All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Improve output of
project enrollcommand - Improve output of
node showandstatuscommands - Create a project member for exporting traces when the authority node starts
- Create and store a default project when starting an authority node
- Add more log messages
- Add the possibility to use boolean expressions for policy expressions
- Address review comments
- Implement updating route to the outlet in the existing inlet
- Add an http server to the node manager to return the node resources
- Improvements for commands' output to standardize their formatting
- Removed consumer/producer/direct services and added inlet service
- Introduced consumer resolution and publishing concepts and implementation
- Added abac rules to kafka inlet and oulet
- Introduce granular ac for kafka portal worker
- Added policy access control usage
- Introducing a variant of the secure channel which only exchange keys
- Using key exchanger in kafka secure channel map
- Allow kafka portals to anchor trust on identities
- Switch to standard relay creation for kafka usage
- Use a different logger to log tracing/logging errors
- Updated dependencies
- Upgrade the rust version to 1.77
- Printing multi-line logs generated by commands stdout output
- Allow initial credential exchange for key exchange only
- Fix outgoing policy in kafka outlet
- Improve output of
node showcommand - If logging is enabled, command output will be redirected to the logs
- Improve output of
node createcommand - Updated dependencies
- Support https for outlets
- Export opentelemetry traces by default
- Make the api for creating outlets more flexible
- Support progress_bar in command notifications
- Improve output of
node createcommand - Scope some repositories to a given node name
- When deleting a node, wait for node's process to finish
- Updated dependencies
- Set the global error handler even if logging is off
- Removed an empty file
- Add a attribute with the content of a node configuration file
- Add a user journey event when an identity has been created or imported
- Use outgoing access control
- Added kafka-inlet command and relative config side
- Updated dependencies
- Organize bats tests in different suites
- Move terminal code from command to api
- Kms identity can be used in regular api nodes
- Authority project admin credentials
- Admins are implicit members, enrollers as admins
identity createcan import an identity- Backcompatible encoding/decoding optimizations
- Improve output for
enrollcommand - Add one second cache for incoming and outgoing access control
- Flag to enable/disable enrollers-as-admins on authority
- Use https for the default opentelemetry collector endpoint
- Add bats coverage for
node create ./config.yamlcommand - Reply to v1 transport messages with v1 transport messages
- Enable the tracing context on the rust side
- Store enrollment email to local db
- Create 3 separate credential retriever types
- Introduce
disable_trust_context_idargument for authority - Updated dependencies
- Simplify
ProgressDisplayto remove the mutex used to stop the message recv end
- Fix routing and flow control for local kafka outlets
- Authority project admin credentials
- Admins are implicit members, enrollers as admins
identity createcan import an identity- Backcompatible encoding/decoding optimizations
- Improve output for
enrollcommand - Add one second cache for incoming and outgoing access control
- Flag to enable/disable enrollers-as-admins on authority
- Use https for the default opentelemetry collector endpoint
- Add bats coverage for
node create ./config.yamlcommand - Updated dependencies
- Simplify
ProgressDisplayto remove the mutex used to stop the message recv end
- Fix routing and flow control for local kafka outlets
- Tune the timeouts for checking if a node is ready
- Added manual tests to measure latency
- Upgraded kafka library, with kafka 3.7.0 support
- Propagating the errors from api clients to the command
- Add the node name to spans
- Instrument the tcp portal
- Instrument more functions for secure channels
- Start a new trace before sending a transport message
- Update display, log output in frequently used commands
- Introduced several cpu consumption optimizations
- Add an environment variable to specify if a user is an ockam developer
- Updated dependencies
- Don't initialize logging at all if log is not enabled
- Rename methods and variables to insist on the exporting
- Refactor the code thanks to pr review comments
- Do small renaming of some local variables
- Fix the blocking processing of spans and log records
- Fix the creation of a trace id from a project id in tests
- Remove resources when deleting a node
- Add support for additional kafka addons
- Improve ockam enroll command ux output, help, logs, errors
- Add opentelemetry tracing and logging support
- Allow running
resetcommand even if the database is in an invalid state - Restart a project journey if project is deleted
- Delete
TrustContext - Add
skip_is_running_checkto the authority node - Add application errors
- Improve ockam tcp-outlet commands ux output, help, logs, errors
- Improve credentials management
- Backup logs when app restarts inlet node
- Address review comments
- Instrument more functions for enrollement
- Simplifies
projectssection from therunconfig file - Introduce
subject.has_credential - Unify creation and retry connection for portal and relay
- Improve authority debug-ability
- Tcp inlet creation will always optional validate unless
--no-connection-waitis used - Add
--forceflag toenrollcommand and switch default behavior - Pass the tracing context at the ockam message level
