From 41108930dbf7c3ff5228a6fa9acd7b4c46df3517 Mon Sep 17 00:00:00 2001
From: Paul Abel <p.abel@f5.com>
Date: Fri, 20 Jun 2025 16:56:03 +0100
Subject: [PATCH 1/4] Add Rate Limit variable condition

---
 content/nic/configuration/policy-resource.md | 29 +++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/content/nic/configuration/policy-resource.md b/content/nic/configuration/policy-resource.md
index a6c33e3e4..a139a3176 100644
--- a/content/nic/configuration/policy-resource.md
+++ b/content/nic/configuration/policy-resource.md
@@ -175,8 +175,14 @@ condition:
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
 |``jwt`` | defines a JWT condition to rate limit against. | [ratelimit.condition.jwt](#ratelimitconditionjwt) | No |
-|``default`` | sets the rate limit in this policy to be the default if no conditions are met. In a group of policies with the same JWT condition, only one policy can be the default. | ``bool`` | No |
+|``variables`` | defines a Variable condition to rate limit against. | [ratelimit.condition.variables](#ratelimitconditionvariables) | No |
+|``default`` | sets the rate limit in this policy to be the default if no conditions are met. In a group of policies with the same condition, only one policy can be the default. | ``bool`` | No |
 {{% /table %}}
+{{< note >}}
+ 
+One condition of type `jwt` or `variables` is required.  Only ony condition per Policy is supported.
+
+{{< /note >}}
 
 The rate limit policy with condition is designed to be used in combination with one or more rate limit policies. For example, multiple rate limit policies with [RateLimit.Condition.JWT](#ratelimitconditionjwt) can be used to apply different tiers of rate limit based on the value of a JWT claim. For a practical example of tiered rate limiting by the value of a JWT claim, see the example in our [GitHub repository](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/custom-resources/rate-limit-tiered-jwt-claim/README.md).
 
@@ -213,6 +219,27 @@ The rate limit policy will only apply to requests that contain a JWT with the sp
 |``match`` | the value of the claim to match against. | ``string`` | Yes |
 {{% /table %}}
 
+### RateLimit.Condition.Variables
+
+RateLimit.Condition.Variables defines a condition for a rate limit by NGINX variable. For example, here we define a condition for a rate limit policy that only applies to requests with the request method with a value `GET`:
+
+```yaml
+variables:
+  - name: $request_method
+    match: GET
+```
+
+{{< note >}}
+Only one variable at a time is supported at present.
+{{< /note >}}
+
+{{% table %}}
+|Field | Description | Type | Required |
+| ---| ---| ---| --- |
+|``name`` | the name of the NGINX variable to be rate limit by. | ``string`` | Yes |
+|``match`` | the value of the NGINX variable to match against.  Values prefixed with the `~` character denote the following is a [regular expression](https://nginx.org/en/docs/http/ngx_http_map_module.html#map).  | ``string`` | Yes |
+{{% /table %}}
+
 ### APIKey
 
 The API Key auth policy configures NGINX to authorize client requests based on the presence of a valid API Key in a header or query param specified in the policy.

From d41bf4b54beaed01ed8c23b4e18f7f44fe4d4cbb Mon Sep 17 00:00:00 2001
From: Alex Fenlon <a.fenlon@f5.com>
Date: Mon, 23 Jun 2025 15:04:07 +0100
Subject: [PATCH 2/4] NIC 5.1.0 Release

---
 content/nic/releases.md                      | 51 ++++++++++++++++++++
 layouts/shortcodes/nic-helm-version.html     |  2 +-
 layouts/shortcodes/nic-operator-version.html |  2 +-
 layouts/shortcodes/nic-version.html          |  2 +-
 4 files changed, 54 insertions(+), 3 deletions(-)

