artifacthub helm/envoy-gateway/gateway-helm 1.2.0
v1.2.0

latest release: 1.2.1
20 days ago

Envoy Gateway v1.2.0 Release Notes

Release Date: November 6, 2024

The Envoy Gateway v1.2.0 release brings a host of new features, performance improvements, and critical bug fixes to enhance networking, traffic management, and security. Explore the latest changes below.


🚨 Breaking Changes

  • Gateway API Updates: Removed support for the v1alpha2 versions for GRPCRoute and ReferenceGrant. See the Gateway API v1.2.0 documentation for details.
  • CPU Limits: Removed default CPU limit for Envoy Gateway deployment to avoid throttling.
  • Envoy Shutdown Settings: Drain strategy set to immediate, with default values as follows:
    • minDrainDuration: 10s
    • drainTimeout: 60s
    • terminationGracePeriodSeconds: 360s
  • Endpoint Health On Host Removal: Enabled ignore_health_on_host_removal for clusters with static endpoints to allow faster removal of endpoints that have been deleted by the control plane, without waiting for the results of an active health check.
  • Logging Level Adjustment: Set xDS and Infra IR logs to Debug level instead of Info, so they will no longer appear in Envoy Gateway logs by default. You can change the logging level to debug to view them.

✨ New Features

API & Traffic Management Enhancements

  • Gateway-API v1.2.0 Support: Fully compatible with the latest Gateway-API standards.
  • IPv4/IPv6 Dual Stack: Now available for EnvoyProxy fleet and BackendRef resources.
  • Standalone Mode: Experimental support for Envoy Gateway standalone (host deployment) mode.
  • Response Override: Added support for Response Override and RequestTimeout in BackendTrafficPolicy.
  • Active Passive Failover: Supported with the new fallback field in the Backend API.
  • Session Persistence in HTTPRoute: Session persistence is supported in HTTPRoute rules for stateful traffic management.
  • HTTPRouteFilter: Adds support for Direct Response and Path Regex Rewrites in HTTPRouteFilter

Security Enhancements

  • JWT Claims-Based Authorization: Advanced security control with claims-based policies in SecurityPolicy.
  • CORS Wildcard Matching: Wildcard matching for AllowMethods and AllowHeaders settings.
  • OIDC Flow Support: Added nonce support for OIDC authorization.

Observability & Tracing

  • Datadog Tracing Integration: Improved support for Datadog tracing in EnvoyProxy CRD.
  • Listener Access Logs: Adds support for configuring Listener level Access Logs for EnvoyProxy.
  • Native Prometheus Metrics: Introduced a Prometheus metrics endpoint for rate limit monitoring.

Helm Customization

  • SecurityContext Options: Customizable security context for improved deployment.
  • NodeSelector and PriorityClassName: Added for more granular deployment configuration.

🐞 Bug Fixes

  • Fixed xDS translation failure when the WASM HTTP code source was configured without an SHA.
  • Resolved unsupported listener protocol types causing errors in Gateway status updates.
  • Fixed BackendTLSPolicy causing crashes due to invalid sectionName in Backend configurations.
  • Fixed propagation delays in SecurityPolicy updates for HTTPRoute when using targetSelectors.
  • Improved JSONPath to JSONPatch translation accuracy.
  • Fixed unwanted / appearing in paths when using prefix rewrites.
  • Corrected nil pointer errors when configuring hash load balancing.
  • Fixed active health check issues where expectedStatuses was not functioning properly.
  • Ensured correct status updates for Backend resources and HTTPRoute.

🚀 Performance Improvements

  • Memory Optimization: Enhanced memory usage by eliminating redundant resource storage.

⚙️ Other Notable Changes

  • Envoy Upgrade: Now using Envoy v1.32.1 for added stability and performance.
  • Optional Alpha CRD Watching: Allows Envoy Gateway to run with older Gateway API versions.

For more information and full API documentation, please visit the Envoy Gateway Documentation.


This release strengthens Envoy Gateway with enhanced API support, security policies, and observability features to better serve high-demand environments.

