func (ci *Configuration) AddOrUpdateDosProtectedResource(protectedConf *v1beta1.
_, err := ci.getLogConf(logConfReference)
if err != nil {
return []Change{{Op: Delete, Resource: protectedEx}},
- []Problem{{Object: protectedConf, Reason: "Rejected", Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosLogConf: %s", logConfReference, err.Error())}}
+ []Problem{{Object: protectedConf, Reason: nl.EventReasonRejected, Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosLogConf: %s", logConfReference, err.Error())}}
}
}
return []Change{{Op: AddOrUpdate, Resource: protectedEx}}, nil
diff --git a/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go b/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go
index 9b2e995cc..fb76bed5f 100644
--- a/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go
+++ b/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go
@@ -6,6 +6,7 @@ import (
"github.com/google/go-cmp/cmp"
"github.com/nginx/kubernetes-ingress/internal/configs"
+ nl "github.com/nginx/kubernetes-ingress/internal/logger"
"github.com/nginx/kubernetes-ingress/pkg/apis/dos/v1beta1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@@ -191,7 +192,7 @@ func TestAddOrUpdateDosProtected(t *testing.T) {
expectedProblems: []Problem{
{
Object: invalidResource,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "error validating DosProtectedResource: invalidResource missing value for field: name",
},
},
@@ -295,7 +296,7 @@ func TestAddOrUpdateDosPolicy(t *testing.T) {
expectedProblems: []Problem{
{
Object: invalidTestPolicy,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "error validating DosPolicy : required field map[] not found",
},
},
@@ -400,7 +401,7 @@ func TestAddOrUpdateDosLogConf(t *testing.T) {
expectedProblems: []Problem{
{
Object: invalidLogConf,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "error validating App Protect Dos Log Configuration invalid-logconf: required field map[] not found",
},
},
diff --git a/internal/k8s/configuration.go b/internal/k8s/configuration.go
index a09cd89f2..3aa5969aa 100644
--- a/internal/k8s/configuration.go
+++ b/internal/k8s/configuration.go
@@ -8,6 +8,7 @@ import (
"sync"
"github.com/nginx/kubernetes-ingress/internal/configs"
+ nl "github.com/nginx/kubernetes-ingress/internal/logger"
conf_v1 "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/v1"
"github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation"
networking "k8s.io/api/networking/v1"
@@ -469,7 +470,7 @@ func (c *Configuration) AddOrUpdateIngress(ing *networking.Ingress) ([]ResourceC
p := ConfigurationProblem{
Object: ing,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: validationError.Error(),
}
problems = append(problems, p)
@@ -535,7 +536,7 @@ func (c *Configuration) AddOrUpdateVirtualServer(vs *conf_v1.VirtualServer) ([]R
p := ConfigurationProblem{
Object: vs,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: fmt.Sprintf("VirtualServer %s was rejected with error: %s", getResourceKey(&vs.ObjectMeta), validationError.Error()),
}
problems = append(problems, p)
@@ -584,7 +585,7 @@ func (c *Configuration) AddOrUpdateVirtualServerRoute(vsr *conf_v1.VirtualServer
p := ConfigurationProblem{
Object: vsr,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: fmt.Sprintf("VirtualServerRoute %s was rejected with error: %s", getResourceKey(&vsr.ObjectMeta), validationError.Error()),
}
problems = append(problems, p)
@@ -711,7 +712,7 @@ func (c *Configuration) AddOrUpdateTransportServer(ts *conf_v1.TransportServer)
p := ConfigurationProblem{
Object: ts,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: fmt.Sprintf("TransportServer %s was rejected with error: %s", getResourceKey(&ts.ObjectMeta), validationErr.Error()),
}
problems = append(problems, p)
@@ -1091,7 +1092,7 @@ func (c *Configuration) addProblemsForTSConfigsWithoutActiveListener(
p := ConfigurationProblem{
Object: tsc.TransportServer,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: fmt.Sprintf("Listener %s doesn't exist", listenerName),
}
problems[tsc.GetKeyWithKind()] = p
@@ -1102,7 +1103,7 @@ func (c *Configuration) addProblemsForTSConfigsWithoutActiveListener(
p := ConfigurationProblem{
Object: tsc.TransportServer,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: fmt.Sprintf("Listener %s with host %s is taken by another resource", listenerName, hostDescription),
}
problems[tsc.GetKeyWithKind()] = p
@@ -1125,7 +1126,7 @@ func (c *Configuration) addProblemsForResourcesWithoutActiveHost(resources map[s
p := ConfigurationProblem{
Object: impl.Ingress,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "All hosts are taken by other resources",
}
problems[r.GetKeyWithKind()] = p
@@ -1137,7 +1138,7 @@ func (c *Configuration) addProblemsForResourcesWithoutActiveHost(resources map[s
p := ConfigurationProblem{
Object: impl.VirtualServer,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Host is taken by another resource",
}
problems[r.GetKeyWithKind()] = p
@@ -1149,7 +1150,7 @@ func (c *Configuration) addProblemsForResourcesWithoutActiveHost(resources map[s
p := ConfigurationProblem{
Object: impl.TransportServer,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Host is taken by another resource",
}
problems[r.GetKeyWithKind()] = p
@@ -1228,7 +1229,7 @@ func (c *Configuration) addProblemsForOrphanMinions(problems map[string]Configur
p := ConfigurationProblem{
Object: ing,
IsError: false,
- Reason: "NoIngressMasterFound",
+ Reason: nl.EventReasonNoIngressMasterFound,
Message: "Ingress master is invalid or doesn't exist",
}
k := getResourceKeyWithKind(ingressKind, &ing.ObjectMeta)
@@ -1248,7 +1249,7 @@ func (c *Configuration) addProblemsForOrphanOrIgnoredVsrs(problems map[string]Co
p := ConfigurationProblem{
Object: vsr,
IsError: false,
- Reason: "NoVirtualServerFound",
