Make sure decK runs against Kong Gateway if a non-default --kong-addr is provided, even if some lingering Konnect environment variables are present. #738
deck validate with --online flag is not currently supported with Konnect cloud. A clear error message is provided when this command is invoked. #718
Improve error message when workspace is used in Konnect mode. #696

v1.14.0

Release date: 2022/08/19

Added

Add support to multi-geo for Konnect. #732
Support PAT (Personal Access Tokens) for Konnect authentication. #710

v1.13.0

Release date: 2022/07/14

Fixes

Fixed a failure when performing a diff against non-existent workspaces. #702

Added

Added support for plugin ordering field. #710

v1.12.4

Release date: 2022/07/07

Fixes

Make sure decK correctly includes select_tags when dumping from Konnect. #711

v1.12.3

Release date: 2022/07/05

Added

Add rate-limiting capabilities to Konnect client. #705

v1.12.2

Release date: 2022/06/06

Fixes

Only include referenced objects IDs in API requests to fix issue with Konnect. #693
Make Oauth2Credential's redirect_uris field not required as it's been so since Kong 1.4.0. #688

v1.12.1

Release date: 2022/05/13

Added

Log descriptive names when configuring plugins on other entities. #662
Docker images now include jq to assist with pre-processing environment substitutions. #660

Fixes

Service's enabled field is now correctly parsed when present in config files. #677
Route references to services by name are now properly handled when printing diffs. #657
decK uses its own user-agent header value for Konnect commands also. #654

v1.12.0

Release date: 2022/04/22

Added

Inject decK version into User-Agent header for requests originating from decK #652
Konnect can now be configured via the main deck command, while deck konnect is now considered deprecated. #645
Added --skip-ca-certificates flag. When present, decK will not attempt to sync CA certificates. This assists with using decK to manage multiple workspaces. CA certificates do not belong to a specific workspace, but can be seen and managed through workspaced endpoints. decK will attempt to remove them if they are not present in a state file when syncing a workspace, even if they were created for use with configuration in another workspace. #617
Users can no longer set default values for fields where a default value does not make sense (such as fields with unique constraints, like id), and will print an error indicating the restricted field. #613
Universal binaries are now available for OS X. #585
Validation failures now log the name or ID of the invalid entity. #588

Fixes

Fixed unreliable diff outputs due to external dependency (gojsondiff). #538
De-duplicated select_tags in file metadata to avoid erroneous mismatch reports when using --select-tags with multiple state files. #623
Fixed several marshalling and URL construction issues for RBAC endpoint permissions. #619 go-kong #148
Fixed a regression that broke workspace creation in v1.11.0. #608
Fixed a regression that broke plugins dedup feature in v1.11.0. #594
Invalid YAML in state files no longer parses as an empty target state. #590

Under the hood

decK now uses Go 1.18. #626

v1.11.0

Release date: 2022/02/17

Added

decK now populates core entities defaults from their schema leveraging the Admin API. #573
decK now populates plugins defaults from their schema leveraging the Admin API. #562
decK prevents user interaction with any internal-only Konnect plugins. #564
decK now supports mTLS Kong Admin API authentication via --tls-client-cert/--tls-client-cert-file and --tls-client-key/--tls-client-key-file flags. #509
decK validate now has an --online flag enabling entity validation against the Admin API. This lets users validate their configuration before deploying it. #502

Fixes

decK now can set zero values (false, "", 0) in entity fields. #580
Attempting to run sync on multiple workspaces now returns an error rather than applying a single workspace to all entities. #576
Skip consumers when using --skip-consumers with the sync command. #559
The --analytics flag now works with the konnect ping command. #569
Duplicate select_tags in separate files and --select-tags no longer cause errors. #571
The --header flag is now enabled for Konnect commands. #557

v1.10.0

Release date: 2021/12/14

Added

decK can now inject cookies in its request to Kong Gateway. These cookies can be session cookies set by the Admin server for auth. --kong-cookie-jar-path is the cli flag that indicates path to cookie-jar file #545

v1.9.0

Release date: 2021/12/09

Breaking changes

The https://hub.docker.com/r/hbagdi/deck image is deprecated. 1.8.2 is the last release uploaded to it. You must switch to https://hub.docker.com/r/kong/deck to use 1.9.0 and future releases.

Added

decK now handles _transform state file metadata. #520

Fixed

--select-tag applies its tags to newly-created entities whether or not the tag is also present in the state file metadata. #517
Timeouts in Syncer.Run() now return an error instead of syncing only a subset of the requested changes and reporting success. Downstream clients using decK as a library can determine when their sync attempt failed due to a timeout. #529

v1.8.2

Release date: 2021/09/27

Added

ARM64 Linux and Darwin binaries are now available.

Fixed

Workspace existence checks now work with workspace admins.

v1.8.1

Release date: 2021/09/22

Fixed

Update go-kong to v0.22.0 to fix a bug with detecting non-existent workspaces.

v1.8.0

Release date: 2021/09/13

Added

Flag --silence-events has been added to deck diff and deck sync commands. The flag disables output of events to stdout. #393
decK now supports shell completions. To set up completion, please read the output of deck completion --help command. Support shells are Bash, Zsh, Fish and Powershell. #416
decK now support defaults. This feature helps with avoiding repetition of common fields in Kong's configuration and instead specifying them in a single place. #419
A new --timeout flag has been added to the root command to specify timeouts in seconds for various requests to Kong. #450

Fixed

Fix a data race with operations counters #381
Correct the formats for conversion #460
Updates to target entity do not result in an error anymore #480

Misc

Variety of linting updates
Variety of refactors to improve the code health of the project
A security policy has been added to the repository

v1.7.0

Release date: 2021/05/20

Added

State files now support environment variable-based templating. decK can substitute the value of an environment variable into an object in the state file. This is useful for avoiding persistent cleartext storage of sensitive values and populating values that vary between similar configurations. #286
Sort state file objects by name, to ease comparing state files from similarly-configured instances that do not share object IDs. #327
Added a default timeout to HTTP requests. 37eeec8
Implemented convert command for converting state files between Kong Gateway and Konnect configuration formats. This is aimed to solving migration problem between on-premise Kong clusters and Konnect SaaS. #330
Add --konnect-addr flag to set Konnect address. This can be used to target Konnect data-centers in geographical regions other than the US. #374
Added support for document objects for Service Packages and Versions in Konnect. #388

Fixed

Fixed duplicate error message prints. #317
Handle mtls-auth credential API behavior when Kong Enterprise is running in free mode. decK no longer treats the free mode mtls-auth behavior as a fatal error. #321
--select-tag tags are now applied to credentials. #282
Fix empty Service Package descriptions not syncing correctly. #347
Updating certificate fields no longer deletes SNI associations. #386

Misc

Refactored utility functionality to take advantage of new features in go-kong.
Added reworked usage analytics. #379

v1.6.0

Release date: 2021/04/08

Added

decK now prompts by default before overwriting existing state files when dumping config. Including --yes in args assumes yes and overwrites state files without prompting. #285

Misc

Removed analytics. #301

Breaking changes

Changed github.com/blang/semver module to github.com/blang/semver/v4. If you use decK's file package in other applications, you will also need to update the semver module used in your application. #303

v1.5.1

Release date: 2021/03/23

Fixed

Targets with identical IP and port values no longer conflict when created for different upstreams. #280
Fixed issue where Konnect flag defaults overwrote non-Konnect flag defaults, which broke the --all-workspaces flag. #290
Diff output no longer prints resource timestamp information. #283
Tracebacks no longer include unwanted information specific to the build environment. #284

v1.5.0

Release date: 2021/03/06

Added

decK now supports Kong Konnect. Configuration for Kong Konnect can be exported, diffed and synced using decK. A new command konnect has been introduced for this purpose, which has 4 sub-commands: ping, dump, diff, and sync. This feature in decK is currently in alpha state, which means there can be breaking changes to these commands in future releases.
decK now supports two new Kong Enterprise resources: RBAC role and RBAC endpoint-permission. Special thanks to @tjrivera for this contribution. A new flag --rbac-resources-only has been introduced to manage RBAC-only configuration via decK. #276
Certificates and Kong Services can now be managed separately. A check for existence of Certificate has been relaxed to make this possible. #269

v1.4.0

Release date: 2021/02/01

Added

deck now handles the request_buffering and response_buffering options for Route #261

Fixes

Updated brew syntax #252
Fixed YAML/JSON file detection logic #255

v1.3.0

Release date: 2021/01/15

Added

decK will now retry sync operations that encounter a 500 error several times before failing completely. #226

Fixed

Fixed regression that broke workspace creation. #252
Analytics failures no longer delay execution. #254

v1.2.4

Release date: 2021/01/06

Fixed

Fixed a bug that disabled verbose output. #243
decK no longer considers tag order significant. This avoids unnecessary resource updates for Cassandra-backed clusters. #240

v1.2.3

Release date: 2020/11/18

Fixed

Sync operations now handle plugins with array configuration correctly. #229
Removed unecessary permissions requirement for checking workspace existence. #225

v1.2.2

Release date: 2020/10/19

Added

decK now prints a change summary even if it encountered an error. #197
decK now prints the ID of entities that it could not successfully sync. #199
Issues sending analytics will now emit a panic. #200
decK now creates the workspace specified with --workspace if it is not already present. #201
decK prints descriptive information about duplicated entities. #204

Fixed

Resolved a concurrency bug during syncs. #202

decK has move under Kong's umbrella. Due to this change, the package path has changed from github.com/hbagdi/deck to github.com/kong/deck. This release contains the updated go.mod over v1.2.0. There are no other changes introduced in this release.

v1.2.0

Release date: 2020/08/04

Added

decK is now compatible with Kong 2.1:
- New Admin API properties for entities are added.
- Ordering of operations has changed to incorporate for new foreign-relations #192
New flag --db-update-propagation-delay to add an artifical delay between Admin API calls. This is introduced for better compatibility with Cassandra backed installations of Kong. #160 #154
decK now errors out if there are invalid positional arguments supplied to any command.
Stricter validation of state files. #162
ID property of CACertificate is always exported. #193

Fixed

Ignore error for missing .deck config file #168
Correctly populate port in Service's URL (a sugar attribute) #166
Correct the help text for --tls-server-name flag #170
Better sanitization of --kong-addr input #171
Fix typos in the output of --help #174
Improve language of warning message for basic-auth credentials #145
Deduplicate select_tags input #183

Enterprise-only

Added support for managing mtls-auth credentials. #175
decK now automatically creates a workspace if one does not already exist during a sync operation. #187
Added --workspace flag to ping command. This can be used to verify connectivity with Kong Enterprise when running as an RBAC role with lower priviliges.
New --workspace flag for diff and sync command to provide workspace via the CLI instead of state file. Workspace defined in state file will be overriden if this flag is provided.
New --skip-workspace-crud flag to skip any workspace related operations. This flag can be used when running as as an RBAC role with lower priviliges. The content can be synced to specific workspaces but decK will not attempt to create or verify existence of a workspace. #157
Additional checks for existence of workspace before performing dump or reset #167
Improve end-user error message when workspace doesn't exist

Misc

CI changed from Travis to Github Actions
Improved code quality with addition of golangci-lint
Default branch for the project has been changed from master to main

v1.1.0

Release date: 2020/04/05

Added

Added support for multiple files or directories to -s/--state flag. Use -s multiple times or specify multiple files/directories using a comma separated list. #137
Performance decK should be much faster than before. Requests to Kong are now concurrent. dump, sync, diff and reset commands will be faster than before, by at least 2x.
SNI entity in Kong is not supported natively supported #139. Most users will not observe any changes. id and tags are now supported for the SNI entity in Kong.

Under the hood

Go has been upgraded to 1.14.1
Alpine base image for Docker has been upgraded to 3.11
Multiple other dependencies have also been upgraded, but these have no user-visible changes.

Fixed

Default values for retries in Service entity and HTTPSVerifyCertificate in Upstream entity have been removed. These values can be set to 0 and false respectively now. #134

v1.0.3

Release date: 2020/03/14

Fixed

Fix certificate diff for certificates with no associated snis #131

v1.0.2

Release date: 2020/02/21

Fixed

Fix broken ca_certificate entity support #127

v1.0.1

Release date: 2020/02/14

Added

decK now supports the url sugar property on Service entity. #123

v1.0.0

Release date: 2020/01/18

Fixed

decK doesn't error out if bundled plugins in Kong are disabled #121
Consumer-specific plugins are excluded when --skip-consumers is used #119

Internal

go-kong has been upgraded to v0.11.0, which brings in support for Kong 2.0.
All other dependencies have also been upgraded, but these have no user-visible changes. b603f9

v0.7.2

Release date: 2019/12/29

Fixed

Kong's version is correctly parsed; v0.7.1 is unusable because of this bug. #117

v0.7.1

Release date: 2019/12/24

Fixed

Backward compatibility for credentials; tags are no longer injected into credentials for Kong versions below 1.4 #114

v0.7.0

Release date: 2019/12/07

Breaking changes

sync command now shows the progress of the sync. Previously, the command did not output anything but errors.

Added

Configuration of multiple plugin instances can now be de-duplicated using _plugin_configs field in the state file. #93
A summary is now presented at the end of a diff or sync operation showing the count of resources created/updated/deleted. #101
sync command now shows the progress of the sync as the sync takes place, making it easier to track progress in large environments. #100
--non-zero-exit-code flag hsa been added to diff command. Using this flag causes decK to exit with a non-zero exit code if a diff is detected, making it easier to script decK in CI pipelines. #98
A new docs website has been setup for the project: https://deck.yolo42.com

v0.6.2

Release date: 2019/11/16

Fixed

Service-less routes are correctly processed #103
Plugins for routes are correctly processed #104

v0.6.1

Release date: 2019/11/08

Fixed

Check for workspace makes call the right endpoint #94
Error checking is performed correctly when ensuring existence of a workspace #95
Multiple upstream definitions are read correctly and synced up #96

v0.6.0

Release date: 2019/11/03

Breaking changes

ID field is required for Certificate entity. Previous state files will break if ID is not present on this entity. You can use dump command to generate new state files which includes the ID field.
SNIs are exported under the name key under Certificate entity to match Kong's declarative configuration format.

Added

Kong's configuration can now be synced/diffed/dumped using JSON format, in addition to the existing YAML format. Use the --format flag to specify the format. #35
Plugins associated with multiple entities e.g. a plugin for a combination of route and a consumer in Kong are now supported. #13
JSON-schema based validation is now performed on the input file(s) for every command.
New validate command has been added to validate an existing state file. This performs a JSON-schema based sanity check on the file along-with foreign reference checks to check for dangling pointers.
Service-less routes are now supported by decK.
name is no longer a required field for routes and services entities in Kong. If a name is not present, decK exports the entity with it's ID.
Client-certificates on Service entity are now a supported.
Credential entities like key-auth, basic-auth now support tagging.
--parallelism flag has been added to sync and diff commands to control the number of concurrenty request to Kong's Admin API. #85
diff and sync show a descriptive error when a workspace doesn't exist for Kong Enterprise. 102ed5dd
--select-tag flag has been added to diff and sync command for use-cases where the tags are not part of the state file. It is not recommended to use these flags unless you know what you are doing. #81
ID for any entity can now be specified. decK previously ignored the ID for any entity if one was specified. Entities can also be exported with the ID field set using --with-id flag on the dump command. #29

Fixed

decK runs as non-root user in the Docker image. #82
SNIs are now exported same as Kong's format i.e. they are exported under a name key under the certificates entity. #76
Errors are made more descriptive in few commands.
decK's binary inside the Docker image now contains versioning information. #38

Internal

Go has been bumped up to 1.13.4.
go-kong has been bumped up to v0.10.0.
Reduced memory allocation, which should result in less GC pressure.

v0.5.2

Release date: 2019/09/15

Added

-w/--workspace flag has been added to the reset command to reset a specific workspace in Kong Enterprise. #74
--all-workspaces flag has been added to the reset command to reset all workspaces in Kong Enterprise. #74
A warning is logged when basic-auth credentials are being synced. #49

Fixed

Kong Enterprise Developer Portal exposes the credentials (basic/key) of Developers on the Admin API, but doesn't expose the consumers causing issues during export. decK now ignores these credentials in Kong Enterprise. #75

Internal

Go version has been bumped to 1.13.

v0.5.1

Release date: 2019/08/24

Added

oauth2 credentials associated with consumers are now supported. #67

Fixed

The same target can be associated with multiple upstreams. #57
Fix compatibility with Kong < 1.3. #59
Ignore credentials for consumers which are not in the sub-set of the configuration being synced. #65

v0.5.0

Release date: 2019/08/18

Summary

This release brings the following features:

Consumer credentials are now supported
Support for Kong 1.3
Kong Enterprise workspace support
Reading configuration from multiple files in a directories

Breaking changes

No breaking changes have been introduced in this release.

