All Versions
15
Latest Version
Avg Release Cycle
153 days
Latest Release
177 days ago
Changelog History
Page 1
Changelog History
Page 1
-
v3.0.0-alpha.1
September 04, 2020 -
v2.4.0
May 07, 2020 -
v2.3.0
December 13, 2019➕ Added
- 👍 In addition to SSE and WebSocket, RIG now also supports HTTP long-polling for listening to events. Frontends should only use this as a fallback in situations where neither SSE nor WebSocket is supported by the network. #217
- 🛰 When terminating an SSE connection after its associated session has been blacklisted, RIG now sends out a
rig.session_killed
event before closing the socket. For WebSocket connections, the closing frame contains "Session killed." as its payload. #261 - 🆕 New API for querying and updating the session blacklist:
/v2/session-blacklist
, which introduces the following breaking changes (/v1/session-blacklist
is unaffected) #261:- When a session has been added to the session blacklist successfully, the endpoint now uses the correct HTTP status code "201 Created" instead of "200 Ok".
- When using the API to blacklist a session, the
validityInSeconds
should now be passed as an integer value (using a string still works though).
🛠 Fixed
- Fixed usage of external check for
SUBMISSION_CHECK
andSUBSCRIPTION_CHECK
. #241 - 🌲 Logging incoming HTTP request to Kafka works again and now also supports Apache Avro. #170
- Fixed HTTP response for
DELETE 4010/v1/apis/api_id
andDELETE 4010/v2/apis/api_id
to correctly return204
and no content.
✂ Removed
- Removed the
JWT_BLACKLIST_DEFAULT_EXPIRY_HOURS
environment variable (deprecated since 2.0.0-beta.2). #260
🔒 Security
- A connection is now associated to its session right after the connection is established, given the request carries a JWT in its authorization header. Previously, this was only done by the subscriptions endpoint, which could cause a connection to remain active even after blacklisting its authorization token. #260
Technical Improvements
- ⬆️ Upgrade the Elixir and Erlang versions for source code and Docker images. #211
- ✅ Automated UI-tests using Cypress make sure that all examples work and that code changes do not introduce any unintended API changes. #227
- ♻️ Refactor JWT related code in favor of
RIG.JWT
. #244 - 🛠 Fix flaky cypress tests; this shouldn't be an issue anymore when running Travis builds. #265
-
v2.2.1
June 21, 2019🔄 Changed
- [Config] Increased maximum number of Erlang ports from 4096 to 65536 to allow more HTTP connections.
-
v2.2.0
June 17, 2019➕ Added
- New Prometheus metric:
rig_proxy_requests_total
. For details see [metrics-details.md
](docs/metrics-details.md). #157 - The respond-via-Kafka feature uses a correlation ID for associating the response with the original request. This correlation ID is now cryptographically verified, which prevents an attacker on the internal network to reroute responses to other users connected to RIG. #218
- 👍 Apache Avro is now supported for consuming from, and producing to, Kafka. The implementation uses the Confluent Schema Registry to fetch Avro schemas.
- ➕ Added new set of topics in documentation about the API Gateway, even streams and scaling.
- ➕ Added examples section to the documentation website.
- Added new
response_from
option --http_async
together with new internalPOST
endpoint/v1/responses
. You can send correlated response to/v1/responses
and complete initial Proxy request. #213 - Implement HTTP Transport Binding for CloudEvents v0.2. A special fallback to "structured mode" in case the content type is "application/json" and the "ce-specversion" header is not set ensures this change is backward compatible with existing setups. #153
- 🆕 New request body format for endpoints with
kafka
andkinesis
targets; see Deprecated below.
🔄 Changed
- The environment variable
KAFKA_GROUP_ID
has been replaced with the following environment variables, where each of them has a distinct default value:KAFKATOFILTER_KAFKA_GROUP_ID
,KAFKATOHTTP_KAFKA_GROUP_ID
,PROXY_KAFKA_RESPONSE_KAFKA_GROUP_ID
. #206 - 0️⃣ The default Kafka source topic for the Kafka-to-HTTP event stream has been changed to
rig
. The feature was introduced to forward all incoming events to an (external) HTTP endpoint, so it makes sense to use the default topic for incoming events here too. - 🐎 Changed
:refresh_subscriptions
GenServer handler fromcall
tocast
to improve performance. #224
🛠 Fixed
- 🛠 Fixed a bug that caused the subscriptions endpoint to return an internal server error when running RIG in a clustered setup. #194
- 👌 Support for forwarding HTTP/1.1 responses over a HTTP/2 connection by dropping connection-related HTTP headers. #193
- ➕ Added missing
id
field to swagger spec formessage
API. - 🛠 Fixed random generation of group IDs for Kafka consumer groups. This led to wrong partition distribution when using multiple RIG nodes. Now consumers will have the same ID which can be changed via environment variable - defaults to
rig
. - 🔧 When forwarding an HTTP request, the
Host
request header is now set to thetarget_url
defined by the proxy configuration. #188 - 🛠 Fixed missing
swagger.json
file in production Docker image. - ➕ Added missing CORS headers for Kafka/Kinesis target type when not using
response_from
. - 🛠 Fixed schema registry validation when using binary messages in Kafka consumer. #202
- Forwarding events to HTTP did not contain (all) Kafka messages, as the Kafka consumer group ID was shared with the consumer for forwarding events to frontends. #206
🗄 Deprecated
- 🔧 Endpoints configured with target
kafka
orkinesis
now expect a different body format (that is, the previous format is deprecated). This aligns the request body format with the other endpoints that accept CloudEvents.
For example, instead of using this:
{ "partition": "the-partition-key", "event": { "specversion": "0.2", "type": "what_has_happened", "source": "ui", "id": "123" } }
you should put the partition key in the CloudEvent's "rig" extension instead:
{ "specversion": "0.2", "rig": { "target_partition": "the-partition-key" }, "type": "what_has_happened", "source": "ui", "id": "123" }
- New Prometheus metric:
-
v2.1.1
March 27, 2019➕ Added
- 🌐 When using the proxy, RIG will now add an additional
Forwarded
header. #113 - 👍 Increased length of header value in HTTP requests to 16384 to support long tokens for SAML.
🔄 Changed
- HTTPS certificates may now be passed using absolute paths. (Previously, the locations of the HTTPS certificates were limited to the OTP-applications'
priv
directoriesrig_api/priv/cert
andrig_inbound_gateway/priv/cert
.) Additionally, for security reasons we no longer include the self-signed certificate with the docker image. Please adapt your environment configuration accordingly. #151 #182 - Validation errors for SSE & WS connections and the subscriptions endpoint should now be a lot more helpful. Invalid JWTs, as well as invalid subscriptions, cause the endpoints to respond with an error immediately. #54 #164
🛠 Fixed
- 📜 [Proxy] Parsing of JSON files in proxy module -
api.id
was expected to be an atom, but when using files it's a string. - 👍 [Kinesis] Support for CloudEvents versions 0.1 and 0.2.
- ✅ [Docs] Fixed channels example with latest RIG API changes.
- 🛠 [Docs] Fixed sse/ws examples to use JWT inferred subscriptions correctly.
- 🌐 When using the proxy, RIG will now add an additional
-
v2.0.0
January 16, 2019➕ Added
- 👍 HTTP/2 and HTTPS support. #34
- The SSE and WebSocket endpoints now take a "subscriptions" parameter that allows to create (manual) subscriptions (JSON encoded list). This has the same effect as establishing a connection and calling the subscriptions endpoint afterwards.
- 📚 OpenAPI (Swagger) documentation for RIG's internal API. #116
- 👌 Support for the CloudEvents v0.2 format. #112
- [Proxy] In API definitions regular expressions can now be used to define matching request paths. Also, request paths can be rewritten (see api.ex for an example). #88
🔄 Changed
- The SSE and WebSocket endpoints' "token" parameter is renamed to "jwt" (to not confuse it with the connection token).
- [Proxy] When forwarding requests, RIG related meta data (e.g. correlation ID) in CloudEvents is now put into an object under the top-level key "rig". Note that in terms of the current CloudEvents 0.2 specification this makes "rig" an extension. Also, all RIG related keys have been renamed from snake_case to camelCase.
- 🔒 [Proxy] Previously API definitions for proxy were turning on security check for endpoints by
not_secured: false
which is a bit confusing -- changed to more readable formsecured: true
. - 👀 [Auth] No longer assumes the "Bearer" token type when no access token type is prepended in the Authorization header. Consequently, a client is expected to explicitly use "Bearer" for sending its JWT authorization token. More more details, see RFC 6749.
- All events that RIG creates are now in CloudEvents v0.2 format (before: CloudEvents v0.1).
- [Proxy] When using Kafka or Kinesis as the target, connection related data is added to the event before publishing it to the respective topic/partition. With the introduction of CloudEvents v0.2, RIG now follows the CloudEvent extension syntax with all fields put into a common top-level object called "rig". Additionally, the object's field names have been changed slightly to prevent simple mistakes like case-sensitivity issues. Also, the expected request body fields have been renamed to be more descriptive. To that end, usage information returned as plaintext should help the API user in case of a Bad Request.
🛠 Fixed
- 🔧 Extractor configuration reload
- 🛠 [Inbound] Fixed response to CORS related preflight request.