+ Reason: nl.EventReasonNoVirtualServerFound,
Message: "VirtualServer is invalid or doesn't exist",
}
k := getResourceKeyWithKind(virtualServerRouteKind, &vsr.ObjectMeta)
@@ -1268,7 +1269,7 @@ func (c *Configuration) addProblemsForOrphanOrIgnoredVsrs(problems map[string]Co
p := ConfigurationProblem{
Object: vsr,
IsError: false,
- Reason: "Ignored",
+ Reason: nl.EventReasonIgnored,
Message: fmt.Sprintf("VirtualServer %s ignores VirtualServerRoute", getResourceKey(&vsConfig.VirtualServer.ObjectMeta)),
}
k := getResourceKeyWithKind(virtualServerRouteKind, &vsr.ObjectMeta)
diff --git a/internal/k8s/configuration_test.go b/internal/k8s/configuration_test.go
index 611e60fb6..7a746f714 100644
--- a/internal/k8s/configuration_test.go
+++ b/internal/k8s/configuration_test.go
@@ -6,7 +6,7 @@ import (
"time"
"github.com/google/go-cmp/cmp"
- nic_logger "github.com/nginx/kubernetes-ingress/internal/logger"
+ nl "github.com/nginx/kubernetes-ingress/internal/logger"
conf_v1 "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/v1"
"github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation"
networking "k8s.io/api/networking/v1"
@@ -16,7 +16,7 @@ import (
func createTestConfiguration() *Configuration {
lbc := LoadBalancerController{
ingressClass: "nginx",
- Logger: nic_logger.LoggerFromContext(context.Background()),
+ Logger: nl.LoggerFromContext(context.Background()),
}
isPlus := false
appProtectEnabled := false
@@ -228,7 +228,7 @@ func TestAddInvalidIngress(t *testing.T) {
{
Object: ing,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: `spec.rules[1].host: Duplicate value: "foo.example.com"`,
},
}
@@ -267,7 +267,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) {
expectedProblems := []ConfigurationProblem{
{
Object: minion1,
- Reason: "NoIngressMasterFound",
+ Reason: nl.EventReasonNoIngressMasterFound,
Message: "Ingress master is invalid or doesn't exist",
},
}
@@ -435,7 +435,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) {
{
Object: invalidMinion1,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: `[spec.rules[1].host: Duplicate value: "example.com", spec.rules: Too many: 2: must have at most 1 items]`,
},
}
@@ -517,7 +517,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: updatedMinion2,
- Reason: "NoIngressMasterFound",
+ Reason: nl.EventReasonNoIngressMasterFound,
Message: "Ingress master is invalid or doesn't exist",
},
}
@@ -560,7 +560,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: updatedMinion1,
- Reason: "NoIngressMasterFound",
+ Reason: nl.EventReasonNoIngressMasterFound,
Message: "Ingress master is invalid or doesn't exist",
},
}
@@ -598,7 +598,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: updatedMinion2,
- Reason: "NoIngressMasterFound",
+ Reason: nl.EventReasonNoIngressMasterFound,
Message: "Ingress master is invalid or doesn't exist",
},
}
@@ -709,7 +709,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: minion2,
- Reason: "NoIngressMasterFound",
+ Reason: nl.EventReasonNoIngressMasterFound,
Message: "Ingress master is invalid or doesn't exist",
},
}
@@ -1089,7 +1089,7 @@ func TestAddInvalidVirtualServer(t *testing.T) {
{
Object: vs,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "VirtualServer default/virtualserver was rejected with error: spec.host: Required value",
},
}
@@ -1192,7 +1192,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
expectedProblems := []ConfigurationProblem{
{
Object: vsr1,
- Reason: "NoVirtualServerFound",
+ Reason: nl.EventReasonNoVirtualServerFound,
Message: "VirtualServer is invalid or doesn't exist",
},
}
@@ -1306,7 +1306,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
{
Object: invalidVSR1,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "VirtualServerRoute default/virtualserverroute-1 was rejected with error: spec.host: Required value",
},
}
@@ -1358,7 +1358,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: invalidForVSVSR1,
- Reason: "Ignored",
+ Reason: nl.EventReasonIgnored,
Message: "VirtualServer default/virtualserver ignores VirtualServerRoute",
},
}
@@ -1410,7 +1410,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: updatedVSR2,
- Reason: "NoVirtualServerFound",
+ Reason: nl.EventReasonNoVirtualServerFound,
Message: "VirtualServer is invalid or doesn't exist",
},
}
@@ -1441,7 +1441,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: vsr1,
- Reason: "NoVirtualServerFound",
+ Reason: nl.EventReasonNoVirtualServerFound,
Message: "VirtualServer is invalid or doesn't exist",
},
}
@@ -1469,7 +1469,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: updatedVSR2,
- Reason: "NoVirtualServerFound",
+ Reason: nl.EventReasonNoVirtualServerFound,
Message: "VirtualServer is invalid or doesn't exist",
},
}
@@ -1540,7 +1540,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) {
expectedProblems = []ConfigurationProblem{
{
Object: vsr2,
- Reason: "NoVirtualServerFound",
+ Reason: nl.EventReasonNoVirtualServerFound,
Message: "VirtualServer is invalid or doesn't exist",
},
}
@@ -1577,7 +1577,7 @@ func TestAddInvalidVirtualServerRoute(t *testing.T) {
{
Object: vsr,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "VirtualServerRoute default/virtualserverroute was rejected with error: spec.host: Required value",
},
}
@@ -1678,7 +1678,7 @@ func TestHostCollisions(t *testing.T) {
{
Object: ts,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Host is taken by another resource",
},
}
@@ -1714,7 +1714,7 @@ func TestHostCollisions(t *testing.T) {
{
Object: vs,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Host is taken by another resource",
},
}
@@ -1766,7 +1766,7 @@ func TestHostCollisions(t *testing.T) {
{
Object: regularIng2,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "All hosts are taken by other resources",
},
}
