fix: don't allow routers higher than internal ones

2024-02-15 16:40:05 +01:00 · 2024-02-15 16:40:05 +01:00 · 1e7dbc70a0
parent 6a2db4e4e9
commit 1e7dbc70a0
19 changed files with 45 additions and 45 deletions
--- a/docs/content/reference/static-configuration/cli-ref.md
+++ b/docs/content/reference/static-configuration/cli-ref.md
@ -127,7 +127,7 @@ Default middlewares for the routers linked to the entry point.
 Applies a permanent redirection. (Default: ```true```)

 `--entrypoints.<name>.http.redirections.entrypoint.priority`:  
-Priority of the generated router. (Default: ```2147483646```)
+Priority of the generated router. (Default: ```9223372036854775806```)

 `--entrypoints.<name>.http.redirections.entrypoint.scheme`:  
 Scheme used for the redirection. (Default: ```https```)
--- a/docs/content/reference/static-configuration/env-ref.md
+++ b/docs/content/reference/static-configuration/env-ref.md
@ -136,7 +136,7 @@ Default middlewares for the routers linked to the entry point.
 Applies a permanent redirection. (Default: ```true```)

 `TRAEFIK_ENTRYPOINTS_<NAME>_HTTP_REDIRECTIONS_ENTRYPOINT_PRIORITY`:  
-Priority of the generated router. (Default: ```2147483646```)
+Priority of the generated router. (Default: ```9223372036854775806```)

 `TRAEFIK_ENTRYPOINTS_<NAME>_HTTP_REDIRECTIONS_ENTRYPOINT_SCHEME`:  
 Scheme used for the redirection. (Default: ```https```)
--- a/docs/content/routing/entrypoints.md
+++ b/docs/content/routing/entrypoints.md
@ -865,7 +865,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming

 ??? info "`entryPoint.priority`"

-    _Optional, Default=MaxInt32-1 (2147483646)_
+    _Optional, Default=MaxInt-1_

    Priority of the generated router.

--- a/integration/testdata/rawdata-consul.json
+++ b/integration/testdata/rawdata-consul.json
@ -53,7 +53,7 @@
      ],
      "service": "api@internal",
      "rule": "PathPrefix(`/api`)",
-      "priority": 2147483646,
+      "priority": 9223372036854775806,
      "status": "enabled",
      "using": [
        "traefik"
@ -69,7 +69,7 @@
      ],
      "service": "dashboard@internal",
      "rule": "PathPrefix(`/`)",
-      "priority": 2147483645,
+      "priority": 9223372036854775805,
      "status": "enabled",
      "using": [
        "traefik"
--- a/integration/testdata/rawdata-etcd.json
+++ b/integration/testdata/rawdata-etcd.json
@ -53,7 +53,7 @@
      ],
      "service": "api@internal",
      "rule": "PathPrefix(`/api`)",
-      "priority": 2147483646,
+      "priority": 9223372036854775806,
      "status": "enabled",
      "using": [
        "traefik"
@ -69,7 +69,7 @@
      ],
      "service": "dashboard@internal",
      "rule": "PathPrefix(`/`)",
-      "priority": 2147483645,
+      "priority": 9223372036854775805,
      "status": "enabled",
      "using": [
        "traefik"
--- a/integration/testdata/rawdata-gateway.json
+++ b/integration/testdata/rawdata-gateway.json
@ -6,7 +6,7 @@
 			],
 			"service": "api@internal",
 			"rule": "PathPrefix(`/api`)",
-			"priority": 2147483646,
+			"priority": 9223372036854775806,
 			"status": "enabled",
 			"using": [
 				"traefik"
@ -22,7 +22,7 @@
 			],
 			"service": "dashboard@internal",
 			"rule": "PathPrefix(`/`)",
-			"priority": 2147483645,
+			"priority": 9223372036854775805,
 			"status": "enabled",
 			"using": [
 				"traefik"
--- a/integration/testdata/rawdata-ingress-label-selector.json
+++ b/integration/testdata/rawdata-ingress-label-selector.json
@ -6,7 +6,7 @@
 			],
 			"service": "api@internal",
 			"rule": "PathPrefix(`/api`)",
-			"priority": 2147483646,
+			"priority": 9223372036854775806,
 			"status": "enabled",
 			"using": [
 				"traefik"
@ -22,7 +22,7 @@
 			],
 			"service": "dashboard@internal",
 			"rule": "PathPrefix(`/`)",
-			"priority": 2147483645,
+			"priority": 9223372036854775805,
 			"status": "enabled",
 			"using": [
 				"traefik"
--- a/integration/testdata/rawdata-ingress.json
+++ b/integration/testdata/rawdata-ingress.json
@ -6,7 +6,7 @@
 			],
 			"service": "api@internal",
 			"rule": "PathPrefix(`/api`)",
-			"priority": 2147483646,
+			"priority": 9223372036854775806,
 			"status": "enabled",
 			"using": [
 				"traefik"
@ -22,7 +22,7 @@
 			],
 			"service": "dashboard@internal",
 			"rule": "PathPrefix(`/`)",
-			"priority": 2147483645,
+			"priority": 9223372036854775805,
 			"status": "enabled",
 			"using": [
 				"traefik"
--- a/integration/testdata/rawdata-ingressclass.json
+++ b/integration/testdata/rawdata-ingressclass.json
@ -6,7 +6,7 @@
 			],
 			"service": "api@internal",
 			"rule": "PathPrefix(`/api`)",
-			"priority": 2147483646,
+			"priority": 9223372036854775806,
 			"status": "enabled",
 			"using": [
 				"traefik"
@ -22,7 +22,7 @@
 			],
 			"service": "dashboard@internal",
 			"rule": "PathPrefix(`/`)",
-			"priority": 2147483645,
+			"priority": 9223372036854775805,
 			"status": "enabled",
 			"using": [
 				"traefik"
--- a/integration/testdata/rawdata-redis.json
+++ b/integration/testdata/rawdata-redis.json
@ -53,7 +53,7 @@
      ],
      "service": "api@internal",
      "rule": "PathPrefix(`/api`)",
-      "priority": 2147483646,
+      "priority": 9223372036854775806,
      "status": "enabled",
      "using": [
        "traefik"
@ -69,7 +69,7 @@
      ],
      "service": "dashboard@internal",
      "rule": "PathPrefix(`/`)",
-      "priority": 2147483645,
+      "priority": 9223372036854775805,
      "status": "enabled",
      "using": [
        "traefik"
--- a/integration/testdata/rawdata-zk.json
+++ b/integration/testdata/rawdata-zk.json
@ -53,7 +53,7 @@
      ],
      "service": "api@internal",
      "rule": "PathPrefix(`/api`)",
-      "priority": 2147483646,
+      "priority": 9223372036854775806,
      "status": "enabled",
      "using": [
        "traefik"
@ -69,7 +69,7 @@
      ],
      "service": "dashboard@internal",
      "rule": "PathPrefix(`/`)",
-      "priority": 2147483645,
+      "priority": 9223372036854775805,
      "status": "enabled",
      "using": [
        "traefik"
--- a/pkg/config/static/entrypoints.go
+++ b/pkg/config/static/entrypoints.go
@ -95,7 +95,7 @@ type RedirectEntryPoint struct {
 func (r *RedirectEntryPoint) SetDefaults() {
 	r.Scheme = "https"
 	r.Permanent = true
-	r.Priority = math.MaxInt32 - 1
+	r.Priority = math.MaxInt - 1
 }

