From dc7c18d0de3addf4f6ece491a062049368691138 Mon Sep 17 00:00:00 2001 From: Tenshin Higashi Date: Thu, 16 Nov 2023 14:45:28 -0500 Subject: [PATCH] Updating Changelog Signed-off-by: Tenshin Higashi --- CHANGELOG.md | 32 +++++++++++++++---------- charts/emissary-ingress/CHANGELOG.md | 4 ++++ docs/releaseNotes.yml | 36 ++++++++++++++++++---------- 3 files changed, 47 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9c42a10f62..99809156c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -85,37 +85,45 @@ it will be removed; but as it won't be user-visible this isn't considered a brea ## RELEASE NOTES +## [3.9.1] November 17, 2023 +[3.9.1]: https://github.com/emissary-ingress/emissary/compare/v3.9.0...v3.9.1 + +### Emissary-ingress and Ambassador Edge Stack + +- Bugfix: Previously, after reconfiguration, routes could briefly be misconfigured due to a shift in + the routes list. This has now been patched. Thanks to Joe + Andaverde for contributing this bugfix! + ## [3.9.0] November 13, 2023 [3.9.0]: https://github.com/emissary-ingress/emissary/compare/v3.8.0...v3.9.0 ### Emissary-ingress and Ambassador Edge Stack - Feature: This upgrades Emissary-ingress to be built on Envoy v1.27.2 which provides security, - performance and feature enhancements. You can read more about them here: Envoy Proxy 1.27.2 Release Notes -- Feature: By default, Emissary-ingress will return an `UNAVAILABLE` code when a request using gRPC +- Feature: By default, Emissary-ingress will return an `UNAVAILABLE` code when a request using gRPC is rate limited. The `RateLimitService` resource now exposes a new - `grpc.use_resource_exhausted_code` field that when set to `true`, Emissary-ingress will return a - `RESOURCE_EXHAUSTED` gRPC code instead. Thanks to Jerome + `grpc.use_resource_exhausted_code` field that when set to `true`, Emissary-ingress will return a + `RESOURCE_EXHAUSTED` gRPC code instead. Thanks to Jerome Froelich for contributing this feature! - Feature: Envoy runtime fields that were provided to mitigate the recent HTTP/2 rapid reset - vulnerability can now be configured via the Module resource so the configuration will persist - between restarts. This configuration is added to the Envoy bootstrap config, so restarting - Emissary is necessary after changing these fields for the configuration to take effect. + vulnerability can now be configured via the Module resource so the configuration will persist + between restarts. This configuration is added to the Envoy bootstrap config, so restarting + Emissary is necessary after changing these fields for the configuration to take effect. - Change: APIExt would previously allow for TLS 1.0 connections. We have updated it to now only use - a minimum TLS version of 1.3 to resolve security concerns. + a minimum TLS version of 1.3 to resolve security concerns. - Change: - Update default image to Emissary-ingress v3.9.0.
