This release adds basic support for ProxyFix.
- factory methods - add basic support for
ProxyFixto thecreate_configured_appfactory method (briantist#48).
Another bugfix for upstream, this time for scheme rewriting in generated URLs.
- site root - the root URL now has a response, just some plain text at this time but may be expanded later (briantist#46).
- upstream proxying - upstream URLs are not rewritten using the preferred scheme (briantist#45).
This patch release fixes the broken upstream proxying I released previously.
- containers - published container images have been updated from Python 3.10 to Python 3.11 (briantist#41).
- upstream proxying - a previous change to remove deprecated JSON encoder usage in Flask inadvertently broke upstream proxying due a bad import (briantist#42).
This version is full of new features and bugfixes, and our first external contributor!
There's a new factory method that lets you re-use the same config system in place as the CLI without starting the internal web server, for use with a custom WSGI server, support for Brotli compression in upstreams, proper use of proxy environment variables, a new parameter to set a preferred URL scheme to help with reverse proxy use, and the first health check endpoint.
This release also removes use of a deprecated Flask feature (not user facing) and fixed the tests to work with Python 3.10 and 3.11, which we now test in CI.
- WSGI support - in addition to the bare
create_appfactory function, there is now acreate_configurd_appfactory function, which uses the same argument parsing as running from the CLI; this allows for using an external WSGI server while taking advantage of the environment variables and configuration file support to set the configuration (briantist#28). - healthchecks - the first health check endpoint has been added, which can be used for load balancers, reverse proxies, smart DNS, and more (briantist#30).
- upstream proxying - merge the
requestsenvironment for proxied requests so that environment variables such asREQUESTS_CA_BUNDLEare used appropriately (briantist#25).
- generated URLs had no way to set the scheme for use reverse proxies or load balancers (briantist#27).
- the
/api/endpoint did not define a route that didn't end in/, which caused Flask to issue a redirect, however the redirect does not use the preferred scheme (briantist#29). - the
hreffield in responses did not use the new support for schemes (briantist#29). - the bare
collections/endpoint was not using authorization and would have failed if authentication was required to read from Artifactory (briantist#29). - upstream proxying - proxied requests used the
Accept:header of the request, sometimes resulting in HTML from the upstream and a resulting 500 error since the response was not JSON (briantist#31). - upstream proxying - proxied requests with an
Accept-Encoding: br(brotli compression) header would fail decoding because of the lack of a brotli decoder (briantist#32).
Property setting is now done at upload time, which removes another piece of Pro license code, but may cause issues with certain reverse proxy configurations. A new fallback option is introduced to use the old behavior, but it may be removed in a future version.
- property setting - by default properties are now set on the initial upload of a collection to Artifactory. This removes an additional roundtrip to the server, and removes another API call that requires a Pro license of Artifactory. However, some reverse proxy configurations will not work with this. A new parameter
USE_PROPERTY_FALLBACKhas been added which will use the old behavior of setting properties in a second request, but this will still require a Pro license to use. This option may be removed in a future version. See (briantist#19).
With this release we've added the ability to block the use of a configured API key with the publish endpoint, preventing clients from publishing anonymously.
- manifest loading - galactory no longer uses Artifactory's "Archive Entry Download" endpoint, removing one piece of code that requires a pro license or greater (briantist#5, briantist#16).
- publish endpoint - add
PUBLISH_SKIP_CONFIGURED_KEYoption which disallows using a configured API key on thepublishendpoint (briantist#14).
This release contains cache control options. This enables more scenarios for proxying, such as proxying with no Artifactory API key, or one without write permission. The cache expiry time can now be configured, and it can be set independently in different galactory instances pointed at the same cache in artifactory.
- proxy cache - finer control over when and what gets cached when proxying upstream, allowing for proxy configurations with less permission in artifactory (briantist#4, briantist#13).
This release adds much improved configuration support.
- configuration - all options can now be configured via environment variables, direct in CLI, or in config files (briantist#12).
ARM64 containers are now part of the release process. The meaning of the latest tag for containers now refers to the build from the latest git tag rather than the latest commit.
Containers are now also tagged with the branch name to correspond to the latest commit in a specific branch, for example ghcr.io/briantist/galactory:main.
There are no functional changes in this release.
- container releases - change meaning of container tags, add ARM64 container releases (briantist#10, briantist#11).
Some big reliability and performance enhancements included in ths release.
- connections - retries are now done automatically both on proxied upstream requests and on requests to Artifactory (briantist#7, briantist#8).
- performance - optimizations when iterating collections allow a huge reduction in the number of requests to artifactory needed (briantist#9).
Adds a new option to control the server name in generated links.
- Allow server name to be configurable via the
--server-nameCLI option (briantist#3).
The first release of Galactory, with support for upstream proxying.