Releases: A3S-Lab/Gateway
Releases · A3S-Lab/Gateway
Release list
v1.0.11
v1.0.7
- feat(k8s): a3s-gateway.io/request-timeout ingress annotation (v1.0.7)
v1.0.6
Fixed
- Passive health check no longer deadlocks a backend into permanent unavailability. Previously, once a backend exceeded the error threshold it was marked unhealthy and dropped from rotation; recovery only happened inside
record_success, but an unhealthy backend receives no traffic, so no success ever arrived and the service returned503until the gateway was restarted (a single transient burst ofSendRequest/5xx errors could take a whole service down indefinitely). A background recovery ticker now drives a half-open probe: afterrecovery_timeelapses the backend is re-enabled so it receives traffic again — if it is still broken the next errors re-mark it, otherwise it stays healthy. The ticker holds aWeakreference and exits when its checker is dropped (config reload), avoiding task accumulation.
v1.0.5
Fixed
- The Kubernetes Ingress watcher now hashes router/service CONTENT (rule, middlewares, priority, backend) instead of only their keys, so an in-place change to an existing Ingress/router — editing a rule from host to path routing, changing middlewares/priority, or a helm upgrade that rewrites the backend — is detected and triggers a reload (previously only router additions/removals were noticed).
v1.0.4
Added
strip-prefixmiddleware now supports a single-segment wildcard prefix (e.g./apps/*): it strips the literal base plus exactly one dynamic path segment, so a single middleware can serve every dynamically-named workload under/apps/<id>/without a per-workload middleware entry (avoids ConfigMap churn and the associated reload race).
v1.0.3
Fixed
- Host rule matching now strips the port from the request authority before comparing, so a request that reaches the gateway on a non-default port (e.g.
Host: app.example.com:49164) still matches a port-less Ingress host instead of falling through to a host-less catch-all. - Router selection now prefers the most-specific / highest-priority route. Effective priority is the explicit
a3s-gateway.io/priorityannotation when set (higher wins, Traefik-style), otherwise the rule length — so a host-less catch-all PathPrefix(/) no longer swallows more-specific (host-qualified or longer-path) routers. - The Kubernetes Ingress (and IngressRoute CRD) watcher now rebuilds its API client and backs off after a poll failure instead of spinning forever on a poisoned connection, so a transient API-server disconnect no longer freezes the router table until pod restart.
v1.0.2
Fixed
- Fixed
tokio-rt-workerpanic on startup when the Kubernetes Ingress watcher
opened its first TLS connection to the apiserver
(Could not automatically determine the process-level CryptoProvider from Rustls crate features). Withkubeandredisfeatures both pulling in
rustls 0.23 alongsideaws-lc-rsandring, rustls refuses to auto-select a
provider; the gateway now installsrustls::crypto::ringas the process
default at the top ofmain()before any TLS client is constructed.
v1.0.1
Fixed
- Linux release binaries (and OCI images published to ghcr.io) are now built with
thekubeandredisfeatures enabled, so the published image can act as a
Kubernetes Ingress Controller and use Redis-backed distributed rate limiting
out of the box. Prior 1.0.0 image haddefault = []features only and logged
Kubernetes provider configured but the 'kube' feature is not enabledwhen
used with aproviders.kubernetesconfig block.
v1.0.0
Breaking
- Provider re-exports narrowed:
DockerProviderandspawn_docker_loopare no longer
re-exported from the crate root. Usefrom_acl()Docker provider config instead. GatewayStateenum andHealthStatusstruct are now#[non_exhaustive]—
match arms must include a wildcard (_) pattern.- Management API
VersionInforesponse now includes anapi_versionfield ("v1"). - Minimum Supported Rust Version (MSRV) declared: 1.82.
Added
EntrypointConfig::new(address)constructor for convenient programmatic config.VersionInfo.api_versionfield for management API versioning.rust-version = "1.82"in Cargo.toml (MSRV policy).- Criterion benchmarks:
routing,middleware_pipeline,acl_parse. - 35 new unit tests for the ACL configuration parser.
- 5 new unit tests for rate-limit middleware (deterministic time, edge cases).
routerandmiddlewaremodules exposed as#[doc(hidden)] pubfor benchmarking.
Fixed
GatewayConfig::default()now usesEntrypointConfig::new()internally.
v0.2.5
- fix: correct docker-bake.json path in bake-action