nginx
diff --git a/‎deployments/common/crds/k8s.nginx.org_policies.yaml
Lines changed: 2 additions & 0 deletions b/‎deployments/common/crds/k8s.nginx.org_policies.yaml
Lines changed: 2 additions & 0 deletions
diff --git a/‎deployments/helm-chart/crds/k8s.nginx.org_policies.yaml
Lines changed: 2 additions & 0 deletions b/‎deployments/helm-chart/crds/k8s.nginx.org_policies.yaml
Lines changed: 2 additions & 0 deletions
diff --git a/‎internal/configs/configurator.go
Lines changed: 1 addition & 0 deletions b/‎internal/configs/configurator.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎internal/configs/version2/http.go
Lines changed: 1 addition & 0 deletions b/‎internal/configs/version2/http.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎internal/configs/version2/nginx-plus.virtualserver.tmpl
Lines changed: 8 additions & 0 deletions b/‎internal/configs/version2/nginx-plus.virtualserver.tmpl
Lines changed: 8 additions & 0 deletions
@@ -160,6 +160,8 @@ spec:
                   description: WAF defines an WAF policy.
                   type: object
                   properties:
+                    apBundle:
+                      type: string
                     apPolicy:
                       type: string
                     enable:
 
@@ -160,6 +160,8 @@ spec:
                   description: WAF defines an WAF policy.
                   type: object
                   properties:
+                    apBundle:
+                      type: string
                     apPolicy:
                       type: string
                     enable:
 
@@ -32,6 +32,7 @@ import (
 
 const (
 	pemFileNameForWildcardTLSSecret = "/etc/nginx/secrets/wildcard" // #nosec G101
+	appProtectBundleFolder          = "/etc/nginx/waf/bundles/"
 	appProtectPolicyFolder          = "/etc/nginx/waf/nac-policies/"
 	appProtectLogConfFolder         = "/etc/nginx/waf/nac-logconfs/"
 	appProtectUserSigFolder         = "/etc/nginx/waf/nac-usersigs/"
 
@@ -126,6 +126,7 @@ type OIDC struct {
 type WAF struct {
 	Enable              string
 	ApPolicy            string
+	ApBundle            string
 	ApSecurityLogEnable bool
 	ApLogConf           []string
 }
 
@@ -225,6 +225,10 @@ server {
     app_protect_policy_file {{ .ApPolicy }};
         {{ end }}
 
+        {{ if .ApBundle }}
+    app_protect_policy_file {{ .ApBundle }};
+        {{ end }}
+
         {{ if .ApSecurityLogEnable }}
     app_protect_security_log_enable on;
         {{ range $logconf := .ApLogConf }}
@@ -429,6 +433,10 @@ server {
         app_protect_policy_file {{ .ApPolicy }};
             {{ end }}
 
+            {{ if .ApBundle }}
+        app_protect_policy_file {{ .ApBundle }};
+            {{ end }}
+
             {{ if .ApSecurityLogEnable }}
         app_protect_security_log_enable on;
             {{ range $logconf := .ApLogConf }}
Original file line number	Diff line number	Diff line change
`@@ -126,6 +126,7 @@ type OIDC struct {`
`126`	`126`	`type WAF struct {`
`127`	`127`	`Enable string`
`128`	`128`	`ApPolicy string`
	`129`	`+ ApBundle string`
`129`	`130`	`ApSecurityLogEnable bool`
`130`	`131`	`ApLogConf []string`
`131`	`132`	`}`