Releases: nginx/kubernetes-ingress
Releases · nginx/kubernetes-ingress
v3.4.1
What's Changed
🚀 Features
📦 Helm Chart
- Release 3.4.1 by @nginx-bot in #4920
🧪 Tests
📝 Documentation
- minor docs updates by @pdabelf5 in #4821
- Update operator install document by @vepatel in #4830
- Cherry-pick NGINX App Protect WAF & VirtualServer documentation changes by @ADubhlaoich in #4844
- Update docs to include CRD upgrade by @vepatel in #4852
Full Changelog: v3.4.0...v3.4.1
Upgrade
- For NGINX, use the v3.4.1 images from our DockerHub, GitHub Container, Amazon ECR Public Gallery or Quay.io.
- For NGINX Plus, use the v3.4.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the v3.4.1 source code.
- For Helm, use version 1.1.1 of the chart.
Resources
- Documentation -- https://docs.nginx.com/nginx-ingress-controller/
- Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.4.1/examples
- Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.4.1/charts/nginx-ingress
- Operator -- https://github.com/nginxinc/nginx-ingress-helm-operator
Contributors
ADubhlaoich, vepatel, and 2 other contributors
Assets 15
v3.4.0
What's Changed
🚀 Features
- Allow
default_serverlisteners to be customised by @shaun-nx in #4464 - Update use of http2 listen directive to align with deprecation by @shaun-nx in #4526
- Use Lease for leader election by @lucacome in #4276
- Remove deprecated preview policy flag by @shaun-nx in #4595
- Generate mainfests automatically from Helm by @lucacome in #4278
- Graduate TransportServer and GlobalConfiguration to v1 by @shaun-nx in #4574
- Delete the DNSEndpoint resource when VS is deleted & Ratelimit requeues on errors. by @ciarams87 in #4504
- Support weights 0 and 100 in traffic splitting by @haywoodsh in #4655
- Add support for backup directive for VS and TS by @jjngx in #4653
🐛 Bug Fixes
- prevent pip to look for dependency during install by @vepatel in #4342
- update dockerfile for debian N+ by @vepatel in #4575
- Don't throw annotation deprication warning when
ingressClassNameis not used in an Ingress resource by @shaun-nx in #4564 - Update vs backup service tests with retries (#4797) by @jjngx in #4799
- fix retries in tests (#4801) by @jjngx in #4806
📦 Helm Chart
- Refactor Helm Chart location by @lucacome in #4306
- Update helm readme and docs by @vepatel in #4474
- Add HPA Custom Behavior by @saedx1 in #4391
- Update docs for 3.3.1 by @lucacome in #4524
- Add single CRDs files by @lucacome in #4428
- Release 3.3.2 (#4596) by @lucacome in #4600
- Revert "Generate mainfests automatically from Helm (#4278)" by @lucacome in #4618
- Add process namespace sharing for ingress controller by @panzouh in #4559
- Add initContainerResources Helm configuration by @oseoin in #4651
- fix: update release action to use script by @pdabelf5 in #4677
- Allows multiple imagePullSecrets in the helm chart. by @AlessioCasco in #4656
- Helm and function signature refactors by @oseoin in #4758
- update helm k8s schema validation to 1.28.0 by @pdabelf5 in #4763
- Dynamic reload of SSL certificates for NGINX Plus by @oseoin in #4764
- Lazy loading OSS by @oseoin in #4788
- Re-align configurations in helm docs by @shaun-nx in #4790
- Release 3.4.0 by @nginx-bot in #4794
🧪 Tests
- Fix intermittent failing test helper by @jjngx in #4432
- Use httptest server for running healthcheck tests by @jjngx in #4461
- Update python version and test by @vepatel in #4500
- update example certs for grpc tests by @vepatel in #4586
- Update Makefile references to tests/Dockerfile by @oseoin in #4631
- update kind make targets for local & CI use by @pdabelf5 in #4704
- kind test make target to use cluster name by @pdabelf5 in #4706
- fix tls-passthrough-custom-port test cleanup by @pdabelf5 in #4717
- update prometheus exporter to 1.0.0 by @pdabelf5 in #4769
