CaaS Platform

CAAS-2435

Updated RESTHeart to version 8.1.4. Updated MongoDB to version 7.0.15.

CAAS-2426

Adaptations to Prometheus alerts (for details see caas-alerts-prometheusrule.yaml) and updates to dependencies.

CAAS-2428

Added Grafana dashboard that displays metrics by pod.

CAAS-2410

RESTHeart has been updated to version 8.0.13. This version fixes an issue where requests with URL encoded parameters caused an Internal Server Error (HTTP 500).

CAAS-2400

Updated to RESTHeart 8.0.12. GraphQL apps are now cached for the lifetime of a RH instance. Cache entries are asynchronously revalidated based on configured /graphql/app-cache-ttr milliseconds. Improved performance of api key security mechanisms in context of GraphQL app executions and aggregation executions.

CAAS-1997

Updated RESTHeart to version 8.0.6. Also changed the setup process of JSON schema for API key validation in REST API, it now only triggers if at least 1 day has passed since the last success. Improved bootstrapping of REST API pods. Removed initial delay (initialDelaySeconds) of REST API readiness probe from the Helm chart.

CAAS-2242

The value of the featureCompatibilityVersion has been raised to 7.0 to complete the MongoDB update.

CAAS-2380

It is now possible to specify mongo.affinity.podAntiAffinityNamespaces in the helm values. This is useful when you have multiple CaaS deployments in your cluster and want to spread the MongoDB pods evenly on all nodes.

CAAS-2361

Updated RESTHeart to version 8.0.3.

CAAS-1778

Added resource requests and limits to sidecar and init containers of the MongoDB pod.

CAAS-2359

Upgraded MongoDB from 6.0.15 to 7.0.11. The featureCompatibilityVersion is still set to 6.0 and will be updated with an upcoming release. Backwards-incompatible DB features are therefore not yet activated.

PX-288

Improved internal infrastructure.

CAAS-2352

Added startup and liveness probe to MongoDB. Customization of the readiness probe.

CAAS-1936

Removed basic auth admin user.

CAAS-2323

Updated RESTHeart to version 7.7.10. GraphQL queries for abstract types now properly return null when the value of the document property is null.

CAAS-2356

The TenantSubdomainAndPathValidationInterceptor now ignores the suffix -caas-api for subdomains and the suffix -prod for paths when comparing. In addition, the tenant is now correctly identified from query parameters and in GraphQL queries.

CAAS-2088

RESTHeart has been updated to version 7.7.9 MongoDB has been updated to version 6.0.15. Changes to the Technical Datasheet.

PX-266

Removal of an unnecessary configuration file from the REST Docker image. Adjustments to the internal infrastructure.

CAAS-2340

Fixed an issue where DB queries exceeding the allowed name length were answered with HTTP 500 instead of HTTP 400. RESTHeart has been updated to version 7.7.8

CAAS-2245

Increasing the time that is waited for the completion of an index creation before a socket timeout occurs. Introduction of a new endpoint for checking indexes.

CAAS-2313

Added support for server-side resolving of references.

CAAS-2335

Updated MongoDB to version 6.0.14.

CAAS-2326

Improved performance of GraphQL queries and increased default cache duration of GraphQL applications from 10 to 60 seconds (configuration parameter graphql.app-def-cache-ttl).

CAAS-2107

RESTHeart has been extended by a component that generates trace ids for incoming requests if there is no identifier present in the headers. If restApi.additionalConfigOverrides./tracingHeaderGenerator/enabled: true is set in your custom-values.yaml, an x-b3-traceid will be logged and sent as a header in the response.

CAAS-2243

Improved GraphQL chapters of the documentation.

CAAS-2254

Improved internal infrastructure.

CAAS-2324

Metrics adjusted in version 18.0.0 are now actually only collected at database level.

PX-276

Improved internal infrastructure.

CAAS-2039

Improved internal infrastructure.

CAAS-2308

The REST API metrics endpoint has been moved from /_metrics to /_logic/metrics. The k8s ServiceMonitor has been adjusted accordingly.

In addition, metrics can now only be collected at database level.

RESTHeart has been updated to version 7.7.4.

CAAS-2267

Updated RestHeart to 7.7.1. GraphQL queries now abort after 30 seconds. This can be configured in the custom helm values using the parameter restApi.additionalConfigOverrides./graphql/query-time-limit: 30000.

Also the official communication on the Apikey format was updated. Check version 15.4.0 for more details on this.

CAAS-2309

Improved robustness of the setup endpoint for eventual consistency error conditions.

CAAS-2269

Improved error messages when checking permissions of aggregation requests.

CAAS-2297

Improved internal infrastructure.

CAAS-2296

Updating various dependencies.

CAAS-2294

RESTHeart has been updated to version 7.6.5.

PX-282

Improved internal infrastructure.

PX-264

Updating various dependencies.

CAAS-2222

The GRAPHQL stages $ifvar and $ifarg have been added.

CAAS-2260

RESTHeart has been updated to version 7.6.1.

