From 84ad80248e8664a0ba1f12a4bf8342f1fdc6a213 Mon Sep 17 00:00:00 2001 From: spacewander Date: Tue, 17 May 2022 11:08:16 +0800 Subject: [PATCH 1/5] feat: release 2.14.0 Signed-off-by: spacewander --- .asf.yaml | 4 ++ CHANGELOG.md | 56 ++++++++++++++++ apisix/core/version.lua | 2 +- ci/centos7-ci.sh | 4 +- docs/en/latest/config.json | 2 +- docs/zh/latest/CHANGELOG.md | 56 ++++++++++++++++ docs/zh/latest/config.json | 2 +- rockspec/apisix-2.14.0-0.rockspec | 102 ++++++++++++++++++++++++++++++ 8 files changed, 223 insertions(+), 5 deletions(-) create mode 100644 rockspec/apisix-2.14.0-0.rockspec diff --git a/.asf.yaml b/.asf.yaml index 78b072fa3272..65ad127cfdf9 100644 --- a/.asf.yaml +++ b/.asf.yaml @@ -48,6 +48,10 @@ github: dismiss_stale_reviews: true require_code_owner_reviews: true required_approving_review_count: 2 + release/2.14: + required_pull_request_reviews: + require_code_owner_reviews: true + required_approving_review_count: 2 release/2.13: required_pull_request_reviews: require_code_owner_reviews: true diff --git a/CHANGELOG.md b/CHANGELOG.md index 094d6eb3d143..60bbda5f38f0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ title: Changelog ## Table of Contents +- [2.14.0](#2140) - [2.13.1](#2131) - [2.13.0](#2130) - [2.12.1](#2121) @@ -56,6 +57,61 @@ title: Changelog - [0.7.0](#070) - [0.6.0](#060) +## 2.14.0 + +### Change + +- To adapt the change of OpenTelemetry spec, the default port of OTLP/HTTP is changed to 4318: [#7007](https://github.com/apache/apisix/pull/7007) + +### Core + +- Introduce an experimental feature to allow subscribing Kafka message via APISIX. This feature is based on the pubsub framework running above websocket: + - [#7028](https://github.com/apache/apisix/pull/7028) + - [#7032](https://github.com/apache/apisix/pull/7032) +- Introduce an experimental framework called xRPC to manage non-HTTP L7 traffic: + - [#6885](https://github.com/apache/apisix/pull/6885) + - [#6901](https://github.com/apache/apisix/pull/6901) + - [#6919](https://github.com/apache/apisix/pull/6919) + - [#6960](https://github.com/apache/apisix/pull/6960) + - [#6965](https://github.com/apache/apisix/pull/6965) + - [#7040](https://github.com/apache/apisix/pull/7040) +- Now we support adding delay according to the command & key during proxying Redistraffic, which is built above xRPC: + - [#6999](https://github.com/apache/apisix/pull/6999) +- Introduce an experimental support to configure APISIX via xDS: + - [#6614](https://github.com/apache/apisix/pull/6614) + - [#6759](https://github.com/apache/apisix/pull/6759) +- Add an option to normalize uri like servlet: [#6984](https://github.com/apache/apisix/pull/6984) +- Zookeeper service discovery via apisix-seed: [#6751](https://github.com/apache/apisix/pull/6751) + +### Plugin + +- The real-ip plugin supports recursive IP search like `real_ip_recursive`: [#6988](https://github.com/apache/apisix/pull/6988) +- The api-breaker plugin allows configuring response: [#6949](https://github.com/apache/apisix/pull/6949) +- The response-rewrite plugin supports body filters: [#6750](https://github.com/apache/apisix/pull/6750) +- The request-id plugin adds nanoid algorithm to generate ID: [#6779](https://github.com/apache/apisix/pull/6779) +- The file-logger plugin can cache & reopen file handler: [#6721](https://github.com/apache/apisix/pull/6721) +- Add casdoor plugin: [#6382](https://github.com/apache/apisix/pull/6382) +- The authz-keycloak plugin supports password grant: [#6586](https://github.com/apache/apisix/pull/6586) + +### Bugfix + +- Upstream keepalive should consider TLS param: [#7054](https://github.com/apache/apisix/pull/7054) +- Do not expose internal error message to the client: + - [#6982](https://github.com/apache/apisix/pull/6982) + - [#6859](https://github.com/apache/apisix/pull/6859) + - [#6854](https://github.com/apache/apisix/pull/6854) + - [#6853](https://github.com/apache/apisix/pull/6853) + - [#6846](https://github.com/apache/apisix/pull/6846) +- DNS supports SRV record with port 0: [#6739](https://github.com/apache/apisix/pull/6739) +- client mTLS was ignored sometimes in TLS session reuse: [#6906](https://github.com/apache/apisix/pull/6906) +- The grpc-web plugin doesn't override Access-Control-Allow-Origin header in response: [#6842](https://github.com/apache/apisix/pull/6842) +- The syslog plugin's default timeout is corrected: [#6807](https://github.com/apache/apisix/pull/6807) +- The authz-keycloak plugin's `access_denied_redirect_uri` was bypassed sometimes: [#6794](https://github.com/apache/apisix/pull/6794) +- Handle `USR2` signal properly: [#6758](https://github.com/apache/apisix/pull/6758) +- The redirect plugin set a correct port during redirecting HTTP to HTTPS: + - [#6686](https://github.com/apache/apisix/pull/6686) +- Admin API rejects unknown stream plugin: [#6813](https://github.com/apache/apisix/pull/6813) + ## 2.13.1 **This is an LTS maintenance release and you can see the CHANGELOG in `release/2.13` branch.** diff --git a/apisix/core/version.lua b/apisix/core/version.lua index e5a2a92d13a4..6752826159b2 100644 --- a/apisix/core/version.lua +++ b/apisix/core/version.lua @@ -20,5 +20,5 @@ -- @module core.version return { - VERSION = "2.13.0" + VERSION = "2.14.0" } diff --git a/ci/centos7-ci.sh b/ci/centos7-ci.sh index 1eefc142589f..d6cc7fab734b 100755 --- a/ci/centos7-ci.sh +++ b/ci/centos7-ci.sh @@ -21,9 +21,9 @@ install_dependencies() { export_or_prefix - # install development tools + # install build & runtime deps yum install -y wget tar gcc automake autoconf libtool make unzip \ - git sudo openldap-devel + git sudo openldap-devel which # curl with http2 wget https://github.com/moparisthebest/static-curl/releases/download/v7.79.1/curl-amd64 -O /usr/bin/curl diff --git a/docs/en/latest/config.json b/docs/en/latest/config.json index 5e18f58a507d..cceda22a2c53 100644 --- a/docs/en/latest/config.json +++ b/docs/en/latest/config.json @@ -1,5 +1,5 @@ { - "version": "2.13.0", + "version": "2.14.0", "sidebar": [ { "type": "category", diff --git a/docs/zh/latest/CHANGELOG.md b/docs/zh/latest/CHANGELOG.md index e3e447c72ad6..a8f809c4ba69 100644 --- a/docs/zh/latest/CHANGELOG.md +++ b/docs/zh/latest/CHANGELOG.md @@ -23,6 +23,7 @@ title: CHANGELOG ## Table of Contents +- [2.14.0](#2140) - [2.13.1](#2131) - [2.13.0](#2130) - [2.12.1](#2121) @@ -56,6 +57,61 @@ title: CHANGELOG - [0.7.0](#070) - [0.6.0](#060) +## 2.14.0 + +### 改变 + +- 为了适应 OpenTelemetry 规范的变化,OTLP/HTTP 的默认端口改为 4318: [#7007](https://github.com/apache/apisix/pull/7007) + +### 核心 + +- 引入一个实验性功能,允许通过 APISIX 订阅 Kafka 消息。这个功能是基于 websocket 上面运行的 pubsub 框架。 + - [#7028](https://github.com/apache/apisix/pull/7028) + - [#7032](https://github.com/apache/apisix/pull/7032) +- 引入一个名为 xRPC 的实验性框架来管理非 HTTP 的 L7 流量。 + - [#6885](https://github.com/apache/apisix/pull/6885) + - [#6901](https://github.com/apache/apisix/pull/6901) + - [#6919](https://github.com/apache/apisix/pull/6919) + - [#6960](https://github.com/apache/apisix/pull/6960) + - [#6965](https://github.com/apache/apisix/pull/6965) + - [#7040](https://github.com/apache/apisix/pull/7040) +- 现在我们支持在代理 Redistraffic 过程中根据命令和键添加延迟,它建立在 xRPC 之上。 + - [#6999](https://github.com/apache/apisix/pull/6999) +- 引入实验性支持,通过 xDS 配置 APISIX。 + - [#6614](https://github.com/apache/apisix/pull/6614) + - [#6759](https://github.com/apache/apisix/pull/6759) +- 增加一个选项,像 servlet 一样规范化 URI。[#6984](https://github.com/apache/apisix/pull/6984) +- 通过 apisix-seed 实现 Zookeeper 服务发现:[#6751](https://github.com/apache/apisix/pull/6751) + +### 插件 + +- real-ip 插件支持像`real_ip_recursive`那样的递归 IP 搜索。[#6988](https://github.com/apache/apisix/pull/6988) +- api-breaker 插件允许配置响应。[#6949](https://github.com/apache/apisix/pull/6949) +- response-rewrite 插件支持正文过滤器。[#6750](https://github.com/apache/apisix/pull/6750) +- request-id 插件增加了 nanoid 算法来生成 ID:[#6779](https://github.com/apache/apisix/pull/6779) +- file-logger 插件可以缓存和重开 file handler。[#6721](https://github.com/apache/apisix/pull/6721) +- 增加 casdoor 插件。[#6382](https://github.com/apache/apisix/pull/6382) +- authz-keycloak 插件支持 password grant:[#6586](https://github.com/apache/apisix/pull/6586) + +### Bugfix + +- 上游 keepalive 应考虑 TLS 参数:[#7054](https://github.com/apache/apisix/pull/7054) +- 不要将内部错误信息暴露给客户端。 + - [#6982](https://github.com/apache/apisix/pull/6982) + - [#6859](https://github.com/apache/apisix/pull/6859) + - [#6854](https://github.com/apache/apisix/pull/6854) + - [#6853](https://github.com/apache/apisix/pull/6853) + - [#6846](https://github.com/apache/apisix/pull/6846) +- DNS 支持端口为 0 的 SRV 记录:[#6739](https://github.com/apache/apisix/pull/6739) +- 修复客户端 mTLS 在 TLS 会话重用中有时不生效的问题:[#6906](https://github.com/apache/apisix/pull/6906) +- grpc-web 插件不会在响应中覆盖 Access-Control-Allow-Origin 头。[#6842](https://github.com/apache/apisix/pull/6842) +- syslog 插件的默认超时已被纠正。[#6807](https://github.com/apache/apisix/pull/6807) +- 修复 authz-keycloak 插件的 `access_denied_redirect_uri` 的设置有时不生效的问题。[#6794](https://github.com/apache/apisix/pull/6794) +- 正确处理`USR2`信号。[#6758](https://github.com/apache/apisix/pull/6758) +- 重定向插件在将 HTTP 重定向到 HTTPS 时设置了正确的端口。 + - [#6686](https://github.com/apache/apisix/pull/6686) +- Admin API 拒绝未知的 stream 插件。[#6813](https://github.com/apache/apisix/pull/6813) + ## 2.13.1 **这是一个 LTS 维护版本,您可以在 `release/2.13` 分支中看到 CHANGELOG。** diff --git a/docs/zh/latest/config.json b/docs/zh/latest/config.json index 99b3c7c41b25..b0f5abbe5dbc 100644 --- a/docs/zh/latest/config.json +++ b/docs/zh/latest/config.json @@ -1,5 +1,5 @@ { - "version": "2.13.0", + "version": "2.14.0", "sidebar": [ { "type": "category", diff --git a/rockspec/apisix-2.14.0-0.rockspec b/rockspec/apisix-2.14.0-0.rockspec new file mode 100644 index 000000000000..278ba2f20aea --- /dev/null +++ b/rockspec/apisix-2.14.0-0.rockspec @@ -0,0 +1,102 @@ +-- +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +package = "apisix" +version = "2.14.0-0" +supported_platforms = {"linux", "macosx"} + +source = { + url = "git://github.com/apache/apisix", + branch = "2.14.0", +} + +description = { + summary = "Apache APISIX is a cloud-native microservices API gateway, delivering the ultimate performance, security, open source and scalable platform for all your APIs and microservices.", + homepage = "https://github.com/apache/apisix", + license = "Apache License 2.0", +} + +dependencies = { + "lua-resty-ctxdump = 0.1-0", + "lua-resty-dns-client = 6.0.2", + "lua-resty-template = 2.0", + "lua-resty-etcd = 1.6.2", + "api7-lua-resty-http = 0.2.0", + "lua-resty-balancer = 0.04", + "lua-resty-ngxvar = 0.5.2", + "lua-resty-jit-uuid = 0.0.7", + "lua-resty-healthcheck-api7 = 2.2.0", + "api7-lua-resty-jwt = 0.2.4", + "lua-resty-hmac-ffi = 0.05", + "lua-resty-cookie = 0.1.0", + "lua-resty-session = 3.10", + "opentracing-openresty = 0.1", + "lua-resty-radixtree = 2.8.2", + "lua-protobuf = 0.3.4", + "lua-resty-openidc = 1.7.2-1", + "luafilesystem = 1.7.0-2", + "api7-lua-tinyyaml = 0.4.2", + "nginx-lua-prometheus = 0.20220127", + "jsonschema = 0.9.8", + "lua-resty-ipmatcher = 0.6.1", + "lua-resty-kafka = 0.20-0", + "lua-resty-logger-socket = 2.0.1-0", + "skywalking-nginx-lua = 0.6.0", + "base64 = 1.5-2", + "binaryheap = 0.4", + "api7-dkjson = 0.1.1", + "resty-redis-cluster = 1.02-4", + "lua-resty-expr = 1.3.1", + "graphql = 0.0.2", + "argparse = 0.7.1-1", + "luasocket = 3.0rc1-2", + "luasec = 0.9-1", + "lua-resty-consul = 0.3-2", + "penlight = 1.9.2-1", + "ext-plugin-proto = 0.5.0", + "casbin = 1.26.0", + "api7-snowflake = 2.0-1", + "inspect == 3.1.1", + "lualdap = 1.2.6-1", + "lua-resty-rocketmq = 0.3.0-0", + "opentelemetry-lua = 0.1-3", + "net-url = 0.9-1", + "xml2lua = 1.5-2", + "nanoid = 0.1-1", + "lua-resty-mediador = 0.1.2-1" +} + +build = { + type = "make", + build_variables = { + CFLAGS="$(CFLAGS)", + LIBFLAG="$(LIBFLAG)", + LUA_LIBDIR="$(LUA_LIBDIR)", + LUA_BINDIR="$(LUA_BINDIR)", + LUA_INCDIR="$(LUA_INCDIR)", + LUA="$(LUA)", + OPENSSL_INCDIR="$(OPENSSL_INCDIR)", + OPENSSL_LIBDIR="$(OPENSSL_LIBDIR)", + }, + install_variables = { + ENV_INST_PREFIX="$(PREFIX)", + ENV_INST_BINDIR="$(BINDIR)", + ENV_INST_LIBDIR="$(LIBDIR)", + ENV_INST_LUADIR="$(LUADIR)", + ENV_INST_CONFDIR="$(CONFDIR)", + }, +} From d76bedf8caf41c8c4b786dd48726030cfd8dd896 Mon Sep 17 00:00:00 2001 From: LetsGO Date: Wed, 18 May 2022 13:02:18 +0800 Subject: [PATCH 2/5] fix: redirect http to https but port not change (#7065) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Wei Jiang Co-authored-by: 罗泽轩 Co-authored-by: tzssangglass Co-authored-by: Alex Zhang --- apisix/plugins/redirect.lua | 41 +++++++++++++++++++- conf/config-default.yaml | 2 + docs/en/latest/plugins/redirect.md | 5 ++- docs/zh/latest/plugins/redirect.md | 5 ++- t/plugin/redirect.t | 61 ++++++++++++++++++++---------- 5 files changed, 90 insertions(+), 24 deletions(-) diff --git a/apisix/plugins/redirect.lua b/apisix/plugins/redirect.lua index 104cf9d45d48..6c9a99a1575c 100644 --- a/apisix/plugins/redirect.lua +++ b/apisix/plugins/redirect.lua @@ -15,6 +15,7 @@ -- limitations under the License. -- local core = require("apisix.core") +local plugin = require("apisix.plugin") local tab_insert = table.insert local tab_concat = table.concat local string_format = string.format @@ -24,7 +25,8 @@ local ipairs = ipairs local ngx = ngx local str_find = core.string.find local str_sub = string.sub -local tonumber = tonumber +local type = type +local math_random = math.random local lrucache = core.lrucache.new({ ttl = 300, count = 100 @@ -143,12 +145,47 @@ local function concat_new_uri(uri, ctx) return tab_concat(tmp, "") end +local function get_port(attr) + local port + if attr then + port = attr.https_port + end + + if port then + return port + end + + local local_conf = core.config.local_conf() + local ssl = core.table.try_read_attr(local_conf, "apisix", "ssl") + if not ssl or not ssl["enable"] then + return port + end + + port = ssl["listen_port"] + if port then + return port + end + + local ports = ssl["listen"] + if ports and #ports > 0 then + local idx = math_random(1, #ports) + port = ports[idx] + if type(port) == "table" then + port = port.port + end + end + + return port +end function _M.rewrite(conf, ctx) core.log.info("plugin rewrite phase, conf: ", core.json.delay_encode(conf)) local ret_code = conf.ret_code - local ret_port = tonumber(ctx.var["var_x_forwarded_port"]) + + local attr = plugin.plugin_attr(plugin_name) + local ret_port = get_port(attr) + local uri = conf.uri local regex_uri = conf.regex_uri diff --git a/conf/config-default.yaml b/conf/config-default.yaml index 052c0fc2c8d1..316160a5d615 100644 --- a/conf/config-default.yaml +++ b/conf/config-default.yaml @@ -469,3 +469,5 @@ plugin_attr: connect: 60s read: 60s send: 60s +# redirect: +# https_port: 8443 # the default port for use by HTTP redirects to HTTPS diff --git a/docs/en/latest/plugins/redirect.md b/docs/en/latest/plugins/redirect.md index 865ef602d3e6..8a7a034bc934 100644 --- a/docs/en/latest/plugins/redirect.md +++ b/docs/en/latest/plugins/redirect.md @@ -45,7 +45,10 @@ The `redirect` Plugin can be used to configure redirects. Only one of `http_to_https`, `uri` and `regex_uri` can be configured. -* When enabling `http_to_https`, the port in the redirect URL will be the value of header `X-Forwarded-Port` or the port of the server. +* When enabling `http_to_https`, the ports in the redirect URL will pick a value in the following order (in descending order of priority) + * Read `plugin_attr.redirect.https_port` from the configuration file (`conf/config.yaml`). + * If `apisix.ssl` is enabled, read `apisix.ssl.listen_port` first, and if it does not exist, read `apisix.ssl.listen` and select a port randomly from it. + * Use 443 as the default https port. ::: diff --git a/docs/zh/latest/plugins/redirect.md b/docs/zh/latest/plugins/redirect.md index 75ece0243e4e..276132b48aa5 100644 --- a/docs/zh/latest/plugins/redirect.md +++ b/docs/zh/latest/plugins/redirect.md @@ -45,7 +45,10 @@ description: 本文介绍了关于 Apache APISIX `redirect` 插件的基本信 `http_to_https`、`uri` 和 `regex_uri` 只能配置其中一个属性。 -* 当开启 `http_to_https` 时,重定向 URL 中的端口将是 `X-Forwarded-Port` 请求头的值或服务器的端口。 +* 当开启 `http_to_https` 时,重定向 URL 中的端口将按如下顺序选取一个值(按优先级从高到低排列) + * 从配置文件(`conf/config.yaml`)中读取 `plugin_attr.redirect.https_port`。 + * 如果 `apisix.ssl` 处于开启状态,先读取 `apisix.ssl.listen_port`,如果没有,再读取 `apisix.ssl.listen` 并从中随机选一个 `port`。 + * 使用 443 作为默认 `https port`。 ::: diff --git a/t/plugin/redirect.t b/t/plugin/redirect.t index 47479a2b468e..3b8d87afd787 100644 --- a/t/plugin/redirect.t +++ b/t/plugin/redirect.t @@ -428,59 +428,80 @@ passed -=== TEST 18: redirect +=== TEST 18: redirect(port using `plugin_attr.redirect.https_port`) +--- extra_yaml_config +plugin_attr: + redirect: + https_port: 8443 --- request GET /hello --- more_headers Host: foo.com --- error_code: 301 --- response_headers -Location: https://foo.com:1984/hello +Location: https://foo.com:8443/hello -=== TEST 19: redirect(pass well-known port 443 to x-forwarded-port) +=== TEST 19: redirect(port using `apisix.ssl.listen_port`) +--- yaml_config +apisix: + ssl: + enable: true + listen_port: 9445 --- request GET /hello --- more_headers Host: foo.com -x-forwarded-port: 443 --- error_code: 301 --- response_headers -Location: https://foo.com/hello +Location: https://foo.com:9445/hello -=== TEST 20: redirect(pass negative number to x-forwarded-port) +=== TEST 20: redirect(port using `apisix.ssl.listen` when listen length is one) --- request GET /hello --- more_headers Host: foo.com -x-forwarded-port: -443 --- error_code: 301 --- response_headers -Location: https://foo.com/hello +Location: https://foo.com:9443/hello -=== TEST 21: redirect(pass number more than 65535 to x-forwarded-port) +=== TEST 21: redirect(port using `apisix.ssl.listen` when listen length more than one) +--- yaml_config +apisix: + ssl: + enable: true + listen: + - 6443 + - 7443 + - port: 8443 + - port: 9443 --- request GET /hello --- more_headers Host: foo.com -x-forwarded-port: 65536 --- error_code: 301 ---- response_headers -Location: https://foo.com/hello +--- response_headers_like +Location: https://foo.com:[6-9]443/hello -=== TEST 22: redirect(pass invalid non-number to x-forwarded-port) +=== TEST 22: redirect(port using `https default port`) +--- yaml_config +apisix: + ssl: + enable: null +--- extra_yaml_config +plugin_attr: + redirect: null --- request GET /hello --- more_headers Host: foo.com -x-forwarded-port: ok --- error_code: 301 --- response_headers Location: https://foo.com/hello @@ -528,7 +549,7 @@ GET /hello Host: foo.com --- error_code: 301 --- response_headers -Location: https://foo.com:1984/hello +Location: https://foo.com:9443/hello @@ -613,7 +634,7 @@ GET /hello Host: test.com --- error_code: 301 --- response_headers -Location: https://test.com:1984/hello +Location: https://test.com:9443/hello @@ -763,7 +784,7 @@ POST /hello-https --- more_headers Host: test.com --- response_headers -Location: https://test.com:1984/hello-https +Location: https://test.com:9443/hello-https --- error_code: 308 --- no_error_log [error] @@ -776,7 +797,7 @@ GET /hello-https --- more_headers Host: test.com --- response_headers -Location: https://test.com:1984/hello-https +Location: https://test.com:9443/hello-https --- error_code: 301 --- no_error_log [error] @@ -789,7 +810,7 @@ HEAD /hello-https --- more_headers Host: test.com --- response_headers -Location: https://test.com:1984/hello-https +Location: https://test.com:9443/hello-https --- error_code: 301 --- no_error_log [error] @@ -1092,4 +1113,4 @@ Host: foo.com X-Forwarded-Proto: http --- error_code: 301 --- response_headers -Location: https://foo.com:1984/hello +Location: https://foo.com:9443/hello From 4aba4ccbfb742ae143db24f773fc433bc0df9f1f Mon Sep 17 00:00:00 2001 From: spacewander Date: Wed, 18 May 2022 13:55:03 +0800 Subject: [PATCH 3/5] docs: update CHANGELOG Signed-off-by: spacewander --- CHANGELOG.md | 1 + docs/zh/latest/CHANGELOG.md | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 60bbda5f38f0..4c8c4102e675 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -109,6 +109,7 @@ title: Changelog - The authz-keycloak plugin's `access_denied_redirect_uri` was bypassed sometimes: [#6794](https://github.com/apache/apisix/pull/6794) - Handle `USR2` signal properly: [#6758](https://github.com/apache/apisix/pull/6758) - The redirect plugin set a correct port during redirecting HTTP to HTTPS: + - [#7065](https://github.com/apache/apisix/pull/7065) - [#6686](https://github.com/apache/apisix/pull/6686) - Admin API rejects unknown stream plugin: [#6813](https://github.com/apache/apisix/pull/6813) diff --git a/docs/zh/latest/CHANGELOG.md b/docs/zh/latest/CHANGELOG.md index a8f809c4ba69..46561ccd8bf1 100644 --- a/docs/zh/latest/CHANGELOG.md +++ b/docs/zh/latest/CHANGELOG.md @@ -59,11 +59,11 @@ title: CHANGELOG ## 2.14.0 -### 改变 +### Change - 为了适应 OpenTelemetry 规范的变化,OTLP/HTTP 的默认端口改为 4318: [#7007](https://github.com/apache/apisix/pull/7007) -### 核心 +### Core - 引入一个实验性功能,允许通过 APISIX 订阅 Kafka 消息。这个功能是基于 websocket 上面运行的 pubsub 框架。 - [#7028](https://github.com/apache/apisix/pull/7028) @@ -83,7 +83,7 @@ title: CHANGELOG - 增加一个选项,像 servlet 一样规范化 URI。[#6984](https://github.com/apache/apisix/pull/6984) - 通过 apisix-seed 实现 Zookeeper 服务发现:[#6751](https://github.com/apache/apisix/pull/6751) -### 插件 +### Plugin - real-ip 插件支持像`real_ip_recursive`那样的递归 IP 搜索。[#6988](https://github.com/apache/apisix/pull/6988) - api-breaker 插件允许配置响应。[#6949](https://github.com/apache/apisix/pull/6949) @@ -109,6 +109,7 @@ title: CHANGELOG - 修复 authz-keycloak 插件的 `access_denied_redirect_uri` 的设置有时不生效的问题。[#6794](https://github.com/apache/apisix/pull/6794) - 正确处理`USR2`信号。[#6758](https://github.com/apache/apisix/pull/6758) - 重定向插件在将 HTTP 重定向到 HTTPS 时设置了正确的端口。 + - [#7065](https://github.com/apache/apisix/pull/7065) - [#6686](https://github.com/apache/apisix/pull/6686) - Admin API 拒绝未知的 stream 插件。[#6813](https://github.com/apache/apisix/pull/6813) From 2606e97860877e2545e136f75d3233798a39a55a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=BD=97=E6=B3=BD=E8=BD=A9?= Date: Wed, 18 May 2022 11:17:53 +0800 Subject: [PATCH 4/5] ci: make it pass under OpenResty 1.21 (#7067) Signed-off-by: spacewander --- bin/apisix | 10 +++++----- utils/linux-install-luarocks.sh | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/bin/apisix b/bin/apisix index 409ece52fea1..4583fd1b52a0 100755 --- a/bin/apisix +++ b/bin/apisix @@ -31,11 +31,11 @@ fi # find the openresty OR_BIN=$(command -v openresty || exit 1) OR_EXEC=${OR_BIN:-'/usr/local/openresty-debug/bin/openresty'} -OR_VER=$(openresty -v 2>&1 | awk -F '/' '{print $2}' | awk -F '.' '{print $1"."$2}') +OR_VER=$(openresty -v 2>&1 | awk -F '/' '{print $2}' | awk -F '.' '{print $1 * 100 + $2}') LUA_VERSION=$(lua -v 2>&1| grep -E -o "Lua [0-9]+.[0-9]+") -if [[ -e $OR_EXEC && "$OR_VER" =~ "1.19" ]]; then - # OpenResty version is 1.19, use luajit by default +if [[ -e $OR_EXEC && "$OR_VER" -ge 119 ]]; then + # OpenResty version is >= 1.19, use luajit by default # find the luajit binary of openresty LUAJIT_BIN=$(${OR_EXEC} -V 2>&1 | grep prefix | grep -Eo 'prefix=(.*)/nginx\s+--' | grep -Eo '/.*/')luajit/bin/luajit @@ -43,9 +43,9 @@ if [[ -e $OR_EXEC && "$OR_VER" =~ "1.19" ]]; then echo "$LUAJIT_BIN $APISIX_LUA $*" exec $LUAJIT_BIN $APISIX_LUA $* elif [[ "$LUA_VERSION" =~ "Lua 5.1" ]]; then - # OpenResty version is not 1.19, use Lua 5.1 by default + # OpenResty version is < 1.19, use Lua 5.1 by default echo "lua $APISIX_LUA $*" exec lua $APISIX_LUA $* else - echo "ERROR: Please check the version of OpenResty and Lua, OpenResty 1.19 + LuaJIT or OpenResty before 1.19 + Lua 5.1 is required for Apache APISIX." + echo "ERROR: Please check the version of OpenResty and Lua, OpenResty 1.19+ + LuaJIT or OpenResty before 1.19 + Lua 5.1 is required for Apache APISIX." fi diff --git a/utils/linux-install-luarocks.sh b/utils/linux-install-luarocks.sh index be738ce45d42..a8d1bafd0428 100755 --- a/utils/linux-install-luarocks.sh +++ b/utils/linux-install-luarocks.sh @@ -29,8 +29,8 @@ rm -f v"$LUAROCKS_VER".tar.gz cd luarocks-"$LUAROCKS_VER" || exit OR_BIN="$OPENRESTY_PREFIX/bin/openresty" -OR_VER=$($OR_BIN -v 2>&1 | awk -F '/' '{print $2}' | awk -F '.' '{print $1"."$2}') -if [[ -e $OR_BIN && "$OR_VER" == 1.19 ]]; then +OR_VER=$($OR_BIN -v 2>&1 | awk -F '/' '{print $2}' | awk -F '.' '{print $1 * 100 + $2}') +if [[ -e $OR_BIN && "$OR_VER" -ge 119 ]]; then WITH_LUA_OPT="--with-lua=${OPENRESTY_PREFIX}/luajit" else # For old version OpenResty, we still need to install LuaRocks with Lua From ea7f186bf27b9afc307997dea6fc0304e064183a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=BD=97=E6=B3=BD=E8=BD=A9?