Release 2.3.1

.gitlab-ci.yml

@@ -1,4 +1,4 @@
 include:
   - project: "f5/nginx/kic/kic-pipelines"
     file: "/include/ingress-controller.yml"
-    ref: "master"
+    ref: "release-2.3"

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+### 2.3.1
+
+An automatically generated list of changes can be found on GitHub at: [2.3.1 Release](https://github.com/nginxinc/kubernetes-ingress/releases/tag/v2.3.1)
+
+A curated list of changes can be found on the [Releases](http://docs.nginx.com/nginx-ingress-controller/releases/) page on the NGINX Documentation website.
+
 ### 2.3.0
 
 An automatically generated list of changes can be found on GitHub at: [2.3.0 Release](https://github.com/nginxinc/kubernetes-ingress/releases/tag/v2.3.0)

README.md

@@ -53,7 +53,7 @@ Read [this doc](https://docs.nginx.com/nginx-ingress-controller/intro/nginx-plus
 
 We publish Ingress Controller releases on GitHub. See our [releases page](https://github.com/nginxinc/kubernetes-ingress/releases).
 
-The latest stable release is [2.3.0](https://github.com/nginxinc/kubernetes-ingress/releases/tag/v2.3.0). For production use, we recommend that you choose the latest stable release.
+The latest stable release is [2.3.1](https://github.com/nginxinc/kubernetes-ingress/releases/tag/v2.3.1). For production use, we recommend that you choose the latest stable release.
 
 The edge version is useful for experimenting with new features that are not yet published in a stable release. To use, choose the *edge* version built from the [latest commit](https://github.com/nginxinc/kubernetes-ingress/commits/main) from the main branch.
 
@@ -68,7 +68,7 @@ The table below summarizes the options regarding the images, manifests, helm cha
 
 | Version | Description |  Image for NGINX | Image for NGINX Plus | Installation Manifests and Helm Chart | Documentation and Examples |
 | ------- | ----------- | --------------- | -------------------- | ---------------------------------------| -------------------------- |
-| Latest stable release | For production use | Use the 2.3.0 images from [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/), [GitHub Container](https://github.com/nginxinc/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress) or [build your own image](https://docs.nginx.com/nginx-ingress-controller/installation/building-ingress-controller-image/). | Use the 2.3.0 images from the [F5 Container Registry](https://docs.nginx.com/nginx-ingress-controller/installation/pulling-ingress-controller-image/) or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or [Build your own image](https://docs.nginx.com/nginx-ingress-controller/installation/building-ingress-controller-image/). | [Manifests](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/deployments). [Helm chart](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/deployments/helm-chart). | [Documentation](https://docs.nginx.com/nginx-ingress-controller/). [Examples](https://docs.nginx.com/nginx-ingress-controller/configuration/configuration-examples/). |
+| Latest stable release | For production use | Use the 2.3.1 images from [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/), [GitHub Container](https://github.com/nginxinc/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress) or [build your own image](https://docs.nginx.com/nginx-ingress-controller/installation/building-ingress-controller-image/). | Use the 2.3.1 images from the [F5 Container Registry](https://docs.nginx.com/nginx-ingress-controller/installation/pulling-ingress-controller-image/) or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or [Build your own image](https://docs.nginx.com/nginx-ingress-controller/installation/building-ingress-controller-image/). | [Manifests](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/deployments). [Helm chart](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/deployments/helm-chart). | [Documentation](https://docs.nginx.com/nginx-ingress-controller/). [Examples](https://docs.nginx.com/nginx-ingress-controller/configuration/configuration-examples/). |
 | Edge/Nightly | For testing and experimenting | Use the edge or nightly images from [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/), [GitHub Container](https://github.com/nginxinc/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress) or [build your own image](https://github.com/nginxinc/kubernetes-ingress/tree/main/docs/content/installation/building-ingress-controller-image.md). | [Build your own image](https://github.com/nginxinc/kubernetes-ingress/tree/main/docs/content/installation/building-ingress-controller-image.md). | [Manifests](https://github.com/nginxinc/kubernetes-ingress/tree/main/deployments). [Helm chart](https://github.com/nginxinc/kubernetes-ingress/tree/main/deployments/helm-chart). | [Documentation](https://github.com/nginxinc/kubernetes-ingress/tree/main/docs/content). [Examples](https://github.com/nginxinc/kubernetes-ingress/tree/main/examples). |
 
