Releases: MAIF/otoroshi
Releases · MAIF/otoroshi
v17.14.0
Otoroshi version 17.14.0
https://github.com/MAIF/otoroshi/milestone/136?closed=1
v17.13.0...v17.14.0
https://github.com/MAIF/otoroshi/releases/tag/v17.14.0
Added
- Update remote catalog to scan organizations (#2449 fixed by mathieuancelin)
- Provide more GitHub alternatives in remote catalogs providers (#2450 fixed by mathieuancelin)
- support patterns in remote catalog descriptor files (#2452 fixed by mathieuancelin)
- support
yamlformat for remote catalog descriptor files (#2453 fixed by mathieuancelin) - Add mandatory flags on client certificate plugins (#2448 fixed by mathieuancelin)
APIs: Add mandatory flag onOIDC JWT verification(#2447 fixed by mathieuancelin)- Support kubernetes like manifests in remote catalogs (#2454 fixed by mathieuancelin)
- Support PostgreSQL as a possible data exporter (#2459 fixed by mathieuancelin)
- Support path based read in expression language for deep structures like user profile (#2487 fixed by mathieuancelin)
- Redis integration: add support for Sentinel passwords with the Lettuce driver (#2486 fixed by Zwiterrion)
- Stringify complex structures in expression language path based read (#2491 fixed by mathieuancelin)
Changed
- rebuild documentation using docusaurus (#2495 fixed by mathieuancelin)
Fixed
- tunnel handler plugins are not visible in the route designer (#2451 fixed by mathieuancelin)
- Disable host validation for kafka data exporter when using Otoroshi mTLS settings (#2461 fixed by mathieuancelin)
- Keep current scheme and port in the
Override Location headerplugin (#2488 fixed by mathieuancelin) - Cleanup path in the
Override Location headerplugin (#2489 fixed by mathieuancelin) - Mandatory flag broken in OIDCJwtVerifier plugin (#2506 fixed by mathieuancelin)
- Mandatory flag broken in Apikeys plugin (#2507 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin and Zwiterrion
Assets 8
v17.13.0
Otoroshi version 17.13.0
https://github.com/MAIF/otoroshi/milestone/135?closed=1
v17.12.0...v17.13.0
https://github.com/MAIF/otoroshi/releases/tag/v17.13.0
Added
- Experimental support for k8s Gateway api (#2437 fixed by mathieuancelin)
- Basic implementation for remote catalogs (#2435 fixed by mathieuancelin)
- Add Referrer-Policy and Permissions-Policy to Security Headers plugin (#2440 fixed by sebprunierserli)
- Add config. options to expose public keys with algorithms in JWKS (#2429 fixed by mathieuancelin)
Fixed
- Search a JWK in a JWKS can fail when alg not present (#2428 fixed by mathieuancelin)
- router most specific path matching does not work with wildcard domains (#2444 fixed by mathieuancelin)
- router does not prioritize routes with query/header/cookie matching in the final stage of the routing pipeline (#2445 fixed by mathieuancelin)
- router should treat trailing slash in frontend domains as exact segment match (#2446 fixed by mathieuancelin)
- Strict mode of the
JWT user extractor pluginis broken (#2455 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin and sebprunierserli
Assets 8
v17.12.0
Otoroshi version 17.12.0
https://github.com/MAIF/otoroshi/milestone/134?closed=1
v17.11.0...v17.12.0
https://github.com/MAIF/otoroshi/releases/tag/v17.12.0
Added
- Support Monaco editor in classic forms (#2407 fixed by mathieuancelin)
- Support JWT verification based on the settings of an OIDC auth. module (#2410 fixed by mathieuancelin)
- Provider helpers to create customizable errors in plugins (#2422 fixed by mathieuancelin)
- Allow Fail2Ban to be triggered by other plugins that can't use
requestErrorphase (#2423 fixed by mathieuancelin) - OIDCJwtVerifier can be used to populate the current user session (#2426 fixed by mathieuancelin)
- Always display plugins, even if missing from the JS plugins list (#2406 fixed by Zwiterrion)
Changed
- Add
USERS.mdin the Otoroshi repository (#2409 fixed by mathieuancelin) - Otoroshi containers should run with a non root user (#2399 fixed by mathieuancelin)
Fixed
- Release process does not publish helm chart (#2425 fixed by mathieuancelin)
- Bad name used for netty experimental server (#2400 fixed by mathieuancelin)
- Bad group name used for dynamic http-listeners (#2401 fixed by mathieuancelin)
- bad content-type check when proxying grpc request (#2402 fixed by mathieuancelin)
