Update Nginx Ingress to use ImplementationSpecific pathType to avoid admission controller issues#2215
Merged
ddelnano merged 1 commit intopixie-io:mainfrom Jun 9, 2025
Conversation
…admission controller blocking regex paths Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
vihangm
approved these changes
Jun 9, 2025
ddelnano
added a commit
to k8sstormcenter/pixie
that referenced
this pull request
Feb 25, 2026
…d admission controller issues (pixie-io#2215) Summary: Update Nginx Ingress to use `ImplementationSpecific` pathType to avoid admission controller issues Nginx Ingress [v1.8.0](https://github.com/kubernetes/ingress-nginx/blob/311a2082c5622c7bdaff24273110e6f2a0f3b5da/changelog/controller-1.8.0.md?plain=1#L16) introduced a `strict-validate-path-type` setting that defaults to true. This causes the existing pathType used by Pixie's manifest to be blocked by the Nginx Ingress admission controller. Updating this value to `ImplementationSpecific` side steps this validation, so it can be created successfully. > For improving security, our 1.8.0 release includes a [new, optional validation ](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#strict-validate-path-type)that limits the characters accepted on ".spec paths.path" when pathType=Exact or pathType=Prefix, to alphanumeric characters only. Relevant Issues: pixie-io#2214 Type of change: /kind bugfix Test Plan: Deployed to a cluster using Nginx Ingress Changelog Message: Fixed an issue where Nginx Ingress resource creation would be blocked by admission controller (on Nginx Ingress v1.8.0 and later) Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
ddelnano
added a commit
to k8sstormcenter/pixie
that referenced
this pull request
Feb 25, 2026
…d admission controller issues (pixie-io#2215) Summary: Update Nginx Ingress to use `ImplementationSpecific` pathType to avoid admission controller issues Nginx Ingress [v1.8.0](https://github.com/kubernetes/ingress-nginx/blob/311a2082c5622c7bdaff24273110e6f2a0f3b5da/changelog/controller-1.8.0.md?plain=1#L16) introduced a `strict-validate-path-type` setting that defaults to true. This causes the existing pathType used by Pixie's manifest to be blocked by the Nginx Ingress admission controller. Updating this value to `ImplementationSpecific` side steps this validation, so it can be created successfully. > For improving security, our 1.8.0 release includes a [new, optional validation ](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#strict-validate-path-type)that limits the characters accepted on ".spec paths.path" when pathType=Exact or pathType=Prefix, to alphanumeric characters only. Relevant Issues: pixie-io#2214 Type of change: /kind bugfix Test Plan: Deployed to a cluster using Nginx Ingress Changelog Message: Fixed an issue where Nginx Ingress resource creation would be blocked by admission controller (on Nginx Ingress v1.8.0 and later) Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary: Update Nginx Ingress to use
ImplementationSpecificpathType to avoid admission controller issuesNginx Ingress v1.8.0 introduced a
strict-validate-path-typesetting that defaults to true. This causes the existing pathType used by Pixie's manifest to be blocked by the Nginx Ingress admission controller. Updating this value toImplementationSpecificside steps this validation, so it can be created successfully.Relevant Issues: #2214
Type of change: /kind bugfix
Test Plan: Deployed to a cluster using Nginx Ingress
Changelog Message: Fixed an issue where Nginx Ingress resource creation would be blocked by admission controller (on Nginx Ingress v1.8.0 and later)