1. Version 7.2.0 - 11.05.2021


Since version 5.0.0, creation and editing of API keys are subject to the condition that _id and key must have the same value. Existing API keys were initially exempt from this rule. Starting from this version, API keys that do not comply with the rule are automatically determined and stored under a new _id.

Before each API key migration, a backup of the apikey collection is created, with the backup collection name containing the current date and time for easier identification.

The migration logic will be removed in a future release.

Update Notice

If keys with contradictory permissions are found they cannot be migrated. In this rare case a log message prefix [ACTION REQUIRED] is written. Please watch the logs for this messages to migrate your keys manually.

New features

ID Description


Automatic migration of api keys not fulfilling _id == key condition, introduced with version 5.0.0.

2. Version 7.1.0 - 07.05.2021


The Docker Compose stack was approved for development purposes only since 02/2020. It is now marked deprecated with immediate effect and we recommend only using Kubernetes as an operating platform from now on.

Please note that no further bug fixes or features will be implemented on the Docker Compose configuration and the entire stack will be removed at the end of 2021.

New features

ID Description


Deprecation of the Docker Compose stack.

3. Version 7.0.0 - 07.05.2021


The CaaS Admin Interface is marked deprecated with immediate effect and its deployment in the Helm chart and Docker Compose stack is disabled. Please note that there will be no further bugfixes or features implemented, and the CaaS Admin Interface will be removed by the end of 2021.

Update Notice

Deployment of the CaaS Admin Interface is disabled in the Helm chart due to deprecation. Instead, we recommend using a REST client of your choice to interact with the REST api, especially for maintaining API keys.
From now on, disabling the CaaS Admin Interface will no longer result in the automatic generation of credentials. Therefore, if you had already disabled the CaaS Admin Interface before, you must now maintain the webAdminUser and webAdminPassword values in the credentials block of custom-values.yaml. Otherwise, the default values of the chart apply.
If you want to continue using the CaaS Admin Interface, you must re-enable it in the custom-values.yaml of your Helm deployment.

The CaaS Admin Interface is also disabled in the Docker Compose stack. If you want to continue using it, you need to remove the comments in the docker-compose.yml.

New features

ID Description


Deprecation of the CaaS Admin Interface and deactivating the deployment by default.

4. Version 6.3.0 - 06.05.2021

New features

ID Description


In future, all migration notes can be found in the release notes document, so that the separate "Migration Guide" will no longer be maintained from now on.

5. Version 6.2.1 - 03.05.2021

Fixed issues

ID Description


Creation and editing of API keys was fixed in admin webapp. Additionally, loading API keys in admin webapp now uses pagesize=100 because paging is not implemented. Note that working with more than 100 API keys is not supported in admin webapp. Please use a REST client instead in such situations.

6. Version 6.2.0 - 29.04.2021

New features

ID Description


Documentation artifacts of caas platform were moved to a separate tile on the documentation landing page.

7. Version 6.1.3 - 23.04.2021

Fixed issues

ID Description


All explicit pagesize parameters were removed from calls made by the admin webapp.

8. Version 6.1.2 - 22.04.2021

Fixed issues

ID Description


Simplified internal test execution in dockerized CI environment.

9. Version 6.1.1 - 19.04.2021

Fixed issues

ID Description


Fixed security vulnerability when using security tokens in multitenant mode.

10. Version 6.1.0 - 15.04.2021

New features

ID Description


The initialization of the database was separated from its configuration and moved to the the rest API container.

11. Version 6.0.2 - 14.04.2021

Fixed issues

ID Description


Fixed an API key validation bug that rejected PUT requests for API keys if the ID did not contain only alphanumeric characters, hyphen or underscore.

12. Version 6.0.1 - 12.04.2021

Fixed issues

ID Description


Fixed an API key validation bug that resulted in an HTTP 500 response instead of an HTTP 400 response if the key attribute value was missing.

13. Version 6.0.0 - 06.04.2021

Update Notice

Please note that the new default values for default-pagesize and max-pagesize have been reduced. This results in requests with explicitly set pagesize query parameter and a value greater than 100 being rejected with HTTP 400 bad request.

If you explicitly want or need responses with more than 100 documents, you can adjust these parameters in your custom-values.yaml accordingly.

New features

ID Description


Configuration options for the default-pagesize and max-pagesize parameters of RESTheart instances have been introduced. The new default values are default-pagesize=20 and max-pagesize=100.

14. Version 5.0.0 - 06.04.2021

Update Notice

With this version, the platform is more restrictive with the creation of API keys. From now on, only PUT or POST requests will be accepted that meet the following guidelines:

  • Each POST request must also include the _id parameter, which must be the same as the key parameter sent at the same time.

  • Each PUT request must now point to an ID which must be the same as the key parameter.

This change ensures in the long run that it is no longer possible to create multiple API key entries with identical key parameters. This guarantees that an API key remains unique across the platform.

Existing API keys are not affected by this change and their functionality remains unchanged.

New features

ID Description


Extended validation of API keys creation and editing has been implemented.

15. Version 4.0.8 - 06.04.2021

Fixed issues

ID Description


Updated RESTHeart to version 5.3.4 due to fixes of security issues in RESTHeart.

16. Version 4.0.5 - 17.03.2021

Fixed issues

ID Description


Updated RESTHeart to version 5.3.3 due to fixes of security issues in RESTHeart.

17. Version 4.0.4 - 11.03.2021

Fixed issues

ID Description


It is now enforced that MongoDB runs as ReplicaSet when Rest-API instances are started. This may not be the case, especially when first booting into Kubernetes, since MongoDB is reachable during bootstrapping. For now, we will let the rest API instances fail to boot, so Kubernetes will restart the pods. A more sustainable solution will require some changes to the MongoDB configurations and will be deferred for now.