CAAS-2259

Added resource limits to MongoDB init containers. Improved documentation about horizontal scaling of MongoDB.

CAAS-2255

Updated MongoDB to version 6.0.11.

CAAS-2256

When using multiple Ingress hosts, each host is now defined within its own Ingress definition. You can now also define custom annotations per host in the custom values.

CAAS-2238

Now properly validates permissions of simplified { $merge: <collection> } aggregation stages instead of just rejecting the request.

CAAS-2233

Added Prometheus Alert for increased 4xx error rate of WRITE requests.

CAAS-2239

RESTHeart has been updated to version 7.5.2.

CAAS-2248

The caas Helm chart now supports pre-release versions of Kubernetes 1.19 or later.

CAAS-2230

Fixed a problem where it was impossible to create local ApiKey with the same id as the global master ApiKey.

CAAS-2252

RESTHeart has been updated to version 7.5.0.

CAAS-2197

Small improvements in the Grafana dashboards.

CAAS-2221

Small improvements in the Grafana dashboards.

CAAS-2181

Extended reference docs of GraphQL apps and added tutorial for creating and using GraphQL apps.

CAAS-703

Changing the master API key in the custom helm values now automatically deletes the previous configured API key. Same applies to the metrics API key.

In addition, it is no longer possible to change the API key for metrics via the REST API.

Also, RESTHeart was updated to version 7.4.6.

CAAS-2219

At startup, some validation operations are now executed asynchronously to improve initialization time.

CAAS-1274

Removed the support for Helm 2 and Kubernetes <1.19.

CAAS-2215

Fixed a problem where creating an API Key immediately after db creation could result in 500 responses due to eventual consistency. Fixed an issue where syntactically invalid GraphQL queries were answered with 500 instead of 400. Updated RESTHeart to version 7.4.5.

CAAS-2182

Reading an API key from the Authorization header with the old format (apikey="..") no longer logs a warning.

CAAS-2196

Improved the tenant setup API endpoint.

CAAS-2206

Fixed issues of the queries of GraphQL panels of the Grafana dashboards.

CAAS-1475

Fixed an issue in the internal infrastructure.

CAAS-1475

Fixed an issue in the internal infrastructure.

CAAS-1475

Each release of the CaaS platform is now immediately made available in the download area for customers. In addition, the "Content as a Service" product documentation can now be found within the CaaS platform project in the online documentation (https://docs.e-spirit.com/).

CAAS-2176

Added Grafana dashboards that show trends over a longer time period.

PX-248

Improved internal infrastructure.

CAAS-1870

Improved Grafana dashboards and Prometheus alerts.

PX-247

RESTHeart has been updated to version 7.4.1.

CAAS-2080

Added collection and visualization of new GraphQL query metrics.

CAAS-2174

Added new /_logic/metrics-caas endpoint that contains additional metrics on top of the standard RESTHeart ones. Currently contains request and response size metrics per database. The collection of these additional metrics is disabled by default.

CAAS-2011

Added new Grafana dashboard that gives a better overview of multiple MongoDB deployments.

CAAS-2161

Improved internal documentation.

CAAS-1969

Improved Grafana dashboards.

CAAS-2170

Improved validation when creating/updating GraphQL apps.

CAAS-2138

Improved documentation of API keys.

CAAS-2005

Support for GraphQL aggregations.

CAAS-2153

RESTHeart has been updated to version 7.4.0.

CAAS-2133

Removed Master API key from Helm chart usage notes (NOTES.txt).

CAAS-2133

Added option to configure additional deployment matchLabels in helm chart values.

CAAS-1864

In the Grafana dashboards OPTIONS requests are no longer counted in the WRITE statistics. Restart Prometheus Rules now only count restarts over 2 days, instead of 7, to reduce unnecessary alerts after an issue has already been resolved.

CAAS-1982

Internal improvement of the setup endpoint.

CAAS-2120

The value of the featureCompatibilityVersion has been raised to 6.0 to trigger the MongoDB update without downtime in the Kubernetes stack.

CAAS-2079

Added additional tests.

CAAS-2144

Updated RESTHeart version to 7.3.5. In addition, interceptors accessing the request body have been changed so that their execution point is only after authentication.

CAAS-2127

GraphQL applications can now be created/updated using file uploads. The API endpoints https://REST-HOST:PORT/<tenant>/gql-apps/* accept a multipart request body (multipart/form-data) as an alternative to a JSON request body (application/json).

More information is available in the chapter Create/update GraphQL applications of the documentation.

CAAS-2149

Extension of the update notice for version 16.3.0.

CAAS-2031

Improving internal infrastructure.

CAAS-2135

Updated RESTHeart to version 7.3.3. This version comes with improved logging and speed during the start up process.

CAAS-2122

Improved internal infrastructure.

CAAS-2101

Improved protection of resources that should not be modifiable via the REST API. In particular, it is now no longer possible to delete the global GraphQL collection.

CAAS-2131

Fixed occasional crashloop during MongoDB pod startup due to race condition.