- Bugfix: The APIExt server provides CRD conversion between the stored version v2 and the version - watched for by Emissary-ingress v3alpha1. Since this component is required to operate - Emissary-ingress, we have introduced an init container that will ensure it is available before - starting. This will help address some of the intermittent issues seen during install and - upgrades. + watched for by Emissary-ingress v3alpha1. Since this component is required to operate + Emissary-ingress, we have introduced an init container that will ensure it is available before + starting. This will help address some of the intermittent issues seen during install and upgrades. ## [3.8.0] August 29, 2023 [3.8.0]: https://github.com/emissary-ingress/emissary/compare/v3.7.2...v3.8.0 diff --git a/charts/emissary-ingress/CHANGELOG.md b/charts/emissary-ingress/CHANGELOG.md index fef69795ca..01dcb6f0fc 100644 --- a/charts/emissary-ingress/CHANGELOG.md +++ b/charts/emissary-ingress/CHANGELOG.md @@ -2,6 +2,10 @@ This file documents all notable changes to Ambassador Helm Chart. The release numbering uses [semantic versioning](http://semver.org). +## v8.9.1 +- Upgrade Emissary to v3.9.1 [CHANGELOG](https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md) +- Fix: Route Shifting Bug + ## v8.9.0 - Upgrade Emissary to v3.9.0 [CHANGELOG](https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md) diff --git a/docs/releaseNotes.yml b/docs/releaseNotes.yml index f282681042..c5c6c4389e 100644 --- a/docs/releaseNotes.yml +++ b/docs/releaseNotes.yml @@ -32,6 +32,16 @@ changelog: https://github.com/emissary-ingress/emissary/blob/$branch$/CHANGELOG.md items: + - version: 3.9.1 + prevVersion: 3.9.0 + date: '2023-11-17' + notes: + - title: Fix Route Shifting Bug + type: bugfix + body: >- + Previously, after reconfiguration, routes could briefly be misconfigured due to a shift in the routes list. This has now been patched. + Thanks to Joe Andaverde for contributing this bugfix! + - version: 3.9.0 prevVersion: 3.8.0 date: '2023-11-13' @@ -39,34 +49,34 @@ items: - title: Upgrade to Envoy 1.27.2 type: feature body: >- - This upgrades $productName$ to be built on Envoy v1.27.2 which provides security, performance - and feature enhancements. You can read more about them here: + This upgrades $productName$ to be built on Envoy v1.27.2 which provides security, performance + and feature enhancements. You can read more about them here: Envoy Proxy 1.27.2 Release Notes docs: https://www.envoyproxy.io/docs/envoy/v1.27.2/version_history/version_history - title: Added support for RESOURCE_EXHAUSTED responses to grpc clients when rate limited type: feature body: >- - By default, $productName$ will return an UNAVAILABLE code when a request using gRPC - is rate limited. The RateLimitService resource now exposes a new grpc.use_resource_exhausted_code - field that when set to true, $productName$ will return a RESOURCE_EXHAUSTED gRPC code instead. + By default, $productName$ will return an UNAVAILABLE code when a request using gRPC + is rate limited. The RateLimitService resource now exposes a new grpc.use_resource_exhausted_code + field that when set to true, $productName$ will return a RESOURCE_EXHAUSTED gRPC code instead. Thanks to Jerome Froelich for contributing this feature! - title: Added support for setting specific Envoy runtime flags in the Module type: feature body: >- - Envoy runtime fields that were provided to mitigate the recent HTTP/2 rapid reset vulnerability - can now be configured via the Module resource so the configuration will persist between restarts. - This configuration is added to the Envoy bootstrap config, so restarting Emissary is necessary after + Envoy runtime fields that were provided to mitigate the recent HTTP/2 rapid reset vulnerability + can now be configured via the Module resource so the configuration will persist between restarts. + This configuration is added to the Envoy bootstrap config, so restarting Emissary is necessary after changing these fields for the configuration to take effect. - title: Update APIExt minimum TLS version type: change body: >- - APIExt would previously allow for TLS 1.0 connections. We have updated it to now only use a minimum + APIExt would previously allow for TLS 1.0 connections. We have updated it to now only use a minimum TLS version of 1.3 to resolve security concerns. docs: https://www.tenable.com/plugins/nessus/104743 - + - title: Shipped Helm chart v8.9.0 type: change body: >- @@ -76,9 +86,9 @@ items: - title: Ensure APIExt server is available before starting Emissary-ingress type: bugfix body: >- - The APIExt server provides CRD conversion between the stored version v2 and the version watched for - by $productName$ v3alpha1. Since this component is required to operate $productName$, we have - introduced an init container that will ensure it is available before starting. This will help address + The APIExt server provides CRD conversion between the stored version v2 and the version watched for + by $productName$ v3alpha1. Since this component is required to operate $productName$, we have + introduced an init container that will ensure it is available before starting. This will help address some of the intermittent issues seen during install and upgrades. docs: https://artifacthub.io/packages/helm/datawire/edge-stack/$emissaryChartVersion$