nginx-gateway-fabric icon indicating copy to clipboard operation
nginx-gateway-fabric copied to clipboard

Published 20 hours ago verified publisher icon nginxinc

Support BackendTLSPolicy moving to standard channel

Open ciarams87 opened this issue 2 months ago • 1 comments
trafficstars

Currently, we have BackendTLSPolicy gated behind a feature flag to enable experimental features.

Once it is graduated to the standard channel in v1.4, we will need to support it without the feature flag. We will also need to add extra validation around unsupported fields.

Additionally, we will need to enable the conformance tests.

Acceptance Criteria:

  • Ensure BackendTLSPolicies are supported without the enable-experimental feature flag
  • Ensure any unsupported fields are flagged with an appropriate error message to the user
  • Ensure the BackendTLSPolicy conformance tests are enabled
  • Use the correct v1 API Version in the code instead of v1alpha3
    • Document that this is a breaking change if necessary (Gateway API may have a conversion webhook to translate from existing v1alpha3 BackenTLSPolicies -> v1)
  • Update the BackendTLSPolicy conditions in the conditions package to use the constants from the API where applicable

See https://github.com/nginx/nginx-gateway-fabric/pull/3982 for the draft 1.4.0 run for some of the changes required here

ciarams87 avatar Aug 27 '25 08:08 ciarams87