 // TLSConfig is the default TLS configuration for all the routers associated to the concerned entry point.
--- a/pkg/provider/traefik/fixtures/api_insecure_with_dashboard.json
+++ b/pkg/provider/traefik/fixtures/api_insecure_with_dashboard.json
@ -7,7 +7,7 @@
        ],
        "service": "api@internal",
        "rule": "PathPrefix(`/api`)",
-        "priority": 2147483646
+        "priority": 9223372036854775806
      },
      "dashboard": {
        "entryPoints": [
@ -19,7 +19,7 @@
        ],
        "service": "dashboard@internal",
        "rule": "PathPrefix(`/`)",
-        "priority": 2147483645
+        "priority": 9223372036854775805
      }
    },
    "middlewares": {
@ -47,4 +47,4 @@
  },
  "tcp": {},
  "tls": {}
-}
+}
--- a/pkg/provider/traefik/fixtures/api_insecure_without_dashboard.json
+++ b/pkg/provider/traefik/fixtures/api_insecure_without_dashboard.json
@ -7,7 +7,7 @@
        ],
        "service": "api@internal",
        "rule": "PathPrefix(`/api`)",
-        "priority": 2147483646
+        "priority": 9223372036854775806
      }
    },
    "services": {
@ -17,4 +17,4 @@
  },
  "tcp": {},
  "tls": {}
-}
+}
--- a/pkg/provider/traefik/fixtures/full_configuration.json
+++ b/pkg/provider/traefik/fixtures/full_configuration.json
@ -7,7 +7,7 @@
        ],
        "service": "api@internal",
        "rule": "PathPrefix(`/api`)",
-        "priority": 2147483646
+        "priority": 9223372036854775806
      },
      "dashboard": {
        "entryPoints": [
@ -19,7 +19,7 @@
        ],
        "service": "dashboard@internal",
        "rule": "PathPrefix(`/`)",
-        "priority": 2147483645
+        "priority": 9223372036854775805
      },
      "debug": {
        "entryPoints": [
@ -27,7 +27,7 @@
        ],
        "service": "api@internal",
        "rule": "PathPrefix(`/debug`)",
-        "priority": 2147483646
+        "priority": 9223372036854775806
      },
      "ping": {
        "entryPoints": [
@ -35,7 +35,7 @@
        ],
        "service": "ping@internal",
        "rule": "PathPrefix(`/ping`)",
-        "priority": 2147483647
+        "priority": 9223372036854775807
      },
      "prometheus": {
        "entryPoints": [
@ -43,7 +43,7 @@
        ],
        "service": "prometheus@internal",
        "rule": "PathPrefix(`/metrics`)",
-        "priority": 2147483647
+        "priority": 9223372036854775807
      },
      "rest": {
        "entryPoints": [
@ -51,7 +51,7 @@
        ],
        "service": "rest@internal",
        "rule": "PathPrefix(`/api/providers`)",
-        "priority": 2147483647
+        "priority": 9223372036854775807
      }
    },
    "middlewares": {
@ -82,4 +82,4 @@
  },
  "tcp": {},
  "tls": {}
-}
+}
--- a/pkg/provider/traefik/fixtures/ping_simple.json
+++ b/pkg/provider/traefik/fixtures/ping_simple.json
@ -7,7 +7,7 @@
        ],
        "service": "ping@internal",
        "rule": "PathPrefix(`/ping`)",
-        "priority": 2147483647
+        "priority": 9223372036854775807
      }
    },
    "services": {
@ -17,4 +17,4 @@
  },
  "tcp": {},
  "tls": {}
-}
+}
--- a/pkg/provider/traefik/fixtures/prometheus_simple.json
+++ b/pkg/provider/traefik/fixtures/prometheus_simple.json
@ -7,7 +7,7 @@
        ],
        "service": "prometheus@internal",
        "rule": "PathPrefix(`/metrics`)",
-        "priority": 2147483647
+        "priority": 9223372036854775807
      }
    },
    "services": {
@ -17,4 +17,4 @@
  },
  "tcp": {},
  "tls": {}
-}
+}
--- a/pkg/provider/traefik/fixtures/rest_insecure.json
+++ b/pkg/provider/traefik/fixtures/rest_insecure.json
@ -7,7 +7,7 @@
        ],
        "service": "rest@internal",
        "rule": "PathPrefix(`/api/providers`)",
-        "priority": 2147483647
+        "priority": 9223372036854775807
      }
    },
    "services": {
@ -17,4 +17,4 @@
  },
  "tcp": {},
  "tls": {}
-}
+}
--- a/pkg/provider/traefik/internal.go
+++ b/pkg/provider/traefik/internal.go
@ -104,7 +104,7 @@ func (i *Provider) acme(cfg *dynamic.Configuration) {
 			Rule:        "PathPrefix(`/.well-known/acme-challenge/`)",
 			EntryPoints: eps,
 			Service:     "acme-http@internal",
-			Priority:    math.MaxInt32,
+			Priority:    math.MaxInt,
 		}