= Date: Sun, 22 May 2022 20:42:21 +0800 Subject: [PATCH 5/5] Apply suggestions from code review Co-authored-by: leslie <59061168+leslie-tsang@users.noreply.github.com> --- CHANGELOG.md | 4 ++-- docs/zh/latest/CHANGELOG.md | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4c8c4102e675..59169e695ef5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -75,12 +75,12 @@ title: Changelog - [#6960](https://github.com/apache/apisix/pull/6960) - [#6965](https://github.com/apache/apisix/pull/6965) - [#7040](https://github.com/apache/apisix/pull/7040) -- Now we support adding delay according to the command & key during proxying Redistraffic, which is built above xRPC: +- Now we support adding delay according to the command & key during proxying Redis traffic, which is built above xRPC: - [#6999](https://github.com/apache/apisix/pull/6999) - Introduce an experimental support to configure APISIX via xDS: - [#6614](https://github.com/apache/apisix/pull/6614) - [#6759](https://github.com/apache/apisix/pull/6759) -- Add an option to normalize uri like servlet: [#6984](https://github.com/apache/apisix/pull/6984) +- Add `normalize_uri_like_servlet` option to normalize uri like servlet: [#6984](https://github.com/apache/apisix/pull/6984) - Zookeeper service discovery via apisix-seed: [#6751](https://github.com/apache/apisix/pull/6751) ### Plugin diff --git a/docs/zh/latest/CHANGELOG.md b/docs/zh/latest/CHANGELOG.md index 46561ccd8bf1..16b4b2516ca7 100644 --- a/docs/zh/latest/CHANGELOG.md +++ b/docs/zh/latest/CHANGELOG.md @@ -75,17 +75,17 @@ title: CHANGELOG - [#6960](https://github.com/apache/apisix/pull/6960) - [#6965](https://github.com/apache/apisix/pull/6965) - [#7040](https://github.com/apache/apisix/pull/7040) -- 现在我们支持在代理 Redistraffic 过程中根据命令和键添加延迟,它建立在 xRPC 之上。 +- 现在我们支持在代理 Redis traffic 过程中根据命令和键添加延迟,它建立在 xRPC 之上。 - [#6999](https://github.com/apache/apisix/pull/6999) - 引入实验性支持,通过 xDS 配置 APISIX。 - [#6614](https://github.com/apache/apisix/pull/6614) - [#6759](https://github.com/apache/apisix/pull/6759) -- 增加一个选项,像 servlet 一样规范化 URI。[#6984](https://github.com/apache/apisix/pull/6984) +- 增加 `normalize_uri_like_servlet` 配置选项,像 servlet 一样规范化 URI。[#6984](https://github.com/apache/apisix/pull/6984) - 通过 apisix-seed 实现 Zookeeper 服务发现:[#6751](https://github.com/apache/apisix/pull/6751) ### Plugin -- real-ip 插件支持像`real_ip_recursive`那样的递归 IP 搜索。[#6988](https://github.com/apache/apisix/pull/6988) +- real-ip 插件支持像 `real_ip_recursive` 那样的递归 IP 搜索。[#6988](https://github.com/apache/apisix/pull/6988) - api-breaker 插件允许配置响应。[#6949](https://github.com/apache/apisix/pull/6949) - response-rewrite 插件支持正文过滤器。[#6750](https://github.com/apache/apisix/pull/6750) - request-id 插件增加了 nanoid 算法来生成 ID:[#6779](https://github.com/apache/apisix/pull/6779) @@ -107,7 +107,7 @@ title: CHANGELOG - grpc-web 插件不会在响应中覆盖 Access-Control-Allow-Origin 头。[#6842](https://github.com/apache/apisix/pull/6842) - syslog 插件的默认超时已被纠正。[#6807](https://github.com/apache/apisix/pull/6807) - 修复 authz-keycloak 插件的 `access_denied_redirect_uri` 的设置有时不生效的问题。[#6794](https://github.com/apache/apisix/pull/6794) -- 正确处理`USR2`信号。[#6758](https://github.com/apache/apisix/pull/6758) +- 正确处理 `USR2` 信号。[#6758](https://github.com/apache/apisix/pull/6758) - 重定向插件在将 HTTP 重定向到 HTTPS 时设置了正确的端口。 - [#7065](https://github.com/apache/apisix/pull/7065) - [#6686](https://github.com/apache/apisix/pull/6686)