- Add policies for resource types
- Improve portals reliability and integration tests
- Add an environment variable to configure a crates filter for log messages
- Create time-limited journeys
- Hash the host name used in the trace id
- Refactor
Project-related code - Update enroll ux with new help text, display, and log progress status messages
- Start a new trace for a background node
- Rework migrations
- Updated dependencies
- Move the handling of attributes expiration date to a layer above the repository
- Separate transport messages from local messages
- Enable tracing by default
- Incorporate review comments
- Extract the progress display as a separate struct
- Get the default project only once
- Fix clippy warnings on nightly
- Close the context automatically on each test macro execution
- Execute logging / tracing tests as integration tests
- Command's verbose argument now has preference over env vars
- Store policies isolated by node and resource
- Make the journeys test more robust
- Fix okta authenticator, add identities to members table
- Set the proper span id on the propagated tracing context
- Use a stable span name for the root span of the host journey
- Avoid leaking resources when one step of the cleanup fails
- Use the correct policies in inlets/outlets created by kafka services
- Policy bats tests
- Fixed flaky kafka integration test
- Fixed kafka-related flaky tests
- Put the tracing context field under a compilation flag
- Avoid triggering tokio invalid reference drop in test
- Disable portal packet counter field
- Do not enforce enrollment limit
- Do not log messages by default on command parsing errors
- Don't set a logging appender when logging is disabled
- Fix a sql query
- Get project identifier from model, without building the whole identity
- Use project auth identifier in the journey instead of identity
- Fix the flushing of traces
- Make the journeys test more robust
- Remove the tracing of sensitive parameters
- Remove
--resourceand--resource-typeargs frompolicy show|list|delete - Remove some unnecessary context stops
- Use
Fromfor converting errors - Make authority issued credentials ttl configurable
- Updated dependencies
- Updated dependencies
- Close unneeded tcp connections in various clients
- Updated dependencies
- Updated dependencies
- Updated dependencies
- Add
VersionedData::data_type. remove hash truncation
- Persist application data in a database
- Slim down the node manager worker(s_ch)
- Updated dependencies
- Don't create default node when retrieving it and doesn't exist
- Remove recursive calls in repository implementations
- Updated dependencies
- Updated dependencies
- Slim down the node manager worker(s_ch)
- Updated dependencies
- Add
VersionedData::data_type. remove hash truncation
- Persist application data in a database
- Updated dependencies
- Don't create default node when retrieving it and doesn't exist
- Remove recursive calls in repository implementations
- Add
VersionedData::data_type. remove hash truncation
- Persist application data in a database
- Updated dependencies
- Remove recursive calls in repository implementations
- Use
Identifieras a return type in public api - Updated dependencies
- Use
Identifieras a return type in public api - Updated dependencies
- Always using enum when representing the inlet connection status
- Updated dependencies
- Always using enum when representing the inlet connection status
- Updated dependencies
- Setup app's logs with the same features we use in the cli
- Updated dependencies
- Updated dependencies
- Updated dependencies
- Updated dependencies
- Make
Timestamparithmetic operations usage safer - Cli's
random_namefunction now returns human-readable two-word strings like 'fit-lark' - Move the controller address to the node manager
- Use better names for request / response headers
- Introduce a secure client for the controller
- Use controller, authority and project nodes
- Simplify connections
- Introduce a supervised node manager to support connection replacements
- Adjust the code after rebase
- Move the in memory node to the ockam api crate
- Package all reply / response methods into a client
- Use the client in the background node
- Put back the is_rust check to create forwarders
- Rename forwarder to relay
- Updated dependencies
- Fix the sending of messages
- Fix the code after rebasing
- Drop the in memory node and delete its node manager
- Remove an unused method
- Remove the need to keep a flag to skip defaults
- Remove two parameters from requests to the controller
- Remove the unused tag feature
- Remove the unused rpc proxy service
- Remove the supervised node manager
- Remove the secure clients struct
- Make
Timestamparithmetic operations usage safer - Cli's
random_namefunction now returns human-readable two-word strings like 'fit-lark' - Move the controller address to the node manager
- Use better names for request / response headers
- Introduce a secure client for the controller
- Use controller, authority and project nodes
- Simplify connections
- Introduce a supervised node manager to support connection replacements
- Adjust the code after rebase
- Move the in memory node to the ockam api crate
- Package all reply / response methods into a client
- Use the client in the background node
- Put back the is_rust check to create forwarders
- Rename forwarder to relay
- Updated dependencies
- Fix the sending of messages
- Fix the code after rebasing
- Remove an unused method
- Remove the need to keep a flag to skip defaults
- Remove two parameters from requests to the controller
- Remove the unused tag feature
- Remove the unused rpc proxy service