What's Changed

  • fix quickstart link in helm chart by @zhaohuabing in #3793
  • fix release note file name by @guydc in #3792
  • build(deps): bump golang.org/x/sys from 0.21.0 to 0.22.0 by @dependabot in #3780
  • build(deps): bump distroless/static from e9ac71e to 8dd8d3c in /tools/docker/envoy-gateway by @dependabot in #3778
  • build(deps): bump fortio.org/log from 1.12.2 to 1.14.0 by @dependabot in #3782
  • build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #3783
  • docs: move release-notes out of version by @zirain in #3765
  • ci: update cherry-pick v1.1.0 by @guydc in #3803
  • doc: how to build a wasm image by @zhaohuabing in #3806
  • Use Wasm instead of WASM by @mathetake in #3812
  • docs: generate v1.1.0-rc.1 release note by @Xunzhuo in #3794
  • chore: release-notes-docs be part of generate by @zirain in #3815
  • fix: enable client timeout test by @guydc in #3811
  • chore: add benchmark report into release artifacts by @shawnh2 in #3756
  • docs: fix grafana link by @zirain in #3818
  • e2e: make sure ALS server is ready by @zirain in #3816
  • Revert "docs: fix grafana link" by @zirain in #3822
  • feat: support target selectors on Envoy Gateway Extension Server policies by @liorokman in #3800
  • docs: updating the documentation for Extension Servers and adding an example extension server by @liorokman in #3788
  • docs for ip allowlist/denylist by @zhaohuabing in #3784
  • docs: gRPC Access Log Service (ALS) sink by @zirain in #3768
  • docs: update v1.1.0-rc.1 release notes by @guydc in #3821
  • docs: add task for wasm extensions by @zhaohuabing in #3796
  • community: promote shawnh2 to maintainer and move qicz to emeritus by @Xunzhuo in #3760
  • chore: report a translate error to errChan to make it observed correctly by @sanposhiho in #3827
  • chore: upgrade to golang v1.22.5 by @sanposhiho in #3829
  • chore: add make lint.fix-golint to address auto fixable lint issues by @sanposhiho in #3828
  • docs: patch field within EnvoyService by @shawnh2 in #3820
  • accesslog: remove ALS gRPC initialMetadata by @zirain in #3751
  • docs: add fixed links to the current version of eg docs by @zhaohuabing in #3819
  • fix: backendtls minversion by @guydc in #3835
  • fix: enable use-client-protocol test by @guydc in #3825
  • fix: backendtls client cert by @guydc in #3839
  • fix: prevent xdsIR updates from overwriting RateLimit configs from other xdsIR by @sanposhiho in #3771
  • docs: use v[x.y] instead of v[x.y.z] by @zirain in #3836
  • e2e: fix basic auth flaky by @zirain in #3833
  • design: add wasm extension supports OCI image code source by @zhaohuabing in #3313
  • fix: enable upgrade test by @guydc in #3764
  • chore: go mod tidy by @zirain in #3842
  • fix flaky authorization tests by @zhaohuabing in #3844
  • build(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 by @dependabot in #3849
  • build(deps): bump fortio.org/fortio from 1.65.0 to 1.66.0 by @dependabot in #3848
  • build(deps): bump helm.sh/helm/v3 from 3.15.2 to 3.15.3 by @dependabot in #3850
  • chore: move UDP test resources out of the base by @zhaohuabing in #3857
  • chore: replace targetRef with targetRefs in e2e by @shawnh2 in #3858
  • docs: Remove the older versions from linkinator ignore list by @zirain in #3846
  • build(deps): bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 by @dependabot in #3854
  • build(deps): bump github.com/norwoodj/helm-docs from 1.13.0 to 1.14.2 in /tools/src/helm-docs by @dependabot in #3847
  • chore: move connection limit test resources out of the base by @zhaohuabing in #3859
  • build(deps): bump actions/setup-node from 4.0.2 to 4.0.3 by @dependabot in #3853
  • build(deps): bump google/osv-scanner-action from 1.8.1 to 1.8.2 by @dependabot in #3851
  • build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 in /tools/github-actions/setup-deps by @dependabot in #3855
  • build(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #3852
  • docs: add backend tls docs by @guydc in #3843
  • chore: move zipkin test resources out of the base by @zhaohuabing in #3864
  • chore: move tcp test resources out of the base by @zhaohuabing in #3863
  • docs: create concepts docs page and diagram by @missBerg in #3808
  • benchmark: enable prometheus to scrape metrics from by @shawnh2 in #3772
  • chore: move backend tls test resources out of the base by @zhaohuabing in #3862
  • chore: remove cherrypicker action by @zirain in #3831
  • chore: update linkinator comment by @zirain in #3870
  • chore: make format as part of gen-check by @zirain in #3877