 ## Contacts

deployments/daemon-set/nginx-ingress.yaml

@@ -19,7 +19,7 @@ spec:
       serviceAccountName: nginx-ingress
       automountServiceAccountToken: true
       containers:
-      - image: nginx/nginx-ingress:2.3.0
+      - image: nginx/nginx-ingress:2.3.1
         imagePullPolicy: IfNotPresent
         name: nginx-ingress
         ports:

deployments/daemon-set/nginx-plus-ingress.yaml

@@ -19,7 +19,7 @@ spec:
       serviceAccountName: nginx-ingress
       automountServiceAccountToken: true
       containers:
-      - image: nginx-plus-ingress:2.3.0
+      - image: nginx-plus-ingress:2.3.1
         imagePullPolicy: IfNotPresent
         name: nginx-plus-ingress
         ports:

deployments/deployment/nginx-ingress.yaml

@@ -20,7 +20,7 @@ spec:
       serviceAccountName: nginx-ingress
       automountServiceAccountToken: true
       containers:
-      - image: nginx/nginx-ingress:2.3.0
+      - image: nginx/nginx-ingress:2.3.1
         imagePullPolicy: IfNotPresent
         name: nginx-ingress
         ports:

deployments/deployment/nginx-plus-ingress.yaml

@@ -20,7 +20,7 @@ spec:
       serviceAccountName: nginx-ingress
       automountServiceAccountToken: true
       containers:
-      - image: nginx-plus-ingress:2.3.0
+      - image: nginx-plus-ingress:2.3.1
         imagePullPolicy: IfNotPresent
         name: nginx-plus-ingress
         ports:

deployments/helm-chart-dos-arbitrator/README.md

@@ -16,7 +16,7 @@ This step is required if you're installing the chart using its sources. Addition
 
 1. Clone the Ingress Controller repo:
     ```console
-    $ git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v2.3.0
+    $ git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v2.3.1
     ```
 2. Change your working directory to /deployments/helm-chart-dos-arbitrator:
     ```console

deployments/helm-chart/Chart.yaml

@@ -1,13 +1,13 @@
 name: nginx-ingress
-version: 0.14.0
-appVersion: 2.3.0
+version: 0.14.1
+appVersion: 2.3.1
 apiVersion: v1
 kubeVersion: ">= 1.19.0-0"
 description: NGINX Ingress Controller
-icon: https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/deployments/helm-chart/chart-icon.png
+icon: https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/deployments/helm-chart/chart-icon.png
 home: https://github.com/nginxinc/kubernetes-ingress
 sources:
-  - https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/deployments/helm-chart
+  - https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/deployments/helm-chart
 keywords:
   - ingress
   - nginx

deployments/helm-chart/README.md

@@ -23,7 +23,7 @@ This step is required if you're installing the chart using its sources. Addition
 
 1. Clone the Ingress Controller repo:
     ```console
-    $ git clone https://github.com/nginxinc/kubernetes-ingress --branch v2.3.0
+    $ git clone https://github.com/nginxinc/kubernetes-ingress --branch v2.3.1
     ```
     **Note**: If you want to use the experimental repository (`edge`), remove the `--branch` flag and value.
 
@@ -156,7 +156,7 @@ Parameter | Description | Default
 `controller.nginxDebug` | Enables debugging for NGINX. Uses the `nginx-debug` binary. Requires `error-log-level: debug` in the ConfigMap via `controller.config.entries`. | false
 `controller.logLevel` | The log level of the Ingress Controller. | 1
 `controller.image.repository` | The image repository of the Ingress Controller. | nginx/nginx-ingress
-`controller.image.tag` | The tag of the Ingress Controller image. | 2.3.0
+`controller.image.tag` | The tag of the Ingress Controller image. | 2.3.1
 `controller.image.pullPolicy` | The pull policy for the Ingress Controller image. | IfNotPresent
 `controller.config.name` | The name of the ConfigMap used by the Ingress Controller. | Autogenerated
 `controller.config.annotations` | The annotations of the Ingress Controller configmap. | {}

