All notable changes to this project will be documented in this file.
- Fix security issue that allowed a user to escalate to admin status. (Kudos to j3ssie).
- Fix XSS vulnerabity on alerts and notifications. (Kudos to j3ssie).
- Fix issues #555, #562. Initial registration allows multiple admin users to be created
- Implemented missing
headers
,snis
,sources
,destingations
andpath_handling
fields on routes. - Implemented missing
client_certificate
field on services. - Added the ability to seed initial user and node data via configmaps and mounts PR: #522
- Added Basic Auth credentials support on Connections PR: #393
- Implemented ACME plugin configuration
- Updated project dependencies
- Fix some typos PRs: #551, #546
- Fixed
NO_AUTH
onboarding problems related to #474 when using a database.
- Fixed
NO_AUTH
onboarding problems related to #474. - Minor improvements.
- Fix issue #473 concerning password length validation on first user registration.
- Added support for
TAGS
in all major Kong Entities (Starting from Kong1.1.0-rc1
). - Konga can now be used without authentication. In order to do that,
simply set the env var
NO_AUTH=true
. - You can now seed default Users and Kong Connections on first install. Check out the docs.
- The new env var
BASE_URL
, allows you to run Konga behind a reverse proxy on a relative path. For example, if you configure your proxy to route requests toexample.com/konga
you will need to setBASE_URL=/konga/
- Fix compatibility with new
response-ratelimiting
plugin schema. Ref issue #363. - Add ENV HOST support for sails
host
to bind host by IP address. Ref pull req #451. Big ups to narate! - Updated Dockerfile node.js version to 10.16
- Various minor fixes and improvements
0.14.1 - 27-01-2019
Starting from version 0.14.0, Konga won't be compatible with Kong versions prior to 1.0.0 due to the breaking changes on Kong's API and plugin schemas.
- [Compatibility] Kong 1.0.0 compatibility.
- [Deprecation] APIs and related implementations are deprecated.
- [Fix] Missing fields are included on the upstream form.
- [Fix] The bundled Kong plugins are no longer needed in order
features like
Accessible Consumer Routes
andSnapshots
to work properly. - [Enhancement] You can now set up alert triggers and dispatch notifications when upstream targets are not healthy.
0.13.0 - 29-09-2018
- Better onboarding experience on first install.
- User accounts are not auto-generated by default. You need to manually register the admin account on first run.
- The default Kong connection (http://kong:8001) is not auto-generated on first install.
- Login and Sign up pages got a clean redesign.
- Fix minor issues
0.12.3 - 26-09-2018
- [Fix] Solved some routing issues when running Konga behind a reverse proxy at a sub-path. #278
- [Fix] Fix Glitch that prevented editing services or routes on first login. #281
- Other minor issues
0.12.2 - 22-08-2018
- [Fix] Fix wrong require path on db prepare.
- Other minor issues
0.12.1 - 28-07-2018
- [Deprecation] Deprecated consumer imports. This feature was not adopted and provided unnecessary complexity to maintenance as well as increased the overall project's size.
- [Fix] Fixed the trailing slash issue. Konga is now able to communicate with Kong even if a trailing slash exists in the connection url.
- Cleaned up unused dependencies.
- When installing Konga from source, the
confing/local.js
file is deprecated in favor of a.env
file. Check the README.md for details.
0.12.0 - 07-07-2018
- [Fix] Fix snapshots implementation. Use auto generated entity ids for proper relationships mapping.
- [Compatibility] Implement new Kong plugins properly.
- [Compatibility] Only handle plugins available on server. Starting with Kong 0.14, the list of available plugins can be defined in KONG_PLUGINS env var.
- [Enhancement] Implemented Accessible Services and Routes logic on Consumer page.
- [Enhancement] Implemented Eligible consumers listing based on ACLs and Authentication plugins in Services & Routes
- [Compatibility] Changed certificates and snis logic for compatibility with Kong 0.14
- [Fix] Changed the db prepare command
- Updated dependencies.
- Various other fixes and improvements.
0.11.2 - 15-06-2018
- Various Fixes.
0.11.0 - 08-06-2018
- [Compatibility] Services and Routes support (Kong 0.13+).
- [Fix #217] Api health checks are now deleted as they should when deleting an api.
