add nginx content cache as cache policy #8005

vepatel · 2025-07-09T11:16:16Z

Proposed changes

Adds implementation for Nginx content caching using Policy and VS/VSR
Adds helm changes for volumes in deployments and sessionAffinity in services
Adds an deployable example
Adds unit tests
Adds python tests

Checklist

Before creating a PR, run through this checklist and mark each as complete.

I have read the CONTRIBUTING doc
I have added tests that prove my fix is effective or that my feature works
I have checked that all unit tests pass after adding my changes
I have updated necessary documentation
I have rebased my branch onto main
I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

for more information, see https://pre-commit.ci

Signed-off-by: Venktesh Shivam Patel <[email protected]>

codecov · 2025-08-07T16:38:34Z

Codecov Report

❌ Patch coverage is 94.69697% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 53.35%. Comparing base (4ef38ae) to head (8337f42).
⚠️ Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/configs/virtualserver.go	90.54%	4 Missing and 3 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #8005      +/-   ##
==========================================
+ Coverage   53.10%   53.35%   +0.24%     
==========================================
  Files          90       90              
  Lines       21778    21909     +131     
==========================================
+ Hits        11565    11689     +124     
- Misses       9738     9742       +4     
- Partials      475      478       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

github-actions · 2025-08-07T17:53:13Z

Package Report

gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx, 1.27.5-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-module-njs, 1.27.5+0.8.10-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-module-otel, 1.27.5+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 3.0.3~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx, 1.27.5-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-module-njs, 1.27.5+0.8.10-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-module-otel, 1.27.5+0.1.2-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 3.0.3~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus, 34-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-njs, 34+0.8.9-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-otel, 34+0.1.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-fips-check, 34+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 3.0.3~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus, 34-2~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-njs, 34+0.8.9-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-otel, 34+0.1.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-fips-check, 34+0.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 3.0.3~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus, 34-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-njs, 34+0.8.9-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-otel, 34+0.1.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-fips-check, 34+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-appprotect, 34+5.442.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect, 34+5.442.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-attack-signatures, 2025.08.07-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-threat-campaigns, 2025.08.11-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 2.42.1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus, 34-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-njs, 34+0.8.9-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-otel, 34+0.1.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-fips-check, 34+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-appprotect, 34+5.442.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-module-plus, 34+5.442.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-plugin, 6.16.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 2.42.1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus, 34-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-njs, 34+0.8.9-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-otel, 34+0.1.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-fips-check, 34+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-appprotectdos, 34+4.6.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-dos, 34+4.6.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus, 34-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-njs, 34+0.8.9-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-otel, 34+0.1.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-fips-check, 34+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-appprotect, 34+5.442.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect, 34+5.442.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-attack-signatures, 2025.08.07-2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-threat-campaigns, 2025.08.11-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-plus-module-appprotectdos, 34+4.6.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, app-protect-dos, 34+4.6.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9, nginx-agent, 2.42.1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx, 1.27.5-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-module-njs, 1.27.5.0.8.10-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-module-otel, 1.27.5.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-agent, 3.0.3, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx, 1.27.5-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-module-njs, 1.27.5.0.8.10-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-module-otel, 1.27.5.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-agent, 3.0.3, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus, 34-r2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus-module-njs, 34.0.8.9-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus-module-otel, 34.0.1.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus-module-fips-check, 34.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-agent, 3.0.3, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus, 34-r2, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus-module-njs, 34.0.8.9-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus-module-otel, 34.0.1.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-plus-module-fips-check, 34.0.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine, nginx-agent, 3.0.3, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus, 34-r2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-njs, 34.0.8.9-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-otel, 34.0.1.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-fips-check, 34.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-agent, 3.0.3, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus, 34-r2, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-njs, 34.0.8.9-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-otel, 34.0.1.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-fips-check, 34.0.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-agent, 3.0.3, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus, 34-r2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-njs, 34.0.8.9-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-otel, 34.0.1.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-fips-check, 34.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-agent, 2.42.1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-appprotect, 34.5.442.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, app-protect, 34.5.442.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, app-protect-attack-signatures, 2025.08.07-r2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, app-protect-threat-campaigns, 2025.08.11-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus, 34-r2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-njs, 34.0.8.9-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-otel, 34.0.1.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-fips-check, 34.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-agent, 2.42.1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, nginx-plus-module-appprotect, 34.5.442.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, app-protect-module-plus, 34.5.442.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-alpine-fips, app-protect-plugin, 6.16.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx, 1.27.5-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-module-njs, 1.27.5+0.9.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-module-otel, 1.27.5+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 3.0.3-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx, 1.27.5-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-module-njs, 1.27.5+0.9.0-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-module-otel, 1.27.5+0.1.2-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 3.0.3-1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus, 34-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-njs, 34+0.8.9-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-otel, 34+0.1.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-fips-check, 34+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 3.0.3-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus, 34-2.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-njs, 34+0.8.9-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-otel, 34+0.1.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-fips-check, 34+0.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 3.0.3-1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus, 34-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-njs, 34+0.8.9-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-otel, 34+0.1.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-fips-check, 34+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 2.42.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-appprotect, 34+5.442.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect, 34+5.442.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-attack-signatures, 2025.08.07-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-threat-campaigns, 2025.08.11-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus, 34-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-njs, 34+0.8.9-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-otel, 34+0.1.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-fips-check, 34+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 2.42.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-appprotect, 34+5.442.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-module-plus, 34+5.442.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-plugin, 6.16.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus, 34-2.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-njs, 34+0.8.9-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-otel, 34+0.1.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-fips-check, 34+0.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-agent, 2.42.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-appprotect, 34+5.442.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, app-protect, 34+5.442.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, app-protect-attack-signatures, 2025.08.07-2.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, app-protect-threat-campaigns, 2025.08.11-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus, 34-2.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-njs, 34+0.8.9-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-otel, 34+0.1.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-fips-check, 34+0.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-agent, 2.42.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, nginx-plus-module-appprotect, 34+5.442.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, app-protect-module-plus, 34+5.442.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi8, app-protect-plugin, 6.16.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus, 34-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-njs, 34+0.8.9-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-otel, 34+0.1.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-fips-check, 34+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-appprotectdos, 34+4.6.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-dos, 34+4.6.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus, 34-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-njs, 34+0.8.9-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-otel, 34+0.1.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-fips-check, 34+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-appprotect, 34+5.442.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-plus-module-appprotectdos, 34+4.6.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, nginx-agent, 2.42.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect, 34+5.442.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-attack-signatures, 2025.08.07-2.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-threat-campaigns, 2025.08.11-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-eda5bada34f825fdd8aa1e6d20c111d9-ubi, app-protect-dos, 34+4.6.1-1.el9.ngx, x86_64

