Skip to content

Releases: apiman/apiman

3.1.0.RC3

21 Mar 12:50
@github-actions github-actions
3.1.0.RC3
dd31c22
Compare
Choose a tag to compare
3.1.0.RC3 Latest
Latest

Changelog

All notable changes to Apiman will be documented here (as of Apiman 3).

3.1.0-SNAPSHOT

Added

  • [metrics-es]: allow logging metrics to file with write-to option. To facilitate scrape-based metrics patterns, this commit allows Apiman’s ES metrics to be written to a log file as JSON via whichever logging framework you are using (asynchronously). You can set any combination of remote (ES server) or/and log (local). By Marc Savy (@msavy).

Changed

  • A variety of dependencies have been updated across the Apiman codebase in order to keep users secure. If you don’t want to upgrade, speak to your long-term support provider.
  • [manager-api-rest]: Apiman Manager API now has an OpenAPI v3 schema! You can access this at /openapi.json or /openapi.yml. For example, http://localhost:8080/apiman/openapi.json. By Marc Savy (@msavy).
  • Default plugin registry and API catalogue JSON files are now in the GitHub release, rather than directly in the repository. By Marc Savy (@msavy).
  • Converted Apiman into a monorepo (as far as possible). Apiman plugins, default API catalogue, default plugin registry, developer portal, docker images, amongst others, have been painstakingly merged in. CI pipelines have also been updated to reflect this. Multi-repository releases are difficult with GitHub CI, so this will hopefully make more frequent releases much easier. By Marc Savy (@msavy).

Removed

  • [manager-api-rest]: Removed obsolete Qmino API documentation generator. I would like to thank the Qmino team for their support over the years. By Marc Savy (@msavy).

Fixed

  • fix[gateway-vertx]: in Keycloak discovery code getAllowedIssuers check was mistakenly inverted. By ronimhd.
  • fix[manager-api]: register subtypes for deserializing policy probe response, this step was
    inadvertently removed during refactoring. By Florian Volk (@volkflo).
  • fix[ui]: move validation function for IP list into validate function to ensure list valid when switching between IP policies. By Florian Volk (@volkflo).
  • fix[gateway-engine-es]: throw ClientNotFoundException if client not found when unregistering. By Florian Volk (@volkflo).
  • [manager-api]: Perform unregister only if client is in correct state. By Florian Volk (@volkflo).

Full Changelog: 3.0.0.Final...3.1.0-SNAPSHOT

3.0.0.Final

Thanks

A huge thanks to every company that has worked with Apiman’s main developer via consulting, support, sponsoring features, or other means. Without financial support, Apiman open source will not continue to be developed.

Particular thanks go to the team at Scheer PAS who sponsored a considerable amount of the work that is in the 3.0.0.Final release.