- split appProtect tests to speed up pipeline by @pdabelf5 in #4784
- Vs markers (#4793) by @oseoin in #4807
🔨 Maintenance
- Simplify release script by @lucacome in #4425
- Update NAP build step by @lucacome in #4429
- Use regexp2 pkg for path validation by @jjngx in #4465
- Bump Go to 1.21.3 by @lucacome in #4497
- Remove tests step from Updater workflow by @lucacome in #4553
- Update k8s versions in nightly by @lucacome in #4539
- Move release script to GitHub Action by @lucacome in #4592
- Move static files to scratch image by @lucacome in #4551
- Change busybox variant to musl by @lucacome in #4608
- Install QEMU for s390x by @lucacome in #4610
- realign makefile variable to be more readable by @pdabelf5 in #4783
- Add automatic push to NGINX registry by @lucacome in #4787
📝 Documentation
- Update links to templates by @jjngx in #4435
- Update operator docs for ingressClass by @haywoodsh in #4449
- Update Operator doc by @lucacome in #4459
- Update versions in docs by @lucacome in #4460
- Issue 4471: Update README linking to correct complete example by @mrajagopal in #4472
- Update gc doc with vs listeners by @vepatel in #4492
- Revert "Update gc doc with vs listeners (#4492)" by @vepatel in #4498
- Update gc doc with vs listeners by @vepatel in #4507
- implement issuance of temporary certificate when using VirtualServer cert-manager integration by @svvac in #4409
- Simplify automated changelog by @lucacome in #4525
- update documentation for -ingress-class by @vepatel in #4542
- Add string comparison functions to Go template executors by @ianyong in #4560
- Review, restructure and rewrite documentation for getting started with NGINX Ingress Controller by @ADubhlaoich in #4620
- Fix additional Helm-related chart versioning drift in documentation by @ADubhlaoich in #4645
- Fix additional Helm-related versioning issues by @ADubhlaoich in #4654
- docs: Fix Path Regex link in Advanced Configuration by @sigv in #4696
- Update README links for building NGINX Ingress Controller images by @ADubhlaoich in #4700
- Fix issue [#4679]: Incorrect default value for main-template-path and… by @opencmit2 in #4698
- Document option for installing CRDs from a single remote yaml by @shaun-nx in #4730
- Fix drift in Prometheus documentation related to ServiceMonitor by @ADubhlaoich in #4755
- Add docs for AppProtect waf bundle by @vepatel in #4757
⬆️ Dependencies
86 changes
- Bump github.com/cert-manager/cert-manager from 1.13.0 to 1.13.1 by @dependabot in #4439
- Bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in #4441
- Bump google-auth from 2.23.0 to 2.23.2 in /tests by @dependabot in #4445
- Bump cffi from 1.15.1 to 1.16.0 in /tests by @dependabot in #4446
- Bump urllib3 from 1.26.15 to 2.0.6 in /tests by @dependabot in #4455
- Bump charset-normalizer from 3.2.0 to 3.3.0 in /tests by @dependabot in #4453
- Bump packaging from 23.1 to 23.2 in /tests by @dependabot in #4454
- Bump github.com/prometheus/client_golang from 1.16.0 to 1...
Contributors
svvac, lucacome, and 22 other contributors
Assets 15
v3.3.2
What's Changed
🐛 Bug Fixes
🧪 Tests
🔨 Maintenance
📝 Documentation
- Fix Operator version by @lucacome in #4522
- update documentation for -ingress-class by @vepatel in #4549
⬆️ Dependencies
- Bump nginx from 1.25.2 to 1.25.3 by @lucacome in #4572
- Bump Go dependencies by @lucacome in #4569
- Bump github.com/cert-manager/cert-manager from 1.13.1 to 1.13.2 (#4580) by @lucacome in #4591
New Contributors
- @nginx-bot made their first contribution in #4596
Full Changelog: v3.3.1...v3.3.2
Upgrade
- For NGINX, use the v3.3.2 images from our DockerHub, GitHub Container, Amazon ECR Public Gallery or Quay.io.
- For NGINX Plus, use the v3.3.2 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the v3.3.2 source code.
- For Helm, use version 1.0.2 of the chart.
