From 642c78428c53b9502063cb878f5982b522ad483f Mon Sep 17 00:00:00 2001 From: Flynn Date: Fri, 5 Jul 2024 14:52:37 -0400 Subject: [PATCH] Whitespace changes from my editor cleaning up YAML files... Signed-off-by: Flynn --- CHANGELOG.md | 31 ++++++++++++------------------- docs/releaseNotes.yml | 37 ++++++++++++++++++------------------- 2 files changed, 30 insertions(+), 38 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 06b6c2c975..3b5388391d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -91,7 +91,7 @@ it will be removed; but as it won't be user-visible this isn't considered a brea ### Emissary-ingress and Ambassador Edge Stack - Feature: This upgrades Emissary-ingress to be built on Envoy v1.28.0 which provides security, - performance and feature enhancements. You can read more about them here: Envoy Proxy 1.28.0 Release Notes @@ -115,37 +115,30 @@ it will be removed; but as it won't be user-visible this isn't considered a brea ### Emissary-ingress and Ambassador Edge Stack - Feature: This upgrades Emissary-ingress to be built on Envoy v1.27.2 which provides security, - performance and feature enhancements. You can read more about them here: Envoy Proxy 1.27.2 Release Notes -- Feature: By default, Emissary-ingress will return an `UNAVAILABLE` code when a request using gRPC +- Feature: By default, Emissary-ingress will return an `UNAVAILABLE` code when a request using gRPC is rate limited. The `RateLimitService` resource now exposes a new - `grpc.use_resource_exhausted_code` field that when set to `true`, Emissary-ingress will return a - `RESOURCE_EXHAUSTED` gRPC code instead. Thanks to Jerome + `grpc.use_resource_exhausted_code` field that when set to `true`, Emissary-ingress will return a + `RESOURCE_EXHAUSTED` gRPC code instead. Thanks to Jerome Froelich for contributing this feature! - Feature: Envoy runtime fields that were provided to mitigate the recent HTTP/2 rapid reset - vulnerability can now be configured via the Module resource so the configuration will persist - between restarts. This configuration is added to the Envoy bootstrap config, so restarting - Emissary is necessary after changing these fields for the configuration to take effect. + vulnerability can now be configured via the Module resource so the configuration will persist + between restarts. This configuration is added to the Envoy bootstrap config, so restarting + Emissary is necessary after changing these fields for the configuration to take effect. - Change: APIExt would previously allow for TLS 1.0 connections. We have updated it to now only use - a minimum TLS version of 1.3 to resolve security concerns. + a minimum TLS version of 1.3 to resolve security concerns. - Change: - Update default image to Emissary-ingress v3.9.0.
- Bugfix: The APIExt server provides CRD conversion between the stored version v2 and the version - watched for by Emissary-ingress v3alpha1. Since this component is required to operate - Emissary-ingress, we have introduced an init container that will ensure it is available before - starting. This will help address some of the intermittent issues seen during install and - upgrades. - -- Bugfix: _cache_key is getting generated incorrectly for mappings in ir.json, when using header - with regex in mapping. Always, It should be in the format of {kind}-{version}-{name}-{namespace}. - But header name is getting updated in the place of mapping name, if we created mapping with regex - header. - + watched for by Emissary-ingress v3alpha1. Since this component is required to operate + Emissary-ingress, we have introduced an init container that will ensure it is available before + starting. This will help address some of the intermittent issues seen during install and upgrades. ## [3.8.0] August 29, 2023 [3.8.0]: https://github.com/emissary-ingress/emissary/compare/v3.7.2...v3.8.0 diff --git a/docs/releaseNotes.yml b/docs/releaseNotes.yml index 692343b68a..98172ee72f 100644 --- a/docs/releaseNotes.yml +++ b/docs/releaseNotes.yml @@ -35,15 +35,15 @@ items: - version: 3.10.0-dev prevVersion: 3.9.0 date: 'TBD' - notes: + notes: - title: Upgrade to Envoy 1.30.2 type: feature body: >- - This upgrades $productName$ to be built on Envoy v1.28.0 which provides security, performance - and feature enhancements. You can read more about them here: + This upgrades $productName$ to be built on Envoy v1.28.0 which provides security, performance + and feature enhancements. You can read more about them here: Envoy Proxy 1.28.0 Release Notes docs: https://www.envoyproxy.io/docs/envoy/v1.28.0/version_history/version_history - + - title: Remove Ambassador Agent from published YAML Manifest type: change body: >- @@ -51,12 +51,11 @@ items: This is an optional component that provides additional features on top of $productName$ and we recommend installing it using the instructions found in the Ambassador Agent Repo. docs: https://github.com/datawire/ambassador-agent - + - title: Update to golang 1.22.4 type: change body: >- Upgraded $productName$ to the latest release of Golang as part of our general dependency upgrade process. - - title: Fix internal keying for regex Mappings type: bugfix @@ -76,34 +75,34 @@ items: - title: Upgrade to Envoy 1.27.2 type: feature body: >- - This upgrades $productName$ to be built on Envoy v1.27.2 which provides security, performance - and feature enhancements. You can read more about them here: + This upgrades $productName$ to be built on Envoy v1.27.2 which provides security, performance + and feature enhancements. You can read more about them here: Envoy Proxy 1.27.2 Release Notes docs: https://www.envoyproxy.io/docs/envoy/v1.27.2/version_history/version_history - title: Added support for RESOURCE_EXHAUSTED responses to grpc clients when rate limited type: feature body: >- - By default, $productName$ will return an UNAVAILABLE code when a request using gRPC - is rate limited. The RateLimitService resource now exposes a new grpc.use_resource_exhausted_code - field that when set to true, $productName$ will return a RESOURCE_EXHAUSTED gRPC code instead. + By default, $productName$ will return an UNAVAILABLE code when a request using gRPC + is rate limited. The RateLimitService resource now exposes a new grpc.use_resource_exhausted_code + field that when set to true, $productName$ will return a RESOURCE_EXHAUSTED gRPC code instead. Thanks to Jerome Froelich for contributing this feature! - title: Added support for setting specific Envoy runtime flags in the Module type: feature body: >- - Envoy runtime fields that were provided to mitigate the recent HTTP/2 rapid reset vulnerability - can now be configured via the Module resource so the configuration will persist between restarts. - This configuration is added to the Envoy bootstrap config, so restarting Emissary is necessary after + Envoy runtime fields that were provided to mitigate the recent HTTP/2 rapid reset vulnerability + can now be configured via the Module resource so the configuration will persist between restarts. + This configuration is added to the Envoy bootstrap config, so restarting Emissary is necessary after changing these fields for the configuration to take effect. - title: Update APIExt minimum TLS version type: change body: >- - APIExt would previously allow for TLS 1.0 connections. We have updated it to now only use a minimum + APIExt would previously allow for TLS 1.0 connections. We have updated it to now only use a minimum TLS version of 1.3 to resolve security concerns. docs: https://www.tenable.com/plugins/nessus/104743 - + - title: Shipped Helm chart v8.9.0 type: change body: >- @@ -113,9 +112,9 @@ items: - title: Ensure APIExt server is available before starting Emissary-ingress type: bugfix body: >- - The APIExt server provides CRD conversion between the stored version v2 and the version watched for - by $productName$ v3alpha1. Since this component is required to operate $productName$, we have - introduced an init container that will ensure it is available before starting. This will help address + The APIExt server provides CRD conversion between the stored version v2 and the version watched for + by $productName$ v3alpha1. Since this component is required to operate $productName$, we have + introduced an init container that will ensure it is available before starting. This will help address some of the intermittent issues seen during install and upgrades. docs: https://artifacthub.io/packages/helm/datawire/edge-stack/$emissaryChartVersion$