nginx
diff --git a/‎.github/workflows/edge.yml‎
Lines changed: 2 additions & 1 deletion b/‎.github/workflows/edge.yml‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 3 additions & 2 deletions b/‎.github/workflows/release.yml‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎build/Dockerfile‎
Lines changed: 8 additions & 4 deletions b/‎build/Dockerfile‎
Lines changed: 8 additions & 4 deletions
diff --git a/‎go.mod‎
Lines changed: 6 additions & 8 deletions b/‎go.mod‎
Lines changed: 6 additions & 8 deletions
@@ -13,6 +13,7 @@ on:
   pull_request:
     branches:
       - master
+      - release-1.12
     paths-ignore:
       - 'docs/**'
       - 'docs-web/**'
@@ -30,7 +31,7 @@ defaults:
 
 env:
   DOCKER_BUILDKIT: 1
-  K8S_VERSION: 1.20.2
+  K8S_VERSION: 1.20.15
   K8S_TIMEOUT: 75s
   HELM_CHART_DIR: deployments/helm-chart
   HELM_CHART_VERSION: 0.0.0-edge
 
@@ -70,7 +70,7 @@ jobs:
             platforms: linux/arm,linux/arm64,linux/amd64,linux/ppc64le,linux/s390x
           - tag: ${{ needs.binary.outputs.version }}-ubi
             type: ubi
-            platforms: linux/arm64,linux/amd64
+            platforms: linux/arm64,linux/amd64,linux/s390x
     steps:
       - name: Checkout Repository
         uses: actions/checkout@v2
@@ -109,14 +109,15 @@ jobs:
         with:
           file: build/Dockerfile
           context: '.'
+          no-cache: true
           cache-to: type=local,dest=/tmp/.buildx-${{ matrix.image }}-cache
           target: goreleaser
           tags: nginx/nginx-ingress:${{ matrix.tag }}
           platforms: ${{ matrix.platforms }}
           push: true
           build-args: |
             BUILD_OS=${{ matrix.type }}
-            IC_VERSION=${GITHUB_REF#refs/tags/}
+            IC_VERSION=${{ GITHUB_REF#refs/tags/ }}
             NGINX_VERSION=${{ steps.commit.outputs.nginx_version }}
             DATE=${{ steps.commit.outputs.date }}
             GIT_COMMIT=${{ github.sha }}
 
@@ -16,7 +16,9 @@ RUN apt-get update \
 # docker.io/library/nginx is a temporary workaround for Dependabot to see this as different from the one used in Debian
 FROM docker.io/library/nginx:1.21.6-alpine AS alpine
 
-RUN apk add --no-cache libcap
+RUN apk add --no-cache libcap \
+	# temp fix for CVE-2022-0778
+	&& apk upgrade --no-cache libretls
 
 
 ############################################# Base image for Alpine with NGINX Plus #############################################
@@ -40,8 +42,6 @@ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode
 	--mount=type=secret,id=nginx-repo.key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
 	apt-get update \
 	&& apt-get install --no-install-recommends --no-install-suggests -y ca-certificates gnupg curl apt-transport-https libcap2-bin \
-	# temporary fix for CVE-2021-3520, CVE-2021-33560, CVE-2021-20231, CVE-2021-20305, CVE-2021-20305
-	&& apt-get install -y liblz4-1 libgcrypt20 libgnutls30 libhogweed4 libnettle6 \
 	&& curl -sSL https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx_signing.gpg \
 	&& curl -sSL -o /etc/apt/apt.conf.d/90pkgs-nginx https://cs.nginx.com/static/files/90pkgs-nginx \
 	&& printf "%s\n" "Acquire::https::pkgs.nginx.com::User-Agent \"k8s-ic-$IC_VERSION${BUILD_OS##debian-plus}-apt\";" >> /etc/apt/apt.conf.d/90pkgs-nginx \
@@ -216,6 +216,7 @@ ARG BUILD_OS
 ARG IC_VERSION
 ARG GIT_COMMIT
 ARG DATE
+ARG TARGETPLATFORM
 
 RUN mkdir -p /var/lib/nginx /etc/nginx/secrets /etc/nginx/stream-conf.d \
 	&& setcap 'cap_net_bind_service=+ep' /usr/sbin/nginx 'cap_net_bind_service=+ep' /usr/sbin/nginx-debug \
@@ -243,9 +244,12 @@ LABEL org.opencontainers.image.documentation="https://docs.nginx.com/nginx-ingre
 LABEL org.opencontainers.image.source="https://github.com/nginxinc/kubernetes-ingress"
 LABEL org.opencontainers.image.vendor="NGINX Inc <kubernetes@nginx.com>"
 LABEL org.opencontainers.image.licenses="Apache-2.0"
-LABEL org.opencontainers.image.version="${IC_VERSION}-${BUILD_OS}-${NGINX_PLUS_VERSION}${NGINX_VERSION}"
+LABEL org.opencontainers.image.version="${IC_VERSION}"
 LABEL org.opencontainers.image.revision="${GIT_COMMIT}"
 LABEL org.opencontainers.image.created="${DATE}"
+LABEL org.nginx.kic.image.build.target="${TARGETPLATFORM}"
+LABEL org.nginx.kic.image.build.os="${BUILD_OS}"
+LABEL org.nginx.kic.image.build.nginx.version="${NGINX_PLUS_VERSION}${NGINX_VERSION}"
 
 
 ############################################# Build nginx-ingress in golang container #############################################
 
@@ -7,19 +7,17 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.3.1
 	github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1
 	github.com/emicklei/go-restful v2.15.0+incompatible // indirect
-	github.com/go-openapi/spec v0.20.3 // indirect
 	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
 	github.com/golangci/golangci-lint v1.40.1
-	github.com/google/go-cmp v0.5.6
+	github.com/google/go-cmp v0.5.7
 	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/nginxinc/nginx-plus-go-client v0.8.0
 	github.com/nginxinc/nginx-prometheus-exporter v0.9.0
-	github.com/prometheus/client_golang v1.11.0
+	github.com/prometheus/client_golang v1.11.1
 	github.com/spiffe/go-spiffe v1.1.0
-	k8s.io/api v0.21.2
-	k8s.io/apimachinery v0.21.2
-	k8s.io/client-go v0.21.2
-	k8s.io/code-generator v0.21.2
-	k8s.io/gengo v0.0.0-20210203185629-de9496dff47b // indirect
+	k8s.io/api v0.23.5
+	k8s.io/apimachinery v0.23.5
+	k8s.io/client-go v0.23.5
+	k8s.io/code-generator v0.23.5
 	sigs.k8s.io/controller-tools v0.6.0
 )