Resources
- Documentation -- https://docs.nginx.com/nginx-ingress-controller/
- Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.3.2/examples
- Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.3.2/deployments/helm-chart
- Operator -- https://github.com/nginxinc/nginx-ingress-helm-operator
Contributors
lucacome, vepatel, and nginx-bot
Assets 15
v3.3.1
What's Changed
🔨 Maintenance
📝 Documentation
- Update Operator doc by @lucacome in #4458
- Update helm readme and website docs by @vepatel in #4476
- Release 3.3.1 by @lucacome in #4515
⬆️ Dependencies
- Bump Go to 1.21.3 (#4497) by @lucacome in #4501
- Bump Go dependencies by @lucacome in #4502
- Bump golang.org/x/net to 0.17.0 by @lucacome in #4514
- Update packages for CVEs (#4516) by @lucacome in #4517
Full Changelog: v3.3.0...v3.3.1
Upgrade
- For NGINX, use the v3.3.1 images from our DockerHub, GitHub Container, Amazon ECR Public Gallery or Quay.io.
- For NGINX Plus, use the v3.3.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the v3.3.1 source code.
- For Helm, use version 1.0.1 of the chart.
Resources
- Documentation -- https://docs.nginx.com/nginx-ingress-controller/
- Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.3.1/examples
- Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.3.1/deployments/helm-chart
- Operator -- https://github.com/nginxinc/nginx-ingress-helm-operator
Contributors
lucacome and vepatel
Assets 15
v3.3.0
What's Changed
🚀 Features
- Read Prometheus key/cert from memory by @jjngx in #4023
- Expose Location Zones metrics by @jjngx in #4080
- Add path-regex annotation for ingress by @jjngx in #4127
- Add support for path-regex annotation in Ingress Master-Minion by @jjngx in #4200
- Add command line argument for custom TLS Passthrough port by @haywoodsh in #4108
- Path-Regex annotation on master and minions are set independently by @jjngx in #4223
- Match file permissions for GID 0 as owner UID 101 by @sigv in #3962
- Add custom listener controls to VirtualServer by @shaun-nx in #4271
🐛 Bug Fixes
- Update JWT/JWKS policy validation by @jjngx in #4160
- Improve runtime batch reloads by @ciarams87 in #4371
📦 Helm Chart
- Clarify language about default TLS certificate on helm chart by @danielnginx in #4084
- Check if API is available in Helm Chart by @lucacome in #4070
- Add support for
controller.selectorLabelsby @hanyouqing in #3977 - Update Helm schema by @lucacome in #4150
- Add clusterIP to service if specified in values by @EutiziStefano in #4058
- Make containerPort and hostPort customizable by @lucacome in #4252
- Expose Prometheus metrics through a headless Service. by @shaun-nx in #4331
- Update helm values file to move controller.serviceMonitor to prometheus.serviceMonitor by @shaun-nx in #4351
- Allow installing IC without creating a new ingress class by @haywoodsh in #4333
- Release 3.3.0 by @lucacome in #4423
🧪 Tests
- Check for ready endpoints by @jjngx in #3983
- Remove obsolete test placeholder by @jjngx in #4072
- disable ap-waf tests by @vepatel in #4098
- Bump balabit/syslog-ng and coredns/coredns by @lucacome in #4136
- Update AP tests and remove redundant ones by @vepatel in #4177
- Remove GitLab related files by @lucacome in #4175
- Bump kindest/node from v1.27.3 to v1.28.0 in /tests by @dependabot in #4250
- Bump test containers to 0.2.1 by @lucacome in #4227
- Add automated tests for custom vs listeners by @haywoodsh in #4311
- Dos access log dest by @pasmant in #4187
- fix: typo by @testwill in #4369
🔨 Maintenance
- Use correct product ID in AWS action by @lucacome in #4063
- Strip trailing whitespace from TARGET variable by @ciarams87 in #4079
- Add docs dependency to dependabot config by @lucacome in #4113
- Update dependabot config after refactor by @lucacome in #4105
- Add strip to all Makefile variables by @lucacome in #4112
- Add permissions to all workflows by @lucacome in #4134
- Add linting for markdown files by @lucacome in #4133
- Fix permissions in Helm job and Docker update by @lucacome in #4145
- Move configs to central repo by @lucacome in #4146