deployments/helm-chart/values-icp.yaml

@@ -3,7 +3,7 @@ controller:
   nginxplus: true
   image:
     repository: mycluster.icp:8500/kube-system/nginx-plus-ingress
-    tag: "2.3.0"
+    tag: "2.3.1"
   nodeSelector:
     beta.kubernetes.io/arch: "amd64"
     proxy: true

deployments/helm-chart/values-nsm.yaml

@@ -2,7 +2,7 @@ controller:
   nginxplus: true
   image:
     repository: nginx-plus-ingress
-    tag: "2.3.0"
+    tag: "2.3.1"
   enableLatencyMetrics: true
 nginxServiceMesh:
   enable: true

deployments/helm-chart/values-plus.yaml

@@ -2,4 +2,4 @@ controller:
   nginxplus: true
   image:
     repository: nginx-plus-ingress
-    tag: "2.3.0"
+    tag: "2.3.1"

deployments/helm-chart/values.yaml

@@ -49,7 +49,7 @@ controller:
     repository: nginx/nginx-ingress
 
     ## The tag of the Ingress Controller image.
-    tag: "2.3.0"
+    tag: "2.3.1"
 
     ## The pull policy for the Ingress Controller image.
     pullPolicy: IfNotPresent

docs/content/app-protect-dos/configuration.md

@@ -9,7 +9,7 @@ docs: "DOCS-580"
 ---
 
 This document describes how to configure the NGINX App Protect DoS module
-> Check out the complete [NGINX Ingress Controller with App Protect DoS example resources on GitHub](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/examples/appprotect-dos).
+> Check out the complete [NGINX Ingress Controller with App Protect DoS example resources on GitHub](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/examples/appprotect-dos).
 
 ## App Protect DoS Configuration
 

docs/content/app-protect-dos/installation-with-helm-dos-arbitrator.md

@@ -19,7 +19,7 @@ This step is required if you're installing the chart using its sources. Addition
 
 1. Clone the Ingress Controller repo:
     ```console
-    $ git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v2.3.0
+    $ git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v2.3.1
     ```
 2. Change your working directory to /deployments/helm-chart-dos-arbitrator:
     ```console

docs/content/app-protect-dos/installation.md

@@ -19,7 +19,7 @@ This document provides an overview of the steps required to use NGINX App Protec
     * It is also possible to build your own image and push it to your private Docker registry by following the instructions from [here](/nginx-ingress-controller/installation/building-ingress-controller-image).
 2. Clone the Ingress Controller repo:
     ```
-    $ git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v2.3.0
+    $ git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v2.3.1
     $ cd kubernetes-ingress
     ```
 
@@ -66,4 +66,4 @@ Take the steps below to set up and deploy the NGINX Ingress Controller and App P
 3. Enable the App Protect Dos module by adding the `enable-app-protect-dos` [cli argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments/#cmdoption-enable-app-protect-dos) to your Deployment or DaemonSet file.
 4. [Deploy the Ingress Controller](/nginx-ingress-controller/installation/installation-with-manifests/#3-deploy-the-ingress-controller).
 
-For more information, see the [Configuration guide](/nginx-ingress-controller/app-protect-dos/configuration),the [NGINX Ingress Controller with App Protect DoS example for Ingress](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/examples/appprotect-dos) and the [NGINX Ingress Controller with App Protect DoS example for VirtualServer](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/examples/custom-resources/dos).
+For more information, see the [Configuration guide](/nginx-ingress-controller/app-protect-dos/configuration),the [NGINX Ingress Controller with App Protect DoS example for Ingress](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/examples/appprotect-dos) and the [NGINX Ingress Controller with App Protect DoS example for VirtualServer](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/examples/custom-resources/dos).

docs/content/app-protect/configuration.md

@@ -8,7 +8,7 @@ toc: true
 docs: "DOCS-578"
 ---
 
-> Check out the complete NGINX Ingress Controller with App Protect example resources on GitHub for [VirtualServer resources](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/examples/custom-resources/waf) and for [Ingress resources](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/examples/appprotect).
+> Check out the complete NGINX Ingress Controller with App Protect example resources on GitHub for [VirtualServer resources](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/examples/custom-resources/waf) and for [Ingress resources](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/examples/appprotect).
 
