Bump Ocelot from 18.0.0 to 24.0.1 #1646
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- updated-dependencies: - dependency-name: Ocelot dependency-version: 24.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
.NET
|
Contributor
Author
|
Superseded by #1647. |
dependabot
bot
deleted the
dependabot/nuget/generators/dotnetcore/templates/dotnetcore/src/main/Ocelot-24.0.1
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updated Ocelot from 18.0.0 to 24.0.1.
Release notes
Sourced from Ocelot's releases.
24.0.1
Ocelot.Administration.IdentityServer4 version 24.0.1
❗ Breaking Changes
The Ocelot.Administration extension package has been renamed to Ocelot.Administration.IdentityServer4 ❗
Feature: Administration
All IdentityServer4-related vulnerabilities (issue #2218) were addressed. The Ocelot.Administration source code has been moved out of the Ocelot repository (pull request #2274) and transferred to the Ocelot.Administration.IdentityServer4 repository.
Currently, the Administration feature is solely based on the IdentityServer4 package, whose repository was archived by its owner on July 31, 2024. In this release, the Ocelot team deprecated the Ocelot.Administration.IdentityServer4 extension package after the current Ocelot v24.0 release; however, the repository is/will not be archived, allowing for potential patches in the future.
24.0.0
Upgrade to .NET 9 (TFM
net9.0, version 24.0) aka .NET 9 releaseℹ️ About
On November 12th, 2024, the .NET team announced the release of the .NET 9 framework:
This major release upgrades Ocelot package TFMs to
net9.0in addition to the currentnet8.0. Thus, the current Ocelot supported frameworks are .NET 8 LTS and .NET 9 STS. According to the .NET Support Policy, the Ocelot team has discontinued support of .NET 6 and .NET 7 by providing the version 23.4.3 which targets those .NET versions.🔖 Official Notice to the Community Regarding CircleCI
Ocelot's previous CI/CD provider, CircleCI, facilitated professional and seamless development, build processes, and delivery of Ocelot versions for seven years, starting in March 2018. But last year, in January 2025, after patching Ocelot with version 23.4.3, our team encountered legal issues related to CircleCI Co's policies, leading to this CI/CD provider stopping the build process for the Ocelot project. This legal issue and technical incident were unforeseen on our part because Ocelot is open-source software (OSS), and forcibly stopping the project's build process and blocking accounts appears to be an unfortunate breach of OSS principles. We strongly believe that any developer or user, from any country, should be able to use software providers that support the OSS movement by offering free or other cost-free plans and serving the accounts of these users, OSS teams, and OSS projects 24/7, 365 days a year. We consider this legal issue and the resulting technical incidents involving CircleCI to be a serious breach of OSS principles and an act of discrimination against Ocelot users, developers, and customers who rely on Ocelot OSS, ultimately causing delays to the current release. As a team, we do not recommend using CircleCI for OSS projects, as there is no guarantee that these projects will not face discrimination from this U.S. company.
For all developers, team leads, architects, and managers of any OSS projects—at least on GitHub—we recommend utilizing the built-in GitHub Actions CI/CD infrastructure. Since its founding, GitHub has supported OSS projects. Today, GitHub provides 2,000 minutes of free CI/CD build time per month for OSS repositories (public repos). Also, we strongly believe that GitHub will never violate its OSS policies without a notice period, nor fail to inform owners and maintainers that certain policies must be met by Ocelot's owners. In addition, we want to acknowledge that we are monitoring U.S. government regulations. Unfortunately, we must state that some GitHub products are unavailable in certain countries, even if the project is OSS and GitHub claims these products are free for OSS. Since the Ocelot team does not utilize these non-critical products (we prefer to energize our brains rather than rely on AI-driven products), and since the Ocelot project is currently well-served by GitHub Co, the Ocelot team affirms that Ocelot will remain on GitHub as long as its OSS-friendly policies continue. As a team, we hope that GitHub will never enforce extra rules on our project or other OSS projects.
Regardless, we remain on GitHub!
🆕 What's New?
