CHANGELOG.md

Release 1.60.0 24-06-2024

• Default enable_api_key_uid_reporting to true (#871)
• Add flag enable_api_key_uid_reporting and report unknown when the check response status is not OK. (#865)
• Propagates Api Key UID in ESP. (#864)

Release 1.59.0 07-10-2021

• Update to the latest root ca to fix Lets Encrypt cert expiration (#852)

Release 1.58.0 01-09-2021

• Remove X-Endpoint-API-UserInfo for all header occurrences. (#845)

Release 1.57.0 25-05-2021

• Update googleapis to the 05/18/2021 (#837)

Release 1.56.0 26-01-2021

• Add back authorizationUrl redirect feature with a flag (#828)

Release 1.55.0 12-01-2021

• Remove authorizationUrl redirect (#824)
• Change to warning for duplicated http options template (#820)
• Replace flag service_control_network_fail_open with service_control_network_fail_policy (#818)

Release 1.54.0 09-09-2020

• Add appengine's nginx latency status module (#810)

Release 1.53.0 18-06-2020

• Increase metadata fetch timeout to 30s (#803)

Release 1.52.0 27-05-2020

• Increase timeout of fetching access token from metadata server to 5s (#798)
• Fix grpc transcoding bugs for unknown fields (#797)

Release 1.51.0 12-05-2020

• Replace docker base with debian:buster (#792)

Release 1.50.0 21-04-2020

• Convert 4xx ServiceControl failures to 500 (#785)
• Add Brotli Support for NGINX in ESP (#784)

Release 1.49.0 07-04-2020

• Only apply network_fail_open policy to 5xx Http status code (#779)
• Add trace span for metadata fetching (#778)

Release 1.48.0 24-03-2020

• Copy the original Authorization header to X-Forwarded-Authorization for backend auth (#772)
• Fetch access token for rollout change timer (#774)

Release 1.47.0 17-03-2020

• Periodically send empty report to detect rollout changes (#769)

Release 1.46.0 02-03-2020

• Add flag --client_body_timeout (#765)

Release 1.45.0 18-02-2020

• Add support for Http rule additional_bindings (#761)
• forward the User-Agent header to grpc backend (#760)
• Log error log for access token fetching failure (#754)

Release 1.44.0 08-01-2020

• Add audiences in userInfo (#744)
• Fix ESP crash when fetching large jwt public keys (#745)
• Fix backend routing with CONSTANT_ADDRESS (#736)
• Log service config rollout fetching error (#734)
• fixed option description for disable sampling (#733)

Release 1.43.0 04-11-2019

• add flag --keepalive_timeout (#727)
• Add a script to build service config into image (#725)

Release 1.42.0 23-10-2019

• Update googleapis with latest CheckError codes (#722)
• Get ready for building service config into serverless docker image (#719)
• fix google-auth bug (#714)
• Replace oauth2client with google-auth(#706)
• metadata: add fetch failure status timeout (#701)

Release 1.40.0 16-09-2019

• start_esp adds 2 more values to nginx config template(#694)
• Add client_ip to the log entries (#690)

Release 1.39.0 04-09-2019

• Grpc transcoding supports preserve proto name (#685)
• Escape query parameters in backend_routing (#683)

Release 1.38.0 19-08-2019

• Change metadata token request url for getting full JWT (#676)

Release 1.37.0 08-08-2019

• Fix a rare crash: not to overwrite same config_id (#669)
• Add api-key to Header when doing json-grpc transcoding (#661)
• Log message clearly for invalid http template errors (#657)
• Throttle the time to call ServiceManagement for new rollout (#654)
• Allow JWT from authorization without Bearer prefix (#653)
• Make JWT sub field optional (#647)

Release 1.36.0 17-07-2019

• Using a more unique fileanme for service config when using multiple services (#641) (#642)
• Fix backend address with path (#638)

Release 1.35.0 11-06-2019

• Allow nginx config to include other custom configs (#631)
• Change flag service_control_network_fail_open default to true (#629)
• Upgrade grpc version to 1.21 (#624)

