v0.15.0

0.15.0 (2024-09-16)

This release marks a significant milestone for the project as it is our first version without the alpha suffix in the version. I want to extend a heartfelt thank you to everyone who supported the project and me through ideas, insights, and valuable discussions.

A special thanks goes to @davidspek for the preparation work related to the new matching API for the rules. Many of the new features and improvements in this release are a direct result of that effort.

⚠ BREAKING CHANGES

• Made the usage of if clauses in authentication & authorization, and error pipelines consistent (#1784)
• Deprecated OTEL attributes replaced (#1669)
• Configuration of signer moved into jwt finalizer (#1534)
• Demo installation removed from the helm chart (#1544)
• Subject has been made immutable (#1487)
• Rule matching configuration API redesigned (#1358)
• Default rule rejects requests with encoded slashes in the path of the URL with 400 Bad Request (#1358)
• Support for rule_path_match_prefix on endpoint configurations for http_endpoint and cloud_blob providers has been dropped (#1358)

Features

• Glob expressions are context aware and use . for host related expressions and / for path related ones as separators (#1358) (f2f6867)
• Multiple rules can be defined for the same path, e.g. to have separate rules for read and write requests (#1358) (f2f6867)
• New endpoint auth type to create http message signatures for outbound requests according to RFC 9421 (#1507) (672988d)
• Route based matching of rules (#1766) (8ef379d)
• Support for backtracking while matching rules (#1358) (f2f6867)
• Support for free and single (named) wildcards for request path matching and access of the captured values from the pipeline (#1358) (f2f6867)

Code Refactorings

• Configuration of signer moved into jwt finalizer (#1534) (4475745)
• Default rule rejects requests with encoded slashes in the path of the URL with 400 Bad Request (#1358) (f2f6867)
• Demo installation removed from the helm chart (#1544) (f8770b3)
• Deprecated OTEL attributes replaced (#1669) (e5ed3a5)
• Made the usage of if clauses in authentication & authorization, and error pipelines consistent (#1784) (2577f56)
• Rule matching configuration API redesigned (#1358) (f2f6867)
• Subject has been made immutable (#1487) (6c4957f)
• Support for rule_path_match_prefix on endpoint configurations for http_endpoint and cloud_blob providers has been dropped (#1358) (f2f6867)

Performance Improvements

• O(log(n)) time complexity for lookup of rules (#1358) (f2f6867)

Bug Fixes

• Corrected the placement of namespace selector properties in the Helm chart's admission controller configuration (#1752). (4c059b3)
• Fixed a nil pointer error in the Helm chart that occurred when a deployment was configured with custom annotations due to an incorrect reference in the deployment template (#1752). (4c059b3)
• Taking updates of certificates into account while collecting metrics (#1534) (4475745)
• Updated the admission controller configuration in the Helm chart to align with the redesigned structure done in v0.12.0-alpha release of heimdall (#1752). (4c059b3)

Documentation

• Guide for First-Party Authentication with OpenID Connect (#1789) (8c6b9c3)
• New integration guide for Envoy Gateway (#1412) (526f381)
• NGING Ingress Controller guide updated to cover global integration options (#1469) (a710a64)
• Traefik guide updated to cover Ingress, IngressRoute and HTTPRoute based integration options (#1420) (303095e)

Dependencies

• update golang to v1.23.1 (#1793) (54e6cad)
• update golang.org/x/exp digest to 701f63a (#1793) (54e6cad)
• update google.golang.org/genproto/googleapis/rpc digest to 8af14fe (#1793) (54e6cad)
• update module github.com/go-playground/validator/v10 to v10.22.1 (#1793) (54e6cad)
• update module github.com/jellydator/ttlcache/v3 to v3.3.0 (#1793) (54e6cad)
• update module github.com/masterminds/sprig/v3 to v3.3.0 (#1793) (54e6cad)
• update module github.com/prometheus/client_golang to v1.20.3 (#1793) (54e6cad)
• update module github.com/redis/rueidis to v1.0.45 (#1793) (54e6cad)
• update module github.com/redis/rueidis/rueidisotel to v1.0.45 (#1793) (54e6cad)
• update module github.com/rs/cors to v1.11.1 (#1793) (54e6cad)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.55.0 (#1793) (54e6cad)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.55.0 (#1793) (54e6cad)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.55.0 (#1793) (...

v0.14.5-alpha

0.14.5-alpha (2024-08-25)

This is just a regular monthly patch release with updated dependencies.

