From 1b7723bac5827bf7a61bdb8387497b7142ecdbd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=BE=84=E6=BD=AD?= Date: Mon, 13 Feb 2023 19:22:32 +0800 Subject: [PATCH] release 0.6.2 (#186) --- Makefile.core.mk | 4 ++-- VERSION | 2 +- helm/higress/Chart.yaml | 4 ++-- helm/higress/values.yaml | 7 ++----- helm/kind/higress/Chart.yaml | 6 +++--- .../patches/istio/20230208-waf-stats.patch | 18 ++++++++++++++++++ samples/wasmplugin/waf.yaml | 14 ++++++++++++++ 7 files changed, 42 insertions(+), 13 deletions(-) create mode 100644 istio/1.12/patches/istio/20230208-waf-stats.patch create mode 100644 samples/wasmplugin/waf.yaml diff --git a/Makefile.core.mk b/Makefile.core.mk index b0ed6e0349..33ea03573e 100644 --- a/Makefile.core.mk +++ b/Makefile.core.mk @@ -96,13 +96,13 @@ export PARENT_GIT_REVISION:=$(TAG) export ENVOY_TAR_PATH:=/home/package/envoy.tar.gz build-istio: prebuild - cd external/istio; GOOS_LOCAL=linux TARGET_OS=linux TARGET_ARCH=amd64 BUILD_WITH_CONTAINER=1 DOCKER_BUILD_VARIANTS=default DOCKER_TARGETS="docker.pilot" make docker + cd external/istio; rm -rf out; GOOS_LOCAL=linux TARGET_OS=linux TARGET_ARCH=amd64 BUILD_WITH_CONTAINER=1 DOCKER_BUILD_VARIANTS=default DOCKER_TARGETS="docker.pilot" make docker external/package/envoy.tar.gz: cd external/proxy; BUILD_WITH_CONTAINER=1 make test_release build-gateway: prebuild external/package/envoy.tar.gz - cd external/istio; GOOS_LOCAL=linux TARGET_OS=linux TARGET_ARCH=amd64 BUILD_WITH_CONTAINER=1 DOCKER_BUILD_VARIANTS=default DOCKER_TARGETS="docker.proxyv2" make docker + cd external/istio; rm -rf out; GOOS_LOCAL=linux TARGET_OS=linux TARGET_ARCH=amd64 BUILD_WITH_CONTAINER=1 DOCKER_BUILD_VARIANTS=default DOCKER_TARGETS="docker.proxyv2" make docker pre-install: cp api/kubernetes/customresourcedefinitions.gen.yaml helm/higress/crds diff --git a/VERSION b/VERSION index 14909610e6..45964c6694 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v0.6.1 +v0.6.2 diff --git a/helm/higress/Chart.yaml b/helm/higress/Chart.yaml index 81067e940c..416002c2e3 100644 --- a/helm/higress/Chart.yaml +++ b/helm/higress/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.6.1 +appVersion: 0.6.2 description: Helm chart for deploying higress gateways icon: https://higress.io/img/higress_logo_small.png keywords: @@ -9,4 +9,4 @@ name: higress sources: - http://github.com/alibaba/higress type: application -version: 0.6.1 +version: 0.6.2 diff --git a/helm/higress/values.yaml b/helm/higress/values.yaml index 13690d932a..0aae899bbd 100644 --- a/helm/higress/values.yaml +++ b/helm/higress/values.yaml @@ -1,3 +1,4 @@ +revision: "" global: # whether to use autoscaling/v2 template for HPA settings # for internal usage only, not to be configured by users. @@ -364,7 +365,7 @@ gateway: name: "higress-gateway" replicas: 2 image: gateway - tag: "0.6.1" + tag: "0.6.2" # revision declares which revision this gateway is a part of revision: "" @@ -409,10 +410,6 @@ gateway: # Type of service. Set to "None" to disable the service entirely type: LoadBalancer ports: - - name: status-port - port: 15021 - protocol: TCP - targetPort: 15021 - name: http2 port: 80 protocol: TCP diff --git a/helm/kind/higress/Chart.yaml b/helm/kind/higress/Chart.yaml index 84edb6e615..ff9a645769 100644 --- a/helm/kind/higress/Chart.yaml +++ b/helm/kind/higress/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.6.1 +appVersion: 0.6.2 description: Helm chart for deploying higress gateways icon: https://higress.io/img/higress_logo_small.png keywords: @@ -11,6 +11,6 @@ sources: dependencies: - name: higress repository: "file://../../higress" - version: 0.6.1 + version: 0.6.2 type: application -version: 0.6.1 +version: 0.6.2 diff --git a/istio/1.12/patches/istio/20230208-waf-stats.patch b/istio/1.12/patches/istio/20230208-waf-stats.patch new file mode 100644 index 0000000000..948f03d9ea --- /dev/null +++ b/istio/1.12/patches/istio/20230208-waf-stats.patch @@ -0,0 +1,18 @@ +diff -Naur istio/tools/packaging/common/envoy_bootstrap.json istio_new/tools/packaging/common/envoy_bootstrap.json +--- istio/tools/packaging/common/envoy_bootstrap.json 2023-02-08 22:42:41.000000000 +0800 ++++ istio_new/tools/packaging/common/envoy_bootstrap.json 2023-02-08 22:19:04.000000000 +0800 +@@ -37,6 +37,14 @@ + "use_all_default_tags": false, + "stats_tags": [ + { ++ "tag_name": "phase", ++ "regex": "(_phase=([a-z_]+))" ++ }, ++ { ++ "tag_name": "ruleid", ++ "regex": "(_ruleid=([0-9]+))" ++ }, ++ { + "tag_name": "route", + "regex": "^vhost\\..*?\\.route\\.([^\\.]+\\.)upstream" + }, diff --git a/samples/wasmplugin/waf.yaml b/samples/wasmplugin/waf.yaml new file mode 100644 index 0000000000..77a460b0e2 --- /dev/null +++ b/samples/wasmplugin/waf.yaml @@ -0,0 +1,14 @@ +apiVersion: extensions.higress.io/v1alpha1 +kind: WasmPlugin +metadata: + name: waf + namespace: higress-system +spec: + # build from https://github.com/corazawaf/coraza-proxy-wasm + url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/corazawaf:1.0.0 + defaultConfig: + rules: + - "Include @crs-setup-conf" + - "Include @recommended-conf" + - "Include @owasp_crs/*.conf" + - "SecRuleEngine on"