The main change for this release is a switch away from http to https. We’ve decided to move to a new release version as this is a significant external change – not least because our old default endpoint of http://localhost:8080 has now changed to https://localhost:9443. Unfortunately, this will affect any applications that connect to Egeria, but we’ve tried to make the transition as simple as possible.
For this release, Egeria client code (including that running in a server when it connects to other Egeria platforms) will not validate certificates. We provide a self-signed certificate in the Egeria package, which is automatically used. In a later release (soon!) we’ll add the capability to deploy your own certificates/Certification Authorities, ensure validation, along with full documentation.
Our docker-compose & Kubernetes environments are set up similarly as a transition step, so we will continue to work as they did before. Although our docker image has been updated to expose the new port 9443, the docker-compose configuration & Helm charts expose the same ports externally as before & continue to work.
If you’ve been following our development builds; hopefully, you’ll see we try and make these steps one by one, so we can try and avoid any regressions & keep the main code always working. This makes it possible to ship a new release regularly, even if it does sometimes mean not everything can be done at once.
If you make use of your own clients using REST or are using tools such as Postman to develop and test Egeria, then you will need to skip certificate validation. You can import the Egeria certificate, but note this will change in a release soon as we complete the work on SSL security.
Following in the spirit of a focus on security, we’ve also switched our configuration files to be encrypted by default to protect any sensitive information in the configuration such as credentials.
Finally, as usual, we’ve updated a variety of dependencies, and made many bug fixes, as well as continuing to work on the development of new features that aren’t yet ready to be used. It’s always worth checking the status of any component you are using at https://egeria.odpi.org/Content-Organization.html, which should show you if the component is in Development, Tech Preview, or Released. We always welcome feedback on any aspect – but it is when code is Released that we feel it’s complete & ready to use generally. Tech Preview code should be usable but may change before the final release. If the code is in Development it’s work in progress. Don’t let this stop you, though – if it looks interesting, come and join the community and help complete it!
If you’re interested in finding out more whether about security, how to integrate, upcoming features, or have concerns or questions, do pop along to our slack channels to discuss and feel free to contribute to our GitHub issues too. We also run weekly calls.