Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

release: v1.29.1 #3742

Merged
merged 4 commits into from
Sep 4, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
93 changes: 83 additions & 10 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ All notable changes to Router will be documented in this file.

This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2.0.0.html).

# [1.29.0] - 2023-09-04
# [1.29.1] - 2023-09-04

## 🚀 Features

Expand Down Expand Up @@ -32,11 +32,21 @@ This directive allows access to the annotated field or type for authenticated re
For more information on how to use these directives, please read Apollo Router [docs](https://www.apollographql.com/docs/router/configuration/authorization)
```


By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3397 https://github.com/apollographql/router/pull/3662

## 🐛 Fixes

### Subscriptions: Correct v1.28.x regression allowing panic via un-named subscription operation

Correct a regression that was introduced in Router v1.28.0 which made a Router **panic** possible when the following _three_ conditions are _all_ met:

1. When sending an un-named (i.e., "anonymous") `subscription` operation (e.g., `subscription { ... }`); **and**;
2. The Router has a `subscription` type defined in the Supergraph schema; **and**
3. Have subscriptions enabled (they are disabled by default) in the Router's YAML configuration, either by setting `enabled: true` _or_ by setting a `mode` within the `subscriptions` object (as seen in [the subscriptions documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup).

By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3738


### Update Deno to resolve Rust Docs generation failure ([Issue #3305](https://github.com/apollographql/router/issues/3305))

We've updated to the latest version of Deno (0.200) to fix errors when generating [docs.rs/apollo-router](https://docs.rs/crate/apollo-router/latest).
Expand All @@ -63,10 +73,73 @@ Access to a parsed schema is required in various parts of the Router. Previously

By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3547

# [1.29.0] - 2023-09-04

> **Warning**
>
> **This version has a critical bug impacting anyone using subscriptions. See the _Fixes_ in [v1.29.1](https://github.com/apollographql/router/releases/tag/v1.29.1) for details. We highly recommend using v1.29.1 over v1.29.0 when using subscriptions.**

## 🚀 Features

### GraphOS Enterprise: Authorization ([PR #3397](https://github.com/apollographql/router/pull/3397), [PR #3662](https://github.com/apollographql/router/pull/3662))

> ⚠️ This is an [Enterprise feature](https://www.apollographql.com/blog/platform/evaluating-apollo-router-understanding-free-and-open-vs-commercial-features/) of the Apollo Router. It requires an organization with a [GraphOS Enterprise plan](https://www.apollographql.com/pricing/).

If your organization doesn't currently have an Enterprise plan, you can test out this functionality by signing up for a free [Enterprise trial](https://www.apollographql.com/docs/graphos/org/plans/#enterprise-trials).
We introduce two new directives, `@requiresScopes` and `@authenticated`, that define authorization policies for fields and types in the supergraph schema, composed with Federation version 2.5.3 or higher.

They are defined as follows:

```graphql
scalar federation__Scope
directive @requiresScopes(scopes: [[federation__Scope!]!]!) on OBJECT | FIELD_DEFINITION | INTERFACE | SCALAR | ENUM
```

This directive allows granular access control through user-defined scopes.

```graphql
directive @authenticated on OBJECT | FIELD_DEFINITION | INTERFACE | SCALAR | ENUM
```

This directive allows access to the annotated field or type for authenticated requests only.
For more information on how to use these directives, please read Apollo Router [docs](https://www.apollographql.com/docs/router/configuration/authorization)

By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3397 https://github.com/apollographql/router/pull/3662

## 🐛 Fixes

### Update Deno to resolve Rust Docs generation failure ([Issue #3305](https://github.com/apollographql/router/issues/3305))

We've updated to the latest version of Deno (0.200) to fix errors when generating [docs.rs/apollo-router](https://docs.rs/crate/apollo-router/latest).

By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3626

### GraphQL response processing is now captured under the execution span ([PR #3732](https://github.com/apollographql/router/pull/3732))

Ensure processing is captured under the "execution" span. Previously, events would be reported under the supergraph span or — even more arbitrarily — any plugin's span (e.g., Rhai).

By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3732

## 🛠 Maintenance

### Apollo Uplink connections re-use the existing HTTP client ([Issue #3333](https://github.com/apollographql/router/issues/3333))

A single HTTP client will now be shared between requests of the same type when making requests to [Apollo Uplink](https://www.apollographql.com/docs/federation/managed-federation/uplink/) to fetch supergraphs, licenses and configuration from Studio. Previously, such requests created a new HTTP client on each periodic fetch which occasionally resulted in CPU spikes, especially on macOS.

By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3703

### Remove unneeded schema parsing steps ([PR #3547](https://github.com/apollographql/router/pull/3547))

Access to a parsed schema is required in various parts of the Router. Previously were were parsing the schema multiple times, but this is now fixed.

By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3547

# [1.28.1] - 2023-08-28

> **Warning**
>
> **This version has a critical bug impacting anyone using subscriptions. See the _Fixes_ in [v1.29.1](https://github.com/apollographql/router/releases/tag/v1.29.1) for details. We highly recommend using v1.29.1 over any v1.28.x version when using subscriptions.**

## 🚀 Features

### Expose the `stats_reports_key` hash to plugins. ([Issue #2728](https://github.com/apollographql/router/issues/2728))
Expand Down Expand Up @@ -193,7 +266,7 @@ Several improvements to safelisting behavior based on preview feedback:
* If introspection is enabled on the server, any operation whose top-level fields are introspection fields (`__type`, `__schema`, or `__typename`) is considered to be in the safelist.
This special case is not applied if `require_id` is enabled, so that Router never parses freeform GraphQL in this mode.
* When `log_unknown` is enabled and `apq` has not been disabled, the Router now logs any operation not in the safelist as unknown, even those sent via IDs if the operation was found in the APQ cache rather than the manifest.
* When `log_unknown` and `require_id` are both enabled, the Router now logs all operations that rejects (i.e., all operations sent as freeform GraphQL).
* When `log_unknown` and `require_id` are both enabled, the Router now logs all operations that rejects (i.e., all operations sent as freeform GraphQL).

Previously, the Router only logged the operations that would have been rejected by the safelist feature with `require_id` disabled (i.e., operations sent as freeform GraphQL that do not match an operation in the manifest).

Expand Down Expand Up @@ -607,7 +680,7 @@ By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollo

# [1.24.0] - 2023-07-13

***Note that this release contains a bug in query planning around query fragment reuse and should not be used. If upgrading, consider going straight to 1.25.0.***
***Note that this release contains a bug in query planning around query fragment reuse and should not be used. If upgrading, consider going straight to 1.25.0.***

## 🚀 Features

Expand All @@ -631,7 +704,7 @@ By [@garypen](https://github.com/garypen) in https://github.com/apollographql/ro

The GraphQL spec is rather light on what should happen when we process responses from subgraphs. The current behaviour within the Router was inconsistently short circuiting response processing and this producing confusing errors.
