nginxinc
diff --git a/‎CHANGELOG.md
+47-1 b/‎CHANGELOG.md
+47-1
diff --git a/‎Makefile
+2-2 b/‎Makefile
+2-2
diff --git a/‎README.md
+5-4 b/‎README.md
+5-4
diff --git a/‎bundle/0.1.0/k8s.nginx.org_nginxingresscontrollers_crd.yaml
+287 b/‎bundle/0.1.0/k8s.nginx.org_nginxingresscontrollers_crd.yaml
+287
@@ -1,5 +1,51 @@
 # Changelog
 
+### 0.1.0
+
+FEATURES:
+
+* [56](https://github.com/nginxinc/nginx-ingress-operator/pull/56) Graduate Policies. Add enablePreviewPolicy flag support.
+* [55](https://github.com/nginxinc/nginx-ingress-operator/pull/55) Add AppProtect User Defined Signatures support.
+* [39](https://github.com/nginxinc/nginx-ingress-operator/pull/39) Update secret type of default secret to TLS.
+
+FIXES:
+
+* [71](https://github.com/nginxinc/nginx-ingress-operator/pull/71) Fix replicas and service to be optional fields.
+* [70](https://github.com/nginxinc/nginx-ingress-operator/pull/70) Make enableCRDs optional.
+* [66](https://github.com/nginxinc/nginx-ingress-operator/pull/66) Fix Service to be an optional field. Add support for updating ExtraLabels.
+* [65](https://github.com/nginxinc/nginx-ingress-operator/pull/65) Fix SCC resource to only affect KIC pods.
+
+DOCUMENTATION:
+
+* [54](https://github.com/nginxinc/nginx-ingress-operator/pull/54) Update IC compatibility in changelog.
+
+KNOWN ISSUES:
+
+* The Operator doesn't automatically remove IngressClasses created by [29](https://github.com/nginxinc/nginx-ingress-operator/pull/29).
+
+COMPATIBILITY:
+
+- NGINX Ingress Controller 1.10.x
+- Openshift 4.5 or newer.
+
+UPGRADE INSTRUCTIONS:
+
+UPGRADE INSTRUCTIONS:
+
+1. Remove the existing Policy CRD: kubectl delete crd policies.k8s.nginx.org
+**Please note that deletion of the policies.k8s.nginx.org CRD will result in all instances of that CRD being deleted too. Ensure to back up any important Custom Resource instances first!**
+1. Delete the existing SCC: kubectl delete scc nginx-ingress-scc
+1. Upgrade the operator to version 0.1.0.
+1. If the defaultSecret field is not set in your nginxingresscontrollers.k8s.nginx.org resource (or resources):
+    1. Remove the generated default secret. For example: kubectl delete secret -n my-nginx-ingress my-nginx-ingress-controller
+    1. Wait until the operator regenerates the secret. The old secret was of the type Opaque. The new secret will be of the type kubernetes.io/tls.
+1. Alternatively, if the defaultSecret is set to some secret, make sure it is of the type kubernetes.io/tls. If not, recreate the secret with the type kubernetes.io/tls.
+1. If the wildcardTLS is set to some secret, make sure it is of the type kubernetes.io/tls. If not, recreate the secret with the type kubernetes.io/tls.
+1. Ensure that the TLS secrets referenced by Ingress, VirtualServer and Policy resources are of the type kubernetes.io/tls, JWT secrets are of the type nginx.org/jwt and CA secrets are of the type nginx.org/ca. To avoid potential disruption of client traffic, instead of recreating the secrets, create new secrets with the correct type and update the Ingress, VirtualServer and Policy resources to use the new secrets.
+1. Update any existing instances of the nginxingresscontrollers.k8s.nginx.org Custom Resource to use an NGINX Ingress Controller 1.10.x image.
+
+**Note**: Steps 4-8 are required because Version 1.10.0 of the Ingress Controller added a requirement for secrets to be one of the following types: kubernetes.io/tls for TLS secrets; nginx.org/jwk for JWK secrets; or nginx.org/ca for CA secrets. Please see the section UPDATING SECRETS in https://docs.nginx.com/nginx-ingress-controller/releases/#nginx-ingress-controller-1-10-0 for more details.
+
 ### 0.0.7
 
 FEATURES:
@@ -14,7 +60,7 @@ FIXES:
 
 * [31](https://github.com/nginxinc/nginx-ingress-operator/pull/31) Add Status update for VS/VSR to RBAC.
 
-KNOWS ISSUES:
+KNOWN ISSUES:
 * The Operator doesn't automatically remove IngressClasses created by [29](https://github.com/nginxinc/nginx-ingress-operator/pull/29)
 
 COMPATIBILITY:
 
@@ -1,5 +1,5 @@
-OLD_TAG = 0.0.6
-TAG = 0.0.7
+OLD_TAG = 0.0.7
+TAG = 0.1.0
 
 IMAGE = nginx/nginx-ingress-operator
 
 
@@ -12,10 +12,11 @@ The following table shows the relation between the versions of the two projects:
 
 | NGINX Ingress Controller | NGINX Ingress Operator |
 | --- | --- |
-| < 1.7.0 | N/A |
-| 1.7.x | 0.0.4 |
-| 1.8.x | 0.0.6 |
+| 1.10.x | 0.1.0 |
 | 1.9.x | 0.0.7 |
+| 1.8.x | 0.0.6 |
+| 1.7.x | 0.0.4 |
+| < 1.7.0 | N/A |
 
 Note: The NGINX Ingress Operator works only for NGINX Ingress Controller versions after `1.7.0`.
 
@@ -29,7 +30,7 @@ Note: The NGINX Ingress Operator works only for NGINX Ingress Controller version
 ## NGINX Ingress Operator Releases
 We publish NGINX Ingress Operator releases on GitHub. See our [releases page](https://github.com/nginxinc/nginx-ingress-operator/releases).
 
-The latest stable release is [0.0.7](https://github.com/nginxinc/nginx-ingress-operator/releases/tag/v0.0.7). For production use, we recommend that you choose the latest stable release.
+The latest stable release is [0.1.0](https://github.com/nginxinc/nginx-ingress-operator/releases/tag/v0.1.0). For production use, we recommend that you choose the latest stable release.
 
 ## Development
 
 
@@ -0,0 +1,287 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: nginxingresscontrollers.k8s.nginx.org
+spec:
+  group: k8s.nginx.org
+  names:
+    kind: NginxIngressController
+    listKind: NginxIngressControllerList
+    plural: nginxingresscontrollers
+    singular: nginxingresscontroller
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      description: NginxIngressController is the Schema for the nginxingresscontrollers
+        API
+      properties:
+        apiVersion:
+          description: 'APIVersion defines the versioned schema of this representation
+            of an object. Servers should convert recognized schemas to the latest
+            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+          type: string
+        kind:
+          description: 'Kind is a string value representing the REST resource this
+            object represents. Servers may infer this from the endpoint the client
+            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+          type: string
+        metadata:
+          type: object
+        spec:
+          description: NginxIngressControllerSpec defines the desired state of NginxIngressController
+          properties:
+            appProtect:
+              description: App Protect support configuration. Requires enableCRDs
+                set to true.
+              nullable: true
+              properties:
+                enable:
+                  description: Enable App Protect.
+                  type: boolean
+              required:
+              - enable
+              type: object
+            configMapData:
+              additionalProperties:
+                type: string
+              description: Initial values of the Ingress Controller ConfigMap. Check
+                https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/
+                for more information about possible values.
+              nullable: true
+              type: object
+            defaultSecret:
+              description: The TLS Secret for TLS termination of the default server.
+                The format is namespace/name. The secret must be of the type kubernetes.io/tls.
+                If not specified, the operator will generate and deploy a TLS Secret
+                with a self-signed certificate and key.
+              type: string
+            enableCRDs:
+              description: Enables the use of NGINX Ingress Resource Definitions (VirtualServer
+                and VirtualServerRoute). Default is true.
+              nullable: true
+              type: boolean
+            enableLatencyMetrics:
+              description: Bucketed response times from when NGINX establishes a connection
+                to an upstream server to when the last byte of the response body is
+                received by NGINX. **Note** The metric for the upstream isn't available
+                until traffic is sent to the upstream.
+              nullable: true
+              type: boolean
+            enableLeaderElection:
+              description: Enables Leader election to avoid multiple replicas of the
+                controller reporting the status of Ingress resources – only one replica
+                will report status.
+              type: boolean
+            enablePreviewPolicies:
+              description: Enables preview policies. Requires enableCRDs set to true.
+              type: boolean
+            enableSnippets:
+              description: Enable custom NGINX configuration snippets in VirtualServer
+                and VirtualServerRoute resources. Requires enableCRDs set to true.
+              type: boolean
+            enableTLSPassthrough:
+              description: Enable TLS Passthrough on port 443. Requires enableCRDs
+                set to true.
+              type: boolean
+            globalConfiguration:
+              description: The GlobalConfiguration resource for global configuration
+                of the Ingress Controller. Format is namespace/name. Requires enableCRDs
+                set to true.
+              type: string
+            healthStatus:
+              description: Adds a new location to the default server. The location
+                responds with the 200 status code for any request. Useful for external
+                health-checking of the Ingress controller.
+              nullable: true
+              properties:
+                enable:
+                  description: Enable the HealthStatus.
+                  type: boolean
+                uri:
+                  description: URI of the location. Default is `/nginx-health`.
+                  type: string
+              required:
+              - enable
+              type: object
+            image:
+              description: The image of the Ingress Controller.
+              properties:
+                pullPolicy:
+                  description: The ImagePullPolicy of the image.
+                  enum:
+                  - Never
+                  - Always
+                  - IfNotPresent
+                  type: string
+                repository:
+                  description: The repository of the image.
+                  type: string
+                tag:
+                  description: The tag (version) of the image.
+                  type: string
+              required:
+              - pullPolicy
+              - repository
+              - tag
+              type: object
+            ingressClass:
+              description: A class of the Ingress controller. The Ingress controller
+                only processes Ingress resources that belong to its class (in other
+                words, have the annotation “kubernetes.io/ingress.class”). Additionally,
+                the Ingress controller processes Ingress resources that do not have
+                that annotation, which can be disabled by setting UseIngressClassOnly
+                to true. Default is `nginx`.
+              type: string
+            logLevel:
+              description: Log level for V logs. Format is 0 - 3
+              maximum: 3
+              minimum: 0
+              type: integer
+            nginxDebug:
+              description: 'Enable debugging for NGINX. Uses the nginx-debug binary.
+                Requires ‘error-log-level: debug’ in the ConfigMapData.'
+              type: boolean
+            nginxPlus:
+              description: Deploys the Ingress Controller for NGINX Plus. The default
+                is false meaning the Ingress Controller will be deployed for NGINX
+                OSS.
+              type: boolean
+            nginxReloadTimeout:
+              description: Timeout in milliseconds which the Ingress Controller will
+                wait for a successful NGINX reload after a change or at the initial
+                start.
+              type: integer
+            nginxStatus:
+              description: NGINX stub_status, or the NGINX Plus API.
+              nullable: true
+              properties:
+                allowCidrs:
+                  description: Whitelist IPv4 IP/CIDR blocks to allow access to NGINX
+                    stub_status or the NGINX Plus API. Separate multiple IP/CIDR by
+                    commas. (default “127.0.0.1”)
+                  type: string
+                enable:
+                  description: Enable the NginxStatus.
+                  type: boolean
+                port:
+                  description: Set the port where the NGINX stub_status or the NGINX
+                    Plus API is exposed. Default is 8080. Format is 1023 - 65535
+                  maximum: 65535
+                  minimum: 1023
+                  nullable: true
+                  type: integer
+              required:
+              - enable
+              type: object
+            prometheus:
+              description: NGINX or NGINX Plus metrics in the Prometheus format.
+              nullable: true
+              properties:
+                enable:
+                  description: Enable Prometheus metrics.
+                  type: boolean
+                port:
+                  description: Sets the port where the Prometheus metrics are exposed.
+                    Default is 9113. Format is 1023 - 65535
+                  maximum: 65535
+                  minimum: 1023
+                  nullable: true
+                  type: integer
+              required:
+              - enable
+              type: object
+            replicas:
+              description: The number of replicas of the Ingress Controller pod. The
+                default is 1. Only applies if the type is set to deployment.
+              format: int32
+              nullable: true
+              type: integer
+            reportIngressStatus:
+              description: Update the address field in the status of Ingresses resources.
+              nullable: true
+              properties:
+                enable:
+                  description: Enable the ReportIngressStatus.
+                  type: boolean
+                externalService:
+                  description: 'Specifies the name of the service with the type LoadBalancer
+                    through which the Ingress controller pods are exposed externally.
+                    The external address of the service is used when reporting the
+                    status of Ingress resources. Note: Only if serviceType is NodePort.'
+                  type: string
+                ingressLink:
+                  description: 'Specifies the name of the IngressLink resource, which
+                    exposes the Ingress Controller pods via a BIG-IP system. The IP
+                    of the BIG-IP system is used when reporting the status of Ingress,
+                    VirtualServer and VirtualServerRoute resources. Requires reportIngressStatus.enable
+                    set to true. Note: Only if serviceType is NodePort and reportIngressStatus.externalService
+                    is not set.'
+                  type: string
+              required:
+              - enable
+              type: object
+            service:
+              description: The service of the Ingress controller.
+              nullable: true
+              properties:
+                extraLabels:
+                  additionalProperties:
+                    type: string
+                  description: Specifies extra labels of the service.
+                  type: object
+              type: object
+            serviceType:
+              description: 'The type of the Service for the Ingress Controller. Valid
+                Service types are: NodePort and LoadBalancer.'
+              enum:
+              - NodePort
+              - LoadBalancer
+              type: string
+            type:
+              description: The type of the Ingress Controller installation - deployment
+                or daemonset.
+              enum:
+              - deployment
+              - daemonset
+              type: string
+            useIngressClassOnly:
+              description: Ignore Ingress resources without the “kubernetes.io/ingress.class”
+                annotation.
+              type: boolean
+            watchNamespace:
+              description: Namespace to watch for Ingress resources. By default the
+                Ingress controller watches all namespaces.
+              type: string
+            wildcardTLS:
+              description: A Secret with a TLS certificate and key for TLS termination
+                of every Ingress host for which TLS termination is enabled but the
+                Secret is not specified. The secret must be of the type kubernetes.io/tls.
+                If the argument is not set, for such Ingress hosts NGINX will break
+                any attempt to establish a TLS connection. If the argument is set,
+                but the Ingress controller is not able to fetch the Secret from Kubernetes
+                API, the Ingress Controller will fail to start. Format is namespace/name.
+              type: string
+          required:
+          - image
+          - serviceType
+          - type
+          type: object
+        status:
+          description: NginxIngressControllerStatus defines the observed state of
+            NginxIngressController
+          properties:
+            deployed:
+              description: Deployed is true if the Operator has finished the deployment
+                of the NginxIngressController.
+              type: boolean
+          required:
+          - deployed
+          type: object
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true