Added

  • [manager-api] Events*: versioned events are now emitted inside Apiman for a number of important business actions. These are consumed internally within Apiman, but are also inserted into a transactional outbox* inside the database using the CloudEvents format. You can use CDC software, such as Debezium to integrate Apiman’s events into your messaging platform of choice, such as Apache Kafka. A wide variety of rich business functionality can be enabled via this integration. By Marc Savy (@msavy).
  • [manager-api] Notifications: notifications for important events are now generated and sent to the appropriate user(s) and/or group(s). This is driven by the event system. For example, when an API requires approval, all users with the apiEditor permission will receive an in-browser notification and email notification. In-browser notifications can be seen by pressing the bell in the top-right corner of the screen. Notifications can be disabled entirely in apiman.properties. By Marc Savy (@msavy).
  • [manager-api] Email notifications and templates: a fully templated and i18n-friendly email notification system, which is driven by the events subsystems. This can easily be customised by the user to change the look-and-feel or text. Email notifications are disabled by default in apiman.properties. By Marc Savy (@msavy).
  • [manager-api] API signup approvals: an API version can be offered via different plans. You can now choose to require that a user receive explicit approval before being allowed access to the API. Appropriate notifications (including emails, if enabled), are sent to all relevant parties for signup, approval, rejection, etc. By Marc Savy (@msavy).
  • [distro] Docker compose quickstart distro: provides an out-of-the-box full platform deployment of Apiman, broken down into its components in a way that is more representative of a real-world deployment. By Marc Savy (@msavy).
  • [manager-api] User locale: where possible, the user’s preferred locale is now stored in their Apiman profile any async events that require it, such as emails. By Marc Savy (@msavy).
  • [manager-api] Implicit permissions system (discoverability): an implicit read permissions system that layers on top of the explicit permissions systems that already exist in Apiman. It allows API providers to expose specific APIs to consumers who are not members of their organisation. For example, if you have an API that you want non-members to be able to consume, this feature addresses your needs. For more, see Apiman Discoverability. By Marc Savy (@msavy).
  • [manager-api] Developer portal API: designed specifically for our Apiman Developer Portal, this API allows anonymous access to certain Apiman APIs for browsing, with increased access for logged-in users. Various extensions to the data model for newer features. By Marc Savy (@msavy).
  • [ui] Developer portal manager UI: a new tab called in the Apiman Manager UI which is available when creating an API. This enables the API provider to decide various portal-related settings, plan ordering, which plans are visible to which users, markdown documentation for developers, API logo, etc. By Marc Savy (@msavy).
  • [ui] Developer portal UI: an entirely new user interface for Apiman, dedicated to API consumers. The portal provides a focussed, slipstreamed, and customisable/skinnable experience, without all the noise of the main UI’s advanced features. The devportal repository is current separate, please refer to their changes independently. This is different from the previous developer portal that you may have seen with Apiman 2.x. A considerable amount of work has gone into this project, and huge credit goes to the sponsors and contributors.
  • [gateway-core] Policy probes: allows policies to expose their internal state to the Apiman Manager for interrogation. For example, "what is the current rate limit status for X?". Even custom policies can implement this new functionality. By Marc Savy (@msavy).
  • [metrics-es] Elasticsearch metrics can optionally collect custom request headers, response headers, and query parameters, according to regular expressions provided by the user. The Elasticsearch schema will be extended dynamically. This feature required a change to the core of Apiman, but was done in a backwards compatible way. Other metrics implementations should be able to make use of this change (sponsorship welcome). By Marc Savy (@msavy).
  • [manager-api-jpa]: Apiman Manager automatic database migrations (from 3.0.0.Final onwards): Liquibase SQL/DDL migrations have been refactored, with the Liquibase CDI Migrator integrated into the project directly. This stores which migrations have been run before, and applies only the latest SQL migrations for the Apiman Manager SQL backend, so a full export-import for every new Apiman version should not be needed any more. It can be disabled, if you prefer. By Marc Savy (@msavy).
  • [distro]: Standalone docker images: standardised and supported standalone images for Apiman that will be useful for users planning to use Apiman in a real-world deployment. By Florian Volk (@volkflo).
  • [ui] Quick navigation sidebar: on the left-hand side of the Apiman Manager UI there is now a multi-tiered sidebar to navigate quickly to various areas of the Apiman Manager UI. By Florian Volk (@volkflo) and Bastian Gembalczyk (@BastianGem).
  • [logging]: Apiman logger is now used everywhere; it can be accessed statically from anywhere (including Apiman policy plugins), via ApimanLoggerFactory.getLogger(YourClazz.class). The previous approach tried to be very flexible, but ended up mostly being inconvenient and clumsy. An appropriate logger implementation is selected for each platform Apiman ships on, rather than leaving it for the user. By Marc Savy (@msavy).
  • [build]: introduced the Apiman Parent BOM (io.apiman:apiman-parent:<version>). This contains managed versions of all Apiman Maven ...
Assets 4

3.1.0.RC4

21 Mar 13:17
@github-actions github-actions
3.1.0.RC4
1f024e6
Compare
Choose a tag to compare
3.1.0.RC4 Pre-release
Pre-release

Changelog

All notable changes to Apiman will be documented here (as of Apiman 3).

3.1.0-SNAPSHOT

Added

  • [metrics-es]: allow logging metrics to file with write-to option. To facilitate scrape-based metrics patterns, this commit allows Apiman’s ES metrics to be written to a log file as JSON via whichever logging framework you are using (asynchronously). You can set any combination of remote (ES server) or/and log (local). By Marc Savy (@msavy).