diff --git a/content/nic/releases.md b/content/nic/releases.md
index 4738b69be..ce53fe8d8 100644
--- a/content/nic/releases.md
+++ b/content/nic/releases.md
@@ -5,6 +5,57 @@ toc: true
 nd-content-type: reference
 nd-product: NIC
 nd-docs: DOCS-616
+---
+## 5.1.0
+
+30 Jun 2025
+
+This release of NGINX Ingress Controller brings with it initial connectivity to the NGINX One Console! With this, you can now manage your NGINX instances that are part of the NGINX Ingress Controller.
+
+This release also brings with it the ability to perform Rate Limiting to your APIs based on a supplied NGINX variable and its value. With this capability, you now have more finer grained control over how frequently specific users access your resources.
+
+Lastly, in our previous release of v5.0.0, we removed support for Open Tracing. This release brings back this observability capability through native NGINX Open Telemetry Traces allowing you to monitor the internal traffic of your applications.
+
+### <i class="fa-solid fa-rocket"></i> Features
+- [7642](https://github.com/nginx/kubernetes-ingress/pull/7642) Add OpenTelemetry support
+- [7916](https://github.com/nginx/kubernetes-ingress/pull/7916) Add support for Agent V3 and Connecting to NGINX One Console
+- [7884](https://github.com/nginx/kubernetes-ingress/pull/7884) Tiered rate limits with variables
+- [7765](https://github.com/nginx/kubernetes-ingress/pull/7765) Add OIDC PKCE configuration through Policy
+- [7832](https://github.com/nginx/kubernetes-ingress/pull/7832) Add request_method to rate-limit Policy
+- [7695](https://github.com/nginx/kubernetes-ingress/pull/7695) Add ConfigMapKeys & MGMTConfigMapKeys to Telemetry
+- [7705](https://github.com/nginx/kubernetes-ingress/pull/7705) Add Context to logging for JSON and TEXT formats
+
+### <i class="fa-solid fa-bug-slash"></i> Fixes
+
+- [7651](https://github.com/nginx/kubernetes-ingress/pull/7651) Use pod labels as headless selector labels
+- [7691](https://github.com/nginx/kubernetes-ingress/pull/7691) Avoid applying updates on Ingress Controller shutdown
+- [7748](https://github.com/nginx/kubernetes-ingress/pull/7748) Add ; in oidc files
+- [7786](https://github.com/nginx/kubernetes-ingress/pull/7786) Correct namespace for mgmt secrets
+- [7853](https://github.com/nginx/kubernetes-ingress/pull/7853) Update template for custom redirect URI
+- [7865](https://github.com/nginx/kubernetes-ingress/pull/7865) Maintain HeadlessService on upgrade
+
+### <i class="fa-solid fa-upload"></i> Dependencies
+
+- [7647](https://github.com/nginx/kubernetes-ingress/pull/7647), [7666](https://github.com/nginx/kubernetes-ingress/pull/7666), [7711](https://github.com/nginx/kubernetes-ingress/pull/7711), [7767](https://github.com/nginx/kubernetes-ingress/pull/7767), [7798](https://github.com/nginx/kubernetes-ingress/pull/7798), [7824](https://github.com/nginx/kubernetes-ingress/pull/7824), [7854](https://github.com/nginx/kubernetes-ingress/pull/7854), [7900](https://github.com/nginx/kubernetes-ingress/pull/7900), [7918](https://github.com/nginx/kubernetes-ingress/pull/7918), [7926](https://github.com/nginx/kubernetes-ingress/pull/7926) Bump Go dependancies
+- [7714](https://github.com/nginx/kubernetes-ingress/pull/7714), [7788](https://github.com/nginx/kubernetes-ingress/pull/7788), [7825](https://github.com/nginx/kubernetes-ingress/pull/7825), [7855](https://github.com/nginx/kubernetes-ingress/pull/7855), [7890](https://github.com/nginx/kubernetes-ingress/pull/7890), [7888](https://github.com/nginx/kubernetes-ingress/pull/7888), [7893](https://github.com/nginx/kubernetes-ingress/pull/7893), [7903](https://github.com/nginx/kubernetes-ingress/pull/7903) Bump Docker dependencies
+- [7808](https://github.com/nginx/kubernetes-ingress/pull/7808) Update kubernetes version to v1.33.1 in helm schema
+- [7896](https://github.com/nginx/kubernetes-ingress/pull/7896) Update go version to 1.24.4
+
+### <i class="fa-solid fa-download"></i> Upgrade
+
+- For NGINX, use the 5.1.0 images from our
+[DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=5.1.0),
+[GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
+[Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
+- For NGINX Plus, use the 5.1.0 images from the F5 Container registry or build your own image using the 5.1.0 source code
+- For Helm, use version 2.2.0 of the chart.
+
+### <i class="fa-solid fa-life-ring"></i> Supported Platforms
+
+We will provide technical support for NGINX Ingress Controller on any Kubernetes platform that is currently supported by
+its provider and that passes the Kubernetes conformance tests. This release was fully tested on the following Kubernetes
+versions: 1.25-1.33.
+
 ---
 ## 5.0.0
 
diff --git a/layouts/shortcodes/nic-helm-version.html b/layouts/shortcodes/nic-helm-version.html
index 50aea0e7a..e3a4f1933 100644
--- a/layouts/shortcodes/nic-helm-version.html
+++ b/layouts/shortcodes/nic-helm-version.html
@@ -1 +1 @@
-2.1.0
\ No newline at end of file
+2.2.0
\ No newline at end of file
diff --git a/layouts/shortcodes/nic-operator-version.html b/layouts/shortcodes/nic-operator-version.html
index a0cd9f0cc..a4f52a5db 100644
--- a/layouts/shortcodes/nic-operator-version.html
+++ b/layouts/shortcodes/nic-operator-version.html
@@ -1 +1 @@
-3.1.0
\ No newline at end of file
+3.2.0
\ No newline at end of file
diff --git a/layouts/shortcodes/nic-version.html b/layouts/shortcodes/nic-version.html
index 28cbf7c0a..acf69b48b 100644
--- a/layouts/shortcodes/nic-version.html
+++ b/layouts/shortcodes/nic-version.html
@@ -1 +1 @@
-5.0.0
\ No newline at end of file
+5.1.0
\ No newline at end of file

From 8cc1c70ea6b3c51aa631413972e4f6c87b340d73 Mon Sep 17 00:00:00 2001
From: AlexFenlon <a.fenlon@f5.com>
Date: Tue, 1 Jul 2025 08:14:56 +0100
Subject: [PATCH 3/4] Apply suggestions from code review

Co-authored-by: Alan Dooley <a.dooley@f5.com>
---
 content/nic/configuration/policy-resource.md | 4 ++--
 content/nic/releases.md                      | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/content/nic/configuration/policy-resource.md b/content/nic/configuration/policy-resource.md
index a139a3176..82812616d 100644
--- a/content/nic/configuration/policy-resource.md
+++ b/content/nic/configuration/policy-resource.md
@@ -180,7 +180,7 @@ condition:
 {{% /table %}}
 {{< note >}}
  
-One condition of type `jwt` or `variables` is required.  Only ony condition per Policy is supported.
+One condition of type `jwt` or `variables` is required. Each Policy supports only one condition.
 
 {{< /note >}}
 
@@ -221,7 +221,7 @@ The rate limit policy will only apply to requests that contain a JWT with the sp
 
 ### RateLimit.Condition.Variables
 
-RateLimit.Condition.Variables defines a condition for a rate limit by NGINX variable. For example, here we define a condition for a rate limit policy that only applies to requests with the request method with a value `GET`:
+RateLimit.Condition.Variables defines a condition for a rate limit by NGINX variable. The following example defines a condition for a rate limit policy that only applies to requests with the request method with a value `GET`:
 
 ```yaml
 variables:
diff --git a/content/nic/releases.md b/content/nic/releases.md
index ce53fe8d8..9231f0918 100644
--- a/content/nic/releases.md
+++ b/content/nic/releases.md
@@ -10,9 +10,9 @@ nd-docs: DOCS-616
 
 30 Jun 2025
 
-This release of NGINX Ingress Controller brings with it initial connectivity to the NGINX One Console! With this, you can now manage your NGINX instances that are part of the NGINX Ingress Controller.
+This NGINX Ingress Controller release brings initial connectivity to the NGINX One Console! You can now use NGINX One Console to manage NGINX instances that are part of your NGINX Ingress Controller cluster.
 
-This release also brings with it the ability to perform Rate Limiting to your APIs based on a supplied NGINX variable and its value. With this capability, you now have more finer grained control over how frequently specific users access your resources.
+This release also includes the ability to configure Rate Limiting for your APIs based on a specific NGINX variable and its value. This allows you more granular control over how frequently specific users access your resources.
 
 Lastly, in our previous release of v5.0.0, we removed support for Open Tracing. This release brings back this observability capability through native NGINX Open Telemetry Traces allowing you to monitor the internal traffic of your applications.
 

From a0d91d61283574ef6a6cbbfbf0520706c2681708 Mon Sep 17 00:00:00 2001
From: Alex Fenlon <a.fenlon@f5.com>
Date: Tue, 1 Jul 2025 14:35:37 +0100
Subject: [PATCH 4/4] update tech specs

---
 content/nic/technical-specifications.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/content/nic/technical-specifications.md b/content/nic/technical-specifications.md
index 524cbd358..31d3cbff5 100644
--- a/content/nic/technical-specifications.md
+++ b/content/nic/technical-specifications.md
@@ -19,7 +19,8 @@ We test NGINX Ingress Controller on a range of Kubernetes platforms for each rel
 {{< bootstrap-table "table table-bordered table-striped table-responsive" >}}
 | NIC version | Kubernetes versions tested  | NIC Helm Chart version | NIC Operator version | NGINX / NGINX Plus version |
 | --- | --- | --- | --- | --- |
-| {{< nic-version >}} | 1.25 - 1.32 | {{< nic-helm-version >}} | {{< nic-operator-version >}} | 1.27.4 / R34 |
+| {{< nic-version >}} | 1.25 - 1.33 | {{< nic-helm-version >}} | {{< nic-operator-version >}} | 1.27.5 / R34 P1 |
+| 5.0.0 | 1.25 - 1.32 | 2.1.0 | 3.1.0 | 1.27.4 / R34 |
 | 4.0.1 | 1.25 - 1.32 | 2.0.1 | 3.0.1 | 1.27.4 / R33 P2 |
 | 3.7.2 | 1.25 - 1.31 | 1.4.2 | 2.4.2 | 1.27.2 / R32 P1 |
 | 3.6.2 | 1.25 - 1.31 | 1.3.2 | 2.3.2 | 1.27.1 / R32 P1 |
@@ -27,7 +28,6 @@ We test NGINX Ingress Controller on a range of Kubernetes platforms for each rel
 | 3.4.3 | 1.23 - 1.29 | 1.1.3 | 2.1.2 | 1.25.4 / R31 P1 |
 | 3.3.2 | 1.22 - 1.28 | 1.0.2 | 2.0.2 | 1.25.3 / R30 |
 | 3.2.1 | 1.22 - 1.27 | 0.18.1 | 1.5.1 | 1.25.2 / R30 |
-| 3.1.1 | 1.22 - 1.26 | 0.17.1 | 1.4.2 | 1.23.4 / R29 |
 {{% /bootstrap-table %}}
 
 ---
@@ -42,13 +42,13 @@ We provide the following Docker images, which include NGINX or NGINX Plus bundle
 From release `v5.1.0` onwards, NGINX Ingress Controller will no longer provide binaries for the `armv7`, `s390x` & `ppc64le` architectures.
 {{< /important >}}
 
-_All images include NGINX 1.27.4._
+_All images include NGINX 1.27.5._
 
 {{< bootstrap-table "table table-bordered table-responsive" >}}
 |<div style="width:200px">Name</div> | <div style="width:100px">Base image</div> | DockerHub image | Architectures |
 | ---| --- | --- | --- |
-|Alpine-based image | ``nginx:1.27.4-alpine``,<br>based on on ``alpine:3.21`` | ``nginx/nginx-ingress:{{< nic-version >}}-alpine`` | arm64<br>amd64 |
-|Debian-based image | ``nginx:1.27.4``,<br>based on on ``debian:12-slim`` | ``nginx/nginx-ingress:{{< nic-version >}}`` | arm64<br>amd64 |
+|Alpine-based image | ``nginx:1.27.5-alpine``,<br>based on on ``alpine:3.21`` | ``nginx/nginx-ingress:{{< nic-version >}}-alpine`` | arm64<br>amd64 |
+|Debian-based image | ``nginx:1.27.5``,<br>based on on ``debian:12-slim`` | ``nginx/nginx-ingress:{{< nic-version >}}`` | arm64<br>amd64 |
 |Ubi-based image | ``redhat/ubi9-minimal`` | ``nginx/nginx-ingress:{{< nic-version >}}-ubi`` | arm64<br>amd64 |
 {{% /bootstrap-table %}}