This is an automated email from the ASF dual-hosted git repository.
traky pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-website.git
The following commit(s) were added to refs/heads/master by this push:
new 2c1a922bc01 blog: add release notes 3.11.0 (#1825)
2c1a922bc01 is described below
commit 2c1a922bc01fc0377b513de21b9923edefb1958c
Author: Traky Deng <[email protected]>
AuthorDate: Mon Oct 21 10:16:35 2024 +0800
blog: add release notes 3.11.0 (#1825)
---
.../2024/10/17/release-apache-apisix-3.11.0.md | 129 +++++++++++++++++++++
.../2024/10/17/release-apache-apisix-3.11.0.md | 127 ++++++++++++++++++++
2 files changed, 256 insertions(+)
diff --git a/blog/en/blog/2024/10/17/release-apache-apisix-3.11.0.md
b/blog/en/blog/2024/10/17/release-apache-apisix-3.11.0.md
new file mode 100644
index 00000000000..d97462a241f
--- /dev/null
+++ b/blog/en/blog/2024/10/17/release-apache-apisix-3.11.0.md
@@ -0,0 +1,129 @@
+---
+title: "Release Apache APISIX 3.11.0"
+authors:
+ - name: "Abhishek Choudhary"
+ title: "Author"
+ url: "https://github.com/shreemaan-abhishek";
+ image_url: "https://github.com/shreemaan-abhishek.png";
+ - name: "Traky Deng"
+ title: "Technical Writer"
+ url: "https://github.com/kayx23";
+ image_url: "https://github.com/kayx23.png";
+keywords:
+ - Apache APISIX
+ - API Gateway
+ - API Management Platform
+ - New Release
+ - Cloud Native
+description: The Apache APISIX 3.11.0 version is released on October 17, 2024.
This release includes a few changes, new features, bug fixes, and other
improvements to user experiences.
+tags: [Community]
+---
+
+We are glad to present Apache APISIX 3.11.0 with exciting new features, bug
fixes, and other improvements to user experiences.
+
+<!--truncate-->
+
+This new release adds a number of new features, including the addition of AI
plugins to integrate with LLM providers, the support for AWS and GCP Secret
Managers for secret management, and more.
+
+There are a few breaking changes included in this release. Should you find
these changes impacting your operations, please plan accordingly for a seamless
upgrade.
+
+## Breaking Changes
+
+### Remove JWT signing endpoint and private key configuration
+
+Remove the `/apisix/plugin/jwt/sign` JWT signing endpoint previously added by
the `jwt-auth` plugin for enhanced security. The plugin now does not require
users to upload private keys for issuing JWTs. Please sign JWT with other
utilities.
+
+For more details, see [PR #11597](https://github.com/apache/apisix/pull/11597).
+
+### Refactor `hmac-auth` plugin per RFC
+
+The plugin implementation is now based on
[draft-cavage-http-signatures](https://www.ietf.org/archive/id/draft-cavage-http-signatures-12.txt)
and the configurable parameters have changed.
+
+For more details, see the latest [plugin
doc](https://apisix.apache.org/docs/apisix/plugins/hmac-auth/) and [PR
#11581](https://github.com/apache/apisix/pull/11581)
+
+## New Features
+
+### Add Consumer credentials resource and introduce consumer identifiable
headers
+
+Add the credential resource to store authentication configurations associated
with consumers. A consumer can be associated with one or more credentials from
a designated list of authentication plugins, including `key-auth`,
`basic-auth`, `jwt-auth`, and `hmac-auth`. The decoupling of credentials
facilitates credential reuse and rotation as well as enhanced security.
+
+For instance, suppose you have a consumer `tom`:
+
+```shell
+curl -i "http://127.0.0.1:9180/apisix/admin/consumers"; -X PUT \
+ -H "X-API-KEY: ${ADMIN_API_KEY}" \
+ -d '{
+ "username": "tom"
+ }'
+```
+
+To configure the consumer `key-auth` credential for `tom`, you can use the
credential object:
+
+```shell
+curl "http://127.0.0.1:9180/apisix/admin/consumers/tom/credentials"; -X PUT \
+ -H "X-API-KEY: ${ADMIN_API_KEY}" \
+ -d '{
+ "id": "cred-tom-key-auth",
+ "plugins": {
+ "key-auth": {
+ "key": "secret-key"
+ }
+ }
+ }'
+```
+
+This feature does not introduce any breaking change. You may still configure
the authentication plugin and their credential on consumer.
