From 8c50be4c90259d4c0b0380ee0ac5c17a0ae3f40d Mon Sep 17 00:00:00 2001
From: "k8s-on-aws-manager-app[bot]"
 <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com>
Date: Mon, 21 Oct 2024 10:53:18 +0000
Subject: [PATCH 1/3] skipper: Update to version v0.21.221

Update 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper to version v0.21.221
---
 cluster/node-pools/master-default/userdata.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cluster/node-pools/master-default/userdata.yaml b/cluster/node-pools/master-default/userdata.yaml
index 5782f9ff69..f4e45f5f41 100644
--- a/cluster/node-pools/master-default/userdata.yaml
+++ b/cluster/node-pools/master-default/userdata.yaml
@@ -247,7 +247,7 @@ write_files:
               name: admission-controller-kubeconfig
               readOnly: true
         - name: skipper-admission-webhook
-          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.220
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.221
           args:
             - webhook
             - --address=:9085
@@ -424,7 +424,7 @@ write_files:
             value: {{ .Cluster.ConfigItems.apiserver_business_partner_ids }}
 {{ end }}
         - name: skipper-proxy
-          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.220
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.221
           args:
           - skipper
           - -access-log-strip-query
@@ -475,7 +475,7 @@ write_files:
             name: ssl-certs-kubernetes
             readOnly: true
         - name: skipper-metrics
-          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.220
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.221
           args:
           - skipper
           - -access-log-strip-query

From fffcdaa07482170759da89b2cda6406a2b232f37 Mon Sep 17 00:00:00 2001
From: "k8s-on-aws-manager-app[bot]"
 <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com>
Date: Mon, 21 Oct 2024 11:06:48 +0000
Subject: [PATCH 2/3] skipper: Update to version v0.21.222

Update 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper to version v0.21.222
---
 cluster/node-pools/master-default/userdata.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cluster/node-pools/master-default/userdata.yaml b/cluster/node-pools/master-default/userdata.yaml
index f4e45f5f41..044dfb88d8 100644
--- a/cluster/node-pools/master-default/userdata.yaml
+++ b/cluster/node-pools/master-default/userdata.yaml
@@ -247,7 +247,7 @@ write_files:
               name: admission-controller-kubeconfig
               readOnly: true
         - name: skipper-admission-webhook
-          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.221
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.222
           args:
             - webhook
             - --address=:9085
@@ -424,7 +424,7 @@ write_files:
             value: {{ .Cluster.ConfigItems.apiserver_business_partner_ids }}
 {{ end }}
         - name: skipper-proxy
-          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.221
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.222
           args:
           - skipper
           - -access-log-strip-query
@@ -475,7 +475,7 @@ write_files:
             name: ssl-certs-kubernetes
             readOnly: true
         - name: skipper-metrics
-          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.221
+          image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.21.222
           args:
           - skipper
           - -access-log-strip-query

From 00d5fb31a717f32a2138cfc2d3ae9672a23a6050 Mon Sep 17 00:00:00 2001
From: Alexander Yastrebov <alexander.yastrebov@zalando.de>
Date: Mon, 21 Oct 2024 15:32:35 +0200
Subject: [PATCH 3/3] skipper: disable setRequestHeaderFromSecret filter

It is similar to disabled `bearerinjector`,
see https://github.com/zalando/skipper/blob/master/docs/reference/filters.md#setrequestheaderfromsecret

Signed-off-by: Alexander Yastrebov <alexander.yastrebov@zalando.de>
---
 cluster/config-defaults.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cluster/config-defaults.yaml b/cluster/config-defaults.yaml
index a5d728dd0b..d940dda514 100644
--- a/cluster/config-defaults.yaml
+++ b/cluster/config-defaults.yaml
@@ -121,7 +121,7 @@ skipper_default_filters: 'disableAccessLog(2,3,404,429) -> fifo(2000,20,"1s")'
 # skipper_default_filters_authentication defines filters that implement default request authentication
 skipper_default_filters_authentication: ''
 skipper_default_filters_append: 'stateBagToTag("auth-user", "client.uid")'
-skipper_disabled_filters: "static,bearerinjector"
+skipper_disabled_filters: "static,bearerinjector,setRequestHeaderFromSecret"
 skipper_lua_sources: "file"
 skipper_edit_route_placeholders: ""
 skipper_ingress_inline_routes: ""