Skip to content

Release v0.3.0

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 18 Jun 14:20
· 9 commits to main since this release
v0.3.0
acdce91
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Breaking Changes!

Tenant API has changed it's authentication and authorization to use the iam-runtime
Which simplifies iam calls by offloading their complexity to a sidecar.

With this change some of the configuration has been moved to the iam-runtime-infratographer subchart.
Below is an example of how a service may be migrated to the new configuration.

api:
-   permissions:
-     url: https://permissions-api.example.com/api/v1/allow
-   oidc:
-     audience: ""
-     issuer: https://issuer.example.com
-     refreshTimeout: 1m
+   extraVolumes:
+     - name: nats-creds
+       secret:
+         secret-name: my-nats-creds
+
+ iam-runtime-infratographer:
+   config:
+     jwt:
+       issuer: https://issuer.example.com
+       jwksURI: https://issuer.example.com/jwks.json
+     permissions:
+       host: permissions-api.example.com
+     events:
+       enabled: true
+       nats:
+         url: tls://nats:4222
+         publishPrefix: com.example.events
+         publishTopic: tenant-api
+         credsFile: /nats/creds
+  volumeMounts:
+    - name: nats-creds
+      mountPath: /nats

Warning

In the old configuration permissions.url was the full url including scheme and path.
The new configuration is only the host name.

Warning

Previously AuthRelationshipRequest event topics contained the resource type as part of the topic being published to.
Now the topic is statically defined in the config.
In the above example, it's named the same as the service name.

Appropriate updates may be required in your permissions-api deployment to listen on a different topic.

What's Changed

Changelog

🚀 Others

  • 03f9ace Update Helm release common to v2.20.2 (#159)
  • b19b5e0 Update Helm release common to v2.20.3 (#178)
  • db8497c Update Helm release iam-runtime-infratographer to v0.4.3 (#179)
  • 5e693e2 Update dependency go to v1.22.4 (#161)
  • eb95782 Update github.com/99designs/gqlgen-contrib digest to 2c008e7 (#172)
  • e052872 Update golangci/golangci-lint-action action to v5 (#158)
  • bba9afe Update golangci/golangci-lint-action action to v6 (#160)
  • 500bf3f Update goreleaser/goreleaser-action action to v6 (#168)
  • ecdb6c0 Update module entgo.io/contrib to v0.5.0 (#157)
  • f696695 Update module github.com/99designs/gqlgen to v0.17.49 (#162)
  • 767ab73 Update module github.com/brianvoe/gofakeit/v7 to v7.0.3 (#163)
  • 0386cc4 Update module github.com/metal-toolbox/iam-runtime-contrib to v0.1.4 (#173)
  • 6fd5037 Update module github.com/spf13/cobra to v1.8.1 (#174)
  • 385e35c Update module github.com/spf13/viper to v1.19.0 (#167)
  • 18e4719 Update module github.com/vektah/gqlparser/v2 to v2.5.14 [SECURITY] (#170)
  • a4b05a8 Update module github.com/wundergraph/graphql-go-tools to v1.67.3 (#175)
  • fb88721 Update module go.infratographer.com/x to v0.5.3 (#176)
  • acdce91 regenerate with updated packages (#177)
  • 5af6b14 switch to using iam-runtime (#164)
Assets 9
Loading