18. Version 4.0.3 - 11.03.2021

Fixed issues

ID Description


Updated RESTHeart to version 5.3.2 to avoid potential Exchange already complete errors.

19. Version 4.0.2 - 05.03.2021

Fixed issues

ID Description


The release process was adapted to internal changes.

20. Version 4.0.1 - 03.03.2021

Fixed issues

ID Description


The version endpoint of the Rest API now returns the correct release version again and not the version of the development state directly before the release.

21. Version 4.0.0 - 01.03.2021

Update Notice

Due to the upgrade to MongoDB 4.4.4, several changes had to be made to the Docker Compose configuration. All changes must be manually applied to existing configurations.

New features

ID Description


Upgraded MongoDB from 4.4.3 to 4.4.4.

22. Version 3.0.22 - 23.02.2021

Fixed issues

ID Description


Removed chapter Preview CaaS from the installation chapter of the documentation.

23. Version 3.0.21 - 22.02.2021

New features

ID Description


Added documentation regarding push notifications (change streams).

24. Version 3.0.20 - 18.02.2021

New features

ID Description


Updated the Restheart license

25. Version 3.0.18 - 17.02.2021

New features

ID Description


Upgraded MongoDB from 4.4 to 4.4.3.

26. Version 3.0.17 - 16.02.2021

Update Notice

The values for the _JAVA_OPTIONS variable in docker-compose.yml have been corrected and must be manually adjusted in existing installations.

Fixed issues

ID Description


To ensure a more stable operation, the JVM flags regarding the heap size in the Kubernetes stack were added and the existing configurations in the Docker stack were adjusted.

27. Version 3.0.16 - 16.02.2021

Update Notice

Caution, CAAS-1544 changed the Docker Compose configuration. Make sure you get the changes merged into your configuration by hand.

Besides, the rest-api container isn’t based on a distroless base image anymore.

Fixed issues

ID Description


Added Docker Compose integration and intensive tests for websocket support.

28. Version 3.0.14 - 11.02.2021

New features

ID Description


The short-lived security tokens can be created using any API key, irrespective of its permissions.

29. Version 3.0.11 - 01.02.2021

Fixed issues

ID Description


Updated RESTHeart to version 5.3.1. Creating a database that already exists with different case returns HTTP 409 Conflict instead of internal server error now.

30. Version 3.0.9 - 28.01.2021

New features

ID Description


Updated RESTHeart to version 5.2.0

31. Version 3.0.8 - 21.01.2021

Fixed issues

ID Description


Removal of WARN log output at rest API startup regarding outdated configuration syntax.

32. Version 3.0.4 - 19.01.2021

Fixed issues

ID Description


Removal of misleading WARN log output from ApiKeyAuthMechanism when authenticating with BasicAuth

33. Version 3.0.3 - 19.01.2021

Update Notice

The value credentials.caasSecureTokenEncryptionKey has been added to Helm Values. This must be overwritten by on-premise customers along with all other credentials.

New features

ID Description


Added support for short-lived security tokens that allow authentication via query parameter or cookie.

34. Version 3.0.0 - 11.12.2020

Update Notice

The endpoint PATCH /caas_admin/apikeys/{id} for the partial update of an API key is no longer available due to the introduced validations. The full update of an existing API key can still be performed using the PUT or POST endpoints.

New features

ID Description


Implemented enhanced validation of API keys: from now on it is no longer possible to create multiple API keys with same key value or to create an API key with duplicate URLs in its permissions array.

35. Version 2.17.0 - 10.12.2020

Update Notice

Creating and updating API keys is now validated against a JSON schema. Existing API keys are not affected by this as long as they are not changed. The schema can be accessed at /caas_admin/_schemas/apikeys.

The access to the internal caas_admin database has been more restricted. Reading all data contained in it is of course still allowed. However, write access has been limited to managing API keys. Thus, creating, altering or even deleting collections or the entire database itself is no longer possible. These changes primarily prevent a non-functioning CaaS platform due to damaged structures in the internal database.

New features

ID Description


All newly created or updated API keys are now validated against a JSON schema. In addition, write access to the internal database caas_admin via the Rest API is now much more restrictive.

36. Version 2.16.1 - 03.11.2020

Fixed issues

ID Description


The CaaS Overview Grafana Dashboard has been adjusted so that the selection of the time period is taken into account in the restarts displayed.

37. Version 2.16.0 - 02.11.2020

Update Notice

You must have installed CaaS platform version 2.15.0 running MongoDB version 4.4 to upgrade to CaaS platform 2.16. This is an absolutely necessary step for the MongoDB upgrade! For more information, see the Migration Guide.

New features

ID Description


The MongoDB featureCompatibilityVersion is set to 4.4. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

38. Version 2.15.0 - 11.09.2020

Update Notice

You must have installed CaaS in at least version 2.13.3 to upgrade to 2.15.x. This is an absolutely necessary step for the MongoDB upgrade! For more information, see the Migration Guide.

New features

ID Description


Upgraded MongoDB from 4.2 to 4.4. The featureCompatibilityVersion is still set to 4.2 and will be updated with an upcoming release.

39. Version 2.14.5 - 26.08.2020

New features

ID Description


The Rest API now shows 401 and 403 responses in the Prometheus metrics again.

40. Version 2.14.3 - 20.08.2020

Fixed issues

ID Description


Removal of the Security Proxy from the "Architecture" figure of the product documentation

41. Version 2.14.2 - 17.08.2020

New features

ID Description


Removal of the Ansi colors from the log outputs of RESTheart

42. Version 2.14.1 - 11.08.2020

New features

ID Description


Added a Grafana dashboard for MongoDB to allow basic analysis regarding MongoDB status and possible issues.

43. Version 2.14.0 - 11.08.2020


RESTheart has been upgraded to version 5.1.4.