@@ -2295,7 +2295,7 @@ func TestAddInvalidTransportServer(t *testing.T) {
{
Object: ts,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "TransportServer default/transportserver was rejected with error: spec.listener.name: Required value",
},
}
@@ -2385,7 +2385,7 @@ func TestAddTransportServerWithNonExistingListener(t *testing.T) {
{
Object: ts,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: `Listener tcp-7777 doesn't exist`,
},
}
@@ -2618,7 +2618,7 @@ func TestAddOrUpdateGlobalConfigurationThenAddTransportServer(t *testing.T) {
{
Object: ts1,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-7777 doesn't exist",
},
}
@@ -2691,13 +2691,13 @@ func TestAddOrUpdateGlobalConfigurationThenAddTransportServer(t *testing.T) {
{
Object: ts1,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-7777 doesn't exist",
},
{
Object: ts2,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-8888 doesn't exist",
},
}
@@ -3412,7 +3412,7 @@ func TestPortCollisions(t *testing.T) {
{
Object: ts2,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-7777 with host empty host is taken by another resource",
},
}
@@ -3432,7 +3432,7 @@ func TestPortCollisions(t *testing.T) {
{
Object: ts3,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-7777 with host empty host is taken by another resource",
},
}
@@ -3523,7 +3523,7 @@ func TestChallengeIngressToVSR(t *testing.T) {
{
Object: ing,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "spec.rules: Forbidden: challenge Ingress must have exactly 1 rule defined",
},
}
@@ -3542,7 +3542,7 @@ func TestChallengeIngressToVSR(t *testing.T) {
{
Object: ing,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "spec.rules.HTTP.Paths: Forbidden: challenge Ingress must have exactly 1 path defined",
},
}
@@ -4806,7 +4806,7 @@ func TestTransportServerListenerHostCollisions(t *testing.T) {
{
Object: ts2,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-7777 with host example.com is taken by another resource",
},
}
@@ -4861,7 +4861,7 @@ func TestTransportServerListenerHostCollisions(t *testing.T) {
{
Object: ts5,
IsError: false,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: "Listener tcp-7777 with host empty host is taken by another resource",
},
}
diff --git a/internal/k8s/controller.go b/internal/k8s/controller.go
index a518ec013..f8b317817 100644
--- a/internal/k8s/controller.go
+++ b/internal/k8s/controller.go
@@ -79,7 +79,6 @@ const (
typeKeyword = "type"
helmReleaseType = "helm.sh/release.v1"
splitClientAmountWhenWeightChangesDynamicReload = 101
- secretDeletedReason = "SecretDeleted"
)
var (
@@ -935,12 +934,12 @@ func (lbc *LoadBalancerController) updateAllConfigs() {
resourceExes := lbc.createExtendedResources(resources)
warnings, updateErr := lbc.configurator.UpdateConfig(resourceExes)
- eventTitle := "Updated"
+ eventTitle := nl.EventReasonUpdated
eventType := api_v1.EventTypeNormal
eventWarningMessage := ""
if updateErr != nil {
- eventTitle = "UpdatedWithError"
+ eventTitle = nl.EventReasonUpdatedWithError
eventType = api_v1.EventTypeWarning
eventWarningMessage = fmt.Sprintf("but was not applied: %v", updateErr)
}
@@ -951,17 +950,17 @@ func (lbc *LoadBalancerController) updateAllConfigs() {
if lbc.configMap != nil {
if isNGINXConfigValid {
- lbc.recorder.Event(lbc.configMap, api_v1.EventTypeNormal, "Updated", fmt.Sprintf("ConfigMap %s/%s updated without error", lbc.configMap.GetNamespace(), lbc.configMap.GetName()))
+ lbc.recorder.Event(lbc.configMap, api_v1.EventTypeNormal, nl.EventReasonUpdated, fmt.Sprintf("ConfigMap %s/%s updated without error", lbc.configMap.GetNamespace(), lbc.configMap.GetName()))
} else {
- lbc.recorder.Event(lbc.configMap, api_v1.EventTypeWarning, "UpdatedWithError", fmt.Sprintf("ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.configMap.GetNamespace(), lbc.configMap.GetName()))
+ lbc.recorder.Event(lbc.configMap, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, fmt.Sprintf("ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.configMap.GetNamespace(), lbc.configMap.GetName()))
}
}
if lbc.mgmtConfigMap != nil {
if !mgmtConfigHasWarnings {
- lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeNormal, "Updated", fmt.Sprintf("MGMT ConfigMap %s/%s updated without error", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName()))
+ lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeNormal, nl.EventReasonUpdated, fmt.Sprintf("MGMT ConfigMap %s/%s updated without error", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName()))
} else {
- lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeWarning, "UpdatedWithError", fmt.Sprintf("MGMT ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName()))
+ lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, fmt.Sprintf("MGMT ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName()))
}
}
@@ -1357,7 +1356,7 @@ func (lbc *LoadBalancerController) processChanges(changes []ResourceChange) {
// UpdateVirtualServerStatusAndEventsOnDelete updates the virtual server status and events
func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(vsConfig *VirtualServerConfiguration, changeError string, deleteErr error) {
eventType := api_v1.EventTypeWarning
- eventTitle := "Rejected"
+ eventTitle := nl.EventReasonRejected
eventWarningMessage := ""
state := ""
@@ -1376,7 +1375,7 @@ func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(vs
if eventWarningMessage != "" {
if deleteErr != nil {
eventType = api_v1.EventTypeWarning
- eventTitle = "RejectedWithError"
+ eventTitle = nl.EventReasonRejectedWithError
eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, deleteErr)
state = conf_v1.StateInvalid
}
@@ -1398,7 +1397,7 @@ func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(vs
// UpdateIngressStatusAndEventsOnDelete updates the ingress status and events.
