Releases: cloudfoundry/routing-release
Releases · cloudfoundry/routing-release
0.269.0
Known Issue
Changes
- Update sync-package-specs to install gosub
- Remove
trace-loggerupdate in sync-submodule-config - Remove unused files
✨ Built with go 1.20.4
Full Changelog: v0.268.0...v0.269.0
Resources
0.268.0
Known Issue
Changes
- Adds support for
route_registrarto advertise HTTP2 based routes to gorouter. If not specified on a route, http1 is used by default. Thanks @peanball @plowin and @b1tamara!!
Bosh Job Spec changes:
diff --git a/jobs/route_registrar/spec b/jobs/route_registrar/spec
index 595f2075..bf3d9a03 100644
--- a/jobs/route_registrar/spec
+++ b/jobs/route_registrar/spec
@@ -101,6 +101,7 @@ properties:
tls_port (required, integer, for http routes): Either `port` or `tls_port` are required; if both are provided, Gorouter will prefer tls_port.
Requests for associated URIs will be forwarded over TLS by the router to this port.
The IP is determined automatically from the host on which route-registrar is run.
+ protocol (optional, string): 'http1' or 'http2'. If not provided, Gorouter uses 'http1' as default.
route_service_url (optional, string, for http routes): When valid route service URL is provided, Gorouter will proxy requests received for the uris above to the specified route service URL.
server_cert_domain_san (conditional, string, for http routes): Required if tls_port is present.
Gorouter will validate that the TLS certificate presented by the destination host contains this as a Subject Alternative Name (SAN).
✨ Built with go 1.20.4
Full Changelog: v0.267.0...v0.268.0
Resources
Contributors
peanball, b1tamara, and plowin
Assets 3
0.267.0
Known Issue
Changes
- The veresion of HAProxy used in tcp-router was bumped from 2.7.6 to 2.7.8.
✨ Built with go 1.20.4
Full Changelog: v0.266.0...v0.267.0
Resources
0.266.0
Known Issue
Change
- 🐛Resolves CVE-2023-20882 introduced in v0.262.0 by fixing a bug that may cause routing failures to apps. Thanks @maxmoehl and @domdom82!!
- Many go dependency updates across all routing packages. Thanks @winkingturtle-vmw!!
✨ Built with go 1.20.4
Full Changelog: v0.265.1...v0.266.0
Resources
Contributors
domdom82, maxmoehl, and winkingturtle-vmw
Assets 3
0.265.1
This release is susceptible to the issue described in CVE-2023-20882. It is advised to use routing-release 0.266.0 or later instead of this release.
Changes
- Bump healthchecker
✨ Built with go 1.20.4
Full Changelog: v0.265.0...v0.265.1
Resources
0.265.0
Known Issues
⚠️ This release is susceptible to the issue described in CVE-2023-20882. This issue is fixed in routing-release 0.266.0.⚠️ This release is vulnerable to this known issue around handling expect 100-continue responses. This issue is fixed in routing-release 0.274.0- We recommend skipping this version and upgrading to 0.274.0 instead.
Changes
- Bump to Go 1.20.4
✨ Built with go 1.20.4
Full Changelog: v0.264.0...v0.265.0
Resources
0.264.0
Known Issues
⚠️ This release is susceptible to the issue described in CVE-2023-20882. This issue is fixed in routing-release 0.266.0.⚠️ This release is vulnerable to this known issue around handling expect 100-continue responses. This issue is fixed in routing-release 0.274.0- We recommend skipping this version and upgrading to 0.274.0 instead.
Changes
- Addresses the issue in routing-release 0.263.0 where
bosh export-releaseswould fail to compile theacceptance-testspackage.
✨ Built with go 1.20.3
Full Changelog: v0.263.0...v0.264.0
Resources
0.263.0
Known Issues
⚠️ This release is susceptible to the issue described in CVE-2023-20882. This issue is fixed in routing-release 0.266.0.⚠️ This release is vulnerable to this known issue around handling expect 100-continue responses. This issue is fixed in routing-release 0.274.0- We recommend skipping this version and upgrading to 0.274.0 instead.
Changes
- 🐛Fixed a bug present since v0.262.0 that caused CATs to intermittently fail on apps using
ncas their server. - 🐛Bumped haproxy to 2.7.6 in cf-tcp-router, to resolve a bug preventing haproxy from properly transferring open connections to the new haproxy process when a reload occurred - haproxy/#1883
✨ Built with go 1.20.3
Full Changelog: v0.262.0...v0.263.0
Resources
0.262.0
Known Issues
⚠️ This release is susceptible to the issue described in CVE-2023-20882. This issue is fixed in routing-release 0.266.0.⚠️ This release is vulnerable to this known issue around handling expect 100-continue responses. This issue is fixed in routing-release 0.274.0- We recommend skipping this version and upgrading to 0.274.0 instead.
Changes
- 🐛Fixes the of golang has a known issue that causes backend request failures which previously returned 496, 499, 503, 525, or 526 to instead return a 502. Additionally stale routes may not have been pruned properly. Thanks @domdom82!!
- 🚗Gorouter now retries requests which fail prior to any HTTP content being sent (since no backend received the HTTP content, they're by definition retriable). Thanks for the PR. Thanks @maxmoehl and @domdom82!!
✨ Built with go 1.20.2
Full Changelog: v0.261.0...v0.262.0
Resources
Contributors
domdom82 and maxmoehl
Assets 3
0.261.0
Known Issues
⚠️ This release is susceptible to the issue described in CVE-2023-20882. This issue is fixed in routing-release 0.266.0.⚠️ This release is vulnerable to this known issue around handling expect 100-continue responses. This issue is fixed in routing-release 0.274.0- We recommend skipping this version and upgrading to 0.274.0 instead.
Changes
- Bug fix: add healthcheck to routing-api for route-registrar
Bosh Job Spec changes:
diff --git a/jobs/routing-api/spec b/jobs/routing-api/spec
index 5717f88f..f6a2175d 100644
--- a/jobs/routing-api/spec
+++ b/jobs/routing-api/spec
@@ -6,12 +6,15 @@ templates:
uaa_ca.crt.erb: config/certs/uaa/ca.crt
routing-api.yml.erb: config/routing-api.yml
+ routing_api_health_check.erb: bin/routing_api_health_check
locket_ca.crt.erb: config/certs/locket/ca.crt
locket_client.crt.erb: config/certs/locket/client.crt
locket_client.key.erb: config/certs/locket/client.key
api_mtls_client_ca.crt.erb: config/certs/routing-api/client_ca.crt
+ api_mtls_client.crt.erb: config/certs/routing-api/client.crt
+ api_mtls_client.key.erb: config/certs/routing-api/client.key
api_mtls_server.crt.erb: config/certs/routing-api/server.crt
api_mtls_server.key.erb: config/certs/routing-api/server.key
@@ -107,6 +110,13 @@ properties:
routing_api.mtls_client_key:
description: "Routing API client key (provided to clients by bosh link)"
+ routing_api.health_check_timeout_per_retry:
+ default: 2
+ description: "Maximum health check timeout (in seconds) for each retry attempt in the Routing API's route registration health check"
+ routing_api.health_check_total_timeout:
+ default: 6
+ description: "Maximum health check timeout (in seconds). Health checks will be retried until this time limit is reached. This should be less than or equal to your route_registrar.routes.api.health_check.timeout"
+
metron.port:
description: "The port used to emit dropsonde messages to the Metron agent."
default: 3457
✨ Built with go 1.20.2
Full Changelog: v0.260.0...v0.261.0