Update Notice

Starting with this version, the separate "Security Proxy" for authentication and authorization is no longer provided.

New features

ID Description


Updated RESTHeart to version 5.1.4

44. Version 2.13.3

Update Notice

You must have installed CaaS platform version 2.12.0 running MongoDB version 4.2 to upgrade to CaaS platform 2.13. This is an absolutely necessary step for the MongoDB upgrade! For more information, see the Migration Guide.

New features

ID Description


The MongoDB featureCompatibilityVersion is set to 4.2. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

45. Version 2.12.0

Update Notice

You must have installed CaaS in at least version 2.9.2 to upgrade to 2.12.x. This is an absolutely necessary step for the MongoDB upgrade! For more information, see the Migration Guide.

New features

ID Description


Upgraded MongoDB from 4.0 to 4.2. The featureCompatibilityVersion is still set to 4.0 and will be updated with an upcoming release.

46. Version 2.11.41

Fixed issues

ID Description


RESTHeart has been upgraded to version 4.1.17


Fixed the CPU limit unit of the container caas-rest-api-security in Helm chart default values.


Grafana Dashboards adjusted so that the selection of the period is taken into account in the displayed metrics.

New features

ID Description


Added an endpoint to get the version of caas-rest-api via HTTP at /_logic/version. This endpoint is secured and needs authentication. The admin and metrics user are both authorized to fetch this information.

47. Version 2.11.34


The use of Helm 2 is no longer recommended with immediate effect. The Helm chart can already be installed with Helm 3, but is still compatible with Helm 2. However, in one of the coming releases the chart will only support Helm 3. Therefore we recommend to migrate to Helm 3 immediately, for more information see e.g. the blog https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/.

Fixed issues

ID Description


Removal of Keystore and Truststore passwords from caas-docker.env as SSL support was removed in version 2.4.5.

New features

ID Description


Helm 3 is listed in our reference system. Helm 2 is about to be deprecated. Migration to Helm 3 is strongly recommended.

48. Version 2.11.28

Fixed issues

ID Description


To be compatible with Helm 3 the field "tillerVersion" was removed from the Helm chart. Helm 3.x is not yet actively supported, this is only a first preparation.

49. Version 2.11.23

Fixed issues

ID Description


Fixed resources in Helm default values block for caas-rest-api-security container.


Database or collection names containing double colons, backslashes or line feeds are now escaped correctly in the Prometheus metrics in the REST interface.

New features

ID Description


The versions listed in the Release Notes for the Platform were corrected.


To be compatible with Helm 3 the value for apiVersion was set explicitly in the Helm chart. Helm 3.x is not yet actively supported, this is only a first preparation.


The technical datasheet has been separated up and is now available for both CaaS module and CaaS Platform.


The documentation has been split up into separate documents for CaaS platform and CaaS module and has been slightly revised. In addition, a CaaS product documentation has been added, which serves as an introduction and refers to the separate documents.


Logging of TraceID header values has been added in the caas-rest-api-security container.


The Healthcheck endpoint URL has changed to /_logic/healthcheck in version 2.11.5, this was now fixed in the documentation and migration guide.


RESTheart has been upgraded to version 4.1.16

50. Version 2.11.5


RESTheart has been upgraded to version 4.1.3 (platform edition). From now on, authentication and authorization are performed by a security proxy.

Update Notice

For installations for development purposes (docker-compose), you need to recreate that stack from scratch since changes to the database setup are necessary.

The example monitoring deployment were removed from CaaS Helm chart as it was not meant to be used in production. Please consider installing Prometheus Operator e.g. by using the official helm charts. This includes a much more comprehensive cluster monitoring setup. Please see the migration guide and documentation for more information.

The CaaS Grafana dashboards were converted to be multi-namespace capable.

Rest API Endpoints to API keys are now only accessible using Basic Auth. Even authenticated API Keys are not authorized to read from or write to the internal admin database. The Admin Webapp is not affected by this and works as before.

Fixed issues

ID Description


Requests that have been rejected because of missing or restricted credentials now correctly return 401 / 403 instead of just 401.

New features

ID Description


Nginx Configuration Snippet for Preview-CaaS Ingress is now part of the helm values.


RESTheart has been upgraded to version 4.1.3


Removed example monitoring deployment from CaaS Helm charts and made Grafana dashboards multi namespace capable.


Access to the "caas_admin" database (and all its collections) is forbidden when authenticated with API key.


Caas-Rest-Api now uses "distroless" containers to reduce attack surface.

51. Version 2.10.4

Fixed issues

ID Description


The Kubernetes ingress definition for the Preview CaaS now has its own values for annotations and Cert Manager / TLS instead of using the values of CaaS Ingress.

52. Version 2.10.0

Update Notice

The CaaS module and the CaaS platform were separated for internal development, but are currently still delivered together. As a result, the version numbers within the delivery are no longer the same and will evolve independently in the future.

Fixed issues

ID Description


The HTTPS service port was removed from kubernetes service definition for Rest-API as SSL support was removed in version 2.4.5.

New features

ID Description


The CaaS module and the CaaS platform were separated internally

53. Note on the version numbers

With the 2.10 release, the development of the CaaS module and the CaaS platform was separated internally. From this point on, the version numbers of these components also develop independently of each other.

As a result, the release notes in this document above this note are only listed for CaaS platform. However, for historical reasons, the release notes for the Caas module and platform, which were previously combined, are still listed below this note.

54. Version 2.9.2

Update Notice

You must have installed CaaS version 2.8.6 running MongoDB version 4.0 to upgrade to CaaS 2.9. This is an absolutely necessary step for the MongoDB upgrade!

Fixed issues

ID Description


Fixed missing read & execute rights for MongoDB bootstrap script in docker compose configuration.

New features

ID Description


The MongoDB featureCompatibilityVersion is set to 4.0. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.

55. Version 2.8.6


The Helm charts support activation of additional Ingress definitions in order to provide a Preview CaaS without deploying a second CaaS stack. To avoid mixing released and unreleased data, these Ingresses add the suffix "Preview" to the database name. After activating the Preview CaaS Ingresses you may configure the connection in the FirstSpirit project component. Please see the documentation for more information.

Update Notice

You must have installed CaaS version 2.7.9 to upgrade to 2.8.x. This is an absolutely necessary step for the MongoDB upgrade! For more information, see the Migration Guide.

Fixed issues

ID Description


Fixed Grafana board per CaaS database to display response times for 4xx/5xx responses.


In case of using a CaaS instance with a HTTP context path the CaaS service configuration in server manager no longer has to end with a '/'.


Fixed rendering of remote links of page refs in preview mode.


Transmit durations have been calculated incorrectly for cases where network calls have been retried


While in the CleanUp a 404 will now be an acceptable response to a delete request.


Check configuration dialog now displays the correct title depending on outcome

New features

ID Description


Additional Ingresses can be activated in the Helm charts to provide a Preview CaaS functionality without a second CaaS stack.


Upgraded MongoDB from 3.6.13 to 4.0.10. The featureCompatibilityVersion is still set to 3.6 and will be updated with an upcoming release.

56. Version 2.7.9


The connection between the FirstSpirit module and the REST API was reimplemented to be more robust and faster. Additionally, the parallelism configuration in the service configuration has changed semantics: Instead of configuring parallelism on a per schedule basis, parallelism is now configured for the server’s scope and does only affect media processing.

Update Notice

You must have installed CaaS version 2.6.1 running MongoDB version 3.6 to upgrade to 2.7.x. This is an absolutely necessary step for the MongoDB upgrade!

Since the parallelism configuration in the service configuration has changed semantics, you should revisit your current configuration and adjust it according to the new semantics. Overriding configurations in the schedule (with the caasMaxParallelConnections parameter) are now rendered obsolete. Although they don’t cause warnings, you should remove them.

Fixed issues

ID Description


A Prometheus alert rule was added to detect possible MongoDB splitbrain situations based on MongoDB metrics introduced with CaaS 2.5.7.


Assets can be sent successfully to an HTTPS REST interface when proxy is used


In releases starting from 2.5.7, some publicly-available docker images were missing in the release zip files. They have been re-added.


Releases after and including 2.5.7 contained a bug that prevented installations without the monitoring stack, this has been fixed.


The name of the caas-mongo persistent volume claim is now configurable in the helm chart values. Beware that the name for the persistent volume claim of an existing stateful set cannot be changed!


CaaS-CleanUp no longer lags one generation behind.

New features

ID Description


Updated technical requirements section in the documentation.


The MongoDB featureCompatibilityVersion is set to 3.6. If you use the docker stack manual work is needed after the upgrade. For more information see the Migration Guide.


The CaasConnection implementation was exchanged


Removed the custom rest api ping endpoint (/_logic/metrics/ping) and adapted the kubernetes liveness probe to use the metrics endpount (/_metrics) instead.

57. Version 2.6.1

Update Notice

You must have installed version 2.5.7 to upgrade to 2.6.x. This is an absolutely necessary step for the MongoDB upgrade! For more information, see the Migration Guide.

Fixed issues

ID Description


Enhanced logging of FirstSpirit module.

New features

ID Description


The migration guide are now also available in english.


Upgraded RESTheart to version 3.10.1.


Added exception handling if project language is deleted.


Upgraded MongoDB from 3.4.19 to 3.6.13. The featureCompatibilityVersion is still set to 3.4 (in case of upgrades) and will be updated with an upcoming release.

58. Version 2.5.7


We changed the normalization logic for CaaS project names, also known as CaaS database ids. From now on, special characters except non-leading underscores and dashes in project names will be removed, so that the resulting CaaS url doesn’t contain any other special characters anymore. Normalization of collection and document ids of CaaS urls may be interesting for you too, as from now on they too can only contain underscores and dashes. For further details, please take a look at the documentation.

Update Notice

Changing the normalization logic of all CaaS url components may lead to unwanted behavior in your project. Please read the corresponding documentation carefully and contact us, when you need help with a migration process.

The Kubernetes liveness probe for the MongoDB statefulset was deleted in order to allow the database longer startup and recovery times without the pods being killed by kubernetes. In addition custom Prometheus alerts can be enabled in the helm chart. Please see the documentation for more information.

If the cleanup task is configured to run in the case of errors, the execution is now suppressed if transmission errors exist. In the case of pure generation errors, the cleanup will still be executed. To force cleanup execution even in case of transmission errors set the property caasForceCleanupOnFailedItems to true.

Fixed issues

ID Description


Added missing executable flag to MongoDB bootstrap.sh in docker-compose stack.


Old project name normalization recovered


Removed MongoDB liveness probe and added Prometheus alerts instead


Reduced internal dependencies of metadata converter class.

New features

ID Description


MongoDB Helm templates have been updated and the database’s featureCompatibilityVersion parameter has been set to "3.4" in preparation for upcoming MongoDB upgrades. Additionally, metrics support for MongoDB was added and can be activated in helm values.


Added a possibility, to turn on the evaluation of FirstSpirit metadata template


The cleanup task won’t execute deletions in case of transmission errors

59. Version 2.4.35

Fixed issues

ID Description


Recovered old class signatures

New features

ID Description


Configuring the CaaS target database and collection in Site Architect is no longer possible for all projects users, but project administrators only.

60. Version 2.4.29


The input components for custom url configurations now show where the parts of the resulting CaaS url do come from. Furthermore, when saving a configuration, only the exact user input is getting persisted - for example when no project name was given, the configuration doesn’t persist the current FirstSpirit project name but nothing. Url resolution does then later on automatically use the FirstSpirit project name from the context.

