Skip to content

Releases: zalando/skipper

v0.21.203

20 Sep 17:49
e34f988
Compare
Choose a tag to compare

Changes

filters/auth: release tokeninfo cache mutex earlier (#3241)

  • filters/auth: reset parallelism for BenchmarkTokeninfoCache

  • filters/auth: release tokeninfo cache mutex earlier

Cached value is readonly so release cache mutex early to
copy and adjust cached value outside of critical section.

goos: linux
goarch: amd64
pkg: github.com/zalando/skipper/filters/auth
cpu: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
                                                  │    HEAD~1    │                 HEAD                 │
                                                  │    sec/op    │    sec/op     vs base                │
TokeninfoCache/tokens=1,cacheSize=1,p=0-8           639.4n ± 21%   271.9n ±  6%  -57.48% (p=0.000 n=10)
TokeninfoCache/tokens=2,cacheSize=2,p=0-8           625.7n ± 24%   420.4n ± 32%  -32.81% (p=0.000 n=10)
TokeninfoCache/tokens=100,cacheSize=100,p=0-8       869.8n ± 17%   463.4n ±  3%  -46.72% (p=0.000 n=10)
TokeninfoCache/tokens=100,cacheSize=100,p=10000-8   670.8n ± 12%   594.6n ±  2%  -11.36% (p=0.000 n=10)
TokeninfoCache/tokens=4,cacheSize=2,p=0-8           2.553m ±  1%   2.554m ±  1%        ~ (p=0.684 n=10)
TokeninfoCache/tokens=100,cacheSize=10,p=0-8        2.581m ±  1%   2.566m ±  0%        ~ (p=0.089 n=10)
geomean                                             10.74µ         7.688µ        -28.44%

                                                  │   HEAD~1   │                HEAD                 │
                                                  │    B/op    │    B/op     vs base                 │
TokeninfoCache/tokens=1,cacheSize=1,p=0-8           344.0 ± 0%   344.0 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=2,cacheSize=2,p=0-8           344.0 ± 0%   344.0 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=0-8       344.0 ± 0%   344.0 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=10000-8   366.0 ± 0%   366.0 ± 1%       ~ (p=0.452 n=10)
TokeninfoCache/tokens=4,cacheSize=2,p=0-8           27.00 ± 4%   27.00 ± 0%       ~ (p=0.474 n=10)
TokeninfoCache/tokens=100,cacheSize=10,p=0-8        28.00 ± 7%   27.00 ± 7%       ~ (p=0.259 n=10)
geomean                                             149.7        148.8       -0.60%
¹ all samples are equal

                                                  │    HEAD~1    │                HEAD                 │
                                                  │  allocs/op   │ allocs/op   vs base                 │
TokeninfoCache/tokens=1,cacheSize=1,p=0-8           3.000 ± 0%     3.000 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=2,cacheSize=2,p=0-8           3.000 ± 0%     3.000 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=0-8       3.000 ± 0%     3.000 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=10000-8   3.000 ± 0%     3.000 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=4,cacheSize=2,p=0-8           0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=10,p=0-8        0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
geomean                                                        ²               +0.00%                ²
¹ all samples are equal
² summaries must be >0 to compute geomean

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.203 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.203 skipper --help

v0.21.202

19 Sep 20:36
d161ac5
Compare
Choose a tag to compare

Changes

filters/auth: fix assert usage in tokeninfocache tests (#3240)

Second argument of assert.Equal should be expected value.

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.202 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.202 skipper --help

v0.21.201

19 Sep 18:00
7f6f037
Compare
Choose a tag to compare

Changes

predicates/host: add HostAny benchmark (#3239)

Current implementation uses linear probe that works well for small number
of hosts.

I thought about implementing it using map lookup but that is slower for
less than 50 hosts so I propose to only keep the benchmark that may be used
for future improvements.

Here is comparison with map-based implementation for reference:

              │    HEAD~1    │                 HEAD                  │
              │    sec/op    │    sec/op      vs base                │
HostAny/1-8      3.738n ± 3%    5.844n ±  3%  +56.36% (p=0.000 n=10)
HostAny/2-8      7.728n ± 4%    9.274n ±  2%  +20.02% (p=0.000 n=10)
HostAny/5-8      11.32n ± 4%    13.09n ±  4%  +15.63% (p=0.000 n=10)
HostAny/10-8     22.35n ± 3%    11.86n ± 15%  -46.94% (p=0.000 n=10)
HostAny/20-8     7.684n ± 2%   11.310n ±  9%  +47.19% (p=0.000 n=10)
HostAny/50-8     66.75n ± 4%    12.10n ± 12%  -81.87% (p=0.000 n=10)
HostAny/100-8   161.80n ± 1%    11.92n ± 13%  -92.63% (p=0.000 n=10)
geomean          17.98n         10.46n        -41.79%

              │    HEAD~1    │                HEAD                 │
              │     B/op     │    B/op     vs base                 │
HostAny/1-8     0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/2-8     0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/5-8     0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/10-8    0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/20-8    0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/50-8    0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/100-8   0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
geomean                    ²               +0.00%                ²
¹ all samples are equal
² summaries must be >0 to compute geomean

              │    HEAD~1    │                HEAD                 │
              │  allocs/op   │ allocs/op   vs base                 │
HostAny/1-8     0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/2-8     0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/5-8     0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/10-8    0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/20-8    0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/50-8    0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
HostAny/100-8   0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=10) ¹
geomean                    ²               +0.00%                ²
¹ all samples are equal
² summaries must be >0 to compute geomean

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.201 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.201 skipper --help

v0.21.200

19 Sep 16:34
3c2a615
Compare
Choose a tag to compare

Changes

Add configurable cookie name prefix for the OIDC filter (#3234)

Allow specifying cookie name prefix for OIDC filters

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.200 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.200 skipper --help

v0.21.199

19 Sep 15:50
7b74d47
Compare
Choose a tag to compare

Changes

filters/auth: cache yaml config (#3225)

  • filters/auth: benchmark jwtMetrics filter creation

  • filters/auth: cache yaml config

Cache parsed yaml config for jwtMetrics and oauthTokeninfoValidate
filters to avoid parsing the same configuration over and over
when these filters are appended as default filters to all routes.

