All Versions
15
Latest Version
Avg Release Cycle
153 days
Latest Release
177 days ago

Changelog History
Page 1

  • v3.0.0-alpha.1

    September 04, 2020

  • v2.4.0

    May 07, 2020

    ➕ Added

    • ➕ Added possibility to define Kafka/Kinesis topic and schema per reverse proxy endpoint. The current solution using environment variables is deprecated, but still used as a fallback -- will be removed in the version 3.0. #229
    • ➕ Added Kinesis + Localstack example. #229

    Technical Improvements

    • ⬆️ Upgrade the Elixir version to 1.10 for source code and Docker images. Upgrade version for multiple dependencies. #285
    • ➕ Added Slackin integration for easier Slack access - check the main page badge! #240

  • v2.3.0

    December 13, 2019

    ➕ Added

    • 👍 In addition to SSE and WebSocket, RIG now also supports HTTP long-polling for listening to events. Frontends should only use this as a fallback in situations where neither SSE nor WebSocket is supported by the network. #217
    • 🛰 When terminating an SSE connection after its associated session has been blacklisted, RIG now sends out a rig.session_killed event before closing the socket. For WebSocket connections, the closing frame contains "Session killed." as its payload. #261
    • 🆕 New API for querying and updating the session blacklist: /v2/session-blacklist, which introduces the following breaking changes (/v1/session-blacklist is unaffected) #261:
      • When a session has been added to the session blacklist successfully, the endpoint now uses the correct HTTP status code "201 Created" instead of "200 Ok".
      • When using the API to blacklist a session, the validityInSeconds should now be passed as an integer value (using a string still works though).

    🛠 Fixed

    • Fixed usage of external check for SUBMISSION_CHECK and SUBSCRIPTION_CHECK. #241
    • 🌲 Logging incoming HTTP request to Kafka works again and now also supports Apache Avro. #170
    • Fixed HTTP response for DELETE 4010/v1/apis/api_id and DELETE 4010/v2/apis/api_id to correctly return 204 and no content.

    ✂ Removed

    🔒 Security

    • A connection is now associated to its session right after the connection is established, given the request carries a JWT in its authorization header. Previously, this was only done by the subscriptions endpoint, which could cause a connection to remain active even after blacklisting its authorization token. #260

    Technical Improvements

    • ⬆️ Upgrade the Elixir and Erlang versions for source code and Docker images. #211
    • ✅ Automated UI-tests using Cypress make sure that all examples work and that code changes do not introduce any unintended API changes. #227
    • ♻️ Refactor JWT related code in favor of RIG.JWT. #244
    • 🛠 Fix flaky cypress tests; this shouldn't be an issue anymore when running Travis builds. #265

  • v2.2.1

    June 21, 2019

    🔄 Changed

    • [Config] Increased maximum number of Erlang ports from 4096 to 65536 to allow more HTTP connections.

  • v2.2.0

    June 17, 2019

    ➕ Added

    • New Prometheus metric: rig_proxy_requests_total. For details see [metrics-details.md](docs/metrics-details.md). #157
    • The respond-via-Kafka feature uses a correlation ID for associating the response with the original request. This correlation ID is now cryptographically verified, which prevents an attacker on the internal network to reroute responses to other users connected to RIG. #218
    • 👍 Apache Avro is now supported for consuming from, and producing to, Kafka. The implementation uses the Confluent Schema Registry to fetch Avro schemas.
    • ➕ Added new set of topics in documentation about the API Gateway, even streams and scaling.
    • ➕ Added examples section to the documentation website.
    • Added new response_from option -- http_async together with new internal POST endpoint /v1/responses. You can send correlated response to /v1/responses and complete initial Proxy request. #213
    • Implement HTTP Transport Binding for CloudEvents v0.2. A special fallback to "structured mode" in case the content type is "application/json" and the "ce-specversion" header is not set ensures this change is backward compatible with existing setups. #153
    • 🆕 New request body format for endpoints with kafka and kinesis targets; see Deprecated below.

    🔄 Changed

    • The environment variable KAFKA_GROUP_ID has been replaced with the following environment variables, where each of them has a distinct default value: KAFKATOFILTER_KAFKA_GROUP_ID, KAFKATOHTTP_KAFKA_GROUP_ID, PROXY_KAFKA_RESPONSE_KAFKA_GROUP_ID. #206
    • 0️⃣ The default Kafka source topic for the Kafka-to-HTTP event stream has been changed to rig. The feature was introduced to forward all incoming events to an (external) HTTP endpoint, so it makes sense to use the default topic for incoming events here too.
    • 🐎 Changed :refresh_subscriptions GenServer handler from call to cast to improve performance. #224

    🛠 Fixed

    • 🛠 Fixed a bug that caused the subscriptions endpoint to return an internal server error when running RIG in a clustered setup. #194
    • 👌 Support for forwarding HTTP/1.1 responses over a HTTP/2 connection by dropping connection-related HTTP headers. #193
    • ➕ Added missing id field to swagger spec for message API.
    • 🛠 Fixed random generation of group IDs for Kafka consumer groups. This led to wrong partition distribution when using multiple RIG nodes. Now consumers will have the same ID which can be changed via environment variable - defaults to rig.
    • 🔧 When forwarding an HTTP request, the Host request header is now set to the target_url defined by the proxy configuration. #188
    • 🛠 Fixed missing swagger.json file in production Docker image.
    • ➕ Added missing CORS headers for Kafka/Kinesis target type when not using response_from.
    • 🛠 Fixed schema registry validation when using binary messages in Kafka consumer. #202
    • Forwarding events to HTTP did not contain (all) Kafka messages, as the Kafka consumer group ID was shared with the consumer for forwarding events to frontends. #206

    🗄 Deprecated

    • 🔧 Endpoints configured with target kafka or kinesis now expect a different body format (that is, the previous format is deprecated). This aligns the request body format with the other endpoints that accept CloudEvents.

