github envoyproxy/gateway v1.6.0-rc.1
on GitHub

pre-releaseone day ago

What's Changed

  • docs: add v1.4.2 to benchmark report results by @missBerg in #6555
  • docs: Policy Merging in BTP by @arkodg in #6554
  • feat: add reset-before-request retry trigger by @arkodg in #6547
  • build(deps): bump google/osv-scanner-action from 2.0.3 to 2.1.0 by @dependabot[bot] in #6562
  • adopters: add KEDA by @wozniakjan in #6567
  • build(deps): bump the gomod group across 3 directories with 3 updates by @dependabot[bot] in #6563
  • Fix EEP CEL Validations around FullDuplexStreamed and FailOpen by @arkodg in #6560
  • fix(filters): fix context loss in httproutefilter processing by @AlexKrudu in #6558
  • docs: add airgap deployment guide by @ion-elgreco in #6429
  • feat: add admin console support by @Xunzhuo in #6331
  • feat(backendtrafficpolicy): initial_jitter in activehealthcheck- using gwapiv1 instead of metav1 by @nehabhosaleconfluent in #6548
  • feat: api key auth forwarding setting by @zhaohuabing in #6444
  • fix: Node objects should not be subject to namespace label checks by @fengxsong in #6565
  • build(deps): updates to func-e 1.2 by @codefromthecrypt in #6571
  • fix: race condition in watchable subscribe by @rudrakhp in #6566
  • docs: add missing release notes by @Xunzhuo in #6574
  • feat(console): add resource explorer by @Xunzhuo in #6572
  • feat: urlRewrite supports idleTimeout by @mabdh in #6561
  • docs: update global rate limit docs by @zhaohuabing in #6575
  • feat: support route rule in SecurityPolicy target by @kkk777-7 in #6335
  • API: add runtime guards for risky behavior changes to EnvoyGateway by @zhaohuabing in #6556
  • feat: getting OIDC client ID from secret by @zhaohuabing in #6532
  • feat: support ClusterTrustBundle in CACertificateRefs by @zirain in #6353
  • docs: edit air gapped docs to clean up envoy proxy customizations by @arkodg in #6577
  • chore: fix broken links by @zhaohuabing in #6588
  • Allow configuring service_name in tracing via EnvoyProxy spec by @sudiptob2 in #6568
  • setup allowRequestsWithoutProxyProtocol by @ryanhristovski in #6545
  • reduce xds cluster DNS lookups by @arkodg in #6591
  • fix: add missing HTTP filters for HTTP3 listener by @zhaohuabing in #6584
  • docs: simplify concepts section by @arkodg in #6578
  • feat: Implement ZoneAware loadbalancing - Use non-static local_cluster name (splitup #6482) by @jukie in #6497
  • feat: Implement ZoneAware loadbalancing - ZoneAware Lb Config (splitup #6482) by @jukie in #6485
  • feat: Add Support for Setting Certgen Pod Labels/Annotations by @blakeromano in #6378
  • fix: use per-route configuration for session persistence to avoid listener drain by @zhaohuabing in #6580
  • docs: add your logo here cta by @missBerg in #6604
  • sort gw api resources based on name if creation timestamp is same by @arkodg in #6599
  • feat: apply backendTLSSettings to all Backend Types by @zhaohuabing in #6533
  • build(deps): bump the gomod group across 5 directories with 4 updates by @dependabot[bot] in #6613
  • build(deps): bump github/codeql-action from 3.29.2 to 3.29.4 by @dependabot[bot] in #6614
  • update RM for v1.5 by @zirain in #6610
  • sort httpFilters on name if priority order is same by @arkodg in #6600
  • docs: add admin console guides by @Xunzhuo in #6576
  • Fix backendRef Provider processing for extAuth/OIDC by @zirain in #6612
  • chore: bump k8s.io by @zirain in #6615
  • build(deps): bump busybox from f85340b to f9a104f in /tools/docker/envoy-gateway by @dependabot[bot] in #6629
  • bump github.com/docker/docker by @zirain in #6633
  • fix concurrent write map issue in egctl by @zirain in #6628
  • build(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0 by @dependabot[bot] in #6632
  • build(deps): bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #6630
  • build(deps): bump the gomod group across 1 directory with 2 updates by @dependabot[bot] in #6631
  • feat: Implement ZoneAware loadbalancing - Track Envoy pods via xDS (splitup #6482) by @jukie in #6597
