All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Full Changelog: https://github.com/ngrok/kubernetes-ingress-controller/compare/kubernetes-ingress-controller-0.10.4...kubernetes-ingress-controller-0.11.0
- create policy kind #361
- initial policy controller update #364
- root-cas setting #371 Takes an install option for --set rootCAs=host and plumb the isHostCA check into the caCerts for it to just get the host certs.
- feat: Add support for mutualTLS #373
- Add GatewayClass to cachestore #376
- Add extensionRef support for policy crd inclusion #377
- ngrok client api update #367
- switch edge kinds to raw json policy #368
- modules to traffic policy #370
- Update nix flake, go version, and Makefile dep versions #379
- fix: panics in oauth providers #374
- Handle non-existent backend IDs more gracefully #380
- Fixes not all reserved addrs being returned while iterating #381
- Add the
--api-urloption This can be used to set the endpoint for the ngrok API. It can be set through via the helmapiURLvalue. - Set metadata for edges created by the gateway
- Add gateway to client info comment
- Controller will now start without having session established. Any operations
that require tunnels will return error, while it is trying to create a session.
Its ready and health checks now depend on the status of this session -
readywill not returnokuntil connection was established, andhealthcheck will return error if this connection had authentication issues.
- Search for backend service using the
HTTPRoutenamepace
- Support for Gateway api
- Support for Traffic Policies #334
- Support for Application protocol on target services to support HTTP/2. #323
- The
Status.LoadBalancer[].Hostnamefield is now propagated fromDomainCNAME status updates. #342
- IPPolicy controller wasn't applying the attached rules, leaving the IP policy in its current state #315
- TLSEdge CRD, see the TCP and TLS Edges Guide for more details.
- Added support for TLS Renegotiation for backends that use it #314
- Send FQDN in SNI when using backend https #304
- Update ngrok-go to 1.4.0 #298
- Tunnels are now unique in their respective namespace, not across the cluster #281
- The CRs that ingress controller creates are uniquely marked and managed by it. Other CRs created manually are no longer deleted when the ingress controller is not using them #267; fixed for tunnel in #285 and for https edges in #286
- Better error handling and retry, specifically for the case where we try to create an https edge for a domain which is not created yet #283; fixed in #288
- Watch and apply ngrok module set CR changes #287; fixed in #290
- Label https edges and tunnels with service UID to make them more unique within ngrok #291; fixed in #293 and #302
- The controller stopping at the first resource create #270
- Using
make deploynow requiresNGROK_AUTHTOKENandNGROK_API_KEYto be set #292
- Handle special case for changing auth types that causes an error during state transition #259
- Handle IP Policy CRD state transitions in a safer way #260
- Better handling when changing pathType between 'Exact' and 'Prefix' #262
- tunneldriver: plumb the version through ngrok-go #228
- Support HTTPS backends via service annotation #238
- Initialize route backends after module updates #243
- validate ip restriction rules, before creating the route #241
- Don't shadow remoteIPPolicies #230
- resolve some linter warnings #229
- Use direnv layout feature #248
- chore(readme): improve structure and content #246
- Added direnv and a nix devshell #227
- fix route modules, using ngrokmoduleset instead #239
- Use raw yq output, split e2e runner from deployment #235
- Added e2e config init script #234
- Some updates to handle different cases for e2e run #226.
- Add support for named service ports #222.
- Added Ingress controller version to user-agent #198.
- Don't default to development mode for logging #199.
- Leaking TCP connections for every tunnel dial #203.
- Bumped go version to 1.20 #167
- Refactored Route Module Updates to be lazy #168
- Annotations for configuration have been removed in favor of grouping module configurations together in
NgrokModuleSetcustom resources #170
- Ran go mod tidy and added check to make sure its tidy before merge #166
- Added
NgrokModuleSetCRD #170 - Added support for Circuit Breaker route module #171
- Added support for OIDC route module #173
- Added support for SAML route module #186
- Added support for OAuth route module #192
- When no region override is passed to helm, the controller now does not default to the US and instead uses the closes geographic edge servers #160
- Ingress Class has Default set to false #109
- Allow controller name to be configured to support multiple ngrok ingress classes #159
- Allow the controller to be configured to only watch a single namespace #157
- Pass key/value pairs to helm that get added as json string metadata in ngrok api resources #156
- merge all ingress objects into a single store to derive Edges. #129, #10, #131, #137
- Minimum TLS Version Route Module #125
- Webhook Verification Route Module #122
- Add/Remove Header Route Module #121
- Add IP Policy CRD and IP Policy Route Module #120
- Load certs from the directory
"/etc/ssl/certs/ngrok/"for ngrok-go if present #111
- Fix bug from Driver and Store refactor so ingress status has CNAME Targets for custom domains updated correctly #162
- Reduce domain controller reconcile counts by not updating domains if they didn't change #140
- Remove routes from remote API when they are removed from the ingress object #124
- Renamed docker image from
ngrok/ngrok-ingress-controllertongrok/kubernetes-ingress-controller. - Added new controllers for
domains,tcpedges, andhttpsedges. - Updated go dependencies
- Moved
main.goto root of project to match whatkubebuilderexpects. - Updated
Makefileto match whatkubebuildercurrently outputs. - Created
serverAddrflag and plumbed it through tongrok-go - Read environment variable
NGROK_API_ADDRfor an override to the ngrok API address.
- Moved from calling ngrok-agent sidecar to using the ngrok-go library in process.
The ngrok ingress controller is currently in alpha. Releases will have varying features with breaking changes.