Release Notes for Spring Cloud Gateway for VMware Tanzu

Page last updated:

These are release notes for Spring Cloud Gateway for VMware Tanzu.

v1.0.9

Release Date: July 6, 2020

Fixes Included in This Release

  • Resolved issue with count configuration not updating existing count value.
  • Resolved issue with application-security-groups configuration not applying on cf create-service.

v1.0.8

Release Date: June 23, 2020

Enhancements Included in This Release

  • The ClientCertificateHeader filter can now validate the SHA-1 or SHA-256 fingerprint of a client SSL certificate.

Fixes Included in This Release

  • Resolved an issue that could cause a DelayTimeoutException during the “upgrade-all-instances” lifecycle errand.
  • Resolved a timeout issue that could occur when updating a service instance using the cf update-service command.
  • Resolved an issue that caused service instances to not respect the error-routes parameter.
  • Resolved an issue that could cause a service broker error when binding or unbinding an app to a service instance after a service broker restart.

v1.0.7

Release Date: May 5, 2020

Enhancements Included in This Release

  • Added Cross-Origin Resource Sharing (CORS) configuration for service instances.
  • Added ability to view service instance logs via cf CLI plugin
  • Fixed issue for users with Space Developer role accessing dashboard when there a significant number of spaces defined on the platform.
  • Fixed issue with logout redirect when using custom SSO plan with external identity provider.

v1.0.6

Release Date: April 28, 2020

Enhancements Included in This Release

  • Added ability to dynamically update route configuration for bound application via API rather than cf rebind workflow.
  • Added upgrade-all-instances errand that can be enabled to upgrade all existing service instances during tile upgrade.
  • Modified /scg-logout to automatically logout of UAA.
  • Updated service instance internal domain to be generated to allow multiple instances across isolation segments to have same host value.
  • Updated stemcell to Xenial 621.* major version.
  • Fixed issue with service instance dashboard authentication redirect for TAS Enterprise SSO with SAML configuration.

v1.0.5

Release Date: March 23, 2020

Enhancements Included in This Release

  • Resolved issue with service instance dashboard authentication when using SAML configuration for a service app.

v1.0.4

Release Date: March 20, 2020

Features Included in This Release

  • Spring Cloud Gateway for VMware Tanzu now supports App Security Groups (ASGs).

Enhancements Included in This Release

  • Service instance communication with apps via container-to-container (C2C) networking now supports mutual TLS.

v1.0.3

Release Date: March 13, 2020

Features Included in This Release

  • A new order parameter for routes specifies the order in which the Gateway will direct clients to each of multiple routes with the same predicates and paths. See Route Parameters.
  • A new ClientCertificateHeader filter, when using mutual TLS, validates client certificates used to access the route.
  • Spring Cloud Gateway for VMware Tanzu now supports the metadata.connect-timeout and metadata.response-timeout properties for individual routes, so that each route can have individual connection and response timeout settings. For more information, see Route Parameters.
  • The backing app for a Spring Cloud Gateway service instance now enables the Spring Boot Actuator /httptrace endpoint, used to view HTTP request trace information. For more information, see Spring Boot Actuator Endpoints.
  • A new error-routes parameter specifies paths or URLs to which the Gateway will redirect a user after encountering a given HTTP error status code, or one of a class of HTTP status codes. See HTTP Error Response Routes.

Enhancements Included in This Release

  • A Spring Cloud Gateway for VMware Tanzu service instance, when using Single Sign-On for VMware Tanzu, uses a different authentication session from the sessions used by client apps. This benefits client apps using Spring Security and Spring Session.

Fixes Included in This Release

  • Parameters used to configure a Spring Cloud Gateway for VMware Tanzu service instance are now validated at create time.

v1.0.2

Release Date: February 13, 2020

Features Included in This Release

  • Added ability to use Circuit Breaker filters in route definitions.

Fixes Included in This Release

  • Resolved issue with changing host or domain that would result in SSO login redirect failing.
  • Resolved issue with requesting SSO scopes.
  • Resolved service instance dashboard 500 HTTP error status condition when modifying HA configuration.

v1.0.1

Release Date: January 28, 2020

Fixes Included in This Release

  • Fixed issue with Cross-Site Request Forgery (CSRF) HTTP POST, PUT and DELETE requests when using SSO route filters.
  • Added custom role attribute roles-user-attribute-name for configuring SSO on service instance.
  • Added identity provider attribute identity-providers for configuring SSO on service instance.
  • Added roles as top-level route configuration parameter.

v1.0.0

Release Date: January 8, 2020

Features Included in This Release

  • A Spring Cloud Gateway service named p.gateway is added to the Marketplace.
  • The Gateway service broker and service instances are based on Spring Boot 2.2 and Spring Cloud Hoxton.
  • A p.gateway service instance can be created with custom configuration parameters passed to the Cloud Foundry Command Line Interface (cf CLI) tool cf create-service or cf update-service commands using the -c flag. For information about configuring routes for a service instance, see Configuring Routes.
  • Service instances can be defined with hostname and domain for specifying desired base URL for service routes. For more information, see Managing Service Instances.
  • The backing app for each service instance exposes the Spring Boot Actuator info endpoint, which provides build version and Git commit hash information.
  • The backing app for each Service instance exposes Spring Boot Actuator health and gateway/routes endpoints, which are restricted to Cloud Foundry Admin and Space Developer roles.
  • A dashboard for each service instance provides a health indicator and the current route configuration.
  • Spring Cloud Gateway integrates with the Single Sign-On for VMware Tanzu tile (a soft dependency of Spring Cloud Gateway for VMware Tanzu) to support Single Sign-On (SSO) for services bound to a Gateway service instance.
  • Custom route filters enable SSO, configure role authorization, define requested scopes for a service, and set up authorization token relay to a service.
  • A simplified route configuration can gather default values for route settings from the platform.
  • Support for service hiding via container networking is enabled automatically when using cf bind-service to configure routes. The Spring Cloud Gateway service broker automatically sets up network policies for the Gateway backing app so that the app can communicate with the internal route of the service app. In this approach, all internal communication is TLS-encrypted.
  • Rate limiting is configurable per route configuration.
  • A count configuration parameter scales backing apps for each Gateway service.

Known Issues in This Release

  • If a route configuration uses one of the SSO-related filters, the Spring Cloud Gateway for VMware Tanzu service instance requires a CSRF header for any HTTP PUT, POST, or DELETE requests, and because this header cannot be set, the request fails. (Fixed in 1.0.1.)