  • chore: fix unchanged files with check annotations by @zirain in #6623
  • fix: rename listener using its protocol and port by @zhaohuabing in #6544
  • e2e: add http3 test by @zirain in #6622
  • feat: support endpoint override policy based routing by @Xunzhuo in #6458
  • fix: gen-check and add release note by @Xunzhuo in #6637
  • [release/v1.5]: v1.5.0-rc.1 release note by @zirain in #6636
  • chore: fix release notes name by @zirain in #6643
  • fix(xds-server): clear snapshot on stream close by @Hackzzila in #6618
  • chore: cleanups from #6597 by @jukie in #6647
  • fix: set order for grpc_web and grpc_stats filters by @zhaohuabing in #6626
  • fix: nil pointer when InsecureSkipVerify is true by @zhaohuabing in #6652
  • fix: allow imageRepository contains port (#6658) by @arkodg in #6660
  • docs: improve policy concepts section by @arkodg in #6663
  • docs: observability pre req not required in admin console page by @arkodg in #6662
  • docs: xds name scheme v2 by @zhaohuabing in #6656
  • docs: highlight wait step by @zirain in #6665
  • fix: populate status for custom backendRef not found by @Xunzhuo in #6670
  • fix: xds name schema v2 by @zhaohuabing in #6638
  • docs: expand Gateway Namespace Mode doc on client/server auth by @cnvergence in #6616
  • increase earlyRequestHeaders from 16 to 64 by @arkodg in #6673
  • docs: skipping TLS verification by @zhaohuabing in #6653
  • feat: add listener metadata by @zhaohuabing in #6639
  • fix: Fix BTP ZoneAware translation by @jukie in #6668
  • docs: unhide zoneaware api for docs by @jukie in #6683
  • watchable: use Store directly instead of HandleStore wrapper by @arkodg in #6680
  • docs: Update Zone Aware Routing for BackendTrafficPolicy configuration example by @jukie in #6667
  • combine the xds-translator and xds-server runner into one by @arkodg in #6586
  • build(deps): bump the gomod group across 1 directory with 6 updates by @dependabot[bot] in #6691
  • fix: controller panic when reloading config by @zirain in #6688
  • use gwapiv1.Duration instead of metav1.Duration by @arkodg in #6664
  • fix: don't block deployment creating when missing secret in EnvoyProxy by @zirain in #6692
  • [release/v1.5] release notes for rc.2 by @zirain in #6697
  • docs: rm latest from install egctl docs by @arkodg in #6700
  • chore: fix globalResources in GNM by @zirain in #6701
  • move ordering gateway-api resources to provider by @arkodg in #6695
  • Rate Limiter: Enable rate limit for month and year by @commoddity in #6715
  • docs: rm alpha alert for gateway namespace mode by @arkodg in #6709
  • allow SNI and Cert SAN mismatch by @arkodg in #6719
  • chore(charts): update metadata for gateway-crds-helm by @maxbrunet in #6725
  • chore: Don't render bootstrap local cluster if topologyInjector is disabled by @jukie in #6718
  • remove nit log when Backend API is disabled by @zirain in #6708
  • fix: EnvoyProxy image with digest is rejected by @zirain in #6720
  • Revert "feat: add listener metadata (#6639)" by @arkodg in #6727
  • docs: enhance extensibility index page by @arkodg in #6728
  • docs: add docs explaining graceful shutdown by @arkodg in #6729
  • docs: ClusterTrustBundle Support in BackendTLSPolicy by @zirain in #6714
  • chore: bump go 1.24.6 by @zirain in #6732
  • [release-1.5] release-notes for v1.5.0 by @zirain in #6731
  • docs: generate v1.5 docs by @zirain in #6737
  • update upgrade test to use v1.5 by @zirain in #6741
  • ci: skip test jobs when changes are not related by @zirain in #6699
  • chore: update release schedule by @zirain in #6746
  • ci: fix changes job by @zirain in #6747
  • chore: bump hugo by @arkodg in #6745
  • chore: fix EOL date by @zirain in #6765
  • release-notes for v1.4.3 by @zirain in #6768
  • ci: fix changes job by @zirain in #6748
  • ci: skip step instead of job by @zirain in #6771
  • chore: update release notes for v1.4.3 by @arkodg in #6774
  • api: unhide request buffer in BTP by @zirain in #6761
  • build(deps): bump the gomod group across 5 directories with 5 updates by @dependabot[bot] in #6760
