v0.6.0

What's Changed

• Update dependency org.springframework.cloud:spring-cloud-dependencies to v2023.0.3 by @renovate in #264
• Update quay.io/keycloak/keycloak Docker tag to v25 by @renovate in #256
• Update dependency gradle to v8.9 by @renovate in #265
• [ACC-1512] JWT signing optimizations by @thijslemmens in #270
• Move application configuration discovery to contentgrid-configuration project by @vierbergenlars in #271
• Update plugin org.springframework.boot to v3.3.2 by @renovate in #267
• Update quay.io/keycloak/keycloak Docker tag to v25.0.4 by @renovate in #266
• [ACC-1078] Clean up unnecessary k3s container startup command by @vierbergenlars in #273
• Update dependency gradle to v8.10 by @renovate in #272
• Update grafana/grafana Docker tag to v11.1.4 by @renovate in #268
• Update docker.io/openpolicyagent/opa Docker tag to v0.67.1 by @renovate in #269
• Update dependency com.github.dasniko:testcontainers-keycloak to v3.4.0 by @renovate in #225
• Only enable contentgrid configuration discovery in kubernetes when in runtime-platform mode by @vierbergenlars in #274
• Update grafana/grafana Docker tag to v11.2.0 by @renovate in #277
• Update docker.io/openpolicyagent/opa Docker tag to v0.68.0 by @renovate in #278
• Update plugin org.springframework.boot to v3.3.3 by @renovate in #276
• ACC-1587 Disable OTLP metrics export by default by @thijslemmens in #279
• Do not cache client registration indefinitely by @vierbergenlars in #280
• Update dependency gradle to v8.10.1 by @renovate in #281
• ACC-1464 Update to Java 21 by @thijslemmens in #284

Full Changelog: v0.5.0...v0.6.0

v0.5.0

Added

• Adds runtime actuator ContentGridEndpoint by @tgeens in #199
• Internal JWT authentication between gateway and upstream
  • Add subsystem to locally issue signed JWTs, replacing TokenRelay filter by @vierbergenlars in #230
  • Add x-abac-policy claim to internal issued JWT by @vierbergenlars in #231
• Automatically refresh authentication tokens in session
  • Add system to refresh spring-security Authentication by @vierbergenlars in #235
  • Add tests for spring-security Authentication refresh by @vierbergenlars in #237
• Support for delegated authentication tokens in runtime platform
  • ACC-985: Add support for authentication endpoints in the namespace of a contentgrid app by @vierbergenlars in #239
  • Make it possible to bypass OPA authorization for runtime platform endpoints by @vierbergenlars in #243
  • ACC-1459: Add AuthenticationDetails GrantedAuthority to spring Authentication tokens by @vierbergenlars in #258
  • ACC-1459: Handle authentication with extension service accounts by @vierbergenlars in #259
  • ACC-1459: authentication for delegated access tokens by @vierbergenlars in #263
• Support for OLTP tracing
  • [ACC-1462] Add dependencies for integration with otlp by @thijslemmens in #249
  • ACC-1462 Instrument JwtIssuer by @thijslemmens in #262

Changed

Warning

Breaking changes

• Rego policies must now use input.auth.principal instead of input.auth.user
• The userinfo endpoint on /me is now disabled by default. It can be re-enabled by setting contentgrid.gateway.user-info.enabled=true

• Use DefaultOpaInputProvider when runtime-platform is not enabled by @tgeens in #208
• Configure routes in a RouteLocator with the proper filters applied, instead of looking in configuration by @vierbergenlars in #221
• Disable userinfo endpoint by default, and make it reflect AuthenticationDetails information by @vierbergenlars in #263

Bugfixes

• Service Discovery: Use informers instead of watchers by @rschev in #216
• Fix passing through of ABAC context to upstream service by @vierbergenlars in #220

Housekeeping

• Use renovate contentgrid presets by @tgeens in #204
• Apply conventions plugin by @vierbergenlars in #223
• [ACC-1350] allow access to architect root profile by @NielsCW in #233
• Document existing configuration properties by @vierbergenlars in #242
• ACC-1459: Move runtime configurations out of the main configurations by @vierbergenlars in #244
• Move test fixtures to separate source root from tests by @vierbergenlars in #250

