All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Add default subcommand to node
- Pre-trusted identity identifiers attributes
- Use credential instead of credentials
- Usable kafka sidecar implementation
- Standarize where authority stores membership information
- Implemented kafka message encryption and orchestrator integration
- Bump aws-sdk-kms to 0.24.0 and aws-config to 0.54.1
- Split cddl schema files & merge when cbor api validation is needed
- Updated dependencies
- Deleting a vault won't affect the default
- Remove the lifetime annotation on
Credential
andAttributes
- Add command to set the default vault
- Add command to set the default identity
- Recipient returns an error instead of panicking
- Nodestate implement check whether a node is running
- Updated dependencies
- Apply
clippy --fix
- Deleting an identity won't affect the default
- Add kafka commands to request starting the producer/consumer services
- Add flag to reload enrollers from a file
- Add influxdb lease commands, orchestrator client, and default project
- Create
SecureChannelRegistry
- Move
storage
andregistry
toIdentity
- Refactor
CliState
so theauthenticated_storage
is stored in the identities dir - Implement vaults delete command
- Updated dependencies
- Vault deletion logic from
CliState
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Add
MultiAddr::matches
- Add policy command
- Add command to list policies of a resource
- Add support to
project enroll
to set attributes
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddress
consts for default services addresses - Change echo worker to accept any message
- Recover remote forwarder
- Resolve forwarder project name in manager
ockam node show
to use dynamic data from node- Recover tcp inlet
- Use
Arc<RwLock<NodeManager>>
in recovery - Implement
PolicyStorage
trait for lmdb - Okta identity provider
- Complete policy delete functionality
- Wrap stored policy expressions
- Rename inlet and outlet policy resources
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Cleanup
- Changes due to review comments
- Review feedback
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddress
consts for default services addresses - Change echo worker to accept any message
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Use
DefaultAddress
consts for default services addresses - Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Authority config keys must be strings
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate - Add
Inlet/Outlet
toRegistry
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Check controller's identity id when creating secure channel
- Always start signer service
- Replace signer with verifier
- Allow project metadata lookups and route substitution
- Change
VerifyRequest::credential
to binary - Make
IdentityChangeHistory
crate public, cleanup usage - Move credentials to
ockam_identity
- Improve credential verification
- Get rid of old
ockam_api
module - Return project names from multiaddr clean function
- Move project readiness logic into ockam_api
- Updated dependencies
- Clippy lints
- Fix schema validation
- Mutliaddr support for projects
- Creation of static forwarder at local nodes
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Add
credential
module toockam
crate
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Make
IdentityIdentifier
encodable - Move
CowStr
andCowBytes
toockam_core
- Move api structs to
ockam_core
- Updated dependencies
- Clippy lints
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Add project node identity to project cbor schema
- Add util::response module
- Add signer and direct enroller support
- Support different enroller/member store
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Rename ockam to service in multiaddr
- Integrate uppercase and echoer workers to nodemanager
- Implement stop command
- Use generic attributes in credential
- Allow export/import of identity
- Always require secure channel to authenticator
- Abstract over remote addresses with an alias system
- Cleaning up the alias configuration
- Genericise the node alias lookup system
- Simplify node configuration again
- Updated dependencies
- Clippy lints
- Remove ability to set arbitrary attributes
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Use temporary secure channel on cloud and enroll api endpoints
- Command config updates
- Updated dependencies
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
- Add
Identity
basic functionality toockam_api
- Add schema validation tests for cloud api types
- Add tests for api cloud endpoints + fixes error handling
- Use identity secure channels to communicate with orchestrator
- Extract common utils to process api services req/res/err
- Extract common utils to process api services req/res/err
- Move cloud api endpoints to run through the nodes service
Storage
->AuthenticatedTable
- Identity updates
AuthenticatedTable
->AuthenticatedStorage
- Move
multiaddr_to_route
toockam_api
- Allow conversion from route to multiaddr
- Partially convert ockam_command to use multiaddr
- Add
to_vec()
forRequestBuilder
andResponseBuilder
- Move ockam_vault service to ockam_api
- Move ockam_identity service to ockam_api
- Update nodemanager service to ockam_api structures
- Move node manager service to ockam_api crate
- Minicbor typetags, cli-cloud advances
- Apply style feedback
- Add builders to ockam_api
- Add ockam_api_nodes
- Add command-line interface for nodes api
- Add cloud enroll, space and project subcommands
- Add cowbytes and cowstr
- Add
into_owned
forCowStr
andCowBytes
- Add pid query to nodeman worker
- Add auth api
- Add clould invitation subcommands
- Add enrollment token + fixes to other commands
- Ensure command-line args are not empty
- Rename new_context to new_detached
- Improve schema validation
- Avoid
ockam_identity
dependency inockam_api
- Change
Defer
type forCowStr
andCowBytes
- Make
Method
enum exhaustive - Move
TypeTag
toockam_core
- Extend
Request
andResponse
encode api - Updated dependencies
- Rename subject to authenticated
- Remove reqwest dependency in ockam_api
- Add ockam_api
- Updated dependencies