- Remove duplicated logic from templates by @jjngx in #4176
- Add mend workflow by @lucacome in #4158
- Sign checksum with cosign by @lucacome in #4181
- Add docs team as codeowners by @lucacome in #4182
- Update workflows by @lucacome in #4180
- Add workflow to update docs/go.mod by @lucacome in #4228
- Add gotype comments in templates to map types between go template and go files by @haywoodsh in #4155
- Update Go docs for path-regex by @jjngx in #4248
- Bump Go to 1.21 by @lucacome in #4230
- Update example spec comment for GlobalConfiguration in helm values.yaml by @shaun-nx in #4285
- Update CodeQL workflow by @lucacome in #4374
- Update go version in go.mod by @lucacome in #4373
- Update OpenSSF scorecard workflow by @lucacome in #4375
- Update goreleaser permissions by @lucacome in #4379
- Update GoReleaser config by @lucacome in #4411
- Trigger Operator Sync PR on release by @lucacome in #4413
- Add RH certification step by @lucacome in #4412
📝 Documentation
- Small Update to troubleshooting document by @jasonwilliams14 in #3346
- Update manifest installation guide, fix theme highlighting & spec table by @ADubhlaoich in #4066
- Update library paths and requirements file by @vepatel in #4085
- Update installation-with-manifests.md by @jputrino in #4090
- Add explicit note to that docs apply to latest release by @ADubhlaoich in #4093
- NGINX Ingress with Linkerd virtualserver example by @jasonwilliams14 in #4135
- Upgrade nginx-hugo-theme version to support newer Hugo releases by @jputrino in #4149
- Add Hugo mod tidy by @lucacome in #4174
- Change links on NGINX Plus introduction page to relative links by @ADubhlaoich in #4212
- fix: bump hugo theme to 0.35.0 by @Jcahilltorre in #4225
- Add examples for master-minion path-regex by @jjngx in #4235
- Update path-regex doc by @jjngx in #4247
- Update JWT install guide by @jasonwilliams14 in #3884
- Release 3.2.1 (#4264) by @lucacome in #4265
- Add howto doc for path-regex annotations by @jjngx in #4266
- Docs/upgrade using helm by @vepatel in #4272
- Add tutorial doc for VirtualServer configuration with Custom Listener Ports by @shaun-nx in #4294
- fixes commit SHA in docs/go.sum by @jputrino in #4315
- fix: correcting various typos and casing issues by @aknot242 in #4308
- NGINX Dynamic module with NGINX Ingress controller by @jasonwilliams14 in #3992
- Update helm docs with serviceNameOverride by @vepatel in #4334
- feat: Hugo theme bump by @Jcahilltorre in #4345
- Link to proper NGINX Ingress Operator by @sigv in #4348
- Fixed typo in installation / Helm Chart by @fabriziofiorucci in #4335
- Update existing prometheus documentation to include configuration options for ServiceMonitor by @shaun-nx in #4414
⬆️ Dependencies
115 changes
- Bump kind versions in nightly by @lucacome in #4056
- Bump nginxinc/aws-marketplace-publish from 0.1.0 to 0.1.1 by @dependabot in https://github.com/n...
Contributors
lucacome, sigv, and 19 other contributors
Assets 15
v3.2.1
What's Changed
🧪 Tests
🔨 Maintenance
- Update workflows for release branch by @lucacome in #4232
- Sign checksum with cosign (#4181) by @lucacome in #4258
📝 Documentation
- Release 3.2.1 by @lucacome in #4264
- Cherry-pick troubleshooting documentation from main branch by @ADubhlaoich in #4078
- Remove Operator note by @lucacome in #4071
- Cherry pick minor changes (Including code highlighting fix) from main by @ADubhlaoich in #4097
- Upgrade nginx-hugo-theme version to support newer Hugo releases (#4149) by @jputrino in #4178
- Bump NGINX Plus to R30 (#4236) by @lucacome in #4261
- Update JWT install guide (#3884) by @jasonwilliams14 in #4263
⬆️ Dependencies
- Bump Go dependencies by @lucacome in #4231
- Bump nginx images to 1.25.2 by @lucacome in #4259
- Fix CVEs in UBI NAP images (#4257) by @lucacome in #4260
- Bump Go to 1.21 by @lucacome in #4262
Full Changelog: v3.2.0...v3.2.1
Upgrade
- For NGINX, use the v3.2.1 images from our DockerHub, GitHub Container, Amazon ECR Public Gallery or Quay.io.
- For NGINX Plus, use the v3.2.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the v3.2.1 source code.
