v0.15.2

Deprecation Warning

• OPA support is deprecated. opa package and all its sub-packages is no longer supported. It still works with OPA v0 agent

What's Changed

• Minimum Go version bumped to 1.24
• Upgraded dependencies.
• Service Discovery:
  • Support scheme override when using DNS service discovery with fallback values.
• Command line tool (lanai-cli):
  • lanai-cli init: Allow service to ignore default tool installation by specifying empty binaries.[].version in Module.yml
  • lanai-cli init: Support for golangci-lint v2. Generate correct makefiles for both v1 and v2.
  • lanai-cli init: Added binaries/tool conflict check before tooling installation
  • Tests: Added basic test support for sub commands
• OAuth2:
  • Allow service developers to implement their own auth.TokenGranter and auth.TokenEnhancer on top of the oauth2 spec.
  • Allow service developers to implement their own auth.AuthorizationRegistry
  • Allow service developers to implement their own th_loader.Loader
• Minor bug fixes and more test coverage

Dependencies Upgrade Details

Library	From	To
github.com/getkin/kin-openapi	v0.127.0	v0.132.0
github.com/open-policy-agent/opa	v0.67.1	v1.4.2
-------	-----	-----
dario.cat/mergo	v1.0.0	v1.0.2
github.com/IBM/sarama	v1.43.2	v1.45.2
github.com/Masterminds/sprig/v3	v3.2.3	v3.3.0
github.com/alicebob/miniredis/v2	v2.33.0	v2.34.0
github.com/aws/aws-sdk-go-v2	v1.30.3	v1.36.3
github.com/aws/aws-sdk-go-v2/config	v1.27.27	v1.29.14
github.com/aws/aws-sdk-go-v2/credentials	v1.17.27	v1.17.67
github.com/aws/aws-sdk-go-v2/service/acm	v1.28.4	v1.32.0
github.com/aws/aws-sdk-go-v2/service/sts	v1.30.3	v1.33.19
github.com/beevik/etree	v1.4.1	v1.5.1
github.com/bmatcuk/doublestar/v4	v4.6.1	v4.8.1
github.com/crewjam/saml	v0.4.14	v0.5.1
github.com/gin-gonic/gin	v1.10.0	v1.10.1
github.com/go-git/go-git/v5	v5.13.1	v5.16.0
github.com/go-playground/validator/v10	v10.22.0	v10.26.0
github.com/hashicorp/consul/api	v1.30.0	v1.32.1
github.com/hashicorp/vault/api	v1.14.0	v1.16.0
github.com/hashicorp/vault/api/auth/kubernetes	v0.7.0	v0.9.0
github.com/jackc/pgx/v5	v5.6.0	v5.7.5
github.com/miekg/dns	v1.1.61	v1.1.66
github.com/onsi/gomega	v1.34.1	v1.37.0
github.com/pquerna/otp	v1.4.0	v1.5.0
github.com/rs/cors	v1.11.0	v1.11.1
github.com/russellhaering/goxmldsig	v1.4.0	v1.5.0
github.com/spf13/cobra	v1.8.1	v1.9.1
github.com/spf13/pflag	v1.0.5	v1.0.6
github.com/spyzhov/ajson	v0.9.3	v0.9.6
go.step.sm/crypto	v0.51.1	v0.64.0
go.uber.org/fx	v1.22.2	v1.24.0
gorm.io/driver/postgres	v1.5.9	v1.6.0
gorm.io/gorm	v1.25.11	v1.30.0
mvdan.cc/sh/v3	v3.8.0	v3.11.0
github.com/go-jose/go-jose/v4	v4.0.4	v4.1.0

