diff --git a/main.tf b/main.tf index 553fd5c..70a543f 100644 --- a/main.tf +++ b/main.tf @@ -47,7 +47,7 @@ resource "helm_release" "nginx_ingress" { namespace = "ingress-controllers" repository = "https://kubernetes.github.io/ingress-nginx" timeout = 600 - version = "4.7.3" + version = "4.10.4" values = [templatefile("${path.module}/templates/values.yaml.tpl", { metrics_namespace = "ingress-controllers" diff --git a/templates/values.yaml.tpl b/templates/values.yaml.tpl index 3deba35..ec0ccc1 100644 --- a/templates/values.yaml.tpl +++ b/templates/values.yaml.tpl @@ -1,5 +1,7 @@ nameOverride: ${name_override} controller: +## enableAnnotationValidations defaults to false in 4.10.4, however bringing into template for future ref + enableAnnotationValidations: false image: chroot: false terminationGracePeriod: 600 @@ -12,6 +14,12 @@ controller: exec: command: ["/bin/sh", "-c", "sleep 30; /usr/local/openresty/nginx/sbin/nginx -c /etc/nginx/nginx.conf -s quit; while pgrep -x nginx; do sleep 1; done"] + # -- This configuration defines if Ingress Controller should allow users to set + # their own *-snippet annotations, otherwise this is forbidden / dropped + # when users add those annotations. + # Global snippets in ConfigMap are still respected + allowSnippetAnnotations: true + %{ if enable_modsec ~} extraVolumes: ## Additional volumes to the controller pod.