Changed

  • A variety of dependencies have been updated across the Apiman codebase in order to keep users secure. If you don’t want to upgrade, speak to your long-term support provider.
  • [manager-api-rest]: Apiman Manager API now has an OpenAPI v3 schema! You can access this at /openapi.json or /openapi.yml. For example, http://localhost:8080/apiman/openapi.json. By Marc Savy (@msavy).
  • Default plugin registry and API catalogue JSON files are now in the GitHub release, rather than directly in the repository. By Marc Savy (@msavy).
  • Converted Apiman into a monorepo (as far as possible). Apiman plugins, default API catalogue, default plugin registry, developer portal, docker images, amongst others, have been painstakingly merged in. CI pipelines have also been updated to reflect this. Multi-repository releases are difficult with GitHub CI, so this will hopefully make more frequent releases much easier. By Marc Savy (@msavy).

Removed

  • [manager-api-rest]: Removed obsolete Qmino API documentation generator. I would like to thank the Qmino team for their support over the years. By Marc Savy (@msavy).

Fixed

  • fix[gateway-vertx]: in Keycloak discovery code getAllowedIssuers check was mistakenly inverted. By ronimhd.
  • fix[manager-api]: register subtypes for deserializing policy probe response, this step was
    inadvertently removed during refactoring. By Florian Volk (@volkflo).
  • fix[ui]: move validation function for IP list into validate function to ensure list valid when switching between IP policies. By Florian Volk (@volkflo).
  • fix[gateway-engine-es]: throw ClientNotFoundException if client not found when unregistering. By Florian Volk (@volkflo).
  • [manager-api]: Perform unregister only if client is in correct state. By Florian Volk (@volkflo).

Full Changelog: 3.0.0.Final...3.1.0-SNAPSHOT

3.0.0.Final

Thanks

A huge thanks to every company that has worked with Apiman’s main developer via consulting, support, sponsoring features, or other means. Without financial support, Apiman open source will not continue to be developed.

Particular thanks go to the team at Scheer PAS who sponsored a considerable amount of the work that is in the 3.0.0.Final release.