- Remove the supervised node manager
- Remove the secure clients struct
- Add authority tests
- Move authority node code level above in
ockam_api - Break up authenticator
- Updated dependencies
- Reset cli state if it can't be parsed
- Remove scopes for authority members
- Switch to new
Identitydesign - Adapt to new identity design
- Updated dependencies
- Switch to new
Identitydesign - Adapt to new identity design
- Updated dependencies
- Updated dependencies
- Added a direct local kafka for simple deployments and fixed service registry
- Improve tcp disconnect api
- Use proper url data type
- Create a relay to the default project after enrolling and when starting the app
- Move common code to
apiso we can removecommandfromapp - Updated dependencies
- Fix the cbor annotations for non-borrowed data
- Removed api lifetimes to access node manager operations directly
- Remove the
projectsfield fromNodeManagerto load them from theCliState
- Add more meaningful error messages for
CLiStateerrors
- Improve type safety for
FlowControls - Hide
SpawnervsProducerlogic under the hood - Replace
crate::Resultwithmiette::Resultas the main result type on command - Update ockam api services error responses to using a struct
- Updated dependencies
- Add more information about which processes use which files
- Add delete and list subcommands for kafka consumer/producer commands
- Document the layout of files for a node
- Extend direct authenticator service to list and delete members
- Make
AccessControloptional while starting aWorker - Full local kafka implementation which credential validation and flow control
- Updated dependencies
- Remove old config.json file and add migration
- Add unit tests for the node and identity initialization
- Rename import identity to decode identity since it is not importing anything
- Introduce a retrieve identity function returning an option
- Use identity identifiers for the creation of secure channels
- Use identity identifier for credentials
- Use an identity identifier for the node manager worker in kafka
- Use an identity identifier for the authority service
- Use a key value file storage for the vault
- Extract the vault_aws crate
- Simplify the identity state config
- Migrate the identities configuration
- Migrate only item paths
- Initialize the default node outside of the command run impl
- Move
FlowControlstoContextand make it mandatory - Make
FlowControlmore mistake-resistant - Improve
RpcProxyService - Improve
TCP::connect()and::listen()outputs - Improve
::create_secure_channel()and::create_secure_channel_listener()output - Improve tcp command ux
- Updated dependencies
- Remove the need for a state item to know about the global state
- Remove unneeded
FlowControlsinstance fromAuth API
- Updated dependencies
- Remove the vault service which is not used
- Added a readme template and updated some readmes
- Apply cli_state abstraction to identities and projects
- Apply cli_state abstraction to credentials and trust_contexts
- Apply cli_state abstraction to nodes
- Authority node creation
- Updated dependencies
- Move to the smaller, cargo-team maintained
homecrate - Fix docs build for api and multiaddr crates
- Create a default project policy for a tcp inlet/outlet
- Extract identity as an entity
- Moved the builder functions to their respective structs
- Formatting
- Move the lmdb storage
- Ockam enroll outputs a ticket containing code and project
- Create abstraction for the cli state directories and applies it to the vaults state
- Allow kafka reconnection when project connection goes down
- Use the tcp constant for the transport type
- Updated dependencies
- Do not recreate an identity state if it already exists
- Resolve transport addresses as a separate step
- Remove the vault service endpoint for getting secret data
- Removed the put_identity function on identities writer
- Add trust context struct and traits
- Add trust context config and insantiate node manager with trust options
- Add trust context option to node create, use trust context with credential option
- Add more bats tests for trust context
- Add
RpcProxyService - Add a limited version of the
ockam runcommand - Add config directly to trust context state
- Implement custom get_env
- Use trust context within the creation of ockam_api secure channels
- Trust context fully dictates cred check on node man
- Introduce
TrustOptions::insecure()and::insecure_test() - Start using
session_idfor outgoing secure channels inockam_apiandockam_command - Make message flow
Sessionswork with replacementSessions - Reduce usage of
::insecure() - Rename
create_tcp_session->multiaddr_to_route - Rename
insecure_test->new - Rename
Sessions->FlowControls - Rename
TrustOptions->Options - Use cli state for trust context and default trust context
- Disable
FlowControlfor loopback tcp connections and listeners - Updated dependencies
- Fix project deletion from state
- Fix
authenticatedcommand &Sessions - Fixes after tough rebase
- Include trust-context path in ockam reset
- Remove few unwraps
- Add
create_tcp_sessiontoockam_command - Add missing serialize / deserialize instances
- Create tcp_connection along with secure channels in the same function call
- Use sessions in ockam_api
- Make trust arguments mandatory
Sessionsupdate- Create an authority node
- Start the authority node with the node create command
- Retrieve the identity authority before creating the authority node
- Show the authority node as up
- Retry the creation of the lmdb database in case of a failure
- Refactor tuple to api-transport struct
- Move
multiaddr_to_socket_addrmethod intoMultiAddr - Don't try to delete files or directories which are already deleted
