ci: use Docker DinD version from variable

Merge branch 'headers' into 'master'
fix: hide proxy headers for CORS See merge request unboundsoftware/nginx-s3-upload!6
2023-02-09 21:48:11 +01:00 · 2021-10-26 09:08:27 +00:00 · 2021-10-26 11:04:30 +02:00 · 2021-09-29 18:22:13 +00:00 · 2021-09-29 20:16:33 +02:00 · 2021-04-29 16:08:19 +00:00
3 changed files with 39 additions and 11 deletions
@@ -5,12 +5,12 @@ stages:
 variables:
  DOCKER_HOST: tcp://docker:2375/

-image: buildtool/build-tools:0.0.23
+image: buildtool/build-tools:${BUILDTOOLS_VERSION}

 build:
  stage: build
  services:
-    - docker:19.03-dind
+    - docker:${DOCKER_DIND_VERSION}
  script:
  - build
  - push
@@ -72,24 +72,30 @@ spec:
    targetPort: 80
  selector:
    app: nginx-s3-upload
-  type: ClusterIP
+  type: NodePort

 ---

-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: nginx-s3-upload
  annotations:
-    kubernetes.io/ingress.class: "nginx"
-    nginx.ingress.kubernetes.io/enable-cors: "true"
-    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    kubernetes.io/ingress.class: "alb"
+    alb.ingress.kubernetes.io/group.name: "unbound"
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: instance
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80},{"HTTPS": 443}]'
+    alb.ingress.kubernetes.io/ssl-redirect: "443"
 spec:
  rules:
  - host: 'upload.unbound.se'
    http:
      paths:
-      - backend:
-          serviceName: nginx-s3-upload
-          servicePort: 80
-        path: /
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: nginx-s3-upload
+            port:
+              number: 80
@@ -86,11 +86,22 @@ http {
      proxy_set_header Authorization $authorization;
      proxy_hide_header x-amz-id-2;
      proxy_hide_header x-amz-request-id;
+      proxy_hide_header 'Access-Control-Expose-Headers';
+      proxy_hide_header 'Access-Control-Allow-Origin';
+      proxy_hide_header 'Access-Control-Allow-Credentials';
+      proxy_hide_header 'Access-Control-Allow-Methods';
+      proxy_hide_header 'Access-Control-Allow-Headers';
+      proxy_hide_header 'Access-Control-Max-Age';
      add_header X-File-URL $returnurl;

      resolver 8.8.8.8 valid=300s;
      resolver_timeout 10s;
      add_header 'Access-Control-Expose-Headers' 'X-File-Url';
+      add_header 'Access-Control-Allow-Origin' "*" ;
+      add_header 'Access-Control-Allow-Credentials' 'true' ;
+      add_header 'Access-Control-Allow-Methods' 'GET, PUT, OPTIONS' ;
+      add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
+      add_header 'Access-Control-Max-Age' 1728000;

      proxy_pass $url;
    }
@@ -148,11 +159,22 @@ http {
      proxy_set_header Authorization $authorization;
      proxy_hide_header x-amz-id-2;
      proxy_hide_header x-amz-request-id;
+      proxy_hide_header 'Access-Control-Expose-Headers';
+      proxy_hide_header 'Access-Control-Allow-Origin';
+      proxy_hide_header 'Access-Control-Allow-Credentials';
+      proxy_hide_header 'Access-Control-Allow-Methods';
+      proxy_hide_header 'Access-Control-Allow-Headers';
+      proxy_hide_header 'Access-Control-Max-Age';
      add_header X-File-URL $returnurl;

      resolver 8.8.8.8 valid=300s;
      resolver_timeout 10s;
      add_header 'Access-Control-Expose-Headers' 'X-File-Url';
+      add_header 'Access-Control-Allow-Origin' "*" ;
+      add_header 'Access-Control-Allow-Credentials' 'true' ;
+      add_header 'Access-Control-Allow-Methods' 'GET, PUT, OPTIONS' ;
+      add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
+      add_header 'Access-Control-Max-Age' 1728000;

      proxy_pass $url;
    }
Author	SHA1	Message	Date
argoyle	0d8bfa5aa4	ci: use Docker DinD version from variable	2023-02-09 21:48:11 +01:00
argoyle	ef6bb3fdef	Merge branch 'headers' into 'master' fix: hide proxy headers for CORS See merge request unboundsoftware/nginx-s3-upload!6	2021-10-26 09:08:27 +00:00
argoyle	056b83e32c	fix: hide proxy headers for CORS	2021-10-26 11:04:30 +02:00
argoyle	7bac0dae66	Merge branch 'ingress' into 'master' chore: prepare ingresses for K8S 1.22 See merge request unboundsoftware/nginx-s3-upload!5	2021-09-29 18:22:13 +00:00
argoyle	f611c695b7	chore: prepare ingresses for K8S 1.22	2021-09-29 20:16:33 +02:00
argoyle	aa37fcd7a7	Merge branch 'cors-headers' into 'master' fix: add CORS headers to PUT-responses as well See merge request unboundsoftware/nginx-s3-upload!4	2021-04-29 16:08:19 +00:00
argoyle	4815389992	fix: add CORS headers to PUT-responses as well	2021-04-29 17:53:30 +02:00
argoyle	3e1afa4ce8	Merge branch 'alb-ingress' into 'master' chore: change to ALB ingress See merge request unboundsoftware/nginx-s3-upload!3	2021-04-17 21:14:19 +00:00
argoyle	6b77b89238	chore: change to ALB ingress	2021-04-17 23:04:02 +02:00
argoyle	adfc842896	Merge branch 'buildtools-version' into 'master' chore: use buildtools version from env See merge request unboundsoftware/nginx-s3-upload!2	2021-04-06 11:55:52 +00:00
argoyle	071dc38cc0	chore: use buildtools version from env	2021-04-06 13:47:16 +02:00