chore: update version to 2.8.2202 (#46)

zaunist · nic-chen · web-flow · commit 62b7ca101062 · 2022-02-28T10:57:42.000+08:00
* docs: update version to 2.8.2202
Co-authored-by: JunXu Chen &lt;chenjunxu6@gmail.com&gt;
diff --git a/chart/api7-dashboard/README.md b/chart/api7-dashboard/README.md
@@ -28,10 +28,10 @@ Images for api7-dashboard is private and never should be uploaded to public imag
 
 ```sh
 helm install api7-dashboard . -n api7 \
-  --set image.registry=apisixacr.azurecr.cn \
+  --set image.registry=localhost:5000 \
   --set image.repository=api7-dashboard \
   --set service.type=NodePort \
-  --set image.tag=2.7.2112
+  --set image.tag=2.8.2202
 ```
 
 When you execute the above command, change the registry, repository and tag according to your situation.
diff --git a/chart/api7-dashboard/templates/configmap.yaml b/chart/api7-dashboard/templates/configmap.yaml
@@ -127,6 +127,14 @@ data:
             {{ .Values.config.log.access_log.file_path }}  # supports relative path, absolute path, standard output
                             # such as: logs/access.log, /tmp/logs/access.log, /dev/stdout, /dev/stderr
                             # log example: 2020-12-09T16:38:09.039+0800 INFO filter/logging.go:46 /apisix/admin/routes/r1 {"status": 401, "host": "127.0.0.1:9000", "query": "asdfsafd=adf&a=a", "requestId": "3d50ecb8-758c-46d1-af5b-cd9d1c820156", "latency": 0, "remoteIP": "127.0.0.1", "method": "PUT", "errs": []}
+      security:
+        access_control_allow_origin: {{ .Values.config.security.access_control_allow_origin }}
+        access_control_allow_credentials: {{ .Values.config.security.access_control_allow_credentials }}
+        access_control_allow_headers: {{ .Values.config.security.access_control_allow_headers }}
+        access_control-allow_methods: {{ .Values.config.security.access_control-allow_methods }}
+        x_frame_options: {{ .Values.config.security.x_frame_options }}
+        content_security_policy: {{ .Values.config.security.content_security_policy }}
+
     authentication:
       secret:
         {{ .Values.config.authentication.secret }}  # secret for jwt token generation.
diff --git a/chart/api7-dashboard/values.yaml b/chart/api7-dashboard/values.yaml
@@ -151,4 +151,10 @@ config:
       file_path: "/dev/stderr"
     access_log:
       file_path: "/dev/stdout"
-
+  security:
+    access_control_allow_origin: ""  # cors setting, need update it before deploy on k8s
+    access_control_allow_credentials: false
+    access_control_allow_headers: ""
+    access_control-allow_methods: "*"
+    x_frame_options: "deny"
+    content_security_policy: "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'"