DevOps: The CI/CD infrastructure was migrated from CircleCI to GitHub Actions by @raman-m
Starting from version 24.0, all pull requests, development commits, and releases will be built using GitHub Actions workflows (documentation). We currently have three workflows: one for pull requests (PR), one for the
developbranch (Develop), and one for themainbranch (Release). All workflow runs are available on the Actions dashboard.The PR workflow will track code coverage using Coveralls. After opening a pull request or submitting a new commit to a pull request, Coveralls will publish a short message with the current code coverage once the top commit is built. Considering that Coveralls retains the entire history but does not fail the build if coverage falls below the threshold, all workflows have a built-in 80% threshold, applied internally within the
build-cakejob, particularly during the "Cake Build" step-action. If the code coverage of a newly opened pull request drops below the 80% threshold, thebuild-cakejob will fail, logging an appropriate message in the "Cake Build" step. For your information, the current code coverage of the Ocelot project is around 85-86%. The coverage threshold is subject to change in upcoming releases. All Coveralls builds can be viewed by navigating to the ThreeMammals/Ocelot project on Coveralls.io.🆙 What's Updated?
Core:
The main Ocelot package and all extension packages reference
net8.0andnet9.0target framework monikers (TFMs). Refer to TargetFrameworks to verify this. Thenet6.0andnet7.0TFMs have been removed. If your project still relies on these outdated TFMs, please continue using version 23.4.3.Authentication:
Testing of Identity Server Bearer Tokens functionality was stopped due to vulnerabilities reported by Dependabot, specifically the "IdentityServer Open Redirect vulnerability" security issue. More technical details were provided in the 23.4.3 release notes, where we notified the community. Ultimately, issue #2218 was addressed via pull request #2274.
Administration:
The Ocelot.Administration extension package has been renamed to Ocelot.Administration.IdentityServer4 (it is scheduled for deprecation) to address all IdentityServer4-related vulnerabilities (issue #2218). The package's source code has been moved out of the Ocelot repository (pull request #2274) and transferred to the newly created Ocelot.Administration.IdentityServer4 repository.
Kubernetes:
Unfortunately, in the Kubernetes chapter, it was unclear to users how to define a K8s endpoint host in the Configuration due to the implicit reuse of
KubeClient, which is created from the pod account during Install-ation. As a team, we decided to add the new AddKubernetes(Action<KubeClientOptions>) method, which handles different user scenarios. It is now possible to provide manually configuredKubeClientOptionsin C# during Install-ation, but users can also reuseServiceDiscoveryProvideroptions from the global configuration, including theHostoption to construct the kubernetes endpoint address. The new overloadedAddKubernetes(Action<KubeClientOptions>)method was implemented in pull request #2257.KubeClientdependency library version was upgraded to3.0.x, which requires .NET 8.0 and .NET 9.0 TFMs for the current Ocelot version 24.0.KubeClientv3 was internally reviewed and released specifically to meet Ocelot's needs for this release. Thanks to Adam Friedman (@tintoy) for his collaboration! This package upgrade was implemented in pull request #2266.... (truncated)
23.4.3
🔥 Hot fixing #2246 issue (version 23.4.3) aka v23.4.2 patch 📦
ℹ️ About
🔥 Hot fixed issue: #2246
❤️ A sincere and heartfelt "Thank You" to Donny Tian, @donnytian for reporting the bug.
❗ Breaking Changes
Upgrading from 23.4.0-23.4.2 to 23.4.3 introduces no breaking changes. However, some internal interfaces have been updated, which should not introduce IBC for 99.99% of projects. For further information, refer to the source code.
What's Changed
Regexcaching by @raman-m in #2246 Review Core cache and redesignRegexcaching ThreeMammals/Ocelot#2251Full Changelog: ThreeMammals/Ocelot@23.4.2...23.4.3
23.4.2
📦 End of .NET 6, 7 Support (version 23.4.2)
This is the last patched version for .NET 6 and 7 frameworks. The upcoming major release, version 24.0, will target .NET 9 alongside the LTS .NET 8. Projects targeting .NET 6 or 7 should update to this version while considering an upgrade to .NET 8 or 9 in the future.