func (lbc *LoadBalancerController) UpdateIngressStatusAndEventsOnDelete(ingConfig *IngressConfiguration, changeError string, deleteErr error) {
- eventTitle := "Rejected"
+ eventTitle := nl.EventReasonRejected
eventWarningMessage := ""
// Ingress either became invalid or lost all its hosts
@@ -1413,7 +1412,7 @@ func (lbc *LoadBalancerController) UpdateIngressStatusAndEventsOnDelete(ingConfi
// (some other Ingress Controller will handle it)
if eventWarningMessage != "" {
if deleteErr != nil {
- eventTitle = "RejectedWithError"
+ eventTitle = nl.EventReasonRejectedWithError
eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, deleteErr)
}
@@ -1449,27 +1448,27 @@ func (lbc *LoadBalancerController) updateResourcesStatusAndEvents(resources []Re
func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConfig *IngressConfiguration, warnings configs.Warnings, operationErr error) {
eventType := api_v1.EventTypeNormal
- eventTitle := "AddedOrUpdated"
+ eventTitle := nl.EventReasonAddedOrUpdated
eventWarningMessage := ""
eventWarningSuffix := ""
if len(ingConfig.Warnings) > 0 {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(ingConfig.Warnings))
eventWarningSuffix = "; "
}
if messages, ok := warnings[ingConfig.Ingress]; ok {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("%s%swith warning(s): %v", eventWarningMessage, eventWarningSuffix, formatWarningMessages(messages))
eventWarningSuffix = "; "
}
if operationErr != nil {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithError"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithError
eventWarningMessage = fmt.Sprintf("%s%sbut was not applied: %v", eventWarningMessage, eventWarningSuffix, operationErr)
}
@@ -1483,7 +1482,7 @@ func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConf
for _, fm := range ingConfig.Minions {
minionEventType := api_v1.EventTypeNormal
- minionEventTitle := "AddedOrUpdated"
+ minionEventTitle := nl.EventReasonAddedOrUpdated
minionEventWarningMessage := ""
minionEventWarningSuffix := ""
@@ -1491,21 +1490,21 @@ func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConf
if len(minionChangeWarnings) > 0 {
minionEventType = api_v1.EventTypeWarning
- minionEventTitle = "AddedOrUpdatedWithWarning"
+ minionEventTitle = nl.EventReasonAddedOrUpdatedWithWarning
minionEventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(minionChangeWarnings))
minionEventWarningSuffix = "; "
}
if messages, ok := warnings[fm.Ingress]; ok {
minionEventType = api_v1.EventTypeWarning
- minionEventTitle = "AddedOrUpdatedWithWarning"
+ minionEventTitle = nl.EventReasonAddedOrUpdatedWithWarning
minionEventWarningMessage = fmt.Sprintf("%s%swith warning(s): %v", minionEventWarningMessage, minionEventWarningSuffix, formatWarningMessages(messages))
minionEventWarningSuffix = "; "
}
if operationErr != nil {
minionEventType = api_v1.EventTypeWarning
- minionEventTitle = "AddedOrUpdatedWithError"
+ minionEventTitle = nl.EventReasonAddedOrUpdatedWithError
minionEventWarningMessage = fmt.Sprintf("%s%s; but was not applied: %v", minionEventWarningMessage, minionEventWarningSuffix, operationErr)
minionEventWarningSuffix = "; "
}
@@ -1534,24 +1533,24 @@ func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConf
func (lbc *LoadBalancerController) updateRegularIngressStatusAndEvents(ingConfig *IngressConfiguration, warnings configs.Warnings, operationErr error) {
eventType := api_v1.EventTypeNormal
- eventTitle := "AddedOrUpdated"
+ eventTitle := nl.EventReasonAddedOrUpdated
eventWarningMessage := ""
if len(ingConfig.Warnings) > 0 {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(ingConfig.Warnings))
}
if messages, ok := warnings[ingConfig.Ingress]; ok {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("%s; with warning(s): %v", eventWarningMessage, formatWarningMessages(messages))
}
if operationErr != nil {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithError"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithError
eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, operationErr)
}
@@ -1568,27 +1567,27 @@ func (lbc *LoadBalancerController) updateRegularIngressStatusAndEvents(ingConfig
func (lbc *LoadBalancerController) updateVirtualServerStatusAndEvents(vsConfig *VirtualServerConfiguration, warnings configs.Warnings, operationErr error) {
eventType := api_v1.EventTypeNormal
- eventTitle := "AddedOrUpdated"
+ eventTitle := nl.EventReasonAddedOrUpdated
eventWarningMessage := ""
state := conf_v1.StateValid
if len(vsConfig.Warnings) > 0 {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(vsConfig.Warnings))
state = conf_v1.StateWarning
}
if messages, ok := warnings[vsConfig.VirtualServer]; ok {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("%s; with warning(s): %v", eventWarningMessage, formatWarningMessages(messages))
state = conf_v1.StateWarning
}
if operationErr != nil {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithError"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithError
eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, operationErr)
state = conf_v1.StateInvalid
}
@@ -1605,20 +1604,20 @@ func (lbc *LoadBalancerController) updateVirtualServerStatusAndEvents(vsConfig *