- For Helm, use version 0.18.1 of the chart.
Resources
- Documentation -- https://docs.nginx.com/nginx-ingress-controller/
- Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.2.1/examples
- Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.2.1/deployments/helm-chart
- Operator -- https://github.com/nginxinc/nginx-ingress-operator/
Contributors
lucacome, ADubhlaoich, and 2 other contributors
Assets 13
v3.2.0
What's Changed
🚀 Features
- Gunzip for VS by @jjngx in #3790
- Inherit NET_BIND_SERVICE from IC to Nginx by @sigv in #3722
- Fix/OIDC - relaxed OIDC scope validation by @jjngx in #3863
- Specify
runAsNonRootindaemon-setmanifests by @sigv in #3925 - Add support for the SameSite sticky cookie attribute by @jjngx in #4001
- Add Alpine image with FIPS inside by @lucacome in #4031
🐛 Bug Fixes
- Update VirtualServer to ignore CRL for EgressMTLS by @shaun-nx in #3737
- Update VirtualServer template to generate an internal jwt auth location per policy applied by @shaun-nx in #3798
- indent to annotations key in leader-elec cm by @vepatel in #3840
- Fix gunzip support for VS and add python tests by @jjngx in #3844
- Add Funcs() method to UpdateVirtualServerTemplate method by @coolbry95 in #3870
- fix --enternal-service flag when using serviceNameOverride by @timnee in #3933
📦 Helm Chart
- Update Helm docs by @lucacome in #3698
- Updated NGINX Service Mesh references in Helm templates by @jbyers19 in #3602
- Egress via Ingress VirtualServer Resource by @chase-kiefer in #3491
- Swap cpu and memory in HPA template by @coolbry95 in #3773
- added serviceNameOverride by @timnee in #3802
- Fix GlobalConfiguration name in Helm Chart by @lucacome in #3815
- Remove semverCompare for allocateLoadBalancerNodePorts by @centromere in #3814
- Reverse order of NAPDOS maxDaemons and maxWorkers in Helm chart by @ciarams87 in #3905
- Release 3.2.0 by @lucacome in #4055
🧪 Tests
- Update NAP DoS test container by @lucacome in #3663
- Update ca and client certificates for CRL python tests by @shaun-nx in #3764
- update gitlab dockerfile by @vepatel in #3789
- increase counter and add retries to jwks and mtls ingress tests by @vepatel in #3861
- Update expired CRL and Certificates for IngressMTLS python tests by @shaun-nx in #3906
- Skip JWKS tests by @shaun-nx in #3922
- Bail fast if function returns error by @jjngx in #4016
🔨 Maintenance
- Switch to draft-release action by @lucacome in #3675
- Only get the subject of the commit message for notifications by @lucacome in #3689
- Move build docker steps after tests by @lucacome in #3690
- Use OIDC to login to AWS by @lucacome in #3740
- Add k8s 1.26 to nightly run as k8s_latest is 1.27 by @vepatel in #3788
- Add AWS startup log by @lucacome in #3797
- Use appropriate context in metadata-action by @lucacome in #3796
- Use OIDC to login to GCR by @lucacome in #3838
- Simplify validators by @jjngx in #3818
- Simplify validation code for listener protocol by @jjngx in #3885
- Make TransportServer tests run in parallel by @jjngx in #3892
- Update CI by @lucacome in #3836
- Run tests in parallel by @jjngx in #3910
- Simplify validators by @jjngx in #3909
- Update error handling by @jjngx in #3936
- Remove explicit
fsGroupdefinition by @sigv in #3926 - Fix release notes condition by @lucacome in #3950
- Update openid-connect.js by @vepatel in #3995
- Add dependency review workflow and config by @lucacome in #4000
- Update GoReleaser config by @lucacome in #3974
- Update packages for CVEs by @lucacome in #4033
- Cleanup Makefile by @lucacome in #4020
- Update notification and build workflows by @lucacome in #3973
- Update labeler to official action by @lucacome in #4004
- Create tags for OSS images on release branch by @lucacome in #4041
- Make NAP independent from Plus by @lucacome in #4054
- Add step to publish to AWS Marketplace by @lucacome in #4045
📝 Documentation