ℹ️ About
net6.0andnet7.0frameworks, along with the LTSnet8.0.IdentityServer4have not yet been addressed; these will be resolved in the next major release (refer to Warnings further information).❗ Warning
23.4.*is possible.IdentityServer4, allowing Ocelot users to utilize any authentication provider, as Ocelot's Authentication feature is provider-agnostic.IdentityServer4library.Ocelot.Cache.CacheManager,Ocelot.Tracing.Butterfly, andOcelot.Tracing.OpenTracing.What's Changed
net6.0andnet7.0target frameworks and bump all packages by @raman-m in Review Dependabot alerts fornet6.0andnet7.0target frameworks and bump all packages ThreeMammals/Ocelot#2220Full Changelog: ThreeMammals/Ocelot@23.4.1...23.4.2
23.4.1
📦 Routing patch (version 23.4.1)
❤️ A heartfelt "Thank You" to Guillaume Gnaegi (@ggnaegi)
ℹ️ About
🔥 Hot fixed issues: #2165 #2209 #2212
What's Changed
SecurityOptionsby @Fabman08 in #2165 Global configurationSecurityOptionsThreeMammals/Ocelot#2170Full Changelog: ThreeMammals/Ocelot@23.4.0...23.4.1
23.4.0
🔀 Routing Update (version 23.4.0) aka McDonald's release
ℹ️ About
This minor release significantly upgrades the Routing feature by supporting embedded placeholders within path segments (between slashes). Additionally, the team has focused on enhancing the performance of
Regexobjects.🆕 What's new?
As of November 2024, Ocelot was unable to process multiple placeholders embedded between two forward slashes. It was also challenging to differentiate the placeholder from other elements within the slashes. For example,
/{url}-2/for/y-2/would yield{url} = y-2. We are excited to introduce an enhanced method for evaluating placeholders that allows for the resolution of placeholders within complex URLs.For additional information, refer to PR #2200.
🆙 Focus On
Features: Routing, Core, Rate Limiting, Middleware Injection
Regexlogic has been refactored by @EngRajabi.The Ocelot Core now boasts improved performance of
Regexobjects, striving to adhere to the Best Practices for Regular Expressions in .NET. It is estimated that each request could save from 1 to over 10 microseconds in processing time (though no benchmarks have been developed to measure this).The problem was the absence of unofficial
X-Rate-Limit-*headers (found in the RateLimitingHeaders class) in theRateLimitingMiddleware's response. For more details, see PR #1307.Note that these unofficial headers have not yet been documented, so they may be subject to change since Ocelot's RateLimiting headers do not align with industry standards.
OcelotPipelineConfiguration.ClaimsToHeadersMiddlewareproperty has been introduced by @kesskalli.This new property enables the overriding of the ClaimsToHeadersMiddleware. For additional information, refer to PR #1403.
Documentation for v23.4.0
Honoring 🏅 aka Top Contributors 👏
1st 🥇 goes to Mohsen Rajabi for delivering 1 feature in 12 files changed
2nd 🥈 goes to Jolanta Łukawska for delivering 1 feature in 8 files changed
3rd 🥉 goes to Karim Esskalli for delivering 1 feature in 6 files changed
Starring ⭐ aka Release Influencers
⭐ Mohsen Rajabi, @EngRajabi
⭐ Jolanta Łukawska, @jlukawska
⭐ Raman Maksimchuk, @raman-m
⭐ Karim Esskalli, @kesskalli
⭐ Guillaume Gnaegi, @ggnaegi
Features in Release 23.4.0
Logbook
... (truncated)
23.3.6
🔥 Hot fixing v23.3.4 (version 23.3.6) aka October'24 release
❤️ A heartfelt "Thank You" to Nikolai Masson (@Niksson) and Nikolay Kuksov (@kick2nick) for their contributions!
ℹ️ About
This release provides minor bug fixes from the previous 23.3.4 release. All bugs have been addressed in the October'24 milestone.
📓 For projects utilizing the Service Discovery feature, it is recommended to update to this version to benefit from the unstable release 23.3.4, which includes fixes for both
ConsulandKubediscovery providers.🧑💻 Technical Information
The Ocelot solution encountered a significant issue with the disabled scope validation of services in the DI-container, affecting both testing projects and the core library. Initially, this was not problematic when services were designed as singletons by previous contributors and our team. However, with the introduction of more scoped services by the Ocelot team, it became clear that our testing projects could not adequately handle them.
This patch introduces scope validation across all domains: unit tests, acceptance tests, and the core library itself. We advise always enabling scope validation in your custom Ocelot solutions, especially when dealing with numerous C# overridden classes in the DI-container and any attached custom functionality.