CAAS-2129

Updated RESTHeart to version 7.3.2

PX-222

Updating the used Gradle and Kotlin versions.

CAAS-2123

Added documentation for troubleshooting a file upload error caused by orphaned file chunks.

CAAS-2126

Fixed a bug introduced in 16.3.0 where the REST API pods failed to start if the value of the new Helm attribute restApi.additionalConfigOverrides remained empty.

Fixed a bug introduced in 16.4.0 where the MongoDB replicaset was not configured correctly on a new deployment.

CAAS-2119

Upgraded MongoDB from 5.0.6 to 6.0.4 The featureCompatibilityVersion is still set to 5.0 and will be updated with an upcoming release.

CAAS-2074

Updated RESTHeart to version 7.2.7

CAAS-2100

Improved internal infrastructure.

CAAS-2116

Improve logging of errors caused by validating database names.

CAAS-2121

Improved multi-tenant and multi-deployment overview Grafana dashboards.

CAAS-2110

Fixed a bug in the ImmutabilityInterceptor that could be triggered by a POST request to update multiple documents.

CAAS-2108

Grafana dashboard "CaaS System Status" is now compatible with Kubernetes v1.19.

CAAS-2115

Improved internal infrastructure.

CAAS-1978

RESTHeart has been extended by a component that can enrich log outputs with additional information. Currently, this extension is only available for our SaaS offer.

CAAS-2093

API keys are now the only valid authentication method when creating or removing tenant specific GraphQL applications.

PX-228

Updated dependencies.

CAAS-2103

Updated the RESTHeart license.

CAAS-1988

The metrics basic auth user was removed and replaced by an api key.

PX-225

Updated dependencies.

CAAS-1986

Deprecation of HTTP Basic Auth mechanism for authentication.

CAAS-2091

Due to eventual consistency, requests to create a database and requests to create API keys via the setup endpoint could be answered with HTTP status 500 instead of 200 in rare cases. These problems have been fixed.

CAAS-2020

A new HTTP endpoint has been added to resynchronize all GraphQL apps in the global collection on demand.

This functionality can be triggered via a POST request at /_logic/sync-graphql-apps.

CAAS-2097

A bug related to deleting Tenant databases has been fixed. Installed GraphQL apps from the global gql-apps collection are now properly cleaned up.

CAAS-1987

Parsing of an API key from Authorization header has been changed to additionally support the standardized Bearer format.

CAAS-2098

Fixed flaky tests and minor issues in test code.

CAAS-2015

Updated the MongoDB Grafana dashboard to contain a value mapping to human-readable values for MongoDB replica state instead of numeric values. Further the stats in the top line use instant values now.

CAAS-2014

The alert threshold for MongoDB splitbrain alert was set to 5 minutes. The former value of 30 seconds may have lead to false positives when updating caas-platform deployments.

CAAS-2092

A bug was fixed in the internal infrastructure.

PX-221

Updated some dependencies

PX-209

A bug was fixed in the internal infrastructure.

CAAS-2078

Fixed a bug that caused the creation of GraphQL apps using the setup endpoint to fail when the gql-apps collection is missing.

CAAS-2059

Updated dependencies as well as RESTHeart to version 6.6.0 to fix CVE-2022-1259, CVE-2022-0084, and CVE-2022-42003.

CAAS-2044

GraphQL default and max page size limit is now configurable in the Helm chart.

PX-183

Improved internal infrastructure.

CAAS-1964

Internal improvements of the setup endpoint for databases which can now create GraphQL applications.

CAAS-2030

Extending the documentation about GraphQL.

CAAS-2035

Updated RESTHeart to version 6.5.2 for fixing various CVEs like CVE-2022-25857 and CVE-2022-37734. In addition, a limit on the result size for GraphQL queries now applies.

CAAS-2036

Updated RESTHeart version to 6.5.0

CAAS-1980

A GET request without a field on an aggregation now properly response with HTTP status 400 instead of 500.

CAAS-2021

The limit attribute in GraphQL queries will no longer be ignored.

CAAS-2036

Bug that prevented usage from GraphQL introspection queries is now fixed.

CAAS-1909

In the PodDisruptionBudget resources of the Helm chart, the API version has been updated to policy/v1, which is available as of Kubernetes version 1.21. Compatibility with earlier Kubernetes versions can still be established with appropriate specifications in custom-values.yaml.

CAAS-2010

API Keys can now be authorized exclusively to individual GraphQL endpoints.

CAAS-2023

Added a note about the page size limit of GraphQL queries in the documentation.

CAAS-1963

Added basic GraphQL support.

PX-197

Changed e-Spirit AG to Crownpeak Technology GmbH in the documentation.

CAAS-1996

Optimized cleanup of internal test resources.

CAAS-1977

Fixed a problem where calling an aggregation without providing the required variables returned HTTP 500 instead of 400.

CAAS-1937

Enhanced endpoint for simplified internal project setup to process api keys.

PX-178

Improvements of internal infrastructure.

