Skip to content

Release 3.16#1551

Merged
tkan145 merged 4 commits into
3scale:masterfrom
tkan145:release-3.16
Jun 5, 2025
Merged

Release 3.16#1551
tkan145 merged 4 commits into
3scale:masterfrom
tkan145:release-3.16

Conversation

@tkan145
Copy link
Copy Markdown
Contributor

@tkan145 tkan145 commented May 19, 2025
edited
Loading

How to generate policy file

Build apicast image

make runtime-image IMAGE_NAME=apicast-runtime-image:release-3.16

Run apicast

$ cat <<EOF >config.json
{
   "services": [
      {
         "proxy": {
             "hosts": ["one"],
             "proxy_rules": [],
             "api_backend": "https://echo-api.3scale.net",
             "policy_chain": []
         }
      }
   ]
}
EOF

$ docker run -ti -p 8090:8090 --name apicast --rm -v $PWD/config.json:/opt/app/config.json:ro --env THREESCALE_CONFIG_FILE=/opt/app/config.json --env APICAST_LOG_LEVEL=debug --env APICAST_CONFIGURATION_LOADER=lazy --env APICAST_CONFIGURATION_CACHE=0 --env THREESCALE_DEPLOYMENT_ENV=staging --env BACKEND_ENDPOINT_OVERRIDE=http://127.0.0.1:3000 --env APICAST_WORKERS=1 apicast-runtime-image:release-3.16

Fetch policies

$ mkdir -p doc/policies_list/3.16.0
$ curl -v -H "Host: one" http://127.0.0.1:8090/policies -o policies.latest.json
# pretty print and fix string encoding issues
$ jq --sort-keys . policies.latest.json > doc/policies_list/3.16.0/policies.json

@tkan145 tkan145 requested review from a team as code owners May 19, 2025 02:28
lcavalle
lcavalle reviewed May 19, 2025
View reviewed changes
Comment thread CHANGELOG.md Outdated
- Remove Conditional Policy from the UI [PR #1534](https://github.com/3scale/APIcast/pull/1534) [THREESCALE-6116](https://issues.redhat.com/browse/THREESCALE-6116)
- Remove redis connection error message from response body in edge limiting policy [PR #1537](https://github.com/3scale/APIcast/pull/1537) [THREESCALE-11701](https://issues.redhat.com/browse/THREESCALE-11701)
- Fix `on_failed` policy doesn't work with `conditional policy` [THREESCALE-11738](https://issues.redhat.com/browse/THREESCALE-11738) [PR #1541](https://github.com/3scale/APIcast/pull/1541)
- Concat filtered services into a single log [THREESCALE-10894](https://issues.redhat.com/browse/THREESCALE-10894) [PR #1493](https://github.com/3scale/APIcast/pull/1493)
Copy link
Copy Markdown
Contributor

@lcavalle lcavalle May 19, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Concat filtered services into a single log [THREESCALE-10894](https://issues.redhat.com/browse/THREESCALE-10894) [PR #1493](https://github.com/3scale/APIcast/pull/1493)
- Concatenated filtered services into a single log [THREESCALE-10894](https://issues.redhat.com/browse/THREESCALE-10894) [PR #1493](https://github.com/3scale/APIcast/pull/1493)

lcavalle
lcavalle reviewed May 19, 2025
View reviewed changes
Comment thread CHANGELOG.md Outdated
- JWT signature verification, support for ES256/ES512 #1533 [PR #1533](https://github.com/3scale/APIcast/pull/1533) [THREESCALE-11474](https://issues.redhat.com/browse/THREESCALE-11474)
- Add `enable_extended_context` to allow JWT Claim Check access full request context [PR #1535](https://github.com/3scale/APIcast/pull/1535) [THREESCALE-9510](https://issues.redhat.com/browse/THREESCALE-9510)
- JWT signature verification, support for ES256/ES512 [PR #1533](https://github.com/3scale/APIcast/pull/1533) [THREESCALE-11474](https://issues.redhat.com/browse/THREESCALE-11474)
- Add `enable_extended_context` to allow JWT Claim Check access full request context [PR #1535](https://github.com/3scale/APIcast/pull/1535) [THREESCALE-9510](https://issues.redhat.com/browse/THREESCALE-9510)
Copy link
Copy Markdown
Contributor

