From 619f07c40d5fc7e414b00b37630c798cb24b4be1 Mon Sep 17 00:00:00 2001 From: Caleb Doxsey Date: Fri, 12 Jan 2024 12:25:43 -0700 Subject: [PATCH] ingress-controller/settings: remove cookie secure option (#872) * ingress-controller/settings: remove cookie secure option * fix newlines --- apis/ingress/v1/pomerium_types.go | 4 ---- apis/ingress/v1/zz_generated.deepcopy.go | 5 ----- .../bases/ingress.pomerium.io_pomerium.yaml | 4 ---- deployment.yaml | 4 ---- pomerium/config.go | 1 - reference.md | 18 +----------------- 6 files changed, 1 insertion(+), 35 deletions(-) diff --git a/apis/ingress/v1/pomerium_types.go b/apis/ingress/v1/pomerium_types.go index 3f90950c..7b9d4538 100644 --- a/apis/ingress/v1/pomerium_types.go +++ b/apis/ingress/v1/pomerium_types.go @@ -163,10 +163,6 @@ type Cookie struct { // If you specify the domain explicitly, then subdomains would also be included. // +optional Domain *string `json:"domain,omitempty"` - // Secure if set to false, would make a cookie accessible over insecure protocols (HTTP). - // Defaults to true. - // +optional - Secure *bool `json:"secure,omitempty"` // HTTPOnly if set to false, the cookie would be accessible from within the JavaScript. // Defaults to true. // +optional diff --git a/apis/ingress/v1/zz_generated.deepcopy.go b/apis/ingress/v1/zz_generated.deepcopy.go index 80f8b001..8d9ab458 100644 --- a/apis/ingress/v1/zz_generated.deepcopy.go +++ b/apis/ingress/v1/zz_generated.deepcopy.go @@ -43,11 +43,6 @@ func (in *Cookie) DeepCopyInto(out *Cookie) { *out = new(string) **out = **in } - if in.Secure != nil { - in, out := &in.Secure, &out.Secure - *out = new(bool) - **out = **in - } if in.HTTPOnly != nil { in, out := &in.HTTPOnly, &out.HTTPOnly *out = new(bool) diff --git a/config/crd/bases/ingress.pomerium.io_pomerium.yaml b/config/crd/bases/ingress.pomerium.io_pomerium.yaml index c76eba9d..36848055 100644 --- a/config/crd/bases/ingress.pomerium.io_pomerium.yaml +++ b/config/crd/bases/ingress.pomerium.io_pomerium.yaml @@ -122,10 +122,6 @@ spec: - lax - none type: string - secure: - description: Secure if set to false, would make a cookie accessible - over insecure protocols (HTTP). Defaults to true. - type: boolean type: object identityProvider: description: IdentityProvider configure single-sign-on authentication diff --git a/deployment.yaml b/deployment.yaml index 9b58df60..e5e3c8c2 100644 --- a/deployment.yaml +++ b/deployment.yaml @@ -130,10 +130,6 @@ spec: - lax - none type: string - secure: - description: Secure if set to false, would make a cookie accessible - over insecure protocols (HTTP). Defaults to true. - type: boolean type: object identityProvider: description: IdentityProvider configure single-sign-on authentication diff --git a/pomerium/config.go b/pomerium/config.go index c719b2f6..9e13f9ee 100644 --- a/pomerium/config.go +++ b/pomerium/config.go @@ -128,7 +128,6 @@ func applyCookie(_ context.Context, p *pb.Config, c *model.Config) error { p.Settings.CookieDomain = c.Spec.Cookie.Domain p.Settings.CookieName = c.Spec.Cookie.Name p.Settings.CookieHttpOnly = c.Spec.Cookie.HTTPOnly - p.Settings.CookieSecure = c.Spec.Cookie.Secure if c.Spec.Cookie.Expire != nil { p.Settings.CookieExpire = durationpb.New(c.Spec.Cookie.Expire.Duration) } diff --git a/reference.md b/reference.md index c86e1b38..6a6cd29b 100644 --- a/reference.md +++ b/reference.md @@ -167,7 +167,7 @@ PomeriumSpec defines Pomerium-specific configuration parameters.

- PassIdentityHeaders sets the pass identity headers option. + PassIdentityHeaders sets the pass identity headers option.

@@ -423,22 +423,6 @@ Cookie defines Pomerium session cookie options. - - -

- secure   - - boolean  - -

-

- - Secure if set to false, would make a cookie accessible over insecure protocols (HTTP). Defaults to true. -

- - - -