Dependencies

• update github.com/youmark/pkcs8 digest to a2c0da2 (#1671) (ad37b99)
• update golang to v1.23.0 (#1711) (0a67326)
• update golang.org/x/exp digest to 9b4947d (#1724) (c9bf5dc)
• update google.golang.org/genproto/googleapis/rpc digest to 4ba0660 (#1725) (661716a)
• update kubernetes packages to v0.31.0 (#1708) (49a7b18)
• update module github.com/dlclark/regexp2 to v1.11.4 (#1686) (e4827de)
• update module github.com/envoyproxy/go-control-plane to v0.13.0 (#1716) (a06cb40)
• update module github.com/go-jose/go-jose/v4 to v4.0.4 (#1673) (2dfb142)
• update module github.com/go-viper/mapstructure/v2 to v2.1.0 (#1702) (0115fe8)
• update module github.com/google/cel-go to v0.21.0 (#1684) (0601589)
• update module github.com/jellydator/ttlcache/v3 to v3.2.1 (#1734) (161689d)
• update module github.com/prometheus/client_golang to v1.20.2 (#1727) (6194d6d)
• update module github.com/redis/rueidis to v1.0.44 (#1700) (9b7c43b)
• update module github.com/redis/rueidis/rueidisotel to v1.0.44 (#1701) (02731bd)
• update module github.com/tidwall/gjson to v1.17.3 (#1681) (f5e1707)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.54.0 (#1728) (c66e903)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.54.0 (#1729) (eef6b6e)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.54.0 (#1730) (01865ed)
• update module go.opentelemetry.io/contrib/instrumentation/runtime to v0.54.0 (#1731) (415953d)
• update module go.opentelemetry.io/contrib/propagators/autoprop to v0.54.0 (#1732) (3f6edea)
• update module go.uber.org/fx to v1.22.2 (#1694) (810d995)
• update module gocloud.dev to v0.38.0 (#1735) (b32d5c0)
• update opentelemetry-go monorepo to v1.29.0 (#1733) (e093267)

v0.14.4-alpha

0.14.4-alpha (2024-07-25)

Bug Fixes

• OAuth2 iss claim verification in JWT/OIDC authenticators when used with metadata_endpoint (#1660) by @martin31821 (a9947f2)
• Trailing useless bytes ignored while parsing PEM content (#1564) (0c52bd3)

Dependencies

• update golang to v1.22.5 (#1592) (1d4de85)
• update golang.org/x/exp digest to 8a7402a (#1644) (6fbbf15)
• update google.golang.org/genproto/googleapis/rpc digest to e6d459c (#1654) (103c1ac)
• update kubernetes packages to v0.30.2 (#1540) (70fdd62)
• update module github.com/dlclark/regexp2 to v1.11.2 (#1630) (afd7c92)
• update module github.com/go-co-op/gocron/v2 to v2.11.0 (#1645) (42688aa)
• update module github.com/go-jose/go-jose/v4 to v4.0.3 (#1625) (59caff8)
• update module github.com/go-playground/validator/v10 to v10.22.0 (#1537) (1f6eeaa)
• update module github.com/redis/rueidis to v1.0.41 (#1617) (3919aaf)
• update module github.com/redis/rueidis/rueidisotel to v1.0.41 (#1619) (69bc2aa)
• update module github.com/spf13/cobra to v1.8.1 (#1551) (871ee91)
• update module github.com/tonglil/opentelemetry-go-datadog-propagator to v0.1.3 (#1579) (27c1026)
• update module github.com/wi2l/jsondiff to v0.6.0 (#1558) (c4cfd07)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.53.0 (#1600) (84b330f)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.53.0 (#1601) (31834e0)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.53.0 (#1602) (d3d2328)
• update module go.opentelemetry.io/contrib/instrumentation/runtime to v0.53.0 (#1603) (b23bc0b)
• update module go.opentelemetry.io/contrib/propagators/autoprop to v0.53.0 (#1604) (f8679e9)
• update module go.uber.org/fx to v1.22.1 (#1577) (49ab1c2)
• update module google.golang.org/grpc to v1.65.0 (#1589) (dad8e53)
• update module google.golang.org/protobuf to v1.34.2 (#1535) (12aa205)
• update module k8s.io/api to v0.30.3 (#1640) (9b2e072)
• update module k8s.io/client-go to v0.30.3 (#1641) (333c81f)
• update module k8s.io/klog/v2 to v2.130.1 (#1567) (d16ecbe)
• update opentelemetry-go monorepo to v1.28.0 (#1591) (a33f586)