- OverrideLocationHeader plugin was badly configured + description was wrong (#2403 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin and Zwiterrion
Assets 8
v17.11.0
Otoroshi version 17.11.0
https://github.com/MAIF/otoroshi/milestone/133?closed=1
v17.10.0...v17.11.0
https://github.com/MAIF/otoroshi/releases/tag/v17.11.0
Added
- support new
HeaderHashloadbalancing strategy (#2380 fixed by mathieuancelin) - support new
CookieHashloadbalancing strategy (#2381 fixed by mathieuancelin) - support new
QueryHashloadbalancing strategy (#2382 fixed by mathieuancelin) - add workflow support for websocket message transformations (#2383 fixed by mathieuancelin)
- Provide helpful log message when ssl modules not open (#2386 fixed by mathieuancelin)
- Plugin to mirror websocket traffic to another target (#2388 fixed by mathieuancelin)
- new
Datadogdata exporter (#2390 fixed by mathieuancelin) - new
New Relicdata exporter (#2392 fixed by mathieuancelin) - Enforce fine-grained authorizations through OpenFGA API (#2394 fixed by mathieuancelin)
Changed
- update coraza plugin to use OWASP CoreRuleSet 4.21.0 (#2389 fixed by mathieuancelin)
Fixed
- WebSocket sub protocol is not forwarded anymore (#2387 fixed by mathieuancelin)
Documentation
- documentation page about
Understanding GatewayEvent Durations in Otoroshi(#2393 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin
Assets 8
v17.10.0
Otoroshi version 17.10.0
https://github.com/MAIF/otoroshi/milestone/132?closed=1
v17.9.2...v17.10.0
https://github.com/MAIF/otoroshi/releases/tag/v17.10.0
Added
$parse_numberoperator for workflows (#2360 fixed by mathieuancelin)- add an
$andoperator for workflows (#2364 fixed by mathieuancelin) - add an
$oroperator for workflows (#2365 fixed by mathieuancelin) - add a
$first_truthyoperator for workflows (#2366 fixed by mathieuancelin) - allow to return custom error response on failed jwt verification (#2369 fixed by mathieuancelin)
- add new
UserLogoutEndpointplugin (#2370 fixed by mathieuancelin) - Add a plugin to detect and block
React2Shellattacks (#2371 fixed by mathieuancelin) - new
$contains_ignore_caseoperator for workflows (#2372 fixed by mathieuancelin) $containscan now work ascontains_all(#2374 fixed by mathieuancelin)$contains_ignore_casecan now work ascontains_all(#2375 fixed by mathieuancelin)$contains_ignore_casecan now work ascontains_any(#2376 fixed by mathieuancelin)$containscan now work ascontains_any(#2377 fixed by mathieuancelin)$orcan operator on sequence of values (#2378 fixed by mathieuancelin)$andcan operator on sequence of values (#2379 fixed by mathieuancelin)
Changed
- Update snow monkey page to use routes by default (#2373 fixed by mathieuancelin)
Fixed
- Unable to Launch Chaos Engineering Plugin (v17.5.1) (#2361 fixed by mathieuancelin)
- avoid to fail when response path not present in the
http_callfunction (#2362 fixed by mathieuancelin) - Avoid failing on empty array with
Map,FlatMap,Filter,Foreachnodes (#2363 fixed by mathieuancelin) - Using authentication plugin in APIs does not work (#2367 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin and dmorvant-altima
Assets 8
v17.9.2
Otoroshi version 17.9.2
https://github.com/MAIF/otoroshi/milestone/131?closed=1
v17.9.1...v17.9.2
https://github.com/MAIF/otoroshi/releases/tag/v17.9.2
Added
- Align NgServiceQuotas plugin logic with updateQuotasAndCheck (#2355 fixed by Zwiterrion)
- Add support for route templates (reusable route configurations) (#2356 fixed by Zwiterrion)
Fixed
- Weird iowait behavior with lettuce client on linux (#2359 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin, Zwiterrion, and sebprunierserli
Assets 8
v17.9.1
Otoroshi version 17.9.1
https://github.com/MAIF/otoroshi/milestone/130?closed=1
v17.9.1...v17.9.1
https://github.com/MAIF/otoroshi/releases/tag/v17.9.1
Fixed
- cleanup docker images during publishing (#2358 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin
Assets 8
v17.9.0
Otoroshi version 17.9.0
https://github.com/MAIF/otoroshi/milestone/129?closed=1
v17.8.1...v17.9.0
https://github.com/MAIF/otoroshi/releases/tag/v17.9.0
WARNING
The release process had some hicups during this one and some artifacts may not be present in the release or on dockerhub. Do not hesitate to ping us if necessary
Added
