access-log: false ignored for auth-url #3040
Comments
This works as expected. The annotations are applied to the path of the ingress, not other annotations (like auth-url) |
|
This kind of defeats the purpose of enable-access-log: false for security-sensitive URLs (e.g. when you have to pass authentication information in query strings when the involved software doesn't support Authorization headers). I haven't found a way to inject "access_log: off" into the auth-url handler - should there be one? |
|
@aledbf so whats the way forward for this ? |
|
@nixgadget fix the issue in the template checking if the log is disabled inside the auth location |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
lifecycle/rotten
|
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
|
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
NGINX Ingress controller version: head, 0.13.0
What happened:
When I set these annotations, access logs are written for the endpoint:
nginx.ingress.kubernetes.io/enable-access-log: "false"
nginx.ingress.kubernetes.io/auth-url: "http://foo/bar"
What you expected to happen:
No access logs should be written.
Anything else we need to know:
I suspect that the access logs are written by the second location entry that's created for the auth-url.
The text was updated successfully, but these errors were encountered: