Skip to content

extend cache policy for more configurable parameters #8533

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 25 commits into from
Nov 28, 2025
Merged

extend cache policy for more configurable parameters #8533

merged 25 commits into from
Nov 28, 2025

Conversation

@haywoodsh
Copy link
Contributor

@haywoodsh haywoodsh commented Nov 12, 2025
edited by vepatel
Loading

Proposed changes

Policy:

apiVersion: k8s.nginx.org/v1
kind: Policy
metadata:
  name: cache-policy
spec:
  cache:
    cacheZoneName: "testcache" # Required
    cacheZoneSize: "15m" # Required
    allowedCodes: ["any"] # Optional ["any"] or [200, 301, ...], "any" cannot be combined with specific codes
    allowedMethods: ["GET", "HEAD", "POST"] # Optional
    time: "30m" # Optional # e.g. "15m", "1h", "2d". Default is "10m"
    overrideUpstreamCache: true # Optional, default is false - whether to respect upstream cache-control headers (Cache-Control Expires Set-Cookie Vary X-Accel-Expires)
    # levels: "1:2" # Optional, default is "1:1" , see https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_path for more details
    # cachePurgeAllow: [""] # Optional, If set allows cache purging from the specified IPs or CIDR ranges. Nginx Plus only.
   
    inactive: "60m"                             # Optional - proxy_cache_path (inactive parameter)
    useTempPath: false                          # Optional, false by default - proxy_cache_path (use_temp_path=off)
    maxSize: "10g"                              # Optional - proxy_cache_path (max_size)
    minFree: "1g"                               # Optional - proxy_cache_path (min_free)
    manager:                                    # Optional - proxy_cache_path manager settings
      files: 100                               # manager_files
      sleep: "50ms"                            # manager_sleep
      threshold: "200ms"                       # manager_threshold

    # Advanced cache behavior settings
    cacheKey: "$scheme$host$request_uri$request_method" # Optional - proxy_cache_key (custom cache key)
    cacheUseStale: [ "error", "timeout", "updating", "http_500" ] # Optional - proxy_cache_use_stale (serve stale conditions)
    cacheRevalidate: true                       # Optional, false by default - proxy_cache_revalidate
    cacheBackgroundUpdate: true                 # Optional, false by default - proxy_cache_background_update
    cacheMinUses: 3                             # Optional - proxy_cache_min_uses (requests before caching)

    # Cache locking settings
    lock:                                       # Optional - proxy_cache_lock settings
      enable: true                             # proxy_cache_lock
      timeout: "5s"                            # proxy_cache_lock_timeout
      age: "30s"                               # proxy_cache_lock_age

    # Conditional caching settings
    conditions:                                 # Optional - cache condition settings
      noCache: [ "$cookie_nocache", "$arg_nocache" ] # proxy_no_cache (skip caching conditions)
      bypass: [ "$http_authorization" ]        # proxy_cache_bypass (bypass cache conditions)

conf:

proxy_cache_path /var/cache/nginx/default_cafe_testcache keys_zone=default_cafe_testcache:15m inactive=60m max_size=10g min_free=1g manager_files=100 manager_sleep=50ms manager_threshold=200ms use_temp_path=off;
server {
    listen 80;
    listen [::]:80;


    server_name cafe.example.com;

    set $resource_type "virtualserver";
    set $resource_name "cafe";
    set $resource_namespace "default";
    listen 443 ssl;
    listen [::]:443 ssl;

    ssl_certificate $secret_dir_path/default-cafe-secret;
    ssl_certificate_key $secret_dir_path/default-cafe-secret;

    server_tokens "on";
    add_header X-Cache-Status $upstream_cache_status;
    

    

    
    location /tea {
        set $service "tea-svc";

        
        set $default_connection_header close;
        proxy_connect_timeout 60s;
        proxy_read_timeout 60s;
        proxy_send_timeout 60s;
        client_max_body_size 1m;

        proxy_buffering on;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $vs_connection_header;
        proxy_pass_request_headers on;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host "$host";
        proxy_cache default_cafe_testcache;
        proxy_cache_key $scheme$host$request_uri$request_method;
        proxy_ignore_headers Cache-Control Expires Set-Cookie Vary X-Accel-Expires;
        proxy_cache_valid any 30m;
        proxy_cache_methods GET HEAD POST;
        proxy_cache_use_stale error timeout updating http_500;
        proxy_cache_revalidate on;
        proxy_cache_background_update on;
        proxy_cache_min_uses 3;
        proxy_cache_lock on;
        proxy_cache_lock_timeout 5s;
        proxy_cache_lock_age 30s;
        proxy_no_cache $cookie_nocache $arg_nocache;
        proxy_cache_bypass $http_authorization;
        proxy_pass http://vs_default_cafe_tea;
        proxy_next_upstream error timeout;
        proxy_next_upstream_timeout 0s;
        proxy_next_upstream_tries 0;
    }

cache contents:

>>
cat /var/cache/nginx/default_cafe_testcache/2fa352c69ba8e347af650a9079d0909a 

KEY: httpscafe.example.com/teaHEAD
HTTP/1.1 200 OK
Server: nginx/1.29.1
Date: Thu, 27 Nov 2025 12:30:57 GMT
Content-Type: text/plain
Content-Length: 154
Connection: close
Expires: Thu, 27 Nov 2025 12:30:56 GMT
Cache-Control: no-cache

Server address: 10.120.1.6:8080
Server name: tea-6fbfdcb95d-zxqhq
Date: 27/Nov/2025:12:30:57 +0000
URI: /tea
Request ID: d3c0fe99d74eab3da6defcd1ed098f17

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

@github-actions github-actions bot added enhancement Pull requests for new features/feature enhancements go Pull requests that update Go code labels Nov 12, 2025
@haywoodsh haywoodsh linked an issue Nov 12, 2025 that may be closed by this pull request
Extend Cache Policy to support more configuration parameters #8341
Closed
@haywoodsh haywoodsh force-pushed the feat/extend-cache-policy branch from cdf9ec9 to 9e4f62a Compare November 12, 2025 17:09
@codecov
Copy link

codecov bot commented Nov 12, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 88.23529% with 10 lines in your changes missing coverage. Please review.
✅ Project coverage is 53.80%. Comparing base (df7ae1c) to head (13fa127).
⚠️ Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
pkg/apis/configuration/validation/policy.go 80.39% 5 Missing and 5 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #8533      +/-   ##
==========================================
+ Coverage   53.65%   53.80%   +0.14%     
==========================================
  Files          91       91              
  Lines       18476    18557      +81     
==========================================
+ Hits         9913     9984      +71     
- Misses       8043     8048       +5     
- Partials      520      525       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@haywoodsh haywoodsh force-pushed the feat/extend-cache-policy branch from 7583cb7 to a3f857a Compare November 12, 2025 17:29
@haywoodsh
extend cache policy for more configurable parameters
831fe94 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@haywoodsh haywoodsh force-pushed the feat/extend-cache-policy branch from a3f857a to 831fe94 Compare November 12, 2025 17:33
@github-actions
Copy link
Contributor

github-actions bot commented Nov 12, 2025
edited
Loading

Package Report

gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx, 1.29.3-1~trixie, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-module-njs, 1.29.3+0.9.4-1~trixie, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-module-otel, 1.29.3+0.1.2-1~trixie, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 3.5.1~trixie, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx, 1.29.3-1~trixie, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-module-njs, 1.29.3+0.9.4-1~trixie, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-module-otel, 1.29.3+0.1.2-1~trixie, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 3.5.1~trixie, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 3.5.1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus, 35-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-njs, 35+0.9.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-otel, 35+0.1.2-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-fips-check, 35+0.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 3.5.1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-appprotect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-attack-signatures, 2025.11.20-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-threat-campaigns, 2025.11.24-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 2.44.0~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-appprotect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-module-plus, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-plugin, 6.23.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 2.44.0~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-appprotectdos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-dos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-appprotect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-attack-signatures, 2025.11.20-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-threat-campaigns, 2025.11.24-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-plus-module-appprotectdos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, app-protect-dos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1, nginx-agent, 2.44.0~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx, 1.29.3-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-module-njs, 1.29.3.0.9.4-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-module-otel, 1.29.3.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-agent, 3.5.1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx, 1.29.3-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-module-njs, 1.29.3.0.9.4-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-module-otel, 1.29.3.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-agent, 3.5.1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-agent, 3.5.1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus, 35-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus-module-njs, 35.0.9.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus-module-otel, 35.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-plus-module-fips-check, 35.0.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine, nginx-agent, 3.5.1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-agent, 3.5.1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus, 35-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-agent, 3.5.1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-agent, 2.44.0, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-appprotect, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, app-protect, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, app-protect-attack-signatures, 2025.11.20-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, app-protect-threat-campaigns, 2025.11.24-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-agent, 2.44.0, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, nginx-plus-module-appprotect, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, app-protect-module-plus, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-alpine-fips, app-protect-plugin, 6.23.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx, 1.29.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-module-njs, 1.29.3+0.9.4-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-module-otel, 1.29.3+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 3.5.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx, 1.29.3-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-module-njs, 1.29.3+0.9.4-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-module-otel, 1.29.3+0.1.2-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 3.5.1-1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 3.5.1-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus, 35-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 3.5.1-1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-appprotect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-attack-signatures, 2025.11.20-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-threat-campaigns, 2025.11.24-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-appprotect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-module-plus, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-plugin, 6.23.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus, 35-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-njs, 35+0.9.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-otel, 35+0.1.2-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-fips-check, 35+0.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-appprotect, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, app-protect, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, app-protect-attack-signatures, 2025.11.20-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, app-protect-threat-campaigns, 2025.11.24-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus, 35-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-njs, 35+0.9.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-otel, 35+0.1.2-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-fips-check, 35+0.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, nginx-plus-module-appprotect, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, app-protect-module-plus, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi8, app-protect-plugin, 6.23.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-appprotectdos, 35+4.7.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-dos, 35+4.7.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-appprotect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-plus-module-appprotectdos, 35+4.7.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-attack-signatures, 2025.11.20-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-threat-campaigns, 2025.11.24-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-3f2284f645ff659d9e1cbc648d90f6a1-ubi, app-protect-dos, 35+4.7.3-1.el9.ngx, x86_64

@github-actions github-actions bot added the python Pull requests that update Python code label Nov 27, 2025
@vepatel vepatel marked this pull request as ready for review November 27, 2025 12:48
@vepatel vepatel requested a review from a team as a code owner November 27, 2025 12:48
Copilot AI review requested due to automatic review settings November 27, 2025 12:48
Copilot AI reviewed Nov 27, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR extends the cache policy specification to support advanced NGINX caching parameters, enabling more granular control over cache behavior including cache management, locking mechanisms, conditional caching, and stale response handling.

Key Changes:

  • Added advanced cache configuration fields including cache key customization, stale response handling, revalidation, background updates, and minimum use thresholds
  • Introduced cache manager settings (files, sleep, threshold) for controlling cache cleanup behavior
  • Added cache locking configuration to prevent cache stampede scenarios
  • Implemented conditional caching with bypass and no-cache rules

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
pkg/apis/configuration/v1/types.go Adds new cache-related struct types (CacheManager, CacheLock, CacheConditions) and extends Cache struct with advanced parameters
pkg/apis/configuration/validation/policy.go Implements validation logic for new cache parameters including time formats, sizes, and use-stale conditions
internal/configs/virtualserver.go Maps new cache policy fields from API types to version2 configuration structures with defaults
internal/configs/version2/http.go Extends Cache and CacheZone structs with new fields and adds documentation for NGINX directive mapping
internal/configs/version2/nginx.virtualserver.tmpl Updates template to render new cache directives (proxy_cache_key, proxy_cache_use_stale, etc.)
internal/configs/version2/nginx-plus.virtualserver.tmpl Updates NGINX Plus template with same cache directive additions
pkg/apis/configuration/validation/policy_test.go Adds comprehensive test cases for validating new cache parameters (both valid and invalid scenarios)
internal/configs/virtualserver_test.go Updates existing tests and adds new test case for extended cache policy configuration
internal/configs/version2/templates_test.go Adds new test for extended cache policy template rendering and updates expected cache zone declarations
tests/data/cache-policy/policies/cache-policy-advanced.yaml Extends test policy with all new advanced cache parameters
deploy/crds.yaml, config/crd/bases/k8s.nginx.org_policies.yaml Updates CRD definitions with new cache fields, validation rules, and documentation
docs/crd/k8s.nginx.org_policies.md Documents all new cache policy fields in the API reference
examples/custom-resources/cache-policy/cache.yaml Provides example usage of new cache configuration options

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@vepatel vepatel mentioned this pull request Nov 27, 2025
Merged
5 tasks
AlexFenlon
AlexFenlon reviewed Nov 27, 2025
View reviewed changes
AlexFenlon
AlexFenlon previously approved these changes Nov 28, 2025
View reviewed changes
javorszky
javorszky previously approved these changes Nov 28, 2025
View reviewed changes
Copy link
Contributor

@javorszky javorszky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving as all of my comments are nitpicks, and nginx does start up correctly if I set these values to 0s or 0k, though I don't know whether that just disables the relevant policy or it will break further down the line 🤔

pdabelf5
pdabelf5 reviewed Nov 28, 2025
View reviewed changes
@vepatel @pdabelf5
up
36b8471 
Co-authored-by: Paul Abel <128620221+pdabelf5@users.noreply.github.com>
Signed-off-by: Venktesh Shivam Patel <ve.patel@f5.com>
@vepatel vepatel dismissed stale reviews from javorszky and AlexFenlon via 36b8471 November 28, 2025 14:38
@vepatel vepatel merged commit 450d1bc into main Nov 28, 2025
94 checks passed
@vepatel vepatel deleted the feat/extend-cache-policy branch November 28, 2025 16:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vepatel vepatel vepatel left review comments

Copilot code review Copilot Copilot left review comments

@javorszky javorszky javorszky approved these changes

@AlexFenlon AlexFenlon AlexFenlon approved these changes

@pdabelf5 pdabelf5 pdabelf5 approved these changes

Assignees

No one assigned

Labels

enhancement Pull requests for new features/feature enhancements go Pull requests that update Go code python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Extend Cache Policy to support more configuration parameters

6 participants

@haywoodsh @javorszky @vepatel @AlexFenlon @pdabelf5