CAAS-1971

Fixing the permissions for the use of the endpoint for simplified internal project setup.

CAAS-1967

Fixed a problem introduced in 14.6.1 where default aggregation variables were not resolved if explicit variables were part of the request.

CAAS-1339

Added endpoint for simplified internal project setup.

CAAS-1949

Fixed concurrency error when creating local apikeys collections.

CAAS-1931

Fixed error handling when dealing with whitespace in resource names and updated RESTHeart to version 6.3.4.

CAAS-1952

Added missing hints regarding default and max value for pagesize parameter configuration in documentation.

CAAS-1946

Fixed a problem where default variables could no longer be used in aggregations.

CAAS-1923

Updated RESTHeart to version 6.3.3. The new feature where requests can specify the read/write behavior against the DB is disabled by default.

CAAS-1928

Disabled mapReduce aggregation pipelines due to security considerations. Fixed a problem where aggregation pipelines could be used for privilege escalation.

CAAS-1881

Enabled management capabilities for api keys. To read or manage api keys, the used api key must have write permissions for corresponding apikeys collection.

CAAS-1897

Updated dependencies to solve CVE-2020-36518.

CAAS-1899

If critical initialization steps of the database cannot be executed, RESTHeart is now restarted automatically. This can be the case especially at the first start when the bootstrapping of MongoDB is not yet complete.

PX-176

Improved internal infrastructure.

CAAS-1898

Obsolete links to external sources have been updated in the documentation.

CAAS-1903

Added PodDisruptionBudget to REST API. Anti-affinity now ensures that REST API pods are distributed to different nodes if possible.

CAAS-1900

Adjusted sensitivity of CaaSRestAPIIncreasedErrorRate alert.

PX-173

Improved internal infrastructure.

PX-176

Improved internal infrastructure.

CAAS-1869

Updated RESTHeart to version 6.2.3.

CAAS-1848

Improved internal infrastructure.

CAAS-1845

Improved the internal infrastructure.

CAAS-1851

Provision of additional version 9.4.1 as well as adjustment of the update note for CaaS platform version 9.5.0.

CAAS-1856

Fixed an example curl request (API Key creation) in the documentation.

CAAS-1839

Updated RESTHeart to version 6.2.0.

CAAS-1832

Upgraded MongoDB from 5.0.3 to 5.0.6

CAAS-1842

A Toleration has been added to the Helm chart to allow REST API pods to be placed onto nodes with the taint NodeWithImpairedVolumes=true.

CAAS-1846

Updated RESTHeart to version 6.1.7 (upgrade logback to version 1.2.10 that fixes CVE-2021-42550)

CAAS-1805

Improved the alerts.

CAAS-1805

Improved the alerts.

CAAS-1805

The existing Prometheus alerts were improved and new ones were added. Additionally, there were breaking changes to the default configuration of the CaaS Helm chart.

CAAS-1836

Updated the RESTHeart license. Also, assigned a priority to each permission in the ACL to avoid WARN messages in the log upon startup.

CAAS-1807

Fixed a bug from version 13.1.0 which caused warnings in the log for requests against the metrics endpoint.

CAAS-1807

Added option to prohibit upload of binary data.

CAAS-1755

Improved Grafana dashboards.

PX-142

The chapters from the release notes are no longer numbered consecutively.

CAAS-1677

Discontinuation of the Docker Compose support.

PX-72

Improved the internal infrastructure.

CAAS-1662

Discontinuation of the Admin Interface.

CAAS-1818

In the ingress resources of the Helm chart, the deprecated annotation kubernetes.io/ingress.class has been removed. Instead, the class is specified using the attribute spec.ingressClassName, which is available as of Kubernetes version 1.18. Compatibility with previous Kubernetes versions can still be achieved with appropriate entries in custom-values.yaml.

CAAS-1698

Updated RESTHeart to version 6.1.3.

PX-115

Improvement of the internal build process.

CAAS-1780

The MongoDB featureCompatibilityVersion is set to 5.0.

CAAS-1784

The API version of all ingress resources of the Helm chart has been updated to networking.k8s.io/v1, which is available from Kubernetes version 1.19 onwards. A different API version can be set in the custom-values.yaml.

CAAS-1706

Changes to the internal infrastructure.

CAAS-1786

Updated RESTHeart to version 5.4.7. This version now correctly responds to requests with an invalid regex expression with HTTP 400 instead of 500.

CAAS-1794

It is now possible to configure the size of the buffer between container limit and JVM heap of the REST API pods.

CAAS-1757

Upgraded MongoDB from 4.4.4 to 5.0.3 The featureCompatibilityVersion is still set to 4.4 and will be updated with an upcoming release.

In addition, an update of RESTHeart to version 5.4.6 took place, which includes the MongoDB 5 driver.

CAAS-1757

Fixed a bug in version 9.3.0 where a lack of custom labels caused the helm install to fail.

CAAS-1851

Providing hotfix release 9.4.1 with MongoDB version 4.4.11

CAAS-1771

The Helm chart was extended with several new Prometheus Alerting rules. These are deactivated by default.