The patch enhances functionality for two primary Service Discovery providers:
The
System.InvalidOperationExceptionerror stating "Cannot resolve scoped service 'Ocelot.Provider.Consul.Interfaces.IConsulServiceBuilder' from root provider" has been resolved.To clarify, the
IConsulServiceBuilderservice is a scoped service in DI, injected via theAddConsul()or AddConsul<T>() methods. Therefore, theDefaultConsulServiceBuildershould also be a scoped service, withHttpContextinjected to meet your development requirements.It involved a
System.InvalidOperationExceptionwith the message: "Cannot resolve scoped service 'KubeClient.IKubeApiClient' from root provider." This "invalid scopes" error occurred only in development mode, as release mode DLLs do not validate scopes. However, theKubeApiClientis designed to have a scoped lifetime. Acceptance tests passed because scope validation was disabled, and theKubeClientwas replaced with a singleton. This inconsistency was identified and reproduced by the old 977 issue. As a temporary solution, theIKubeApiClientwas registered as a singleton.Looking ahead, our team intends to redesign the Kubernetes provider to have a default service builder that is scoped, similar to the Consul provider.
❗ Breaking Changes
Upgrading from 23.3.4 to 23.3.6 introduces no breaking changes. However, upgrading from 23.3.0 or earlier versions may result in some incompatibilities. For further information, please refer to the release notes of v23.3.4.
Starring ⭐ aka Release Influencers
⭐⭐ Raman Maksimchuk, @raman-m
⭐ Henrique Holtz, @henriqueholtz
⭐ Nikolay, @kick2nick
⭐ Nikolai Masson, @Niksson
⭐ Emmanuel Ferdman, @emmanuel-ferdman
⭐ dependabot[bot], @dependabot
What's Changed
asyncvsawaitimprovements by @henriqueholtz in Coding best practices:asyncvsawaitimprovements ThreeMammals/Ocelot#2156HttpContextrequest services for theIConsulServiceBuilderservice by @Niksson in #2178 DI service resolution from scopedHttpContextrequest services for theIConsulServiceBuilderservice ThreeMammals/Ocelot#2179KubeandPollKubediscovery providers by @kick2nick in #977 Enable validation of DI scopes inKubeandPollKubediscovery providers ThreeMammals/Ocelot#2180HttpContextrequest services for theIConsulServiceBuilderservice ThreeMammals/Ocelot#2179 #977 Enable validation of DI scopes inKubeandPollKubediscovery providers ThreeMammals/Ocelot#2180 : Enable validation of DI scopes everywhere, in commit ThreeMammals/Ocelot@e4bc9ff by @raman-mservicediscovery.rstby @emmanuel-ferdman in Correct broken references inservicediscovery.rstThreeMammals/Ocelot#2187New Contributors
asyncvsawaitimprovements ThreeMammals/Ocelot#2156HttpContextrequest services for theIConsulServiceBuilderservice ThreeMammals/Ocelot#2179KubeandPollKubediscovery providers ThreeMammals/Ocelot#2180Full Changelog: ThreeMammals/Ocelot@23.3.5...23.3.6
23.3.5
📦 Documentation patch (version 23.3.5), technical release
ℹ️ About
This documentation patch pertains to HTML and PDF document layouts.
No NuGet packages have been uploaded.
23.3.4
🔥 Hot fixing v23.3 (version 23.3.4) aka Blue Olympic Balumbes release
❤️ A heartfelt "Thank You" to Roman Shevchik and Massimiliano Innocenti for their contributions in testing and reporting the Service Discovery issues, #2110 and #2119, respectively!
ℹ️ About
This release delivers a number of bug fixes for the predecessor's 23.3.0 release, which is full of new features but was not tested well. All bugs were combined into the v23.3 Hotfixes milestone.
Following the substantial refactoring of Service Discovery providers in the 23.3.0 release, the community identified and we have acknowledged several critical service discovery defects with providers such as Kube and Consul. The
Kubeprovider, while somewhat unstable, remained operational; however, theConsulprovider was entirely non-functional.📓 If your projects rely on the Service Discovery feature and cannot function without it, please upgrade to this version to utilize the full list of features of version 23.3.0.
🧑💻 Technical Information
A comprehensive explanation of the technical details would span several pages; therefore, it is advisable for fans of Ocelot to review all pertinent technical information within the issue descriptions associated with the milestone.