Added

  • [manager-api] Events*: versioned events are now emitted inside Apiman for a number of important business actions. These are consumed internally within Apiman, but are also inserted into a transactional outbox* inside the database using the CloudEvents format. You can use CDC software, such as Debezium to integrate Apiman’s events into your messaging platform of choice, such as Apache Kafka. A wide variety of rich business functionality can be enabled via this integration. By Marc Savy (@msavy).
  • [manager-api] Notifications: notifications for important events are now generated and sent to the appropriate user(s) and/or group(s). This is driven by the event system. For example, when an API requires approval, all users with the apiEditor permission will receive an in-browser notification and email notification. In-browser notifications can be seen by pressing the bell in the top-right corner of the screen. Notifications can be disabled entirely in apiman.properties. By Marc Savy (@msavy).
  • [manager-api] Email notifications and templates: a fully templated and i18n-friendly email notification system, which is driven by the events subsystems. This can easily be customised by the user to change the look-and-feel or text. Email notifications are disabled by default in apiman.properties. By Marc Savy (@msavy).
  • [manager-api] API signup approvals: an API version can be offered via different plans. You can now choose to require that a user receive explicit approval before being allowed access to the API. Appropriate notifications (including emails, if enabled), are sent to all relevant parties for signup, approval, rejection, etc. By Marc Savy (@msavy).
  • [distro] Docker compose quickstart distro: provides an out-of-the-box full platform deployment of Apiman, broken down into its components in a way that is more representative of a real-world deployment. By Marc Savy (@msavy).
  • [manager-api] User locale: where possible, the user’s preferred locale is now stored in their Apiman profile any async events that require it, such as emails. By Marc Savy (@msavy).
  • [manager-api] Implicit permissions system (discoverability): an implicit read permissions system that layers on top of the explicit permissions systems that already exist in Apiman. It allows API providers to expose specific APIs to consumers who are not members of their organisation. For example, if you have an API that you want non-members to be able to consume, this feature addresses your needs. For more, see Apiman Discoverability. By Marc Savy (@msavy).
  • [manager-api] Developer portal API: designed specifically for our Apiman Developer Portal, this API allows anonymous access to certain Apiman APIs for browsing, with increased access for logged-in users. Various extensions to the data model for newer features. By Marc Savy (@msavy).
  • [ui] Developer portal manager UI: a new tab called in the Apiman Manager UI which is available when creating an API. This enables the API provider to decide various portal-related settings, plan ordering, which plans are visible to which users, markdown documentation for developers, API logo, etc. By Marc Savy (@msavy).
  • [ui] Developer portal UI: an entirely new user interface for Apiman, dedicated to API consumers. The portal provides a focussed, slipstreamed, and customisable/skinnable experience, without all the noise of the main UI’s advanced features. The devportal repository is current separate, please refer to their changes independently. This is different from the previous developer portal that you may have seen with Apiman 2.x. A considerable amount of work has gone into this project, and huge credit goes to the sponsors and contributors.
  • [gateway-core] Policy probes: allows policies to expose their internal state to the Apiman Manager for interrogation. For example, "what is the current rate limit status for X?". Even custom policies can implement this new functionality. By Marc Savy (@msavy).
  • [metrics-es] Elasticsearch metrics can optionally collect custom request headers, response headers, and query parameters, according to regular expressions provided by the user. The Elasticsearch schema will be extended dynamically. This feature required a change to the core of Apiman, but was done in a backwards compatible way. Other metrics implementations should be able to make use of this change (sponsorship welcome). By Marc Savy (@msavy).
  • [manager-api-jpa]: Apiman Manager automatic database migrations (from 3.0.0.Final onwards): Liquibase SQL/DDL migrations have been refactored, with the Liquibase CDI Migrator integrated into the project directly. This stores which migrations have been run before, and applies only the latest SQL migrations for the Apiman Manager SQL backend, so a full export-import for every new Apiman version should not be needed any more. It can be disabled, if you prefer. By Marc Savy (@msavy).
  • [distro]: Standalone docker images: standardised and supported standalone images for Apiman that will be useful for users planning to use Apiman in a real-world deployment. By Florian Volk (@volkflo).
  • [ui] Quick navigation sidebar: on the left-hand side of the Apiman Manager UI there is now a multi-tiered sidebar to navigate quickly to various areas of the Apiman Manager UI. By Florian Volk (@volkflo) and Bastian Gembalczyk (@BastianGem).
  • [logging]: Apiman logger is now used everywhere; it can be accessed statically from anywhere (including Apiman policy plugins), via ApimanLoggerFactory.getLogger(YourClazz.class). The previous approach tried to be very flexible, but ended up mostly being inconvenient and clumsy. An appropriate logger implementation is selected for each platform Apiman ships on, rather than leaving it for the user. By Marc Savy (@msavy).
  • [build]: introduced the Apiman Parent BOM (`io.apiman:apiman-parent:<versi...
Assets 4

3.1.0.RC2

17 Mar 17:27
@github-actions github-actions
3.1.0.RC2
623dc6e
Compare
Choose a tag to compare
3.1.0.RC2 Pre-release
Pre-release

Changelog

All notable changes to Apiman will be documented here (as of Apiman 3).

3.1.0-SNAPSHOT

Added

  • [metrics-es]: allow logging metrics to file with write-to option. To facilitate scrape-based metrics patterns, this commit allows Apiman’s ES metrics to be written to a log file as JSON via whichever logging framework you are using (asynchronously). You can set any combination of remote (ES server) or/and log (local). By Marc Savy (@msavy).

Changed

  • A variety of dependencies have been updated across the Apiman codebase in order to keep users secure. If you don’t want to upgrade, speak to your long-term support provider.
  • [manager-api-rest]: Apiman Manager API now has an OpenAPI v3 schema! You can access this at /openapi.json or /openapi.yml. For example, http://localhost:8080/apiman/openapi.json. By Marc Savy (@msavy).
  • Default plugin registry and API catalogue JSON files are now in the GitHub release, rather than directly in the repository. By Marc Savy (@msavy).
  • Converted Apiman into a monorepo (as far as possible). Apiman plugins, default API catalogue, default plugin registry, developer portal, docker images, amongst others, have been painstakingly merged in. CI pipelines have also been updated to reflect this. Multi-repository releases are difficult with GitHub CI, so this will hopefully make more frequent releases much easier. By Marc Savy (@msavy).

Removed

  • [manager-api-rest]: Removed obsolete Qmino API documentation generator. I would like to thank the Qmino team for their support over the years. By Marc Savy (@msavy).