PX-143

Improvements in internal infrastructure.

CAAS-1787

Added additional labels to pods and a way to add custom labels.

CAAS-1791

Edited the update notice regarding CaaS Platform version 2.14.0 from 11.08.2020.

PX-126

Improvements in the internal infrastructure.

master

Update policy Off of VerticalPodAutoscaler is no longer interpreted as false.

CAAS-1775

Updated RESTHeart to version 5.4.2 due to optimized memory consumption when loading documents from MongoDB.

CAAS-1754

Improved the internal test infrastructure.

CAAS-1763

Added VerticalPodAutoscaler for MongoDB to helm chart. It is now possible to set the resource requests of the MongoDB pods independently of the limits.

CAAS-1756

For Ingress resources of the Helm chart it is now possible to set the attribute spec.ingressClassName and to override the attribute apiVersion via Helm values. Currently, only the value networking.k8s.io/v1beta1 can be used for apiVersion.

CAAS-1741

Replaced deprecated annotation service.alpha.kubernetes.io/tolerate-unready-endpoints in caas-mongo service with spec.publishNotReadyAddresses attribute.

CAAS-1722

Improving the internal monitoring infrastructure.

CAAS-1736

Added documentation about indexes.

CAAS-1675

Removed code responsible for one-time migration of API Keys in version 7.2.0.

CAAS-1716

Added missing tenant query parameter to create short-lived security tokens to the change stream code example in the documentation.

CAAS-1693

Grafana dashboards were enhanced by a datasource variable to allow better compatibility across Grafana instances and setups. The data source can now be selected via a drop-down list.

Furthermore, the links to other dashboards on the "CaaS Overview" dashboard were corrected. In addition, panels on all dashboards were changed from the deprecated type "singlestat" to "stat" or "gauge".

CAAS-1439

Switched validating kubernetes resources during build process from Kubeval to Kubeconform.

CAAS-1701

Write accesses to the JSON schema for validating API keys or its collection are now correctly prevented.

CAAS-1684

Made filterOperatorsBlacklist feature of RESTHeart configurable in Helm chart. It is disabled by default, so you can opt in to configure it.

CAAS-744

A Kubernetes Pod Disruption Budget for MongoDB was added to CaaS Helm chart. You may opt out of this feature by disabling it in your custom-values.yaml. See official documentation for more information.

CAAS-1704

Fixed Rest API deployment specification to update one pod by another during updates. This is needed because of executing database migration / validation logic during updates.

CAAS-1642

Added a pre-stop hook to REST API pods, to be able to shift the traffic before the pod gets stopped by Kubernetes. This fixes the unlikely situation of service outages, for example during updates.

CAAS-1613

For development purposes, instead of GKE, a Rancher-managed k8s cluster in AWS is now used.

CAAS-1691

Disabled the digest auth mechanism.

CAAS-1699

Updated RESTHeart to version 5.4.1 due to fixes of memory leaks in RESTHeart.

CAAS-1700

To optimize resource usage the liveness probe in Kubernetes was moved from metrics endpoint to more lightweight ping endpoint.

CAAS-1697

Fixed validation when creating a local api key already existing as global api key.

CAAS-1681

Added missing note regarding expected unit for memory limit configuration in values.yaml

CAAS-1683

Added option in Helm values to enable check for same tenant in subdomain and path to avoid cross tenant access.

CAAS-1337

Added support for database-local API keys.

CAAS-1574

Added endpoint and Grafana dashboard to provide JVM metrics in prometheus format.

CAAS-1630

Automatic migration of api keys not fulfilling _id == key condition, introduced with version 5.0.0.

CAAS-1676

Deprecation of the Docker Compose stack.

CAAS-1660

Deprecation of the CaaS Admin Interface and deactivating the deployment by default.

CAAS-1667

In future, all migration notes can be found in the release notes document, so that the separate "Migration Guide" will no longer be maintained from now on.

CAAS-1666

Creation and editing of API keys was fixed in admin webapp. Additionally, loading API keys in admin webapp now uses pagesize=100 because paging is not implemented. Note that working with more than 100 API keys is not supported in admin webapp. Please use a REST client instead in such situations.

CAAS-1447

Documentation artifacts of caas platform were moved to a separate tile on the documentation landing page.

CAAS-1637

All explicit pagesize parameters were removed from calls made by the admin webapp.

CAAS-1654

Simplified internal test execution in dockerized CI environment.

CAAS-1570

Fixed security vulnerability when using security tokens in multitenant mode.

CAAS-1625

The initialization of the database was separated from its configuration and moved to the REST API container.

CAAS-1645

Fixed an API key validation bug that rejected PUT requests for API keys if the ID did not contain only alphanumeric characters, hyphen or underscore.

CAAS-1644

Fixed an API key validation bug that resulted in an HTTP 500 response instead of an HTTP 400 response if the key attribute value was missing.

CAAS-1540

Configuration options for the default-pagesize and max-pagesize parameters of RESTHeart instances have been introduced. The new default values are default-pagesize=20 and max-pagesize=100.