+
+Additionally, APISIX will add additional headers, including
`X-Consumer-Username`, `X-Credential-Identifier`, and optionally,
`X-Consumer-Custom-ID` if configured, to the authenticated requests.
+
+For more information, see the [credential
doc](https://apisix.apache.org/docs/apisix/next/terminology/credential/) and
[PR #11601](https://github.com/apache/apisix/pull/11601).
+
+### Add new plugin `attach-consmer-label`
+
+The new `attach-consumer-label` plugin attaches custom consumer-related
labels, in addition to `X-Consumer-Username` and `X-Credential-Indentifier`, to
authenticated requests, for upstream services to differentiate between
consumers and implement additional logics.
+
+For more information, see the [plugin
doc](https://apisix.apache.org/docs/apisix/next/plugins/attach-consumer-label/)
and [PR #11604](https://github.com/apache/apisix/pull/11604).
+
+### Add new plugin `ai-proxy`
+
+The new `ai-proxy` plugin simplifies access to LLM providers and models by
transforming plugin configurations into the designated request format.
+
+The plugin currently only supports transforming plugin configurations to the
request format required by OpenAI and contributions are welcomed.
+
+For more information, see the [plugin
doc](https://apisix.apache.org/docs/apisix/next/plugins/ai-proxy/) and [PR
#11499](https://github.com/apache/apisix/pull/11604).
+
+### Add new plugin `ai-prompt-decorator`
+
+The `ai-prompt-template` plugin supports the pre-configurations of prompt
templates that only accept user inputs in designated template variables, in a
"fill in the blank" fashion. The plugin is used when proxying to LLM services.
+
+For more information, see the [plugin
doc](https://apisix.apache.org/docs/apisix/next/plugins/ai-prompt-decorator/)
and [PR #11515](https://github.com/apache/apisix/pull/11515).
+
+### Add new plugin `ai-prompt-template`
+
+The `ai-prompt-decorator` plugin decorates user input prompts by prefixing and
appending pre-engineered prompts, to provide pre-set contexts in content
generation. The practice helps shape how the model should operate within
desired guidelines during the interactions. The plugin is used when proxying to
LLM services.
+
+For more information, see the [plugin
doc](https://apisix.apache.org/docs/apisix/next/plugins/ai-prompt-template/)
and [PR #11517](https://github.com/apache/apisix/pull/11517).
+
+### Support customizing keepalive timeout in `splunk-logger` plugin
+
+Support the configuration of keepalive timeout in `splunk-logger` plugin
parameter to avoid sockets left open in high scale. If unconfigured, the
default keepalive timeout will be 60000 milliseconds.
+
+For more information, see [PR
#11611](https://github.com/apache/apisix/pull/11611).
+
+### Support AWS and GCP secret managers
+
+Support the integration with [AWS Secrets
Manager](https://aws.amazon.com/secrets-manager/) and [GCP Secret
Manager](https://cloud.google.com/security/products/secret-manager?hl=en) for
secrets management.
+
+For more information on the support for AWS Secrets Manager, see [use AWS
Secrets Manager to manage
secrets](https://apisix.apache.org/docs/apisix/next/terminology/secret/#use-aws-secrets-manager-to-manage-secrets)
and [PR #11417](https://github.com/apache/apisix/pull/11417).
+
+For more information on the support for GCP Secret Manager, see [use GCP
Secret Manager to manage
secrets](https://apisix.apache.org/docs/apisix/next/terminology/secret/#use-gcp-secrets-manager-to-manage-secrets)
and [PR #11436](https://github.com/apache/apisix/pull/11436).