Release 1.34.0 20-05-2019

• Set grpc.max_metadata_size to INT_MAX (#620)
• Append error message to log_message (#616)
• Add service_agent and service_config_id to log_entries (#615)
• Use the service_rollout_id from Check/Report response (#613)
• Fix grpc percent encode reserved code table (#614)
• Change service control calls default timeout (#611)

Release 1.33.0 13-05-2019

• Add a flag to config jwks cache duration (#607)
• Add network_fail_open flag for service control check (#603)
• Add retry for service control calls (#601)
• Improve JWT verification error reporting (#599)

Release 1.32.0 30-04-2019

• Percent encode for grpc tailer: grpc-message (#588)
• Support SSL for gRPC backend (#582)
• Handle API_TARGET_BLOCKED and RESOURCE_EXHAUSTED (#581)
• Override Compute Platform in serverless docker image (#579)

Release 1.31.0 01-04-2019

• Support large_client_header_buffers via flag (#571)
• Update the base image from jessie to stretch (#572)
• Support compute_platform_override (#570)
• Build a secure ESP docker image run as non-root (#563)
• Not to send connection headers to gRPC upstream (#562)
• Build with latest Bazel(upgrade Bazel from 0.5.4 to 0.21.0) (#529)

Release 1.30.0 27-02-2019

• Fix grpc long stream memory leak by using re-cycled buffers (#552)
• Improve env variable handling in serverless image startup script. (#544)
• Increase timeout for checking new service rollout (#543)
• Log JWT Payloads if configured (#531)
• CONSTANT ADDRESS backend routing always use jsonName instead of snake… (#537)
• Support gRPC client RST_STREAM (#530)
• Build ESP Docker image which accepts start_esp arguments from environment variables (#527)
• Add the agent label to all trace spans. (#526)
• Log http request and response headers if configured (#524)
• Add prefix [ESP] in error logging for clarification (#525)
• Add support for grpc tracing header. (#503)
• Add access token to upstream requests for backend routing (#518)
• Support backend routing, based on backed rules (#514)

Release 1.28.0 08-01-2019

• Not log JWT error when trying multiple public keys (#511)

• Not to extract api-key and use it if not required (#500)

Release 1.27.0 04-12-2018

• Fix grpc_web crash at sending trailers (#496)
• Clear SSL errors if JWT signature validation fails (#494)
• Not call service management rollouts if not traffic (#492)
• Support downloading large service config (#491)
• Move strict_tls_security header from server level to location level (#487)
• Upgraded nginx to 1.15.0 (#447)

Release 1.26.0 29-10-2018

• Correctly convert gRPC custom Status to JSON in transcoding. (#479)
• Add start_esp flag: experiental_proxy_backend_host_header. (#476)
• Add an option to enable HSTS (HTTP Strict Transport Security) (#474)
• Add enable_debug flag (#471)
• Not to log access token (#470)
• Upgrade gRPC from 1.4.2 to 1.15.0 (#450)
• CORS always adds the Access-Control-Allow-Origin header (#449)

Release 1.25.0 17-10-2018

• Change side-way http to use 1.1 (#453)
• Upgrade gRPC from 1.4.2 to 1.15.0 (#450)
• CORS always adds the Access-Control-Allow-Origin header (#449)

Release 1.24.0 29-08-2018

• Add --experimental_enable_multiple_api_configs flag (#439)

Release 1.23.0 27-08-2018

• Proxy multiple Endpoints services (#434)
• Move GceMetadata fetching to start_esp. (#435)
• Harden code, not to free nullptr pool (#436)
• Add the start_esp_test to the BUILD file (#433)

Release 1.22.0 16-08-2018

• Add two options --generate_config_file_only and --server_config_generation_path
• Skip the host header in the grpc metadata (#424)

Release 1.21.0 11-07-2018

• Add JWT claims to the X-Endpoint-API-UserInfo header (#409)
• Add cloud_trace_url_override option
• add service_control_url_override option
• Add the parameter ssl_protocols to specify the SSL protocols

Release 1.20.0 14-06-2018

• Add cors_with_regex preset with --cors_allow_origin_regex flag
• Add --cors_allow_credentials option
• Add SNI support to ESP for https clients (#399)