@lcavalle lcavalle May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Add `enable_extended_context` to allow JWT Claim Check access full request context [PR #1535](https://github.com/3scale/APIcast/pull/1535) [THREESCALE-9510](https://issues.redhat.com/browse/THREESCALE-9510)
- Added `enable_extended_context` to allow JWT Claim Check access full request context [PR #1535](https://github.com/3scale/APIcast/pull/1535) [THREESCALE-9510](https://issues.redhat.com/browse/THREESCALE-9510)

lcavalle
lcavalle reviewed May 19, 2025
View reviewed changes
Comment thread CHANGELOG.md Outdated
- Add `enable_extended_context` to allow JWT Claim Check access full request context [PR #1535](https://github.com/3scale/APIcast/pull/1535) [THREESCALE-9510](https://issues.redhat.com/browse/THREESCALE-9510)
- JWT Parser policy [PR #1536](https://github.com/3scale/APIcast/pull/1536) [THREESCALE-10708](https://issues.redhat.com/browse/THREESCALE-10708)
- TLS Validation Policy - add support to validate client certificate with CRL and OCSP [PR #1503](https://github.com/3scale/APIcast/pull/1503) [THREESCALE-11404](https://issues.redhat.com/browse/THREESCALE-11404)
- Use luarocks v3 [PR #1513](https://github.com/3scale/APIcast/pull/1513)
Copy link
Copy Markdown
Contributor

@lcavalle lcavalle May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Use luarocks v3 [PR #1513](https://github.com/3scale/APIcast/pull/1513)
- Used luarocks v3 [PR #1513](https://github.com/3scale/APIcast/pull/1513)

lcavalle
lcavalle reviewed May 19, 2025
View reviewed changes
Comment thread CHANGELOG.md Outdated

### Removed

- Remove opentracing support [PR #1520](https://github.com/3scale/APIcast/pull/1520) [THREESCALE-11603](https://issues.redhat.com/browse/THREESCALE-11603)
Copy link
Copy Markdown
Contributor

@lcavalle lcavalle May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Remove opentracing support [PR #1520](https://github.com/3scale/APIcast/pull/1520) [THREESCALE-11603](https://issues.redhat.com/browse/THREESCALE-11603)
- Removed OpenTracing support [PR #1520](https://github.com/3scale/APIcast/pull/1520) [THREESCALE-11603](https://issues.redhat.com/browse/THREESCALE-11603)

lcavalle
lcavalle requested changes May 19, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@lcavalle lcavalle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added some minor reviews to fix typos.

eguzki
eguzki reviewed May 20, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@eguzki eguzki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

minor: the verification steps have 3.15 instead of 3.16, but not a big deal.

Ready to be merged when requested changes are addressed

@tkan145
Copy link
Copy Markdown
Contributor Author

tkan145 commented May 26, 2025

@eguzki thanks, the verification steps have been updated to 3.16

@lcavalle thanks for your feedback, could you please give it another review?

@tkan145 tkan145 requested a review from lcavalle May 27, 2025 11:17
@tkan145
Copy link
Copy Markdown
Contributor Author

tkan145 commented Jun 4, 2025

It seems there is an issue with luarocks luarocks/luarocks#1797 causing our CI pipeline to fail.

@eguzki should we wait for the fix?

@eguzki
Copy link
Copy Markdown
Member

eguzki commented Jun 4, 2025

It seems there is an issue with luarocks luarocks/luarocks#1797 causing our CI pipeline to fail.

@eguzki should we wait for the fix?

Being a PR to set release data, I would merge without waiting for tests. Make sure images are being built and pushed to quay.io

@tkan145
Copy link
Copy Markdown
Contributor Author

tkan145 commented Jun 5, 2025

On luarocks install <package name> luarocks will load the manifest and look for the package, however luajit can only hold 65536 items in a table and the numbers of rocks has surpass this number since May 29, hence the following error

When user call luarocks install <package name> , luarocks will load the manifest and search for the package, however luajit can only hold 65536 entries in a table and the number of rocks has exceeded this number since May 29, hence the following error

main function has more than 65536 constants

The solution seems to be:

  1. Install the rocks directly and bypass manifest lookup.
luarocks install --deps-mode=none --tree /usr/local https://luarocks.org/manifests/pintsized/lua-resty-http-0.17.1-0.src.rock
  1. Use older version of manifest. See Upgrade luarocks to v3.12.0 #1552
  2. Overwrite the rocks_server to use older manifest via luarocks config file.
  3. Switch to use json manifest feat: allow loading json manifest luarocks/luarocks#1798

Both option (1) and (2) won't work for dev-image due to we also need use rover to install rocks.
Option (3) works but seem evasive
Option (4) we will need to wait for a new release of luarocks and perhaps another fix for https://github.com/luarocks/luarocks-site

Since we are still able to build runtime image (due to bypass manifest lookup and install the rocks directly). I will merge this PR

@tkan145 tkan145 merged commit e24d3c8 into 3scale:master Jun 5, 2025
7 of 12 checks passed
@tkan145 tkan145 deleted the release-3.16 branch June 5, 2025 04:10
@tkan145 tkan145 mentioned this pull request Jun 6, 2025
Merged
@tkan145 tkan145 restored the release-3.16 branch June 10, 2025 02:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eguzki eguzki eguzki left review comments

@lcavalle lcavalle lcavalle approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tkan145 @eguzki @lcavalle