All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Improve output of
project enroll
command - Improve output of
node show
andstatus
commands - Create a project member for exporting traces when the authority node starts
- Create and store a default project when starting an authority node
- Add more log messages
- Add the possibility to use boolean expressions for policy expressions
- Address review comments
- Implement updating route to the outlet in the existing inlet
- Add an http server to the node manager to return the node resources
- Improvements for commands' output to standardize their formatting
- Removed consumer/producer/direct services and added inlet service
- Introduced consumer resolution and publishing concepts and implementation
- Added abac rules to kafka inlet and oulet
- Introduce granular ac for kafka portal worker
- Added policy access control usage
- Introducing a variant of the secure channel which only exchange keys
- Using key exchanger in kafka secure channel map
- Allow kafka portals to anchor trust on identities
- Switch to standard relay creation for kafka usage
- Use a different logger to log tracing/logging errors
- Updated dependencies
- Upgrade the rust version to 1.77
- Printing multi-line logs generated by commands stdout output
- Allow initial credential exchange for key exchange only
- Fix outgoing policy in kafka outlet
- Improve output of
node show
command - If logging is enabled, command output will be redirected to the logs
- Improve output of
node create
command - Updated dependencies
- Support https for outlets
- Export opentelemetry traces by default
- Make the api for creating outlets more flexible
- Support progress_bar in command notifications
- Improve output of
node create
command - Scope some repositories to a given node name
- When deleting a node, wait for node's process to finish
- Updated dependencies
- Set the global error handler even if logging is off
- Removed an empty file
- Add a attribute with the content of a node configuration file
- Add a user journey event when an identity has been created or imported
- Use outgoing access control
- Added kafka-inlet command and relative config side
- Updated dependencies
- Organize bats tests in different suites
- Move terminal code from command to api
- Kms identity can be used in regular api nodes
- Authority project admin credentials
- Admins are implicit members, enrollers as admins
identity create
can import an identity- Backcompatible encoding/decoding optimizations
- Improve output for
enroll
command - Add one second cache for incoming and outgoing access control
- Flag to enable/disable enrollers-as-admins on authority
- Use https for the default opentelemetry collector endpoint
- Add bats coverage for
node create ./config.yaml
command - Reply to v1 transport messages with v1 transport messages
- Enable the tracing context on the rust side
- Store enrollment email to local db
- Create 3 separate credential retriever types
- Introduce
disable_trust_context_id
argument for authority - Updated dependencies
- Simplify
ProgressDisplay
to remove the mutex used to stop the message recv end
- Fix routing and flow control for local kafka outlets
- Authority project admin credentials
- Admins are implicit members, enrollers as admins
identity create
can import an identity- Backcompatible encoding/decoding optimizations
- Improve output for
enroll
command - Add one second cache for incoming and outgoing access control
- Flag to enable/disable enrollers-as-admins on authority
- Use https for the default opentelemetry collector endpoint
- Add bats coverage for
node create ./config.yaml
command - Updated dependencies
- Simplify
ProgressDisplay
to remove the mutex used to stop the message recv end
- Fix routing and flow control for local kafka outlets
- Tune the timeouts for checking if a node is ready
- Added manual tests to measure latency
- Upgraded kafka library, with kafka 3.7.0 support
- Propagating the errors from api clients to the command
- Add the node name to spans
- Instrument the tcp portal
- Instrument more functions for secure channels
- Start a new trace before sending a transport message
- Update display, log output in frequently used commands
- Introduced several cpu consumption optimizations
- Add an environment variable to specify if a user is an ockam developer
- Updated dependencies
- Don't initialize logging at all if log is not enabled
- Rename methods and variables to insist on the exporting
- Refactor the code thanks to pr review comments
- Do small renaming of some local variables
- Fix the blocking processing of spans and log records
- Fix the creation of a trace id from a project id in tests
- Remove resources when deleting a node
- Add support for additional kafka addons
- Improve ockam enroll command ux output, help, logs, errors
- Add opentelemetry tracing and logging support
- Allow running
reset
command even if the database is in an invalid state - Restart a project journey if project is deleted
- Delete
TrustContext
- Add
skip_is_running_check
to the authority node - Add application errors
- Improve ockam tcp-outlet commands ux output, help, logs, errors
- Improve credentials management
- Backup logs when app restarts inlet node
- Address review comments
- Instrument more functions for enrollement
- Simplifies
projects
section from therun
config file - Introduce
subject.has_credential
- Unify creation and retry connection for portal and relay
- Improve authority debug-ability
- Tcp inlet creation will always optional validate unless