Added

Consumer credentials The following entities associate with a consumer in Kong are now supported #12:
- key-auth
- basic-auth
- hmac-auth
- jwt
- acl
decK's exported YAML is now compatible with Kong's declarative config file.
Homebrew support decK can now be installed using Homebrew on macOS:
```
brew tap hbagdi/deck
brew install deck
```
Multiple state files decK can now read the configuration of Kong from multiple YAML files in a directory. You can split your configuration into files in any way you would like. #22
Upcoming Kong 1.3 is now supported. #36
Kong Enterprise only features: Workspaces are now natively supported in decK
- -w/--workspace flag can be specified in the dump command to export configuration of a single workspace.
- --all-workspaces flag in dump command will export all workspaces in Kong Enteprise. Each workspace lives in a separate state file.
- diff and sync command now support workspaces via the _workspace attribute in the state file.

Fixed

decK now supports TCP services in Kong. #44
Add missing interval field in Upstream entity's unhealthy active healthchecks #45
Docker image now contains only the binary and not the entire source code. #34 Thanks to David Cruz for the contribution.

v0.4.0

Release date: 2019/06/10

Summary

This release introduces support for Kong 1.2.x.

Breaking changes

strip_path attribute of Route can now be set to false. The default value is now false, which was true previously. #18

Added

https_redirect_status_code attribute of Route in Kong can be set, and defaults to 426.

v0.3.0

Release date: 2019/05/14

Breaking changes

No breaking changes have been introduced in this release.

Added

Tag-based distributed configuration management Only a subset of Kong entities sharing a (set of) tag can now be exported, deleted, diffed or synced. decK can now manage your Kong's configuration in a distributed manner, whereby you can split Kong's configuration by team and each team can manage it's own configuration. Use select-tag feature in all the commands and config file for this purpose. #17
Read/write state from stdout/stdin Config file can now be read in from standard-input and written out to standard-output. #10, #11 Thanks to @matthewbednarski for the contribution.
Automated defaults No need to specify default values for all core Kong entities, further simplifying your Kong's configuration. Default values for plugin configuration still need to be defined, this is on the roadmap. b448d4f
Add support for new properties in Upstream entity in Kong. 080200d
Empty plugins and other Kong entities are not populated in the config file as empty arrays to keep the file concise and clean. ae38f1b
Docker image is now available via Docker Hub. You can use docker pull hbagdi/deck to pull down decK in a Docker image.

Fixed

Empty arrays in plugin configs are not treated as nil anymore. #9
Correctly sync plugins which are out of sync. Protocols field in plugins can be confused with protocols field in routes in Kong #6 Thanks to @davidcv5 for the contribution.
Throw an error if an object is not marshalled into YAML correctly.
Correctly create service-level plugins for Kong >= 1.1 #16

Misc

go-kong has been bumped up to v0.4.1.

v0.2.0

Release date: 2019/04/01

Breaking changes

No breaking changes have been introduced in this release.

Added

Consumers and consumer-level plugins can now be exported from Kong and synced to Kong.
--skip-consumers flag has been introduced to various sub-commands to skip management of consumers in environments where they are created dynamically.`
Authentication support: custom HTTP Headers (key:value) can be injected into requests that decK makes to Kong's Admin API using the --headers CLI flag. #1 Thanks to @davidcv5 for the contribution.

Fixed

Infinite loop in pagination for exporting entities in Kong #2 Thanks to @lmika for the contribution.
Plugins are updated using PUT requests instead of PATCH to avoid any schema violations.

v0.1.0

Release date: 2019/01/12

Summary

Debut release of decK

Files

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

Table of Contents

Fixes

Added

Fixes

Added

Fixes

Added

Fixes

Added

Fixes

Added

Fixes

Added

Fixes

Under the hood

Added

Fixes

Added

Breaking changes

Added

Fixed

Added

Fixed

Fixed

Added

Fixed

Misc

Added

Fixed

Misc

Added

Misc

Breaking changes

Fixed

Added

Added

Fixes

Added

Fixed

Fixed

Fixed

Added

Fixed

Summary

Added

Fixed

Enterprise-only

Misc

Added

Under the hood

Fixed

Fixed

Fixed

Added

Fixed

Internal

Fixed

Fixed

Breaking changes

Added

Fixed

Fixed

Breaking changes

Added

Fixed

Internal

Added

Fixed

Internal

Added

Fixed

Summary

Breaking changes

Added