conformance: Add Airlock Microgateway report for v1.1.0 (#3408)

root30 · mlavacca · web-flow · commit bc2a7aadbec3 · 2024-10-31T09:09:26.000Z
* conformance: Add Airlock Microgateway report for v1.1.0

* conformance: Add Airlock Microgateway report for v1.1.0

* Update site-src/implementations.md

Co-authored-by: Mattia Lavacca &lt;lavacca.mattia@gmail.com&gt;

---------

Co-authored-by: Mattia Lavacca &lt;lavacca.mattia@gmail.com&gt;
diff --git a/conformance/reports/v1.1.0/airlock-microgateway/README.md b/conformance/reports/v1.1.0/airlock-microgateway/README.md
@@ -0,0 +1,16 @@
+# Airlock Microgateway
+
+## Table of contents
+
+| API channel  | Implementation version                                               | Mode    | Report                                           |
+|--------------|----------------------------------------------------------------------|---------|--------------------------------------------------|
+| experimental | [v4.4.0](https://github.com/airlock/microgateway/releases/tag/4.4.0) | default | [link](./experimental-4.4.0-default-report.yaml) |
+
+## Reproduce
+
+The Airlock Microgateway conformance report can be reproduced by following the steps in the [Gateway API conformance guide](https://github.com/airlock/microgateway/tree/main/examples/gateway-api/conformance/conformance.md) on GitHub.
+
+> [!NOTE]
+> The `HTTPRouteWeight` test fires 10 concurrent request to 3 backends totaling in 500 requests to assert a distribution that matches the configured weight.
+> Please be aware that this test exceeds the [5 req/sec rate-limit](https://docs.airlock.com/microgateway/latest/#data/1675772882054.html) enforced in the <!-- markdown-link-check-disable --> [community edition](https://www.airlock.com/en/secure-access-hub/components/microgateway/community-edition) <!-- markdown-link-check-enable -->, causing the test to fail.
+> To successfully pass this test a <!-- markdown-link-check-disable --> [premium license](https://www.airlock.com/en/secure-access-hub/components/microgateway/premium-edition)  <!-- markdown-link-check-enable --> is required.
diff --git a/conformance/reports/v1.1.0/airlock-microgateway/experimental-4.4.0-default-report.yaml b/conformance/reports/v1.1.0/airlock-microgateway/experimental-4.4.0-default-report.yaml
@@ -0,0 +1,47 @@
+apiVersion: gateway.networking.k8s.io/v1alpha1
+date: "2024-10-24T11:45:25Z"
+gatewayAPIChannel: experimental
+gatewayAPIVersion: v1.1.0
+implementation:
+  contact:
+    - https://www.airlock.com/en/contact
+  organization: airlock
+  project: microgateway
+  url: https://github.com/airlock/microgateway
+  version: v4.4.0
+kind: ConformanceReport
+mode: default
+profiles:
+  - core:
+      result: success
+      statistics:
+        Failed: 0
+        Passed: 33
+        Skipped: 0
+    extended:
+      result: success
+      statistics:
+        Failed: 0
+        Passed: 5
+        Skipped: 0
+      supportedFeatures:
+        - GatewayPort8080
+        - HTTPRouteMethodMatching
+        - HTTPRouteParentRefPort
+        - HTTPRouteQueryParamMatching
+      unsupportedFeatures:
+        - GatewayHTTPListenerIsolation
+        - GatewayStaticAddresses
+        - HTTPRouteBackendRequestHeaderModification
+        - HTTPRouteBackendTimeout
+        - HTTPRouteHostRewrite
+        - HTTPRoutePathRedirect
+        - HTTPRoutePathRewrite
+        - HTTPRoutePortRedirect
+        - HTTPRouteRequestMirror
+        - HTTPRouteRequestMultipleMirrors
+        - HTTPRouteRequestTimeout
+        - HTTPRouteResponseHeaderModification
+        - HTTPRouteSchemeRedirect
+    name: GATEWAY-HTTP
+    summary: Core tests succeeded. Extended tests succeeded.
diff --git a/site-src/implementations.md b/site-src/implementations.md
@@ -15,6 +15,7 @@ cover, and documentation to help users get started.
 ## Gateway Controller Implementation Status <a name="gateways"></a>
 
 - [Acnodal EPIC][1]
+- [Airlock Microgateway][34]
 - [Amazon Elastic Kubernetes Service][23] (alpha)
 - [Apache APISIX][2] (beta)
 - [Avi Kubernetes Operator][31] (tech preview)
@@ -87,6 +88,7 @@ cover, and documentation to help users get started.
 [31]:#avi-kubernetes-operator
 [32]:#haproxy-kubernetes-ingress-controller
 [33]:#ngrok-kubernetes-operator
+[34]:#airlock-microgateway
 
 [gamma]:/concepts/gamma/
 
@@ -105,6 +107,35 @@ In this section you will find specific links to blog posts, documentation and ot
 [epicdocs]:https://www.epic-gateway.org/
 [epicsource]:https://github.com/epic-gateway
 
+### Airlock Microgateway
+[![Conformance](https://img.shields.io/badge/Gateway%20API%20Conformance%20v1.1.0-Airlock%20Microgateway-green)](https://github.com/kubernetes-sigs/gateway-api/blob/main/conformance/reports/v1.1.0/airlock-microgateway)
+
+[Airlock Microgateway][airlock-microgateway] is a Kubernetes native WAAP (Web Application and API Protection) solution to protect microservices.
+Modern application security is embedded in the development workflow and follows DevSecOps paradigms.
+Airlock Microgateway protects your applications and microservices with the tried-and-tested Airlock security features against attacks, while also providing a high degree of scalability.
+
+With [Airlock Microgateway 4.4][airlock-microgateway-v4.4], Airlock Microgateway introduces a sidecarless data plane mode
+based on Gateway API to avoid the operational complexity of sidecars.
+
+#### Features
+- Kubernetes native integration with sidecar injection and Gateway API support
+- Reverse proxy functionality with request routing rules, TLS termination and remote IP extraction
+- Using native Envoy HTTP filters like Lua scripting, RBAC, ext_authz, JWT authentication
+- Content security filters for protecting against known attacks (OWASP Top 10)
+- API security features like JSON parsing, OpenAPI specification enforcement or GraphQL schema validation
+
+#### Documentation and links
+- [Product documentation][airlock-microgateway-documentation]
+- [Gateway specific documentation][airlock-microgateway-guide]
+- Check our [Airlock community forum][airlock-microgateway-community-support] and [support process][airlock-microgateway-premium-support] for support.
+
+[airlock-microgateway]:https://www.airlock.com/en/secure-access-hub/components/microgateway
+[airlock-microgateway-v4.4]:https://docs.airlock.com/microgateway/4.4/#data/1725073468781.html
+[airlock-microgateway-documentation]:https://docs.airlock.com/microgateway/latest
+[airlock-microgateway-guide]:https://docs.airlock.com/microgateway/4.4/#data/1726159368351.html
+[airlock-microgateway-community-support]:https://forum.airlock.com/
+[airlock-microgateway-premium-support]:https://techzone.ergon.ch/support-process
+
 ### Amazon Elastic Kubernetes Service
 
 [Amazon Elastic Kubernetes Service (EKS)][eks] is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes. EKS's implementation of the Gateway API is through [AWS Gateway API Controller][eks-gateway] which provisions [Amazon VPC Lattice][vpc-lattice] Resources for gateway(s), HTTPRoute(s) in EKS clusters.