+
+## Other Updates
+
+- Correct the position of enums in `pb_option_def` of the `grpc-transcode`
plugin ([PR #11448](https://github.com/apache/apisix/pull/11448))
+- Fix encryption/decryption errors when non-auth plugins are configured on
consumers ([PR #11600](https://github.com/apache/apisix/pull/11600))
+- Fix issues when substituting environment variables in config file ([PR
#11545](https://github.com/apache/apisix/pull/11545))
+
+## Changelog
+
+For a complete list of changes in this release, please see
[CHANGELOG](https://github.com/apache/apisix/blob/master/CHANGELOG.md#3110).
diff --git a/blog/zh/blog/2024/10/17/release-apache-apisix-3.11.0.md
b/blog/zh/blog/2024/10/17/release-apache-apisix-3.11.0.md
new file mode 100644
index 00000000000..3d521d06805
--- /dev/null
+++ b/blog/zh/blog/2024/10/17/release-apache-apisix-3.11.0.md
@@ -0,0 +1,127 @@
+---
+title: "Apache APISIX 3.11.0 正式发布"
+authors:
+ - name: "Abhishek Choudhary"
+ title: "Author"
+ url: "https://github.com/shreemaan-abhishek";
+ image_url: "https://github.com/shreemaan-abhishek.png";
+ - name: "Traky Deng"
+ title: "Technical Writer"
+ url: "https://github.com/kayx23";
+ image_url: "https://github.com/kayx23.png";
+keywords:
+- Apache APISIX
+- API Gateway
+- API Management Platform
+- New Release
+- Cloud Native
+description: Apache APISIX 3.11.0 版本于 2024 年 10 月 17
日发布。该版本带来了一系列新功能、修复、以及相关用户体验优化。
+tags: [Community]
+---
+
+我们很高兴地宣布 Apache APISIX 3.11.0 版本已经发布,带来了一系列新功能、修复、以及相关用户体验优化。
+
+<!--truncate-->
+
+此新版本增加了许多新功能,包括添加一系列 AI 插件以与 LLM 提供商集成、支持 AWS 和 GCP Secret Manager 进行秘密管理等等。
+
+此外,该版本还包含了一些重要的变更。如果您发现这些变更会对您的使用产生影响,请进行相应的计划升级。
+
+## 重大变更
+
+### 删除 JWT 签名端点和私钥配置
+
+删除先前由 `jwt-auth` 插件添加的 `/apisix/plugin/jwt/sign` JWT
签名端点,以增强安全性。该插件现在不需要用户上传私钥来颁发 JWT。请使用其他程式签署 JWT。
+
+有关更多详细信息,请参阅 [PR #11597](https://github.com/apache/apisix/pull/11597)。
+
+### 根据 RFC 重构 `hmac-auth` 插件
+
+该插件实现现在基于
[draft-cavage-http-signatures](https://www.ietf.org/archive/id/draft-cavage-http-signatures-12.txt),并且可配置参数已变动。
+
+有关更多详细信息,请参阅最新的[插件文档](https://apisix.apache.org/zh/docs/apisix/plugins/hmac-auth/)以及
[PR #11581](https://github.com/apache/apisix/pull/11581)
+
+### 添加消费者凭证实体
+
+添加凭据对象以存储与消费者关联的身份验证配置。消费者可以与指定的身份验证插件列表中的一个或多个凭据相关联,包括`key-auth`、`basic-auth`、`jwt-auth`
和 `hmac-auth`。凭据的分离有利于凭据的重用和轮换以及增强的安全性。
+
+例如,假设您有一个消费者 `tom` :
+
+```shell
+curl -i "http://127.0.0.1:9180/apisix/admin/consumers"; -X PUT \
+ -H "X-API-KEY: ${ADMIN_API_KEY}" \
+ -d '{
+ "username": "tom"
+ }'
+```
+
+要为 `tom` 配置消费者 `key-auth` 凭证,您可以使用凭证对象:
+
+```shell
+curl "http://127.0.0.1:9180/apisix/admin/consumers/tom/credentials"; -X PUT \
+ -H "X-API-KEY: ${ADMIN_API_KEY}" \
+ -d '{
+ "id": "cred-tom-key-auth",
+ "plugins": {
+ "key-auth": {
+ "key": "secret-key"
+ }
+ }
+ }'
+```
+
+此功能不会引入任何重大更改。您仍可以在消费者上配置身份验证插件及其凭据。
+
+此外,APISIX 将向经过身份验证的请求添加其他标头,包括 `X-Consumer-Username`、`X-Credential-Identifier`