--no-connection-wait
is used - Add
--force
flag toenroll
command and switch default behavior - Pass the tracing context at the ockam message level
- Add policies for resource types
- Improve portals reliability and integration tests
- Add an environment variable to configure a crates filter for log messages
- Create time-limited journeys
- Hash the host name used in the trace id
- Refactor
Project
-related code - Update enroll ux with new help text, display, and log progress status messages
- Start a new trace for a background node
- Rework migrations
- Updated dependencies
- Move the handling of attributes expiration date to a layer above the repository
- Separate transport messages from local messages
- Enable tracing by default
- Incorporate review comments
- Extract the progress display as a separate struct
- Get the default project only once
- Fix clippy warnings on nightly
- Close the context automatically on each test macro execution
- Execute logging / tracing tests as integration tests
- Command's verbose argument now has preference over env vars
- Store policies isolated by node and resource
- Make the journeys test more robust
- Fix okta authenticator, add identities to members table
- Set the proper span id on the propagated tracing context
- Use a stable span name for the root span of the host journey
- Avoid leaking resources when one step of the cleanup fails
- Use the correct policies in inlets/outlets created by kafka services
- Policy bats tests
- Fixed flaky kafka integration test
- Fixed kafka-related flaky tests
- Put the tracing context field under a compilation flag
- Avoid triggering tokio invalid reference drop in test
- Disable portal packet counter field
- Do not enforce enrollment limit
- Do not log messages by default on command parsing errors
- Don't set a logging appender when logging is disabled
- Fix a sql query
- Get project identifier from model, without building the whole identity
- Use project auth identifier in the journey instead of identity
- Fix the flushing of traces
- Make the journeys test more robust
- Remove the tracing of sensitive parameters
- Remove
--resource
and--resource-type
args frompolicy show|list|delete
- Remove some unnecessary context stops
- Use
From
for converting errors - Make authority issued credentials ttl configurable
- Updated dependencies
- Updated dependencies
- Close unneeded tcp connections in various clients
- Updated dependencies
- Updated dependencies
- Updated dependencies
- Add
VersionedData::data_type
. remove hash truncation
- Persist application data in a database
- Slim down the node manager worker(s_ch)
- Updated dependencies
- Don't create default node when retrieving it and doesn't exist
- Remove recursive calls in repository implementations
- Updated dependencies
- Updated dependencies
- Slim down the node manager worker(s_ch)
- Updated dependencies
- Add
VersionedData::data_type
. remove hash truncation
- Persist application data in a database
- Updated dependencies
- Don't create default node when retrieving it and doesn't exist
- Remove recursive calls in repository implementations
- Add
VersionedData::data_type
. remove hash truncation
- Persist application data in a database
- Updated dependencies
- Remove recursive calls in repository implementations
- Use
Identifier
as a return type in public api - Updated dependencies
- Use
Identifier
as a return type in public api - Updated dependencies
- Always using enum when representing the inlet connection status
- Updated dependencies
- Always using enum when representing the inlet connection status
- Updated dependencies
- Setup app's logs with the same features we use in the cli
- Updated dependencies
- Updated dependencies
- Updated dependencies
- Updated dependencies
- Make
Timestamp
arithmetic operations usage safer - Cli's
random_name
function now returns human-readable two-word strings like 'fit-lark' - Move the controller address to the node manager
- Use better names for request / response headers
- Introduce a secure client for the controller
- Use controller, authority and project nodes
- Simplify connections
- Introduce a supervised node manager to support connection replacements
- Adjust the code after rebase
- Move the in memory node to the ockam api crate
- Package all reply / response methods into a client
- Use the client in the background node
- Put back the is_rust check to create forwarders
- Rename forwarder to relay
- Updated dependencies
- Fix the sending of messages
- Fix the code after rebasing
- Drop the in memory node and delete its node manager
- Remove an unused method
- Remove the need to keep a flag to skip defaults
- Remove two parameters from requests to the controller
- Remove the unused tag feature
- Remove the unused rpc proxy service
- Remove the supervised node manager
- Remove the secure clients struct
- Make
Timestamp
arithmetic operations usage safer - Cli's
random_name
function now returns human-readable two-word strings like 'fit-lark' - Move the controller address to the node manager
- Use better names for request / response headers
- Introduce a secure client for the controller
- Use controller, authority and project nodes
- Simplify connections
- Introduce a supervised node manager to support connection replacements
- Adjust the code after rebase
- Move the in memory node to the ockam api crate
- Package all reply / response methods into a client
- Use the client in the background node
- Put back the is_rust check to create forwarders
- Rename forwarder to relay
