Skip to content

Implement WAFPolicy controller #3532

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 8, 2025
Merged

Implement WAFPolicy controller #3532

merged 2 commits into from
Jul 8, 2025

Conversation

@ciarams87
Copy link
Contributor

@ciarams87 ciarams87 commented Jun 21, 2025
edited
Loading

Proposed changes

Problem:
As a user of NGF
I want my WafPolicy configuration applied to NGINX for the Gateway or Route scope
So that I can enable WAF protection on my traffic

Solution: Implement the WAFPolicy controller.

Testing: Over 90% unit test coverage, and manual testing in a GKE cluster

Closes: #3454

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

Release notes

If this PR introduces a change that affects users and needs to be mentioned in the release notes,
please add a brief note that summarizes the change.

NONE

@ciarams87 ciarams87 requested a review from a team as a code owner June 21, 2025 10:57
@github-actions github-actions bot added enhancement New feature or request helm-chart Relates to helm chart labels Jun 21, 2025
This was linked to issues Jun 21, 2025
Implement WafPolicy controller & generate the correct NGINX configuration #3454
Closed
Implement Policy Fetcher implementation for WafPolicy #3456
Closed
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch 2 times, most recently from e3a3e51 to 89122cd Compare June 24, 2025 09:49
@ciarams87 ciarams87 mentioned this pull request Jun 24, 2025
Merged
6 tasks
@ciarams87 ciarams87 marked this pull request as draft June 24, 2025 10:16
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch from 89122cd to 469bfd8 Compare June 24, 2025 10:36
@ciarams87 ciarams87 removed a link to an issue Jun 24, 2025
Implement Policy Fetcher implementation for WafPolicy #3456
Closed
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch from 469bfd8 to 77a793f Compare June 25, 2025 08:06
@github-actions github-actions bot removed the helm-chart Relates to helm chart label Jun 25, 2025
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch from ddeaa8e to 499cfed Compare June 25, 2025 17:04
tataruty
tataruty reviewed Jun 25, 2025
View reviewed changes
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch from 499cfed to 752013c Compare July 3, 2025 12:19
@github-actions github-actions bot added the documentation Improvements or additions to documentation label Jul 3, 2025
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch 3 times, most recently from ad59974 to 047418f Compare July 3, 2025 19:02
@github-actions github-actions bot removed the documentation Improvements or additions to documentation label Jul 3, 2025
@ciarams87 ciarams87 marked this pull request as ready for review July 3, 2025 19:03
@ciarams87 ciarams87 marked this pull request as draft July 3, 2025 19:07
@ciarams87 ciarams87 force-pushed the feat/wafpolicy-ctlr branch from 047418f to 28bcbe2 Compare July 3, 2025 21:42
@ciarams87 ciarams87 marked this pull request as ready for review July 3, 2025 22:01
@ciarams87 ciarams87 requested a review from a team July 3, 2025 22:01
sjberman
sjberman reviewed Jul 4, 2025
View reviewed changes
Copy link
Collaborator

@sjberman sjberman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple small things, but overall looks pretty good!

salonichf5
salonichf5 approved these changes Jul 8, 2025
View reviewed changes
Copy link
Contributor

@salonichf5 salonichf5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

@ciarams87 ciarams87 merged commit f9a811c into feat/nap-waf Jul 8, 2025
37 checks passed
@ciarams87 ciarams87 deleted the feat/wafpolicy-ctlr branch July 8, 2025 21:35
@github-project-automation github-project-automation bot moved this from 🆕 New to ✅ Done in NGINX Gateway Fabric Jul 8, 2025
ciarams87 added a commit that referenced this pull request Jul 9, 2025
@ciarams87
Implement WAFPolicy controller (#3532)
61185c7 
As a user of NGF
I want my WafPolicy configuration applied to NGINX for the Gateway or Route scope
So that I can enable WAF protection on my traffic

Solution: Implement the WAFPolicy controller.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tataruty tataruty tataruty left review comments

@sjberman sjberman sjberman approved these changes

@salonichf5 salonichf5 salonichf5 approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

NGINX Gateway Fabric
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement WafPolicy controller & generate the correct NGINX configuration

5 participants

@ciarams87 @sjberman @tataruty @salonichf5