 ## Global Configuration
 
@@ -244,8 +244,8 @@ These are the typical steps to deploy an OpenAPI protection Policy in NGINX Ingr
 3. Make other custom changes if needed (e.g. enable Data Guard protection).
 4. Use a tool to convert the result to YAML. There are many, for example: [`yq` utility](https://github.com/mikefarah/yq).
 5. Add the YAML properties to create an `APPolicy` Custom Resource putting the policy itself (as in step 4) within the `spec` property of the Custom Resource. Refer to [App Protect Policies](#app-protect-policies) section above.
-6. Create a `Policy` object which references the `APPolicy` Custom Resource as in [this example](https://github.com/nginxinc/kubernetes-ingress/blob/v2.3.0/examples/custom-resources/waf/waf.yaml).
-7. Finally, attach the `Policy` object to a `VirtualServer` resource as in [this example](https://github.com/nginxinc/kubernetes-ingress/blob/v2.3.0/examples/custom-resources/waf/virtual-server.yaml).
+6. Create a `Policy` object which references the `APPolicy` Custom Resource as in [this example](https://github.com/nginxinc/kubernetes-ingress/blob/v2.3.1/examples/custom-resources/waf/waf.yaml).
+7. Finally, attach the `Policy` object to a `VirtualServer` resource as in [this example](https://github.com/nginxinc/kubernetes-ingress/blob/v2.3.1/examples/custom-resources/waf/virtual-server.yaml).
 
 **Note**:  You need to make sure that the server where the resource files are located is always available when you are compiling your policy.
 
@@ -381,7 +381,7 @@ The `link` option is also available in the `openApiFileReference` property and i
 ## Configuration in NGINX Plus Ingress Controller using Virtual Server Resource
 In this example we deploy the NGINX Plus Ingress Controller with NGINX App Protect, a simple web application and then configure load balancing and WAF protection for that application using the VirtualServer resource.
 
-**Note:** This example, and the files referenced, can be found [here](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.0/examples/custom-resources/waf).
+**Note:** This example, and the files referenced, can be found [here](https://github.com/nginxinc/kubernetes-ingress/tree/v2.3.1/examples/custom-resources/waf).
 
 ## Prerequisites
 
@@ -400,37 +400,37 @@ In this example we deploy the NGINX Plus Ingress Controller with NGINX App Prote
 
 Create the application deployment and service:
     ```
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/webapp.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/webapp.yaml
     ```
 
 ### Step 2. Deploy the AP Policy
 
 1. Create the syslog service and pod for the App Protect security logs:
     ```
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/syslog.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/syslog.yaml
     ```
 
 2. Create the User Defined Signature, App Protect policy and log configuration:
 
     ```
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/ap-apple-uds.yaml
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/ap-dataguard-alarm-policy.yaml
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/ap-logconf.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/ap-apple-uds.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/ap-dataguard-alarm-policy.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/ap-logconf.yaml
     ```
 
 ### Step 3 - Deploy the WAF Policy
 
 Create the WAF policy
     ``` 
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/waf.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/waf.yaml
     ```
 Note the App Protect configuration settings in the Policy resource. They enable WAF protection by configuring App Protect with the policy and log configuration created in the previous step.
 
 ### Step 4 - Configure Load Balancing
 
 1. Create the VirtualServer Resource:
     ```
-    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/virtual-server.yaml
+    $ kubectl apply -f https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/virtual-server.yaml
     ```
 Note that the VirtualServer references the policy waf-policy created in Step 3.
 
@@ -465,7 +465,7 @@ To access the application, curl the coffee and the tea services. We'll use the -
 
 ### Configuration Example of Virtual Server:
 
-Refer to github repo for [Virtual Server example](https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.0/examples/custom-resources/waf/webapp.yaml).
+Refer to github repo for [Virtual Server example](https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.3.1/examples/custom-resources/waf/webapp.yaml).
 
 ```yaml
 apiVersion: k8s.nginx.org/v1