CAAS-1501

Extended validation of API keys creation and editing has been implemented.

CAAS-1624

Updated RESTHeart to version 5.3.4 due to fixes of security issues in RESTHeart.

CAAS-1609

Updated RESTHeart to version 5.3.3 due to fixes of security issues in RESTHeart.

CAAS-1583

It is now enforced that MongoDB runs as ReplicaSet when Rest-API instances are started. This may not be the case, especially when first booting into Kubernetes, since MongoDB is reachable during bootstrapping. For now, we will let the rest API instances fail to boot, so Kubernetes will restart the pods. A more sustainable solution will require some changes to the MongoDB configurations and will be deferred for now.

CAAS-1596

Updated RESTHeart to version 5.3.2 to avoid potential Exchange already complete errors.

CAAS-1468

The release process was adapted to internal changes.

CAAS-1468

The version endpoint of the Rest API now returns the correct release version again and not the version of the development state directly before the release.

CAAS-1581

Upgraded MongoDB from 4.4.3 to 4.4.4.

CAAS-1538

Removed chapter Preview CaaS from the installation chapter of the documentation.

CAAS-1534

Added documentation regarding push notifications (change streams).

CAAS-1580

Updated the RESTHeart license

CAAS-1577

Upgraded MongoDB from 4.4 to 4.4.3.

CAAS-1476

To ensure a more stable operation, the JVM flags regarding the heap size in the Kubernetes stack were added and the existing configurations in the Docker stack were adjusted.

CAAS-1544

Added Docker Compose integration and intensive tests for websocket support.

CAAS-1564

The short-lived security tokens can be created using any API key, irrespective of its permissions.

CAAS-1500

Updated RESTHeart to version 5.3.1. Creating a database that already exists with different case returns HTTP 409 Conflict instead of internal server error now.

CAAS-1532

Updated RESTHeart to version 5.2.0

CAAS-1512

Removal of WARN log output at rest API startup regarding outdated configuration syntax.

CAAS-1524

Removal of misleading WARN log output from ApiKeyAuthMechanism when authenticating with BasicAuth

CAAS-1433

Added support for short-lived security tokens that allow authentication via query parameter or cookie.

CAAS-1469

Implemented enhanced validation of API keys: from now on it is no longer possible to create multiple API keys with same key value or to create an API key with duplicate URLs in its permissions array.

CAAS-1132

All newly created or updated API keys are now validated against a JSON schema. In addition, write access to the internal database caas_admin via the Rest API is now much more restrictive.

CAAS-1457

The CaaS Overview Grafana Dashboard has been adjusted so that the selection of the time period is taken into account in the restarts displayed.

CAAS-1342

The MongoDB featureCompatibilityVersion is set to 4.4. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

CAAS-1341

Upgraded MongoDB from 4.2 to 4.4. The featureCompatibilityVersion is still set to 4.2 and will be updated with an upcoming release.

CAAS-1386

The Rest API now shows 401 and 403 responses in the Prometheus metrics again.

CAAS-1390

Removal of the Security Proxy from the "Architecture" figure of the product documentation

CAAS-1379

Removal of the Ansi colors from the log outputs of RESTHeart

CAAS-1079

Added a Grafana dashboard for MongoDB to allow basic analysis regarding MongoDB status and possible issues.

CAAS-1295

Updated RESTHeart to version 5.1.4

CAAS-1101

The MongoDB featureCompatibilityVersion is set to 4.2. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

CAAS-1100

Upgraded MongoDB from 4.0 to 4.2. The featureCompatibilityVersion is still set to 4.0 and will be updated with an upcoming release.

CAAS-1307

RESTHeart has been upgraded to version 4.1.17

CAAS-1303

Fixed the CPU limit unit of the container caas-rest-api-security in Helm chart default values.

CAAS-1284

Grafana Dashboards adjusted so that the selection of the period is taken into account in the displayed metrics.

CAAS-1288

Added an endpoint to get the version of caas-rest-api via HTTP at /_logic/version. This endpoint is secured and needs authentication. The admin and metrics user are both authorized to fetch this information.

CAAS-1259

Removal of Keystore and Truststore passwords from caas-docker.env as SSL support was removed in version 2.4.5.

CAAS-1242

Helm 3 is listed in our reference system. Helm 2 is about to be deprecated. Migration to Helm 3 is strongly recommended.

CAAS-1270

To be compatible with Helm 3 the field "tillerVersion" was removed from the Helm chart. Helm 3.x is not yet actively supported, this is only a first preparation.

CAAS-1229

Fixed resources in Helm default values block for caas-rest-api-security container.

CAAS-1165

Database or collection names containing double colons, backslashes or line feeds are now escaped correctly in the Prometheus metrics in the REST interface.

CAAS-1248

The versions listed in the Release Notes for the Platform were corrected.

CAAS-1246

To be compatible with Helm 3 the value for apiVersion was set explicitly in the Helm chart. Helm 3.x is not yet actively supported, this is only a first preparation.