- Updated dependencies
- Fix the sending of messages
- Fix the code after rebasing
- Remove an unused method
- Remove the need to keep a flag to skip defaults
- Remove two parameters from requests to the controller
- Remove the unused tag feature
- Remove the unused rpc proxy service
- Remove the supervised node manager
- Remove the secure clients struct
- Add authority tests
- Move authority node code level above in
ockam_api
- Break up authenticator
- Updated dependencies
- Reset cli state if it can't be parsed
- Remove scopes for authority members
- Switch to new
Identity
design - Adapt to new identity design
- Updated dependencies
- Switch to new
Identity
design - Adapt to new identity design
- Updated dependencies
- Updated dependencies
- Added a direct local kafka for simple deployments and fixed service registry
- Improve tcp disconnect api
- Use proper url data type
- Create a relay to the default project after enrolling and when starting the app
- Move common code to
api
so we can removecommand
fromapp
- Updated dependencies
- Fix the cbor annotations for non-borrowed data
- Removed api lifetimes to access node manager operations directly
- Remove the
projects
field fromNodeManager
to load them from theCliState
- Add more meaningful error messages for
CLiState
errors
- Improve type safety for
FlowControls
- Hide
Spawner
vsProducer
logic under the hood - Replace
crate::Result
withmiette::Result
as the main result type on command - Update ockam api services error responses to using a struct
- Updated dependencies
- Add more information about which processes use which files
- Add delete and list subcommands for kafka consumer/producer commands
- Document the layout of files for a node
- Extend direct authenticator service to list and delete members
- Make
AccessControl
optional while starting aWorker
- Full local kafka implementation which credential validation and flow control
- Updated dependencies
- Remove old config.json file and add migration
- Add unit tests for the node and identity initialization
- Rename import identity to decode identity since it is not importing anything
- Introduce a retrieve identity function returning an option
- Use identity identifiers for the creation of secure channels
- Use identity identifier for credentials
- Use an identity identifier for the node manager worker in kafka
- Use an identity identifier for the authority service
- Use a key value file storage for the vault
- Extract the vault_aws crate
- Simplify the identity state config
- Migrate the identities configuration
- Migrate only item paths
- Initialize the default node outside of the command run impl
- Move
FlowControls
toContext
and make it mandatory - Make
FlowControl
more mistake-resistant - Improve
RpcProxyService
- Improve
TCP
::connect()
and::listen()
outputs - Improve
::create_secure_channel()
and::create_secure_channel_listener()
output - Improve tcp command ux
- Updated dependencies
- Remove the need for a state item to know about the global state
- Remove unneeded
FlowControls
instance fromAuth API
- Updated dependencies
- Remove the vault service which is not used
- Added a readme template and updated some readmes
- Apply cli_state abstraction to identities and projects
- Apply cli_state abstraction to credentials and trust_contexts
- Apply cli_state abstraction to nodes
- Authority node creation
- Updated dependencies
- Move to the smaller, cargo-team maintained
home
crate - Fix docs build for api and multiaddr crates
- Create a default project policy for a tcp inlet/outlet
- Extract identity as an entity
- Moved the builder functions to their respective structs
- Formatting
- Move the lmdb storage
- Ockam enroll outputs a ticket containing code and project
- Create abstraction for the cli state directories and applies it to the vaults state
- Allow kafka reconnection when project connection goes down
- Use the tcp constant for the transport type
- Updated dependencies
- Do not recreate an identity state if it already exists
- Resolve transport addresses as a separate step
- Remove the vault service endpoint for getting secret data
- Removed the put_identity function on identities writer
- Add trust context struct and traits
- Add trust context config and insantiate node manager with trust options
- Add trust context option to node create, use trust context with credential option
- Add more bats tests for trust context
- Add
RpcProxyService
- Add a limited version of the
ockam run
command - Add config directly to trust context state
- Implement custom get_env
- Use trust context within the creation of ockam_api secure channels
- Trust context fully dictates cred check on node man
- Introduce
TrustOptions::insecure()
and::insecure_test()
- Start using
session_id
for outgoing secure channels inockam_api
andockam_command
- Make message flow
Sessions
work with replacementSessions
- Reduce usage of
::insecure()
- Rename
create_tcp_session
->multiaddr_to_route
- Rename
insecure_test
->new
- Rename
Sessions
->FlowControls
- Rename
TrustOptions
->Options
- Use cli state for trust context and default trust context
- Disable
FlowControl
for loopback tcp connections and listeners - Updated dependencies
- Fix project deletion from state
- Fix
authenticated
command &Sessions
- Fixes after tough rebase
- Include trust-context path in ockam reset
- Remove few unwraps
- Add
create_tcp_session
toockam_command
- Add missing serialize / deserialize instances
- Create tcp_connection along with secure channels in the same function call
- Use sessions in ockam_api