Fixed issues

ID Description


More conservative resolution handling for url generation


Persistence layer for url configurations got replaced.

New features

ID Description


The admin web app can now be deactivated in the kubernetes stack, in case it is not needed.


Prepared minimal OpenShift support


The releasenotes are now also available in German.


The helm chart now supports the configuration of Kubernetes network policies via the values file. By default, all policies are disabled, but can be enabled with a default configuration and adjusted as needed.

61. Version 2.4.21


Operations with Kubernetes is no longer in "technical preview" state.

Fixed issues

ID Description


Stored URLs have not been used when media has been deployed through standard FS mechanisms, but the rest has been deployed to CaaS


Fixed a bug where data sets that contained media did not deploy that media in preview

New features

ID Description


Upgraded RESTheart to version 3.9.0 allowing to scrape metrics per database and collection. A new Grafana dashboard was added to show these metrics.


Reworked CaaS Documentation

62. Version 2.4.16

Update Notice

With this change, project administrators are now able to change the settings of the CaaS project component.

Using the UrlCreatorAgent API now requires at least the FirstSpirit version 2019-03.

Fixed issues

ID Description


Schedule entries that deploy a preview state will only use the caas preview url factory if preview has been configured in the project app component


Removed unneeded requests to create already existing assets.files collection.


Some HTTP connections have erroneously been retried (such as on 403 answers). Retries are now limited to certain status codes.


Fixed permissions in admin webapp container to allow usage of securityContext.runAsUser.


Adjustment of the preview service so that no restart of the service is required to update the project configuration.

New features

ID Description


Use of the new UrlCreatorAgent API


CaaS module now supports JDK11 as runtime for FirstSpirit


Remote media can now also be streamed from FirstSpirit during preview

63. Version 2.4.5

Update Notice

Please note that this update contains an update of the MongoDB version. As always with database updates, make sure you have a working backup before proceeding with the update.

The fields mongo.cpuRequest and mongo.memoryRequest from the Kubernetes helm chart configuration file values.yaml have been removed. The limits are used instead everywhere to get into the guraanteed QoS class. Check your values files in case you used different values for limits and requests in the past.

Please keep in mind, that it’s not possible to use custom URL factories in a CaaS schedule. If you use such a configuration in a schedule, the configuration is going to be overridden internally from now on and thus effectless.

If you have used the supplied certificates so far, you must now set up and manage them independently. More information can be found in the Docker or Kubernetes documentation.

With this release Kubernetes support will be limited to version 1.9.0 or higher

Fixed issues

ID Description


Removed storage support (PVC) for Grafana as all dashboards and datasources are provisioned and Grafana should be stateless.


Users could select url creators for media for CDN deployment that actually are unsupported, this is not possible anymore


MongoDB has been updated to version 3.4.19


Added date to default log pattern of REST interface.


The formula for calculating the Wired Tiger cache size has been adapted to the version from the official documentation. As a result, MongoDB has a slightly larger cache available.


Problems of internal queue handling of CaaS generation solved.


CompletionStage is correctly completed now.

New features

ID Description


Updated screenshots to reflect current project component GUI


Parameters that are supplied in a schedule entry (e.g. "CaaS initialize") do not obey the case anymore. For example, it it possible to use "caasURL" now instead of "caasUrl" to set a new CaaS URL in a schedule.


MongoDB pods now are always in the guaranteed QoS class to improve general database performance and reliability.


Documentation extended with notes on scaling and error analysis of the MongoDB cluster as well as the health check of the rest API.


Preview schedules can now use FirstSpirit preview URLs.


Improved URL-Creation for preview URLs.


This CaaS version eliminates the supplied self-signed SSL certificates.


Changed liveness probe such that a stuck pod will not get any traffic for about 10 seconds before restarting, giving it a chance to come back to life.


Setting path in webapp ingress will now configure its base url.


Updated Kubernetes API version to apps/v1

64. Version 2.3.1

Update Notice

Url factories for media deployments are configured through their component names from now on, instead of their full qualified class names. Migration of existing configurations is done automatically, when corresponding components can be found on the server. For example if your project app configuration contains 'de.espirit.firstspirit.generate.AdvancedUrlFactory', it gets automatically changed to 'Advanced URLs' when the project app component is updated. For potential manual migrations, please keep in mind that the FirstSpirit server has to be restarted after the module was installed, in order to be able to update the project component.

We updated MongoDB from 3.4.10 to 3.4.17. See https://docs.mongodb.com/manual/release-notes/3.4-changelog for more information on the changes.

Furthermore, we plan to update the major version of MongoDB in one of the upcoming releases.

Fixed issues

ID Description


Added connection check for preview service configuration (in the project app)


Changed AdvancedUrlFactory default value in project app from class to component name.


Now trimming inputs in config keys for whitespaces (API key, URLs, …​)


Connection-Checks in caas service configuration now has improved failure handling and error messaging


Performance optimization in action CaaS DeltaGeneration


Changed all variable names in the env.js configuration file.

New features

ID Description


Updated underlying software in the stack, mainly docker images


Prometheus label for service monitor definitions is configurable now.


Support for Horizontal Pod Autoscaler

65. Version 2.2.5

Fixed issues

ID Description


Invalid JSON in channels lead to not deploying that content, and not throwing errors

66. Version 2.2.3


The CaaS module can now be used on isolated FirstSpirit servers. Additionally, the JSON validation became stricter and lets schedules fail in some more cases of invalid data input.

Update Notice

If you use content projection to add entities to CaaS the generated URLs might change with this bugfix. In case the last page of content projection contained a single element only, the document URL was not generated correctly. Instead of generating a document name using the correct page offset, the entity key values were used. This was fixed now.

Fixed issues

ID Description


Fixed deletion of entities in preview CaaS.


