All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Definition of JSON schemas for policy configurations PR #522
- URL rewriting policy PR #529
- Liquid template can find files in current folder too PR #533
bin/apicastrespectsAPICAST_OPENRESTY_BINARYandTEST_NGINX_BINARYenvironment PR #540- Caching policy PR #546, PR #558
- New phase:
contentfor generating content or getting the upstream response PR #535 - Upstream policy PR #562
- Policy JSON manifest PR #565
- SOAP policy PR #567
- Ability to set custom directories to load policies from PR #581
- CLI is running with proper log level set by
APICAST_LOG_LEVELPR #585 - 3scale configuration (staging/production) can be passed as
-3or--channelon the CLI PR #590 - APIcast CLI loads environments defined by
APICAST_ENVIRONMENTvariable PR #590 - Endpoint in management API to retrieve all the JSON manifests of the policies PR #592
- Development environment (
--dev) starts with Echo policy unless some configuration is passed PR #593 - Added support for passing whole configuration as Data URL PR #593
- More complete global environment when loading environment policies PR #596
- Detecting local rover installation from the CLI PR #519
- Use more
commandinstead ofwhichto work in plain shell PR #521 - Fixed rockspec so APIcast can be installed by luarocks PR #523, PR #538
- Fix loading renamed APIcast code PR #525
- Fix
apicastcommand when installed from luarocks PR #527 - Fix lua docs formatting in the CORS policy PR #530
post_actionphase not being called in the policy_chain PR #539- Failing to execute
libexec/booton some systems PR #544 - Detect number of CPU cores in containers by using
nprocPR #554 - Running with development config in Docker PR #555
- Fix setting twice the headers in a pre-flight request in the CORS policy PR #570
- Fix case where debug headers are returned without enabling the option PR #577
- Fix errors loading openresty libraries when rover is active PR #598
- Consolidate apicast-0.1-0.rockspec into apicast-scm-1.rockspec PR #526
- Deprecated
Configuration.extract_usagein favor ofService.get_usagePR #531 - Extract Test::APIcast to own package on CPAN PR #528
- Load policies by the APIcast loader instead of changing load path PR #532, PR #536
- Add
srcdirectory to the Lua load path when using CLI PR #533 - Move rejection reason parsing from CacheHandler to Proxy PR #541
- Propagate full package.path and cpath from the CLI to Nginx PR #538
post_actionphase now sharesngx.ctxwith the main request PR #539- Decrease nginx timer resolution to improve performance and enable PCRE JIT PR #543
- Moved
proxy_passinto new internal location@upstreamPR #535 - Split 3scale authorization to rewrite and access phase PR #556
- Extract
mapping_rulemodule from theconfigurationmodule PR #571 - Renamed
apicast/policy/policy.luatoapicast/policy.luaPR #569 - Sandbox loading policies PR #566
- Extracted
usageandmapping_rules_matchermodules so they can be used from policies PR #580 - Renamed all
apicast/policy/*/policy.luatoapicast/policy/*/init.luato match Lua naming PR #579 - Environment configuration can now define the configuration loader or cache PR #590.
- APIcast starts with "boot" configuration loader by default (because production is the default environment) PR #590.
3.2.0-alpha2 - 2017-11-30
- New policy chains system. This allows users to write custom policies to configure what Apicast can do on each of the Nginx phases PR #450
- Resolver can resolve nginx upstreams PR #478
- Add
resolverdirective in the nginx configuration PR #508 - Calls 3scale backend with the 'no_body' option enabled. This reduces network traffic in cases where APIcast does not need to parse the response body PR #483
- Methods to modify policy chains PR #505
- Ability to load several environment configurations PR #504
- Ability to configure policy chain from the environment configuration PR #496
- Load environment variables defined in the configuration PR #507
- Allow configuration of the echo/management/fake backend ports PR #506
- Headers policy PR #497
- CORS policy PR #487
- Namespace all APIcast code in
apicastfolder. Possible BREAKING CHANGE for some customizations. PR #486 - CLI ignores environment variables that are empty strings PR #504
- Loading installed luarocks from outside rover PR #503
- Support IPv6 addresses in
/etc/resolv.confPR #511 - Fix possible 100% CPU usage when starting APIcast and manipulating filesystem PR #547
- Experimental option for true out of band reporting (
APICAST_REPORTING_WORKERS) PR #290 /status/infoendpoint to the Management API PR #290/_threescale/healthzendpoint returns a success status code, this is used for health checking in kubernetes environments PR #285- Usage limit errors are now configurable to distinguish them from other authorization errors PR #453.
