Skip to content

Releases: A3S-Lab/Gateway

v1.0.11

Choose a tag to compare

@github-actions github-actions released this 22 Jun 09:05
9904829
  • fix(gateway): self-heal upstream after backend pod rollout (v1.0.11) (#7)
  • fix(streaming): use idle read_timeout for SSE, not total request timeout (#5)

v1.0.7

Choose a tag to compare

@github-actions github-actions released this 04 Jun 08:41
  • feat(k8s): a3s-gateway.io/request-timeout ingress annotation (v1.0.7)

v1.0.6

Choose a tag to compare

@github-actions github-actions released this 01 Jun 02:18
710d743

Fixed

  • Passive health check no longer deadlocks a backend into permanent unavailability. Previously, once a backend exceeded the error threshold it was marked unhealthy and dropped from rotation; recovery only happened inside record_success, but an unhealthy backend receives no traffic, so no success ever arrived and the service returned 503 until the gateway was restarted (a single transient burst of SendRequest/5xx errors could take a whole service down indefinitely). A background recovery ticker now drives a half-open probe: after recovery_time elapses the backend is re-enabled so it receives traffic again — if it is still broken the next errors re-mark it, otherwise it stays healthy. The ticker holds a Weak reference and exits when its checker is dropped (config reload), avoiding task accumulation.

v1.0.5

Choose a tag to compare

@github-actions github-actions released this 31 May 11:16

Fixed

  • The Kubernetes Ingress watcher now hashes router/service CONTENT (rule, middlewares, priority, backend) instead of only their keys, so an in-place change to an existing Ingress/router — editing a rule from host to path routing, changing middlewares/priority, or a helm upgrade that rewrites the backend — is detected and triggers a reload (previously only router additions/removals were noticed).

v1.0.4

Choose a tag to compare

@github-actions github-actions released this 31 May 10:50

Added

  • strip-prefix middleware now supports a single-segment wildcard prefix (e.g. /apps/*): it strips the literal base plus exactly one dynamic path segment, so a single middleware can serve every dynamically-named workload under /apps/<id>/ without a per-workload middleware entry (avoids ConfigMap churn and the associated reload race).

v1.0.3

Choose a tag to compare

@github-actions github-actions released this 31 May 09:58

Fixed

  • Host rule matching now strips the port from the request authority before comparing, so a request that reaches the gateway on a non-default port (e.g. Host: app.example.com:49164) still matches a port-less Ingress host instead of falling through to a host-less catch-all.
  • Router selection now prefers the most-specific / highest-priority route. Effective priority is the explicit a3s-gateway.io/priority annotation when set (higher wins, Traefik-style), otherwise the rule length — so a host-less catch-all PathPrefix(/) no longer swallows more-specific (host-qualified or longer-path) routers.
  • The Kubernetes Ingress (and IngressRoute CRD) watcher now rebuilds its API client and backs off after a poll failure instead of spinning forever on a poisoned connection, so a transient API-server disconnect no longer freezes the router table until pod restart.

v1.0.2

Choose a tag to compare

@github-actions github-actions released this 16 May 03:29
bf4029a

Fixed

  • Fixed tokio-rt-worker panic on startup when the Kubernetes Ingress watcher
    opened its first TLS connection to the apiserver
    (Could not automatically determine the process-level CryptoProvider from Rustls crate features). With kube and redis features both pulling in
    rustls 0.23 alongside aws-lc-rs and ring, rustls refuses to auto-select a
    provider; the gateway now installs rustls::crypto::ring as the process
    default at the top of main() before any TLS client is constructed.

v1.0.1

Choose a tag to compare

@github-actions github-actions released this 15 May 13:30
3fdad48

Fixed

  • Linux release binaries (and OCI images published to ghcr.io) are now built with
    the kube and redis features enabled, so the published image can act as a
    Kubernetes Ingress Controller and use Redis-backed distributed rate limiting
    out of the box. Prior 1.0.0 image had default = [] features only and logged
    Kubernetes provider configured but the 'kube' feature is not enabled when
    used with a providers.kubernetes config block.

v1.0.0

Choose a tag to compare

@github-actions github-actions released this 12 May 03:28

Breaking

  • Provider re-exports narrowed: DockerProvider and spawn_docker_loop are no longer
    re-exported from the crate root. Use from_acl() Docker provider config instead.
  • GatewayState enum and HealthStatus struct are now #[non_exhaustive]
    match arms must include a wildcard (_) pattern.
  • Management API VersionInfo response now includes an api_version field ("v1").
  • Minimum Supported Rust Version (MSRV) declared: 1.82.

Added

  • EntrypointConfig::new(address) constructor for convenient programmatic config.
  • VersionInfo.api_version field for management API versioning.
  • rust-version = "1.82" in Cargo.toml (MSRV policy).
  • Criterion benchmarks: routing, middleware_pipeline, acl_parse.
  • 35 new unit tests for the ACL configuration parser.
  • 5 new unit tests for rate-limit middleware (deterministic time, edge cases).
  • router and middleware modules exposed as #[doc(hidden)] pub for benchmarking.

Fixed

  • GatewayConfig::default() now uses EntrypointConfig::new() internally.

v0.2.5

Choose a tag to compare

@github-actions github-actions released this 10 Apr 05:10
  • fix: correct docker-bake.json path in bake-action