ci: use Docker DinD version from variable

Merge branch 'headers' into 'master'
fix: hide proxy headers for CORS See merge request unboundsoftware/nginx-s3-upload!6
2023-02-09 21:48:11 +01:00 · 2021-10-26 09:08:27 +00:00 · 2021-10-26 11:04:30 +02:00 · 2021-09-29 18:22:13 +00:00 · 2021-09-29 20:16:33 +02:00
3 changed files with 22 additions and 11 deletions
@@ -10,7 +10,7 @@ image: buildtool/build-tools:${BUILDTOOLS_VERSION}
 build:
  stage: build
  services:
-    - docker:dind
+    - docker:${DOCKER_DIND_VERSION}
  script:
  - build
  - push
@@ -76,27 +76,26 @@ spec:

 ---

-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: nginx-s3-upload
  annotations:
    kubernetes.io/ingress.class: "alb"
    alb.ingress.kubernetes.io/group.name: "unbound"
-    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80},{"HTTPS": 443}]'
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: instance
-    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80},{"HTTPS": 443}]'
+    alb.ingress.kubernetes.io/ssl-redirect: "443"
 spec:
  rules:
  - host: 'upload.unbound.se'
    http:
      paths:
-      - path: /*
+      - path: /
+        pathType: Prefix
        backend:
-          serviceName: ssl-redirect
-          servicePort: use-annotation
-      - backend:
-          serviceName: nginx-s3-upload
-          servicePort: 80
-        path: /*
+          service:
+            name: nginx-s3-upload
+            port:
+              number: 80
@@ -86,6 +86,12 @@ http {
      proxy_set_header Authorization $authorization;
      proxy_hide_header x-amz-id-2;
      proxy_hide_header x-amz-request-id;
+      proxy_hide_header 'Access-Control-Expose-Headers';
+      proxy_hide_header 'Access-Control-Allow-Origin';
+      proxy_hide_header 'Access-Control-Allow-Credentials';
+      proxy_hide_header 'Access-Control-Allow-Methods';
+      proxy_hide_header 'Access-Control-Allow-Headers';
+      proxy_hide_header 'Access-Control-Max-Age';
      add_header X-File-URL $returnurl;

      resolver 8.8.8.8 valid=300s;
@@ -153,6 +159,12 @@ http {
      proxy_set_header Authorization $authorization;
      proxy_hide_header x-amz-id-2;
      proxy_hide_header x-amz-request-id;
+      proxy_hide_header 'Access-Control-Expose-Headers';
+      proxy_hide_header 'Access-Control-Allow-Origin';
+      proxy_hide_header 'Access-Control-Allow-Credentials';
+      proxy_hide_header 'Access-Control-Allow-Methods';
+      proxy_hide_header 'Access-Control-Allow-Headers';
+      proxy_hide_header 'Access-Control-Max-Age';
      add_header X-File-URL $returnurl;

      resolver 8.8.8.8 valid=300s;
Author	SHA1	Message	Date
argoyle	0d8bfa5aa4	ci: use Docker DinD version from variable	2023-02-09 21:48:11 +01:00
argoyle	ef6bb3fdef	Merge branch 'headers' into 'master' fix: hide proxy headers for CORS See merge request unboundsoftware/nginx-s3-upload!6	2021-10-26 09:08:27 +00:00
argoyle	056b83e32c	fix: hide proxy headers for CORS	2021-10-26 11:04:30 +02:00
argoyle	7bac0dae66	Merge branch 'ingress' into 'master' chore: prepare ingresses for K8S 1.22 See merge request unboundsoftware/nginx-s3-upload!5	2021-09-29 18:22:13 +00:00
argoyle	f611c695b7	chore: prepare ingresses for K8S 1.22	2021-09-29 20:16:33 +02:00