Our team has implemented some Breaking Changes which we urge you to review carefully (details follow).
Listed by priority:
ILoadBalancerinterface alteration: MethodLeaseis nowLeaseAsync.Interface FQN:
Ocelot.LoadBalancer.LoadBalancers.ILoadBalancerMethod FQN:
Ocelot.LoadBalancer.LoadBalancers.ILoadBalancer.LeaseAsyncDefaultConsulServiceBuilderconstructor modification: The first parameter's type has been changed fromFunc<ConsulRegistryConfiguration>toIHttpContextAccessor.Class FQN:
Ocelot.Provider.Consul.DefaultConsulServiceBuilderConstructor signature:
public DefaultConsulServiceBuilder(IHttpContextAccessor contextAccessor, IConsulClientFactory clientFactory, IOcelotLoggerFactory loggerFactory)Leasetype: TheLeasehas been restructured from a class to a structure and elevated in the namespace hierarchy.Struct FQN:
Ocelot.LoadBalancer.Lease📓 Should your custom solutions involve overriding default Ocelot classes and their behavior, redevelopment or at least recompilation of the solution, followed by deployment, will be necessary.
Honoring 🏅 aka Top Contributors 👏
1st 🥇 goes to Roman Shevchik for delivering 1 feature in 25 files changed
2nd 🥈 goes to Ben Bartholomew for delivering 1 feature in 7 files changed
3rd 🥉 goes to Paul Roy for delivering 1 feature in 5 files changed
Starring ⭐ aka Release Influencers
⭐⭐ Raman Maksimchuk, @raman-m
⭐ Roman Shevchik, @antikorol
⭐ Ben Bartholomew, @ben-bartholomew
⭐ Paul Roy, @PaulARoy
⭐ Finn Fiedler, @int0x81
⭐ Emmanuel Ferdman, @emmanuel-ferdman
⭐ dependabot[bot], @dependabot
Features in Release 23.3.4
Details
... (truncated)23.3.0
Spring 2024 (version 23.3.0) aka Twilight Texas release
Following the substantial refactoring of Service Discovery providers in this release, the community has identified and we have acknowledged several critical service discovery defects with providers such as
Consul,Kube, and potentially others. TheKubeprovider, while somewhat unstable, remains operational; however, theConsulprovider is entirely non-functional. We apologize to the projects and clients affected by these issues.If your projects rely on the Service Discovery feature and cannot function without it, please refrain from upgrading to version 23.3.0; instead, continue using or revert to the previous version 23.2.2. However, if your team does not utilize the Service Discovery feature, then upgrading to this version should be fine. The Ocelot team is currently working on the v23.3 Hotfixes milestone during the summer of 2024, and we are optimistic that the hotfixed version 23.3.4 is expected to be available at the beginning of September 2024. We appreciate your understanding and support.
❗ Breaking Changes
POST,PUTrequests), then enable content hashing in global caching settings: utilize the "EnableContentHashing option"❗What's new?
Service Discovery: Major upgrade of Kube and Consul providers: new "Customization of services creation" feature
Introducing a new feature for "Customization of services creation" in two primary service discovery providers: Consul and Kubernetes, developed by @raman-m.
The customization for both
ConsulandKubeproviders in service creation is achieved through the overriding of virtual methods in default implementations. The recommendation was to separate the provider's logic and introducepublic virtualandprotected virtualmethods in concrete classes, enabling:public virtualmethods as dictated by interface definitions.protected virtualmethods to allow developers to customize atomic operations through inheritance from existing concrete classes.Ultimately, customization relies on the virtual methods within the default implementation classes, providing developers the flexibility to override them as necessary for highly tailored Consul/K8s configurations in their specific environments.
For further details, refer to the respective pull requests for both providers:
Kube#2052,Consul#2067Routing: New "Routing based on Request Header" feature
In addition to routing via
UpstreamPathTemplate, you can now define anUpstreamHeaderTemplatesoptions dictionary. For a route to match, all headers specified in this section are required to be present in the request headers.For more details, see PR #1312.
Configuration: New "Custom Default Version Policy" and "Route Metadata" features
Introducing the "Custom Default Version Policy" feature by @ibnuda.
