From 6b6ea412b8c3d5c456f5855dbfb9aa17cfeb35fb Mon Sep 17 00:00:00 2001
From: Nick Young <ynick@vmware.com>
Date: Mon, 4 Oct 2021 10:14:56 +0000
Subject: [PATCH 1/5] Update CHANGELOG.md for v1alpha2-rc2

Signed-off-by: Nick Young <ynick@vmware.com>
---
 CHANGELOG.md | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1ac7027a6a..5210b66335 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## Table of Contents
 
+- [v0.4.0-rc2](#v040-rc2)
 - [v0.4.0-rc1](#v040-rc1)
 - [v0.3.0](#v030)
 - [v0.2.0](#v020)
@@ -10,6 +11,92 @@
 - [v0.1.0-rc1](#v010-rc1)
 
 
+## v0.4.0-rc2
+
+API version: v1alpha2
+
+The group expects that this release candidate has no changes before we release
+v1alpha2 final, but are cutting here to allow implementations a chance to check
+before we go to the final release.
+
+In general, most of the changes below have been made to reduce the complexity of
+the API for v1alpha2, on the assumption that we can add functionality in later
+in the API's lifecycle, but cannot remove it.
+
+The following changes have been made since v1alpha2-rc1:
+
+### GEP implementations
+* Use `CertificateRefs` field to instead the `CertificateRef` in `GatewayTLSConfig`.
+[#852](https://github.com/kubernetes-sigs/gateway-api/pull/852). This implements
+[GEP-851](https://github.com/kubernetes-sigs/gateway-api/blob/master/site-src/geps/gep-851.md),
+Allow Multiple Certificate Refs per Gateway Listener.
+* Extension points within match blocks from all Routes have been removed
+[#829](https://github.com/kubernetes-sigs/gateway-api/pull/829). Implements
+[GEP-820](https://github.com/kubernetes-sigs/gateway-api/blob/master/site-src/geps/gep-820.md).
+These extension points have been removed because they are currently not used,
+are poorly understood, and we don't have good use cases for them. We may consider re-adding them in the future.
+
+### Field changes
+* Make `MirrorFilter.BackendRef` a required field when the mirror filter is used
+[#837](https://github.com/kubernetes-sigs/gateway-api/pull/837).
+* ImplementationSpecific match types in HTTPRoute's path, query, and header
+matches have been removed.
+[#850](https://github.com/kubernetes-sigs/gateway-api/pull/850)
+
+### Field Renames
+* "Controller" has been renamed to "ControllerName"
+* "Admitted" condition has been renamed to "Accepted" and now defaults to an
+"Unknown" state instead of "False" [#839](https://github.com/kubernetes-sigs/gateway-api/pull/839)
+* HTTPRequestRedirectFilter's Protocol field has been renamed to Scheme.
+[#863](https://github.com/kubernetes-sigs/gateway-api/pull/863)
+
+### Validation changes
+*  Validation: Ensure TLSConfig is empty when the protocol is HTTP, TCP, or UDP
+[#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
+*  Validation: Ensure Hostname is empty when the protocol is TCP or UDP.
+[#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
+* Validation: Listener ProtocolType now has validation.
+[#871](https://github.com/kubernetes-sigs/gateway-api/pull/871)
+
+### Documentation and specification updates
+* Updated guidance on how HTTP and TLS Route status should be populated when
+hostnames do not match.
+[#859](https://github.com/kubernetes-sigs/gateway-api/pull/859)
+* Aligned path prefix matching with Ingress by clarifying that it is a prefix of
+path elements. [#869](https://github.com/kubernetes-sigs/gateway-api/pull/869)
+* HTTP listeners may now be used for Cleartext HTTP/2.
+[#879](https://github.com/kubernetes-sigs/gateway-api/pull/879)
+* The `scope` field has been removed from all object references.
+* ParentRefs can no longer refer to cluster-scoped resources.
+[#882](https://github.com/kubernetes-sigs/gateway-api/pull/882)
+* TLS options keys are now subject to the same validation as Kubernetes
+annotations. [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
+* TLS options values now have a max length of 1024 characters.
+[#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
+
+### Other changes
+* [#890](https://github.com/kubernetes-sigs/gateway-api/pull/890) : Updating HTTPRoute docs for v1alpha2
+* [#889](https://github.com/kubernetes-sigs/gateway-api/pull/889) : remove outdated version label
+* [#888](https://github.com/kubernetes-sigs/gateway-api/pull/888) : Corrected broken getting started
+* [#885](https://github.com/kubernetes-sigs/gateway-api/pull/885) : Fix incorrect urls
+* [#883](https://github.com/kubernetes-sigs/gateway-api/pull/883) : v1alpha2 validation fix/update
+* [#880](https://github.com/kubernetes-sigs/gateway-api/pull/880) : Reworking Policy vs. Filter Documentation
+* [#878](https://github.com/kubernetes-sigs/gateway-api/pull/878) : Clarifying the fields that all Route types must include
+* [#875](https://github.com/kubernetes-sigs/gateway-api/pull/875) : Fix HTTP path match documentation.
+* [#872](https://github.com/kubernetes-sigs/gateway-api/pull/872) : Remove duplicate validation from CRD & Webhook
+* [#870](https://github.com/kubernetes-sigs/gateway-api/pull/870) : Adding guidance on Kind vs. Resource in implementation guidelines
+* [#865](https://github.com/kubernetes-sigs/gateway-api/pull/865) : Route cleanup for v1alpha2 sig-network review
+* [#864](https://github.com/kubernetes-sigs/gateway-api/pull/864) : Merging v1alpha2 concepts docs into unversioned docs
+* [#858](https://github.com/kubernetes-sigs/gateway-api/pull/858) : Fixing broken link to spec page
+* [#857](https://github.com/kubernetes-sigs/gateway-api/pull/857) : Adding missing references pages to docs navigation
+* [#853](https://github.com/kubernetes-sigs/gateway-api/pull/853) : docs: Use v0.4.0-rc1 in "Getting started with Gateway APIs" for v1alpha2
+* [#845](https://github.com/kubernetes-sigs/gateway-api/pull/845) : Fix markdown list formatting.
+* [#844](https://github.com/kubernetes-sigs/gateway-api/pull/844) : docs: add ssl passthrough note in FAQ
+* [#843](https://github.com/kubernetes-sigs/gateway-api/pull/843) : Add APISIX implementation
+* [#834](https://github.com/kubernetes-sigs/gateway-api/pull/834) : Fixes some broken links
+* [#807](https://github.com/kubernetes-sigs/gateway-api/pull/807) : docs: update multiple-ns guide for v1alpha2
+
+
 ## v0.4.0-rc1
 