v0.14.3-alpha

0.14.3-alpha (2024-06-09)

This is just a regular monthly patch release with updated dependencies.

Dependencies

• update golang to v1.22.4 (#1517) (a86784a)
• update golang.org/x/exp digest to fc45aab (#1515) (f07ae39)
• update google.golang.org/genproto/googleapis/rpc digest to ef581f9 (#1516) (acc5740)
• update kubernetes packages to v0.30.1 (#1466) (dc68e5e)
• update module github.com/go-jose/go-jose/v4 to v4.0.2 (#1450) (1aba621)
• update module github.com/go-playground/validator/v10 to v10.21.0 (#1509) (0c9167e)
• update module github.com/go-viper/mapstructure/v2 to v2.0.0 (#1510) (d7224ff)
• update module github.com/goccy/go-json to v0.10.3 (#1476) (32f5eca)
• update module github.com/redis/rueidis to v1.0.38 (#1502) (91569ee)
• update module github.com/redis/rueidis/rueidisotel to v1.0.38 (#1503) (63dec15)
• update module github.com/rs/zerolog to v1.33.0 (#1490) (9579381)
• update module github.com/santhosh-tekuri/jsonschema/v6 to v6.0.1 (#1520) (3648c59)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.52.0 (#1478) (535aa2f)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.52.0 (#1480) (509d4b3)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.52.0 (#1482) (b112767)
• update module go.opentelemetry.io/contrib/instrumentation/runtime to v0.52.0 (#1483) (4c8707c)
• update module go.opentelemetry.io/contrib/propagators/autoprop to v0.52.0 (#1484) (57c5a6a)
• update module go.opentelemetry.io/otel to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/bridge/opentracing to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttpto to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/prometheus to v0.49.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/exporters/zipkin to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/metric to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/sdk to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/sdk/metric to v1.27.0 (#1481) (384612e)
• update module go.opentelemetry.io/otel/trace to v1.27.0 (#1481) (384612e)
• update module go.uber.org/fx to v1.22.0 (#1501) (37ddf79)
• update module google.golang.org/grpc to v1.64.0 (#1462) (9d5e47c)

v0.14.2-alpha

0.14.2-alpha (2024-05-12)

This is just a regular monthly patch release with updated dependencies.

Dependencies

• update golang to v1.22.3 (#1428) (524a3d4)
• update kubernetes packages to v0.30.0 (#1368) (04cba69)
• update module github.com/go-co-op/gocron/v2 to v2.5.0 (#1424) (c3449a0)
• update module github.com/go-playground/validator/v10 to v10.20.0 (#1402) (a965ef0)
• update module github.com/prometheus/client_golang to v1.19.1 (#1434) (d778e9c)
• update module github.com/redis/rueidis to v1.0.37 (#1440) (ce2e65b)
• update module github.com/redis/rueidis/rueidisotel to v1.0.37 (#1441) (5c163b5)
• update module github.com/rs/cors to v1.11.0 (#1383) (b44b9c0)
• update module github.com/wi2l/jsondiff to v0.5.2 (#1370) (fd0cb04)
• update module github.com/youmark/pkcs8 to v0.0.0-20240424034433-3c2c7870ae76 (#1407) (587f073)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.51.0 (#1387) (ce65b02)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.51.0 (#1389) (5688d8f)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.51.0 (#1390) (2357888)
• update module go.opentelemetry.io/contrib/instrumentation/runtime to v0.51.0 (#1391) (a58f629)
• update module go.opentelemetry.io/contrib/propagators/autoprop to v0.51.0 (#1392) (fc87ef5)
• update module go.opentelemetry.io/otel to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/bridge/opentracing to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/prometheus to v0.48.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/exporters/zipkin to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/metric to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/sdk to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/sdk/metric to v1.26.0 (#1385) (3c531d7)
• update module go.opentelemetry.io/otel/trace to v1.26.0 (#1385) (3c531d7)
• update module go.uber.org/fx to v1.21.1 (#1384) (614117f)
• update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842 (#1422) (561ee65)
• update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240509183442-62759503f434 (#1436) (508e22b)
• update module google.golang.org/protobuf to v1.34.1 (#1421) (e25b077)