The configurable
HttpRequestMessage.VersionPolicyhelps avoid HTTP protocol connection errors and stabilizes connections to downstream services, especially when you're not developing those services, documentation is scarce, or the deployed HTTP protocol version is uncertain.For developers of downstream services, it's possible to
ConfigureKestrelserver and its endpoints with new protocol settings. However, attention to version policy is also required, and this feature provides precise version settings for HTTP connections.Essentially, this feature promotes the use of HTTP protocols beyond 1.0/1.1, such as HTTP/2 or even HTTP/3.
For additional details, refer to PR #1673.
Introducing the new "Route Metadata" feature by @vantm. Undoubtedly, this is the standout feature of the release! ⭐
Route metadata enables Ocelot developers to incorporate custom functions that address specific needs or to create their own plugins/extensions.
In versions of Ocelot prior to 23.3.0, the configuration was limited to predefined values that Ocelot used internally. This was sufficient for official extensions, but posed challenges for third-party developers who needed to implement configurations not included in the standard
FileConfiguration. Applying an option to a specific route required knowledge of the array index and other details that might not be readily accessible using the standardIConfigurationorIOptions<FileConfiguration>models from ASP.NET. Now, metadata can be directly accessed in theDownstreamRouteobject. Furthermore, metadata can also be retrieved from the global JSON section via theFileConfiguration.GlobalConfigurationproperty.For more information, see the details in PR #1843 on this remarkable feature.
Focus On
... (truncated)
23.2.2
Hotfix release (version 23.2.2) for #2031 issue
Special thanks to Guillaume Gnaegi and Fabrizio Mancin!
About
The bug is related to the Placeholders feature in Configuration and Routing.
The bug was introduced in version 23.2.0 as a part of PR #1927.
Breaking Change
The new validation rules of the
FileConfigurationFluentValidatorclass do not allow the Ocelot app to start when implicit placeholders are defined in custom implementations, such as middlewares, delegating handlers, and replaced services in the dependency injection (DI) container.These new rules are capable of validating explicit placeholders only within the
UpstreamPathTemplateandDownstreamPathTemplateproperties. Unfortunately, they cannot oversee implicit placeholders in custom implementations, and they do not validate early during the Ocelot app startup process.Ensure that you avoid using version 23.2.0. If you are currently on that version, upgrade to version 23.2.2 by applying this hotfix patch.
Technical info
With version 23.2.0, particularly if you have overridden certain service classes or implemented custom logic that manipulates placeholders, you may encounter Ocelot app crashes accompanied by the following errors in the log:
where
XXXare the following validation error messages:UpstreamPathTemplate 'UUU' doesn't contain the same placeholders in DownstreamPathTemplate 'DDD'DownstreamPathTemplate 'DDD' doesn't contain the same placeholders in UpstreamPathTemplate 'UUU'Finally, the validation rules resulted from the incorrect assumption that placeholders are always explicit and can be validated early. Therefore, custom implementations and feature services in the dependency injection (DI) container, which rely on or manipulate placeholders, should validate the configuration JSON and appropriate options later, directly within their service implementations.
Bug Artifacts
Features in Release 23.2.2
2ded8726 by Raman Maksimchuk on Friday, April 05 at 15:13 →
Release 23.2.1-2 artifacts | +semver: patch
14c6d82b by Raman Maksimchuk on Friday, April 05 at 12:57 →
#2031 Don't validate placeholders in templates (#2032)
d1855cb9 by Raman Maksimchuk on Thursday, April 04 at 00:17 →
#1673 #1672 Update Docker for CircleCI builds (#2030)
23.2.1
Documentation patch (version 23.2.1) for 23.2.0 release
This is a technical release: no other information.
What's Changed
Full Changelog: ThreeMammals/Ocelot@23.2.0...23.2.1
23.2.0
February 2024 (version 23.2.0) aka Lunar Eclipse release
What's new?
The
AddOcelotmethod merges the ocelot.*.json files into a single ocelot.json file as the primary configuration file, which is written back to disk and then added to theIConfigurationBuilderfor the well-knownIConfiguration. You can now call anotherAddOcelotmethod that adds the merged JSON directly from memory to theIConfigurationBuilder, usingAddJsonStreaminstead.See more details in Configuration Overview of Dependency Injection.
This feature by @FelixBoers is available starting from version 13.0.0.
Focus On
Updates of the features: Configuration, Dependency Injection and QoS
Ocelot extra packages
Polly 8.0+ versions introduced the concept of resilience pipelines.
