v1.2.0-rc.1

Breaking changes

• Gateway API GRPCRoute and ReferenceGrant v1alpha2 have been removed.
• Please refer to the Gateway API v1.2.0 documentation for more information.
• Removed default CPU limit of the Envoy Gateway deployment
• Changed default Envoy shutdown settings: drain strategy has been changed to immediate, default minDrainDuration, drainTimeout and terminationGracePeriodSeconds have been set to 10s, 60s and 360s respectively

New features

• Added support for Gateway-API v1.2.0
• Added support for IPv4/IPv6 Dual Stack for Envoy listeners and BackendRef resources
• Added support for EG standalone(host deployment) mode (experimental)
• Added support for JWT claims based Authorization in SecurityPolicy CRD
• Added support for Direct Response in HTTPRouteFilter CRD
• Added support for Response Override in BackendTrafficPolicy CRD
• Added support for RequestTimeout in BackendTrafficPolicy CRD
• Added support for inverting header matches for rate limit in BackendTrafficPolicy CRD
• Added support for client TLS session resumption in ClientTrafficPolicy CRD
• Added support for HTTPRouteFilter and path regex rewrite
• Added support for host header rewrite in HTTPRouteFilter CRD
• Added support for Listener Access Log in EnvoyProxy CRD
• Added support for Datadog tracing support in EnvoyProxy CRD
• Added support for request response sizes stats in EnvoyProxy CRD
• Added support for wildcard matching for CORS AllowMethods and AllowHeaders settings in SecurityPolicy CRD
• Added support for match conditions for access log in EnvoyProxy CRD
• Added support for using BackendCluster to represent OIDCProvider
• Added support for RecomputeRoute for ExtAuth in SecurityPolicy CRD
• Added support for sharing token cookies between multiple domains in SecurityPolicy CRD
• Added support for JSONPatches for proxy bootstrap modifications in EnvoyProxy CRD
• Added support for LB priority for non xRoute endpoints
• Added support for configuring the GRPC Health Checker in the BackendTrafficPolicy CRD
• Added support for early request header mutation in the ClientTrafficPolicy CRD
• Added support for JsonPath in the EnvoyPatchPolicy CRD
• Added support for cluster settings for tracing and access log backends in EnvoyProxy CRD
• Added support for cluster settings for non xRoute-generated backend refs
• Added support for socket buffer limit field in ClientTrafficPolicy and BackendTrafficPolicy CRD
• Added support for http2 upstream settings in BackendTrafficPolicy CRD
• Added support for DNS resolution settings in BackendTrafficPolicy CRD
• Added support for configuring service annotations in the Envoy Gateway helm chart
• Added support for configuring priorityClassName to Envoy Gateway helm chart
• Added support for ratelimit metrics monitoring in grafana in the addons helm chart
• Added support for default user group and user id for the SecurityContexts in the Envoy Gateway helm chart
• Added support for maxUnavailable in the PodDisruptionBudget in the Envoy Gateway helm chart
• Added support for configuring NodeSelector in the Envoy Gateway helm chart
• Added support for nonce in the OIDC auth flow
• Added support for choosing an HTTPRoute's non-wildcard hostname as the default Host
• Added support for returning 500 when EnvoyExtensionTrafficPolicy translation fails
• Added support for returning 500 when SecurityPolicy translation fails
• Added support for multiple backendRefs for ExtAuth and ExtProc
• Added support for session persistence in HTTPRoute rules
• Added support for the Backend resource for ExtAuth
• Added support for target selectors on Envoy Gateway Extension Server policies
• Added support for non-Kubernetes Backends for TLSRoute
• Added support for fallback to the Backend API
• Added support for reloadable EnvoyGateway configuration
• Added support for adding Labels to the Envoy Service
• Added support for custom name for ratelimit deployment
• Added default SecurityContext for EG components
• Added startupProbe to all provisioned containers
• Added support for local validations for egctl translate and file provider
• Added support for egctl x collect to collect information from the cluster for debugging
• Added support for a native prometheus metrics endpoint in the ratelimit server

Bug fixes

• Fixed unsupported listener protocol type causing an error while updating Gateway Status
• Fixed some status updates were being discarded by the status updater
• Fixed Gateway crash adding BackendTLSPolicy to External Backend of an HTTPRoute
• Fixed Delay in SecurityPolicy change propagation for HTTPRoute when using targetSelectors
• Fixed JSONPath not correctly translated to JSONPatch paths
• Fixed allow empty slowStart when using LeastRequest
• Fixed Backends which should be rejected are still used as an HTTPRoute's destination
• Fixed losing timeout settings that originate from the route when translating the backend traffic policy
• Fixed Backend resources don't get status updates
• Fixed Active Health check requires expectedStatuses field to work
• Fixed HTTPHeaderFilter processing doesn't correctly support multiple header values
• Fixed multiple reference grants in same namespace
• Fixed upstream get unwanted /.
• Fixed creation of SecurityPolicy with targetSelectors fails
• Fixed wrong gateway is chosen as HTTPRoute parent
• Fixed override issue for EEP
• Fixed nil pointer err translating hash load balancing
• Fixed ratelimit does not work across multiple GatewayClasses
• Fixed upstream mTLS only works for HTTPS listeners
• Fixed nil pointer if backedtls.minVersion is set but backedtls.maxVersion is not
• Fixed empty connection limit causes XDS rejection
• Fixed ratelimit not working with both headers and cidr matches
• Fixed EDS didn't update when deployments was created after services
• Fixed RBAC issue for deleting infrastructure resources
• Fixed customized infrastructure resources not being deleted
• Fixed Gateways never become ready/programmed when running Envoy as a Daemonset
• Fixed Ratelimit Deployment ignoring pod labels and annotation merge
• Fixed the API Server receives unnecessary requests
• Fixed terminating envoy pods don't respond with "Connection: close" (H1) or GOAWAY(H2) on shutdown, switch to an immediate drain strategy
• Fixed ratelimit statsd not working
• Fixed not generating selector of deployment/daemonset based on the custom label configuration of EnvoyProxy
• Fixed egctl experimental translate using a wrong ns

Performance improvements

• Fixed repeated resources and optimize memory usage

Other changes

• Removed grafana test framework from the addons helm chart
• Disabled ALPN for non-HTTP routes
• Added statPrefix for HCM and TCPProxy
• Enabled GatewayHTTPListenerIsolation conformance test
• Enabled GRPC conformance profile
• Enabled HTTPRouteBackendRequestHeaderModifier conformance test
• Added e2e test for Daemonset mode
• Updated upgrades tests to use VERSION env variable
• Fixed OVS scanner wrong license warnings
• Added e2e test for TLS session resumption
• Added heap profile into benchmark report
• Added e2e test for RecomputeRoute in ExtAuth
• Added benchmark memory profiles into report
• Fixed flaky gateway_with_conflicted_listener_cannot_be_merged e2e test
• Fixed flaky Zipkin Tracing e2e test
• Added e2e test for cookie based consistent hash load balancing
• Added e2e test for load balancing
• Fixed flaky authorization tests
• Enabled upgrade test
• Fixed flaky basic auth e2e test
• Enabled use-client-protocol e2e test
• Added performance benchmarking test for 1000 HTTPRoutes
• Added e2e test for Datadog tracing
• Added e2e tests for ratelimit invert matching headers
• Reduced readinessProbe failureThreshold and periodSeconds
• Bumped go-control-plane to v0.13.1

What's changed

• fix quickstart link in helm chart by @zhaohuabing in #3793
• fix release note file name by @guydc in #3792
• build(deps): bump golang.org/x/sys from 0.21.0 to 0.22.0 by @dependabot in #3780
• build(deps): bump distroless/static from e9ac71e to 8dd8d3c in /tools/docker/envoy-gateway by @dependabot in #3778
• build(deps): bump fortio.org/log from 1.12.2 to 1.14.0 by @dependabot in #3782
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #3783
• docs: move release-notes out of version by @zirain in #3765
• ci: update cherry-pick v1.1.0 by @guydc in #3803
• doc: how to build a wasm image by @zhaohuabing in #3806
• Use Wasm instead of WASM by @mathetake in #3812
• docs: generate v1.1.0-rc.1 release note by @Xunzhuo in #3794
• chore: release-notes-docs be part of generate by @zirain in #3815
• fix: enable client timeout test by @guydc in #3811
• chore: add benchmark report into release artifacts by @shawnh2 in #3756
• docs: fix grafana link by @zirain in #3818
• e2e: make sure ALS server is ready by @zirain in #3816
• Revert "docs: fix grafana link" by @zirain in #3822
• feat: support target selectors on Envoy Gateway Extension Server policies by @liorokman in #3800
• docs: updating the documentation for Extensio...

latest

This is the "latest" release of Envoy Gateway, which contains the most recent commits from the main branch.

This release might not be stable.

It is only intended for developers wishing to try out the latest features in Envoy Gateway, some of which may not be fully implemented.

We use v0.0.0-latest as the latest chart version to install latest envoy-gateway:

helm install eg oci://docker.io/envoyproxy/gateway-helm --version v0.0.0-latest -n envoy-gateway-system --create-namespace

Try latest version of egctl with:

curl -Ls https://gateway.envoyproxy.io/get-egctl.sh | VERSION=latest bash

v1.1.2

What's Changed

• [release/v1.1] Cherry-Pick #4279, #4296, #4230 by @guydc in #4315
• [release/v1.1] Bump EnvoyProxy to v1.32.2 by @arkodg in #4294
• [release/v1.1] Release v1.1.2 by @guydc in #4323

Full Changelog: v1.1.1...v1.1.2

v1.1.1

Release Announcement

Check out the v1.1.1 release notes to learn more about the release.

What's Changed

• [release/v1.1] fix: change the wasm download URL to point to the envoy examples repo… by @arkodg in #4151
• [release/v1.1] Pin ratelimit image to 26f28d78 by @arkodg in #4088
• [release/v1.1] Cherry-pick commits for v1.1.1 by @arkodg in #4173
• [release-1.1] fix: allow empty slowStart when using LeastRequest by @zirain in #4211
• [release/v1.1] fix: reject invalid backends in route validation (#4209) by @guydc in #4212
• [release/v1.1] cherry pick #4219 by @guydc in #4220
• [release/v1.1] release: v1.1.1 by @guydc in #4221

Full Changelog: v1.1.0...v1.1.1

v1.1.0

Release Announcement

Check out the v1.1 release announcement to learn more about the release.

What's Changed

• ci: update cherry-pick v1.0.0 by @Xunzhuo in #2784
• fix: add missing release notes details and re organize it by @Xunzhuo in #2785
• e2e: backend upgrade test by @guydc in #2725
• chore: add testdata to passive health checks by @deszhou in #2788
• promote: guydc as maintainer by @Xunzhuo in #2794
• fix: Delete unused status keys from watchable by @uniglot in #2782
• docs: fix commands in basic auth example by @arkodg in #2791
• feat: Support WellKnownSystemCerts in BackendTLSPolicy by @liorokman in #2804
• docs: refactor user guides by @Xunzhuo in #2797
• Fix gen check by @Xunzhuo in #2814
• refactor: set instead of map for mergeGateways by @deszhou in #2803
• remove: support for hostnetwork by @Xunzhuo in #2815
• feat(egctl): add support for egctl to translate from gateway-api resources to IR by @liorokman in #2799
• docs: basic auth example use https by @phantooom in #2806
• chore: group go.opentelemetry.io dependabot by @zirain in #2821
• Add referenced BackendRefs for ExtAuth to Resource Tree by @zhaohuabing in #2795
• fix bootstrap merge by @zirain in #2801
• fix: skip the ReasonTargetNotFound for all policies by @shawnh2 in #2802
• docs: update EnvoyProxy logs by @zirain in #2822
• fix: omit default replicas on Kubernetes Deployment by @ardikabs in #2816
• bug: compute endpointType for all protocol types by @arkodg in #2833
• docs: Routing outside k8s by @arkodg in #2831
• build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #2825
• build(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 by @dependabot in #2826
• build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #2827
• Fix: failed to create envoy-oidc-hmac secret when upgrading EG by @zhaohuabing in #2835
• build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in #2829
• Ext auth e2e tests by @zhaohuabing in #2830
• fix existing secret check by @zirain in #2838
• ci: update k8s matrix by @zirain in #2836
• e2e: try to fix client timeout flakes by @zirain in #2812
• feat: Support Upstream TLS to multiple Backends by @liorokman in #2818
• e2e: move drain settings into shutdown settings by @arkodg in #2850
• docs: mtls to the gateway by @arkodg in #2851
• ignore finalizers when comparing envoy proxy svc by @arkodg in #2856
• Chore: remove the uncessary allAssociatedRefGrants from resourceMappings by @zhaohuabing in #2843
• docs: allow users to configure custom certs for control plane auth by @zirain in #2847
• add e2e tests for ext auth with grpc auth service by @zhaohuabing in #2841
• fix: Address race condition disrupting graceful shutdown process by @davidalger in #2864
• docs: move Design docs under "Get Involved" by @arkodg in #2857
• e2e: backend TLS policy by @guydc in #2853
• Update the user doc for OIDC by @zhaohuabing in #2778
• add ADOPTERS.md by @zhaohuabing in #2865
• build(deps): bump softprops/action-gh-release from 1 to 2 by @dependabot in #2867
• build(deps): bump github.com/bufbuild/buf from 1.29.0 to 1.30.0 in /tools/src/buf by @dependabot in #2870
• build(deps): bump github.com/prometheus/common from 0.49.0 to 0.50.0 by @dependabot in #2871
• build(deps): bump fortio.org/fortio from 1.63.3 to 1.63.4 by @dependabot in #2873
• Add tetrate to adopters by @zhaohuabing in #2874
• fix: Don't override the ALPN array if HTTP/3 is enabled. by @liorokman in #2876
• [e2e] eg release upgrade test by @alexwo in #2862
• Docs for ext auth by @zhaohuabing in #2868
• Remove the uncessary \ by @zhaohuabing in #2883
• docs: backend tls policy by @guydc in #2884
• feat: add PolicyStatus for BackendTrafficPolicy by @shawnh2 in #2846
• Change the Merge behavior to Replace for SecurityPolicy by @zhaohuabing in #2885
• e2e: add weighted backend by @ShyunnY in #2863
• http3: use service port in alt-svc header by @arkodg in #2886
• bug: add h3 alpn by default if http3 is enabled by @arkodg in #2887
• fix: prevent policies targeting non-TLS listeners on the same port from conflicting by @liorokman in #2786
• chore: remove ProcessBackendTLSPoliciesAncestorRef by @zhaohuabing in #2845
• Change the Merge behavior to Replace for BackendTrafficPolicy by @zhaohuabing in #2888
• shutdown drainTimeout should also affect envoy drain time by @arkodg in #2898
• skip publishing empty status for policies by @arkodg in #2902
• docs: multiple gatewayclass and merge gateways deployment mode by @cnvergence in #2881
• feat: add PolicyStatus for ClientTrafficPolicy by @shawnh2 in #2895
• Use gwapiv1a2.PolicyStatus for SecurityPolicy Status by @zhaohuabing in #2848
• Fix oidc doc by @zhaohuabing in #2905
• Release v1.0 by @Xunzhuo in #2909
• fix: deployment-mode doc markdown links by @cnvergence in #2912
• fix: QUIC listeners should only advertise HTTP/3 over ALPN, and not HTTP/2 and HTTP/1.1 by @liorokman in #2907
• e2e: graceful envoy shutdown by @guydc in #2839
• feat: add PolicyStatus for EnvoyPatchPolicy by @shawnh2 in #2910
• chore: improve docs-serve by @zirain in #2920
• api: increase rate-limit global rules limit by @ShyunnY in #2906
• docs: add Envoy Gateway threat model by @edurra in #2915
• Remove duplicated http filters for ExtAuth by @zhaohuabing in #2893
• feat: expose prom port in rl svc by @ShyunnY in #2914
• blog post for v1.0 by @arkodg in #2923
• rm extra "that" from blog by @arkodg in #2928
• docs: %s/Application/API/g by @arkodg in #2929
• Pin version to v1.0.0 in 1.0.0 docs by @zhaohuabing in #2933
• Run certgen when upgrading by @zhaohuabing in #2934
• chore: use v1.0.0 as default for upgrade test by @guydc in #2938
• api: connection limits by @guydc in #2709
• docs: fix name spelling in threat model by @mrcdb in #2936
• api: support failOpen in ext auth by @deszhou in #2908
• API: EnvoyExtensionPolicy by @guydc in #2570
• chore: add helm template test by @zirain in #2935
• fix: install-egctl doc dead link by @deszhou in #2916
• chore: fix helm-template by @zirain in #2943
• e2e: use default shut...

v1.1.0-rc.1

What's Changed

• ci: update cherry-pick v1.0.0 by @Xunzhuo in #2784
• fix: add missing release notes details and re organize it by @Xunzhuo in #2785
• e2e: backend upgrade test by @guydc in #2725
• chore: add testdata to passive health checks by @deszhou in #2788
• promote: guydc as maintainer by @Xunzhuo in #2794
• fix: Delete unused status keys from watchable by @uniglot in #2782
• docs: fix commands in basic auth example by @arkodg in #2791
• feat: Support WellKnownSystemCerts in BackendTLSPolicy by @liorokman in #2804
• docs: refactor user guides by @Xunzhuo in #2797
• Fix gen check by @Xunzhuo in #2814
• refactor: set instead of map for mergeGateways by @deszhou in #2803
• remove: support for hostnetwork by @Xunzhuo in #2815
• feat(egctl): add support for egctl to translate from gateway-api resources to IR by @liorokman in #2799
• docs: basic auth example use https by @phantooom in #2806
• chore: group go.opentelemetry.io dependabot by @zirain in #2821
• Add referenced BackendRefs for ExtAuth to Resource Tree by @zhaohuabing in #2795
• fix bootstrap merge by @zirain in #2801
• fix: skip the ReasonTargetNotFound for all policies by @shawnh2 in #2802
• docs: update EnvoyProxy logs by @zirain in #2822
• fix: omit default replicas on Kubernetes Deployment by @ardikabs in #2816
• bug: compute endpointType for all protocol types by @arkodg in #2833
• docs: Routing outside k8s by @arkodg in #2831
• build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #2825
• build(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 by @dependabot in #2826
• build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #2827
• Fix: failed to create envoy-oidc-hmac secret when upgrading EG by @zhaohuabing in #2835
• build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in #2829
• Ext auth e2e tests by @zhaohuabing in #2830
• fix existing secret check by @zirain in #2838
• ci: update k8s matrix by @zirain in #2836
• e2e: try to fix client timeout flakes by @zirain in #2812
• feat: Support Upstream TLS to multiple Backends by @liorokman in #2818
• e2e: move drain settings into shutdown settings by @arkodg in #2850
• docs: mtls to the gateway by @arkodg in #2851
• ignore finalizers when comparing envoy proxy svc by @arkodg in #2856
• Chore: remove the uncessary allAssociatedRefGrants from resourceMappings by @zhaohuabing in #2843
• docs: allow users to configure custom certs for control plane auth by @zirain in #2847
• add e2e tests for ext auth with grpc auth service by @zhaohuabing in #2841
• fix: Address race condition disrupting graceful shutdown process by @davidalger in #2864
• docs: move Design docs under "Get Involved" by @arkodg in #2857
• e2e: backend TLS policy by @guydc in #2853
• Update the user doc for OIDC by @zhaohuabing in #2778
• add ADOPTERS.md by @zhaohuabing in #2865
• build(deps): bump softprops/action-gh-release from 1 to 2 by @dependabot in #2867
• build(deps): bump github.com/bufbuild/buf from 1.29.0 to 1.30.0 in /tools/src/buf by @dependabot in #2870
• build(deps): bump github.com/prometheus/common from 0.49.0 to 0.50.0 by @dependabot in #2871
• build(deps): bump fortio.org/fortio from 1.63.3 to 1.63.4 by @dependabot in #2873
• Add tetrate to adopters by @zhaohuabing in #2874
• fix: Don't override the ALPN array if HTTP/3 is enabled. by @liorokman in #2876
• [e2e] eg release upgrade test by @alexwo in #2862
• Docs for ext auth by @zhaohuabing in #2868
• Remove the uncessary \ by @zhaohuabing in #2883
• docs: backend tls policy by @guydc in #2884
• feat: add PolicyStatus for BackendTrafficPolicy by @shawnh2 in #2846
• Change the Merge behavior to Replace for SecurityPolicy by @zhaohuabing in #2885
• e2e: add weighted backend by @ShyunnY in #2863
• http3: use service port in alt-svc header by @arkodg in #2886
• bug: add h3 alpn by default if http3 is enabled by @arkodg in #2887
• fix: prevent policies targeting non-TLS listeners on the same port from conflicting by @liorokman in #2786
• chore: remove ProcessBackendTLSPoliciesAncestorRef by @zhaohuabing in #2845
• Change the Merge behavior to Replace for BackendTrafficPolicy by @zhaohuabing in #2888
• shutdown drainTimeout should also affect envoy drain time by @arkodg in #2898
• skip publishing empty status for policies by @arkodg in #2902
• docs: multiple gatewayclass and merge gateways deployment mode by @cnvergence in #2881
• feat: add PolicyStatus for ClientTrafficPolicy by @shawnh2 in #2895
• Use gwapiv1a2.PolicyStatus for SecurityPolicy Status by @zhaohuabing in #2848
• Fix oidc doc by @zhaohuabing in #2905
• Release v1.0 by @Xunzhuo in #2909
• fix: deployment-mode doc markdown links by @cnvergence in #2912
• fix: QUIC listeners should only advertise HTTP/3 over ALPN, and not HTTP/2 and HTTP/1.1 by @liorokman in #2907
• e2e: graceful envoy shutdown by @guydc in #2839
• feat: add PolicyStatus for EnvoyPatchPolicy by @shawnh2 in #2910
• chore: improve docs-serve by @zirain in #2920
• api: increase rate-limit global rules limit by @ShyunnY in #2906
• docs: add Envoy Gateway threat model by @edurra in #2915
• Remove duplicated http filters for ExtAuth by @zhaohuabing in #2893
• feat: expose prom port in rl svc by @ShyunnY in #2914
• blog post for v1.0 by @arkodg in #2923
• rm extra "that" from blog by @arkodg in #2928
• docs: %s/Application/API/g by @arkodg in #2929
• Pin version to v1.0.0 in 1.0.0 docs by @zhaohuabing in #2933
• Run certgen when upgrading by @zhaohuabing in #2934
• chore: use v1.0.0 as default for upgrade test by @guydc in #2938
• api: connection limits by @guydc in #2709
• docs: fix name spelling in threat model by @mrcdb in #2936
• api: support failOpen in ext auth by @deszhou in #2908
• API: EnvoyExtensionPolicy by @guydc in #2570
• chore: add helm template test by @zirain in #2935
• fix: install-egctl doc dead link by @deszhou in #2916
• chore: fix helm-template by @zirain in #2943
• e2e: use default shutdown mgr settings in upgrade test suite by @guydc in #2946
• refactor: collapse eg-metrics-svc into eg-svc by @...

v1.0.2

Date: June 12, 2024

Installation

• Updated EnvoyProxy to 1.29.5
• Use Patch API for infra-client
• Use ServerSideApply instead of CreateOrUpdate for infra-client

Testing

• Fixed failures due to an expired certificate in one of the translator tests

Translator

• Use - for naming service and container ports
• Added proxy protocol always as first listenerFilter
• Set ignoreCase for header matchers in extAuth
• Added backend TLS SAN validation
• Fixed ReplaceFullPath not working for root path (/)

Providers

• Fixed duplicated xroutes are added to gatewayapi Resources
• Fixed security policy reference grant from field type
• Fixed Route extension filters with different types but the same name and namespace aren't correctly cached
• Fixed secrets/configmap updates to trigger a controller reconcile by removing the generationChanged predicate
• Removed namespace restriction for EnvoyProxy parametersRef

v1.0.1

Release Announcement

Check out the v1.0.1 release note to learn more about this patch release 🎉

v1.0.0

Release Announcement

Check out the v1.0 release announcement to learn more about the GA release 🎉

What's Changed

• Fix TestE2E/RateLimitBasedJwtClaims test by @zhaohuabing in #2097
• add a newer PR reference in rc release docs by @arkodg in #2101
• fix: panic when using nil xdsRouteAction by @Xunzhuo in #2104
• remove cors, jwt, rl assignment from route translator by @arkodg in #2105
• fix: use lowercases of eg admin config fields by @Xunzhuo in #2107
• fix: testGatewayClassWithParamRef e2e test flaky by @Xunzhuo in #2114
• build(deps): bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 by @dependabot in #2118
• build(deps): bump github.com/bufbuild/buf from 1.27.1 to 1.27.2 in /tools/src/buf by @dependabot in #2121
• build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by @dependabot in #2117
• build(deps): bump envoyproxy/toolshed from actions-v0.0.25 to 0.1.2 by @dependabot in #2116
• build(deps): bump actions/setup-node from 3 to 4 by @dependabot in #2115
• chore: add more EnvoyProxy cases by @zirain in #2120
• build(deps): bump github.com/golangci/golangci-lint from 1.55.0 to 1.55.1 in /tools/src/golangci-lint by @dependabot in #2119
• feat: CEL Validation in BackendTrafficPolicy by @slayer321 in #2110
• e2e: eg controlplane metrics by @zirain in #2106
• chore: fix http2_protocol_options warning message by @tmsnan in #2048
• fix Failed to update SecurityPolicy status by @zhaohuabing in #2128
• fix: add missing status equal for SecurityPolicy by @Xunzhuo in #2134
• fix jwt doc by @zhaohuabing in #2135
• Bump Gateway API to v1.0.0 by @arkodg in #2142
• Enable HTTPRouteRewritePath test by @arkodg in #2112
• helm: remove kube-rbac-proxy and update metrics service by @Xunzhuo in #2108
• doc: user doc for CORS by @zhaohuabing in #2137
• fix(ci): bump go version to 1.21 by @Xunzhuo in #2144
• conformance: Enable HTTPRouteBackendProtocolH2C conformance test by @zirain in #2136
• Fix attachedRoutes computation by @arkodg in #2085
• fix comments in loadbalancer api by @tmsnan in #2145
• fix(docs): incorrect quickstart links by @Xunzhuo in #2146
• fix: null pointer when CORS maxAge is not specified by @zhaohuabing in #2133
• Prep v0.6 release by @arkodg in #2152
• fix: matrix link in release note by @Xunzhuo in #2157
• docs: move announcements on top by @Xunzhuo in #2158
• chore: refactor string match by @zhaohuabing in #2102
• build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #2161
• build(deps): bump github.com/go-logr/zapr from 1.2.4 to 1.3.0 by @dependabot in #2162
• docs: fix invalid title in cors by @shawnh2 in #2173
• test: add e2e test for CORS by @ardikabs in #2169
• docs: fix typo in bootstrap example by @akhenakh in #2171
• build(deps): bump github.com/golangci/golangci-lint from 1.55.1 to 1.55.2 in /tools/src/golangci-lint by @dependabot in #2164
• build(deps): bump envoyproxy/toolshed from actions-v0.1.2 to 0.1.15 by @dependabot in #2163
• opt: move gateway namespace mode to common helper by @Xunzhuo in #2129
• build(deps): bump github.com/bufbuild/buf from 1.27.2 to 1.28.0 in /tools/src/buf by @dependabot in #2184
• build(deps): bump yamllint from 1.32.0 to 1.33.0 in /tools/src/yamllint by @dependabot in #2183
• build(deps): bump envoyproxy/toolshed from actions-v0.1.15 to 0.1.39 by @dependabot in #2182
• build(deps): bump go.opentelemetry.io/otel/metric from 1.19.0 to 1.20.0 by @dependabot in #2181
• build(deps): bump go.opentelemetry.io/otel from 1.19.0 to 1.20.0 by @dependabot in #2179
• build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc from 0.42.0 to 0.43.0 by @dependabot in #2177
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.42.0 to 0.43.0 by @dependabot in #2180
• feat: add CEL validation for EnvoyProxy telemetry by @shawnh2 in #2050
• docs: http to https redirect user guide by @ionutvilie in #2167
• feat: OIDC Gateway API by @zhaohuabing in #2122
• Default ctrl plane cert expiry time to 5 years by @arkodg in #2175
• Fix weighted route by @zhaohuabing in #2187
• Add E2E Tests for UDPRoute by @cnvergence in #2140
• api: add proxyProtocol in BackendTrafficPolicy by @arkodg in #2189
• doc: small patch cert-manager doc better experience by @tanujd11 in #2197
• docs: update gatewayapi resources version and fix dead link by @shawnh2 in #2190
• api: tcpKeepAlive in BackendTrafficPolicy by @arkodg in #2194
• e2e: tests for TCPRoute by @slayer321 in #2109
• api: enableProxyProtocol in ClientTrafficPolicy by @arkodg in #2188
• OIDC xds translation by @zhaohuabing in #2191
• feat: basic auth API by @zhaohuabing in #2199
• fix: xds translation return early, should be done in a best-effort manner by @zhaohuabing in #2202
• chore: update egctl install cmd by @Xunzhuo in #2218
• build(deps): bump the k8s-io group with 3 updates by @dependabot in #2212
• build(deps): bump github.com/bufbuild/buf from 1.28.0 to 1.28.1 in /tools/src/buf by @dependabot in #2217
• build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 0.42.0 to 0.44.0 by @dependabot in #2216
• build(deps): bump envoyproxy/toolshed from actions-v0.1.39 to 0.1.54 by @dependabot in #2211
• build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc from 0.43.0 to 0.44.0 by @dependabot in #2214
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.43.0 to 0.44.0 by @dependabot in #2213
• feat: proxy protocol in ClientTrafficPolicy by @arkodg in #2203
• fix: trim hyphen suffix in resource name by @cnvergence in #2222
• refactor: simplify filter patching with an unified interface by @zhaohuabing in #2210
• feat: add support to extract from different identifier on JWT by @ardikabs in #2206
• feat: proxyProtocol in BackendTrafficPolicy by @arkodg in #2192
• feat:support slow start mode by @tmsnan in #2219
• docs: fix broken format on JWT by @ardikabs in #2240
• docs: update version matrix by @Xunzhuo in #2237
• build(deps): bump github.com/miekg/dns from 1.1.46 to 1.1.57 by @dependabot in #2243
• build(deps): bump envoyproxy/toolshed from actions-v0.1.54 to 0.1.65 by @dependabot in #2242
• chore: add helm lint by @misstick86 in #2174
• feat: basic auth impl by @zhaohuabing in #2224
• update k8s version in compatibility matrix by @arkodg in #2245
• user docs for basic auth by @zhaohuabing in https://github.com/envoyproxy/gate...

v1.0.0-rc.1

What's Changed

• Fix TestE2E/RateLimitBasedJwtClaims test by @zhaohuabing in #2097
• add a newer PR reference in rc release docs by @arkodg in #2101
• fix: panic when using nil xdsRouteAction by @Xunzhuo in #2104
• remove cors, jwt, rl assignment from route translator by @arkodg in #2105
• fix: use lowercases of eg admin config fields by @Xunzhuo in #2107
• fix: testGatewayClassWithParamRef e2e test flaky by @Xunzhuo in #2114
• build(deps): bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 by @dependabot in #2118
• build(deps): bump github.com/bufbuild/buf from 1.27.1 to 1.27.2 in /tools/src/buf by @dependabot in #2121
• build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by @dependabot in #2117
• build(deps): bump envoyproxy/toolshed from actions-v0.0.25 to 0.1.2 by @dependabot in #2116
• build(deps): bump actions/setup-node from 3 to 4 by @dependabot in #2115
• chore: add more EnvoyProxy cases by @zirain in #2120
• build(deps): bump github.com/golangci/golangci-lint from 1.55.0 to 1.55.1 in /tools/src/golangci-lint by @dependabot in #2119
• feat: CEL Validation in BackendTrafficPolicy by @slayer321 in #2110
• e2e: eg controlplane metrics by @zirain in #2106
• chore: fix http2_protocol_options warning message by @tmsnan in #2048
• fix Failed to update SecurityPolicy status by @zhaohuabing in #2128
• fix: add missing status equal for SecurityPolicy by @Xunzhuo in #2134
• fix jwt doc by @zhaohuabing in #2135
• Bump Gateway API to v1.0.0 by @arkodg in #2142
• Enable HTTPRouteRewritePath test by @arkodg in #2112
• helm: remove kube-rbac-proxy and update metrics service by @Xunzhuo in #2108
• doc: user doc for CORS by @zhaohuabing in #2137
• fix(ci): bump go version to 1.21 by @Xunzhuo in #2144
• conformance: Enable HTTPRouteBackendProtocolH2C conformance test by @zirain in #2136
• Fix attachedRoutes computation by @arkodg in #2085
• fix comments in loadbalancer api by @tmsnan in #2145
• fix(docs): incorrect quickstart links by @Xunzhuo in #2146
• fix: null pointer when CORS maxAge is not specified by @zhaohuabing in #2133
• Prep v0.6 release by @arkodg in #2152
• fix: matrix link in release note by @Xunzhuo in #2157
• docs: move announcements on top by @Xunzhuo in #2158
• chore: refactor string match by @zhaohuabing in #2102
• build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #2161
• build(deps): bump github.com/go-logr/zapr from 1.2.4 to 1.3.0 by @dependabot in #2162
• docs: fix invalid title in cors by @shawnh2 in #2173
• test: add e2e test for CORS by @ardikabs in #2169
• docs: fix typo in bootstrap example by @akhenakh in #2171
• build(deps): bump github.com/golangci/golangci-lint from 1.55.1 to 1.55.2 in /tools/src/golangci-lint by @dependabot in #2164
• build(deps): bump envoyproxy/toolshed from actions-v0.1.2 to 0.1.15 by @dependabot in #2163
• opt: move gateway namespace mode to common helper by @Xunzhuo in #2129
• build(deps): bump github.com/bufbuild/buf from 1.27.2 to 1.28.0 in /tools/src/buf by @dependabot in #2184
• build(deps): bump yamllint from 1.32.0 to 1.33.0 in /tools/src/yamllint by @dependabot in #2183
• build(deps): bump envoyproxy/toolshed from actions-v0.1.15 to 0.1.39 by @dependabot in #2182
• build(deps): bump go.opentelemetry.io/otel/metric from 1.19.0 to 1.20.0 by @dependabot in #2181
• build(deps): bump go.opentelemetry.io/otel from 1.19.0 to 1.20.0 by @dependabot in #2179
• build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc from 0.42.0 to 0.43.0 by @dependabot in #2177
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.42.0 to 0.43.0 by @dependabot in #2180
• feat: add CEL validation for EnvoyProxy telemetry by @shawnh2 in #2050
• docs: http to https redirect user guide by @ionutvilie in #2167
• feat: OIDC Gateway API by @zhaohuabing in #2122
• Default ctrl plane cert expiry time to 5 years by @arkodg in #2175
• Fix weighted route by @zhaohuabing in #2187
• Add E2E Tests for UDPRoute by @cnvergence in #2140
• api: add proxyProtocol in BackendTrafficPolicy by @arkodg in #2189
• doc: small patch cert-manager doc better experience by @tanujd11 in #2197
• docs: update gatewayapi resources version and fix dead link by @shawnh2 in #2190
• api: tcpKeepAlive in BackendTrafficPolicy by @arkodg in #2194
• e2e: tests for TCPRoute by @slayer321 in #2109
• api: enableProxyProtocol in ClientTrafficPolicy by @arkodg in #2188
• OIDC xds translation by @zhaohuabing in #2191
• feat: basic auth API by @zhaohuabing in #2199
• fix: xds translation return early, should be done in a best-effort manner by @zhaohuabing in #2202
• chore: update egctl install cmd by @Xunzhuo in #2218
• build(deps): bump the k8s-io group with 3 updates by @dependabot in #2212
• build(deps): bump github.com/bufbuild/buf from 1.28.0 to 1.28.1 in /tools/src/buf by @dependabot in #2217
• build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 0.42.0 to 0.44.0 by @dependabot in #2216
• build(deps): bump envoyproxy/toolshed from actions-v0.1.39 to 0.1.54 by @dependabot in #2211
• build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc from 0.43.0 to 0.44.0 by @dependabot in #2214
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.43.0 to 0.44.0 by @dependabot in #2213
• feat: proxy protocol in ClientTrafficPolicy by @arkodg in #2203
• fix: trim hyphen suffix in resource name by @cnvergence in #2222
• refactor: simplify filter patching with an unified interface by @zhaohuabing in #2210
• feat: add support to extract from different identifier on JWT by @ardikabs in #2206
• feat: proxyProtocol in BackendTrafficPolicy by @arkodg in #2192
• feat:support slow start mode by @tmsnan in #2219
• docs: fix broken format on JWT by @ardikabs in #2240
• docs: update version matrix by @Xunzhuo in #2237
• build(deps): bump github.com/miekg/dns from 1.1.46 to 1.1.57 by @dependabot in #2243
• build(deps): bump envoyproxy/toolshed from actions-v0.1.54 to 0.1.65 by @dependabot in #2242
• chore: add helm lint by @misstick86 in #2174
• feat: basic auth impl by @zhaohuabing in #2224
• update k8s version in compatibility matrix by @arkodg in #2245
• user docs for basic auth by @zhaohuabing in #2246
• chore: update otel collector chart version by @zirain in #2254
• fix flaky test by @zhaohuabing in...