Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
commit 86de704 Author: Murillo <103451714+gruceo@users.noreply.github.com> Date: Wed Apr 20 20:18:14 2022 -0300 fix(cp) proper error handling for export_deflated_reconfigure_payload commit 612648c Author: Murillo <103451714+gruceo@users.noreply.github.com> Date: Wed Apr 13 11:28:29 2022 -0300 fix(wrpc) do a pcall for all export_deflated_reconfigure_payload calls We are already wrapping some calls to `export_deflated_reconfigure_payload()` inside a pcall in the `wrpc_control_plane.lua` file. This change is doing a pcall in all the remaining calls to `export_deflated_reconfigure_payload()` in this file to avoid the CP crash whenever we find errors during initialization of modules for example. commit 3c89fa1 Author: Murillo <103451714+gruceo@users.noreply.github.com> Date: Mon Apr 11 16:05:09 2022 -0300 fix(cp) do a pcall for all calls to export_deflated_reconfigure_payload We are already wrapping some calls to `export_deflated_reconfigure_payload()` inside a pcall in the `control_plane.lua` file. This change is doing a pcall in all the remaining calls to `export_deflated_reconfigure_payload()` in this file to avoid the CP crash whenever we find errors during initialization of modules for example. commit 6f20f2f Author: Enrique García Cota <kikito@gmail.com> Date: Fri Apr 22 15:18:24 2022 +0200 tests(hybrid) mark test as flaky (#8713) commit fb8aa2d Author: Suika <100666470+Suika-Kong@users.noreply.github.com> Date: Fri Apr 22 01:24:15 2022 +0800 fix(pdk) ignore user set Tranfer-Encoding (#8698) commit 31ca6ea Author: Colin Hutchinson <hutchic@users.noreply.github.com> Date: Thu Apr 21 11:33:23 2022 +0000 chore(release): cleanup the Jenkins release logic (#8706) commit 39dd728 Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Thu Apr 21 13:32:50 2022 +0300 feat(clustering) atomic export of declarative config with Postgres This minimizes the possibilities of inconsistencies in exported config, especially under high Admin API update traffic. commit 579537b Author: Colin Hutchinson <hutchic@users.noreply.github.com> Date: Wed Apr 20 18:00:04 2022 +0000 Revert "feat(dao) use `cache_key` for target uniqueness detection" (#8705) This reverts commit 9eba2a1. commit a05cc4c Author: Vinicius Mignot <vinicius.mignot@gmail.com> Date: Tue Apr 19 16:42:12 2022 -0300 docs(CHANGELOG) added fix entry commit 9a65902 Author: Vinicius Mignot <vinicius.mignot@gmail.com> Date: Tue Apr 19 15:41:43 2022 -0300 fix(balancer) do not reschedule resolve timer when reloading commit f6aae6f Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Tue Apr 19 17:56:27 2022 +0300 chore(deps) bump luarocks 3.8.0 to 3.9.0 (#8700) * `builtin` build mode now always respects CC, CFLAGS and LDFLAGS * Check that lua.h version matches the desired Lua version * Check that the version of the Lua C library matches the desired Lua version * Fixed deployment of non-wrapped binaries * Fixed crash when `--lua-version` option is malformed * Fixed help message for `--pin` option * Unix: use native methods and don't always rely on $USER to determine user * Windows: use native CLI tooling more * macOS: support .tbd extension when checking for libraries * macOS: add XCode SDK path to search paths * macOS: add best-effort heuristic for library search using Homebrew paths * macOS: avoid quoting issues with LIBFLAG * macOS: deployment target is now 11.0 on macOS 11+ * added DragonFly BSD support * LuaRocks test suite now runs on Lua 5.4 and LuaJIT * Internal dependencies of standalone LuaRocks executable were bumped commit eb9a8ba Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Mon Apr 11 16:35:08 2022 +0300 perf(conf) localize variables needed for configuration parsing Just localizes some variable for a faster configuration parsing, and tidier code. commit 951b93f Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Mon Apr 11 15:57:22 2022 +0300 fix(conf) properly support vault configurations with process secrets Default vault configurations can be configured with Kong configuration. For example using environment variables: - `KONG_VAULT_ENV_PREFIX=vault_` - `KONG_VAULT_HCV_TOKEN=xxx` Previously these settings were not honoured when kong configuration references were dereferenced. This fixes that issue. commit 3d583c8 Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Mon Apr 11 12:49:35 2022 +0300 refactor(pdk) vault pdk to be more like rest of the pdk modules Refactor Vault PDK to follow other Kong PDK modules. This means that functions are created inside `.new` function. This has benefit of being able to access up-value `self`, which means that no direct references to global `kong` is needed. In general, it makes testing and mocking easier too. I need this so I can pass some initial configuration very early on when Kong does process secrets resolving of Kong configuration references. commit 5156596 Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Fri Apr 8 16:33:33 2022 +0300 feat(vaults) store dao references in $refs (needed for rotation) When there are references used in dao fields with `referenceable=true`, Kong replaces the references with values when the data is read (excluding admin api and control planes). When Kong replaces the reference, it is basically lost, and thus the automatic secret rotation cannot be implemented. This commit stores the references on returned entities to `"$refs"` property: ``` local certificate = kong.db.certificates:select(...) -- the possible reference can be found here: print(certificate["$refs"].key) ``` There will be helper functions so `"$refs"` property is not intended to end users. commit ac69743 Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Fri Apr 8 16:00:49 2022 +0300 fix(vaults) do not leak resolved vault references to .kong_env file When Kong prepares a `prefix` directory, it also stores current environment related to Kong in file called `.kong_env`. As Kong resolves the Vault references when it starts, the resolved values got leaked to `.kong_env` file. This was partly because for `vaults-beta` we didn't yet implement secret rotation, and we decided to also not keep the references around when they were resolved. Not that we have added the `"$refs"` property to `kong.configuration`, we can replace the values of configuration with the references before we write the `.kong_env` file. This commit fixes that. commit 7f13cbc Author: Aapo Talvensaari <aapo.talvensaari@gmail.com> Date: Fri Apr 8 15:53:29 2022 +0300 feat(vaults) store configuration references in $refs (needed for rotation and .kong_env cleanup) Kong vault references like `{vault://env/my-env-var}` when used in Kong configuration are replaced with actual secrets. This makes it hard to implement secret rotation as the reference is lost when it is replaced. This commit stores the original references on a side: ```lua kong.configuration[$refs][<key>] = <reference> ``` commit bffa4af Author: Mayo <i@shoujo.io> Date: Tue Apr 19 17:57:40 2022 +0800 chore(ci) changelog label Any PR includes a changelog will add a “core/docs” label which is unnecessary, this PR added an extra label 'changelog' to detect changelog file changes. commit 9eba2a1 Author: yankun-li-kong <77371186+yankun-li-kong@users.noreply.github.com> Date: Tue Apr 19 19:27:23 2022 +0900 feat(dao) use `cache_key` for target uniqueness detection Add new `cache_key(upstream, target)` in targets table for atomic uniqueness detection. Delete useless targets uniqueness detection functions. Targets API returns `409` when creating/updating delicate targets. Add migration functions to add `cache_key` column, delete duplicate targets and add `cache_key` for existing targets. Co-authored-by: Mayo <i@shoujo.io> commit d7a8e66 Author: Mayo <i@shoujo.io> Date: Tue Apr 19 17:36:33 2022 +0800 fix(ldap-auth) free internal pointer after covert to lua string (#8696) commit d4bdae5 Author: Mayo <i@shoujo.io> Date: Tue Apr 19 12:08:09 2022 +0800 refactor(ldap-auth) openssl ffi based asn1 parser/decoder (#8663) Replace asn1 parser/decoder with openssl ffi based functions. commit 79f362d Author: Wheeler Law <whelderwheels613@gmail.com> Date: Mon Apr 18 04:51:32 2022 -0500 chore(CODEOWNERS) add `CODEOWNERS` file to the repo
- Loading branch information