- Update Service Insight docs by @jjngx in #3684
- Release 3.1.0 by @shaun-nx in #3700
- Example for the service insight feature (VS and TS) by @jjngx in #3691
- Update release file with additional information by @jasonwilliams14 in #3704
- Update correct path for default-server-secret by @jasonwilliams14 in #3713
- Docs theme updates by @jputrino in #3751
- Update docs for operator 1.4.0 by @vepatel in #3762
- Initial install guide for GCP Marketplace Package (#3561) by @lucacome in #3800
- docs: Address two minor issues and update product nouns by @ADubhlaoich in #3736
- Add NGINX Ingress controller with OSM tutorial by @jasonwilliams14 in #3592
- Release 3.1.1 (#3860) by @lucacome in #3869
- Update official Ingress resource link by @ADubhlaoich in #3864
- Update operator docs by @lucacome in #3921
- Add AWS Marketplace images for NAP by @lucacome in #3935
- Add GCP Marketplace to technical-specifications and release by @lucacome in #3951
- update numbering in manifest installation by @vepatel in #4015
- Update theme version, adjust weight of top level pages & sections by @ADubhlaoich in #3979
- Add document to tutorial section for configuring the default oidc implementation by @shaun-nx in #4022
- fix links and product name usage in NAP WAF config guide by @jputrino in #3972
- Custom listen ports document by @jasonwilliams14 in #3715
- Add FIPS to the list of images by @lucacome in #4048
- Update README by @lucacome in #4044
- Tutorial for FCP by @haywoodsh in #3954
- fix: bump hugo theme to 0.33 by @Jcahilltorre in #4060
- NGINX Ingress with Linkerd guide by @jasonwilliams14 in #3993
⬆️ Dependencies
170 changes
- Bump github.com/aws/aws-sdk-go-v2/config from 1.18.18 to 1.18.19 by @dependabot in #3681
- Bump actions/stale from 7.0.0 to 8.0.0 by @dependabot in #3680
- Bump github/codeql-action from 2.2.7 to 2.2.8 by @dependabot in #3687
- Bump github.com/aws/aws-sdk-go-v2/service/marketplacemetering from 1.14.6 to 1.14.7 by @dependabot in #3682
- Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #3688
- Bump pyopen...
Contributors
centromere, lucacome, and 16 other contributors
Assets 13
v3.1.1
What's Changed
🐛 Bug Fixes
- Egress via Ingress VirtualServer Resource (#3491) by @lucacome in #3847
- Updated NGINX Service Mesh references in Helm templates (#3602) by @lucacome in #3848
- Inherit NET_BIND_SERVICE from IC to Nginx (#3722) by @lucacome in #3849
- Add serviceNameOverride (#3802) by @lucacome in #3853
- Fix GlobalConfiguration name in Helm Chart (#3815) by @lucacome in #3854
- Update VirtualServer to ignore CRL for EgressMTLS (#3737) by @lucacome in #3856
- Update VirtualServer template to generate an internal jwt auth location per policy applied (#3798) by @lucacome in #3855
- indent in annotations key in leader-elec cm by @vepatel in #3862
📦 Helm Chart
- Swap cpu and memory in HPA template by @lucacome in #3801
- Bump dependencies to latest patch version by @lucacome in #3846
- Release 3.1.1 by @lucacome in #3860
🧪 Tests
- Update NAP DoS test container (#3663) by @lucacome in #3857
- increase counter and add retries to jwks and mtls ingress tests (#3861) by @lucacome in #3865
🔨 Maintenance
📝 Documentation
- Fix helm installation link by @shaun-nx in #3702
- Fix OpenAPI version in NAP WAF docs by @lucacome in #3697
- Add NGINX Ingress controller with OSM tutorial (#3592) by @jasonwilliams14 in #3835
- Bump nginx to 1.23.4 by @lucacome in #3852
⬆️ Dependencies
- Update packages for CVEs (#3831) by @lucacome in #3850
- Bump NGINX Plus to R29 (#3833) by @lucacome in #3851
Full Changelog: v3.1.0...v3.1.1
Upgrade
- For NGINX, use the v3.1.1 image from our DockerHub, GitHub Container, Amazon ECR Public Gallery or Quay.io.
- For NGINX Plus, use the v3.1.1 image from the F5 Container registry or the AWS Marketplace or build your own image using the v3.1.1 source code.
- For Helm, use version 0.17.1 of the chart.