Dependency updates

• Update plugin org.springframework.boot to v3.1.6 by @renovate in #203
• Update dependency com.github.dasniko:testcontainers-keycloak to v3.2.0 by @renovate in #206
• Update dependency gradle to v8.5 by @renovate in #209
• Update actions/setup-java action to v4 by @renovate in #210
• Update docker.io/openpolicyagent/opa Docker tag to v0.59.0 by @renovate in #211
• Update dependency com.contentgrid.thunx:thunx-bom to v0.10.0 by @renovate in #213
• Update docker.io/openpolicyagent/opa Docker tag to v0.60.0 by @renovate in #214
• Update plugin org.ajoberstar.reckon.settings to v0.18.2 by @renovate in #215
• Update docker.io/openpolicyagent/opa Docker tag to v0.61.0 by @renovate in #217
• Update dependency org.springframework.cloud:spring-cloud-dependencies to v2022.0.5 by @renovate in #218
• Update dependency gradle to v8.6 by @renovate in #219
• Update plugin org.ajoberstar.reckon.settings to v0.18.3 by @renovate in #222
• Update docker.io/openpolicyagent/opa Docker tag to v0.62.0 by @renovate in #224
• Update docker.io/openpolicyagent/opa Docker tag to v0.62.1 by @renovate in #226
• Update dependency gradle to v8.7 by @renovate in #227
• Update plugin org.sonarqube to v5 by @renovate in #228
• Update docker.io/openpolicyagent/opa Docker tag to v0.63.0 by @renovate in #229
• Update docker.io/openpolicyagent/opa Docker tag to v0.64.0 by @renovate in #234
• Update docker.io/openpolicyagent/opa Docker tag to v0.64.1 by @renovate in #236
• Update plugin io.spring.dependency-management to v1.1.5 by @renovate in #238
• Update docker.io/openpolicyagent/opa Docker tag to v0.65.0 by @renovate in #240
• Update dependency gradle to v8.8 by @renovate in #241
• [ACC-1128] Move to Spring boot 3.3.1 by @thijslemmens in #246
• Update dependency com.contentgrid.thunx:thunx-bom to v0.11.0 by @renovate in #247
• ACC-1128 Correct BouncyCastle dependency by @thijslemmens in #248
• Update dependency org.bouncycastle:bcprov-jdk18on to v1.78.1 by @renovate in #252
• Update dependency org.springframework.cloud:spring-cloud-dependencies to v2023 by @renovate in #212
• Update grafana/grafana Docker tag to v10.4.5 by @renovate in #253
• Update plugin io.spring.dependency-management to v1.1.6 by @renovate in #261
• Update docker.io/openpolicyagent/opa Docker tag to v0.66.0 by @renovate in #245
• Update plugin org.sonarqube to v5.1.0.4882 by @renovate in #257
• Update grafana/grafana Docker tag to v11 by @renovate in #255
• Update quay.io/keycloak/keycloak Docker tag to v24.0.5 by @renovate in #254
• Update dependency com.nimbusds:nimbus-jose-jwt to v9.40 by @renovate in #251

New Contributors

• @NielsCW made their first contribution in #233
• @thijslemmens made their first contribution in #246