  • build(deps): bump docker/login-action from 3.4.0 to 3.5.0 by @dependabot[bot] in #6759
  • build(deps): bump github/codeql-action from 3.29.7 to 3.29.8 by @dependabot[bot] in #6758
  • build(deps-dev): bump @fortawesome/fontawesome-free from 6.7.2 to 7.0.0 in /site by @dependabot[bot] in #6755
  • build(deps-dev): bump cross-env from 7.0.3 to 10.0.0 in /site by @dependabot[bot] in #6756
  • build(deps): bump npm-check-updates from 17.1.18 to 18.0.2 in /site by @dependabot[bot] in #6754
  • build(deps): bump distroless/base-nossl from fa7b50f to 9a1c8b2 in /tools/docker/envoy-gateway by @dependabot[bot] in #6753
  • build(deps): bump google/osv-scanner-action from 2.1.0 to 2.2.1 by @dependabot[bot] in #6770
  • chore: refactor selector match by @zirain in #6702
  • docs: point v1.4 docs to v1.4.3 by @arkodg in #6776
  • feat: support section name for EnvoyExtensionPolicy by @kkk777-7 in #6611
  • fix: cluster stat name: lowercase Kind by @guydc in #6780
  • fix: 'make fix-golint' is broken by @shahar-h in #6781
  • fix: envoy service cluster name for zone-aware routing by @y-rabie in #6763
  • IR: add DestinationAddressType UDS by @zirain in #6784
  • conformance: update experimental test report by @zirain in #6782
  • chore: fix release-notes-docs by @zirain in #6783
  • api: add ClientCertificateRef field to ExtensionTLS for mTLS support by @wenfengp in #6674
  • api: add custom timeout for external auth service by @sudiptob2 in #6682
  • docs: add hyperlinks to API reference by @arkodg in #6736
  • benchmark: use container_memory_working_set_bytes for EG memory by @arkodg in #6809
  • docs: add details element styling for increase summary size by @zyfy29 in #6799
  • benchmark: add go mem usage for EG by @arkodg in #6810
  • build(deps): bump busybox from f9a104f to ab33eac in /tools/docker/envoy-gateway by @dependabot[bot] in #6803
  • benchmark: upload report and fix the filename issue by @zirain in #6823
  • fix(api): image validation regex, support port in repository by @Windfarer in #6819
  • build(deps): bump google/osv-scanner-action from 6c57776178c26313323dcdf6c082ed195314fd17 to 456ceb78310755116e0a3738121351006286b797 by @dependabot[bot] in #6806
  • benchmark: use custom duration in prom metric by @arkodg in #6811
  • add route convergence time to benchmark report by @zirain in #6813
  • feat(ext_service): Implement client cert auth for extension server by @wenfengp in #6777
  • fix(gateway-addons-helm): fix cluster variable in Grafana dashboard by @maxbrunet in #6798
  • chore: move Go tools into a separate module by @shahar-h in #6824
  • chore: remove ir quic port by @zhaohuabing in #6676
  • ci: make license scan blocking again by @shahar-h in #6835
  • fix: Actually update xdsIR with maxAcceptPerSocketEvent by @jukie in #6834
  • bugfix: fix the topologyInjectorDisabled and the local cluster was not defined by @qicz in #6847
  • build(deps): bump the gomod group across 6 directories with 9 updates by @dependabot[bot] in #6843
  • docs: add Sophotech to adopters list by @archy-rock3t-cloud in #6856
  • chore: fix test by @zirain in #6860
  • fix(logging): correct log formatting to avoid DPANIC in controller-runtime logger by @TomerJLevy in #6846
  • fix: handle context errors as transient errors by @TomerJLevy in #6850
  • bugfix: the controller cannot read the EnvoyProxy attached gatewayclass only. by @qicz in #6838
  • build(deps): bump the github-actions group across 1 directory with 3 updates by @dependabot[bot] in #6808
  • build(deps): bump sigs.k8s.io/mcs-api from 0.2.0 to 0.3.0 by @dependabot[bot] in #6883
  • build(deps-dev): bump hugo-extended from 0.148.2 to 0.149.0 in /site by @dependabot[bot] in #6885
  • build(deps): bump distroless/base-nossl from 9a1c8b2 to 8981b63 in /tools/docker/envoy-gateway by @dependabot[bot] in #6880
  • build(deps): bump google/osv-scanner-action from 2.2.1 to 2.2.2 by @dependabot[bot] in #6878
  • fix(translator): Fix panic with request mirror + grpcroute by @AndyMoreland in #6875
