All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Support for Delay Queues in SQS Helepr (#63)
- Support for FIFO Queues in SQS Helper (#62)
- APIs and Event Listeners with the
skipTraceLayer
property do not set theJANIS_TRACE_EXTENSION_ENABLED
env var any more (#61)
- Changed log retention from 14 days to 60 days
- Improved package default exclude list
- Simplified and added CORS to more Gateway Responses using
DEFAULT_4XX
andDEFAULT_5XX
- API Gateway request template does not fail when receiving single quotes in qs parameters, headers, etc
State Machine
now supports task withParameters.Input
such as Step Functions Execution Trigger
State Machine
now supports task withParameters.Target.Input
such as EventBridge Scheduler
SQS
DLQs now have aIsDLQ
tag
State Machine
can now create a Log Group automatically whenloggingConfig
is setTags
were added to Cloudformation Stacks, their resources and to deployment artifacts
Authorizers
are now marked as external so they don't generate a permission resource- Deployment is now direct instead of via Cloudformation Change Sets
State Machine
now sets execution State to tasks by default. This allows to check whether a task is executed as a retry or not.State Machine
now supports Express Workflows, Logging configuration and Raw properties.
NoClientAuthorizer
andAdminNoClientAuthorizer
don't require the janis-client header any more
- Rollback
kebabCase
implementation to avoid breaking services with alphanumeric names
SQS Helper
queues now have tags to filter costs and metricsSQS Helper
now supports partial batch item failure report
SQS Helper
default settings are now more optimized
SQS Helper
added to easily implement Queues and DLQs
- Now authorizers
UserAuthorizer
,DevUserAuthorizer
,ImportExportAuthorizer
,AdminNoClientAuthorizer
andNoClientAuthorizer
requirejanis-client
header BREAKING CHANGE - Now authorizers
ServiceNoClientAuthorizer
,AdminNoClientAuthorizer
andNoClientAuthorizer
use their own functions BREAKING CHANGE - Now authorizer
ImportExportAuthorizer
requiresjanis-service
header BREAKING CHANGE
- Unused authorizers
LoggedAuthorizer
,ApiKeyAuthorizer
,ImportAuthorizer
andExportAuthorizer
BREAKING CHANGE
api
,apiList
,apiGet
,apiPost
andapiPut
helpers now supportlayers
andaddLayers
to manage function-level lambda layerseventListener
helper now supportlayers
,addLayers
andskipTraceLayer
to manage function-level lambda layers
functionUrl
hook to enable Lambda URLs with Cloudfront Distributions (https://janiscommerce.atlassian.net/browse/JC-268)eventListener
hook now acceptsfunctionRawProps
to customize the lambda function
- Automatic VPC Config for all functions of the service when
LAMBDA_SECURITY_GROUP_ID
andLAMBDA_SUBNET_IDS
env vars are set
- Now the
accountId
for hookauthorizers
is read from env varAUTHORIZER_ACCOUNT_ID
- Added
x-janis-totals
andx-janis-only-totals
to default CORS configuration
- Added
@babel/runtime
to default package includes to avoid breaking services that usedate-fns
- Support for
default
or any other custom stage in stage parameters
- Fixed function VPC Security Group config
- Now
functionsVpc
hook allows to pass null or undefined params
- Adapted
functionsVpc
hook to be able to enable or disable by stage
- New hook
functionsVpc
to attach a service to a VPC
- Lambda
AWSLambdaVPCAccessExecutionRole
Role is attached even if a VPC is not set at the provider level
- Changed aws-sdk package for @aws-sdk packages to default exclude to reduce bundle size (it is already installed in lambda)
- Rollbacked
provider.iam.role
toprovider.role
because it wasn't compatible with coreiamStatement
hook
- Default axios exclude fixed for axios@1
- Moved
provider.role
toprovider.iam.role
to be ready for next sls major release
- Support for Serverless parameters for each environment.
- Migration to
serverless@3
. You should probably upgrade every plugin you are using. BREAKING CHANGE - Rolled back to
serverless-plugin-split-stacks
plugin instead of@janiscommerce/serverless-plugin-split-stacks
BREAKING CHANGE
- Serverless
${self:custom.janisDomains}
and${self:custom.humanReadableStage}
variables deprecated in favor of${param:janisDomain}
and${param:humanReadableStage}
. Custom props will be removed in a future major version.
