diff --git a/VERSION b/VERSION index 0f1acbd5656..1bf010be510 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v1.1.2 +v1.2.0-rc.1 diff --git a/release-notes/current.yaml b/release-notes/current.yaml index 524802636e6..bfc711148bd 100644 --- a/release-notes/current.yaml +++ b/release-notes/current.yaml @@ -2,28 +2,28 @@ date: Pending # Changes that are expected to cause an incompatibility with previous versions, such as deletions or modifications to existing APIs. breaking changes: | - - Add a breaking change here + Add a breaking change here # Updates addressing vulnerabilities, security flaws, or compliance requirements. security updates: | - - Add a security update here + Add a security update here # New features or capabilities added in this release. new features: | - - Add a new feature here + Add a new feature here # Fixes for bugs identified in previous versions. bug fixes: | - - Add a bug fix here + Add a bug fix here # Enhancements that improve performance. performance improvements: | - - Add a performance improvement here + Add a performance improvement here # Deprecated features or APIs. deprecations: | - - Add a deprecation here + Add a deprecation here # Other notable changes not covered by the above sections. Other changes: | - - Add other changes here + Add other changes here diff --git a/release-notes/v1.2.0-rc.1.yaml b/release-notes/v1.2.0-rc.1.yaml new file mode 100644 index 00000000000..0ff64d9325f --- /dev/null +++ b/release-notes/v1.2.0-rc.1.yaml @@ -0,0 +1,132 @@ +date: October 25, 2024 + +# Changes that are expected to cause an incompatibility with previous versions, such as deletions or modifications to existing APIs. +breaking changes: | + Gateway API GRPCRoute and ReferenceGrant v1alpha2 have been removed. + Please refer to the [Gateway API v1.2.0 documentation](https://github.com/kubernetes-sigs/gateway-api/releases) for more information. + Removed default CPU limit of the Envoy Gateway deployment + Changed default Envoy shutdown settings: drain strategy has been changed to immediate, default minDrainDuration, drainTimeout and terminationGracePeriodSeconds have been set to 10s, 60s and 360s respectively + +# New features or capabilities added in this release. +new features: | + Added support for Gateway-API v1.2.0 + Added support for IPv4/IPv6 Dual Stack for Envoy listeners and BackendRef resources + Added support for EG standalone(host deployment) mode (experimental) + Added support for JWT claims based Authorization in SecurityPolicy CRD + Added support for Direct Response in HTTPRouteFilter CRD + Added support for Response Override in BackendTrafficPolicy CRD + Added support for RequestTimeout in BackendTrafficPolicy CRD + Added support for inverting header matches for rate limit in BackendTrafficPolicy CRD + Added support for client TLS session resumption in ClientTrafficPolicy CRD + Added support for HTTPRouteFilter and path regex rewrite + Added support for host header rewrite in HTTPRouteFilter CRD + Added support for Listener Access Log in EnvoyProxy CRD + Added support for Datadog tracing support in EnvoyProxy CRD + Added support for request response sizes stats in EnvoyProxy CRD + Added support for wildcard matching for CORS AllowMethods and AllowHeaders settings in SecurityPolicy CRD + Added support for match conditions for access log in EnvoyProxy CRD + Added support for using BackendCluster to represent OIDCProvider + Added support for RecomputeRoute for ExtAuth in SecurityPolicy CRD + Added support for sharing token cookies between multiple domains in SecurityPolicy CRD + Added support for JSONPatches for proxy bootstrap modifications in EnvoyProxy CRD + Added support for LB priority for non xRoute endpoints + Added support for configuring the GRPC Health Checker in the BackendTrafficPolicy CRD + Added support for early request header mutation in the ClientTrafficPolicy CRD + Added support for JsonPath in the EnvoyPatchPolicy CRD + Added support for cluster settings for tracing and access log backends in EnvoyProxy CRD + Added support for cluster settings for non xRoute-generated backend refs + Added support for socket buffer limit field in ClientTrafficPolicy and BackendTrafficPolicy CRD + Added support for http2 upstream settings in BackendTrafficPolicy CRD + Added support for DNS resolution settings in BackendTrafficPolicy CRD + Added support for configuring service annotations in the Envoy Gateway helm chart + Added support for configuring priorityClassName to Envoy