- [Enhancement] Added the ability to set description and tags to Kong's services for better management.
- [Enhancement] In plugin management forms, all text inputs are changed to textareas so that custom plugins can be better integrated #189.
- [Enhancement] Database integrations can now be setup by only using the connection url as well as defining connection attributes separately.
- Various other fixes and improvements.
This update introduces changes in db schema. If you have integrated Konga with a database other than mongoDB, you will have to apply the migrations as described in README.md
0.10.4 - 08-03-2018
- Better assets caching
0.10.3 - 07-03-2018
- Added passive health checks configuration in upstreams
0.10.2 - 03-03-2018
- [Fix #178] Fix issue that produced hook timeouts.
- [Fix #175] Health checks are now removed when an API is deleted.
- [Fix] Fix GET targets AND Add possibility to select Hash_on for Upstreams for Kong 0.12.x.
- [Fix] Fix SSL connection to Postgres.
- [Fix] Fix api timeouts to match Kong defaults.
- [Fix #146] Update active Connection's version automatically when Kong version changes.
- [Fix #131] Statsd plugin management is working as expected again for versions of Kong >= 0.11.x. As a result, Kong versions < 0.11.x are not supported.
- [Enhancement] Feature to change Konga default users #168. See details
- [0.12.x compat] Show Upstream health for node when Kong >=0.12.2
- Various other minor bug fixes and improvements.
0.9.1 - 06-12-2017
- [Fix] Fix certificate uploads.
- [Enhancement] Reveal all of oauth credential info in consumer credentials list.
- [Fix] Address connection ui issues.
- [Fix] Fix user signup.
- [Enhancement] [Add environment variables for socket adapter configuration to allow easy socket configuration in docker.](Add environment variables for socket adapter configuration to allow easy socket configuration in docker.)
0.9.0 - 23-10-2017
A database update is required! Make sure you run Konga in dev mode once so that the migrations will take place.
- [Enhancement] Only admin users can access snapshots.
- [Enhancement] You don't have to manually specify Kong version when creating a connection anymore. It is now retrieved automatically throughout the application.
- [Enhancement] You can now schedule your Kong node snapshots and leave Konga to do the rest.
- [Enhancement] Introducing connection types (Breaking change).
- [Enhancement] Added support for
JWT Auth Loopback API
. - [Fix] Fixed some issues with snapshots and snapshot restoration.
- [Fix] Consumer imports are working again.
- [Fix] Fixed database info display on dashboard page when using Cassandra.
Due to the new Connection types logic, the existing connections to Kong admin API are likely to stop working. You will need to create new ones using the new forms. No data or settings will be lost.
0.8.9 - 8-10-2017
- Allow certificates deletion.
- Manage SNIs from certificates detail modal.
0.8.8 - 8-10-2017
- When starting the app for the first time using postgres or MySQL adapters, Konga will now create the databases automatically.
- Parts of UI are redesigned in a cleaner way.
- Consumer page now also displays the APIs a consumer can access based on his ACLs.
- Slack integration. You can now configure Konga to send notifications to slack.
- Fix issue which prevented consumer creation with empty
username
orcustom_id
. - Other minor bug fixes and improvements.
0.8.0 - 23-5-2017
- UI/UX revamp.
- Massive refactoring and logic improvements.
- Configurable user permissions.
- Various bug fixes and improvements.
0.8.7 - 29-9-2017
- [FIX] Tests are working again.
- [FIX] Better error handling when adding groups and credentials to consumers.
- [FIX]
kongadata
dir is now created inside the project folder by default. The docker volume now becomes/app/kongadata
0.8.6 - 24-9-2017
0.8.5 - 23-9-2017
- Fix docker automated builds failure.
- Removed kong admin url from connections chooser.
- Sails js hookTimeout is now configurable via env var
KONGA_HOOK_TIMEOUT
.
0.8.4 - 19-9-2017
- Fix bug where a new user could not be created when users where not allowed to sign up.
- Hide API keys in connections when logged in as a simple user.
0.8.3 - 20-8-2017
- Kong 0.11.x compatibility.
- Added the ability to manage consumer plugins directly from the consumer edit page.
- More dynamic backwards compatibility logic.
- Other minor fixes and improvements.