  • build(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 by @dependabot[bot] in #6841
  • bump go mod by @arkodg in #6889
  • conformance: UDPRoute by @zirain in #6839
  • ci: pin checkout action by @shahar-h in #6900
  • chore: Update image directory path in image.mk by @yuluo-yx in #6911
  • chore: fix CVE by @shahar-h in #6903
  • build(deps-dev): bump hugo-extended from 0.149.0 to 0.149.1 in /site by @dependabot[bot] in #6910
  • docs(design/metadata): correct annotation prefix by @maxbrunet in #6836
  • build(deps): bump aquasecurity/trivy-action from 0.32.0 to 0.33.1 by @dependabot[bot] in #6908
  • build(deps): bump github/codeql-action from 3.29.8 to 3.30.1 by @dependabot[bot] in #6907
  • Removes reflection from RouteContext to reduce allocations by @mathetake in #6820
  • chore: fix build by @zhaohuabing in #6927
  • fix: nil pointer dereference in btp configmap indexer by @rudrakhp in #6921
  • improve targetRef selection for targetSelectors by @arkodg in #6917
  • bugfix: handle millisecond-level retry durations and token TTLs in OIDC authn by @nareddyt in #6916
  • docs: Gateway API Metadata by @guydc in #6744
  • build(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 by @dependabot[bot] in #6906
  • fix: suppress lua validation logs by @rudrakhp in #6929
  • e2e: custom redirect response by @rudrakhp in #6301
  • feat: add late response headers to ClientTrafficPolicy by @twelvelabs in #6851
  • fix: rm incorrectly set exclusiveMaximum field in CRD by @arkodg in #6926
  • fix: rm Strict SameSite default by @arkodg in #6941
  • Optimize pod cache by @jukie in #6936
  • docs: ignore hashicorp developer link in docs-check-links by @sureshkrishnan-v in #6945
  • api: remove enum validation on ALPNProtocol by @zirain in #6330
  • reduce DeepCopy in gateway-api layer by @arkodg in #6940
  • fix: validation for grpc routes with extension ref filters by @rudrakhp in #6949
  • fix: cleanup dangling route status conditions by @y-rabie in #6812
  • Fix: Add missing patch annotations to Compression struct for proper Merge by @sudiptob2 in #6951
  • fix: update distroless image to resolve glibc CVEs by @shahar-h in #6953
  • chore: bump golang to 1.24.7 by @zirain in #6959
  • feat: support ir metadata to tcproute/udproute by @kkk777-7 in #6815
  • fix: Make sure proxy protocol filter is the first listener filter by @arkodg in #6972
  • feat: add more client connection limit settings - max requests per connection and max duration (with http1 safe max) by @jukie in #6606
  • feat: support retry policy for gRPC ExtAuth SecurityPolicy by @nareddyt in #6915
  • Add responseHeadersToAdd functionality to httproutefilter and btp by @ryanhristovski in #6308
  • fix benchmark job by @zirain in #6979
  • build(deps-dev): bump hugo-extended from 0.149.1 to 0.150.0 in /site by @dependabot[bot] in #6966
  • doc: update release process doc by @shawnh2 in #6983
  • [release/v1.5] 1.5.1 release-notes by @zirain in #6976
  • rm DeepCopy from Status Updator by @arkodg in #6986
  • bump 1.5.0 to 1.5.1 by @zirain in #6989
  • docs: fix 1.5.1 date by @zirain in #6990
  • docs(helm): document enabling Backend API via values.yaml and --set (… by @ADITYATIWARI342005 in #6982
  • doc: update release process doc by @shawnh2 in #6993
  • [release/v1.4] release notes and verion by @shawnh2 in #6971
  • perf: avoid string concatenation overhead of fmt.Sprintf in Sort by @arkodg in #6987
  • chore: update v1.5.1 rel notes to include proxy version bump by @arkodg in #6995
  • perf: improve mem allocation in TruncatePolicyAncestors by @arkodg in #6998
  • perf: reuse route rule metadata by @arkodg in #7001
  • ci: add a script for cherrypick by @zirain in #7000
  • docs: HTTP CONNECT based tunnels by @zirain in #6710
  • perf: reduce mem allocs in internal/metrics by @arkodg in #7004
  • perf: aggregate publish metric counts and call once by @arkodg in #7005
  • perf: avoid loop variable in k8s provider by @arkodg in #7010
  • standalone: use the right version of Envoy by @nacx in #6891