  • chore: update LINKINATOR_IGNORE by @zirain in #3879
  • return 500 error for failed SecurityPolicies to avoid unauthorized access to xRoutes by @zhaohuabing in #3869
  • lint: update yamllint and codespell skip by @zirain in #3882
  • e2e: increase test timeout by @zirain in #3883
  • chore: client mtls test by @guydc in #3874
  • fix: nil pointer err during hash load balancing build by @shawnh2 in #3886
  • fix override issue for EEP by @zhaohuabing in #3881
  • accesslog: fix different CelMatches on AccessLog by @zirain in #3885
  • rm gateway-api translation error message from direct response by @arkodg in #3878
  • GetParentReferences should use namespace from RouteContext by @zirain in #3876
  • Add e2e test for load balancing by @shawnh2 in #3868
  • egctl: introduce egctl x collect by @zirain in #3775
  • e2e: add e2e test for cookie based consistent hash load balancing by @shawnh2 in #3890
  • enable HTTPRouteBackendRequestHeaderModifier test by @arkodg in #3891
  • disable writing into GatewayClass.Status.SupportedFeatures by @arkodg in #3888
  • validate for reconcile should check reference from EnvoyProxy by @zirain in #3895
  • chore: add grafonnet dashboards support by @shawnh2 in #3785
  • add startupProbe to all provisioned containers by @arkodg in #3893
  • e2e: move als test resources out of the base by @zirain in #3884
  • e2e: fix ZipkinTracing flaky by @zirain in #3899
  • doc: add load balancing usage by @shawnh2 in #3903
  • fix: typos in release notes by @Xunzhuo in #3909
  • fix: fix the CEL definitions to allow policies that use target selectors without explicit targetRefs by @liorokman in #3904
  • feat(logger): Add tlog for better test logging by @Manoramsharma in #3913
  • e2e: add hook to debug OIDC fail by @zirain in #3914
  • e2e: refactor and improve lb test by @zirain in #3912
  • tools: remove sphinx by @zirain in #3927
  • release v1.1.0 by @guydc in #3932
  • build(deps): bump github.com/google/go-containerregistry from 0.19.2 to 0.20.1 by @dependabot in #3924
  • build(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #3921
  • build(deps): bump softprops/action-gh-release from 2.0.6 to 2.0.8 by @dependabot in #3920
  • build(deps): bump fortio.org/log from 1.14.0 to 1.15.0 by @dependabot in #3926
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.95.1-0.20240707233129-f5f02f5a807c to 0.95.1 by @dependabot in #3925
  • doc: utilize hugo boilerplates for latest by @shawnh2 in #3910
  • fix: flaky e2e gateway_with_conflicted_listener_cannot_be_merged by @shawnh2 in #3911
  • docs: add helm-version and yaml-version shortcode by @zirain in #3766
  • fix: remove namespace in policies by @Xunzhuo in #3947
  • doc: authorization api by @zhaohuabing in #3949
  • chore: Update k8s by @zirain in #3936
  • chore: cleaning up EnvoyFilter types by @zhaohuabing in #3948
  • docs: add note for Mac user by @zirain in #3953
  • printing name of the target when a policy fails to attach by @sadovnikov in #3943
  • docs: use yaml-version for quickstart yaml by @zirain in #3952
  • chore: bump crd-ref-docs by @zirain in #3945
  • chore: add resoure requirements for statsd exporter by @zhaohuabing in #3957
  • build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #3964
  • build(deps): bump github.com/bufbuild/buf from 1.34.0 to 1.35.1 in /tools/src/buf by @dependabot in #3969
  • build(deps): bump github.com/docker/cli from 27.0.3+incompatible to 27.1.1+incompatible by @dependabot in #3968
  • build(deps): bump fortio.org/log from 1.15.0 to 1.16.0 by @dependabot in #3967
  • build(deps): bump github.com/docker/docker from 27.0.3+incompatible to 27.1.1+incompatible by @dependabot in #3966
  • build(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #3963
  • build(deps): bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in #3962
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.95.1 to 0.98.0 by @dependabot in #3965
  • chore: clean up cross ns checking for policies by @zhaohuabing in #3961
  • set default SecurityContext for EG components by @zhaohuabing in #3940
  • docs: fix dropdown by @zirain in #3975
  • conformance(experimental): enable grpc conformance profile by @Xunzhuo in #3976
  • add benchmark memory profiles into report by @shawnh2 in #3951
  • chore: udpate release mgmt docs and upgrade test by @guydc in #3979
  • feat: Support DNS resolution settings by @alexwo in #3974
  • feat(translator): Set statPrefix for HCM and TCPProxy by @aoledk in #3728
  • docs: fix missing heading self-links by @zirain in #3991
  • bugfix: fix upstream get unwanted /. by @qicz in #3990
  • feat(translator): http2 upstream settings by @guydc in #3682
  • refactor: clean envoygateway validate methods by @shawnh2 in #3997
  • build(deps): bump github.com/google/cel-go from 0.20.1 to 0.21.0 by @dependabot in #3999
  • api: add socket buffer limit field in ClientTrafficPolicy and BackendTrafficPolicy by @aoledk in #3724
  • feat: add support for cluster-level settings for non xRoute-generated backend refs by @liorokman in #3954
  • fix: change the wasm download URL to point to the envoy examples repository by @liorokman in #4014
  • fix: multiple reference grants in same namespace by @ardikabs in #4008
  • move upgrade notes to install section by @arkodg in #4013
  • bump golang.org/x/sys from 0.22.0 to 0.23.0 by @zhaohuabing in #4007
  • feat: support cluster settings for tracing and accesslog backends by @liorokman in #4012
  • reduce readinessProbe failureThreshold and periodSeconds by @arkodg in #4021
  • feat: Support the Backend resource for Ext-Auth by @zirain in #4016
  • feat: support session persistence in HTTPRouteRule by @sanposhiho in #3841
  • docs: Attach EnvoyProxy to Gateway by @arkodg in #4020
  • docs: Steps for migrating to Envoy Gateway by @Manoramsharma in #3973
  • fix: add header values as described in the documentation by @liorokman in #4031
  • build(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #4030
  • bugfix: fatal error: concurrent map writes by @qicz in #3986
  • bugfix: fix egctl experimental translate with error ns. by @qicz in #3984
  • build(deps): bump google/osv-scanner-action from 1.8.2 to 1.8.3 by @dependabot in #4029
  • feat(translator): JsonPath in PatchPolicy by @denniskniep in #3757
  • fix: backend tls docs by @guydc in #4039
  • build(deps): bump github.com/bufbuild/buf from 1.35.1 to 1.36.0 in /tools/src/buf by @dependabot in #4028
  • fix: not generate selector of deployment/daemonset based on the custom label configuration of EnvoyProxy by @sanposhiho in #3995
  • docs: correct concepts page by @zirain in #4040
  • update dependabot configuration by @zirain in #4041
  • feat(translator): early request header modifier by @guydc in #4004
  • docs: mark BackendRef in shared_types.go optional by @MdSahil-oss in #4058
  • build(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in #4051
  • chore: replace targetRef with targetRefs in doc by @shawnh2 in #4048
  • chore: bump deps by @zirain in #4045
  • chore: enable copyloopvar lint by @shawnh2 in #4047
  • feat: gateway http listener isolation by @levikobi in #4000
  • feat(translator): add support for configuring the GRPC Health Checker by @liorokman in #4046
  • fix: rename ServiceName to Service in the gRPC active health check structure. by @liorokman in #4063
  • build(deps): bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 by @dependabot in #4056
  • build(deps): bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2 by @dependabot in #4026
  • build(deps): bump helm.sh/helm/v3 from 3.15.3 to 3.15.4 by @dependabot in #4057
  • bump github.com/golangci/golangci-lint from 1.59.1 to 1.60.1 by @zirain in #4067
  • bump github.com/replicatedhq/troubleshoot from 0.98.0 to 0.99.0 by @zirain in #4065
  • feat: support LB priority for non xRoute endpoints by @alexwo in #4033
  • docs: added defaults for load balancing by @luvk1412 in #4071
  • use sets and return stable result by @zirain in #4074
  • docs: fix basic-auth.md formatting by @LiorLieberman in #4034
  • build(deps): bump sigs.k8s.io/kind from 0.23.0 to 0.24.0 in /tools/src/kind by @dependabot in #4077
  • build(deps): bump github.com/docker/cli from 27.1.1+incompatible to 27.1.2+incompatible by @dependabot in #4082
  • build(deps): bump github.com/ohler55/ojg from 1.22.1 to 1.24.0 by @dependabot in #4080
  • build(deps): bump github.com/bufbuild/buf from 1.36.0 to 1.37.0 in /tools/src/buf by @dependabot in #4076
  • chore: fix Unchanged files with check annotations by @zirain in #4075
  • fix ratelimit statsd not working by @zirain in #4073
  • chore: remove BackendTrafficPolicyConnection by @zhaohuabing in #4010
  • build(deps): bump github.com/docker/docker from 27.1.1+incompatible to 27.1.2+incompatible by @dependabot in #4079
  • fix: active http healthcheck documents a default for expected status, but doesn't use it by @liorokman in #4090
  • support custom name for ratelimit deployment by @arkodg in #4094
  • chore: remove tcp options from the UDPRoute IR by @zhaohuabing in #4084
  • bump the k8s-io group to v0.31.0 by @zirain in #4066
  • API: api for setting OIDC token cookie domain by @zhaohuabing in #4093
  • build(deps): bump google/osv-scanner-action from 1.8.3 to 1.8.4 by @dependabot in #4110
  • build(deps): bump github/codeql-action from 3.26.2 to 3.26.5 by @dependabot in #4109
  • build(deps): bump github.com/bufbuild/buf from 1.37.0 to 1.38.0 in /tools/src/buf by @dependabot in #4111
  • docs: removes unimplemented attributes in the extproc example by @mathetake in #4115
  • build(deps): bump github.com/miekg/dns from 1.1.61 to 1.1.62 by @dependabot in #4104
  • deps: Bump go control plane to 0.13.0 by @zirain in #4113
  • build(deps): bump helm.sh/helm/v3 from 3.15.3 to 3.15.4 by @dependabot in #4105
  • fix: remove the limitation for only one backendRef from ext-auth and ext-proc by @liorokman in #4086
  • [api] Add Failover field to Backend by @arkodg in #4099
  • refactor: Return 500 when BackendTrafficPolicy translation fails by @MdSahil-oss in #4092
  • ossf: fix pinned-dependencies by @mmorel-35 in #4119
  • add-nodeSelector by @magorKathy in #4017
  • build(deps): bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 by @dependabot in #4107
  • rename failover to fallback backend by @arkodg in #4121
  • fix: don't lose timeout settings that originate from the route when translating the backend traffic policy by @liorokman in #4095
  • chore: use sets by @zirain in #4123
  • docs: Clarification for type which calls itself "JSON" but actually cannot be. by @mt-inside in #4117
  • Fix IsNotFound check for secret and configmap by @TasdidurRahman in #4126
  • chore: bump deps by @zirain in #4122
  • chore: remove test package by @zirain in #4148
  • build(deps): bump actions/upload-artifact from 4.3.4 to 4.4.0 by @dependabot in #4131
  • build(deps): bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #4130
  • build(deps): bump google.golang.org/grpc from 1.65.0 to 1.66.0 in /examples/extension-server by @dependabot in #4139
  • build(deps): bump github.com/docker/docker from 27.1.2+incompatible to 27.2.0+incompatible by @dependabot in #4137
  • build(deps): bump github.com/bufbuild/buf from 1.38.0 to 1.39.0 in /tools/src/buf by @dependabot in #4133
  • build(deps): bump github.com/prometheus/common from 0.55.0 to 0.57.0 by @dependabot in #4134
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.99.0 to 0.100.0 by @dependabot in #4135
  • fix: assign sugar logger name. by @qicz in #4144
  • chore: code polish & ratelimit env optimize by @qicz in #4142
  • fix: controller-runtime logger by @qicz in #4146
  • build(deps): bump busybox from 9ae97d3 to 8274294 in /tools/docker/envoy-gateway by @dependabot in #4132
  • chore: add ExtensionGroupKinds debug log by @zirain in #4124
  • chore: concurrent map write in internal/metric test. by @qicz in #4141
  • build(deps): bump github.com/docker/cli from 27.1.2+incompatible to 27.2.0+incompatible by @dependabot in #4138
  • build(deps): bump google.golang.org/grpc from 1.65.0 to 1.66.0 by @dependabot in #4136
  • refactor: return 500 when EnvoyExtensionTrafficPolicy translation fails by @alexwo in #4154
  • feat: support JSONPatches for proxy bootstrap modifications by @liorokman in #4116
  • ci: fix osv vulnerability and license scans and add license overrides by @shahar-h in #4157
  • API: authorization api for jwt claims by @zhaohuabing in #4009
  • impl for setting OIDC token cookie domain by @zhaohuabing in #4102
  • remove MPL packages by @zirain in #4161
  • ci: bump support Kubernetes version by @zirain in #4169
  • bump to go1.22.7 by @zirain in #4175
  • docs: improve Private Key Provider page layout by @zirain in #4179
  • build(deps): bump distroless/static from 8dd8d3c to 42d15c6 in /tools/docker/envoy-gateway by @dependabot in #4191
  • build(deps): bump github.com/bufbuild/buf from 1.39.0 to 1.40.1 in /tools/src/buf by @dependabot in #4185
  • build(deps): bump github.com/prometheus/common from 0.57.0 to 0.59.1 by @dependabot in #4187
  • build(deps): bump github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0 by @dependabot in #4190
  • build(deps): bump github.com/prometheus/client_golang from 1.20.2 to 1.20.3 by @dependabot in #4189
  • build(deps): bump the golang-org group across 2 directories with 2 updates by @dependabot in #4186
  • feat: support RecomputeRoute for ExtAuth by @zirain in #4178
  • lint: ignore gosec G115 by @zirain in #4184
  • ci: fix openssf-scorecard permission issue by @shahar-h in #4198
  • feat: choose a default HTTP1.0 route based on HTTPRoutes if possible. by @liorokman in #4183