Release 1.19.0 17-05-2018

• Added --disable_trace_sampling flag

Release 1.18.0 10-05-2018

• Separated location related changes
• Added condition to check non_gcp and service_account_key
• Fixed metadata configuration for GCP
• Fix typo in the default CORS headers.
• Returns Status::OK when metadata service is not available (#386)

Release 1.15.0 0-03-2018

• Added client IP address extraction for GAE Flex (#359)

Release 1.14.0 01-03-2018

• add --worker-processes argument to scale nginx workers with number of cores
• Fixed the args.rollout_id not defined bug when --service_json_path is specified
• Not to set default location (#353)

Release 1.13.0 24-01-2018

• Add option to generate self-signed certificate at start
• Added enable_websocket argument to start_esp
• Remove X-Endpoint-API-UserInfo header from clients (#339)
• support "grpc-status-details-bin" (#334)

Release 1.12.0 14-12-2017

• Fix transcoding issue with h2 (#320)
• Fix possible segmentation fault in rewrite rule debugging mode (#318)
• Change skip_service_control not to skip auth. (#311)

Release 1.11.0 07-11-2017

• Added --rewrite argument supporting rewrite rule
• Added --client_max_body_size argument
• Added --transcoding_always_print_primitive_fields true/false (#227)
• Added always_print_primitive_fields experimental option (#295)
• Added rewrite rule support instead of basepath match (#292)

Release 1.10.0 24-10-2017

• Fix a bug in path match for OPTIONS. (#285)
• Bare minimum support for gRPC-Web. (#283)

Release 1.9.0 27-09-2017

• Add start_esp options to allow more characters in HTTP headers
• Add --check_metadata option to disable checking metadata service
• Add --pid_file flag to configure PID file location.
• Add the support of JWK keys without the alg field (#274)

Release 1.8.0 12-09-2017

• Auto detect custom verb to support : in the path. (#257)
• Upgrade nginx to 1.13.4 (#242)
• Adding ES256 for auth jwt validator (#231)
• Support Nginx restart (#252)
• Add IAP header support (#251)
• Adding authz cache. (#225)

Release 1.7.0 22-08-2017

• Fixed the server config file backward compatibility

Release 1.6.0 18-08-2017

• Integrate IAP JWT auto-verification for GAE Flex (#240)
• Added by-consumer metrics to report request, X-Endpoint-API-Project-I… (#235)
• Support authorization url (#228)
• Added esp service config rollouts info to /endpoints_status (#222)
• Update gRPC to 1.4.2 (#220)

Release 1.5.0 14-07-2017

• Update NGINX to 1.13.3.
• Add support for skip_service_control usage rule.

Release 1.4.0 30-05-2017

• Fixed a Firebase rule bug when api-key is in query parameter.
• Use producer project for Quota if api-key is not provided.
• Added /producer/by_consumer metrics.
• Add backend_protocol in the Report call.

Release 1.3.0 25-04-2017

• Support endpoint authorization via firebase rules
• Update Dockerfile to expose port 8080 by default

Release 1.2.0 12-04-2017

• Support rate-limit.
• Set 443 for the default port of https backend in start_esp.
• Support escaped / in the URL path.
• Support X-HTTP-Method-Override.
• not to send api_key in Report if service is not activated.
• Set gRPC max send/receive message size to unlimited.
• Support apikey based traffic restriction.
• Rename log entry name request_size to request_size_in_bytes.