for more information, see https://pre-commit.ci

examples/custom-resources/cache-policy/README.md

pdabelf5 · 2025-08-13T12:52:13Z

internal/configs/virtualserver.go

@@ -838,6 +849,7 @@ func (vsc *virtualServerConfigurator) GenerateVirtualServerConfig(
 		StatusMatches:    statusMatches,
 		LimitReqZones:    removeDuplicateLimitReqZones(limitReqZones),
 		AuthJWTClaimSets: removeDuplicateAuthJWTClaimSets(authJWTClaimSets),
+		CacheZones:       cacheZones,


might the zones need deduping?

https://github.com/nginx/kubernetes-ingress/pull/8005/files#diff-d04bccdf7de813e1ac39551e8a00313c114590f8e5ab0ee166be244f0d11d125R1972 should take care of it 🤔

tests/data/cache-policy/vsr/virtual-server-route-with-advanced-cache.yaml

tests/data/cache-policy/vsr/virtual-server-route-with-cache.yaml

tests/data/cache-policy/vsr/virtual-server-with-advanced-cache-route.yaml

tests/data/cache-policy/vsr/virtual-server-with-cache-route.yaml

Co-authored-by: Paul Abel <[email protected]> Signed-off-by: Venktesh Shivam Patel <[email protected]>

Copilot

Pull Request Overview

This PR adds support for NGINX content caching through a new cache Policy resource that can be applied to VirtualServer and VirtualServerRoute configurations. The implementation provides comprehensive caching capabilities including configurable cache zones, response code filtering, HTTP method restrictions, cache TTL settings, and NGINX Plus-specific features like cache purging.

