Fix ingress annotations related to modSecurity
Found while working on this issue.
Context
It seems that there is a conflict with ingress.modSecurity which is used by ingress template.
There is no explicit error but while debugging the issue I noticed that any key under ingress.modSecurity
has no value.
Steps to reproduce*
- Setup a project with autodevops.
- Bundle auto-deploy-app chart as described here.
- Enable modSecurity by changing this value to true.
- After running the pipeline you will have the following results:
kubectl get ingress -n $(kubectl get ingress --all-namespaces --no-headers=true -o custom-columns=:metadata.namespace,:metadata.name) -o custom-columns=ANNOTATIONS:metadata.annotations
ANNOTATIONS
map[kubernetes.io/ingress.class:nginx kubernetes.io/tls-acme:true]
Where the expected output would be:
kubectl get ingress -n $(kubectl get ingress --all-namespaces --no-headers=true -o custom-columns=:metadata.namespace,:metadata.name) -o custom-columns=ANNOTATIONS:metadata.annotations
ANNOTATIONS
map[kubernetes.io/ingress.class:nginx kubernetes.io/tls-acme:true nginx.ingress.kubernetes.io/modsecurity-snippet:SecRuleEngine DetectionOnly]
*Similar result can be achieved by using the default chart while changing values through .gitlab/auto-deploy-values.yaml.
Although it would be interesting to understand the underlying issue, renaming the key modSecurity
to modSec
solves the issue.