Release 1.1.0 01-03-2017

• Start deprecation of OpenAPI x-security to security (#101)
• Stop using api_key if service is not activated. (#98)
• Fail request if api_key is not valid
• Basic GRPC request compression support (#94)
• Support HEAD request in transcoding (#74)
• Rename release GCR images to gcr.io/endpoints-release (#60)
• NGINX high connection usage optimizations (#57)
• Make TLS client certificate optional in start_esp
• Start using AuthProvider audiences
• Notable bug fixes:
  • Fix ProxyFlow leak (#93)
  • Do not report latency for streaming requests
  • Validate if contents of x-jwks_uri contains a public key
• General improvements to testing and build infrastructure:
  • Update GRPC to 1.1.1
  • Update grpc test service.json (#61)
  • Add t test for fail wrong api key. (#104)
  • Fix grpc interop stress test script. (#103)
  • Use grpc-go for interop tests (#88)
  • Fix debian jessie package issue
  • Upgrade bazel to 0.4.4 (#92)
  • t-test changes to check that x-endpoint-api-userinfo is received by grpc (#96) service.
  • Add transcoding metadata test
  • Change scripts for new version file location.
  • Move nginx_repositories close to its load.
  • Fix start_esp main entry problem.
  • Change script/release_tag_git to use upstream. (#44)
  • Change release_tag_git to use absolute path.
  • Not to save huge access.log for GCE. (#41)
  • Fix bugs in script/release-publish. (#42)
  • Use newer protobuf.bzl (#39)
  • Use bazel to pull NGINX (#38)
  • Fix GRPC interop test BUILD file (#37)
  • Fix GRPC test BUILD file (#35)

Release 1.0.1 06-12-2016

• Use GOOGLE_APPLICATION_CREDENTIALS in start-up script
• service_control_client not to send large Report (<1MB)
• Add max_report_size to statistics
• Package start-up script with Python PEX
• ESP CLI use same version for ESP docker image
• A workaround for Proto2.MessageOptions.* options
• Not call Check if api_key not provided
• Respect allow_cors configuration
• Log a warning if service control replies with a different service config

Release 1.0.0 11-11-2016

• Fix for rename version => config_id
• Usability improvements to the fetching script
• Add support for HTTPS upstream to the start script
• Adds support for binding request fields using query parameters.
• Add health endpoint to application port
• Change the prefix for /credential_id label to lowercase.
• Fixed wrong protocol value in Report for grpc pass-though
• Send service_config_id to service control server.
• Upgrade nginx to 1.11.5
• Upgrade GPRC and protobuf
• Enable padding when base64 "X-Endpoints-API-UserInfo" HTTP header

Release 0.3.10 19-10-2016

• Fail open for method with allow_unregistered_calls.
• Ingress controller
• Update googleapis and service-control-client-cxx submodules.
• Cleanups, bug fixes and infrastructure improvements
  • Increase disk size for GCE raw test.
  • Use correct build paramater for rapture repo.
  • Fix gce test for latest release.
  • Adding fetch and retries for bazel builds.
  • Tempory fix for performance test.

Release 0.3.9 06-10-2016

• Fix debian package dependencies.
• Changed memory detection for stress tests.
• Update kubernetes client to 1.5.
  • Adds missing informer framework from kubernetes.
  • Adds support for GCP auth provider (used by gcloud).
• Fix transcoding error test failures under TSAN.
• Fix a shutdown crash found by TSAN tests.
• Enable memory leak detection in grpc stress test.
• Disable liveness probe for GKE tests.

Release 0.3.8 01-10-2016

• Fix handling large responses in gRPC handler.
• Fix memory leak caused by aborted client calls and report more detailed memory usage.
• Test presubmits in Jenkins and test improvement.
• Use instance internal ip instead of hostname.
• Add a test to make sure the "nbf" claim is checked.
• Report start_time correctly.
• Use Google APIs to deploy service configs.
• Use github Dockerfile to build Flex docker image.
• Add grpc interop stress test to Jenkins test.
• Read the "azp" (authorized party) claim from an auth token.
• Improve error handling logic.
• Enabling hazelcast in Jenkins.
• Stop collecting access logs in e2e tests.
• Stop status print outs in custom nginx.conf.
• Use espcli for GKE e2e tests.
• Calculate memory usage for long-run test.
• Add Google APIs Go bindings.
• Added a t test for invalid api_key case.
• Accept Issuer with or without https prefix for OpenID discovery.
• Removed testing for go binary for new docker slave.
• Update version number to 0.3.8.
• Switch to using start_esp for GCE raw VM.

