Skip to content

Add WAFPolicy CRD #3496

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 12, 2025
Merged

Add WAFPolicy CRD #3496

merged 5 commits into from
Jun 12, 2025

Conversation

@sjberman
Copy link
Collaborator

@sjberman sjberman commented Jun 11, 2025
edited
Loading

Problem: As a user of NGF with an NGINX One subscription, I want a method to configure WAF protection on my Gateways and Routes, So that I can enable the NAP WAF feature for the applications that need it.

Solution: Define the WAFPolicy CRD.

Testing: Verified that I can create a sample policy and validation works properly.

Closes #3449

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

Release notes

If this PR introduces a change that affects users and needs to be mentioned in the release notes,
please add a brief note that summarizes the change.

sjberman and others added 4 commits June 10, 2025 15:18
@sjberman
Add WafPolicy CRD
24d3332 
Problem: As a user of NGF with an NGINX One subscription
I want a method to configure WAF protection on my Gateways and Routes
So that I can enable the NAP WAF feature for the applications that need it.

Solution: Define the WafPolicy CRD.
@ciarams87
Add comments and validation; change Waf to WAF
27365fc
@ciarams87
Change to sensible path defaults
9b8d48e
@sjberman
small fixes
b403e07
@sjberman sjberman requested a review from a team as a code owner June 11, 2025 17:18
@github-actions github-actions bot added the enhancement New feature or request label Jun 11, 2025
@codecov
Copy link

codecov bot commented Jun 11, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (feat/nap-waf@173fcf2). Learn more about missing BASE report.

Additional details and impacted files 
@@               Coverage Diff               @@
##             feat/nap-waf    #3496   +/-   ##
===============================================
  Coverage                ?   86.94%           
===============================================
  Files                   ?      127           
  Lines                   ?    15308           
  Branches                ?       62           
===============================================
  Hits                    ?    13309           
  Misses                  ?     1846           
  Partials                ?      153

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sjberman sjberman changed the title Add WafPolicy CRD Add WAFPolicy CRD Jun 12, 2025
@sjberman sjberman merged commit 50c1063 into feat/nap-waf Jun 12, 2025
37 checks passed
@sjberman sjberman deleted the feat/wafpolicy-crd branch June 12, 2025 22:33
@github-project-automation github-project-automation bot moved this from 🆕 New to ✅ Done in NGINX Gateway Fabric Jun 12, 2025
ciarams87 added a commit that referenced this pull request Jun 19, 2025
@sjberman @ciarams87
Add WAFPolicy CRD (#3496)
e11a235 
Problem: As a user of NGF with an NGINX One subscription
I want a method to configure WAF protection on my Gateways and Routes
So that I can enable the NAP WAF feature for the applications that need it.

Solution: Define the WafPolicy CRD.

Co-authored-by: Ciara Stacke <[email protected]>
ciarams87 added a commit that referenced this pull request Jul 9, 2025
@sjberman @ciarams87
Add WAFPolicy CRD (#3496)
ad02608 
Problem: As a user of NGF with an NGINX One subscription
I want a method to configure WAF protection on my Gateways and Routes
So that I can enable the NAP WAF feature for the applications that need it.

Solution: Define the WafPolicy CRD.

Co-authored-by: Ciara Stacke <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sindhushiv sindhushiv sindhushiv approved these changes

@ciarams87 ciarams87 ciarams87 approved these changes

@bjee19 bjee19 bjee19 approved these changes

@salonichf5 salonichf5 salonichf5 approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

NGINX Gateway Fabric
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@sjberman @sindhushiv @ciarams87 @bjee19 @salonichf5