Gateway helm chart + Added support for ratelimit metrics monitoring in grafana in the addons helm chart + Added support for default user group and user id for the SecurityContexts in the Envoy Gateway helm chart + Added support for maxUnavailable in the PodDisruptionBudget in the Envoy Gateway helm chart + Added support for configuring NodeSelector in the Envoy Gateway helm chart + Added support for nonce in the OIDC auth flow + Added support for choosing an HTTPRoute's non-wildcard hostname as the default Host + Added support for returning 500 when EnvoyExtensionTrafficPolicy translation fails + Added support for returning 500 when SecurityPolicy translation fails + Added support for multiple backendRefs for ExtAuth and ExtProc + Added support for session persistence in HTTPRoute rules + Added support for the Backend resource for ExtAuth + Added support for target selectors on Envoy Gateway Extension Server policies + Added support for non-Kubernetes Backends for TLSRoute + Added support for fallback to the Backend API + Added support for reloadable EnvoyGateway configuration + Added support for adding Labels to the Envoy Service + Added support for custom name for ratelimit deployment + Added default SecurityContext for EG components + Added startupProbe to all provisioned containers + Added support for local validations for egctl translate and file provider + Added support for egctl x collect to collect information from the cluster for debugging + Added support for a native prometheus metrics endpoint in the ratelimit server + +# Fixes for bugs identified in previous versions. +bug fixes: | + Fixed unsupported listener protocol type causing an error while updating Gateway Status + Fixed some status updates were being discarded by the status updater + Fixed Gateway crash adding BackendTLSPolicy to External Backend of an HTTPRoute + Fixed Delay in SecurityPolicy change propagation for HTTPRoute when using targetSelectors + Fixed JSONPath not correctly translated to JSONPatch paths + Fixed allow empty slowStart when using LeastRequest + Fixed Backends which should be rejected are still used as an HTTPRoute's destination + Fixed losing timeout settings that originate from the route when translating the backend traffic policy + Fixed Backend resources don't get status updates + Fixed Active Health check requires expectedStatuses field to work + Fixed HTTPHeaderFilter processing doesn't correctly support multiple header values + Fixed multiple reference grants in same namespace + Fixed upstream get unwanted /. + Fixed creation of SecurityPolicy with targetSelectors fails + Fixed wrong gateway is chosen as HTTPRoute parent + Fixed override issue for EEP + Fixed nil pointer err translating hash load balancing + Fixed ratelimit does not work across multiple GatewayClasses + Fixed upstream mTLS only works for HTTPS listeners + Fixed nil pointer if backedtls.minVersion is set but backedtls.maxVersion is not + Fixed empty connection limit causes XDS rejection + Fixed ratelimit not working with both headers and cidr matches + Fixed EDS didn't update when deployments was created after services + Fixed RBAC issue for deleting infrastructure resources + Fixed customized infrastructure resources not being deleted + Fixed Gateways never become ready/programmed when running Envoy as a Daemonset + Fixed Ratelimit Deployment ignoring pod labels and annotation merge + Fixed the API Server receives unnecessary requests + Fixed terminating envoy pods don't respond with "Connection: close" (H1) or GOAWAY(H2) on shutdown, switch to an immediate drain strategy + Fixed ratelimit statsd not working + Fixed not generating selector of deployment/daemonset based on the custom label configuration of EnvoyProxy + Fixed egctl experimental translate using a wrong ns + +# Enhancements that improve performance. +performance improvements: | + Fixed repeated resources and optimize memory usage + +# Other notable changes not covered by the above sections. +Other changes: | + Removed grafana test framework from the addons helm chart + Disabled ALPN for non-HTTP routes + Added statPrefix for HCM and TCPProxy + Enabled GatewayHTTPListenerIsolation conformance test + Enabled GRPC conformance profile + Enabled HTTPRouteBackendRequestHeaderModifier conformance test + Added e2e test for Daemonset mode + Updated upgrades tests to use VERSION env variable + Fixed OVS scanner wrong license warnings + Added e2e test for TLS session resumption + Added heap profile into