  • bugfix: fix proxyService cluster and odic missing metadata. by @qicz in #6862
  • perf: remove reflect from BackendRefContext by @arkodg in #7015
  • rm reflect from gateway api runner by @arkodg in #7012
  • perf: lazy allocation for new condition in SetConditionForPolicyAncestor by @arkodg in #6999
  • feat: add support for go test bench by @arkodg in #7033
  • Fix weighted cluster generation in RouteAction when URLRewrite filter is applied by @sekar-saravanan in #7027
  • fix: use SDS for service account token in Gateway Namespace Mode by @cnvergence in #7002
  • ci: add benchstat to compare perf b/w main and PR branch by @arkodg in #7038
  • perf: reduce ancestorRef copies in policy status by @arkodg in #7032
  • perf: preallocate structs in securitypolicy processing by @arkodg in #7039
  • perf: remove reflect.DeepCopy in parentRef comparison by @arkodg in #7040
  • fix: escape regex metacharacters from path prefix string by @rudrakhp in #7024
  • fix: properly generate infra envoy proxy args and fix bootstrap yaml format for Host provider by @nacx in #7006
  • perf: preallocate slices in route processing by @arkodg in #7041
  • fix: auto detect upstream protocol by @zirain in #6792
  • chore: temporary disable test by @zirain in #7059
  • perf: enable gocritic perfomance linter setting by @arkodg in #7056
  • perf: avoid JSON Marshal when debug logger is disabled by @arkodg in #7066
  • use use length check instead of a reflect in EEP status by @arkodg in #7061
  • perf: avoid YAML to JSON conversion in JSONPatch by @arkodg in #7069
  • chore: benchmark job optimization with configurable toggles by @ADITYATIWARI342005 in #7045
  • Fix: Preserve route parent status for multi-parent routes by @rajsinghtech in #7068
  • chore: remove useless function and unify log format by @zirain in #7075
  • perf: convert mockData into string and reuse in lua by @arkodg in #7078
  • feat: add cacheDuration for remoteJWKS in SecurityPolicy by @slayer321 in #6641
  • chore: remove assert by @zirain in #7071
  • e2e: use MakeRequestAndExpectEventuallyConsistentResponse by @zirain in #7074
  • feat: Added the cloudraft as adopter by @anishbista60 in #7096
  • perf: make sets when needed in policy processing by @arkodg in #7076
  • build(deps-dev): bump hugo-extended from 0.150.0 to 0.150.1 in /site by @dependabot[bot] in #7094
  • build(deps): bump npm-check-updates from 18.3.1 to 19.0.0 in /site by @dependabot[bot] in #7095
  • perf: remove watchable LoadAll() from gateway api runner by @arkodg in #7081
  • build(deps): bump sigs.k8s.io/gateway-api-inference-extension from 0.5.1 to 1.0.1 in /examples/extension-server by @dependabot[bot] in #7093
  • build(deps): bump github/codeql-action from 3.30.1 to 3.30.5 by @dependabot[bot] in #7091
  • perf: enable prealloc linter by @arkodg in #7055
  • Increase the JWTClaim values MaxItems limit from 16 to 128. by @JoelWesleyReed in #7103
  • perf: pre allocate maps in btp processing by @arkodg in #7050
  • perf: fix possible memory leak in XDS snapshot by @rudrakhp in #7101
  • chore: delete unused CompareSvc func by @arkodg in #7043
  • build(deps): bump softprops/action-gh-release from 2.3.2 to 2.3.3 by @dependabot[bot] in #6960
  • oidc: add option to disable token encryption by @zhaohuabing in #7105
  • perf: direct assign policies in translate result instead of append by @arkodg in #7077
  • chore: rm duplicate isParentRefEqual func from provider by @arkodg in #7060
  • fix: do not add same service multiple times by @zirain in #7119
  • fix: use maps for backendRefMappings instead of Sets by @arkodg in #7120
  • bug: disable x-envoy-ratelimited by default by @arkodg in #7110
  • fix: use lock when accessing mergeGateways Set by @arkodg in #7124
  • [release/v1.5] 1.5.2 release-notes by @zirain in #7117
  • bump 1.5.1 to 1.5.2 by @zirain in #7126
  • chore: delete GC status from watchable by @zirain in #7070
  • fix: set default maxConnectionAge for gRPC xDS Server by @arkodg in #7121
  • site: add section for enterprise support by @arkodg in #7107
  • chore: bump k8s.io to v0.34 by @zirain in #7128
  • build(deps-dev): bump hugo-extended from 0.150.1 to 0.151.0 in /site by @dependabot[bot] in #7140
  • build(deps): bump google/osv-scanner-action from 2.2.2 to 2.2.3 by @dependabot[bot] in #7132
  • build(deps): bump the gomod group across 2 directories with 18 updates by @dependabot[bot] in #7130
  • chore: Sync OWNERS to CODEOWNERS.md via Makefile tool by @manthan-parmar-1998 in #7047
  • chore: check no uncommitted changes after make docs by @rudrakhp in #7143
  • chore: extension-server gomod tidy by @zirain in #7160
  • build(deps): bump github.com/envoyproxy/go-control-plane/envoy from 1.32.4 to 1.35.0 in /examples/grpc-ext-proc by @dependabot[bot] in #7139
  • build(deps): bump docker/login-action from 3.5.0 to 3.6.0 by @dependabot[bot] in #7133
  • build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in #7131
  • perf: skip infra ir and status subscription for followers by @rudrakhp in #7145
  • build(deps): bump github.com/envoyproxy/go-control-plane/envoy from 1.32.4 to 1.35.0 in /examples/envoy-ext-auth by @dependabot[bot] in #7136
  • api: support crls in client traffic policies by @rudrakhp in #6955
  • Update Adopters by @cccsss01 in #7166
  • chore: remove redundant otelgrpc replace directive by @shahar-h in #7165
  • fix: truncate status condition messages to 32768 by @arkodg in #7159
  • Move jukie and kkk777-7 to maintainers by @arkodg in #7167
  • fix: prevent panic when sanitize is enabled without forwardClientIDHe… by @guoard in #7162
  • fix: thread stdout/stderr from cobra through to func-e for Host provider by @codefromthecrypt in #7142
  • fix: skipping unmatched envoypatchpolicies by @zirain in #7153
  • bump golang to 1.24.8 by @zirain in #7174
  • Release notes for v1.5.3 by @zirain in #7175
  • build(deps): bump softprops/action-gh-release from 2.3.3 to 2.3.4 by @dependabot[bot] in #7134
  • docs: bump 1.5.3 by @zirain in #7179
  • docs: update CTP NumTrustedHops doc by @zhaohuabing in #7178
  • build(deps): bump the github-actions group across 2 directories with 3 updates by @dependabot[bot] in #6905
  • api: Backend TLS SNI by @guydc in #7014
  • fix(host): disable topology injector to eliminate 15s startup delay by @codefromthecrypt in #7180
  • feat(securitypolicy): Update API to support tcp security policy by @davem-git in #7168
  • fix: broken context propagation to standalone run by @codefromthecrypt in #7190
  • chore: rename runner methods that no longer subscribe by @rudrakhp in #7164
  • docs: update header mutation docs by @zhaohuabing in #7187
  • feat: ocsp stapling by @zhaohuabing in #6864
  • chore: add more to for debugging kube test flake by @zirain in #7083
  • chore: fix CVE by @zirain in #7193
  • fix: make sure header mutation filter runs before ext auth by @arkodg in #7182
  • build(deps): bump k8s.io/kubectl from 0.34.0 to 0.34.1 in the k8s-io group across 1 directory by @dependabot[bot] in #7161
  • chore: fix stroeObjectWithKeys typo by @abolishgenocidenow in #7191
  • feat(dashboard): Usability updates to Envoy Cluster dashboard by @BadLiveware in #7149
  • chore: address the failure reason of UDPRoute on dual stack by @zirain in #7201
  • build(deps): bump busybox from ab33eac to d82f458 in /tools/docker/envoy-gateway by @dependabot[bot] in #7022
  • chore: fix TestProvider/httproute flake by @zirain in #7197
  • chore: simply OIDC test by @zirain in #7196
  • build(deps): bump sigs.k8s.io/controller-runtime from 0.22.1 to 0.22.3 in /examples/extension-server by @dependabot[bot] in #7214
  • build(deps): bump softprops/action-gh-release from 2.3.4 to 2.4.1 by @dependabot[bot] in #7210
  • build(deps): bump sigs.k8s.io/gateway-api from 1.3.1-0.20250527223622-54df0a899c1c to 1.4.0 in /examples/extension-server by @dependabot[bot] in #7215
  • chore: group all the actions in one PR by @zirain in #7217
  • build(deps): bump github/codeql-action from 3.30.5 to 4.30.8 by @dependabot[bot] in #7209
  • build(deps): bump yamllint from 1.35.1 to 1.37.1 in /tools/src/yamllint by @dependabot[bot] in #7220
  • build(deps): bump sigs.k8s.io/controller-runtime from 0.22.1 to 0.22.3 by @dependabot[bot] in #7213
  • build(deps): bump the gomod group across 6 directories with 10 updates by @dependabot[bot] in #7211
  • chore: reuse IRKey in getIRKey by @zirain in #7206
  • feat(dx): improve testing experience by @shreealt in #7228
  • fix: disable deepcopy for read only resources by @shreealt in #7207
  • docs: add cleanup and next steps to mTLS tutorial by @Dean-Coakley in #7223
  • fix: bug in overlap detection of cert SANs by @rudrakhp in #7234
  • docs: fix indentation of json access log example by @markormesher in #7241
  • oidc: set csrf token expiration by @zhaohuabing in #7188
  • docs: fix shell command syntax for CORS example by @Dean-Coakley in #7222
  • feat: Allow configuring percentage of traffic that zone aware routing is enabled for by @jukie in #7079
  • Add shahar-h to the list of owners by @guydc in #7249
  • bump golang to 1.25.3 by @zirain in #7237
  • docs: Highlight the creation order of EnvoyProxy by @zirain in #7216
  • chore: remove invalid validation by @zirain in #7208
  • outlier detection to use percentage based by @aburan28 in #6876
  • feat: add validation of backend endpointslice by @kkk777-7 in #6315
  • build(deps): bump codespell from 2.3.0 to 2.4.1 in /tools/src/codespell by @dependabot[bot] in #7221
  • fix: disable -shadow host suffix append by @shreealt in #7229
  • chore: revert OIDC test change by @zhaohuabing in #7257
  • chore: parse default image tag by @zirain in #7260
  • fix: disable deepcopy for read only resources by @shreealt in #7239
  • support TCPRoute Authz in xDS translator by @arkodg in #7184
  • chore: use benchstat as go tool by @shahar-h in #7261
  • feat: egctl doesn't dump SDS by default by @zirain in #7204
  • fix: envoy cluster dashboard datasources by @BadLiveware in #7263
  • release notes for v1.5.4 by @zirain in #7265
  • feat: add compressor field to configure compression setting in BackendTrafficPolicy by @sudiptob2 in #6956
  • feat: bump Gateway API to v1.4.0 by @zirain in #7090
  • chore: fix merge conflict by @zirain in #7267
  • feat: increase maximum limit for global rate limit rules to 128 by @sudiptob2 in #7269
  • fix: defaulting backend port protocol by @kkk777-7 in #7276
  • docs: bump v1.5.4 by @zirain in #7277
  • build(deps): bump sigs.k8s.io/gateway-api-inference-extension from 0.5.1 to 1.0.2 in /examples/extension-server by @dependabot[bot] in #7282
  • build(deps-dev): bump hugo-extended from 0.151.0 to 0.151.2 in /site by @dependabot[bot] in #7283
  • [release/v1.4] release notes and verion by @shawnh2 in #7286
  • feat: add zstd compression support by @buroa in #7129
  • build(deps): bump the gomod group across 2 directories with 3 updates by @dependabot[bot] in #7281
  • build(deps): bump the actions group across 1 directory with 2 updates by @dependabot[bot] in #7280
  • build(deps): bump busybox from d82f458 to 2f590fc in /tools/docker/envoy-gateway by @dependabot[bot] in #7278
  • refactor: use MakeRequestAndExpectEventuallyConsistentResponse in resilience tests by @ADITYATIWARI342005 in #7106
  • fix ValidateDocument race by @zirain in #7285
  • Fix: Improve 404 page layout by @ADITYATIWARI342005 in #7293
  • fix: use compile_native_go_fuzzer_v2 compiler for OSS-Fuzz build. by @sudiptob2 in #7296
  • fix: watch change for the ca cert in the Backend by @zhaohuabing in #7294
  • fix: set EnforcingConsecutiveGatewayFailure default to 100 by @zirain in #7284
  • fix: support binaryData in direct response by @cnvergence in #7036
  • feat: support chash on multiple headers by @shreealt in #7198
  • feat(securitypolicy): Update GatewayAPI to support tcp security policy by @davem-git in #7171
  • feat: support retries in ext proc by @shreealt in #7169
  • chore: fix gen check by @zhaohuabing in #7311
  • Add Signal AI to Envoy Gateway adopters by @coro in #7317
  • Clarify helm pr raising generation by @saska in #7319
