v0.7.0

Highlights

Documentation has been reworked and builds into a website. Documentation is available here and in tilegroxy itself.

Breaking Changes

The Image type has been changed from a byte array to a struct. This allows specifying a content type of your map tile but is a change to the signature for custom providers.

What's Changed

Features

• Create documentation website and improve documentation by @Michad in #219 #175 #200
• Improve handling of content type by @Michad in #186

Fixes

• fix silent panic in error handling by @Michad in #207

Dependencies

• bump github/codeql-action from 3.26.2 to 3.26.6 by @dependabot in #181 #182 #201 #208
• bump umbrelladocs/action-linkspector from 1.1.3 to 1.2.1 by @dependabot in #216
• bump github.com/maypok86/otter from 1.2.1 to 1.2.2 by @dependabot in #178
• bump github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.32.4 to 1.32.5 by @dependabot in #180
• bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.10 to 1.17.14 by @dependabot in #185
• bump go.opentelemetry.io/otel/sdk from 1.28.0 to 1.29.0 by @dependabot in #204
• bump go.opentelemetry.io/otel/sdk/log from 0.4.0 to 0.5.0 by @dependabot in #202
• bump go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp from 0.4.0 to 0.5.0 by @dependabot in #205
• bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.53.0 to 0.54.0 by @dependabot in #203

Full Changelog: v0.6.0...v0.7.0

v0.6.0

Highlights

OpenTelemetry support is now available for traces, metrics, and logs. Logs are still a bit experimental and don't include all attributes.

What's Changed

Features

• Support Opentelemetry by @Michad in #166
• Make cache saving asynchronous by @Michad in #173
• Support {ctx.query-string} parameter in proxy provider by @Michad in #174
• Support EPSG:3857 in proxy provider by @Michad in #174

Fixes

• Fix CORS handling when using auth by @Michad in #174

Dependencies

• bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.58.2 to 1.58.3 by @dependabot in #159
• bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.9 to 1.17.10 by @dependabot in #158
• bump golang.org/x/crypto from 0.25.0 to 0.26.0 by @dependabot in #168
• bump actions/upload-artifact from 4.3.4 to 4.3.6 by @dependabot in #160 #162
• bump docker/build-push-action from 6.5.0 to 6.7.0 by @dependabot in #164 #171
• bump github/codeql-action from 3.25.15 to 3.26.2 by @dependabot in #161 #172
• bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #163
• bump golang from 1.22.5-alpine3.20 to 1.22.6-alpine3.20 by @dependabot in #165

Full Changelog: v0.5.1...v0.6.0

v0.5.1

Primarily fixes a crash that can occur when using the blend provider

What's Changed

Fixes

• docs: replace OpenSSF Badge with OpenSSF Scorecard by @Michad in #147
• fix: set blend preauth to return a new instance of providercontext by @Michad in #157

Dependencies

• bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #148
• bump go.etcd.io/etcd/client/v3 from 3.5.14 to 3.5.15 by @dependabot in #152
• bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by @dependabot in #154
• bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #149
• bump github.com/docker/docker from 27.0.3+incompatible to 27.1.1+incompatible in the go_modules group by @dependabot in #155 #156
• bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.8 to 1.17.9 by @dependabot in #150
• bump github.com/redis/go-redis/v9 from 9.6.0 to 9.6.1 by @dependabot in #151
• bump github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.32.3 to 1.32.4 by @dependabot in #153

Full Changelog: v0.5.0...v0.5.1

v0.5.0

We're getting close to completing the full list of functionality for a 1.0 release! Telemetry (including metrics), k8s, and documentation are the main items remaining.

Highlights

A 4th entity type has been added in the form of an interface for looking up secrets from a secret store (called a Secret-er). This is used for the configuration of the other entities. Currently the only implementation is AWS Secrets Manager.

There's now a provider for directly interfacing with CGI applications, this allows Tilegroxy to act as an HTTP server for MapServer among others. An example of this is included in the examples folder.

The largest architectural change is a return into the pkg folder to allow tilegroxy to be used as a library. This provides a second path for extensibility by writing your own native providers, cache, auth, secrets. A new readme doc exists for extensibility.

The last substantial change worth mentioning is incorporation of a suite of linters to cover common bugs, code quality, style, maintainability, etc. These are incorporated into CICD with reviewdog plugging the feedback inline in PRs. The issues raised by the linters initially have had fixes incorporated in this release.

What's Changed

Features

• Add a CGI provider to enable MapServer integration by @Michad in #120
• Allow extensibility by exposing key classes in pkg so tilegroxy can be used as a library by @Michad in #134
• Support external secret stores starting with AWS Secrets Manager by @Michad in #133

Fixes

• Documentation tweaks by @Michad in #122 #140
• Fix for test intermittently failing by @Michad in #126
• Add and apply linters by @Michad in #141 #143 #144
• Fix release not including version by @Michad in #146

Dependencies

• security(actions): bump docker/build-push-action from 6.3.0 to 6.5.0 by @dependabot in #121 #125 #136
• security(actions): bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #137
• security(actions): bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by @dependabot in #135
• security(actions): bump github/codeql-action from 3.25.11 to 3.25.14 by @dependabot in #114 #127 #145
• security(docker): bump alpine from b89d9c9 to 0a4eaa0 by @dependabot in #139
• security(docker): bump golang from 8c9183f to 0d3653d by @dependabot in #138 #142
• security(go): bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.24 to 1.17.26 by @dependabot in #117
• security(go): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.4 to 1.17.8 by @dependabot in #115 #130
• security(go): bump github.com/aws/aws-sdk-go-v2 from 1.30.1 to 1.30.3 by @dependabot in #116
• security(go): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.58.0 to 1.58.2 by @dependabot in #119
• security(go): bump github.com/redis/go-redis/v9 from 9.5.3 to 9.6.0 by @dependabot in #118 #132
• security(go): bump golang.org/x/crypto from 0.24.0 to 0.25.0 by @dependabot in #131

Full Changelog: v0.4.0...v0.5.0

v0.4.0

Another pre-release with more and more base level functionality you'd expect in a tool like this. The highlights:

• Support for HTTPS (TLS) including Let's Encrypt automation
• The ability to supply a geohash in a JWT to limit access to a specific geographic area
• Layers can be given a Pattern to match against rather than the specific ID, allowing you to cut down on repetition

Breaking Changes

Overriding the HTTP Client on a per-layer level has changed. Up till now any "override client" would completely overwrite the client without applying any default. So if you just overwrote e.g. acceptable status codes the acceptable content types would become an empty array. That's now fixed so only the things you specify get customized and everything else inherits from the top level client config and then inherits the default values. Also the parameter was renamed from overrideclient to just client for brevity's sake

What's Changed

Features

• Support limiting access via geohash claim in JWT by @Michad in #89
• Add ability to specify patterns in layer definitions, utilize it in blend and proxy providers, and add ref provider by @Michad in #97
• Support TLS including Let's Encrypt by @Michad in #113

Fixes

• Fix for Timeout setting not being honored by @Michad in #101 #103
• Fix for crash when logging to both file and std out by @Michad in #110
• Documentation tweaks by @Michad in #111 #112
• Misc refactors by @Michad in #100 #105
• Test & error handling tweaks by @Michad in #87 #96

Dependencies

• bump go to 1.22.5 by @Michad in #98
• bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #86
• bump github.com/anthonynsimon/bild from 0.13.0 to 0.14.0 by @dependabot in #90
• bump go.etcd.io/etcd/client/v3 from 3.5.12 to 3.5.14 by @dependabot in #91
• bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #95
• bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.23 to 1.17.24 by @dependabot in #93
• bump github.com/aws/aws-sdk-go-v2/config from 1.27.23 to 1.27.24 by @dependabot in #92
• bump github.com/testcontainers/testcontainers-go from 0.31.0 to 0.32.0 by @dependabot in #94
• bump google.golang.org/grpc from 1.64.0 to 1.64.1 in the go_modules group by @dependabot in #99
• bump k8s.io/utils by @Michad in #102
• bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #106
• bump actions/dependency-review-action from 4.3.3 to 4.3.4 by @dependabot in #109
• Remove direct UUID dependency by @Michad in #88

Full Changelog: v0.3.0...v0.4.0

v0.3.0

This release is primarily changes to configuration and the ci/release process.

You can now supply configuration via Viper-supported external configuration providers (mainly etcd, consul) and override configuration via Environment Variables.

You'll note there's now prebuilt binaries in a variety of OS and CPU architectures available! Checksums and signature are included. The docker image still only comes in 1 flavor.

Breaking changes

After adding environment variable for configuration parameters it became clear many of the configuration keys were too dang long. This release renames the following keys:

Section	Old Key	New Key
JWT	VerificationKey	Key
JWT	MaxExpirationDuration	MaxExpiration
JWT	LayerScopePrefix	ScopePrefix
JWT	UserIdentifierGrant	UserId
server	StaticHeaders	Headers
client	MaxResponseLength	MaxLength
client	AllowUnknownLength	UnknownLength
client	AllowedContentTypes	ContentTypes
client	AllowedStatusCodes	StatusCodes
client	StaticHeaders	Headers
logging	mainlog	main
logging	accesslog	access
logging.main	EnableStandardOut	Console
logging.main	IncludeRequestAttributes	Request
logging.main	IncludeHeaders	Headers
logging.access	EnableStandardOut	Console
error	SuppressStatusCode	AlwaysOk

What's Changed

• Support environment variable and external providers in config. Also rename several options for brevity. by @Michad in #71 #81
• CI Improvements by @Michad in #73 #74 #75 #76
• Redo code coverage metric badge and add libyears badge by @Michad in #77 #80
• Readme improvements by @Michad in #84
• Testing tweaks by @Michad in #85
• security(actions): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #69
• security(go): update to v2 of aws sdk by @Michad in #78
• security(docker): bump golang from 1.22.4-alpine3.20 to 1.22.5-alpine3.20 by @dependabot in #82
• security(actions): bump docker/build-push-action from 6.2.0 to 6.3.0 by @dependabot in #83

Full Changelog: v0.2.1...v0.3.0

v0.2.1

What's Changed

Includes security updates and a whole heck of a lot of new tests

• security(go): upgrade go to 1.22.4 by @Michad in #53
• ci: Add govulncheck to github actions by @Michad in #54
• docs: create SECURITY.md by @Michad in #55
• test: add a fuzz test for tile request conversion by @Michad in #56
• security(go): bump github.com/aws/aws-sdk-go from 1.54.4 to 1.54.6 by @dependabot in #57
• security(actions): bump snyk/actions from d406fd286b663eb8c6f8adcced4f7bcd199c0a3f to cf77efc3812bb036b3719dca4cecc3930db0b527 by @dependabot in #58
• security(docker): bump golang from 794964a to ace6cc3 by @dependabot in #60
• security(actions): bump docker/build-push-action from 6.0.2 to 6.1.0 by @dependabot in #59
• docs: improve words in readme by @Michad in #63
• security(actions): bump docker/build-push-action from 6.1.0 to 6.2.0 by @dependabot in #64
• security(actions): bump snyk/actions from cf77efc3812bb036b3719dca4cecc3930db0b527 to a1346e4eaf761d462da22c34c681dc06849b6851 by @dependabot in #62
• Testing improvements by @Michad in #61
• More testing improvements by @Michad in #65
• ci: fix indent mixup in coverage by @Michad in #66
• ci: tweak coverage action by @Michad in #67
• chore: Updated coverage badge. by @Michad in #68

Full Changelog: v0.2.0...v0.2.1

v0.2.0

What's Changed

• security(go): bump github.com/aws/aws-sdk-go from 1.54.3 to 1.54.4 by @dependabot in #44
• security(actions): bump docker/build-push-action from 6.0.0 to 6.0.1 by @dependabot in #43
• security(actions): bump softprops/action-gh-release from 2.0.5 to 2.0.6 by @dependabot in #46
• security(actions): bump docker/build-push-action from 6.0.1 to 6.0.2 by @dependabot in #47
• security(docker): bump alpine from 77726ef to b89d9c9 by @dependabot in #48
• security(docker): bump golang from 6522f0c to 794964a by @dependabot in #49
• Add providers to support compositing multiple providers by @Michad in #45
• Add context to app flow and associated logging improvements by @Michad in #50
• Add a transform provider for modifying layers on a per-pixel level by @Michad in #51
• Allow custom authentication methodology and extend JWT to support light authz by @Michad in #52

Full Changelog: v0.1.0...v0.2.0

v0.1.0

What's Changed

• security(actions): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #33
• security(actions): bump github/codeql-action from 3.25.8 to 3.25.9 by @dependabot in #32
• security(go): bump github.com/aws/aws-sdk-go from 1.53.19 to 1.54.0 by @dependabot in #31
• security(actions): bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #28
• security(go): bump github.com/aws/aws-sdk-go from 1.54.0 to 1.54.1 by @dependabot in #35
• security(actions): bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in #34
• security(go): bump github.com/aws/aws-sdk-go from 1.54.1 to 1.54.2 by @dependabot in #37
• security(go): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot in #38
• security(docker): bump golang from 9bdd569 to 6522f0c by @dependabot in #39
• Support custom providers via yaegi by @Michad in #36
• security(go): bump github.com/aws/aws-sdk-go from 1.54.2 to 1.54.3 by @dependabot in #42
• security(actions): bump docker/build-push-action from 5.4.0 to 6.0.0 by @dependabot in #41

Full Changelog: v0.0.2...v0.1.0

v0.0.2

What's Changed

• [StepSecurity] Apply security best practices by @step-security-bot in #20
• security(go): bump github.com/redis/go-redis/v9 from 9.0.0-rc.4 to 9.5.3 by @dependabot in #18
• security(go): bump github.com/aws/aws-sdk-go from 1.53.14 to 1.53.19 by @dependabot in #19
• security(actions): bump docker/build-push-action from 5.0.0 to 5.3.0 by @dependabot in #17
• security(actions): bump actions/upload-artifact from 3.pre.node20 to 4.3.3 by @dependabot in #16
• security(actions): bump docker/metadata-action from 5.0.0 to 5.5.1 by @dependabot in #15
• security(actions): bump docker/setup-buildx-action from 3.0.0 to 3.3.0 by @dependabot in #14
• security(actions): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #13
• security(docker): bump golang from 1.22.3-alpine3.20 to 1.22.4-alpine3.20 by @dependabot in #12
• security(actions): bump actions/checkout from 3.6.0 to 4.1.6 by @dependabot in #21
• security(actions): bump github/codeql-action from 2.25.8 to 3.25.8 by @dependabot in #22
• security(actions): bump docker/login-action from 3.0.0 to 3.2.0 by @dependabot in #23
• security(actions): bump actions/dependency-review-action from 2.5.1 to 4.3.3 by @dependabot in #24
• Feature/testcontainers by @Michad in #26

New Contributors

• @step-security-bot made their first contribution in #20
• @Michad made their first contribution in #26

Full Changelog: v0.0.1...v0.0.2