Releases: zalando/skipper
v0.21.203
Changes
filters/auth: release tokeninfo cache mutex earlier (#3241)
-
filters/auth: reset parallelism for BenchmarkTokeninfoCache
-
filters/auth: release tokeninfo cache mutex earlier
Cached value is readonly so release cache mutex early to
copy and adjust cached value outside of critical section.
goos: linux
goarch: amd64
pkg: github.com/zalando/skipper/filters/auth
cpu: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
│ HEAD~1 │ HEAD │
│ sec/op │ sec/op vs base │
TokeninfoCache/tokens=1,cacheSize=1,p=0-8 639.4n ± 21% 271.9n ± 6% -57.48% (p=0.000 n=10)
TokeninfoCache/tokens=2,cacheSize=2,p=0-8 625.7n ± 24% 420.4n ± 32% -32.81% (p=0.000 n=10)
TokeninfoCache/tokens=100,cacheSize=100,p=0-8 869.8n ± 17% 463.4n ± 3% -46.72% (p=0.000 n=10)
TokeninfoCache/tokens=100,cacheSize=100,p=10000-8 670.8n ± 12% 594.6n ± 2% -11.36% (p=0.000 n=10)
TokeninfoCache/tokens=4,cacheSize=2,p=0-8 2.553m ± 1% 2.554m ± 1% ~ (p=0.684 n=10)
TokeninfoCache/tokens=100,cacheSize=10,p=0-8 2.581m ± 1% 2.566m ± 0% ~ (p=0.089 n=10)
geomean 10.74µ 7.688µ -28.44%
│ HEAD~1 │ HEAD │
│ B/op │ B/op vs base │
TokeninfoCache/tokens=1,cacheSize=1,p=0-8 344.0 ± 0% 344.0 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=2,cacheSize=2,p=0-8 344.0 ± 0% 344.0 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=0-8 344.0 ± 0% 344.0 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=10000-8 366.0 ± 0% 366.0 ± 1% ~ (p=0.452 n=10)
TokeninfoCache/tokens=4,cacheSize=2,p=0-8 27.00 ± 4% 27.00 ± 0% ~ (p=0.474 n=10)
TokeninfoCache/tokens=100,cacheSize=10,p=0-8 28.00 ± 7% 27.00 ± 7% ~ (p=0.259 n=10)
geomean 149.7 148.8 -0.60%
¹ all samples are equal
│ HEAD~1 │ HEAD │
│ allocs/op │ allocs/op vs base │
TokeninfoCache/tokens=1,cacheSize=1,p=0-8 3.000 ± 0% 3.000 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=2,cacheSize=2,p=0-8 3.000 ± 0% 3.000 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=0-8 3.000 ± 0% 3.000 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=100,p=10000-8 3.000 ± 0% 3.000 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=4,cacheSize=2,p=0-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
TokeninfoCache/tokens=100,cacheSize=10,p=0-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
geomean ² +0.00% ²
¹ all samples are equal
² summaries must be >0 to compute geomean
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.203 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.203 skipper --help
v0.21.202
Changes
filters/auth: fix assert usage in tokeninfocache tests (#3240)
Second argument of assert.Equal should be expected value.
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.202 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.202 skipper --help
v0.21.201
Changes
predicates/host: add HostAny benchmark (#3239)
Current implementation uses linear probe that works well for small number
of hosts.
I thought about implementing it using map lookup but that is slower for
less than 50 hosts so I propose to only keep the benchmark that may be used
for future improvements.
Here is comparison with map-based implementation for reference:
│ HEAD~1 │ HEAD │
│ sec/op │ sec/op vs base │
HostAny/1-8 3.738n ± 3% 5.844n ± 3% +56.36% (p=0.000 n=10)
HostAny/2-8 7.728n ± 4% 9.274n ± 2% +20.02% (p=0.000 n=10)
HostAny/5-8 11.32n ± 4% 13.09n ± 4% +15.63% (p=0.000 n=10)
HostAny/10-8 22.35n ± 3% 11.86n ± 15% -46.94% (p=0.000 n=10)
HostAny/20-8 7.684n ± 2% 11.310n ± 9% +47.19% (p=0.000 n=10)
HostAny/50-8 66.75n ± 4% 12.10n ± 12% -81.87% (p=0.000 n=10)
HostAny/100-8 161.80n ± 1% 11.92n ± 13% -92.63% (p=0.000 n=10)
geomean 17.98n 10.46n -41.79%
│ HEAD~1 │ HEAD │
│ B/op │ B/op vs base │
HostAny/1-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/2-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/5-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/10-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/20-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/50-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/100-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
geomean ² +0.00% ²
¹ all samples are equal
² summaries must be >0 to compute geomean
│ HEAD~1 │ HEAD │
│ allocs/op │ allocs/op vs base │
HostAny/1-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/2-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/5-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/10-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/20-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/50-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
HostAny/100-8 0.000 ± 0% 0.000 ± 0% ~ (p=1.000 n=10) ¹
geomean ² +0.00% ²
¹ all samples are equal
² summaries must be >0 to compute geomean
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.201 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.201 skipper --help
v0.21.200
Changes
Add configurable cookie name prefix for the OIDC filter (#3234)
Allow specifying cookie name prefix for OIDC filters
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.200 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.200 skipper --help
v0.21.199
Changes
filters/auth: cache yaml config (#3225)
-
filters/auth: benchmark jwtMetrics filter creation
-
filters/auth: cache yaml config
Cache parsed yaml config for jwtMetrics
and oauthTokeninfoValidate
filters to avoid parsing the same configuration over and over
when these filters are appended as default filters to all routes.