- Updated dependencies
- Fixed the compilation errors with the tag feature
- Fix clippy warnings on test code
- Node duplication error
- Node duplication error
- Use the same criteria for checking if a node exists
- Make the authority_node field optional
- Make
ockam resetdelete specific state files - When deleting the default vault/identity/project the data and the link are deleted
- Remove warnings
- Removed type parameters exposing implementation details
- Remove the need for _arc functions
- Remove the legacy storage migration code
- Add print encodable output
- Refactor
CliStateso it can be built using an explicit directory - Update
ockam_apiandockam_commandaccording toTCPupdates - Parse
/node/n1to/worker/addrafter connecting to the node via tcp - Extend
ockam_apitransport info - Use abac in authority services implementation
- Expand credential commands
- Update secure-channel create to allow for a provided credential
- Updated dependencies
- Fixes broken tests for macos, let the os choose available ports
- Reorganize bats tests to run them in parallel
- 'ockam enroll' overwrites current configuration instead of returning error
- Update cli_state test with credentials entry
- Add default subcommand to node
- Pre-trusted identity identifiers attributes
- Use credential instead of credentials
- Usable kafka sidecar implementation
- Standardize where authority stores membership information
- Implemented kafka message encryption and orchestrator integration
- Bump aws-sdk-kms to 0.24.0 and aws-config to 0.54.1
- Split cddl schema files & merge when cbor api validation is needed
- Updated dependencies
- Deleting a vault won't affect the default
- Remove the lifetime annotation on
CredentialandAttributes
- Add command to set the default vault
- Add command to set the default identity
- Recipient returns an error instead of panicking
- Nodestate implement check whether a node is running
- Updated dependencies
- Apply
clippy --fix - Deleting an identity won't affect the default
- Add kafka commands to request starting the producer/consumer services
- Add flag to reload enrollers from a file
- Add influxdb lease commands, orchestrator client, and default project
- Create
SecureChannelRegistry - Move
storageandregistrytoIdentity - Refactor
CliStateso theauthenticated_storageis stored in the identities dir - Implement vaults delete command
- Updated dependencies
- Vault deletion logic from
CliState
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry - Add
MultiAddr::matches - Add policy command
- Add command to list policies of a resource
- Add support to
project enrollto set attributes
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddressconsts for default services addresses - Change echo worker to accept any message
- Recover remote forwarder
- Resolve forwarder project name in manager
ockam node showto use dynamic data from node- Recover tcp inlet
- Use
Arc<RwLock<NodeManager>>in recovery - Implement
PolicyStoragetrait for lmdb - Okta identity provider
- Complete policy delete functionality
- Wrap stored policy expressions
- Rename inlet and outlet policy resources
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Cleanup
- Changes due to review comments
- Review feedback
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddressconsts for default services addresses - Change echo worker to accept any message
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddressconsts for default services addresses - Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate - Add
Inlet/OutlettoRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credentialto binary - Make
IdentityChangeHistorycrate public, cleanup usage - Move credentials to
ockam_identity - Improve credential verification
- Get rid of old
ockam_apimodule - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credentialmodule toockamcrate
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifierencodable - Move
CowStrandCowBytestoockam_core - Move api structs to
ockam_core - Updated dependencies
- Clippy lints
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Updated dependencies
- Clippy lints
- Remove ability to set arbitrary attributes
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Updated dependencies
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Add
Identitybasic functionality toockam_api - Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
Storage->AuthenticatedTable- Identity updates
AuthenticatedTable->AuthenticatedStorage- Move
multiaddr_to_routetoockam_api - Allow conversion from route to multiaddr
- Partially convert ockam_command to use multiaddr
- Add
to_vec()forRequestBuilderandResponseBuilder
- Move ockam_vault service to ockam_api
- Move ockam_identity service to ockam_api
- Update nodemanager service to ockam_api structures
- Move node manager service to ockam_api crate
- Minicbor typetags, cli-cloud advances
- Apply style feedback
- Add builders to ockam_api
- Add ockam_api_nodes
- Add command-line interface for nodes api
- Add cloud enroll, space and project subcommands
- Add cowbytes and cowstr
- Add
into_ownedforCowStrandCowBytes - Add pid query to nodeman worker
- Add auth api
- Add clould invitation subcommands
- Add enrollment token + fixes to other commands
- Ensure command-line args are not empty
- Rename new_context to new_detached
- Improve schema validation
- Avoid
ockam_identitydependency inockam_api - Change
Defertype forCowStrandCowBytes - Make
Methodenum exhaustive - Move
TypeTagtoockam_core - Extend
RequestandResponseencode api - Updated dependencies
- Rename subject to authenticated
- Remove reqwest dependency in ockam_api
- Add ockam_api
- Updated dependencies