Adds new Cache policy type supporting cache zones, response codes, HTTP methods, TTL, and purging capabilities
Extends VirtualServer and VirtualServerRoute configuration to support cache policies at spec and route levels
Includes Helm chart enhancements for shared cache volumes and session affinity configuration

Reviewed Changes

Copilot reviewed 42 out of 42 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
pkg/apis/configuration/v1/types.go	Adds Cache struct definition with all caching configuration options
pkg/apis/configuration/validation/policy.go	Implements validation logic for cache policy fields and NGINX Plus features
internal/configs/virtualserver.go	Integrates cache policy processing into VirtualServer configuration generation
internal/configs/version2/http.go	Defines cache-related data structures for template rendering
charts/nginx-ingress/values.yaml	Adds cache volume and session affinity configuration options
tests/suite/test_cache_policies_*.py	Comprehensive test suite for cache policy functionality

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

Copilot · 2025-08-14T12:26:49Z

pkg/apis/configuration/validation/policy.go

 	if fieldCount != 1 {
-		msg := "must specify exactly one of: `accessControl`, `rateLimit`, `ingressMTLS`, `egressMTLS`, `basicAuth`, `apiKey`"
+		msg := "must specify exactly one of: `accessControl`, `rateLimit`, `ingressMTLS`, `egressMTLS`, `basicAuth`, `apiKey`, `cache`"
 		if isPlus {
 			msg = fmt.Sprint(msg, ", `jwt`, `oidc`, `waf`")
 		}


The error message construction is duplicated and hardcoded in multiple places. Consider extracting the base policy types into a constant or function to reduce duplication and make it easier to maintain when new policy types are added.

Suggested change

}

msg := oneOfPolicyTypesError(isPlus)

Copilot · 2025-08-14T12:26:49Z

internal/configs/virtualserver.go

@@ -1732,6 +1746,13 @@ func (vsc *virtualServerConfigurator) generatePolicies(
 					ownerDetails.vsName, policyOpts.secretRefs)
 			case pol.Spec.WAF != nil:
 				res = config.addWAFConfig(vsc.cfgParams.Context, pol.Spec.WAF, key, polNamespace, policyOpts.apResources)
+			case pol.Spec.Cache != nil:
+				res = newValidationResults()
+				if config.Cache != nil {


[nitpick] The cache policy conflict detection logic should be extracted into a separate validation function. The warning message and conflict detection could be reused for other policy types that don't support multiple instances.

Copilot · 2025-08-14T12:26:49Z

internal/configs/virtualserver.go

+	// Convert allowed codes to proxy_cache_valid entries
+	for _, code := range cache.AllowedCodes {
+		if cache.Time != "" {
+			if code.Type == intstr.String {


The magic number '1' for string type should be replaced with a named constant (intstr.String) for better readability and maintainability.

Copilot · 2025-08-14T12:26:50Z

pkg/apis/configuration/validation/policy.go

+	// Check if it contains "any" mixed with other codes (invalid)
+	hasAny := false
+	for i, code := range cache.AllowedCodes {
+		if code.Type == 1 && code.StrVal == "any" {


The magic number '1' for string type should be replaced with a named constant (intstr.String) for better readability and maintainability.

Suggested change

if code.Type == 1 && code.StrVal == "any" {

if len(cache.AllowedCodes) == 1 && cache.AllowedCodes[0].Type == intstr.String && cache.AllowedCodes[0].StrVal == "any" {

return allErrs // Valid: single "any" string

}

// Check if it contains "any" mixed with other codes (invalid)

hasAny := false

for i, code := range cache.AllowedCodes {

if code.Type == intstr.String && code.StrVal == "any" {

Copilot · 2025-08-14T12:26:50Z

pkg/apis/configuration/validation/policy.go

+
+	// Validate all elements are integers in the range 100-599
+	for i, code := range cache.AllowedCodes {
+		if code.Type == 1 { // String type


The magic number '1' for string type should be replaced with a named constant (intstr.String) for better readability and maintainability.

vepatel added 8 commits July 2, 2025 11:57

initial cache-policy commit

f4a1ae5

add example files

c0f6d66

update CRD validation and add sessionAffinity

7acfa85

add values.yaml

a82a790

add overrideUpstreamCache option

d90c2d2

add unique purge var per VS, VSR

d7604cf

remove redundant enable flag

1563406

add levels and shared cache config

028f7b1

github-actions bot added enhancement Pull requests for new features/feature enhancements go Pull requests that update Go code labels Jul 9, 2025

Merge branch 'main' into feat/cache-policy

56ca632

vepatel linked an issue Jul 9, 2025 that may be closed by this pull request

Cache Policy - Implementation #7847

Open

pre-commit-ci bot and others added 5 commits July 9, 2025 11:17

[pre-commit.ci] auto fixes from pre-commit.com hooks

4c96532

for more information, see https://pre-commit.ci

Merge branch 'main' into feat/cache-policy

e63b045

Signed-off-by: Venktesh Shivam Patel <[email protected]>

Merge branch 'main' into feat/cache-policy

3d8f457

add unit tests

0857c5b

fix kubebuilder issues anbd add more validation to policy.go

1b635a2

vepatel added 3 commits August 7, 2025 17:46

use CEL rules

948c816

reduce cyclomatic complexity and update codegen

4aa91e1

Merge branch 'main' into feat/cache-policy

020b0b9

vepatel and others added 8 commits August 8, 2025 16:44

add more CEL based validation in CRDs

c1ccf4c

add maxItems for allowedMethods

f47a8b2

Merge branch 'main' into feat/cache-policy

ce72be2

Merge branch 'main' into feat/cache-policy

1eb7f1e

move more validations from go to CRDs

3b643ba

Merge branch 'main' into feat/cache-policy

29efd58

add better descriptions and remove costly CEL expressions

9301c63

[pre-commit.ci] auto fixes from pre-commit.com hooks

9974453

for more information, see https://pre-commit.ci

vepatel added 2 commits August 11, 2025 17:43

replace CEL with go logic

9d0c651

add functional tests and fix plus vs template

877e699

github-actions bot added the python Pull requests that update Python code label Aug 12, 2025

vepatel and others added 8 commits August 12, 2025 19:01

Merge branch 'main' into feat/cache-policy

886369f

[pre-commit.ci] auto fixes from pre-commit.com hooks

23602f6

for more information, see https://pre-commit.ci

update pytest marker

54fa49d

update pytest marker in ci and fix oss template

733485b

add template unit tests

62182ac

consolidate policy unit tests

0b6abaa

add example and readme

a52d7a2

Merge branch 'main' into feat/cache-policy

8337f42

vepatel marked this pull request as ready for review August 13, 2025 12:31

vepatel requested a review from a team as a code owner August 13, 2025 12:31

pdabelf5 reviewed Aug 13, 2025

View reviewed changes

vepatel and others added 3 commits August 13, 2025 14:30

remove empty test files

09c56c3

update example readme with suggestion

7b4926f

Co-authored-by: Paul Abel <[email protected]> Signed-off-by: Venktesh Shivam Patel <[email protected]>

remove pv-pvc yaml

eb94bd8

vepatel requested review from pdabelf5 and a team August 13, 2025 14:45

vepatel added 2 commits August 13, 2025 16:21

fix test marker in workflow data

5173313

Merge branch 'main' into feat/cache-policy

7207b5b

This was referenced Aug 14, 2025

add website docs for NIC cache policy nginx/documentation#962

Closed

add website docs for NIC cache policy nginx/documentation#963

Open

Merge branch 'main' into feat/cache-policy

29412e9

danielnginx requested a review from Copilot August 14, 2025 12:24

Copilot AI reviewed Aug 14, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

add nginx content cache as cache policy #8005

add nginx content cache as cache policy #8005

vepatel commented Jul 9, 2025 •

edited

Loading

Uh oh!

codecov bot commented Aug 7, 2025 •

edited

Loading

Uh oh!

github-actions bot commented Aug 7, 2025 •

edited

Loading

Uh oh!

Uh oh!

pdabelf5 Aug 13, 2025

Uh oh!

vepatel Aug 13, 2025 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Uh oh!

Copilot AI Aug 14, 2025

Uh oh!

Copilot AI Aug 14, 2025

Uh oh!

Copilot AI Aug 14, 2025

Uh oh!

Copilot AI Aug 14, 2025

Uh oh!

Copilot AI Aug 14, 2025

Uh oh!

Uh oh!

add nginx content cache as cache policy #8005

Are you sure you want to change the base?

add nginx content cache as cache policy #8005

Conversation

vepatel commented Jul 9, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Proposed changes

Checklist

Uh oh!

codecov bot commented Aug 7, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

github-actions bot commented Aug 7, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Package Report

Uh oh!

Uh oh!

pdabelf5 Aug 13, 2025

Choose a reason for hiding this comment

Uh oh!

vepatel Aug 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull Request Overview

Reviewed Changes

Uh oh!

Copilot AI Aug 14, 2025

Choose a reason for hiding this comment

Uh oh!

Copilot AI Aug 14, 2025

Choose a reason for hiding this comment

Uh oh!

Copilot AI Aug 14, 2025

Choose a reason for hiding this comment

Uh oh!

Copilot AI Aug 14, 2025

Choose a reason for hiding this comment

Uh oh!

Copilot AI Aug 14, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!

vepatel commented Jul 9, 2025 •

edited

Loading

codecov bot commented Aug 7, 2025 •

edited

Loading

github-actions bot commented Aug 7, 2025 •

edited

Loading

vepatel Aug 13, 2025 •

edited

Loading