                          │     HEAD~1     │                 HEAD                 │
                          │     sec/op     │    sec/op     vs base                │
JwtMetrics_CreateFilter-8   30777.00n ± 6%   18.45n ± 11%  -99.94% (p=0.000 n=10)

                          │    HEAD~1    │                 HEAD                 │
                          │     B/op     │    B/op      vs base                 │
JwtMetrics_CreateFilter-8   24.33Ki ± 0%   0.00Ki ± 0%  -100.00% (p=0.000 n=10)

                          │   HEAD~1   │                HEAD                │
                          │ allocs/op  │ allocs/op  vs base                 │
JwtMetrics_CreateFilter-8   180.0 ± 0%    0.0 ± 0%  -100.00% (p=0.000 n=10)

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.199 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.199 skipper --help

v0.21.198

12 Sep 12:39
7cb3dc2
Compare
Choose a tag to compare

Changes

opa: pass URL query parameters to OPA policy evaluation (#3207)

Improve the envoy request adapting logic to include query parameters sent in the request.
This would allow the policy evaluationin opaAuthorizeRequest* and opaServeResponse* filters to make use of query parameters/values in the policy.

  • Add test cases to cover multi valued query params and trailing ? in URL path

  • Change the logic to build path with query params

    • Use escaped path + raw query string to build the path set in envoy request
    • Add test cases to cover few additional special cases (empty query string, space in path)
  • Use req.URL.RequestURI() to set the path with query params

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.198 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.198 skipper --help

v0.21.197

10 Sep 16:12
bd87e31
Compare
Choose a tag to compare

Changes

build(deps): bump the all-go-mod-patch-and-minor group across 1 directory with 6 updates (#3224)

Bumps the all-go-mod-patch-and-minor group with 5 updates in the / directory:

Package From To
github.com/instana/go-sensor 1.64.0 1.65.0
github.com/prometheus/client_golang 1.20.2 1.20.3
golang.org/x/crypto 0.26.0 0.27.0
golang.org/x/net 0.28.0 0.29.0
golang.org/x/oauth2 0.22.0 0.23.0

Updates github.com/instana/go-sensor from 1.64.0 to 1.65.0

Updates github.com/prometheus/client_golang from 1.20.2 to 1.20.3

Updates golang.org/x/crypto from 0.26.0 to 0.27.0

Updates golang.org/x/net from 0.28.0 to 0.29.0

Updates golang.org/x/oauth2 from 0.22.0 to 0.23.0

Updates golang.org/x/term from 0.23.0 to 0.24.0


updated-dependencies:

  • dependency-name: github.com/instana/go-sensor
    dependency-type: direct:production
    update-type: version-update:semver-minor
    dependency-group: all-go-mod-patch-and-minor
  • dependency-name: github.com/prometheus/client_golang
    dependency-type: direct:production
    update-type: version-update:semver-patch
    dependency-group: all-go-mod-patch-and-minor
  • dependency-name: golang.org/x/crypto
    dependency-type: direct:production
    update-type: version-update:semver-minor
    dependency-group: all-go-mod-patch-and-minor
  • dependency-name: golang.org/x/net
    dependency-type: direct:production
    update-type: version-update:semver-minor
    dependency-group: all-go-mod-patch-and-minor
  • dependency-name: golang.org/x/oauth2
    dependency-type: direct:production
    update-type: version-update:semver-minor
    dependency-group: all-go-mod-patch-and-minor
  • dependency-name: golang.org/x/term
    dependency-type: direct:production
    update-type: version-update:semver-minor
    dependency-group: all-go-mod-patch-and-minor
    ...

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.197 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.197 skipper --help

v0.21.196

10 Sep 15:22
04972ff
Compare
Choose a tag to compare

Changes

docs: fix HeaderRegexp example (#3222)

From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For

Elements are comma-separated, with optional whitespace surrounding the commas.
If a request goes through multiple proxies, the IP addresses of each successive proxy is listed.
This means that, given well-behaved client and proxies, the rightmost IP address is the IP address
of the most recent proxy and the leftmost IP address is the IP address of the originating client.

Fix example by removing trailing space.

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.196 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.196 skipper --help

v0.21.195

09 Sep 12:11
4460a02
Compare
Choose a tag to compare

Changes

build(deps): bump alpine from 0a4eaa0 to beefdbd in /packaging (#3218)

Bumps alpine from 0a4eaa0 to beefdbd.


updated-dependencies:

  • dependency-name: alpine
    dependency-type: direct:production
    ...

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.195 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.195 skipper --help

v0.21.194

09 Sep 11:55
04149c5
Compare
Choose a tag to compare

Changes

build(deps): bump oss-fuzz-base/base-builder-go in /.clusterfuzzlite (#3219)

Bumps oss-fuzz-base/base-builder-go from fea3ac4 to 71ed90b.


updated-dependencies:

  • dependency-name: oss-fuzz-base/base-builder-go
    dependency-type: direct:production
    ...

Multiarch Docker image

Multiarch Docker image is available in Github's docker registry:

docker run -it ghcr.io/zalando/skipper:v0.21.194 skipper --help

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.194 skipper --help