Β« Changelog History


keto v0.6.0-alpha.1 Release Notes

Release Date: 2021-04-07 // about 3 years ago

  • We are extremely happy to announce next-gen Ory Keto which implements Zanzibar: Google’s Consistent, Global Authorization System:

    πŸ”§ > Zanzibar provides a uniform data model and configuration language for

    expressing a wide range of access control policies from hundreds of client services at Google, including Calendar, Cloud, Drive, Maps, Photos, and YouTube. Its authorization decisions respect causal ordering of user actions and thus provide external consistency amid changes to access control lists and object contents. Zanzibar scales to trillions of access control lists and πŸ‘ > millions of authorization requests per second to support services used by 🚀 > billions of people. It has maintained 95th-percentile latency of less than 10 milliseconds and availability of greater than 99.999% over 3 years of production use.

    Ory Keto is the first open source planet-scale authorization system built with cloud native technologies (Go, gRPC, newSQL) and architecture. It is also the first open source implementation of Google Zanzibar :tada:!

    Many concepts developer by Google Zanzibar are implemented in Ory Keto already. Let's take a look!

    πŸš€ As of this release, Ory Keto knows how to interpret and operate on the basic access control lists known as relation tuples. They encode relations between objects and subjects. One simple example of such a relation tuple could encode "user1 has access to file /foo", a more complex one could encode "everyone who has write access on /foo has read access on /foo".

    Ory Keto comes with all the basic APIs as described in the Zanzibar paper. All of them are available over gRPC and REST.

    1. List: query relation tuples
    2. Check: determine whether a subject has a relation on an object
    3. Expand: get a tree of all subjects who have a relation on an object ⚑️ 4. Change: create, update, and delete relation tuples

    For all details, head over to the πŸ“š documentation.

    πŸš€ With this release we officially move the "old" Keto to the legacy-0.5 branch. We will only πŸ”’ provide security fixes from now on. A migration path to v0.6 is planned but not yet implemented, as the architectures are vastly different. Please refer to the issue.

    🐎 We are keen to bring more features and performance improvements. The next πŸ”‹ features we will tackle are:

    • Subject Set rewrites
    • πŸ‘ Native ABAC & RBAC Support
    • Integration with other policy servers
    • 🚀 Latency reduction through aggressive caching
    • Cluster mode that fans out requests over all Keto instances

    πŸš€ So stay tuned, :star: this repo, :eyes: releases, and πŸ”€ subscribe to our newsletter :email:.

    πŸ› Bug Fixes

    • βž• Add description attribute to access control policy role (#215) (831eba5)
    • Add leak_sensitive_values to config schema (2b21d2b)
    • ⬆️ Bump CLI (80c82d0)
    • ⬆️ Bump deps and replace swagutil (#212) (904258d)
    • Check engine overwrote result in some cases (#412) (3404492)
    • Check health status in status command (21c64d4)
    • Check REST API returns JSON object (#460) (501dcff), closes #406
    • Empty relationtuple list should not error (#440) (fbcb3e1)
    • Ensure nil subject is not allowed (#449) (7a0fcfc):

    The nodejs gRPC client was a great fuzzer and pointed me to some nil pointer dereference panics. This adds some input validation to prevent panics.

    • Ensure persister errors are handled by sqlcon (#473) (4343c4a)
    • πŸ– Handle pagination and errors in the check/expand engines (#398) (5eb1a7d)
    • Ignore dist (ba816ea)
    • Ignore x/net false positives (d8b36cb)
    • πŸ‘Œ Improve CLI remote sourcing (#474) (a85f4d7)
    • πŸ‘Œ Improve handlers and add tests (#470) (ca5ccb9)
    • πŸ–¨ Insert relation tuples without fmt.Sprintf (#443) (fe507bb)
    • πŸ›  Minor bugfixes (#371) (185ee1e)
    • 🐳 Move dockerfile to where it belongs (f087843)
    • Namespace migrator (#417) (ea79300), closes #404
    • βœ‚ Remove SQL logging (#455) (d8e2a86)
    • πŸ“‡ Rename /relationtuple endpoint to /relation-tuples (#519) (8eb55f6)
    • πŸ— Resolve gitignore build (6f04bbb)
    • πŸš€ Resolve goreleaser issues (d32767f)
    • 🏁 Resolve windows build issues (8bcdfbf)
    • Rewrite check engine to search starting at the object (#310) (7d99694), closes #302
    • πŸ— Secure query building (#442) (c7d2770)
    • 🐳 Strict version enforcement in docker (e45b28f)
    • ⚑️ Update dd-trace to fix build issues (2ad489f)
    • ⚑️ Update docker to go 1.16 and alpine (c63096c)
    • πŸ‘‰ Use errors.WithStack everywhere (#462) (5f25bce), closes #437:

    Fixed all occurrences found using the search pattern return .*, err\n.

    • πŸ“¦ Use package name in pkger (6435939)
    • schema: Add trace level to logger (a5a1402)
    • πŸ‘‰ Use make() to initialize slices (#250) (84f028d), closes #217

    πŸ‘· Build System

    • πŸ“Œ Pin dependency versions of buf and protoc plugins (#338) (5a2fd1c)

    Code Generation

    • πŸš€ Pin v0.6.0-alpha.1 release commit (875af25)

    πŸ”¨ Code Refactoring

    πŸ“š Documentation

    This also refactored the server startup. Functionality did not change.

    This also enables gRPC go, gRPC nodejs, cURL, and Keto CLI code samples to be tested.

    • ⚑️ Update comment in write response (#329) (4ca0baf)
    • ⚑️ Update install instructions (d2e4123)
    • ⚑️ Update introduction (5f71d73)
    • ⚑️ Update README (#515) (18d3cd6):

    Also format all markdown files in the root.

    • ⚑️ Update repository templates (db505f9)
    • ⚑️ Update repository templates (6c056bb)
    • ⚑️ Update SDK links (#514) (f920fbf)
    • πŸ“š Update swagger documentation for REST endpoints (c363de6)
    • πŸ‘‰ Use mdx for api reference (340f3a3)
    • ⚑️ Various improvements and updates (#486) (a812ace)

    πŸ”‹ Features

    This also refactors the current migrate and namespace migrate commands.

    Includes Typescript definitions.

    This is a first draft of the read API. It is reachable by REST and gRPC calls. The main purpose of this PR is to establish the basic repository structure and define the API.

    • πŸ“œ Relationtuple parse command (#490) (91a3cf4):

    This command parses the relation tuple format used in the docs. It greatly improves the experience when copying something from the documentation. It can especially be used to pipe relation tuples into other commands, e.g.:

      echo "messages:02y_15_4w350m3#decypher@john" | \
    keto relation-tuple parse - --format json | \
    keto relation-tuple create -

    The new PATCH handler allows transactional changes similar to the already existing gRPC service.

    βœ… Tests