Add support for enabling the Gitlab WAF in ingress-nginx (!114) · Merge requests · GitLab.org / cluster-integration / Cluster applications

Graeme Gillies requested to merge ggillies/ingress-nginx-support-waf into master Jul 16, 2020

What does this MR do?

Add support for enabling the Gitlab WAF in ingress-nginx

Currently installing the Gitlab WAF is only able to be done via Gitlab Managed Apps v1, in the Gitlab UI.

This commit allows you to enable the Gitlab WAF in Gitlab Managed Apps v2. In order to enable the WAF, you need to add the following to your .gitlab/managed-apps/config.yaml file in your cluster management project.

ingress:
  installed: true
  gitlab_waf:
    installed: true

By default the WAF is set to DetectionOnly, however, if you wish to set it to blocking, you can add the following to your .gitlab/managed-apps/config.yaml

ingress:
  gitlab_waf:
    modsecurity_mode_blocking: true

Screenshots

Manual QA

Test this change using a Cluster management project

Edited Jul 16, 2020 by Sam White

Add support for enabling the Gitlab WAF in ingress-nginx

What does this MR do?

Screenshots

Manual QA

Merge request reports