Fixed

  • fix[gateway-vertx]: in Keycloak discovery code getAllowedIssuers check was mistakenly inverted. By ronimhd.
  • fix[manager-api]: register subtypes for deserializing policy probe response, this step was
    inadvertently removed during refactoring. By Florian Volk (@volkflo).
  • fix[ui]: move validation function for IP list into validate function to ensure list valid when switching between IP policies. By Florian Volk (@volkflo).
  • fix[gateway-engine-es]: throw ClientNotFoundException if client not found when unregistering. By Florian Volk (@volkflo).
  • [manager-api]: Perform unregister only if client is in correct state. By Florian Volk (@volkflo).

Full Changelog: 3.0.0.Final...3.1.0-SNAPSHOT

3.0.0.Final

Thanks

A huge thanks to every company that has worked with Apiman’s main developer via consulting, support, sponsoring features, or other means. Without financial support, Apiman open source will not continue to be developed.

Particular thanks go to the team at Scheer PAS who sponsored a considerable amount of the work that is in the 3.0.0.Final release.

Added

  • [manager-api] Events*: versioned events are now emitted inside Apiman for a number of important business actions. These are consumed internally within Apiman, but are also inserted into a transactional outbox* inside the database using the CloudEvents format. You can use CDC software, such as Debezium to integrate Apiman’s events into your messaging platform of choice, such as Apache Kafka. A wide variety of rich business functionality can be enabled via this integration. By Marc Savy (@msavy).
  • [manager-api] Notifications: notifications for important events are now generated and sent to the appropriate user(s) and/or group(s). This is driven by the event system. For example, when an API requires approval, all users with the apiEditor permission will receive an in-browser notification and email notification. In-browser notifications can be seen by pressing the bell in the top-right corner of the screen. Notifications can be disabled entirely in apiman.properties. By Marc Savy (@msavy).
  • [manager-api] Email notifications and templates: a fully templated and i18n-friendly email notification system, which is driven by the events subsystems. This can easily be customised by the user to change the look-and-feel or text. Email notifications are disabled by default in apiman.properties. By Marc Savy (@msavy).
  • [manager-api] API signup approvals: an API version can be offered via different plans. You can now choose to require that a user receive explicit approval before being allowed access to the API. Appropriate notifications (including emails, if enabled), are sent to all relevant parties for signup, approval, rejection, etc. By Marc Savy (@msavy).
  • [distro] Docker compose quickstart distro: provides an out-of-the-box full platform deployment of Apiman, broken down into its components in a way that is more representative of a real-world deployment. By Marc Savy (@msavy).
  • [manager-api] User locale: where possible, the user’s preferred locale is now stored in their Apiman profile any async events that require it, such as emails. By Marc Savy (@msavy).
  • [manager-api] Implicit permissions system (discoverability): an implicit read permissions system that layers on top of the explicit permissions systems that already exist in Apiman. It allows API providers to expose specific APIs to consumers who are not members of their organisation. For example, if you have an API that you want non-members to be able to consume, this feature addresses your needs. For more, see Apiman Discoverability. By Marc Savy (@msavy).
  • [manager-api] Developer portal API: designed specifically for our Apiman Developer Portal, this API allows anonymous access to certain Apiman APIs for browsing, with increased access for logged-in users. Various extensions to the data model for newer features. By Marc Savy (@msavy).
  • [ui] Developer portal manager UI: a new tab called in the Apiman Manager UI which is available when creating an API. This enables the API provider to decide various portal-related settings, plan ordering, which plans are visible to which users, markdown documentation for developers, API logo, etc. By Marc Savy (@msavy).
  • [ui] Developer portal UI: an entirely new user interface for Apiman, dedicated to API consumers. The portal provides a focussed, slipstreamed, and customisable/skinnable experience, without all the noise of the main UI’s advanced features. The devportal repository is current separate, please refer to their changes independently. This is different from the previous developer portal that you may have seen with Apiman 2.x. A considerable amount of work has gone into this project, and huge credit goes to the sponsors and contributors.
  • [gateway-core] Policy probes: allows policies to expose their internal state to the Apiman Manager for interrogation. For example, "what is the current rate limit status for X?". Even custom policies can implement this new functionality. By Marc Savy (@msavy).
  • [metrics-es] Elasticsearch metrics can optionally collect custom request headers, response headers, and query parameters, according to regular expressions provided by the user. The Elasticsearch schema will be extended dynamically. This feature required a change to the core of Apiman, but was done in a backwards compatible way. Other metrics implementations should be able to make use of this change (sponsorship welcome). By Marc Savy (@msavy).
  • [manager-api-jpa]: Apiman Manager automatic database migrations (from 3.0.0.Final onwards): Liquibase SQL/DDL migrations have been refactored, with the Liquibase CDI Migrator integrated into the project directly. This stores which migrations have been run before, and applies only the latest SQL migrations for the Apiman Manager SQL backend, so a full export-import for every new Apiman version should not be needed any more. It can be disabled, if you prefer. By Marc Savy (@msavy).
  • [distro]: Standalone docker images: standardised and supported standalone images for Apiman that will be useful for users planning to use Apiman in a real-world deployment. By Florian Volk (@volkflo).
  • [ui] Quick navigation sidebar: on the left-hand side of the Apiman Manager UI there is now a multi-tiered sidebar to navigate quickly to various areas of the Apiman Manager UI. By Florian Volk (@volkflo) and Bastian Gembalczyk (@BastianGem).
  • [logging]: Apiman logger is now used everywhere; it can be accessed statically from anywhere (including Apiman policy plugins), via ApimanLoggerFactory.getLogger(YourClazz.class). The previous approach tried to be very flexible, but ended up mostly being inconvenient and clumsy. An appropriate logger implementation is selected for each platform Apiman ships on, rather than leaving it for the user. By Marc Savy (@msavy).
  • [build]: introduced the Apiman Parent BOM (`io.apiman:apiman-parent:<versi...
Assets 4