Resources
- Documentation -- https://docs.nginx.com/nginx-ingress-controller/
- Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.1.1/examples
- Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.1.1/deployments/helm-chart
- Operator -- https://github.com/nginxinc/nginx-ingress-operator/
Contributors
lucacome, jasonwilliams14, and 2 other contributors
Assets 13
v3.1.0
What's Changed
🚀 Features
- Reseting default TLS settings and making them optional by @jasonwilliams14 in #3302
- feat: Enable keepalive-time for healthchecks in VS and VSR by @ciarams87 in #3451
- Support empty path for ImplementationSpecific pathType by @ciarams87 in #3507
- Use new NSM Spiffe and Cert rotation library by @avahahn in #3482
- feat: Add initial support for SSL termination for TransportServer by @ciarams87 in #3462
- App Policy Bundle by @jjngx in #3560
- Prometheus tls path by @shaun-nx in #3615
- Push edge Helm Chart to OCI registries by @lucacome in #3581
- Use the "runtime default" seccomp profile by @sigv in #3629
- Remove app protect agent by @jjngx in #3646
🐛 Bug Fixes
- Support non-vs created Challenge Ingress by @ciarams87 in #3463
- Move logic for
-enable-leader-electionflag in helm templates by @shaun-nx in #3475 - Add missing OSS internal routes by @chase-kiefer in #3481
- Ensure non-ready endpoints are not added to upstreams by @shaun-nx in #3541
- Update keyCache path for JWKs to avoid conflict with OIDC by @shaun-nx in #3583
- Update proxy cache zone name by @shaun-nx in #3604
- set Content-Length "" for jwks uri and enable test by @vepatel in #3607
- remove unwanted chars from label value by @vepatel in #3660
📦 Helm Chart
- Allow extra args to be provided to the OIDC auth endpoint by @alanwilkie-finocomp in #3034
- Correct values.schema.json nodeSelector by @coolbry95 in #3449
- Fix Helm Chart Schema for priorityClassName by @lucacome in #3448
- Add websocket protocol option to monitor directive by @pasmant in #3442
- Add support for custom environment variables on the Nginx Controller container by @AaronShiels in #3326
- fix: Add OnDelete to allowed strategy values by @ciarams87 in #3519
- fix: controller.topologySpreadConstraints schema by @marcuz in #3527
- add pod disruption budget for ingress controller by @coolbry95 in #3248
- Update schema references to k8s v1.26.1 by @lucacome in #3537
- Update docs in main for Release 3.0.2 (#3547) by @ciarams87 in #3557
- chore: Add new label and metadata to pod by @ciarams87 in #3586
- Rework port binding logic without privileges by @sigv in #3573
- Fix Helm Chart labels and templates. Move version update to labels by @lucacome in #3606
- Configure IC root filesystem as read-only by @sigv in #3548
- feat: Add access token support in the OIDC by @shawnhankim in #3474
- Update nginx.org/ca secret type & crl field to IngressMTLS to support CRL by @shaun-nx in #3632
- Move NAP DoS chart to new repo by @lucacome in #3674
🧪 Tests
- DoS Status by @pasmant in #3379
- Move test containers to separate repo by @lucacome in #3454
- Add tests for jwt jwksuri by @vepatel in #3511
- make changes to req type and parameters by @vepatel in #3528
- Format shell scripts by @lucacome in #3590
- skip jwksuri test by @vepatel in #3612
- Add SBOMs for Docker images by @lucacome in #3627
- fix: Requeue DNSEndpoint request when create fails with already exists error by @ciarams87 in #3637
🔨 Maintenance
- Update workflow for UBI image by @lucacome in #3435
- Update packages for CVEs by @lucacome in #3447
- Fix dependabot for test deps and run checks weekly by @lucacome in #3452
- Fix dependabot for test by @lucacome in #3456
- chore: Output of gofumpt and remove deprecated reference by @ciarams87 in #3464
- Remove sync with internal repo by @lucacome in #3467
- Add missing file to update IC version for release by @haywoodsh in #3438
- Update package for CVE-2022-44617 by @lucacome in #3484
- Sync only once a week by @lucacome in #3494
