Hi all, I would like to propose initiating the second release of Apache Airavata Custos, version 1.1.0. Key Details:
- *Current Version:* 1.1-SNAPSHOT - *Last Commit Hash:* 19b6f5e06fb44007cdeaef2b1b2b2a6cd25ab1be - *Initial Release:* Custos Initial Code Base Major Changes Since the Initial Release: - *Keycloak Upgrade:* Upgraded from version 9.0.2 to 24.0.0 for improved security and features. - *Service-to-Service Communication: *Simplified service interactions by refactoring them into dependency-based communication. - *OIDC Standards Implementation:* Updated the authorization, token, and OIDC endpoints to comply with OIDC standards, with changes to parameters and response formats. - *Nginx Proxy Removal:* Removed Nginx as a reverse proxy; SSL termination is now handled by the deployment architecture. - *PKCE Flow:* Introduced support for PKCE flow, suitable for Single Page Applications (SPA). - *JWKS Endpoint:* Added a JWKS endpoint to enable public key verification. - *Token Customization:* Added group and scope injection for fine-grained authorization. New Module Architecture: - *custos-application:* Entry point, configuration, and API integration. - *custos-core:* Core business logic, entities, and repositories. - *custos-services:* Service classes for implementing business logic. - *custos-api:* REST controllers to expose application functionality. Infrastructure and Deployment Changes (for context): - Terraform deployment scripts were added for AWS, including network layer (VPC, private/public subnets, etc.), Keycloak deployment, and Vault deployment. I would appreciate any feedback or suggestions on these changes. Once we've gathered input and reached a consensus within the community, I'll move forward with preparing the release candidate. Looking forward to your thoughts. Thanks, Lahiru