Fixed updating preview CaaS content in case of entity creations and modifications.


Fixed initialization of CaaS config dialog in Site Architect for PageRefs without stored configuration.


Removed duplicate install scripts for docker images.

New features

ID Description


Upgrade RESTheart to 3.5.0


Added options to include prometheus and metric exporter deployments in helm charts. This requires an already installed and configured prometheus operator! Further information can be taken from CaaS Kubernetes documentation.


Using new upsert functionality for media provided by RESTheart 3.5.0 to improve performance and stability for media deployments.


Added options to include grafana deployment in helm charts. Further information can be taken from CaaS Kubernetes documentation.


This module can now be used on isolated FirstSpirit servers.

67. Version 2.1.8

Fixed issues

ID Description


Fixed problem that occurred only when configuring the caas service for a module that has been freshly installed (not updated)

68. Version 2.1.6

Update Notice

Breaking change: In the past, the FirstSpirit CaaS module deployed remote media to the REST API. This is not done anymore, remote media is instead directly linked to. Deployment of remote media now has to be handled by the remote project itself. Therefore, URLs to remote media should now be configured through the standard FirstSpirit mechanisms. Consult the documentation for more details.

Fixed issues

ID Description


Fixed an issue where URLFactories that did not generate leading slashes lead to wrong URLs


Corrects that the file names of the documentation are consistent


Fixed deletion of PageRefs in preview context.

New features

ID Description


Added functionality to disable media generation to CaaS to support CDN scenarios


The obsolete endpoint "/_logics/metrics/metrics" has been removed from the REST interface. It has been superseded by the metrics endpoint reachable under "/_metrics".

69. Version 2.0.40

Fixed issues

ID Description


Fixed: Deleting and moving sections did not trigger updates in CaaS for preview


Upgraded async-http-client to 2.5.3


More efficient connection handling implemented for preview.


Fixed problem where parallel usage of OCM and schedule execution or parallel executions of multiple schedules lead to transmission problems


Fixed version number in admin webapp footer to display the correct version information instead of placeholder.

New features

ID Description


Changed the Admin Webapp to use Basic Auth with username and password instead of auth token in order to be able to remove the sticky session definition from Rest API ingress.


Added recommendations for storage usage on mongo pods in technical datasheet.

70. Version 2.0.32

Fixed issues

ID Description


Improving handling of async HTTP client to avoid leaked threads and reduce number of needed client instances.


The pages overwrote each other in the case of a content-projection that generated multiple pages with more than one element per page. This has been fixed and the CaaS URL contains the element offset in order to be unique.


External data sources from FirstSpirit did not work with the CaaS URL creator. This has been fixed.


Fixed usage of multiple sequential generation tasks in a single CaaS deployment. Parallel generations do not work!

71. Version 2.0.22

Update Notice

Due to changes in FirstSpirit "Access denied to de.espirit.firstspirit.agency.ConnectionDelegatingSpecialistsBroker$ManagerBrokerImpl" warnings appeared during CaaS deployments. The usage of the internal APIs are changed to not trigger these warnings anymore. Therefore we from now on expect CaaS to run with a FirstSpirit server 2018-07 or newer. Older versions are not supported anymore!

Further information can be found in the migration guide.

New features

ID Description


Changed FirstSpirit API Access

72. Version 2.0.21

Fixed issues

ID Description


Fixed caching issue in TPP which caused URLs through remote connections to be outdated in some cases


Closing the underlying HTTP client explicitly when not needed anymore.

New features

ID Description


Added support for automatic SSL certificate issuing using an external cert-manager component in Kubernetes

73. Version 2.0.15

Fixed issues

ID Description


Fixed wrong selection for preview mode in project app configuration

New features

ID Description


Updated docs to reflect there is support for data sources with TPP


Improved timeout handling of file and document transfers


Re-added streaming for file transfers from FS to caas-rest-api


The admin-webapp is now based on nginx 15.3 alpine docker image.


The release process now automatically uses the most recent OpenJDK8 base image for the caas rest API docker image

74. Version 2.0.6

New features

ID Description


Added option to override proxy uri in schedule and preview configuration.


Enhanced internal code quality assurance.


Using an asynchronous HTTP client for accessing REST API

75. Version 2.0.0


From now on, the communication between FirstSpirit module and CaaS stack happens directly via http and without any further indirections.

This version adds the possibility to add HTTP proxy support to your module configuration in order to reach the REST API via a proxy.

Update Notice

It is no longer necessary to provide a copy of the fs-license.conf file for the rest-api component in both the docker-compose and kubernetes stack. For the FirstSpirit module, it is still necessary.

There have been many changes in this version of CaaS. Please refer to the migration guide to review what needs to be changed.

As previously announced, the standalone package won’t be supported anymore. Therefore it is removed from our future releases including this one.

Please keep in mind, that we also restructured our documentations and the standalone distribution will no longe be documented at all. The new main documentation is about using CaaS using Docker (or Kubernetes).

For migration purposes, take a look at the latest documentation regarding the stacks mentioned above.

The CaaS service configuration now has to be configured differently: Instead of a configuration for a connection to the message bus, the url to the REST api, as well as a valid API key has to be configured now.

Fixed issues

ID Description


Handled possible NPE on collection cleanup.


Attempt to save an existing file is no longer treated as an error


Fixed issue with simultaneous schedule execution and preview service usage


Documentation updates regarding webapp configuration using the docker stack


Fixed an error that occurred for unconfigured deactivated projects while installing the module


Fixed ordering of templateset names in preview CaaS configuration


Removed synchronized creation of database and collection as no longer needed with RESTHeart 3.4.2


Fixed problem where logging of the schedule results was inconsistent


Added retry in case of connection error


Fixed window width of CaaS service configuration

New features

ID Description


The maximum body size configuration for the rest api ingress has been set to 100Mb.