v0.14.1-alpha

0.14.1-alpha (2024-04-09)

The main reason for this patch release is GO-2024-2687, which has been fixed in go v1.22.2 and golang.org/x/net v0.23.0.

Dependencies

• update golang to v1.22.2 (#1313) (7c37100)
• update golang.org/x/exp digest to c0f41cb (#1318) (723ad16)
• update module github.com/knadh/koanf/v2 to v2.1.1 (#1308) (502cdcb)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.50.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.50.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.50.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/contrib/instrumentation/runtime to v0.50.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/contrib/propagators/autoprop to v0.50.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/bridge/opentracing to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/prometheus to v0.47.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/exporters/zipkin to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/metric to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/sdk to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/sdk/metric to v1.25.0 (#1329) (dbb40bd)
• update module go.opentelemetry.io/otel/trace to v1.25.0 (#1329) (dbb40bd)
• update module google.golang.org/grpc to v1.63.2 (#1339) (8ee3942)

v0.14.0-alpha

0.14.0-alpha (2024-04-02)

Features

• env settings in helm chart extended to support ConfigMaps, Secrets and Pod configuration in addition to string literals (#1128) by @martin31821 (bf75c97)
• Helm chart supports setting environment variables by referencing either a ConfigMap or a Secret via envFrom (#1128) by @martin31821 (bf75c97)
• Hot reloading of Signer keys store (#1232) (36076e1)
• Hot reloading of TLS key stores (#1230) (9abf723)
• Redis as (distributed) cache (#999) by @tk-innoq (2f9ba81)

Bug Fixes

• audience assertion adheres to RFC-7519, section 4.1.3 (#1237) (560a470)
• Rule set, the rule is loaded from, is considered while updating or deleting rules (#1298) (e571248)

Documentation

• Contour integration guide updated to cover global configuration in addition to the route based one (#1253) (74bcebd)
• Documentation restructured to make it more comprehensive (#1075) by @godrin, @REABMAX, @Ebano and @KieronWiltshire (6612633)
• HAProxy guide updated to cover global integration with the Ingress Controller (#1240) (ed27797)
• Integration guide for OpenFGA (#1299) (1d8bea2)
• Traefik integration guide updated to cover global configuration in addition to the route based one (#1269) (73b1d4c)