All AddPolly extensions have been automatically migrated from v7 to v8.
Please note that older v7 extensions are marked with the
[Obsolete]attribute and renamed using theV7suffix. And the old v7 implementation has been moved to the v7 namespace.See more details in Polly v7 vs v8 section of Quality of Service chapter.
Stabilization aka bug fixing
New rules have been added to Ocelot's configuration validation logic to find duplicate placeholders in path templates.
See more in the FileConfigurationFluentValidator class. Thanks to @AlyHKafoury!
Using the default
IServiceCollectionDI extensions to register Ocelot services resulted in theServiceCollectionprovider being forced to be created by callingBuildServiceProvider().This resulted in problems with dependency injection libraries, or worse, causing the Ocelot app to crash!
See more in the ServiceCollectionExtensions class. Thanks to @ArwynFr!
Documentation for version 23.2
... (truncated)
23.1.0
January 2024 (version 23.1.0) aka Hornussen release
Focus On
Multiplexing middleware aka Request Aggregation feature
HttpContextis not copied when there is only one downstream route, and etc.HttpContext.Userinformation was not copied if there was more than one downstream request.System routing. Content streaming when Transfer-Encoding: 'chunked'
chunkedwas present even when there was no content or the request body size was 0. These cases are now addressed.Updates of the features: QoS, Load Balancer and Error Status Codes
AddPollyextension methods.PayloadTooLargeError(Ocelot error code41).Documentation for Request Aggregation
Stabilization aka bug fixing
Honoring 🏅 aka Top Contributors 👏
1st 🥇 goes to Guillaume Gnaegi for delivering 2 features
2nd 🥈 goes to Alexander Reinert for delivering 1 feature in 8 files changed
3rd 🥉 goes to Steven Liekens for delivering 1 feature in 5 files changed with 353 insertions
Starring ⭐ aka Release Influencers
⭐⭐ Guillaume Gnaegi, @ggnaegi
⭐ Alexander Reinert, @alexreinert
⭐ Chris Williams, @williamscs
⭐ Masoud Bahrami, @masoud-bahrami
... (truncated)
23.0.0
November-December 2023 (version 23.0.0) aka Sunny Koliada release
Focus On
System performance. System core performance review, redesign of system core related to routing and content streaming
Modification of the
RequestMapperwith a brand newStreamHttpContentclass, inOcelot.Request.Mappernamespace. The request body is no longer copied when it is handled by the API gateway, avoiding Out-of-Memory issues in pods/containers. This significantly reduces the gateway's memory consumption, and allows you to transfer content larger than 2 GB in streaming scenarios.Introduction of a new Message Invoker pool, in
Ocelot.Requesternamespace. We have replaced the HttpClient class with HttpMessageInvoker, which is the base class forHttpClient. The overall logic for managing the pool has been simplified, resulting in a reduction in the number of CPU cycles.Full HTTP content buffering is deactivated, resulting in a 50% reduction in memory consumption and a performance improvement of around 10%. Content is no longer copied on the API gateway, avoiding Out-of-Memory issues.
Memory consumption summary. We would like to share here some screenshots of K8s pods from our production environment. These charts were created on January 29-30. Special thanks to @RaynaldM for providing the screenshots!
(Click on the image to see the full resolution picture) 👇
Finally, we confirm that memory consumption is stable, and Ocelot ver. 23.0 is ready for use in production environments—even as a containerized application that may lack the memory resources of a Docker container. The typical memory consumption of a minimal ASP.NET Web API application at startup is around 250 MB. However, this figure depends on several indicators, including content body size, application load (i.e., requests per second index), and integration within the application core.
For high-load systems, a deployed Ocelot Docker container can allocate up to 400-500 MB, but we hope it won’t exceed that range. In our production environment, a container instance typically occupies around 350 MB. We recommend monitoring the deployed containers in your production environment, paying attention to their CPU & memory consumption. We believe that there will be no out-of-memory incidents at all.
Ocelot extra packages. Total 3 Ocelot packs were updated
DefaultCacheKeyGeneratorclass). Old version ofCacheKeyGeneratorhad significant performance issue when reading full content of HTTP request for caching key calculation of MD5 hash value. This hash value was excluded from the caching key._...
Description has been truncated