Skip to content

v1.9.0
Compare
Choose a tag to compare
@malud malud released this 08 Jun 11:42
· 12 commits to release.1.9 since this release
v1.9.0
cd55778

1.9.0

Couper 1.9 is a feature release bringing more comfort and enhanced stability to the Couper configuration. It also improves the permission handling and provides a couple of bug fixes. For a complete list of changes see below.

As of release 1.9 it is possible to split a Couper configuration into multiple .hcl-files. You can now, for example, use different configuration files for your api, files and definitions blocks, or keep your development, testing and production setups separated. All the configuration files given at startup will be merged together.

The new block beta_health (beta) allows you to configure recurring health check requests for a backend. By default, Couper won't request backends considered unhealthy which might help them recover due to the reduced amount of requests. The current health state of a backend can be accessed by variable. Changes in healthiness will be logged and exported as metrics.

To make permission handling easier to grasp we've dropped the term scope and accordingly changed the names of the beta_scope, beta_scope_claim and beta_scope_map attributes to beta_required_permission, beta_permissions_claim and beta_permissions_map, respectively. Furthermore, beta_required_permission (formerly beta_scope) can now be an HCL expression. If beta_required_permission is specified in both an endpoint and its parent api block, the former overrides the latter. Our permission handling examples illustrate some common use cases: basic example, roles example, map example

Along with this release goes the latest extension for VSCode which now indicates misplaced blocks and attributes, missing block labels and so on. We've also updated the completion suggestions and fixed a couple of syntax highlighting issues.

  • Added

    • Couper now reads and merges multiple configuration files (#437, #515)
    • beta_health-block to backend-block to enable continuous health-checks for defined backends (#313)
      • backends.<name>.health variable to access the current health-check state (subject to change)
    • Log malformed duration settings (#487)
    • url attribute could make use of our wildcard pattern /** and relative urls in combination with a backend reference (#480)
    • jwks_max_stale in jwt block (#502)
    • jwks_ttl, jwks_max_stale and configuration_max_stale in oidc block (#502)
    • Error handling for backend, backend_openapi_validation and backend_timeout error types (#490)
    • response.bytes log-field to backend logs if read from body, fallback is the Content-Length header (#494)
    • Error types endpoint and access_control (#500)

  • Changed

    • Permission handling: (#477, #504)
      • renamed beta_scope attribute for api and endpoint blocks to beta_required_permission; beta_required_permission in endpoint now overriding beta_required_permission in containing api block; allowing an expression as attribute value
      • renamed beta_scope_claim and beta_scope_map attributes for jwt block to beta_permissions_claim and beta_permissions_map
      • removed beta_operation_denied and beta_scope error types
      • renamed beta_insufficient_scope error type to beta_insufficient_permissions
      • added request.context.beta_required_permission and request.context.beta_granted_permissions request variables
    • Clarified the type of various attributes/variables (#485)
    • spa block can be defined multiple times now (#510)
    • files block can be defined multiple times now (#513)

  • Fixed

    • Keys in object type attribute values are only handled case-insensitively if reasonable (e.g. they represent HTTP methods or header field values) (#461)
    • Multiple labels for error_handler blocks (#462)
    • error_handler blocks for an error type defined in both endpoint and api (#469)
    • Request methods are treated case-insensitively when comparing them to methods in the allowed_methods attribute of api or endpoint blocks (#478)
    • Do not allow multiple backend blocks in proxy and request blocks (#483)
    • Panic if an error_handler block following another error_handler block has no label (#486)
    • Spurious duplicate endpoint /** error for APIs sharing the same base path (#507)
    • Invalid (by OpenAPI validation) backend response missing in backend_responses (#501)
    • Ignore the expected_status check for a request configured via a proxy or request block if a backend error occured (#505)
    • merge() function removes key with null value. (#518)

  • Removed

    • support for beta_oidc block (use oidc block instead) (#475)
    • support for beta_oauth_authorization_url and beta_oauth_verifier functions (use oauth2_authorization_url and oauth2_verifier functions instead) (#475)
    • path attribute from endpoint (and proxy) block; use path attribute in backend block instead (#516)
Assets 14
Loading
0 Join discussion