3.1.0-SNAPSHOT

29 Nov 18:25
@github-actions github-actions
3.1.0-SNAPSHOT
41778ad
This commit was signed with the committer’s verified signature.
msavy Marc Savy
GPG key ID: DEA87A7A9B3EBE62
Learn about vigilant mode.
Compare
Choose a tag to compare
3.1.0-SNAPSHOT Pre-release
Pre-release

Snapshot 3.1.0-SNAPSHOT. This is not a production-grade release!

Each time a snapshot of this version is built in CI, the artifacts in this release will be replaced.
The date you see on the release itself may therefore be misleading.

Assets 7

3.0.0.Final

29 Nov 16:42
@github-actions github-actions
3.0.0.Final
9989c45
Compare
Choose a tag to compare
3.0.0.Final

Please refer to our comprehensive changelog.

image

Assets 5

3.0.0.RC6

28 Nov 16:08
@github-actions github-actions
3.0.0.RC6
b467865
Compare
Choose a tag to compare
3.0.0.RC6 Pre-release
Pre-release

No changelog for this release.

Assets 8

3.0.0.RC5

28 Nov 14:17
@github-actions github-actions
3.0.0.RC5
63cd63c
Compare
Choose a tag to compare
3.0.0.RC5 Pre-release
Pre-release

No changelog for this release.

Assets 8

3.0.0.RC3

28 Nov 13:51
@github-actions github-actions
3.0.0.RC3
602647c
Compare
Choose a tag to compare
3.0.0.RC3 Pre-release
Pre-release

Release candidate (see full release for notes)

Assets 8

3.0.0-SNAPSHOT

16 Jul 14:41
@github-actions github-actions
3.0.0-SNAPSHOT
ac8ad38
This commit was signed with the committer’s verified signature.
msavy Marc Savy
GPG key ID: DEA87A7A9B3EBE62
Learn about vigilant mode.
Compare
Choose a tag to compare
3.0.0-SNAPSHOT Pre-release
Pre-release

Snapshot 3.0.0-SNAPSHOT. This is not a production-grade release!

Assets 5

2.2.3.Final

21 Apr 13:05
@github-actions github-actions
2.2.3.Final
656755f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare
2.2.3.Final

Bugs

  • fix(metrics-es): use custom index prefix without unnecessary underscore by @msavy in #1940

Full Changelog: 2.2.1.Final...2.2.3.Final

Contributors

msavy
Assets 8