benchmark report + Added e2e test for RecomputeRoute in ExtAuth + Added benchmark memory profiles into report + Fixed flaky gateway_with_conflicted_listener_cannot_be_merged e2e test + Fixed flaky Zipkin Tracing e2e test + Added e2e test for cookie based consistent hash load balancing + Added e2e test for load balancing + Fixed flaky authorization tests + Enabled upgrade test + Fixed flaky basic auth e2e test + Enabled use-client-protocol e2e test + Added performance benchmarking test for 1000 HTTPRoutes + Added e2e test for Datadog tracing + Added e2e tests for ratelimit invert matching headers + Reduced readinessProbe failureThreshold and periodSeconds + Bumped go-control-plane to v0.13.1 diff --git a/site/content/en/contributions/RELEASING.md b/site/content/en/contributions/RELEASING.md index 70fff1c083b..ec2365a15dc 100644 --- a/site/content/en/contributions/RELEASING.md +++ b/site/content/en/contributions/RELEASING.md @@ -32,7 +32,7 @@ export GITHUB_REMOTE=origin 2. Create a topic branch for adding the release notes and updating the [VERSION][] file with the release version. Refer to previous [release notes][] and [VERSION][] for additional details. The latest changes are already accumulated in the current.yaml file. Copy the content of the current.yaml file to the release notes file and clear the current.yaml file. ```shell - echo "${MAJOR_VERSION}.${MINOR_VERSION}.0-rc.${RELEASE_CANDIDATE_NUMBER}" > VERSION + echo "v${MAJOR_VERSION}.${MINOR_VERSION}.0-rc.${RELEASE_CANDIDATE_NUMBER}" > VERSION ``` __Note:__ The release candidate version should be in the format `${MAJOR_VERSION}.${MINOR_VERSION}.0-rc.${RELEASE_CANDIDATE_NUMBER}`. diff --git a/site/content/en/news/releases/notes/v1.2.0-rc.1.md b/site/content/en/news/releases/notes/v1.2.0-rc.1.md new file mode 100644 index 00000000000..cfdfe12d27f --- /dev/null +++ b/site/content/en/news/releases/notes/v1.2.0-rc.1.md @@ -0,0 +1,133 @@ +--- +title: "v1.2.0-rc.1" +publishdate: 2024-10-25 +--- + +Date: October 25, 2024 + +## Breaking changes +- Gateway API GRPCRoute and ReferenceGrant v1alpha2 have been removed. +- Please refer to the [Gateway API v1.2.0 documentation](https://github.com/kubernetes-sigs/gateway-api/releases) for more information. +- Removed default CPU limit of the Envoy Gateway deployment +- Changed default Envoy shutdown settings: drain strategy has been changed to immediate, default minDrainDuration, drainTimeout and terminationGracePeriodSeconds have been set to 10s, 60s and 360s respectively + +## New features +- Added support for Gateway-API v1.2.0 +- Added support for IPv4/IPv6 Dual Stack for Envoy listeners and BackendRef resources +- Added support for EG standalone(host deployment) mode (experimental) +- Added support for JWT claims based Authorization in SecurityPolicy CRD +- Added support for Direct Response in HTTPRouteFilter CRD +- Added support for Response Override in BackendTrafficPolicy CRD +- Added support for RequestTimeout in BackendTrafficPolicy CRD +- Added support for inverting header matches for rate limit in BackendTrafficPolicy CRD +- Added support for client TLS session resumption in ClientTrafficPolicy CRD +- Added support for HTTPRouteFilter and path regex rewrite +- Added support for host header rewrite in HTTPRouteFilter CRD +- Added support for Listener Access Log in EnvoyProxy CRD +- Added support for Datadog tracing support in EnvoyProxy CRD +- Added support for request response sizes stats in EnvoyProxy CRD +- Added support for wildcard matching for CORS AllowMethods and AllowHeaders settings in SecurityPolicy CRD +- Added support for match conditions for access log in EnvoyProxy CRD +- Added support for using BackendCluster to represent OIDCProvider +- Added support for RecomputeRoute for ExtAuth in SecurityPolicy CRD +- Added support for sharing token cookies between multiple domains in SecurityPolicy CRD +- Added support for JSONPatches for proxy bootstrap modifications in EnvoyProxy CRD +- Added support for LB priority for non xRoute endpoints +- Added support for configuring the GRPC Health Checker in the BackendTrafficPolicy CRD +- Added support for early request header mutation in the ClientTrafficPolicy CRD +- Added support for JsonPath in the EnvoyPatchPolicy CRD +- Added support for cluster settings for tracing and access log backends in EnvoyProxy CRD +- Added support for cluster settings for non xRoute-generated backend refs +- Added support for socket buffer limit field in ClientTrafficPolicy and BackendTrafficPolicy CRD +- Added support for http2 upstream settings in BackendTrafficPolicy CRD +- Added support for DNS resolution settings in BackendTrafficPolicy CRD +- Added support for configuring service annotations in the Envoy Gateway helm chart +- Added support for configuring priorityClassName to Envoy Gateway helm chart +- Added support for ratelimit metrics monitoring in grafana in the addons helm chart +- Added support for default user group and user id for the SecurityContexts in the Envoy Gateway helm chart +- Added support for maxUnavailable in the PodDisruptionBudget in the Envoy Gateway helm chart +- Added support for configuring NodeSelector in the Envoy Gateway helm chart +- Added support for nonce in the OIDC auth flow +- Added support for choosing an HTTPRoute's non-wildcard hostname as the default Host +- Added support for returning 500 when EnvoyExtensionTrafficPolicy translation fails +- Added support for returning 500 when SecurityPolicy translation fails +- Added support for multiple backendRefs for ExtAuth and ExtProc +- Added support for session persistence in HTTPRoute rules +- Added support for the Backend resource for ExtAuth +- Added support for target selectors on Envoy Gateway Extension Server policies +- Added support for non-Kubernetes Backends for TLSRoute +- Added support for fallback to the Backend API +- Added support for reloadable EnvoyGateway configuration +- Added support for adding Labels to the Envoy Service +- Added support for custom name for ratelimit deployment +- Added default SecurityContext for EG components +- Added startupProbe to all provisioned containers +- Added support for local validations for egctl translate and file provider +- Added support for egctl x collect to collect information from the cluster for debugging +- Added support for a native prometheus metrics endpoint in the ratelimit server + +## Bug fixes +- Fixed unsupported listener protocol type causing an error while updating Gateway Status +- Fixed some status updates were being discarded by the status updater +- Fixed Gateway crash adding BackendTLSPolicy to External Backend of an HTTPRoute +- Fixed Delay in SecurityPolicy change propagation for HTTPRoute when using targetSelectors +- Fixed JSONPath not correctly translated to JSONPatch paths +- Fixed allow empty slowStart when using LeastRequest +- Fixed Backends which should be rejected are still used as an HTTPRoute's destination +- Fixed losing timeout settings that originate from the route when translating the backend traffic policy +- Fixed Backend resources don't get status updates +- Fixed Active Health check requires expectedStatuses field to work +- Fixed HTTPHeaderFilter processing doesn't correctly support multiple header values +- Fixed multiple reference grants in same namespace +- Fixed upstream get unwanted /. +- Fixed creation of SecurityPolicy with targetSelectors fails +- Fixed wrong gateway is chosen as HTTPRoute parent +- Fixed override issue for EEP +- Fixed nil pointer err translating hash load balancing +- Fixed ratelimit does not work across multiple GatewayClasses +- Fixed upstream mTLS only works for HTTPS listeners +- Fixed nil pointer if backedtls.minVersion is set but backedtls.maxVersion is not +- Fixed empty connection limit causes XDS rejection +- Fixed ratelimit not working with both headers and cidr matches +- Fixed EDS didn't update when deployments was created after services +- Fixed RBAC issue for deleting infrastructure resources +- Fixed customized infrastructure resources not being deleted +- Fixed Gateways never become ready/programmed when running Envoy as a Daemonset +- Fixed Ratelimit Deployment ignoring pod labels and annotation merge +- Fixed the API Server receives unnecessary requests +- Fixed terminating envoy pods don't respond with "Connection: close" (H1) or GOAWAY(H2) on shutdown, switch to an immediate drain strategy +- Fixed ratelimit statsd not working +- Fixed not generating selector of deployment/daemonset based on the custom label configuration of EnvoyProxy +- Fixed egctl experimental translate using a wrong ns + +## Performance improvements +- Fixed repeated resources and optimize memory usage + +## Other changes +- Removed grafana test framework from the addons helm chart +- Disabled ALPN for non-HTTP routes +- Added statPrefix for HCM and TCPProxy +- Enabled GatewayHTTPListenerIsolation conformance test +- Enabled GRPC conformance profile +- Enabled HTTPRouteBackendRequestHeaderModifier conformance test +- Added e2e test for Daemonset mode +- Updated upgrades tests to use VERSION env variable +- Fixed OVS scanner wrong license warnings +- Added e2e test for TLS session resumption +- Added heap profile into benchmark report +- Added e2e test for RecomputeRoute in ExtAuth +- Added benchmark memory profiles into report +- Fixed flaky gateway_with_conflicted_listener_cannot_be_merged e2e test +- Fixed flaky Zipkin Tracing e2e test +- Added e2e test for cookie based consistent hash load balancing +- Added e2e test for load balancing +- Fixed flaky authorization tests +- Enabled upgrade test +- Fixed flaky basic auth e2e test +- Enabled use-client-protocol e2e test +- Added performance benchmarking test for 1000 HTTPRoutes +- Added e2e test for Datadog tracing +- Added e2e tests for ratelimit invert matching headers +- Reduced readinessProbe failureThreshold and periodSeconds +- Bumped go-control-plane to v0.13.1 + diff --git a/test/e2e/tests/eg_upgrade.go b/test/e2e/tests/eg_upgrade.go index 4ca4db15637..721b22d4c9c 100644 --- a/test/e2e/tests/eg_upgrade.go +++ b/test/e2e/tests/eg_upgrade.go @@ -11,7 +11,6 @@ import ( "bytes" "context" "fmt" - "os" "strings" "testing" "time" @@ -53,10 +52,8 @@ var EGUpgradeTest = suite.ConformanceTest{ chartPath := "../../../charts/gateway-helm" relName := "eg" depNS := "envoy-gateway-system" - lastVersionTag := os.Getenv("LAST_VERSION_TAG") - if lastVersionTag == "" { - lastVersionTag = "v1.1.2" // Default version tag if not specified - } + lastVersionTag := "v1.1.2" // Default version tag if not specified + t.Logf("Upgrading from version: %s", lastVersionTag) // Uninstall the current version of EG diff --git a/tools/src/release-notes-docs/yml2md.py b/tools/src/release-notes-docs/yml2md.py index b3b31b6724d..67105c7f666 100755 --- a/tools/src/release-notes-docs/yml2md.py +++ b/tools/src/release-notes-docs/yml2md.py @@ -15,7 +15,7 @@ def format_date(date_str): return datetime.strptime(date_str, date_format).date() except ValueError: pass # If the format doesn't match, move to the next one - + raise ValueError(f"Date string '{date_str}' does not match any supported format.") def capitalize(name): @@ -46,19 +46,49 @@ def convert_yaml_to_markdown(input_yaml_file, output_markdown_path): file.write("Date: {}\n\n".format(data['date'])) - for area in data['changes']: - file.write("## {}\n".format(capitalize(area['area']))) - if 'change' in area: - file.write(change_to_markdown(area['change']) + '\n\n') + # old release notes format + if 'changes' in data: + for area in data['changes']: + file.write("## {}\n".format(capitalize(area['area']))) + if 'change' in area: + file.write(change_to_markdown(area['change']) + '\n\n') + + if 'breaking-change' in area: + file.write("### Breaking Changes\n") + file.write(change_to_markdown(area['breaking-change']) + '\n\n') + + if 'deprecation' in area: + file.write("### Deprecations\n") + file.write(change_to_markdown(area['deprecation']) + '\n\n') + # new release notes format + else: + if 'breaking changes' in data: + file.write("## {}\n".format(capitalize('breaking changes'))) + file.write(change_to_markdown(data['breaking changes']) + '\n\n') + + if 'security updates' in data: + file.write("## {}\n".format(capitalize('security updates'))) + file.write(change_to_markdown(data['security updates']) + '\n\n') + + if 'new features' in data: + file.write("## {}\n".format(capitalize('new features'))) + file.write(change_to_markdown(data['new features']) + '\n\n') + + if 'bug fixes' in data: + file.write("## {}\n".format(capitalize('bug fixes'))) + file.write(change_to_markdown(data['bug fixes']) + '\n\n') - if 'breaking-change' in area: - file.write("### Breaking Changes\n") - file.write(change_to_markdown(area['breaking-change']) + '\n\n') + if 'performance improvements' in data: + file.write("## {}\n".format(capitalize('performance improvements'))) + file.write(change_to_markdown(data['performance improvements']) + '\n\n') - if 'deprecation' in area: - file.write("### Deprecations\n") - file.write(change_to_markdown(area['deprecation']) + '\n\n') + if 'deprecations' in data: + file.write("## {}\n".format(capitalize('deprecations'))) + file.write(change_to_markdown(data['deprecations']) + '\n\n') + if 'Other changes' in data: + file.write("## {}\n".format(capitalize('Other changes'))) + file.write(change_to_markdown(data['Other changes']) + '\n\n') print("Markdown file '{}' has been generated.".format(output_markdown_file)) if __name__ == "__main__":