> #### Processing the response
>
>
> If the response uses a non-200 status code and the media type of the response payload is application/json then the client MUST NOT rely on the body to be a well-formed GraphQL response since the source of the response may not be the server but instead some intermediary such as API gateways, proxies, firewalls, etc.

The logic has been simplified and made consistent using the following rules:
Expand Down Expand Up @@ -845,7 +918,7 @@ By [@garypen](https://github.com/garypen) in https://github.com/apollographql/ro

Root span name has changed from `request` to `<graphql.operation.kind> <graphql.operation.name>`

[Open Telemetry graphql semantic conventions](https://opentelemetry.io/docs/specs/otel/trace/semantic_conventions/instrumentation/graphql/) specify that the root span name must match the operation kind and name.
[Open Telemetry graphql semantic conventions](https://opentelemetry.io/docs/specs/otel/trace/semantic_conventions/instrumentation/graphql/) specify that the root span name must match the operation kind and name.

Many tracing providers don't have good support for filtering traces via attribute, so changing this significantly enhances the tracing experience.

Expand Down Expand Up @@ -944,7 +1017,7 @@ By [@EverlastingBugstopper](https://github.com/EverlastingBugstopper) in https:/

### Add security-related warnings to JWT auth docs ([PR #3299](https://github.com/apollographql/router/pull/3299))

There are a couple potential security pitfalls when leveraging the router for JWT authentication. These are now documented in [the relevant section of the docs](https://www.apollographql.com/docs/router/configuration/authn-jwt). If you are currently using JWT authentication in the router, be sure to [secure your subgraphs](https://www.apollographql.com/docs/federation/building-supergraphs/subgraphs-overview#securing-your-subgraphs) and [use care when propagating headers](https://www.apollographql.com/docs/router/configuration/authn-jwt#example-forwarding-claims-to-subgraphs).
There are a couple potential security pitfalls when leveraging the router for JWT authentication. These are now documented in [the relevant section of the docs](https://www.apollographql.com/docs/router/configuration/authn-jwt). If you are currently using JWT authentication in the router, be sure to [secure your subgraphs](https://www.apollographql.com/docs/federation/building-supergraphs/subgraphs-overview#securing-your-subgraphs) and [use care when propagating headers](https://www.apollographql.com/docs/router/configuration/authn-jwt#example-forwarding-claims-to-subgraphs).

By [@dbanty](https://github.com/dbanty) in https://github.com/apollographql/router/pull/3299

Expand Down Expand Up @@ -1188,7 +1261,7 @@ This PR includes the following configurable performance optimizations.
- Instead of sending subscription data between a Router and subgraph over an open WebSocket, the Router can be configured to send the subgraph a callback URL that will then be used to receive all source stream events
- Subscription enabled subgraphs send source stream events (subscription updates) back to the callback URL by making HTTP POST requests
- Refer to the [callback mode documentation](https://github.com/apollographql/router/blob/dev/dev-docs/callback_protocol.md) for more details, including an explanation of the callback URL request/response payload format
- This feature is still experimental and needs to be enabled explicitly in the Router config file
- This feature is still experimental and needs to be enabled explicitly in the Router config file

By [@bnjjj](https://github.com/bnjjj) and [@o0Ignition0o](https://github.com/o0ignition0o) in https://github.com/apollographql/router/pull/3285

Expand Down Expand Up @@ -1222,9 +1295,9 @@ By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollograp

### Add support for empty auth prefixes ([Issue #2909](https://github.com/apollographql/router/issues/2909))

The `authentication.jwt` plugin now supports empty prefixes for the JWT header. Some companies use prefix-less headers; previously, the authentication plugin rejected requests even with an empty header explicitly set, such as:
The `authentication.jwt` plugin now supports empty prefixes for the JWT header. Some companies use prefix-less headers; previously, the authentication plugin rejected requests even with an empty header explicitly set, such as:

```yml
```yml
authentication:
jwt:
header_value_prefix: ""
Expand Down
6 changes: 3 additions & 3 deletions Cargo.lock
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,7 @@ dependencies = [

[[package]]
name = "apollo-router"
version = "1.29.0"
version = "1.29.1"
dependencies = [
"access-json",
"anyhow",
Expand Down Expand Up @@ -419,7 +419,7 @@ dependencies = [

[[package]]
name = "apollo-router-benchmarks"
version = "1.29.0"
version = "1.29.1"
dependencies = [
"apollo-parser 0.6.1",
"apollo-router",
Expand All @@ -435,7 +435,7 @@ dependencies = [

[[package]]
name = "apollo-router-scaffold"
version = "1.29.0"
version = "1.29.1"
dependencies = [
"anyhow",
"cargo-scaffold",
Expand Down
2 changes: 1 addition & 1 deletion apollo-router-benchmarks/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "apollo-router-benchmarks"
version = "1.29.0"
version = "1.29.1"
authors = ["Apollo Graph, Inc. <[email protected]>"]
edition = "2021"
license = "Elastic-2.0"
Expand Down
2 changes: 1 addition & 1 deletion apollo-router-scaffold/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "apollo-router-scaffold"
version = "1.29.0"
version = "1.29.1"
authors = ["Apollo Graph, Inc. <[email protected]>"]
edition = "2021"
license = "Elastic-2.0"
Expand Down
2 changes: 1 addition & 1 deletion apollo-router-scaffold/templates/base/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ apollo-router = { path ="{{integration_test}}apollo-router" }
apollo-router = { git="https://github.com/apollographql/router.git", branch="{{branch}}" }
{{else}}
# Note if you update these dependencies then also update xtask/Cargo.toml
apollo-router = "1.29.0"
apollo-router = "1.29.1"
{{/if}}
{{/if}}
async-trait = "0.1.52"
Expand Down
2 changes: 1 addition & 1 deletion apollo-router-scaffold/templates/base/xtask/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ apollo-router-scaffold = { path ="{{integration_test}}apollo-router-scaffold" }
{{#if branch}}
apollo-router-scaffold = { git="https://github.com/apollographql/router.git", branch="{{branch}}" }
{{else}}
apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.29.0" }
apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.29.1" }
{{/if}}
{{/if}}
anyhow = "1.0.58"
Expand Down
2 changes: 1 addition & 1 deletion apollo-router/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "apollo-router"
version = "1.29.0"
version = "1.29.1"
authors = ["Apollo Graph, Inc. <[email protected]>"]
repository = "https://github.com/apollographql/router/"
documentation = "https://docs.rs/apollo-router"
Expand Down
7 changes: 0 additions & 7 deletions apollo-router/src/context/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -70,13 +70,6 @@ impl Context {
}

impl Context {
pub(crate) fn operation_name(&self) -> Option<String> {
// This method should be removed once we have a proper way to get the operation name.
self.entries
.get(OPERATION_NAME)
.map(|v| v.value().as_str().unwrap().to_string())
}

/// Returns true if the context contains a value for the specified key.
pub fn contains_key<K>(&self, key: K) -> bool
where
Expand Down
8 changes: 7 additions & 1 deletion apollo-router/src/services/subgraph_service.rs
Original file line number Diff line number Diff line change
Expand Up @@ -431,6 +431,13 @@ async fn call_websocket(
subgraph_cfg: &WebSocketConfiguration,
subscription_hash: String,
) -> Result<SubgraphResponse, BoxError> {
let operation_name = request
.subgraph_request
.body()
.operation_name
.clone()
.unwrap_or_default();

let SubgraphRequest {
subgraph_request,
subscription_stream,
Expand All @@ -445,7 +452,6 @@ async fn call_websocket(
let (handle, created) = notify
.create_or_subscribe(subscription_hash.clone(), false)
.await?;
let operation_name = context.operation_name().unwrap_or_default();
tracing::info!(
monotonic_counter.apollo.router.operations.subscriptions = 1u64,
subscriptions.mode = %"passthrough",
Expand Down
2 changes: 1 addition & 1 deletion dockerfiles/tracing/docker-compose.datadog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ services:

apollo-router:
container_name: apollo-router
image: ghcr.io/apollographql/router:v1.29.0
image: ghcr.io/apollographql/router:v1.29.1
volumes:
- ./supergraph.graphql:/etc/config/supergraph.graphql
- ./router/datadog.router.yaml:/etc/config/configuration.yaml
Expand Down
2 changes: 1 addition & 1 deletion dockerfiles/tracing/docker-compose.jaeger.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ services:
apollo-router:
container_name: apollo-router
#build: ./router
image: ghcr.io/apollographql/router:v1.29.0
image: ghcr.io/apollographql/router:v1.29.1
volumes:
- ./supergraph.graphql:/etc/config/supergraph.graphql
- ./router/jaeger.router.yaml:/etc/config/configuration.yaml
Expand Down
2 changes: 1 addition & 1 deletion dockerfiles/tracing/docker-compose.zipkin.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ services:
apollo-router:
container_name: apollo-router
build: ./router
image: ghcr.io/apollographql/router:v1.29.0
image: ghcr.io/apollographql/router:v1.29.1
volumes:
- ./supergraph.graphql:/etc/config/supergraph.graphql
- ./router/zipkin.router.yaml:/etc/config/configuration.yaml
Expand Down
2 changes: 1 addition & 1 deletion docs/source/containerization/docker.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ The default behaviour of the router images is suitable for a quickstart or devel

Note: The [docker documentation](https://docs.docker.com/engine/reference/run/) for the run command may be helpful when reading through the examples.

Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `<image version>` with your chosen version. e.g.: `v1.29.0`
Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `<image version>` with your chosen version. e.g.: `v1.29.1`

## Override the configuration

Expand Down
Loading