Full Changelog: v0.4.0...v0.5.0

v0.4.0

What's Changed

• Publicly publish gateway docker image by @tgeens in #54
• Bump io.spring.dependency-management from 1.0.14.RELEASE to 1.1.0 by @dependabot in #55
• Bump org.springframework.boot from 2.7.4 to 2.7.5 by @dependabot in #56
• Bump testcontainers-bom from 1.17.5 to 1.17.6 by @dependabot in #58
• Service discovery for automic routes and opa queries by @rschev in #60
• Remove xenit-docker gradle plugins by @tgeens in #65
• Bump gradle-wrapper from 7.3.3 to 7.5.1 by @tgeens in #66
• Create a RouteDefinitionLocator instead of a RouteLocator by @vierbergenlars in #69
• Bump thunx-bom from 0.4.2 to 0.5.0 by @dependabot in #70
• Use relocated rest-assured coordinates and use spring boot dependency management by @tgeens in #72
• Remove deprecated http tracing actuator by @tgeens in #75
• Upgrade Spring Boot from 2.7.5 to 3.0.0 by @tgeens in #73
• Use the Spring Cloud managed depdency 'io.fabric8:kubernetes-client` by @tgeens in #74
• Replace custom AppInstance with Spring Cloud ServiceInstance by @tgeens in #78
• Bump org.springframework.boot from 3.0.0 to 3.0.1 by @dependabot in #76
• Add GitHub action to update Gradle wrapper by @tgeens in #36
• Manually dispatch update-gradle-wrapper task by @tgeens in #80
• Update Gradle Wrapper from 7.5.1 to 7.6 by @github-actions in #81
• Store application-id and deployment-id in request-attributes by @tgeens in #79
• Bump org.springframework.boot from 3.0.1 to 3.0.2 by @dependabot in #82
• Setup dynamic oauth2 login for the Runtime Platform by @tgeens in #83
• Bump spring-cloud-dependencies from 2022.0.0 to 2022.0.1 by @dependabot in #84
• Runtime OAuth2 login should only match app-requests with app-id by @tgeens in #85
• Introduce value-types for ApplicationId and DeploymentId by @tgeens in #86
• Setup k8s runtime app-config secret watcher by @tgeens in #87
• Setup runtime-platform oauth2login to read config from app-config-repo by @tgeens in #89
• Relocate packages from eu.xenit.alfred.content.gateway to com.contentgrid.gateway by @tgeens in #90
• Sonarcube gradle setup by @tgeens in #91
• GHA: skip sonar check when SONAR_TOKEN is not set by @tgeens in #93
• Bump com.dajudge.kindcontainer:kindcontainer from 1.3.1 to 1.4.1 by @dependabot in #92
• Bump org.sonarqube from 3.5.0.2730 to 4.0.0.2929 by @dependabot in #94
• Update Gradle Wrapper from 7.6 to 8.0.1 by @github-actions in #96
• Bump org.springframework.boot from 3.0.2 to 3.0.3 by @dependabot in #95
• Bump org.springframework.boot from 3.0.3 to 3.0.4 by @dependabot in #97
• Add jacoco test report for sonar analysis by @tgeens in #101
• Bump com.contentgrid.thunx:thunx-bom from 0.5.0 to 0.6.0 by @dependabot in #99
• Add dynamic multi-tenant jwt-bearer auth for ContentGrid Runtime Platform by @tgeens in #98
• Bump com.github.dasniko:testcontainers-keycloak from 2.4.0 to 2.5.0 by @dependabot in #103
• Introduce RuntimeSessionManager, so SESSION-cookies are effectively partioned by application-id by @tgeens in #102
• Update Gradle Wrapper from 8.0.1 to 8.0.2 by @github-actions in #100
• Use gradle-platforms for spring-cloud-dependencies by @tgeens in #104
• Splits k8s secret watcher from the config-repository class by @tgeens in #105
• Track K8S configmap to load CG App Config (e.g.: routing domains) by @tgeens in #106
• Refactor runtime configuration and add contextLoads() tests by @tgeens in #108
• Move runtime classes to .runtime subpackage by @tgeens in #109
• Convert anonymous bean implementations into classes by @tgeens in #110
• Hide request-routing logic behind strategy-interface by @tgeens in #107
• ApplicationId and DeploymentId .from(String) should not return an Optional by @tgeens in #111
• Use ApplicationId and DeploymentId value objects instead of stringy-typed values by @tgeens in #113
• Rename ServiceTracker into ServiceCatalog by @tgeens in #114
• Bump org.springframework.boot from 3.0.4 to 3.0.5 by @dependabot in #112
• Bump com.contentgrid.thunx:thunx-bom from 0.6.0 to 0.6.1 by @dependabot in #116
• Making ConcurrentLookup threadsafe, testing with jcstress by @tgeens in #117
• Bump org.springframework.cloud:spring-cloud-dependencies from 2022.0.1 to 2022.0.2 by @dependabot in #118
• Add support for runtime routing domains by @tgeens in #115
• Making mutating methods on Observable synchronized as a 'temp measure' by @tgeens in #119
• Dynamic Runtime CORS configuration by @tgeens in #120
• Add micrometer-registry-prometheus to the runtime classpath by @tgeens in #121
• Fix removing domains by @tgeens in #122
• Configure Renovate by @renovate in #128
• Update plugin org.springframework.boot to v3.0.6 by @renovate in #129
• Update dependency gradle to v8.1.1 by @renovate in #130
• Bump org.ajoberstar.reckon from 0.16.1 to 0.18.0 by @dependabot in #126
• Publish docker image to ghcr.io by @tgeens in #135
• Update docker.io/openpolicyagent/opa Docker tag to v0.52.0 by @renovate in #133
• Update dependency com.contentgrid.thunx:thunx-bom to v0.6.2 by @renovate in #139
• Migrate tests to K3S container instead of kind by @rschev in #142
• Update plugin org.springframework.boot to v3.1.0 by @renovate in #137
• Update dependency org.springframework.cloud:spring-cloud-dependencies to v2022.0.3 by @renovate in #144
• Bump org.sonarqube from 4.0.0.2929 to 4.1.0.3113 by @dependabot in #148
• Update docker.io/openpolicyagent/opa Docker tag to v0.53.0 by @renovate in #146
• Bump org.testcontainers:testcontainers-bom from 1.18.1 to 1.18.2 by @dependabot in #149
• Remove dependabot, replaced by renovatebot by @tgeens in #141
• Update plugin org.sonarqube to v4.2.0.3129 by @renovate in #147
• Update dependency org.testcontainers:testcontainers-bom to v1.18.3 by @renovate in #132
• Update docker.io/openpolicyagent/opa Docker tag to v0.53.1 by @renovate in #150
• Update plugin org.sonarqube to v4.2.1.3168 by @renovate in #151
• Update plugin org.springframework.boot to v3.1.1 by @renovate in https://githu...