Improved migration guide


Overriding the maximum number of parallel connections to Rest API is now possible in the schedule


Showing fundamental information about CaaS after installation using helm.


Added trace IDs to sent requests to Rest API


Automatic preview service restart on project configuration change added.


Added transmission time metrics for deployments to the module and report


Improved license check behavior


Upgrade to Restheart 3.4.2


caas-gateway has been removed from the docker stack and a default configuration for a preview caas has been added


Optimized internal message handling in FistSpirit module.


Removed CaaS standalone distribution


Implemented direct connection between module and REST api


Added HTTP proxy support.


CaaS bus and adapter have been completely removed


Using multiple parallel connections to optimize data transfer from FirstSpirit to Rest API


Merged adapter logic into FirstSpirit module.


By defining an empty imagePullSecretName the declaration of imagePullSecrets is omitted

76. Version 1.3.35

Fixed issues

ID Description


Removed unused admin webap configurations


Preview generation now waits for complete revision commit on event.


Fixed preview deployment behavior with wrong section revision


Fixed preview generation of content projection on dataset changes


Fixed asset loading for admin webapp in standalone operating mode

77. Version 1.3.32

Fixed issues

ID Description


Fixes a bug in restheart that made some types of filter queries fail with a 400 (BAD REQUEST). Workaround for users of the older versions is to url-encode filter queries before sending them to the server.

78. Version 1.3.31

Fixed issues

ID Description


imagePullPolicy for Kubernetes was missing in some cases - this has been fixed


Avoid duplicate creation of assets during a single schedule.


Added retry in case of connection error


Added debug logging for persisted urls on save action

79. Version 1.3.30

Fixed issues

ID Description


Changed ordering usage of k8s values restApi.host and restApi.ingress.host to make it possible to override the rest-api host usage in the admin webapp in case an ingress resource has been created.

New features

ID Description


The admin webapp container does not need root privileges anymore

80. Version 1.3.29

Update Notice

Be sure to check the official release notes in case you have custom CaaS content and / or queries: https://github.com/SoftInstigate/restheart/releases

Fixed issues

ID Description


Deleting API Keys directly without using any RESTHeart filter.


Improved handling for problems with mongoDB journaling


Fixed an issue that would sometimes cause apikeys to not be displayed correctly


Removed authentication for OPTIONS request on _logic/license resource.


Minor updates in Kubernetes and Docker documentation


Improved error handling during license file check.


"API-Key permissions are stored without trailing slash now

New features

ID Description


Upgraded RESTHeart to version 3.3.1


Lowered log level for metrics requests to generate less logs in the default case


Restructured chapter regarding import of docker containers and docker compose configuration.


added more data to the JSON response from /_logic/license

81. Version 1.3.28

Update Notice

The base path of the admin webapp has been changed from /caas to /.

For Kubernetes: Keep in mind that the service port has been changed from port 8080 to 80 in a previous release, too. The defined ingress currently uses features from nginx-ingress-controller. If you want to use the built-in ingress, you need to use that ingress controller. If you do not use the built-in ingress controller, you may need to fill the value restApi.host in your values.yaml to be able to connect to caas-rest-api from caas-admin-webapp. Make sure the provided URL is reachable for all users of the caas-admin-webapp.

Fixed issues

ID Description


Renamed environment variables to avoid conflicts with those generated by Kubernetes


Busybox Image was missing in previous releases and has now been added.


An erroneous port mapping in the ingress definition for the admin webapp has been corrected.

New features

ID Description


The admin webapp no ​​longer contains its own instance of the rest API, but now connects against the regular instances. The base path was changed from /caas to /.

82. Version 1.3.27


The documentation for the technical preview of CaaS with Kubernetes is now also available in english.

New features

ID Description


Empty CaaS Deployments lead to generation of a cleanup message now.


Kubernetes technical preview documentation available in english


Kubernetes: Added support for custom Ingress configuration in WebApp and Rest-Api

83. Version 1.3.26

Update Notice

If you are using CaaS with Kubernetes, please consider using this version instead of 1.3.25.

Fixed issues

ID Description


Kubernetes: Fixed a bug with a wrong MongoDB version.


updated migration guide to include the new licenses introduced with version 1.3.14

84. Version 1.3.25

Update Notice

CaaS on Kubernetes: The service of caas-webapp changed its ports from 8080 to 80 and 4443 to 443 (default ports for the protocols). You should now be able to not specify ports at all where they are used. Your old configurations (using 8080 or 4443) will not work anymore.

If you already use a custom cluster-key file (by replacing the default file), you now have put the content of your custom file into the values file. Keep in mind, that your custom cluster-key file won’t be used anymore from now on.

With this release Kubernetes support will be limited to version 1.8.0 or higher.

New features

ID Description


Improved error logging in case a project does not include a single PageRef (which is not supported)


Kubernetes: Changed WebApp Service ports (Ports 80/443 instead of 8080/4443)


MongoDB Cluster-key is now configurable from values.yml instead of replacing a file.


updated Kubernetes API version


Kubernetes: Added support for pod annotations in values.yaml

85. Version 1.3.24

Fixed issues

ID Description


Improved timeout behaviour with third party firewalls

86. Version 1.3.23

Fixed issues

ID Description


Fixed connection problem between adapter and rest-api in kubernetes


Changed liveness probe of the bus component to use the metrics endpoint.

New features

ID Description


CaaS-Adapter: number of replicas is now configurable in the values.yaml

87. Version 1.3.22

Update Notice

The endpoint located at /_logic/metrics/threads is no longer accessible and will respond with a status of 404.

The service of caas-rest-api changed its ports from 8080 to 80 and 4443 to 443 (default ports for the protocols). You should now be able to not specify ports at all where they are used. Your old configurations (using 8080 or 4443) will not work anymore.