Full Changelog: v0.15.1...v0.15.2

v0.15.1

Description

Minor release to upgrade Go and Nodejs dependencies

Upgraded Go Modules

Library	From	To
github.com/rs/cors	v1.10.1	v1.11.0
github.com/hashicorp/vault/api	v1.12.2	v1.14.0
github.com/hashicorp/vault/api/auth/kubernetes	v0.6.0	v0.7.0
github.com/hashicorp/go-retryablehttp	v0.6.6	v0.7.7
github.com/cockroachdb/copyist	v1.6.0	v1.7.0
github.com/jackc/pgproto3/v2	v2.1.1	v2.3.2*
github.com/jackc/pgconn	v1.10.0	v1.14.1*
-------	-----	-----
github.com/IBM/sarama	v1.43.0	v1.43.2
github.com/beevik/etree	v1.3.0	v1.4.1
github.com/aws/aws-sdk-go-v2	v1.26.0	v1.30.3
github.com/aws/aws-sdk-go-v2/config	v1.27.8	v1.27.27
github.com/aws/aws-sdk-go-v2/credentials	v1.17.8	v1.17.27
github.com/aws/aws-sdk-go-v2/service/acm	v1.25.3	v1.28.4
github.com/aws/aws-sdk-go-v2/service/sts	v1.28.5	v1.30.3
github.com/getkin/kin-openapi	v0.123.0	v0.127.0
github.com/gin-gonic/gin	v1.9.1	v1.10.0
github.com/go-playground/validator/v10	v10.19.0	v10.22.0
github.com/go-git/go-git/v5	v5.11.0	v5.12.0
github.com/go-redsync/redsync/v4	v4.12.1	v4.13.0
github.com/gorilla/websocket	v1.5.1	v1.5.3
github.com/hashicorp/consul/api	v1.28.2	v1.29.2
github.com/jackc/pgx/v5	v5.5.5	v5.6.0
github.com/miekg/dns	v1.1.58	v1.1.61
github.com/onsi/gomega	v1.32.0	v1.34.1
github.com/open-policy-agent/opa	v0.62.1	v0.67.1
github.com/shirou/gopsutil/v3	v3.24.2	v3.24.5
github.com/spf13/cobra	v1.8.0	v1.8.1
github.com/spyzhov/ajson	v0.9.1	v0.9.3
go.step.sm/crypto	v0.43.1	v0.51.1
go.uber.org/fx	v1.21.0	v1.22.2
golang.org/x/crypto	v0.23.0	v0.25.0
golang.org/x/net	v0.25.0	v0.27.0
golang.org/x/term	v0.20.0	v0.22.0
golang.org/x/text	v0.15.0	v0.16.0
gorm.io/driver/postgres	v1.5.7	v1.5.9
gorm.io/gorm	v1.25.8	v1.25.11

(*) Higher version available with potential breaking changes

v0.15.0

This Release Includes Breaking Changes

This release includes breaking changes.

• Extended the framework to support wider selections of SQL/PostgreSQL compatible database.
  • Package postgresql is added under data for supporting any PostgreSQL compatible databases.
  • Package cockroach is moved to postgresql as sub-package to provide CockroachDB-only features.
  • Properties (application.yml) under data.cockroach section is moved to data.db.
  • Any "PostgreSQL" specific types are moved to types/pqx package.
• Extended the framework to support more JWS algorithms. (security/oauth2/jwt package)
  • RSA specific implementations like jwt.NewRSAJwtEncoder are replaced by generic implementations like jwt.NewSignedJwtDecoder
  • HS, RS and ES signing algorithms are supported and the algorithm is automatically determined based on the type of public/private keys
  • Extended the private/public key support to various jwt.JwkStore implementations
  • Added jwt.RemoteJwkStore to leverage remote JWKSet endpoint
  • JWKSet endpoint in security/oauth2/auth now supports RSA, EC, oct (HMAC secret) and OKP (EdDSA)

Other Changes

• Introduced auth.ApprovalStore interface to allow customizing how to store user's approval decisions during OAuth2/Open ID Connect "authorization code" flow. See Auth Server Example
• ittest is now supporting HTTP recording/playback without using apptest.Bootstrap().
• Improved documentations of various packages such as data, test, test/dbtest, test/sectest, test/ittest, etc.
• Dependencies update
• Various bug fixes

PR History

• persist oauth2 authorize request approval in session by @TimShi in #411
• Added support for Postgresql database by @TimShi in #412
• Fixed an intermittent error in httpclient/client_test caused by test set up by @TimShi in #413
• updated the version of golang.org/x/net package by @TimShi in #415
• Added README for test package. by @TimShi in #414
• Updated license file to have the full apache license text. by @TimShi in #423
• Improvement ofsecurity/oauth2/jwt by @stonedu1011 in #418
• Improved JWK Support by @stonedu1011 in #424
• .github: Add Scorecard workflow by @cisco-service in #427
• Improve jwk file store to support different by @TimShi in #426
• Ittest improve by @stonedu1011 in #425

New Contributors

• @cisco-service made their first contribution in #427

Full Changelog: v0.14.0...v0.15.0

v0.14.0

This Release Includes Breaking Changes

This release includes breaking changes. The changes are introduced in order to extend the framework to add more implementation options for service discovery and distributed lock. In addition, support for go-kit is dropped.