- support euclidian division in workflow operators (#2328 fixed by mathieuancelin)
- support || in workflow expressions (#2329 fixed by mathieuancelin)
- Support additional match rules in the HasAllowedUsersValidator plugin (#2334 fixed by Zwiterrion)
- Fix RegexResponseHeadersRewriter: missing name field and incorrect flow position (#2335 fixed by Zwiterrion)
- Autoremove Bearer when verifying jwt token (#2336 fixed by mathieuancelin)
- Missing filter on the API Keys page (#2337 fixed by Zwiterrion)
- Add basic documentation editor for APIs (#2339 fixed by mathieuancelin)
- Add form for API documentation section (#2341 fixed by mathieuancelin)
- configurable bulk action for Elastic exporter (#2342 fixed by mathieuancelin)
- Add default value when using
$atprojection (#2343 fixed by mathieuancelin) - Add default value when using
$atIfprojection (#2344 fixed by mathieuancelin) - Add default value when using
$pointerprojection (#2345 fixed by mathieuancelin) - Add default value when using
$pointerIfprojection (#2346 fixed by mathieuancelin) - Add default value when using
$pathprojection (#2347 fixed by mathieuancelin) - Add default value when using
$pathIfprojection (#2348 fixed by mathieuancelin) - Add default value when using
$headerprojection (#2349 fixed by mathieuancelin) - Add new projection operator
$date_from_unix_fmt(#2350 fixed by mathieuancelin) - Allow dynamic mTLS mode (based on global config. TLS settings) for the server (#2351 fixed by mathieuancelin)
- Allow to declare trusted server CAs local to a node (#2352 fixed by mathieuancelin)
- Add backoffice_url in /api/infos response (#2357 fixed by davlgd)
- Add Swagger UI plugin (#2338 fixed by davlgd)
Fixed
- Fix Cookies validation plugin (#2326 fixed by Zwiterrion)
- Issue when selecting a path with custommetrics data exporter (#2327 fixed by mathieuancelin)
- Fix Throttling (#2333 fixed by Zwiterrion)
Contributors
Contributors
mathieuancelin, davlgd, and Zwiterrion
Assets 4
v17.8.1
Otoroshi version 17.8.1
https://github.com/MAIF/otoroshi/milestone/128?closed=1
v17.8.0...v17.8.1
https://github.com/MAIF/otoroshi/releases/tag/v17.8.1
Added
- Avoid failure when filtering on missing values (#2318 fixed by mathieuancelin)
- Http Security headers plugin (#2322 fixed by mathieuancelin)
- Time restriction plugin (#2323 fixed by mathieuancelin)
- Expression language can be used in JWT claims verification (#2324 fixed by mathieuancelin)
- Expose input and output verified/transformed JWT tokens in the expression language (#2325 fixed by mathieuancelin)
Fixed
- Apikey secret export may fail if secret already exist (#2314 fixed by mathieuancelin)
- Google Secret Manager vault (#2315 fixed by mathieuancelin)
- PostgreSQL and JDK 25 (#2316 fixed by mathieuancelin)
- apikey enabled flag check bypass in some cases (#2317 fixed by mathieuancelin)
- S3 backend does not handle index.html automatically (#2319 fixed by mathieuancelin)
- Fix Multi authentication plugin (#2321 fixed by Zwiterrion)
Contributors
Contributors
mathieuancelin, aicfr, and Zwiterrion
Assets 8
v17.8.0
Otoroshi version 17.8.0
https://github.com/MAIF/otoroshi/milestone/127?closed=1
v17.7.0...v17.8.0
https://github.com/MAIF/otoroshi/releases/tag/v17.8.0
Added
- Headers validation plugin can use validation expressions (#2304 fixed by mathieuancelin)
- Support validation expressions in JWT Verifiers (#2305 fixed by mathieuancelin)
- New plugin to rewrite plugin request headers using regex (#2307 fixed by mathieuancelin)
- New plugin to rewrite plugin response headers using regex (#2308 fixed by mathieuancelin)
- Add informations about streaming durations in GatewayEvents (#2309 fixed by mathieuancelin)
- OIDC config. fetch from UI now supports mTLS (#2312 fixed by mathieuancelin)
Changed
- Make JWT UI like the other UIs (#2310 fixed by mathieuancelin)
Fixed
- JWKS fetch need to select key by id AND alg (#2302 fixed by mathieuancelin)
- Wipe apikey from request doesn't work anymore (#2303 fixed by mathieuancelin)
- When using apikey bearer with custom header name, request is not wiped (#2306 fixed by mathieuancelin)
- File storage is missing some counter values (#2311 fixed by mathieuancelin)
- bandwith plugins kind renderer missing (#2313 fixed by mathieuancelin)
Contributors
Contributors
mathieuancelin