All CaaS components (including FS module) require Java 1.8

Fixed issues

ID Description


Internal optimizations for memory usage


Improvements in the kubernetes memory limits handling


Kubernetes: Removed warnings about SSL handshake from caas-bus-logs. Changed some service ports (e.g. caas-rest-api resides on port 80/443 now instead of 8080/4443)

New features

ID Description


Removed thread-dump metrics


Improved support for kubernetes clusters with RBAC support and with special security contexts


Bus now offers HTTP and HTTPS transports. This allows clients to tunnel over HTTP or HTTPS avoiding any firewall issues.

88. Version 1.3.21

Update Notice

The CaaS standalone installation will be removed from the distribution in the next minor release.

Variables CAAS_BUS_MAX_MEMORY and CAAS_BUS_MIN_MEMORY have been removed. Memory limits for the bus application are now defined using the _JAVA_OPTIONS flag.

Fixed issues

ID Description


Metrics metadata use patch semantics now.


Small documentation changes regarding the usage of FirstSpirit Third Party Preview


Memory limits for all applications are now explicitly defined by "_JAVA_OPTIONS". Memory usage for all containers have been increased.

New features

ID Description


CaaS standalone installation will be removed in the next minor release.

89. Version 1.3.20

Fixed issues

ID Description


Fixed database timeout issues with third party firewalls


Corrected counting of documents inside collections and increased maximal collection size from 100 to 500 in Admin Interface Browser

90. Version 1.3.19


There is a technical preview available for CaaS in Kubernetes. Customers who want to install CaaS in Kubernetes can use the new helm chart for installation. Feedback is highly appreciated. The Kubernetes implementation replaces the old docker-compose-cluster configuration, which has ben removed and is not supported anymore.

Update Notice

  • CAAS_MASTER_API has been changed to CAAS_MASTER_API_KEY

  • We’re now using the official MongoDB docker image instead of a self-built one

New features

ID Description


Added support for mongo-clusters in Kubernetes with Helm

91. Version 1.3.17

Fixed issues

ID Description


Fixed error with wrong metadata in metrics hooks.

New features

ID Description


CaaS documentation is now available online under https://docs.e-spirit.com/caas/ .


caas-admin-webapp can now be configured using an external .js file

92. Version 1.3.16


Configurable CaaS project names

It is now possible to change an element’s CaaS project, just like it was already possible for its collection name.

Third Party Preview integration support

By adding a project component it is now possible to make use of the FirstSpirit Eventing API. Using this project component means that each content change triggers a CaaS generation which deploys the current state of the project data into a Preview CaaS. Furthermore this feature allows you to integrate the FirstSpirit Party Preview which provides external app data in the FirstSpirit ContentCreator.

CaaS now supports metrics that allow to be used for monitoring and in some cases for autoscaling, see endpoint /_metrics on different levels.

New features

ID Description


Made CaaS project names configurable


Prepared backend for server events.


Added finer grained metrics to CaaS.

93. Version 1.3.15


CaaS can now be deployed in kubernetes via a helm chart, which makes installing and updating the stack much easier.

Update Notice

If you have installed CaaS in k8s using another method and want to switch to the helm variant, please uninstall the old stack beforehand. You can re-use the persistent volume claims of the mongo database - have a look at values.yaml from the helm chart for more information.

Fixed issues

ID Description


MongoDB driver property "serverSelectionTimeout" is now configurable.

New features

ID Description


Added helm chart for CaaS


Changed healthchecks of the CaaS bus and REST interface components.


Fixed wrong "waitInMillis" behavior

94. Version 1.3.14

Update Notice

As mentioned in the releasenotes of Content as a Service version 1.3.13, the new license file format is a strict requirement from the current version on. Please take a look at the releasenotes of 1.3.13 for further details.

New features

ID Description


Changed license requirements and updated documentation

95. Version 1.3.13

Update Notice

Please note that CaaS requires a special license from the upcoming release on. If you are already using CaaS, please contact the e-Spirit Technical Support, in order to receive an appropriate license. Please attach the license you currently use in CaaS (see also chapter 3.1.1 of the CaaS documentation) to the reqeust. As a new customer, you normally already received an appropriate license. To be on the safe side, please check the line in your license file that starts with license.SCOPE: If the value is SERVICE here, your license is up-to-date and appropriate. If not, please contact us.

Fixed issues

ID Description


Enhanced error messages for missing project properties

New features

ID Description


Added important update notice

96. Version 1.3.12

Fixed issues

ID Description


Filename attribute not allowed in JSON documents


CaaS Path reset to the defaults fixed

New features

ID Description


added checks for reserved attribute names before sending a message to the CaaS


added checks for json validity before sending a message to the CaaS

97. Version 1.3.11

Fixed issues

ID Description


Prevent deployment of resources with starting underscore in their name


fixed healthcheck on the caas-gateway docker container


Remove logging of MongoDB passwords in bootstrap

New features

ID Description


Added the possibility to set memory limits for the caas-bus and Java within the docker containers

98. Version 1.3.10

New features

ID Description


Added a new default config for a better cluster performance.

99. Version 1.3.9

New features

ID Description


New chapter in the German documentation about how to link between caas and static content

100. Version 1.3.8

Fixed issues

ID Description


Modified Chapter 3.1.3 in the CaaS with Docker Documentation

New features

ID Description


Updated German Documentation for CaaS with Docker

101. Help

The Technical Support of the e-Spirit AG provides expert technical support covering any topic related to the FirstSpirit™ product. You can get and find more help concerning relevant topics in our community.

102. Disclaimer

This document is provided for information purposes only. e-Spirit may change the contents hereof without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. e-Spirit specifically disclaims any liability with respect to this document and no contractual obligations are formed either directly or indirectly by this document. The technologies, functionality, services, and processes described herein are subject to change without notice.