Release 0.3.7 13-09-2016

• Do not send consumer metrics if api_key is not provided.
• Remove /producer/by_consumer metrics.
• Set api_version correctly in Report calls.
• Update to use googleapis proto from Github.
• Update googleapis submodule.
• Update platform from GAE to GAE Flex.
• Log fetching steps in the start script, disable status print outs.
• Initial CLI for GKE deployment management using k8s Go client.
• Cleanups, bug fixes and infrastructure improvements
  • Use perl bazel rules from github
  • Remove grpc in script/release-publish and script/release-stable.
  • Fix flaky tests by disabling service control cache.
  • Add configuration option for the subrequest certificate files

Release 0.3.6 07-09-2016

• Fix a memory leak in grpc transcode
• Add grpc large transcoding to stress test.
• Add endpoints_resolver in nginx config for HTTP subrequests DNS
• Upgrade to use GRPC to 1.0.0 GA and Protobuf to 3.0.0 GA
• Propagate grpc metadata from downstream to upstream
• Expose http and grpc ports when deploying grpc.
• Add gprc interop tests
• Switch to start_esp.py in docker generic image
• Extract api key from header x-api-key by default.

Release 0.3.5 24-08-2016

• Add bindings and body prefix test for transcoding
• Allow multiple HTTP rules for the same RPC method
• Add cloud trace request sampling.
• Add doc for ESP on k8s.
• Added a test to verify service control data.
• Cleanups, bug fixes & Infrastructure improvements
  • Set corret LANG environment variable for Jenkins
  • Fix ASAN failure in jenkins presubmit
  • Fix error handling of release-stable script
  • Fix Travis TSAN build
  • Implement books support in grpc bookstore backend
  • Add invalid JSON cases to transcoding errors test
  • Check HTTP status code in transcoding tests
  • Fix ASAN heap-use-after-free warning
  • Fixed metadata_timeout t asan failure.
  • Integrate GKE go script into Jenkins pipeline
  • Running e2e test on released artifacts and gcloud release candidate

Release 0.3.4 17-08-2016

• Add Kubernetes support & deployment improvements.
• Add configuration settings for local development using ESP.
• Aggregate traces and batch to CloudTrace API.
• Consolidate docs into a tutorial.
• Do not report producer project in errors.
• Improve GRPC/transcoding error handling.
• Print ESP version when running nginx-esp -V.
• Start a new Go based Test Infrastructure.
• Cleanups, bug fixes & Infrastructure improvements:
  • Add more test coverage.
  • Add presubmits to Jenkins.
  • Apply buildifer to BUILD files.
  • Parallelize t-tests.
  • Remove libgrpc based downstream implementation.
  • Stabilize stress tests.
  • Update Bazel to 0.3.1.
  • Update NGINX to 1.11.3.
  • Use NGINX trailers when finalizing gRPC response.
  • etc

Release 0.3.3 26-07-2016

• Add HTTP2 load test. Refactored common functionality in the load test client to support both wrk and h2load.
• Check logs on passing release quals only.
• Clean-up test transcoding proto.
• Add test to share port with HTTPS and GRPC.
• Increase keepalive and port range for GKE tests.
• Save GKE & GCE container logs.

Release 0.3.2 22-07-2016

• Improve grpc_pass stability; fixed a crash with large payload.
• Support grpc long run stress test.
• Pass cloud trace span id to backend.
• Pass x-endpoints-user-info to backend automatically, Not require a variable in nginx config.
• Update NGINX to 1.11.2 with self-managed workspace dependencies.
• Upgrade protobuf to 3.0.0-beta-4
• Use WRK for benchmarking instead of AB

Release 0.3.1 13-07-2016

Features in this release

• Add debug nginx binary into deb image.
• Add HTTP request retry logic
• HTTP/JSON <=> gRPC Transcoding
• Print endpoints status in nginx error log.
• Setup Travis CI

Release 0.3.0 07-07-2016 (First Beta Release of ESP)

Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for API services. It supports HTTP/JSON and gRPC APIs.

Features in this release

• Authentication (auth0, gitkit)
• API key validation
• API-level monitoring and logging
• Integration with Cloud Tracing