What's Changed

New Features

• Consul become an optional package. When initialized (consul.Use()), Consul is registered with appconfig as a source of application properties
• Vault become an optional package. When initialized (vault.Use()), Vault is registered with appconfig as a source of application properties.
• Added dnssd for DNS SRV based service lookup. dnssd also support static service discovery as "fallback"
• Added Redis based distributed lock implementation

Breaking Changes

• Breaking change in discovery package:
  • consul backed service discovery is moved to a separate package. To use it, consulsd (formally known as discoveryinit) package need to be initialized with consulsd.Use(). consul.Use() is also a prerequisite for using Consul based service discovery
  • Properties for consulsd is relocated to to cloud.discovery.consul from cloud.consul.discovery
• Breaking change in integrate/httpclient package:
  • httpclient.Client.WithService(...) is changed to take optional SDOptions. Options includes default HTTP scheme and context-path, SD error handling and SD selector
  • The client now supports retry back-off period and custom retry logic
  • go-kit interfaces are removed
• Breaking change in integrate/security package:
  • Property integrate.security.service-name moved to integrate.security.endpoints.service-name
  • Added properties integrate.security.endpoints.scheme and integrate.security.endpoints.context-path
• Breaking change due to dropping usage and compatibility support of go-kit:
  • log.Logger no longer implements go-kit's Logger interface.
  • discovery.Instancer concrete implementations no longer implement go-kit's sd.Instancer interface.
  • web package interfaces re-organized to remove usage of go-kit's abstraction and server implementation.
• Breaking change due to dsync package refactoring:
  • dsync package is refactored to three packages dsync, consuldsync and redisdsync
  • dsync.Use() is removed, consuldsync.Use() or redisdsync.Use() should be used instead.
  • Removed web.Registrar.RegisterWithLifecycle()

Bug Fixes

• Fixed: When using go 1.21 or later, lanai-cli's init command would fail if the service's go.mod file contains a replace directive that pointed to a none-existent location.
• Fixed: a bug in make init-cli when go-lanai is not replaced by a local copy in the go.mod file.
• Fixed: a typo causing data packages fail to build when CGO_ENABLED=0
• Fixed: a bug in errorutils where errorutils.CodedError does not correctly implement errorutils.NestedError
• Fixed: a bug in bootstrap where bootstrap.AddOptions() was actually adding options to bootstrap.Module.PriorityOptions instead of bootstrap.Module.Options
• Fixed: a bug where httpclient package's error was not well formatted (#408).

Others

• Updated make files in examples to match the latest make file template.
• Updated main README.md and restructured documentation locations.
• Tracing package refactored to reduce unnecessary indirect dependencies. Instrument implementations are moved to their corresponding feature packages.

Full Changelog: v0.13.0...v0.14.0

v0.13.0

This Release Includes Breaking Changes

In this release, the module name is changed to github.com/cisco-open/go-lanai. This is a breaking change from previous release.
In addition some previously public methods and variables from security package is made private.

What's Changed

• Updated swagger UI to 4.19.1. Fixed the "standalone layout not found" error.
• Fixed a bug that caused tests with apptest.Bootstrap() to fail to start if there is no other apptest.XXX options configured.
• Security context, session and other security related items are now stored in utils.MutableContext instead of gin.Context.
• All context keys of security and web are made private.
• Breaking change of utils.MutableContext. gin.Context is no longer implementing utils.MutableContext interface.
• Breaking change of security.Clear(). It now sets an empty authentication instead of remove the authentication.
• Added security.Set(ctx, auth). security.Set(ctx, nil) is equivalent to the old security.Clear() behaviour.
• Breaking change of renaming module path to github.com/cisco-open
• Updated Dockerfile and Makefile templates to properly initialize development environment for projects that may use private modules.

Full Changelog: v0.12.0...v0.13.0

v0.12.0

Note

This is the last version of go-lanai under the name of https://cto-github.cisco.com/NFV-BU/go-lanai and this version contains all commits made to the original repository before it's migrated here.

What's Changed

• Upgraded dependencies.
• Vulnerability Fixes.
• Added examples for OAuth2 authentication/authorization service and resource service.
• Updated documents
• Increased test coverage on various feature packages.
• Bug fixes

What's New

• Added bootstrap.OrderedCliRunner to fine control execution order of tests/runners
• log is now backed by zap instead of go-kit/log for performance improvement

Full Changelog: v0.11.0...v0.12.0