- Remove tests from Docker update by @lucacome in #3485
- Change flow in CI workflow by @lucacome in #3505
- Only add the test container to cache once by @lucacome in #3518
- Update packages for CVE-2023-0286 by @lucacome in #3536
- Decouple UBI images for Plus and NAP by @lucacome in #3540
- Update labels and issue docs by @lucacome in #3553
- Replace deprecated command with environment file by @jongwooo in #3576
- Add detect-private-key to pre-commit by @lucacome in #3589
- Remove libcap by @lucacome in #3616
- Remove strict permissions for Helm in CI by @lucacome in #3648
- Add workaround for using latest UBI 8 for NAP by @lucacome in #3647
- Add Contributing Guidelines to bot response by @lucacome in #3652
- Don't use blocking status check by @lucacome in #3664
- PRs with docs changes appear in their own sections in changelog by @haywoodsh in #3437
📝 Documentation
- Release 3.0.0 (#3429) by @lucacome in #3434
- Add documentation for the Helm Operator OOM issue by @haywoodsh in #3470
- Correct typo in JWKS documentation by @haywoodsh in #3466
- Document and make public new issue lifecycle by @tomasohaodha in #3465
- clarify deep service insight by @brianehlert in #3453
- Release 3.0.1 by @lucacome in #3483
- Fix helm values to match chart value by @jasonwilliams14 in #3497
- docs: Hugo theme February 23 update by @ADubhlaoich in #3532
- fix: Add missing directory to NGINX App Protect DoS Instructions by @ADubhlaoich in #3605
- feat: Fix instruction link for NGINX Ingress Helm Operator by @ADubhlaoich in #3596
- Update service-insight.md to fix helm parameter typo by @aknot242 in #3654
- Add documentation for read-only root filesystem by @vepatel in #3661
- Add WAF Bundle example by @jjngx in #3656
- Revert "Add WAF Bundle example (#3656)" by @jjngx in #3677
- Release 3.1.0 by @shaun-nx in #3685
⬆️ Dependencies
Details
- Bump docker/metadata-action from 4.1.1 to 4.2.0 by @dependabot in #3425
- Bump urllib3 from 1.26.13 to 1.26.14 in /tests by @dependabot in https://github.com/ngi...
Contributors
lucacome, marcuz, and 21 other contributors
Assets 13
v3.0.2
What's Changed
🐛 Bug Fixes
- fix: Add OnDelete to allowed strategy values by @ciarams87 in #3519
- Ensure non-ready endpoints are not added to upstreams by @shaun-nx in #3541
- fix: controller.topologySpreadConstraints schema by @marcuz in #3527
📝 Documentation
- Release 3.0.2 by @shaun-nx in #3547
- Update Operator docs by @ciarams87 in #3513
- docs: Hugo theme February 23 update (#3532) by @ADubhlaoich in #3533
🔨 Maintenance
⬆️ Dependencies
- Update package for CVE-2022-47629 by @lucacome in #3550
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #3526
- Bump github.com/aws/aws-sdk-go-v2/service/marketplacemetering from 1.14.1 to 1.14.2 by @dependabot in #3525
- Bump sigs.k8s.io/controller-tools from 0.11.2 to 0.11.3 by @dependabot in #3524
- Bump github.com/aws/aws-sdk-go-v2/config from 1.18.10 to 1.18.12 by @dependabot in #3523
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #3506
- Bump sigs.k8s.io/controller-tools from 0.11.1 to 0.11.2 by @dependabot in #3504
- Bump github.com/aws/aws-sdk-go-v2/config from 1.18.9 to 1.18.10 by @dependabot in #3490
- Bump google.golang.org/grpc from 1.52.1 to 1.52.3 by @dependabot in #3489
Full Changelog: v3.0.1...v3.0.2
Upgrade
- For NGINX, use the v3.0.2 image from our DockerHub, GitHub Container, Amazon ECR Public Gallery or Quay.io.
- For NGINX Plus, use the v3.0.2 image from the F5 Container registry or the AWS Marketplace or build your own image using the v3.0.2 source code.
- For Helm, use version 0.16.2 of the chart.
Resources
- Documentation -- https://docs.nginx.com/nginx-ingress-controller/
- Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.0.2/examples
- Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/v3.0.2/deployments/helm-chart
- Operator -- https://github.com/nginxinc/nginx-ingress-operator/
New Contributors
Contributors
lucacome, marcuz, and 5 other contributors