for _, vsr := range vsConfig.VirtualServerRoutes {
vsrEventType := api_v1.EventTypeNormal
- vsrEventTitle := "AddedOrUpdated"
+ vsrEventTitle := nl.EventReasonAddedOrUpdated
vsrEventWarningMessage := ""
vsrState := conf_v1.StateValid
if messages, ok := warnings[vsr]; ok {
vsrEventType = api_v1.EventTypeWarning
- vsrEventTitle = "AddedOrUpdatedWithWarning"
+ vsrEventTitle = nl.EventReasonAddedOrUpdatedWithWarning
vsrEventWarningMessage = fmt.Sprintf(" with warning(s): %v", formatWarningMessages(messages))
vsrState = conf_v1.StateWarning
}
if operationErr != nil {
vsrEventType = api_v1.EventTypeWarning
- vsrEventTitle = "AddedOrUpdatedWithError"
+ vsrEventTitle = nl.EventReasonAddedOrUpdatedWithError
vsrEventWarningMessage = fmt.Sprintf(" %s; but was not applied:%v", vsrEventWarningMessage, operationErr)
vsrState = conf_v1.StateInvalid
}
@@ -1780,7 +1779,7 @@ func (lbc *LoadBalancerController) syncSecret(task task) {
lbc.handleRegularSecretDeletion(resources)
}
if lbc.isSpecialSecret(key) {
- lbc.recorder.Eventf(lbc.metadata.pod, conf_v1.StateWarning, secretDeletedReason, "A special secret [%s] was deleted. Retaining the secret on this pod but this will affect new pods.", key)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonSecretDeleted, "A special secret [%s] was deleted. Retaining the secret on this pod but this will affect new pods.", key)
nl.Warnf(lbc.Logger, "A special Secret %v was removed. Retaining the Secret.", key)
}
return
@@ -1853,7 +1852,7 @@ func (lbc *LoadBalancerController) handleSecretUpdate(secret *api_v1.Secret, res
warnings, addOrUpdateErr = lbc.configurator.AddOrUpdateResources(resourceExes, !lbc.configurator.DynamicSSLReloadEnabled())
if addOrUpdateErr != nil {
nl.Errorf(lbc.Logger, "Error when updating Secret %v: %v", secretNsName, addOrUpdateErr)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "UpdatedWithError", "%v was updated, but not applied: %v", secretNsName, addOrUpdateErr)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, "%v was updated, but not applied: %v", secretNsName, addOrUpdateErr)
}
lbc.updateResourcesStatusAndEvents(resources, warnings, addOrUpdateErr)
@@ -1884,7 +1883,7 @@ func (lbc *LoadBalancerController) handleSpecialSecretUpdate(secret *api_v1.Secr
// When the MGMT Configmap updates, we don't need to reload here, we are reloading in updateAllConfigs().
if !reload {
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, "SecretUpdated", "the special Secret %v was updated", secretNsName)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, nl.EventReasonSecretUpdated, "the special Secret %v was updated", secretNsName)
return
}
@@ -1909,7 +1908,7 @@ func (lbc *LoadBalancerController) handleSpecialSecretUpdate(secret *api_v1.Secr
}
}
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, "SecretUpdated", "the special Secret %v was updated", secretNsName)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, nl.EventReasonSecretUpdated, "the special Secret %v was updated", secretNsName)
}
// writeSpecialSecrets generates content and writes the secret to disk
@@ -1924,7 +1923,7 @@ func (lbc *LoadBalancerController) writeSpecialSecrets(secret *api_v1.Secret, sp
err := lbc.configurator.AddOrUpdateLicenseSecret(secret)
if err != nil {
nl.Error(lbc.Logger, err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "UpdatedWithError", "the license Secret %v was updated, but not applied: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, "the license Secret %v was updated, but not applied: %v", secretNsName, err)
return false
}
case secrets.SecretTypeCA:
@@ -1945,7 +1944,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string,
err := lbc.validationTLSSpecialSecret(secret, configs.DefaultServerSecretFileName, specialTLSSecretsToUpdate)
if err != nil {
nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
return false
}
}
@@ -1953,7 +1952,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string,
err := lbc.validationTLSSpecialSecret(secret, configs.WildcardSecretFileName, specialTLSSecretsToUpdate)
if err != nil {
nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
return false
}
}
@@ -1961,7 +1960,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string,
err := secrets.ValidateLicenseSecret(secret)
if err != nil {
nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
return false
}
}
@@ -1969,7 +1968,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string,
err := secrets.ValidateCASecret(secret)
if err != nil {
nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
return false
}
}
@@ -1977,7 +1976,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string,
err := secrets.ValidateTLSSecret(secret)
if err != nil {
nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err)
return false
}
}
@@ -1995,7 +1994,7 @@ func (lbc *LoadBalancerController) performNGINXReload(secret *api_v1.Secret) boo
secretNsName := generateSecretNSName(secret)
if err := lbc.configurator.Reload(false); err != nil {
nl.Errorf(lbc.Logger, "error when reloading NGINX when updating the special Secrets: %v", err)
- lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "UpdatedWithError", "the special Secret %v was updated, but not applied: %v", secretNsName, err)
+ lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, "the special Secret %v was updated, but not applied: %v", secretNsName, err)
return false
}
return true
@@ -3513,7 +3512,7 @@ func (lbc *LoadBalancerController) haltIfVSConfigInvalid(vsNew *conf_v1.VirtualS
p := ConfigurationProblem{
Object: vsNew,
IsError: true,
- Reason: "Rejected",
+ Reason: nl.EventReasonRejected,
Message: fmt.Sprintf("VirtualServer %s was rejected with error: %s", getResourceKey(&vsNew.ObjectMeta), validationError.Error()),
}
problems = append(problems, p)
diff --git a/internal/k8s/global_configuration.go b/internal/k8s/global_configuration.go
index 746173f72..4e87ca1d7 100644
--- a/internal/k8s/global_configuration.go
+++ b/internal/k8s/global_configuration.go
@@ -87,18 +87,18 @@ func (lbc *LoadBalancerController) syncGlobalConfiguration(task task) {
updateErr := lbc.processChangesFromGlobalConfiguration(changes)
if gcExists {
- eventTitle := "Updated"
+ eventTitle := nl.EventReasonUpdated
eventType := api_v1.EventTypeNormal
eventMessage := fmt.Sprintf("GlobalConfiguration %s was added or updated", key)
if validationErr != nil {
- eventTitle = "AddedOrUpdatedWithError"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithError
eventType = api_v1.EventTypeWarning
eventMessage = fmt.Sprintf("GlobalConfiguration %s is updated with errors: %v", key, validationErr)
}
if updateErr != nil {
- eventTitle += "WithError"
+ eventTitle += nl.EventReasonUpdatedWithError
eventType = api_v1.EventTypeWarning
eventMessage = fmt.Sprintf("%s; with reload error: %v", eventMessage, updateErr)
}
diff --git a/internal/k8s/policy.go b/internal/k8s/policy.go
index cd74e2c32..34136e4b4 100644
--- a/internal/k8s/policy.go
+++ b/internal/k8s/policy.go
@@ -74,7 +74,7 @@ func (lbc *LoadBalancerController) syncPolicy(task task) {
err := validation.ValidatePolicy(pol, lbc.isNginxPlus, lbc.enableOIDC, lbc.appProtectEnabled)
if err != nil {
msg := fmt.Sprintf("Policy %v/%v is invalid and was rejected: %v", pol.Namespace, pol.Name, err)
- lbc.recorder.Eventf(pol, api_v1.EventTypeWarning, "Rejected", msg)
+ lbc.recorder.Eventf(pol, api_v1.EventTypeWarning, nl.EventReasonRejected, msg)
if lbc.reportCustomResourceStatusEnabled() {
err = lbc.statusUpdater.UpdatePolicyStatus(pol, conf_v1.StateInvalid, "Rejected", msg)
@@ -84,7 +84,7 @@ func (lbc *LoadBalancerController) syncPolicy(task task) {
}
} else {
msg := fmt.Sprintf("Policy %v/%v was added or updated", pol.Namespace, pol.Name)
- lbc.recorder.Eventf(pol, api_v1.EventTypeNormal, "AddedOrUpdated", msg)
+ lbc.recorder.Eventf(pol, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, msg)
if lbc.reportCustomResourceStatusEnabled() {
err = lbc.statusUpdater.UpdatePolicyStatus(pol, conf_v1.StateValid, "AddedOrUpdated", msg)
diff --git a/internal/k8s/transport_server.go b/internal/k8s/transport_server.go
index 09061f769..89a16b3da 100644
--- a/internal/k8s/transport_server.go
+++ b/internal/k8s/transport_server.go
@@ -88,7 +88,7 @@ func (lbc *LoadBalancerController) syncTransportServer(task task) {
func (lbc *LoadBalancerController) updateTransportServerStatusAndEventsOnDelete(tsConfig *TransportServerConfiguration, changeError string, deleteErr error) {
eventType := api_v1.EventTypeWarning
- eventTitle := "Rejected"
+ eventTitle := nl.EventReasonRejected
eventWarningMessage := ""
var state string
@@ -108,7 +108,7 @@ func (lbc *LoadBalancerController) updateTransportServerStatusAndEventsOnDelete(
if eventWarningMessage != "" {
if deleteErr != nil {
eventType = api_v1.EventTypeWarning
- eventTitle = "RejectedWithError"
+ eventTitle = nl.EventReasonRejectedWithError
eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, deleteErr)
state = conf_v1.StateInvalid
}
@@ -126,28 +126,28 @@ func (lbc *LoadBalancerController) updateTransportServerStatusAndEventsOnDelete(
}
func (lbc *LoadBalancerController) updateTransportServerStatusAndEvents(tsConfig *TransportServerConfiguration, warnings configs.Warnings, operationErr error) {
- eventTitle := "AddedOrUpdated"
+ eventTitle := nl.EventReasonAddedOrUpdated
eventType := api_v1.EventTypeNormal
eventWarningMessage := ""
state := conf_v1.StateValid
if len(tsConfig.Warnings) > 0 {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(tsConfig.Warnings))
state = conf_v1.StateWarning
}
if messages, ok := warnings[tsConfig.TransportServer]; ok {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithWarning"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithWarning
eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(messages))
state = conf_v1.StateWarning
}
if operationErr != nil {
eventType = api_v1.EventTypeWarning
- eventTitle = "AddedOrUpdatedWithError"
+ eventTitle = nl.EventReasonAddedOrUpdatedWithError
eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, operationErr)
state = conf_v1.StateInvalid
}
diff --git a/internal/license_reporting/license_reporting.go b/internal/license_reporting/license_reporting.go
index bc2dcbbfd..65adce04e 100644
--- a/internal/license_reporting/license_reporting.go
+++ b/internal/license_reporting/license_reporting.go
@@ -120,13 +120,13 @@ func (lr *LicenseReporter) checkLicenseExpiry(ctx context.Context) {
if expiring, days := licenseExpiring(licenseData); expiring {
licenseEventText = fmt.Sprintf("License expiring in %d day(s)", days)
nl.Warn(l, licenseEventText)
- lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, "LicenseExpiry", licenseEventText)
+ lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, nl.EventReasonLicenseExpiry, licenseEventText)
}
var usageGraceEventText string
if ending, days := usageGraceEnding(licenseData); ending {
usageGraceEventText = fmt.Sprintf("Usage reporting grace period ending in %d day(s)", days)
nl.Warn(l, usageGraceEventText)
- lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, "UsageGraceEnding", usageGraceEventText)
+ lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, nl.EventReasonUsageGraceEnding, usageGraceEventText)
}
}
diff --git a/internal/logger/events.go b/internal/logger/events.go
new file mode 100644
index 000000000..c980725c8
--- /dev/null
+++ b/internal/logger/events.go
@@ -0,0 +1,26 @@
+package log
+
+const (
+ EventReasonAddedOrUpdated = "AddedOrUpdated" //nolint:revive
+ EventReasonAddedOrUpdatedWithError = "AddedOrUpdatedWithError" //nolint:revive
+ EventReasonAddedOrUpdatedWithWarning = "AddedOrUpdatedWithWarning" //nolint:revive
+ EventReasonBadConfig = "BadConfig" //nolint:revive
+ EventReasonCreateDNSEndpoint = "CreateDNSEndpoint" //nolint:revive
+ EventReasonCreateCertificate = "CreateCertificate" //nolint:revive
+ EventReasonDeleteCertificate = "DeleteCertificate" //nolint:revive
+ EventReasonIgnored = "Ignored" //nolint:revive
+ EventReasonInvalidValue = "InvalidValue" //nolint:revive
+ EventReasonLicenseExpiry = "LicenseExpiry" //nolint:revive
+ EventReasonNoIngressMasterFound = "NoIngressMasterFound" //nolint:revive
+ EventReasonNoVirtualServerFound = "NoVirtualServerFound" //nolint:revive
+ EventReasonRejected = "Rejected" //nolint:revive
+ EventReasonRejectedWithError = "RejectedWithError" //nolint:revive
+ EventReasonSecretDeleted = "SecretDeleted" //nolint:revive
+ EventReasonSecretUpdated = "SecretUpdated" //nolint:revive
+ EventReasonUpdated = "Updated" //nolint:revive
+ EventReasonUpdatedWithError = "UpdatedWithError" //nolint:revive
+ EventReasonUpdateCertificate = "UpdateCertificate" //nolint:revive
+ EventReasonUpdateDNSEndpoint = "UpdateDNSEndpoint" //nolint:revive
+ EventReasonUpdatePodLabel = "UpdatePodLabel" //nolint:revive
+ EventReasonUsageGraceEnding = "UsageGraceEnding" //nolint:revive
+)
diff --git a/site/content/configuration/policy-resource.md b/site/content/configuration/policy-resource.md
index df6ea616a..19f07eaad 100644
--- a/site/content/configuration/policy-resource.md
+++ b/site/content/configuration/policy-resource.md
@@ -1,7 +1,9 @@
---
title: Policy resources
-toc: true
weight: 500
+toc: true
+type: how-to
+product: NIC
docs: DOCS-596
---
@@ -593,7 +595,7 @@ NGINX Plus will pass the ID of an authenticated user to the backend in the HTTP
{{< note >}}
-The feature is implemented using the [reference implementation](https://github.com/nginx/nginx-openid-connect/) of NGINX Plus as a relying party for OpenID Connect authentication.
+The feature is implemented using the [reference implementation](https://github.com/nginxinc/nginx-openid-connect/) of NGINX Plus as a relying party for OpenID Connect authentication.
{{< /note >}}
diff --git a/site/content/installation/integrations/app-protect-dos/installation.md b/site/content/installation/integrations/app-protect-dos/installation.md
index 01d6f7f4e..2273d6261 100644
--- a/site/content/installation/integrations/app-protect-dos/installation.md
+++ b/site/content/installation/integrations/app-protect-dos/installation.md
@@ -1,13 +1,13 @@
---
-docs: DOCS-583
-doctypes:
-- ''
title: Build NGINX Ingress Controller with NGINX App Protect DoS
-toc: true
weight: 100
+toc: true
+type: how-to
+product: NIC
+docs: DOCS-583
---
-This document explains how to build an image for NGINX Ingress Controller with NGINX App Protect DoS from source code.
+This document explains how to build an image for F5 NGINX Ingress Controller with NGINX App Protect DoS from source code.
{{}}If you'd rather not build your own NGINX Ingress Controller image, see the [pre-built image options](#pre-built-images) at the end of this guide.{{}}
@@ -180,7 +180,7 @@ kubectl apply -f config/crd/bases/appprotectdos.f5.com_dosprotectedresources.yam
### Helm Chart
-The App Protect DoS Arbitrator can be installed using the [NGINX App Protect DoS Helm Chart](https://github.com/nginx/nap-dos-arbitrator-helm-chart).
+The App Protect DoS Arbitrator can be installed using the [NGINX App Protect DoS Helm Chart](https://github.com/nginxinc/nap-dos-arbitrator-helm-chart).
If you have the NGINX Helm Repository already added, you can install the App Protect DoS Arbitrator by running the following command:
```shell
diff --git a/site/content/releases.md b/site/content/releases.md
index a3f82fa30..7a2cf4231 100644
--- a/site/content/releases.md
+++ b/site/content/releases.md
@@ -1,12 +1,10 @@
---
-description: NGINX Ingress Controller Release Notes.
-docs: DOCS-616
-doctypes:
-- concept
title: Releases
-toc: true
weight: 2100
-
+toc: true
+type: reference
+product: NIC
+docs: DOCS-616
---
## 4.0.0
@@ -348,7 +346,7 @@ versions: 1.25-1.30.
[Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
- For NGINX Plus, use the 3.5.2 images from the F5 Container registry,
the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking), the [Azure Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/nginx.nginx_ingress_premium),
+the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking), the [Azure Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/nginxinc.nginx_ingress_premium?tab=Overview),
or build your own image using the 3.5.2 source code
- For Helm, use version 1.2.2 of the chart.
@@ -1205,12 +1203,13 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
17 May 2022
### Dependencies
+the documentation here
- Update Go dependencies.
### Fixes
-- [2654](https://github.com/nginx/kubernetes-ingress/pull/2654) Sync changes from [nginx-openid-connect](https://github.com/nginx/nginx-openid-connect) repo, add zoneSyncLeeway field in policy. For more information on the fixes, see [52](https://github.com/nginx/nginx-openid-connect/pull/52).
+- [2654](https://github.com/nginx/kubernetes-ingress/pull/2654) Sync changes from [nginx-openid-connect](https://github.com/nginxinc/nginx-openid-connect) repo, add zoneSyncLeeway field in policy. For more information on the fixes, see [pull request 52](https://github.com/nginxinc/nginx-openid-connect/pull/52).
### Upgrade
@@ -1592,7 +1591,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
### Upgrade
- For NGINX, use the 1.12.1 image from our DockerHub: `nginx/nginx-ingress:1.12.1`, `nginx/nginx-ingress:1.12.1-alpine` or `nginx/nginx-ingress:1.12.1-ubi`
-- For NGINX Plus, use the 1.12.1 image from the F5 Container Registry - see [the documentation here](https://docs.nginx.com/nginx-ingress-controller/installation/pulling-ingress-controller-image/)
+- For NGINX Plus, use the 1.12.1 image from the F5 Container Registry - see [the documentation here]({{< ref "/installation/nic-images/get-registry-image.md">}})
- Alternatively, you can also build your own image using the 1.12.1 source code.
- For Helm, use version 0.10.1 of the chart.
@@ -1986,7 +1985,7 @@ For Kubernetes >= 1.18, when upgrading using the [manifests](https://docs.nginx.
### Notes
-- When using Kubernetes >= 1.18, the `-use-ingress-class-only` command-line argument is now ignored, and the Ingress Controller will only process resources that belong to its class. See [IngressClass doc](https://docs.nginx.com/nginx-ingress-controller/installation/running-multiple-ingress-controllers/#ingress-class) for more details.
+- When using Kubernetes >= 1.18, the `-use-ingress-class-only` command-line argument is now ignored, and the Ingress Controller will only process resources that belong to its class. See [IngressClass doc]({{< ref "/installation/run-multiple-ingress-controllers.md#ingress-class" >}}) for more details.
- For Kubernetes >= 1.18, a dedicated IngressClass resource, which is configured by `controller.ingressClass`, is required per helm release. When upgrading or installing releases, ensure `controller.ingressClass` is not set to the name of the IngressClass of other releases or Ingress Controllers.
@@ -2114,7 +2113,7 @@ Release 1.7.0 includes:
- Support for TCP, UDP, and TLS Passthrough load balancing with the new configuration resources: TransportServer and GlobalConfiguration. The resources allow users to deliver complex, non-HTTP-based applications from Kubernetes using NGINX Ingress Controller.
- Support for error pages in VirtualServer and VirtualServerRoute resources. A user can now specify custom error responses for errors returned by backend applications or generated by NGINX, such as a 502 response.
- Improved validation of VirtualServer and VirtualServerRoute resources. kubectl and the Kubernetes API server can now detect violations of the structure of VirtualServer/VirtualServerRoute resources and return an error.
-- Support for an operator which manages the lifecycle of the Ingress Controller on Kubernetes or OpenShift. See the [NGINX Ingress Operator GitHub repo](https://github.com/nginx/nginx-ingress-operator).
+- Support for an operator which manages the lifecycle of the Ingress Controller on Kubernetes or OpenShift. See the [NGINX Ingress Operator GitHub repo](https://github.com/nginxinc/nginx-ingress-operator).
See the [1.7.0 release announcement blog post](https://www.nginx.com/blog/announcing-nginx-ingress-controller-for-kubernetes-release-1-7-0/), which includes an overview of each feature.
diff --git a/site/content/tutorials/oidc-custom-configuration.md b/site/content/tutorials/oidc-custom-configuration.md
index 5e3103d78..2200ac37b 100644
--- a/site/content/tutorials/oidc-custom-configuration.md
+++ b/site/content/tutorials/oidc-custom-configuration.md
@@ -1,18 +1,19 @@
---
-doctypes:
-- concept
title: Customize OIDC Configuration with NGINX Ingress Controller
-toc: true
weight: 1800
+toc: true
+type: how-to
+product: NIC
+docs: DOCS-000
---
-The F5 NGINX Ingress Controller implements OpenID Connect (OIDC) using the NGINX OpenID Connect Reference implementation: [nginx-openid-connect](https://github.com/nginx/nginx-openid-connect).
+The F5 NGINX Ingress Controller implements OpenID Connect (OIDC) using the NGINX OpenID Connect Reference implementation: [nginx-openid-connect](https://github.com/nginxinc/nginx-openid-connect).
This guide will walk through how to customize and configure this default implementation.
## Prerequisites
-This guide assumes that you have an F5 NGINX Ingress Controller deployed. If not, please follow the installation steps using either the [Manifest](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/) or [HELM](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/) approach.
+This guide assumes that you have an F5 NGINX Ingress Controller deployed. If not, please follow the installation steps using either the [Manifest]({{< ref "/installation/installing-nic/installation-with-manifests.md" >}}) or [Helm]({{< ref "/installation/installing-nic/installation-with-helm.md" >}}) approach.
To customize the NGINX OpenID Connect Reference implementation, you will need to: