Helm Changes
- Add a new field
global.securitySettings.floatingUserIdto the Gloo Helm chart that when set totruehas the same effect as settingfloatingUserId=truefor all deployment-specificfloatingUserIds, as well as settingdiscovery.deployment.enablePodSecurityContext=falseand gatewayProxies.gatewayProxy.podTemplate.enablePodSecurityContext=false`to allow for easy OpenShift deployment. The global value will override any local settings. (#5034) - Ensure that image digests are set correctly for all image variants (standard, fips, distroless, fips-distroless). (#9860)
New Features
- Provide a Helm field
global.securitySettings.floatingUserIdto apply floatingUserId logic, which unsetsrunAsUserfor security contexts, for all deployments in the Gloo Helm chart. The global field will also cause templates to be rendered as if deployments with "enablePodSecurityContextfields have their value set tofalseto allow for easy OpenShift deployment. This functionality has also been added to Gloo Gateway via the GatewayParameters resource. IffloatingUserId` is set in GatewayParameters, it will be applied to all deployments in the Gloo Gateway Helm chart, unless a deployment-specific value is set. (#5034) - Check the validity of Gloo Gateway License using
glooctl license validate --license-key <key>. (#3520)
Fixes
- Fix a bug that causes edge to try to list endpoints across all namespaces when no upstreams exist. (#5885)