    For example, instead of using this:

      {
    "partition": "the-partition-key",
    "event": {
      "specversion": "0.2",
      "type": "what_has_happened",
      "source": "ui",
      "id": "123"
    }
  }

    you should put the partition key in the CloudEvent's "rig" extension instead:

      {
    "specversion": "0.2",
    "rig": {
      "target_partition": "the-partition-key"
    },
    "type": "what_has_happened",
    "source": "ui",
    "id": "123"
  }

  • v2.1.1

    March 27, 2019

    ➕ Added

    • 🌐 When using the proxy, RIG will now add an additional Forwarded header. #113
    • 👍 Increased length of header value in HTTP requests to 16384 to support long tokens for SAML.

    🔄 Changed

    • HTTPS certificates may now be passed using absolute paths. (Previously, the locations of the HTTPS certificates were limited to the OTP-applications' priv directories rig_api/priv/cert and rig_inbound_gateway/priv/cert.) Additionally, for security reasons we no longer include the self-signed certificate with the docker image. Please adapt your environment configuration accordingly. #151 #182
    • Validation errors for SSE & WS connections and the subscriptions endpoint should now be a lot more helpful. Invalid JWTs, as well as invalid subscriptions, cause the endpoints to respond with an error immediately. #54 #164

    🛠 Fixed

    • 📜 [Proxy] Parsing of JSON files in proxy module - api.id was expected to be an atom, but when using files it's a string.
    • 👍 [Kinesis] Support for CloudEvents versions 0.1 and 0.2.
    • ✅ [Docs] Fixed channels example with latest RIG API changes.
    • 🛠 [Docs] Fixed sse/ws examples to use JWT inferred subscriptions correctly.

  • v2.1.0

    February 15, 2019

    ➕ Added

    • Prometheus monitoring endpoint. #96
    • 🐳 The proxy configuration can now also be passed as a JSON string. This allows to run the Docker image in environments where mounting a file in a container is not possible. #159

    ✂ Removed

    • Rate limiting. #144

  • v2.0.2

    January 20, 2019

    🛠 Fixed

    • ⬆️ Upgraded a dependency to fix the Docker build. #149

  • v2.0.1

    January 20, 2019

    🛠 Fixed

    • ⬆️ A library upgrade caused idle SSE connections to time out after 60 seconds. This timeout is now disabled. PR #148

  • v2.0.0

    January 16, 2019

    ➕ Added

    • 👍 HTTP/2 and HTTPS support. #34
    • The SSE and WebSocket endpoints now take a "subscriptions" parameter that allows to create (manual) subscriptions (JSON encoded list). This has the same effect as establishing a connection and calling the subscriptions endpoint afterwards.
    • 📚 OpenAPI (Swagger) documentation for RIG's internal API. #116
    • 👌 Support for the CloudEvents v0.2 format. #112
    • [Proxy] In API definitions regular expressions can now be used to define matching request paths. Also, request paths can be rewritten (see api.ex for an example). #88

    🔄 Changed

    • The SSE and WebSocket endpoints' "token" parameter is renamed to "jwt" (to not confuse it with the connection token).
    • [Proxy] When forwarding requests, RIG related meta data (e.g. correlation ID) in CloudEvents is now put into an object under the top-level key "rig". Note that in terms of the current CloudEvents 0.2 specification this makes "rig" an extension. Also, all RIG related keys have been renamed from snake_case to camelCase.
    • 🔒 [Proxy] Previously API definitions for proxy were turning on security check for endpoints by not_secured: false which is a bit confusing -- changed to more readable form secured: true.
    • 👀 [Auth] No longer assumes the "Bearer" token type when no access token type is prepended in the Authorization header. Consequently, a client is expected to explicitly use "Bearer" for sending its JWT authorization token. More more details, see RFC 6749.
    • All events that RIG creates are now in CloudEvents v0.2 format (before: CloudEvents v0.1).
    • [Proxy] When using Kafka or Kinesis as the target, connection related data is added to the event before publishing it to the respective topic/partition. With the introduction of CloudEvents v0.2, RIG now follows the CloudEvent extension syntax with all fields put into a common top-level object called "rig". Additionally, the object's field names have been changed slightly to prevent simple mistakes like case-sensitivity issues. Also, the expected request body fields have been renamed to be more descriptive. To that end, usage information returned as plaintext should help the API user in case of a Bad Request.

    🛠 Fixed

    • 🔧 Extractor configuration reload
    • 🛠 [Inbound] Fixed response to CORS related preflight request.