- Templating nginx configuration with liquid. PR #449
- Upgraded to OpenResty 1.11.2.5-1 PR #428
/oauth/tokenendpoint returns an error status code, when the access token couldn't be stored in 3scale backend PR #436]- URI params in POST requests are now taken into account when matching mapping rules PR #437
- Increased number of background timers and connections in the cosocket pool PR #290
- Make OAuth tokens TTL configurable PR #448
- Detect when being executed in Test::Nginx and use default backend accordingly PR #458
- Update the s2i-openresty image to have the same path (
/opt/app-root/src) in all images PR #460 - Launcher scripts are now Perl + Lua instead of Shell PR #449
- Unify how to connect to 3scale backend PR #456
- Upgraded OpenResty to 1.13.6.1 PR #480
- Request headers are not passed to the backend, preventing sending invalid Content-Type to the access token store endpoint PR #433
- Live and ready endpoints now set correct Content-Type header in the responsePR #441
3.1.0 - 2017-10-27
- 3.1.0-rc2 was considered final and became 3.1.0.
3.1.0-rc2 - 2017-09-29
- Request headers are not passed to the backend, preventing sending invalid Content-Type to the access token store endpoint PR #433
3.1.0-rc1 - 2017-09-14
- Support for extending APIcast location block with snippets of nginx configuration PR #407
- Crash on empty OIDC Issuer endpoint PR #408
- Handle partial credentials PR #409
- Crash when configuration endpoint was missing PR #417
- Fix double queries to not fully qualified domains PR #419
- Fix caching DNS queries with scope (like on OpenShift) PR #420
THREESCALE_DEPLOYMENT_ENVdefaults toproductionPR #406- OIDC is now used based on settings on the API Manager PR #405
- No limit on body size from the client sent to the server PR #410
- Print module loading errors only when it failed to load PR #415
bin/bustedrewritten to support different working directories PR #418- dnsmasq started in docker will not forward queries without domain PR #421
3.1.0-beta2 - 2017-08-21
- Ability to configure how to cache backend authorizations PR #396
- THREESCALE-281 Not loading services when APICAST_SERVICES is empty PR #401
3.1.0-beta1 - 2017-07-21
- Fixed CVE-2017-7512 PR #393
- APIcast module
balancermethod now accepts optional balancer PR #362 - Extracted lua-resty-url PR #384
- Extracted lua-resty-env PR #386
- Do not load all services when APICAST_SERVICES is set PR #388
- APIcast published to luarocks.org PR #366
- Support for passing remote configuratio URL through the CLI PR #389
- CLI flag -b to load configuration on boot PR #389
- OIDC support PR #382
- Keycloak / RH SSO integration replaced with OIDC PR #382
3.1.0-alpha1 - 2017-05-05
- Experimental caching proxy to the http client PR #357
- Print better errors when module loading fails PR #360
3.0.0 - 2017-04-04
- Support for loading configration from custom URL PR #323
- Turn on SSL/TLS validation by
OPENSSL_VERIFYenvironment variable PR #332 - Load trusted CA chain certificates PR #332
- Support HTTP Basic authentication for client credentials when authorizing with RH-SSO PR #336
- Show more information about the error when the module load fails PR #348
- Use
RESOLVERbefore falling back toresolv.confPR #324 - Improve error logging when failing to download configuration PR #335
- Service hostnames are normalized to lower case PR #336
- Don't attempt to perform post_action when request was handled without authentication PR #343
- Store authorization responses with a ttl, if sent PR #341
- Do not return stale service configuration when new one is available PR #333
- Memory leak in every request PR #339
- Remove unnecessary code and comments PR #344
- JWT expiry not taken into account in authorization response cache PR #283 / Issue #309 / Fixed by PR #341
- Memory leak in round robin balancer PR #345
- Error when trying to determine status of failed request when downloading configuration PR #350
3.0.0-beta3 - 2017-03-20
- Use per request configuration when cache is disabled PR #289
- Automatically expose all environment variables starting with
APICAST_orTHREESCALE_to nginx PR #292 - Error log to show why downloading configuration failed PR #306
- Backend HTTP client that uses cosockets PR #295
- Ability to customize main section of nginx configuration (and expose more env variables) PR #292
- Ability to lock service to specific configuration version PR #293
- Ability to use Redis DB and password via
REDIS_URLPR #303 - Ability to Authenticate against API using RHSSO and OpenID Connect PR #283
http_ngclient supports auth passsed in the url, and default client options if the request options are missing for methods with body (POST, PUT, etc.) PR #310- Fixed lazy configuration loader to recover from failures PR #313
- Fixed undefined variable
pin post_action PR #316 - Fixed caching of negative ttl by dnsmasq PR #318
- JWT expiry not taken into account in authorization response cache PR #283 / Issue #309
3.0.0-beta2 - 2017-03-08
- Reloading of configuration with every request when cache is disabled PR #287
- Auth caching is not used when OAuth method is used PR #304
3.0.0-beta1 - 2017-03-03
- Lazy load DNS resolver to improve performance PR #251
- Execute queries to all defined nameservers in parallel PR #260
RESOLVERENV variable overrides all other nameservers detected from/etc/resolv.confPR #260- Use stale DNS cache when there is a query in progress for that record PR #260
- Bump s2i-openresty to 1.11.2.2-2 PR #260
- Echo API on port 8081 listens accepts any Host PR #268
- Always use DNS search scopes PR #271
- Reduce use of global objects PR #273
- Configuration is using LRU cache PR #274
- Management API not opened by default PR #276
- Management API returns ready status with no services PR #
- Danger bot to check for consistency in Pull Requests PR #265
- Start local caching DNS server in the container PR #260
- Management API to show the DNS cache PR #260
- Extract correct Host header from the backend endpoint when backend host not provided PR #267
APICAST_CONFIGURATION_CACHEenvironment variable PR #270APICAST_CONFIGURATION_LOADERenvironment variable PR #270
- Support for downloading configuration via curl PR #266
AUTO_UPDATE_INTERVALenvironment variable PR #270APICAST_RELOAD_CONFIGenvironment variable PR #270APICAST_MISSING_CONFIGURATIONenvironment variable PR #270
3.0.0-alpha2 - 2017-02-06
- A way to override backend endpoint PR #248
- Cache all calls to
os.getenvvia custom module PR #231 - Bump s2i-openresty to 1.11.2.2-1 PR #239
- Use resty-resolver over nginx resolver for HTTP PR #237
- Use resty-resolver over nginx resolver for Redis PR #237
- Internal change to reduce global state PR #233
- [OAuth] Return correct state value back to client
- Nginx resolver directive auto detection. Rely on internal DNS resolver PR #237
3.0.0-alpha1 - 2017-01-16
- A CHANGELOG.md to track important changes
- User-Agent header with APIcast version and system information PR #214
- Try to load configuration from V2 API PR #193
- Require openresty 1.11.2 PR #194
- moved development from
v2branch tomasterPR #209 X-3scale-DebugHTTP header now uses Service Token PR #217
2.0.0 - 2016-11-29
- Major rewrite using JSON configuration instead of code generation.