 		cfg.HTTP.Routers["acme-http"] = rt
@ -218,7 +218,7 @@ func (i *Provider) apiConfiguration(cfg *dynamic.Configuration) {
 		cfg.HTTP.Routers["api"] = &dynamic.Router{
 			EntryPoints: []string{defaultInternalEntryPointName},
 			Service:     "api@internal",
-			Priority:    math.MaxInt32 - 1,
+			Priority:    math.MaxInt - 1,
 			Rule:        "PathPrefix(`/api`)",
 		}

@ -226,7 +226,7 @@ func (i *Provider) apiConfiguration(cfg *dynamic.Configuration) {
 			cfg.HTTP.Routers["dashboard"] = &dynamic.Router{
 				EntryPoints: []string{defaultInternalEntryPointName},
 				Service:     "dashboard@internal",
-				Priority:    math.MaxInt32 - 2,
+				Priority:    math.MaxInt - 2,
 				Rule:        "PathPrefix(`/`)",
 				Middlewares: []string{"dashboard_redirect@internal", "dashboard_stripprefix@internal"},
 			}
@ -247,7 +247,7 @@ func (i *Provider) apiConfiguration(cfg *dynamic.Configuration) {
 			cfg.HTTP.Routers["debug"] = &dynamic.Router{
 				EntryPoints: []string{defaultInternalEntryPointName},
 				Service:     "api@internal",
-				Priority:    math.MaxInt32 - 1,
+				Priority:    math.MaxInt - 1,
 				Rule:        "PathPrefix(`/debug`)",
 			}
 		}
@ -269,7 +269,7 @@ func (i *Provider) pingConfiguration(cfg *dynamic.Configuration) {
 		cfg.HTTP.Routers["ping"] = &dynamic.Router{
 			EntryPoints: []string{i.staticCfg.Ping.EntryPoint},
 			Service:     "ping@internal",
-			Priority:    math.MaxInt32,
+			Priority:    math.MaxInt,
 			Rule:        "PathPrefix(`/ping`)",
 		}
 	}
@ -286,7 +286,7 @@ func (i *Provider) restConfiguration(cfg *dynamic.Configuration) {
 		cfg.HTTP.Routers["rest"] = &dynamic.Router{
 			EntryPoints: []string{defaultInternalEntryPointName},
 			Service:     "rest@internal",
-			Priority:    math.MaxInt32,
+			Priority:    math.MaxInt,
 			Rule:        "PathPrefix(`/api/providers`)",
 		}
 	}
@ -303,7 +303,7 @@ func (i *Provider) prometheusConfiguration(cfg *dynamic.Configuration) {
 		cfg.HTTP.Routers["prometheus"] = &dynamic.Router{
 			EntryPoints: []string{i.staticCfg.Metrics.Prometheus.EntryPoint},
 			Service:     "prometheus@internal",
-			Priority:    math.MaxInt32,
+			Priority:    math.MaxInt,
 			Rule:        "PathPrefix(`/metrics`)",
 		}
 	}