CAAS-1235

The technical datasheet has been separated up and is now available for both CaaS module and CaaS Platform.

CAAS-1234

The documentation has been split up into separate documents for CaaS platform and CaaS module and has been slightly revised. In addition, a CaaS product documentation has been added, which serves as an introduction and refers to the separate documents.

CAAS-1176

Logging of TraceID header values has been added in the caas-rest-api-security container.

CAAS-1175

The Healthcheck endpoint URL has changed to /_logic/healthcheck in version 2.11.5, this was now fixed in the documentation and migration guide.

CAAS-1158

RESTheart has been upgraded to version 4.1.16

CAAS-1087

Requests that have been rejected because of missing or restricted credentials now correctly return 401 / 403 instead of just 401.

CAAS-1145

Nginx Configuration Snippet for Preview-CaaS Ingress is now part of the helm values.

CAAS-1078

RESTheart has been upgraded to version 4.1.3

CAAS-1009

Removed example monitoring deployment from CaaS Helm charts and made Grafana dashboards multi namespace capable.

CAAS-915

Access to the "caas_admin" database (and all its collections) is forbidden when authenticated with API key.

CAAS-395

Caas-Rest-Api now uses "distroless" containers to reduce attack surface.

CAAS-1108

The Kubernetes ingress definition for the Preview CaaS now has its own values for annotations and Cert Manager / TLS instead of using the values of CaaS Ingress.

CAAS-1055

The HTTPS service port was removed from kubernetes service definition for Rest-API as SSL support was removed in version 2.4.5.

CAAS-1083

The CaaS module and the CaaS platform were separated internally

CAAS-1099

Fixed missing read & execute rights for MongoDB bootstrap script in docker compose configuration.

CAAS-1039

The MongoDB featureCompatibilityVersion is set to 4.0. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

CAAS-1084

Fixed Grafana board per CaaS database to display response times for 4xx/5xx responses.

CAAS-1082

In case of using a CaaS instance with a HTTP context path the CaaS service configuration in server manager no longer has to end with a '/'.

CAAS-1080

Fixed rendering of remote links of page refs in preview mode.

CAAS-1076

Transmit durations have been calculated incorrectly for cases where network calls have been retried

CAAS-1054

While in the CleanUp a 404 will now be an acceptable response to a delete request.

CAAS-1012

Check configuration dialog now displays the correct title depending on outcome

CAAS-1031

Additional Ingresses can be activated in the Helm charts to provide a Preview CaaS functionality without a second CaaS stack.

CAAS-1011

Upgraded MongoDB from 3.6.13 to 4.0.10. The featureCompatibilityVersion is still set to 3.6 and will be updated with an upcoming release.

CAAS-1052

A Prometheus alert rule was added to detect possible MongoDB splitbrain situations based on MongoDB metrics introduced with CaaS 2.5.7.

CAAS-1051

Assets can be sent successfully to an HTTPS REST interface when proxy is used

CAAS-1049

In releases starting from 2.5.7, some publicly-available docker images were missing in the release zip files. They have been re-added.

CAAS-1048

Releases after and including 2.5.7 contained a bug that prevented installations without the monitoring stack, this has been fixed.

CAAS-997

The name of the caas-mongo persistent volume claim is now configurable in the helm chart values. Beware that the name for the persistent volume claim of an existing stateful set cannot be changed!

CAAS-838

CaaS-CleanUp no longer lags one generation behind.

CAAS-1041

Updated technical requirements section in the documentation.

CAAS-1038

The MongoDB featureCompatibilityVersion is set to 3.6. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

CAAS-946

The CaasConnection implementation was exchanged

CAAS-704

Removed the custom rest api ping endpoint (/_logic/metrics/ping) and adapted the kubernetes liveness probe to use the metrics endpount (/_metrics) instead.

CAAS-1025

Enhanced logging of FirstSpirit module.

CAAS-1040

The migration guide are now also available in english.

CAAS-1037

Upgraded RESTheart to version 3.10.1.

CAAS-891

Added exception handling if project language is deleted.

CAAS-670

Upgraded MongoDB from 3.4.19 to 3.6.13. The featureCompatibilityVersion is still set to 3.4 (in case of upgrades) and will be updated with an upcoming release.

CAAS-1029

Added missing executable flag to MongoDB bootstrap.sh in docker-compose stack.

CAAS-1017

Old project name normalization recovered

CAAS-902

Removed MongoDB liveness probe and added Prometheus alerts instead

CAAS-805

Reduced internal dependencies of metadata converter class.

CAAS-901

MongoDB Helm templates have been updated and the database’s featureCompatibilityVersion parameter has been set to "3.4" in preparation for upcoming MongoDB upgrades. Additionally, metrics support for MongoDB was added and can be activated in helm values.

CAAS-853

Added a possibility, to turn on the evaluation of FirstSpirit metadata template

CAAS-790

The cleanup task won’t execute deletions in case of transmission errors

CAAS-1006

Recovered old class signatures

CAAS-250

Configuring the CaaS target database and collection in Site Architect is no longer possible for all projects users, but project administrators only.