 API version: v1alpha2

From 97efd121e0d04dd82a2ecf38a920d3e7e6bd1a9a Mon Sep 17 00:00:00 2001
From: Nick Young <ynick@vmware.com>
Date: Tue, 5 Oct 2021 01:39:36 +0000
Subject: [PATCH 2/5] Fix review nits

Signed-off-by: Nick Young <ynick@vmware.com>
---
 CHANGELOG.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5210b66335..18eced6206 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -26,7 +26,7 @@ in the API's lifecycle, but cannot remove it.
 The following changes have been made since v1alpha2-rc1:
 
 ### GEP implementations
-* Use `CertificateRefs` field to instead the `CertificateRef` in `GatewayTLSConfig`.
+* Replace `CertificateRef` field with `CertificateRefs` in `GatewayTLSConfig`.
 [#852](https://github.com/kubernetes-sigs/gateway-api/pull/852). This implements
 [GEP-851](https://github.com/kubernetes-sigs/gateway-api/blob/master/site-src/geps/gep-851.md),
 Allow Multiple Certificate Refs per Gateway Listener.
@@ -34,7 +34,8 @@ Allow Multiple Certificate Refs per Gateway Listener.
 [#829](https://github.com/kubernetes-sigs/gateway-api/pull/829). Implements
 [GEP-820](https://github.com/kubernetes-sigs/gateway-api/blob/master/site-src/geps/gep-820.md).
 These extension points have been removed because they are currently not used,
-are poorly understood, and we don't have good use cases for them. We may consider re-adding them in the future.
+are poorly understood, and we don't have good use cases for them. We may
+consider re-adding them in the future.
 
 ### Field changes
 * Make `MirrorFilter.BackendRef` a required field when the mirror filter is used

From e6a0e3b9319815f058ecd81eb46887d671989110 Mon Sep 17 00:00:00 2001
From: Nick Young <ynick@vmware.com>
Date: Wed, 6 Oct 2021 05:25:48 +0000
Subject: [PATCH 3/5] update TLS options max length

Signed-off-by: Nick Young <ynick@vmware.com>
---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 18eced6206..3d06ac8f02 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -72,7 +72,7 @@ path elements. [#869](https://github.com/kubernetes-sigs/gateway-api/pull/869)
 [#882](https://github.com/kubernetes-sigs/gateway-api/pull/882)
 * TLS options keys are now subject to the same validation as Kubernetes
 annotations. [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
-* TLS options values now have a max length of 1024 characters.
+* TLS options values now have a max length of 4096 characters.
 [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
 
 ### Other changes

From f848730c7bdbc0177876c3113a2c62edc24052d3 Mon Sep 17 00:00:00 2001
From: Nick Young <ynick@vmware.com>
Date: Wed, 6 Oct 2021 23:50:00 +0000
Subject: [PATCH 4/5] Update with #894 changes

Signed-off-by: Nick Young <ynick@vmware.com>
---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3d06ac8f02..f44d86a773 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -58,6 +58,8 @@ matches have been removed.
 [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
 * Validation: Listener ProtocolType now has validation.
 [#871](https://github.com/kubernetes-sigs/gateway-api/pull/871)
+* Validation: TTP Path match values are now validated for PathMatchExact and
+PathMatchPrefix match types. [#894](https://github.com/kubernetes-sigs/gateway-api/pull/894)
 
 ### Documentation and specification updates
 * Updated guidance on how HTTP and TLS Route status should be populated when

From bda67ba0acb193fa1f874cc87d17d41f4d9c4f4a Mon Sep 17 00:00:00 2001
From: Nick Young <ynick@vmware.com>
Date: Tue, 12 Oct 2021 22:38:26 +0000
Subject: [PATCH 5/5] Update changelog for the last time

Signed-off-by: Nick Young <ynick@vmware.com>
---
 CHANGELOG.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f44d86a773..830259d4db 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -43,6 +43,10 @@ consider re-adding them in the future.
 * ImplementationSpecific match types in HTTPRoute's path, query, and header
 matches have been removed.
 [#850](https://github.com/kubernetes-sigs/gateway-api/pull/850)
+* The "Prefix" path match type has been renamed "PathPrefix". 
+* The "ClassName" field in PolicyTargetReference has been removed.
+* A new optional "Name" field has been added to ReferencePolicyTo.
+[#898](https://github.com/kubernetes-sigs/gateway-api/pull/898)
 
 ### Field Renames
 * "Controller" has been renamed to "ControllerName"
@@ -51,6 +55,7 @@ matches have been removed.
 * HTTPRequestRedirectFilter's Protocol field has been renamed to Scheme.
 [#863](https://github.com/kubernetes-sigs/gateway-api/pull/863)
 
+
 ### Validation changes
 *  Validation: Ensure TLSConfig is empty when the protocol is HTTP, TCP, or UDP
 [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
@@ -58,7 +63,7 @@ matches have been removed.
 [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
 * Validation: Listener ProtocolType now has validation.
 [#871](https://github.com/kubernetes-sigs/gateway-api/pull/871)
-* Validation: TTP Path match values are now validated for PathMatchExact and
+* Validation: HTTP Path match values are now validated for PathMatchExact and
 PathMatchPrefix match types. [#894](https://github.com/kubernetes-sigs/gateway-api/pull/894)
 
 ### Documentation and specification updates
@@ -76,6 +81,8 @@ path elements. [#869](https://github.com/kubernetes-sigs/gateway-api/pull/869)
 annotations. [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
 * TLS options values now have a max length of 4096 characters.
 [#886](https://github.com/kubernetes-sigs/gateway-api/pull/886)
+* Added clarification that implementation-specific TLS options MUST be domain-prefixed.
+[#899](https://github.com/kubernetes-sigs/gateway-api/pull/899)
 
 ### Other changes
 * [#890](https://github.com/kubernetes-sigs/gateway-api/pull/890) : Updating HTTPRoute docs for v1alpha2