Re: [Architecture] AsyncAPI specification support for WSO2 API Manager

2020-08-13 Thread Amila De Silva 
Hi Ziyam,
The reason to ask about uploading client certificates was to know whether
we already identified an approach to do so. Even if there's a management
API, IMO it should be invoked by a DevOps who has permission to change
configuration.

One suggestion would be :
>From the Devportal side it'll be sufficient to provide an option to attach
a certificate to the Application. So in order to consume the Kafka API,
Developers need to create an Application and Subscribe to the API, but
instead of creating Consumer Key/Secret, in this instance they'd have to
attach a certificate. At the time of subscribing, Devportal would also
generate the relevant rules associated with the client.  Then as a part of
the Subscription approval flow, an admin can verify the cert and apply it
to Kafka with the relevant ACLs. (Admins can either use the exact rules or
define their own rules by looking at the generated rules. The idea behind
generating rules is to save the trouble of going through API definition and
identifying the needed access levels.)  Approval will only be completed
once the new certs has been applied properly.


On Wed, Aug 12, 2020 at 10:09 AM Ziyam Santhosh (Intern) 
wrote:

> Hi Amila,
>
> Sorry for the late reply. I did some research regarding your question.
> Yes, client authentication is achieved using mutual SSL. As far as I know,
> there isn't any management APIs in Kafka to apply ACLs and uploading
> certificates. But [1]
>  This may help us
> to do that. I am still not sure about the functionalities of this tool. I
> will update you soon.
>
> [1] https://github.com/simplesteph/kafka-security-manager
>
> On Thu, Aug 6, 2020 at 12:46 PM Amila De Silva  wrote:
>
>> Hi Ziyam,
>>
>> Thanks for the clarification. As I understand [1],Client Authentication
>> is achieved through Mutual SSL, which means that when creating a
>> subscription each client app should be able to upload their certificate,
>> isn't it? And are there any management APIs in Kafka that allows applying
>> ACLs and uploading certificates, or do we plan to do it manually?
>>
>> [1]
>> https://kafka.apache.org/20/documentation/streams/developer-guide/security.html
>>
>> On Wed, Aug 5, 2020 at 3:39 PM Ziyam Santhosh (Intern) 
>> wrote:
>>
>>> Hi Amila!
>>> Basically Kafka topics and streams have their own security policies
>>> applied through certificates which determine what users can do with those
>>> topics such as read-only or read and write authorities. Our developer
>>> portal will be the issuer of these certificates. These certificates will be
>>> issued to people who have a valid subscription to the API.
>>>
>>> On Wed, Aug 5, 2020 at 8:04 AM Nuwan Dias  wrote:
>>>
 [Adding Frank and Vanji]

 On Tue, Aug 4, 2020 at 5:05 PM Amila De Silva  wrote:

> Hi Ziyam,
>
> On Tue, Aug 4, 2020 at 1:48 PM Nuwan Dias  wrote:
>
>> [Adding Frank and Vanji]
>>
>> On Tue, Aug 4, 2020 at 1:26 PM Ziyam Santhosh (Intern) <
>> zi...@wso2.com> wrote:
>>
>>> Introduction to AsyncAPI specification
>>>
>>> *Nowadays, AsyncAPI is one of the most popular topics in the world
>>> of event-driven APIs. Earlier, There was a need for a tool to specify 
>>> and
>>> document the event-driven APIs where OpenAPI specifications are 
>>> restricted
>>> only to document REST APIs. Then after, AsyncAPI specification was
>>> introduced to document the specifications for event-driven APIs. There 
>>> are
>>> many similarities between OpenAPI specifications and AsyncAPI
>>> specifications because AsyncAPI was inspired by OpenAPI. Keywords can be
>>> mentioned as one of the major differences between them. (Eg: The 
>>> endpoints
>>> of the REST API are called as paths and endpoints of Event-driven API 
>>> are
>>> called as channels).*Why AsyncAPI for WSO2 API Manager?
>>>
>>> *AsyncAPI specification helps to understand the defined APIs for
>>> both humans and machines. This makes it more special to be used by most 
>>> of
>>> the developers. Enabling the usage of AsyncAPI specifications in WSO2 
>>> API
>>> manager will help our developers and consumers to easily work with
>>> event-driven APIs within our product.*Objectives of the project
>>>
>>>1.
>>>
>>>Users will be able to use existing Websocket or Kafka endpoints
>>>to create event-driven APIs by importing their AsyncAPI 
>>> specifications.
>>>2.
>>>
>>>Application developers will be able to subscribe to those
>>>event-driven APIs and be allowed to consume WebSockets and Kafka 
>>> streams.
>>>
>>> Importing AsyncAPI specifications
>>>
>>> *API Manager already supports WebSockets. After the implementation
>>> of this project, A WebSocket can be easily created by importing its
>>> AsyncAPI specification. Kafka is a