CAAS-989

More conservative resolution handling for url generation

CAAS-369

Persistence layer for url configurations got replaced.

CAAS-980

The admin web app can now be deactivated in the kubernetes stack, in case it is not needed.

CAAS-976

Prepared minimal OpenShift support

CAAS-808

The releasenotes are now also available in German.

CAAS-426

The helm chart now supports the configuration of Kubernetes network policies via the values file. By default, all policies are disabled, but can be enabled with a default configuration and adjusted as needed.

CAAS-940

Stored URLs have not been used when media has been deployed through standard FS mechanisms, but the rest has been deployed to CaaS

CAAS-836

Fixed a bug where data sets that contained media did not deploy that media in preview

CAAS-741

Upgraded RESTheart to version 3.9.0 allowing to scrape metrics per database and collection. A new Grafana dashboard was added to show these metrics.

CAAS-578

Reworked CaaS Documentation

CAAS-934

Schedule entries that deploy a preview state will only use the caas preview url factory if preview has been configured in the project app component

CAAS-931

Removed unneeded requests to create already existing assets.files collection.

CAAS-930

Some HTTP connections have erroneously been retried (such as on 403 answers). Retries are now limited to certain status codes.

CAAS-924

Fixed permissions in admin webapp container to allow usage of securityContext.runAsUser.

CAAS-919

Adjustment of the preview service so that no restart of the service is required to update the project configuration.

CAAS-888

Use of the new UrlCreatorAgent API

CAAS-881

CaaS module now supports JDK11 as runtime for FirstSpirit

CAAS-878

Remote media can now also be streamed from FirstSpirit during preview

CAAS-914

Removed storage support (PVC) for Grafana as all dashboards and datasources are provisioned and Grafana should be stateless.

CAAS-913

Users could select url creators for media for CDN deployment that actually are unsupported, this is not possible anymore

CAAS-903

MongoDB has been updated to version 3.4.19

CAAS-900

Added date to default log pattern of REST interface.

CAAS-893

The formula for calculating the Wired Tiger cache size has been adapted to the version from the official documentation. As a result, MongoDB has a slightly larger cache available.

CAAS-847

Problems of internal queue handling of CaaS generation solved.

CAAS-814

CompletionStage is correctly completed now.

CAAS-918

Updated screenshots to reflect current project component GUI

CAAS-912

Parameters that are supplied in a schedule entry (e.g. "CaaS initialize") do not obey the case anymore. For example, it it possible to use "caasURL" now instead of "caasUrl" to set a new CaaS URL in a schedule.

CAAS-895

MongoDB pods now are always in the guaranteed QoS class to improve general database performance and reliability.

CAAS-862

Documentation extended with notes on scaling and error analysis of the MongoDB cluster as well as the health check of the rest API.

CAAS-819

Preview schedules can now use FirstSpirit preview URLs.

CAAS-768

Improved URL-Creation for preview URLs.

CAAS-665

This CaaS version eliminates the supplied self-signed SSL certificates.

CAAS-652

Changed liveness probe such that a stuck pod will not get any traffic for about 10 seconds before restarting, giving it a chance to come back to life.

CAAS-647

Setting path in webapp ingress will now configure its base url.

CAAS-460

Updated Kubernetes API version to apps/v1

CAAS-882

Added connection check for preview service configuration (in the project app)

CAAS-873

Changed AdvancedUrlFactory default value in project app from class to component name.

CAAS-834

Now trimming inputs in config keys for whitespaces (API key, URLs, …​)

CAAS-832

Connection-Checks in caas service configuration now has improved failure handling and error messaging

CAAS-822

Performance optimization in action CaaS DeltaGeneration

CAAS-654

Changed all variable names in the env.js configuration file.

CAAS-864

Updated underlying software in the stack, mainly docker images

CAAS-856

Prometheus label for service monitor definitions is configurable now.

CAAS-727

Support for Horizontal Pod Autoscaler

CAAS-865

Invalid JSON in channels lead to not deploying that content, and not throwing errors

CAAS-844

Fixed deletion of entities in preview CaaS.

CAAS-833

Fixed updating preview CaaS content in case of entity creations and modifications.

CAAS-823

Fixed initialization of CaaS config dialog in Site Architect for PageRefs without stored configuration.

CAAS-809

Removed duplicate install scripts for docker images.

CAAS-705

Upgrade RESTheart to 3.5.0

CAAS-645

Added options to include prometheus and metric exporter deployments in helm charts. This requires an already installed and configured prometheus operator! Further information can be taken from CaaS Kubernetes documentation.

CAAS-640

Using new upsert functionality for media provided by RESTheart 3.5.0 to improve performance and stability for media deployments.

CAAS-533

Added options to include grafana deployment in helm charts. Further information can be taken from CaaS Kubernetes documentation.

CAAS-311

This module can now be used on isolated FirstSpirit servers.