Dependencies

• update golang to 1.22.1 (#1219) (4449cb7)
• update golang.org/x/exp digest to a685a6e (#1245) (41ba4a2)
• update google.golang.org/genproto/googleapis/rpc digest to c3f9821 (#1301) (4ccf593)
• update kubernetes packages to v0.29.3 (#1249) (43f3233)
• update module github.com/dlclark/regexp2 to v1.11.0 (#1209) (c51eda9)
• update module github.com/evanphx/json-patch/v5 to v5.9.0 (#1156) (3770509)
• update module github.com/go-co-op/gocron/v2 to v2.2.9 (#1292) (3555329)
• update module github.com/go-jose/go-jose/v4 to v4.0.1 [security] (#1225) (45e5a46)
• update module github.com/go-playground/validator/v10 to v10.19.0 (#1217) (564d256)
• update module github.com/google/cel-go to v0.20.1 (#1224) (a0669a8)
• update module github.com/google/uuid to v1.6.0 (#1151) (5f9dc9c)
• update module github.com/grpc-ecosystem/go-grpc-middleware/v2 to v2.1.0 (#1241) (bff3874)
• update module github.com/jellydator/ttlcache/v3 to v3.2.0 (#1198) (7c560d2)
• update module github.com/knadh/koanf/v2 to v2.1.0 (#1178) (1e344d3)
• update module github.com/ory/ladon to v1.3.0 (#1222) (3ca9ec4)
• update module github.com/prometheus/client_golang to v1.19.0 (#1212) (256932f)
• update module github.com/rs/zerolog to v1.32.0 (#1165) (d4678f6)
• update module github.com/tidwall/gjson to v1.17.1 (#1187) (a1680a1)
• update module github.com/tonglil/opentelemetry-go-datadog-propagator to v0.1.2 (#1215) (0d2a6ce)
• update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.49.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/contrib/instrumentation/host to v0.49.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.49.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/contrib/instrumentation/runtime to v0.49.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/contrib/propagators/autoprop to v0.49.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/bridge/opentracing to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to v1.24.0 (#1209) (c51eda9)
• update module go.opentelemetry.io/otel/exporters/prometheus to v0.46.0 (#1209) ([c51ed...

v0.13.0-alpha

0.13.0-alpha (2024-01-03)

⚠ BREAKING CHANGES

• Endpoint specific HTTP cache settings refactored to allow HTTP cache ttl definition (#1043)

Features

• OAuth2/OIDC metadata discovery for jwt authenticator (#1043) (2dbfa5f) by @martin31821
• OAuth2/OIDC metadata discovery for oauth2_introspection authenticator (#1043) (2dbfa5f) by @martin31821

Code Refactorings

• Endpoint specific HTTP cache settings refactored to allow HTTP cache ttl definition (#1043) (2dbfa5f)

Bug Fixes

• Accept header usage (#1107) (f738ee8)
• Setting of binary artifacts version fixed (#1087) (f7dbbee)

Dependencies

• update golang to 1.21.5 (#1082) (a996ce7)
• update golang.org/x/exp digest to 02704c9 (#1111) (1e18000)
• update google.golang.org/genproto/googleapis/rpc digest to 50ed04b (#1115) (eda1d2d)
• update kubernetes packages to v0.29.0 (#1100) (65b3619)
• update module github.com/envoyproxy/go-control-plane to v0.12.0 (#1117) (7fbb737)
• update module github.com/go-co-op/gocron/v2 to v2.1.2 (#1116) (13505da)
• update module github.com/google/uuid to v1.5.0 (#1097) (5273ac8)
• update module github.com/jellydator/ttlcache/v3 to v3.1.1 (#1102) (90dcc4d)
• update module github.com/prometheus/client_golang to v1.18.0 (#1112) (57da7ec)
• update module gocloud.dev to v0.36.0 (#1113) (584d51f)
• update module google.golang.org/grpc to v1.60.1 (#1105) (329f647)
• update module google.golang.org/protobuf to v1.32.0 (#1109) (47d7785)

New Contributors

• @martin31821

v0.12.0-alpha

0.12.0-alpha (2023-11-29)

First of all, a big thank you to all indirect and direct (@netthier, @sja) contributors for making this release possible!!!

⚠ BREAKING CHANGES

• Support for X-Forwarded-Path header dropped (#1073)
• if conditional statements for error pipeline mechanisms (#1055)
• Request.ClientIP renamed to Request.ClientIPAddresses to reflect the actual contents (#1066)
• The term "scheme" is used properly as defined by RFC9110 (#1042)
• Rule(-Set) related configuration properties mechanisms , default and providers moved one level up and renamed (#1028)
• Support for noop authenticator removed (#1015)
• Endpoint specific client_credentials auth strategy renamed to oauth2_client_credentials (#975)
• unifier renamed to finalizer (#956)
• Support for OTEL metrics (#948)
• Proxy implementation migrated from fiber to stdlib http package (#889)
• Support for OpenTelemetry Jaeger exporter dropped (It has been deprecated by Jaeger back in 2022) (#884)

