We are glad to present Apache APISIX 3.7.0 with exciting new features, bug fixes, and other improvements to user experiences.
This new release adds a number of new features, including the support for ACL tokens for Consul service discovery, authorization parameters in
openid-connect plugin, Nacos AK/SK authentication, and more.
There are also a few important changes included in this release. Should you find these changes impacting your operations, please plan your upgrade accordingly.
Restrict modification to create time and update time of core resources
In the earlier versions, modifying resources'
update_time was unrestricted with Admin API. This behaviour is unneeded and prone to risks. Starting from 3.7.0, users would not be allowed to modify these timestamps.
validity_end attributes from SSL schema
validity_end attributes from SSL schema as these information are present in the certificate.
opentelemetry plugin attributes to beter follow the specifications
apisix.service_name in the
opentelemetry plugin to follow the OpenTelemetry specifications for span name. For more information, see PR #10393.
Support ACL tokens for Consul discovery
Support for ACL tokens when using Consul or Consul KV service discovery. For more information, see PR #10278.
Support configuring services for stream routes
Support referencing services in stream routes to configure upstreams. For more information, see PR #10298.
Support authorization parameters in
Support additional authorization parameters in the
authorization_params attribute of the
openid-connect plugin. For more information, see PR #10058.
Support setting variables in
Support Nacos AK/SK authentication
Support Nacos AK/SK authentication. The access key and secret key can be configured in the configuration file as follows:
access_key: "" # Nacos AccessKey ID
secret_key: "" # Nacos AccessKey Secret
For more information, see PR #10445.
post_arg_*variable matching failure when the POST form
Content-Typeis appended with character set (PR #10372)
apisix-runtimeas the default APISIX runtime (PR #10415 and PR #10427)
- Add tests for
authz-keycloakwith apisix secrets (PR #10353)
- Keep healthcheck target state when upstream changes (PR #10312 and PR #10307)
- Fix incomplete log compression due to timeout in the
log-rotateplugin (PR #8620)
For a complete list of changes in this release, please see CHANGELOG.