Skip to content

Commit

Permalink
NGINX Declarative API v4.1.0 (#36)
Browse files Browse the repository at this point in the history 
* 20230125-01 API v4.1 development

* 20230125-02 API v4.1 development

* NGINX Declarative API v4.1

* USAGE updated
  • Loading branch information
@fabriziofiorucci
fabriziofiorucci authored Jan 26, 2024
1 parent 9c6def3 commit 95e6e90
Show file tree
Hide file tree
Showing 47 changed files with 5,419 additions and 42 deletions.
2 changes: 1 addition & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,5 @@ Thumbs.db
/.idea/
/src/__pycache__/
/src/v3_1/__pycache__/
/contrib/devportal/src/__pycache__/
/contrib/devportal/redocly/src/__pycache__/
/venv/
56 changes: 31 additions & 25 deletions FEATURES.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,34 +2,40 @@

### NGINX `http` and `stream` servers

| Feature | API v3.1 | API v4.0 | Notes |
|----------------------------|----------|---------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Upstreams | CRUD | CRUD | <li>Snippets supported: static and from source of truth</li> |
| HTTP servers | CRUD | CRUD | <li>Snippets supported (`http`, `servers`, `locations`): static and from source of truth</li> |
| TCP/UDP servers | CRUD | CRUD | <li>Snippets supported (`streams`, `servers`): static and from source of truth</li> |
| TLS | CRUD | CRUD | <li>Certificates and keys can be dynamically fetched from source of truth</li> |
| mTLS | CRUD | CRUD | <li>Certificates and keys can be dynamically fetched from source of truth</li> |
| JWT client authentication | | X | <li>JWT key can be hardwired or fetched from source of truth</li> |
| Rate limiting | X | X | |
| Active healthchecks | X | X | |
| Cookie-based stickiness | X | X | |
| Maps | X | X | |
| NGINX Plus REST API access | X | X | |
| NGINX App Protect WAF | X | X | <li>Per-policy CRUD at `server` and `location` level</li><li>Support for dataplane-based bundle compilation</li><li>Security policies can be fetched from source of truth</li> |

| Feature | API v3.1 | API v4.0 | API v4.1 | Notes |
|----------------------------|----------|----------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Upstreams | CRUD | CRUD | CRUD | <li>Snippets supported: static and from source of truth</li> |
| HTTP servers | CRUD | CRUD | CRUD | <li>Snippets supported (`http`, `servers`, `locations`): static and from source of truth</li> |
| TCP/UDP servers | CRUD | CRUD | CRUD | <li>Snippets supported (`streams`, `servers`): static and from source of truth</li> |
| TLS | CRUD | CRUD | CRUD | <li>Certificates and keys can be dynamically fetched from source of truth</li> |
| mTLS | CRUD | CRUD | CRUD | <li>Certificates and keys can be dynamically fetched from source of truth</li> |
| JWT client authentication | | X | X | <li>JWT key can be hardwired or fetched from source of truth</li> |
| Upstream authentication | | | X | <li>Bearer token</li><li>HTTP header</li> |
| Rate limiting | X | X | X | |
| Active healthchecks | X | X | X | |
| Cookie-based stickiness | X | X | X | |
| Maps | X | X | X | |
| NGINX Plus REST API access | X | X | X | |
| NGINX App Protect WAF | X | X | X | <li>Per-policy CRUD at `server` and `location` level</li><li>Support for dataplane-based bundle compilation</li><li>Security policies can be fetched from source of truth</li> |

### API Gateway

| Feature | API v3.1 | API v4.0 | Notes |
|----------------------------------------------|----------|----------|----------------------------------------------------------|
| Configuration generation from OpenAPI schema | X | X | |
| HTTP methods enforcement | X | X | |
| per-URI rate limiting | X | X | |
| per-URI JWT authentication | X | X | JWT key can be hardwired or fetched from source of truth |

| Feature | API v3.1 | API v4.0 | API v4.1 | Notes |
|----------------------------------------------|----------|----------|----------|---------------------------------------------------------------------------|
| Configuration generation from OpenAPI schema | X | X | X | |
| HTTP methods enforcement | X | X | X | |
| per-URI rate limiting | X | X | X | |
| per-URI JWT authentication | X | X | X | <li>Static JWT key</li><li>JWT fetched from URL</li><li>Bearer token</li> |

### API Gateway - Developer Portal

| Feature | API v3.1 | API v4.0 | Notes |
|-------------------------------------------------|----------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Developer Portal generation from OpenAPI schema | X | X | <li>Based on Redocly</li> |
| Feature | API v3.1 | API v4.0 | API v4.1 | Notes |
|-------------------------------------------------|----------|----------|----------|---------------------------|
| Developer Portal generation from OpenAPI schema | X | X | X | <li>Based on Redocly</li> |

### Source of truth

| Feature | API v3.1 | API v4.0 | API v4.1 | Notes |
|--------------------------------------|----------|----------|----------|-------|
| HTTP header-based authentication | | | X | |
| Bearer token authentication | | | X | |
11 changes: 4 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,15 +132,16 @@ end
- [X] POST to Generic REST API endpoint
- [X] Output to NGINX Instance Manager 2.14+ imperative REST API

## Supported NGINX Plus features
## Supported features

See the [features list](/FEATURES.md)

## How to use

Usage details and JSON schema are available here:

- [API v4.0](/USAGE-v4.0.md) - latest
- [API v4.1](/USAGE-v4.1.md) - latest
- [API v4.0](/USAGE-v4.0.md)
- [API v3.1](/USAGE-v3.1.md)

A sample Postman collection and usage instructions can be found [here](/contrib/postman)
Expand All @@ -159,14 +160,10 @@ Docker images can be built and run using:
docker build --no-cache -t nginx-declarative-api -f ./Dockerfile .
docker run --name nginx-declarative-api -d -p 5000:5000 nginx-declarative-api

cd contrib/devportal
cd contrib/redocly/devportal
docker build --no-cache -t nginx-declarative-api-devportal .
docker run --name devportal -d -p 5001:5000 nginx-declarative-api-devportal

Pre-built docker images are available on Docker Hub at
- https://hub.docker.com/repository/docker/fiorucci/nginx-declarative-api/general
- https://hub.docker.com/repository/docker/fiorucci/nginx-declarative-api-devportal/general

Configuration can be customized mounting `config.toml` as a volume `nginx-declarative-api` docker image as a volume to customize

## REST API documentation
Expand Down
Loading

0 comments on commit 95e6e90

Please sign in to comment.