v0.3.0

Added

• Add support for OAuth Bearer token authentication by @tgeens in #13
• Configurable CORS settings by @tgeens in #20
• Add httptrace actuator by @tgeens in #21

Changed

• Rename project to contentgrid-gateway by @rschev in #53
• Stopped publishing a public docker-image build by @rschev in #53
• Tag docker-images of SNAPSHOT builds with shorthand tag :SNAPSHOT by @tgeens in #23
• Strip all Access-Control-* response headers from the downstream response by @tgeens in #37
• When connecting to an upstream fails, raise HTTP 503 by @vierbergenlars in #47

Housekeeping

• Extract dependency eu.xenit.contentcloud.thunx version into property by @tgeens in #29

Dependency updates

• Dependency relocated and updated from eu.xenit.contentcloud.thunx:0.3.3 to com.contentgrid.thunx:0.4.2 by @rschev in #53
• Bump testcontainers-bom from 1.16.3 to 1.17.5 by @dependabot in #26 #33 #40 #52 #28 #27
• Bump org.springframework.boot from 2.6.6 to 2.7.4 by @dependabot in #30 #34 #38 #42 #45 #50
• Bump io.spring.dependency-management from 1.0.11.RELEASE to 1.0.14.RELEASE by @dependabot in #41 #43 #49
• Bump spring-cloud-dependencies from 2021.0.1 to 2021.0.4 by @dependabot in #35 #48
• Bump eu.xenit.docker-compose from 5.3.1 to 5.3.2 by @dependabot in #44
• Bump eu.xenit.docker from 5.3.1 to 5.3.2 by @dependabot in #46

Full Changelog: v0.2.0...v0.3.0

v0.2.0

Important

• This release resolves CVE-2022-22965

Changed

• Make OPA an optional dependency (mainly for integration tests) by @tgeens in #15
• Make gradle task 'keycloakBootRun' a real BootRun tasks by @tgeens in #16
• Added 'console' profile by @tgeens in #17
• Add integration test for OAuth2/OIDC authentication by @tgeens in #18

Dependencies

• Bump org.ajoberstar.reckon from 0.13.1 to 0.16.0 by @dependabot in #8
• Bump spring-cloud-dependencies from 2021.0.0 to 2021.0.1 by @dependabot in #9
• Bump org.ajoberstar.reckon from 0.16.0 to 0.16.1 by @dependabot in #10
• Bump org.springframework.boot from 2.6.3 to 2.6.4 by @dependabot in #11
• Bump org.springframework.boot from 2.6.4 to 2.6.5 by @dependabot in #14
• Bump org.springframework.boot from 2.6.5 to 2.6.6 by @dependabot in #19

Full Changelog: v0.1.1...v0.2.0