│ HEAD~1 │ HEAD │
│ sec/op │ sec/op vs base │
JwtMetrics_CreateFilter-8 30777.00n ± 6% 18.45n ± 11% -99.94% (p=0.000 n=10)
│ HEAD~1 │ HEAD │
│ B/op │ B/op vs base │
JwtMetrics_CreateFilter-8 24.33Ki ± 0% 0.00Ki ± 0% -100.00% (p=0.000 n=10)
│ HEAD~1 │ HEAD │
│ allocs/op │ allocs/op vs base │
JwtMetrics_CreateFilter-8 180.0 ± 0% 0.0 ± 0% -100.00% (p=0.000 n=10)
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.199 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.199 skipper --help
v0.21.198
Changes
opa: pass URL query parameters to OPA policy evaluation (#3207)
Improve the envoy request adapting logic to include query parameters sent in the request.
This would allow the policy evaluationin opaAuthorizeRequest* and opaServeResponse* filters to make use of query parameters/values in the policy.
-
Add test cases to cover multi valued query params and trailing ? in URL path
-
Change the logic to build path with query params
- Use escaped path + raw query string to build the path set in envoy request
- Add test cases to cover few additional special cases (empty query string, space in path)
-
Use req.URL.RequestURI() to set the path with query params
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.198 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.198 skipper --help
v0.21.197
Changes
build(deps): bump the all-go-mod-patch-and-minor group across 1 directory with 6 updates (#3224)
Bumps the all-go-mod-patch-and-minor group with 5 updates in the / directory:
Package | From | To |
---|---|---|
github.com/instana/go-sensor | 1.64.0 |
1.65.0 |
github.com/prometheus/client_golang | 1.20.2 |
1.20.3 |
golang.org/x/crypto | 0.26.0 |
0.27.0 |
golang.org/x/net | 0.28.0 |
0.29.0 |
golang.org/x/oauth2 | 0.22.0 |
0.23.0 |
Updates github.com/instana/go-sensor
from 1.64.0 to 1.65.0
Updates github.com/prometheus/client_golang
from 1.20.2 to 1.20.3
Updates golang.org/x/crypto
from 0.26.0 to 0.27.0
Updates golang.org/x/net
from 0.28.0 to 0.29.0
Updates golang.org/x/oauth2
from 0.22.0 to 0.23.0
Updates golang.org/x/term
from 0.23.0 to 0.24.0
updated-dependencies:
- dependency-name: github.com/instana/go-sensor
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-go-mod-patch-and-minor - dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: all-go-mod-patch-and-minor - dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-go-mod-patch-and-minor - dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-go-mod-patch-and-minor - dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-go-mod-patch-and-minor - dependency-name: golang.org/x/term
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: all-go-mod-patch-and-minor
...
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.197 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.197 skipper --help
v0.21.196
Changes
docs: fix HeaderRegexp example (#3222)
From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For
Elements are comma-separated, with optional whitespace surrounding the commas.
If a request goes through multiple proxies, the IP addresses of each successive proxy is listed.
This means that, given well-behaved client and proxies, the rightmost IP address is the IP address
of the most recent proxy and the leftmost IP address is the IP address of the originating client.
Fix example by removing trailing space.
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.196 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.196 skipper --help
v0.21.195
Changes
build(deps): bump alpine from 0a4eaa0
to beefdbd
in /packaging (#3218)
Bumps alpine from 0a4eaa0
to beefdbd
.
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
...
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.195 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.195 skipper --help
v0.21.194
Changes
build(deps): bump oss-fuzz-base/base-builder-go in /.clusterfuzzlite (#3219)
Bumps oss-fuzz-base/base-builder-go from fea3ac4
to 71ed90b
.
updated-dependencies:
- dependency-name: oss-fuzz-base/base-builder-go
dependency-type: direct:production
...
Multiarch Docker image
Multiarch Docker image is available in Github's docker registry:
docker run -it ghcr.io/zalando/skipper:v0.21.194 skipper --help
Docker image
Docker image is available in Zalando's Open Source registry:
docker run -it registry.opensource.zalan.do/teapot/skipper:v0.21.194 skipper --help