Features

• client_credentials authentication strategy for Endpoint enhanced to support the same options as the corresponding finalizer (#971) (ec16d5d)
• finalizers are optional (#1027) (864c879)
• if conditional statements for error pipeline mechanisms (#1055) (7cf97dc)
• Access to request body in templates and CEL expressions (#1069) (69dd7d2)
• Container images are published to GHCR in addition to DockerHub (#1041) (04b1066)
• Helm chart pulls heimdall container image from ghcr.io instead from DockerHub (#1053) (b3c729a)
• HTTP 2.0 support (#889) (ffcccf6)
• Kubernetes RuleSet resource deployment/usage status (#987) (738e3ec)
• New oauth2_client_credentials finalizer (#959) (4c9f807)
• New trace log level allowing dumping HTTP requests, responses and the current Subject contents (#877) (512f1ed)
• Opt-In for url-encoded slashes in URL paths (#1071) (96bb188)
• Release archive contains an SBOM in CycloneDX (json) format (#867) (d8a7cff)
• RuleSet version increased to 1alpha3, respectively to v1alpha3 in k8s CRD (#1054) (943c9ce)
• SBOM and attestations for published container images (#868) (3564870)
• SSE support (#889) (ffcccf6)
• Support for OTEL metrics (#948) (eeb5a82)
• Templating support in remote authorizer and generic contextualizer values property (#1047) (2835faa)
• Validating admission controller for RuleSet resources (#984) (3357e57)
• WebSockets support (#889) (ffcccf6)

Code Refactorings

• Request.ClientIP renamed to Request.ClientIPAddresses to reflect the actual contents (#1066) (0f9484f)
• unifier renamed to finalizer (#956) (d54e39d)
• Endpoint specific client_credentials auth strategy renamed to oauth2_client_credentials (#975) (b11005c)
• Proxy implementation migrated from fiber to stdlib http package (#889) (ffcccf6)
• Rule(-Set) related configuration properties mechanisms , default and providers moved one level up and renamed (#1028) (f6ce3b8)
• Support for noop authenticator removed (#1015) (8cb3bd3)
• Support for X-Forwarded-Path header dropped (#1073) (342c11a)
• Support for OpenTelemetry Jaeger exporter dropped (It has been deprecated by Jaeger back in 2022) (#884) (97b81b1)

Bug Fixes

• HTTP method expansion in k8s RuleSet resources (#1005) (861c2b6)
• Kubernetes RuleSet resource is unloaded by heimdall on authClassName mismatch (#987) (738e3ec)
• Making use of better constraints in the definition of the RuleSet CRD to not exceed the k8s rule cost budget (#1004) (7d71351)
• MIME type decoder covers optional parameters (#1057) (c1c088c)
• The term "scheme" is used properly as defined by RFC9110 (#1042) (aaf4bd3)

Documentation

• Integration guide and demo for (Ambassador) emissary ingress controller (#838) (456cfd5)
• Integration guide and demo for HAProxy ingress controller (#837) (3766fa2)
• New landing page (#853) (fc2a337)
• New sections describing signature verification of released archives, container images and the SBOM. (#872) (8f42c24)

Dependencies

• update golang to 1.21.4 (79a0106)
• update golang.org/x/exp digest to 6522937 (#1068) (83827ae)
• update google.golang.org/genproto/googleapis/rpc digest to 3a041ad ([#1067](https://githu...

v0.11.1-alpha

0.11.1-alpha (2023-08-08)

Bug Fixes

• Usage of X-Forwarded-* headers enhanced security wise (#839) (cd4f7e8)
• Fix for wrong HTTP scheme used while matching the rules if heimdall is operated over TLS (#839) (cd4f7e8)

Documentation

• Available integration guides updated to describe secure integration options only (#839) (cd4f7e8)

Dependencies

• update golang.org/x/exp digest to 050eac2 (#842) (964a867)
• update google.golang.org/genproto/googleapis/rpc digest to 1744710 (#841) (8f5c5e3)