Add override for proxy intercept errors when using Custom HTTP Errors on default backend #8435
Conversation
|
k8s-ci-robot
added
cncf-cla: no
|
Welcome @GerryWilko! |
k8s-ci-robot
added
needs-kind
|
Hi @GerryWilko. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
needs-priority
size/L
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: GerryWilko The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@GerryWilko , thank you for your contribution.
|
|
Hi @longwuyuan, I'll get to work on those points. The CLA is a really frustrating thing to ask contributors to sign it is very much anti Open Source. I have started the process of getting this signed within my organisation. It is very unclear who this meant to protect and what actual purpose it serves beyond being a stick to beat contributors with should any legal issues arise. Rant over... |
|
@GerryWilko thank you for the contribution. It helps. Its possible to have a healthy discussion on the problem to sign CLA and explore solution. Also clicking on the details link above, takes you to a page where there is info on CLA, if you want. There is no getting around the CLA in the near future though. Thanks again. If there is enough content, like verified working code and tests and docs, then someone else without CLA problems can submit the PR using your content. |
|
Thank you for your contribution. As this is a CNCF Project we must adhere to their rules, and practices which includes the CLA. If you have any problems signing the CLA please let them know by emailing them at [email protected]. Thank you, |
|
/triage accepted |
k8s-ci-robot
added
triage/accepted
|
@GerryWilko thanks for creating this pull request 🙂. Can you tell whether you will be able to sign the CLA? In case its hard to get through the process at your company - is there any other way? I'm very much looking forward to this PR being merged as it will unblock one of our issues 🙏 . |
k8s-ci-robot
added
the
needs-rebase
|
@GerryWilko: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
|
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
k8s-ci-robot
added
lifecycle/rotten
There was a problem hiding this comment.
We're currently testing a modified version of this patch at our organisation and would very much like the merge request be merged.
@GerryWilko if you can't/won't sign the CLA, with your permission I'd open a merge myself to get it merged faster
| @@ -882,6 +882,7 @@ func NewDefault() Configuration { | |||
| PreserveTrailingSlash: false, | |||
| SSLRedirect: true, | |||
| CustomHTTPErrors: []int{}, | |||
| SetProxyInterceptErrors: true, | |||
There was a problem hiding this comment.
this is the default for ingress annotations only, and not the global config, correct? The global config value should also default to true, shouldn't it?
| // for use when using CustomHTTPErrors without intecepting service errors | ||
| // e.g. custom 404 and 503 when service-a does not exist or is not available | ||
| // but service-a can return 404 and 503 error codes without intercept | ||
| SetProxyInterceptErrors bool `json:"set-proxy-intercept-errors"` |
There was a problem hiding this comment.
I would drop the set- prefix, to align the naming to all other options
|
/close CLA is part of the contribution process of Kubernetes. Once you have it signed, please let us know and feel free to open a new PR |
|
@rikatz: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This PR adds a new flag to the global ConfigMap configurations and Ingress Annotations to disable the
proxy_intercept_errorssetting in nginx.conf when using CustomHTTPErrors.What this PR does / why we need it:
The motivation behind this change is to enable the use case outlined in #8376. We would like to be able to override the default nginx error pages (e.g. 503 service unavailable and 404 not found) with a custom error page without intercepting genuine error responses from proxied services.
Types of changes
Which issue/s this PR fixes
fixes #8376
How Has This Been Tested?
Added unit tests to cover this change. Tested locally and confirmed fix by applying manually to our test site by editing nginx.conf and removing
proxy_intercept_errorsline.Checklist: