auth-tls-error-page does not allow named locations from server snippet

[rittneje]

We are trying to upgrade from v1.11.5. However, we are blocked because ingress-nginx now blocks our nginx.ingress.kubernetes.io/auth-tls-error-page annotations.

We have defined some custom nginx locations in a server snippet annotation like so:

  server-snippet: |
    location @401 {
      internal;
      return 401;
    }

Then we set nginx.ingress.kubernetes.io/auth-tls-error-page: "@401" annotation in the Ingress.

In v1.11.5, this works. In the latest release, this is rejected.

E0808 05:40:43.123532 7 annotations.go:193] "ingress contains invalid annotation value" err="annotation nginx.ingress.kubernetes.io/auth-tls-error-page contains invalid value"

Please fix the regex to allow named locations.

ingress-nginx/internal/ingress/annotations/authtls/main.go

Line 45 in 0f18595

redirectRegex = regexp.MustCompile(`^((https?://)?[A-Za-z0-9\-.]+(:\d+)?)?(/[A-Za-z0-9\-_.]+)*/?$`)

[k8s-ci-robot]

This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.