[Architecture] [Dev] [Vote] Release of WSO2 API Manager Tooling v3.2.0 RC2

2020-08-13 Thread Naduni Pamudika 
Hi All,

WSO2 Api Manager team is pleased to announce the second release candidate
of WSO2 API Manager Tooling 3.2.0 version.

The WSO2 API Manager tooling provides the capability to import and export
APIs, Applications and API Products across multiple environments
seamlessly. Hence it provides greater flexibility to create CI/CD pipelines
for APIs, Applications and API Products.

Apart from migrating APIs, Applications and API Products, it supports
Kubernetes API operator to deploy and manage APIs in the Kubernetes cluster
by reducing additional overheads for the DevOps.

Please find the new features, improvements and fixes related to this
release in  the following links.
New Features

Fixed Issues


Download the API Manager Tooling Distribution from here
.

The tag to be voted upon is
https://github.com/wso2/product-apim-tooling/releases/tag/v3.2.0-rc2

Documentation:
https://apim.docs.wso2.com/en/next/learn/api-controller/getting-started-with-wso2-api-controller/

Please download, test the tool and vote.


*[+] Stable - Go ahead and release*

*[-] Broken - Do not release *(explain why)



Best Regards,
WSO2 API Manager Team

-- 
*Naduni Pamudika* | Senior Software Engineer | WSO2 Inc.
(m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) nad...@wso2.com
[image: http://wso2.com/signature] 
___
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Re: [Architecture] [Dev] [Vote] Release of WSO2 API Manager 3.2.0 RC4

2020-08-13 Thread Amila De Silva 
Hi All,

Tested Artifact Synchroniser in Tenant and Super Tenant modes
- for Basic flows
- With multiple Labels assigned to APIs
- Startup Delay configured
- with No Shared DBs configured (in Super Tenant mode only)
- for failover scenarios
No issues found.

+1 to proceed with the release.

On Thu, Aug 13, 2020 at 7:58 AM Arshardh Ifthikar  wrote:

> Hi All,
>
> We are pleased to announce the fourth release candidate of WSO2 API
> Manager 3.2.0.
>
> This release fixes the following issues.
>
>- Fixes : product-apim
>
> 
>- Fixes : analytics-apim
>
>
> Source and distribution,
> Runtime : https://github.com/wso2/product-apim/releases/tag/v3.2.0-rc4
> Analytics :
> https://github.com/wso2/analytics-apim/releases/tag/v3.2.0-rc3
>
> Documentation : https://apim.docs.wso2.com/en/3.2.0/
> Migration docs :
> https://apim.docs.wso2.com/en/3.2.0/install-and-setup/upgrading-wso2-api-manager/upgrading-process/
>
> Please download, test the product and vote.
>
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> WSO2 API Manager Team
>
> --
> *Arshardh Ifthikar*
> Senior Software Engineer | WSO2 Inc.
>
> Email: arsha...@wso2.com
> Mobile: +94777218551
> Web: http://wso2.com
>
> 
>


-- 
*Amila De Silva*
Software Architect | Associate Director, Engineering - WSO2 Inc.
(m) +94 775119302 | (e) ami...@wso2.com

___
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture