Skip to content

Commit

Permalink
Remove 3rd party lua plugin support (#11821)
Browse files Browse the repository at this point in the history
  • Loading branch information
@rikatz
rikatz authored Aug 21, 2024
1 parent bfd65d6 commit 3bec99e
Show file tree
Hide file tree
Showing 13 changed files with 2 additions and 258 deletions.
5 changes: 0 additions & 5 deletions docs/user-guide/nginx-configuration/configmap.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,6 @@ The following table shows a configuration option's name, type, and the default v
| [server-name-hash-bucket-size](#server-name-hash-bucket-size) | int | `<size of the processor’s cache line>` |
| [proxy-headers-hash-max-size](#proxy-headers-hash-max-size) | int | 512 | |
| [proxy-headers-hash-bucket-size](#proxy-headers-hash-bucket-size) | int | 64 | |
| [plugins](#plugins) | []string | | |
| [reuse-port](#reuse-port) | bool | "true" | |
| [server-tokens](#server-tokens) | bool | "false" | |
| [ssl-ciphers](#ssl-ciphers) | string | "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" | |
Expand Down Expand Up @@ -612,10 +611,6 @@ _References:_
- [https://nginx.org/en/docs/hash.html](https://nginx.org/en/docs/hash.html)
- [https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_headers_hash_bucket_size](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_headers_hash_bucket_size)

## plugins

Activates plugins installed in `/etc/nginx/lua/plugins`. Refer to [ingress-nginx plugins README](https://github.com/kubernetes/ingress-nginx/blob/main/rootfs/etc/nginx/lua/plugins/README.md) for more information on how to write and install a plugin.

## server-tokens

Send NGINX Server header in responses and display NGINX version in error pages. _**default:**_ is disabled
Expand Down
5 changes: 0 additions & 5 deletions internal/ingress/controller/config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,11 +318,6 @@ type Configuration struct {
NginxStatusIpv4Whitelist []string `json:"nginx-status-ipv4-whitelist,omitempty"`
NginxStatusIpv6Whitelist []string `json:"nginx-status-ipv6-whitelist,omitempty"`

// Plugins configures plugins to use placed in the directory /etc/nginx/lua/plugins.
// Every plugin has to have main.lua in the root. Every plugin has to bundle all of its dependencies.
// The execution order follows the definition.
Plugins []string `json:"plugins,omitempty"`

// If UseProxyProtocol is enabled ProxyRealIPCIDR defines the default the IP/network address
// of your external load balancer
ProxyRealIPCIDR []string `json:"proxy-real-ip-cidr,omitempty"`
Expand Down
6 changes: 0 additions & 6 deletions internal/ingress/controller/template/configmap.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,6 @@ const (
globalAuthCacheDuration = "global-auth-cache-duration"
globalAuthAlwaysSetCookie = "global-auth-always-set-cookie"
luaSharedDictsKey = "lua-shared-dicts"
plugins = "plugins"
debugConnections = "debug-connections"
workerSerialReloads = "enable-serial-reloads"
)
Expand Down Expand Up @@ -416,11 +415,6 @@ func ReadConfig(src map[string]string) config.Configuration {
delete(conf, workerSerialReloads)
}

if val, ok := conf[plugins]; ok {
to.Plugins = splitAndTrimSpace(val, ",")
delete(conf, plugins)
}

if val, ok := conf[debugConnections]; ok {
delete(conf, debugConnections)
for _, i := range splitAndTrimSpace(val, ",") {
Expand Down
61 changes: 0 additions & 61 deletions rootfs/etc/nginx/lua/plugins.lua
View file

This file was deleted.

36 changes: 0 additions & 36 deletions rootfs/etc/nginx/lua/plugins/README.md
View file

This file was deleted.

13 changes: 0 additions & 13 deletions rootfs/etc/nginx/lua/plugins/hello_world/main.lua
View file

This file was deleted.

24 changes: 0 additions & 24 deletions rootfs/etc/nginx/lua/plugins/hello_world/test/main_test.lua
View file

This file was deleted.

23 changes: 0 additions & 23 deletions rootfs/etc/nginx/lua/test/plugins_test.lua
View file

This file was deleted.

19 changes: 0 additions & 19 deletions rootfs/etc/nginx/template/nginx.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,15 +113,6 @@ http {
certificate = res
certificate.is_ocsp_stapling_enabled = {{ $cfg.EnableOCSP }}
end

ok, res = pcall(require, "plugins")
if not ok then
error("require failed: " .. tostring(res))
else
plugins = res
end
-- load all plugins that'll be used here
plugins.init({ {{ range $idx, $plugin := $cfg.Plugins }}{{ if $idx }},{{ end }}{{ $plugin | quote }}{{ end }} })
}

init_worker_by_lua_block {
Expand All @@ -130,8 +121,6 @@ http {
{{ if $all.EnableMetrics }}
monitor.init_worker({{ $all.MonitorMaxBatchSize }})
{{ end }}

plugins.run()
}

{{/* Enable the real_ip module only if we use either X-Forwarded headers or Proxy Protocol. */}}
Expand Down Expand Up @@ -1265,7 +1254,6 @@ stream {
rewrite_by_lua_block {
lua_ingress.rewrite({{ locationConfigForLua $location $all }})
balancer.rewrite()
plugins.run()
}

# be careful with `access_by_lua_block` and `satisfy any` directives as satisfy any
Expand All @@ -1276,20 +1264,13 @@ stream {

header_filter_by_lua_block {
lua_ingress.header()
plugins.run()
}

body_filter_by_lua_block {
plugins.run()
}

log_by_lua_block {
balancer.log()
{{ if $all.EnableMetrics }}
monitor.call()
{{ end }}

plugins.run()
}

{{ if not $location.Logs.Access }}
Expand Down
4 changes: 0 additions & 4 deletions test/data/cleanConf.expected.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,6 @@ http {
balancer.init_worker()

monitor.init_worker(10000)

plugins.run()
}

map $request_uri $loggable {
Expand Down Expand Up @@ -120,7 +118,6 @@ http {
use_port_in_redirects = false,
})
balancer.rewrite()
plugins.run()
}

# be careful with `access_by_lua_block` and `satisfy any` directives as satisfy any
Expand All @@ -130,7 +127,6 @@ http {

header_filter_by_lua_block {
lua_ingress.header()
plugins.run()
}

}
Expand Down
7 changes: 1 addition & 6 deletions test/data/cleanConf.src.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,11 +86,8 @@ lua_shared_dict ocsp_response_cache 5M;
init_worker_by_lua_block {
lua_ingress.init_worker()
balancer.init_worker()

monitor.init_worker(10000)


plugins.run()
monitor.init_worker(10000)
}


Expand Down Expand Up @@ -164,7 +161,6 @@ lua_shared_dict ocsp_response_cache 5M;
use_port_in_redirects = false,
})
balancer.rewrite()
plugins.run()
}

# be careful with `access_by_lua_block` and `satisfy any` directives as satisfy any
Expand All @@ -174,7 +170,6 @@ lua_shared_dict ocsp_response_cache 5M;

header_filter_by_lua_block {
lua_ingress.header()
plugins.run()
}


Expand Down
55 changes: 0 additions & 55 deletions test/e2e/settings/plugins.go
View file

This file was deleted.

2 changes: 1 addition & 1 deletion test/test-lua.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ SHDICT_ARGS=(
)

if [ $# -eq 0 ]; then
resty "${SHDICT_ARGS[@]}" ./rootfs/etc/nginx/lua/test/ ./rootfs/etc/nginx/lua/plugins/**/test ${BUSTED_ARGS}
resty "${SHDICT_ARGS[@]}" ./rootfs/etc/nginx/lua/test/ ${BUSTED_ARGS}
else
resty "${SHDICT_ARGS[@]}" $@ ${BUSTED_ARGS}
fi

0 comments on commit 3bec99e

Please sign in to comment.