  • build(deps): bump busybox from 8274294 to 34b191d in /tools/docker/envoy-gateway by @dependabot in #4192
  • chore: add a jwks public private key pair for testing by @zhaohuabing in #4200
  • fix: reject invalid backends in route validation by @guydc in #4209
  • API: use BackendCluster to represent OIDCProvider by @zhaohuabing in #4128
  • fix: allow empty slowStart when using LeastRequest by @zirain in #4204
  • bump ENVTEST_K8S_VERSION by @zirain in #4201
  • feat: add file resource provider for EG standalone mode by @shawnh2 in #3159
  • affinity and toleration patch for certgen by @ncsham in #4195
  • chore: set fail-fast: false to continue testing as e2e tests are flaky by @zhaohuabing in #4210
  • ci: bump to golang1.23.1 by @zirain in #4206
  • fix: write backend status by @guydc in #4219
  • release: v1.1.1 by @guydc in #4207
  • e2e: increase timeout for FileAccessLog by @zirain in #4215
  • build(deps): bump fortio.org/fortio from 1.66.1 to 1.66.2 by @zirain in #4223
  • Fix website version by @arkodg in #4229
  • fix: Switch to an immediate drain strategy by @arkodg in #4230
  • docs: fix make command from benchmark-test to benchmark by @juwon8891 in #4237
  • api: HTTPRouteFilter by @guydc in #4171
  • refactor: add gatewayapi/resource pkg by @shawnh2 in #4235
  • api: unhide Matches in ProxyAccessLog by @zirain in #4224
  • api: support inverting matches in rate limit by @rudrakhp in #4176
  • docs: fix incorrect decoding command in developer documentation by @juwon8891 in #4241
  • feat: Add maxUnavailable PDB support to helm chart by @jukie in #4239
  • chore: bump deps by @zirain in #4255
  • build(deps): bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in #4252
  • build(deps): bump github.com/golangci/golangci-lint from 1.60.3 to 1.61.0 in /tools/src/golangci-lint by @dependabot in #4247
  • build(deps): bump busybox from 34b191d to c230832 in /tools/docker/envoy-gateway by @dependabot in #4244
  • build(deps): bump github.com/bufbuild/buf from 1.40.1 to 1.41.0 in /tools/src/buf by @dependabot in #4245
  • CORS: support wildcard matching for AllowMethods and AllowHeaders by @zhaohuabing in #4168
  • chore: fix merge nit by @zirain in #4260
  • build(deps): bump helm.sh/helm/v3 from 3.15.4 to 3.16.1 by @dependabot in #4251
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.100.0 to 0.102.0 by @dependabot in #4261
  • build(deps): bump google/osv-scanner-action from 1.8.4 to 1.8.5 by @dependabot in #4253
  • ci: remove license override for github.com/moby/patternmatcher by @shahar-h in #4274
  • ci: enable osv-scanner call analysis by @shahar-h in #4273
  • OIDC: add nonce support to the oauth2 filter by @zhaohuabing in #4271
  • moving away from promStatsdExporterContainer by @zirain in #4272
  • performance: changing Infra and Xds IR log values to JSONString by @shawnh2 in #4263
  • e2e: add test for RecomputeRoute in ExtAuth by @zirain in #4222
  • EnvoyPatchPolicy JsonPath docs & fixes by @denniskniep in #4256
  • chore: include heap profile into benchmark report and add notes for profiles by @shawnh2 in #4284
  • fix: Reconcile on HTTPRoute labels change by @luvk1412 in #4279
  • fix: handle invalid sectionName in BackendTLSPolicy for Backend by @arkodg in #4296
  • chore: e2e: expose --allow-crds-mismatch from conformace test by @unicell in #4297
  • revisit envoy shutdown settings by @arkodg in #4288
  • build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #4310
  • build(deps): bump github.com/ohler55/ojg from 1.24.0 to 1.24.1 by @dependabot in #4302
  • build(deps): bump distroless/static from 42d15c6 to dcd3f1f in /tools/docker/envoy-gateway by @dependabot in #4311
  • build(deps): bump github.com/docker/cli from 27.2.0+incompatible to 27.3.1+incompatible by @dependabot in #4306
  • build(deps): bump google.golang.org/grpc from 1.66.2 to 1.67.0 in /examples/extension-server by @dependabot in #4307
  • build(deps): bump github.com/bufbuild/buf from 1.41.0 to 1.42.0 in /tools/src/buf by @dependabot in #4308
  • build(deps): bump actions/setup-node from 4.0.3 to 4.0.4 by @dependabot in #4309
  • docs: fix patch command for adding TLS gateway listener by @Dean-Coakley in #4316
  • feat(translator): implement httproutefilter and path regex rewrite by @guydc in #4258
  • build(deps): bump github.com/prometheus/client_golang from 1.20.3 to 1.20.4 by @dependabot in #4304
  • build(deps): bump github.com/docker/docker from 27.2.0+incompatible to 27.3.1+incompatible by @dependabot in #4303
  • chore: update release page by @arkodg in #4319
  • chore: update roadmap page by @arkodg in #4318
  • ci: dual-stack support for kind cluster by @juwon8891 in #4301
  • [release/v1.1] release: v1.1.2 by @guydc in #4320
  • chore: add the exptected date for 1.2.0 by @zhaohuabing in #4321
  • set user group and user id for the default SecurityContext by @zhaohuabing in #4313
  • docs: remove comma by @muffl0n in #4300
  • Impl: JWT claim authorization by @zhaohuabing in #4167
  • chroe: fix license check by @zhaohuabing in #4327
  • api: access log types by @guydc in #4170
  • api: custom error response by @arkodg in #4259
  • bugfix: EG loglevel error for admin and metrics module by @qicz in #4340
  • fix: some status updates are discarded by the status updater by @zhaohuabing in #4337
  • fix: Unsupported listener protocol type error for nil supportKinds assign gateway status. by @qicz in #4345
  • feat: support request response sizes stats by @luvk1412 in #4314
  • Datadog tracing support by @Hartigan in #4298
  • set invalid Listener.SupportedKinds to empty list by @arkodg in #4352
  • feat: adds support for ratelimit metrics monitoring in grafana by @MdSahil-oss in #4083
  • chore: add envoy gateway logo into readme by @shawnh2 in #4355
  • doc: update benchmark result by @shawnh2 in #4354
  • feat: add priorityClassName support to helm chart by @jukie in #4357
  • feat: Add service annotations to helm chart by @jukie in #4359
  • feat: enable local validations for egctl translate and file provider by @shawnh2 in #4257
  • chore: fix receivers & check ResourceRender implements. by @qicz in #4344
  • helm: remove grafana testFramework by @zirain in #4360
  • bugfix: ignore some unnecessary requests to apiserver. by @qicz in #4362
  • chore: correct eg namespace by @zirain in #4365
  • build(deps): bump github.com/urfave/cli/v2 from 2.27.2 to 2.27.4 in /examples/extension-server by @dependabot in #4372
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.102.0 to 0.105.1 by @dependabot in #4371
  • build(deps): bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in #4366
  • build(deps): bump distroless/static from dcd3f1f to 26f9b99 in /tools/docker/envoy-gateway by @dependabot in #4368
  • build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #4367
  • build(deps): bump the go-opentelemetry-io group across 1 directory with 2 updates by @dependabot in #4369
  • [Gateway API 1.2.0] Upgrade Gateway API to 1.2.0-rc2 by @zhaohuabing in #4270
  • fix: rateLimitDeployment ignoring pod labels and annotation merge by @oscarboher in #4228
  • chore: fix gen-check by @zirain in #4376
  • build(deps): bump the golang-org group across 2 directories with 2 updates by @dependabot in #4401
  • build(deps): bump github.com/bufbuild/buf from 1.42.0 to 1.44.0 in /tools/src/buf by @dependabot in #4400
  • build(deps): bump codecov/codecov-action from 4.5.0 to 4.6.0 by @dependabot in #4399
  • build(deps): bump github/codeql-action from 3.26.9 to 3.26.11 by @dependabot in #4397
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.105.1 to 0.105.2 by @dependabot in #4404
  • build(deps): bump google/osv-scanner-action from 1.8.5 to 1.9.0 by @dependabot in #4398
  • build(deps): bump sigs.k8s.io/gateway-api from 1.2.0-rc2 to 1.2.0 in /examples/extension-server by @dependabot in #4407
  • build(deps): bump busybox from c230832 to 768e5c6 in /tools/docker/envoy-gateway by @dependabot in #4408
  • chore: remove +build tag by @zirain in #4392
  • chore: remove nit log by @zirain in #4391
  • build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1 in /examples/extension-server by @dependabot in #4406
  • chore: recover Coverage Tests by @zirain in #4411
  • chore: fix docker build warning by @zirain in #4389
  • bump google.golang.org/grpc v1.67 by @zirain in #4390
  • chore: fix osv scanner by @zirain in #4414
  • chore: upgrade test should use VERSION by default by @zirain in #4393
  • build(deps): bump fortio.org/fortio from 1.66.3 to 1.67.1 by @dependabot in #4405
  • api: host header rewrite by @guydc in #4410
  • feat: support inverting header matches for rate limit by @rudrakhp in #4286
  • bump gwapi to 1.2.0 by @zirain in #4384
  • feat(translator): implement access log types by @guydc in #4341
  • fix dashboard typos by @haorenfsa in #4422
  • feat: add labels to envoyService config by @jukie in #4427
  • build(deps): bump helm.sh/helm/v3 from 3.16.1 to 3.16.2 by @dependabot in #4436
  • docs: Fix capital D in ratelimit example by @puerco in #4428
  • build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1 in /examples/extension-server by @dependabot in #4439
  • build(deps): bump github.com/prometheus/common from 0.59.1 to 0.60.0 by @dependabot in #4438
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.105.2 to 0.107.0 by @dependabot in #4437
  • build(deps): bump github.com/bufbuild/buf from 1.44.0 to 1.45.0 in /tools/src/buf by @dependabot in #4440
  • build(deps): bump the go-opentelemetry-io group across 1 directory with 8 updates by @dependabot in #4434
  • feat(translator): client tls session resumption by @guydc in #4293
  • build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in #4442
  • build(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.27.0 by @dependabot in #4443
  • build(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by @dependabot in #4444
  • build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by @dependabot in #4441
  • feat: allow running EnvoyProxy as DaemonSet by @jukie in #4429
  • feat: implement RequestTimeout in BackendTrafficPolicy by @sanposhiho in #4329
  • infra: use labels when deleting infra by @zirain in #4430
  • chore: set klog by @zirain in #4455
  • infra: fix DeleteAllOf rbac by @zirain in #4459
  • feat: implement fallback for the Backend API by @arkodg in #4461
  • chore: bump go control plane to 0.13.1 by @zhaohuabing in #4465
  • api: fix HeaderMatch list type to allow invert matches on same header by @rudrakhp in #4464
  • api: direct response by @arkodg in #4334
  • Use BackendCluster to represent OIDCProvider by @zhaohuabing in #4227
  • support reloadable EnvoyGateway configuration by @zirain in #4451
  • e2e: add tests for ratelimit invert matching headers by @rudrakhp in #4452
  • chore: update logo by @zirain in #4469
  • docs: correct the curl command by @zirain in #4467
  • chore: use ptr.Deref to simply code by @zirain in #4477
  • chore: bump crd-ref-docs by @zirain in #4474
  • docs: improve a little bit visual by @zirain in #4468
  • docs: update configuration kick in tips by @zirain in #4479
  • Fix wasm example link by @zhaohuabing in #4491
  • Unhide BackendCluster for OIDC provider by @zhaohuabing in #4490
  • build(deps): bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 by @dependabot in #4484
  • build(deps): bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 by @dependabot in #4486
  • build(deps): bump github.com/urfave/cli/v2 from 2.27.4 to 2.27.5 in /examples/extension-server by @dependabot in #4488
  • build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in #4485
  • fix: ratelimit not working with both headers and cidr matches by @shawnh2 in #4377
  • chore: clean up gatewayapi v1alpha2 helpers by @shawnh2 in #4482
  • Docs/Tests: documentation and e2e tests for Datadog tracing by @Hartigan in #4480
  • impl: custom error response by @zhaohuabing in #4415
  • fix: enforce connection limit value by @guydc in #4458
  • Collect release note in each PR by @zhaohuabing in #4473
  • build(deps): bump github.com/replicatedhq/troubleshoot from 0.107.0 to 0.107.1 by @dependabot in #4487
  • docs: add docs for ratelimit invert match headers by @rudrakhp in #4483
  • feat: implement Backend API for TLSRoute by @zhaohuabing in #4493
  • helm: Remove default cpu limit inside chart by @RomainBelorgey in #4290
  • feat: add host-infra provider support by @shawnh2 in #4481
  • bugfix: filter repeated resources and optimize memory usage. by @qicz in #4454
  • feat(translator): implement httproutefilter host rewrite by @guydc in #4446
  • benchmark: test for 1000 HTTPRoutes by @arkodg in #4287
  • docs: update Backend docs by @zhaohuabing in #4497
  • e2e: add test for DaemonSet by @zirain in #4502
  • feat: direct response by @arkodg in #4508
  • fix: disable ALPN for non-HTTP routes by @guydc in #4460
  • chore: share UnitToDuration logic by @zirain in #4510
  • e2e: incr timeout by @zirain in #4512
  • chore: refactor byNamespaceSelectorEnabled by @zirain in #4513
  • feat: add ipv4/ipv6 dual stack support by @juwon8891 in #4375
  • docs: skip current in release-notes-docs by @zirain in #4521
  • release: v1.2.0-rc.1 by @zhaohuabing in #4476
  • [release/v1.2] pin envoy and ratelimit images by @zhaohuabing in #4526
  • [release/v1.2] pin envoy image to 1.32.1 by @zhaohuabing in #4569
  • [release/v1.2] Cherry pick main to v1.2 by @zhaohuabing in #4640
  • [release/v1.2] add release note yaml file for v1.2.0 by @zhaohuabing in #4644
  • fix release build by @zhaohuabing in #4645

New Contributors

Full Changelog: v1.1.0...v1.2.0

Don't miss a new gateway-helm release

NewReleases is sending notifications on new releases.