  • fix ipFamily not set in UDPListener by @woodgear in #7313
  • chore: add logging for 5xx direct response by @zhaohuabing in #7252
  • fix: error handling for fetching oidc config from well-known endpoint by @zhaohuabing in #7301
  • enable supported conformance test by @zirain in #7291
  • egctl: collect per namespace by @zirain in #7289
  • feat: make host mode directory paths configurable by @codefromthecrypt in #7225
  • feat: support per backend client cert by @zhaohuabing in #7113
  • Enable e2e in gateway namespace mode by @zirain in #7329
  • docs: Adding the prerequisites in response-override. by @ekline-ai in #7322
  • docs: add rc.0 marker tagging step to release process by @shahar-h in #7332
  • feat: Add support for upstream PreconnectPolicy by @jukie in #7288
  • build(deps): bump the actions group across 1 directory with 3 updates by @dependabot[bot] in #7338
  • build(deps): bump the gomod group across 2 directories with 3 updates by @dependabot[bot] in #7339
  • chore: fix 500 response err log by @zhaohuabing in #7345
  • chore: remove .trivyignore by @shahar-h in #7355
  • chore: fix client cert ns and backend status by @zhaohuabing in #7342
  • docs: update Backend API restrictions by @zirain in #7327
  • enable BackendTLSPolicyConflictResolution conformance test by @zirain in #7300
  • ci: fetch tags to make trivy scan pass by @shahar-h in #7357
  • fix: use consistent cert dir between certgen and standalone run by @mathetake in #7351
  • test(e2e): add graceful shutdown test for long-running requests by @linmosko in #7350
  • docs: per backend client cert by @zhaohuabing in #7341
  • strip mangaged fields by @zirain in #7352
  • feat: gRPC streaming timeout by @jukie in #7194
  • site: SAP case study by @guydc in #7250
  • fix: keep sending unready/non-serving endpoints as unhealthy by @y-rabie in #7253
  • Fix preserveXRequestID translation and API description by @jukie in #7346
  • feat: support retry policy for http ext auth by @shreealt in #7326
  • coalesce updates to reduce intermediate updates by @zhaohuabing in #7328
  • fix: watchutil test by @zhaohuabing in #7363
  • Support PDB for Ratelimit service by @zirain in #7314
  • fix: go deps by @kkk777-7 in #7367
  • docs: ignore gateway-api.sigs.k8s.io by @zirain in #7370
  • align ratelimitPDB name with envoyPDB by @zirain in #7369
  • feat: support rate limit based on path and method by @kkk777-7 in #7046
  • feat: allowing options method implicitly when cors filter is used by @kkk777-7 in #7144
  • feat: support section name for BackendTrafficPolicy by @kkk777-7 in #6888
  • chore: use envoy gateway website instead of httpbin for test by @zhaohuabing in #7371
  • feat(host): auto-generate certificates for host mode by @codefromthecrypt in #7362
  • docs: fix Gateway API link by @zirain in #7364
  • feat: Support configuring maxConnectionAge in xDSServer by @arkodg in #7374
  • fix make gen-check failure on main by @arkodg in #7382
  • chore(make): fix helm-generate.gateway-addons-helm target by @maxbrunet in #7385
  • feat(helm): add service type to helm chart by @saska in #7302
  • chore: bump go-control-plane deps by @jukie in #7388
  • chore: bump sigs.k8s.io/gateway-api-inference-extension to v1 by @arkodg in #7389
  • feat: support crls in client traffic policies by @rudrakhp in #7199
  • OIDC: enable refresh token by default by @zhaohuabing in #7375
  • chore: fix gen check by @rudrakhp in #7393
  • v1.6.0-rc.1 release notes by @rudrakhp in #7392
  • style: update policy function name by @kkk777-7 in #7381
  • translator: move EnvoyProxy validation out of Provider by @zirain in #7009
  • [release/v1.6] v1.6.0-rc.1 pin envoy proxy and ratelimit images by @rudrakhp in #7396
  • [release/v1.6] v1.6.0-rc.1 bump up envoy proxy image to v1.36.2 by @rudrakhp in #7399

New Contributors

Full Changelog: latest...v1.6.0-rc.1

Check out latest releases or
releases around envoyproxy/gateway v1.6.0-rc.1

Don't miss a new gateway release

NewReleases is sending notifications on new releases.

Get notifications