- Make trust arguments mandatory
Sessions
update- Create an authority node
- Start the authority node with the node create command
- Retrieve the identity authority before creating the authority node
- Show the authority node as up
- Retry the creation of the lmdb database in case of a failure
- Refactor tuple to api-transport struct
- Move
multiaddr_to_socket_addr
method intoMultiAddr
- Don't try to delete files or directories which are already deleted
- Updated dependencies
- Fixed the compilation errors with the tag feature
- Fix clippy warnings on test code
- Node duplication error
- Node duplication error
- Use the same criteria for checking if a node exists
- Make the authority_node field optional
- Make
ockam reset
delete specific state files - When deleting the default vault/identity/project the data and the link are deleted
- Remove warnings
- Removed type parameters exposing implementation details
- Remove the need for _arc functions
- Remove the legacy storage migration code
- Add print encodable output
- Refactor
CliState
so it can be built using an explicit directory - Update
ockam_api
andockam_command
according toTCP
updates - Parse
/node/n1
to/worker/addr
after connecting to the node via tcp - Extend
ockam_api
transport info - Use abac in authority services implementation
- Expand credential commands
- Update secure-channel create to allow for a provided credential
- Updated dependencies
- Fixes broken tests for macos, let the os choose available ports
- Reorganize bats tests to run them in parallel
- 'ockam enroll' overwrites current configuration instead of returning error
- Update cli_state test with credentials entry
- Add default subcommand to node
- Pre-trusted identity identifiers attributes
- Use credential instead of credentials
- Usable kafka sidecar implementation
- Standardize where authority stores membership information
- Implemented kafka message encryption and orchestrator integration
- Bump aws-sdk-kms to 0.24.0 and aws-config to 0.54.1
- Split cddl schema files & merge when cbor api validation is needed
- Updated dependencies
- Deleting a vault won't affect the default
- Remove the lifetime annotation on
Credential
andAttributes
- Add command to set the default vault
- Add command to set the default identity
- Recipient returns an error instead of panicking
- Nodestate implement check whether a node is running
- Updated dependencies
- Apply
clippy --fix
- Deleting an identity won't affect the default
- Add kafka commands to request starting the producer/consumer services
- Add flag to reload enrollers from a file
- Add influxdb lease commands, orchestrator client, and default project
- Create
SecureChannelRegistry
- Move
storage
andregistry
toIdentity
- Refactor
CliState
so theauthenticated_storage
is stored in the identities dir - Implement vaults delete command
- Updated dependencies
- Vault deletion logic from
CliState
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Add
MultiAddr::matches
- Add policy command
- Add command to list policies of a resource
- Add support to
project enroll
to set attributes
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddress
consts for default services addresses - Change echo worker to accept any message
- Recover remote forwarder
- Resolve forwarder project name in manager
ockam node show
to use dynamic data from node- Recover tcp inlet
- Use
Arc<RwLock<NodeManager>>
in recovery - Implement
PolicyStorage
trait for lmdb - Okta identity provider
- Complete policy delete functionality
- Wrap stored policy expressions
- Rename inlet and outlet policy resources
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Cleanup
- Changes due to review comments
- Review feedback
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddress
consts for default services addresses - Change echo worker to accept any message
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddress
consts for default services addresses - Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Updated dependencies
- Clippy lints
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Updated dependencies
- Clippy lints
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Updated dependencies
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
Storage
->AuthenticatedTable
- Identity updates
AuthenticatedTable
->AuthenticatedStorage
- Move
multiaddr_to_route
toockam_api
- Allow conversion from route to multiaddr
- Partially convert ockam_command to use multiaddr
- Add
to_vec()
forRequestBuilder
andResponseBuilder
- Move ockam_vault service to ockam_api
- Move ockam_identity service to ockam_api
- Update nodemanager service to ockam_api structures
- Move node manager service to ockam_api crate
- Minicbor typetags, cli-cloud advances
- Apply style feedback
- Add builders to ockam_api
- Add ockam_api_nodes
- Add command-line interface for nodes api
- Add cloud enroll, space and project subcommands
- Add cowbytes and cowstr
- Add
into_owned
forCowStr
andCowBytes
- Add pid query to nodeman worker
- Add auth api
- Add clould invitation subcommands
- Add enrollment token + fixes to other commands
- Ensure command-line args are not empty
- Rename new_context to new_detached
- Improve schema validation
- Avoid
ockam_identity
dependency inockam_api
- Change
Defer
type forCowStr
andCowBytes
- Make
Method
enum exhaustive - Move
TypeTag
toockam_core
- Extend
Request
andResponse
encode api - Updated dependencies
- Rename subject to authenticated
- Remove reqwest dependency in ockam_api
- Add ockam_api
- Updated dependencies