以及 `X-Consumer-Custom-ID`(如果配置)。
+
+有关更多信息,请参阅[文档](https://apisix.apache.org/docs/apisix/next/terminology/credential/)
和 [PR #11601](https://github.com/apache/apisix/pull/11601)。
+
+### 添加新插件 `attach-consmer-label`
+
+除了 `X-Consumer-Username` 和 `X-Credential-Indentifier` 之外,新的
`attach-consumer-label` 插件还会将自定义消费者相关标签附加到经过身份验证的请求中,以便上游服务区分消费者并实现其他逻辑。
+
+有关更多信息,请参阅[插件文档](https://apisix.apache.org/docs/apisix/next/plugins/attach-consumer-label/)和[PR
#11604](https://github.com/apache/apisix/pull/11604)。
+
+### 添加新插件 `ai-proxy`
+
+新插件 `ai-proxy` 通过将插件配置转换为指定的请求格式,简化了对 LLM 提供程序和模型的访问。
+
+该插件目前仅支持将插件配置转换为 OpenAI 所需的请求格式,欢迎贡献。
+
+有关更多信息,请参阅[插件文档](https://apisix.apache.org/docs/apisix/next/plugins/ai-proxy/)
和 [PR #11499](https://github.com/apache/apisix/pull/11604)。
+
+### 添加新插件 `ai-prompt-decorator`
+
+`ai-prompt-template` 插件支持提示模板的预配置,这些模板仅以“填空”方式接受指定模板变量中的用户输入。代理到 LLM 服务时使用该插件。
+
+有关更多信息,请参阅[插件文档](https://apisix.apache.org/docs/apisix/next/plugins/ai-prompt-decorator/)
和 [PR #11515](https://github.com/apache/apisix/pull/11515)。
+
+### 添加新插件 `ai-prompt-template`
+
+`ai-prompt-decorator`
插件通过为预先设计的提示添加前缀和附加内容来修饰用户输入提示,以在内容生成中提供预设上下文。该实践有助于塑造模型在交互过程中应如何在所需的指导方针内运行。代理到
LLM 服务时使用该插件。
+
+有关更多信息,请参阅[插件文档](https://apisix.apache.org/docs/apisix/next/plugins/ai-prompt-template/)和[PR
#11517](https://github.com/apache/apisix/pull/11517)。
+
+### 支持在 `splunk-logger` 插件中自定义 keepalive 超时
+
+支持在 `splunk-logger` 插件参数中配置 keepalive 超时,以避免套接字在大规模情况下保持打开状态。如果未配置,默认
keepalive 超时将为 60000 毫秒。
+
+有关更多信息,请参阅[PR #11611](https://github.com/apache/apisix/pull/11611)。
+
+### 支持 AWS 和 GCP Secret Manager
+
+支持与 [AWS Secrets Manager](https://aws.amazon.com/secrets-manager/) 和 [GCP
Secret
Manager](https://cloud.google.com/security/products/secret-manager?hl=en)
集成以进行机密管理。
+
+有关对 AWS Secrets Manager 的支持的更多信息,请参阅 [使用 AWS Secrets Manager
管理机密](https://apisix.apache.org/docs/apisix/next/terminology/secret/#use-aws-secrets-manager-to-manage-secrets)
和 [PR #11417](https://github.com/apache/apisix/pull/11417)。
+
+有关对 GCP Secret Manager 的支持的更多信息,请参阅 [使用 GCP Secret Manager
管理机密](https://apisix.apache.org/docs/apisix/next/terminology/secret/#use-gcp-secrets-manager-to-manage-secrets)
和 [PR #11436](https://github.com/apache/apisix/pull/11436)。
+
+## 其他更新
+
+- 更正 `grpc-transcode` 插件的 `pb_option_def` 中 enums 的位置 ([PR
#11448](https://github.com/apache/apisix/pull/11448))
+- 修复在消费者上配置非身份验证插件时出现的加密/解密错误 ([PR
#11600](https://github.com/apache/apisix/pull/11600))
+- 修复在配置文件中替换环境变量时出现的问题 ([PR
#11545](https://github.com/apache/apisix/pull/11545))
+
+## 变更日志
+
+有关此版本的完整变更列表,请参阅
[CHANGELOG](https://github.com/apache/apisix/blob/master/CHANGELOG.md#3110)。
![https://github.com/shreemaan-abhishek.png"](https://github.com/shreemaan-abhishek.png"){kind=link}
![https://github.com/kayx23.png"](https://github.com/kayx23.png"){kind=link}