- 'janis.base
does not accept
apiSecrets` any more. AWS Secrets manager must be used instead. BREAKING CHANGE
- Set default runtime to node 18 BREAKING CHANGE
- Changed
serverless-plugin-split-stacks
plugin to@janiscommerce/serverless-plugin-split-stacks
BREAKING CHANGE
- Removed ajv from default excludes and added some mongo and aws sdk dependencies
- Now
Parameters
are not set in steps that follow aParallel
step to avoid setting a property on an array
- Fixed state machine parameter setup for Tasks that trigger a new State machine
- Fixed mapping of Map states with different iterator properties
- Step function hook now sets Task
Parameters
to includesession
,body
andstepFunction
data, so Lambdas con detect if they are being run inside a step function
- Access logs now contain API Gateway and integration errors
- API Gateway response compression enabled starting at 1KB response size
- APIs hooks can received
functionName
to use as function name
- Standard for API CRUD function names
- Added support for the
skipTraceLayer
in APIs and set it as default in read APIs - Docs for Trace Lambda Layer
- Dependencies updated to fix vulnerabilities
- Support for Trace Layer with env vars
- Fixed offline response CORS expose headers
- Fixed offline response CORS expose headers
- CORS config to allow exposing fixed filters header
- Api Gateway access logs configuration
- Disabled API Gateway default endpoint by default
- Added more default includes to reduce bundle size
- Added
janis-entity-id
to default CORS allowed headers
- New default includes are now properly configured
- Added more default includes to reduce bundle size
- Fixed
rawBody
line break escaping
- Added
/view-schemas-built-local
to function default excludes
- Fixed
rawBody
single quote escaping
- Fixed
rawBody
property generation in local envs
- Fixed
rawBody
property generation in request template
- Added
rawBody
property to request template - Dropped support for node 10.x
- Added more paths to default excludes in order to reduce function bundle sizes
x-janis-authorizer-error-type
header for GatewayResponses moved toauthorizerErrorType
response body property
x-janis-authorizer-error-type
header for GatewayResponsesAUTHORIZER_FAILURE
error type handlingdetail
property to show the customerrorMessage
from the authorizer context
AdminNoClientAuthorizer
now usesAdminAuthorizer
lambda functionNoClientAuthorizer
now usesFullAuthorizer
lambda function
- New authorizers
AdminAuthorizer
andAdminNoClientAuthorizer
- Authorizers validation to prevent an invalid authorizer
- Stage an region are now properly set in provider object
- Default runtime is now nodejs 14
- Default memory size is now 1GB
- State functions naming
- State functions documentation
- Added
stateMachine
hook
- Fixed response template to include custom errors properly
- Authorizers
ImportAuthorizer
andExportAuthorizer
- Header
janis-service
is now allowed in CORS configuration
- Authorizer
ImportExportAuthorizer
replaced withImportAuthorizer
orExportAuthorizer
- API Gateway custom domain configured to use TLS 1.2
- CORS default config now supports any origin BREAKING CHANGE
- Fixed kebabcase for base, api and event-listener hooks
- CORS APP wildcard for local env
- CORS default config now supports APP wildcard
- Typo in service base default excludes
- Missing property for local envs is now validated
- Now API hooks can configure their request mapping templates with
requestTemplates
property
- CORS documentation fix
- Restored some useful request template properties
- Added Authorization header to CORS allowed headers
- Request template ignore other authorizer props to prevent breaking due to JWT claims
- Improved request template to be smaller (removed unused props)
- Improved response templates to be fewer. Now status code is being overridden with a single template. 500 and 504 templates remain separated due to lambda errors handling
- Gateway response configuration for integration timeout.
- Request template for
application/x-www-form-urlencoded
removed (needs serverless@1.81.0 or greater)
- Added
dbConfig
hook to implement AWS Secrets
- Added
include
andincludeOnly
properties to base helper to customize packaging - Added
excludeOnly
properties to base helper to customize packaging - Added
plugins
andpluginsOnly
properties to base helper to customize plugins
- Now functions are not packaged individually any more. BREAKING CHANGE
- Unused default plugins
serverless-reqvalidator-plugin
andserverless-plugin-reducer
- Response template fix for error messages with single quotes
- Response template fix for local environment
- Response template fix
- Response template now handles
messageVariables
in response body
- APIs now can configure custom CORS properties
- Functions are no longer versioned not pruned by default
timeout
support for Event Listeners hooks
- Custom IAM Role name now includes the stage to avoid collision between environments
- Custom IAM Role added to avoid hitting IAM Policy size limit
- Sls helper peer dependency changed to 1.9.0 or higher
- Escaped error response message to avoid breaking JSON structure
- Response template now cleans up superstruct errors
- NAMING: Lambda functions naming changed to prevent function names to be too long
- Header
janis-entity
is now allowed in CORS configuration
- Support for
ImportExportAuthorizer
package.include
support for event listeners- Lambda log groups now have a default retention of 14 days
- API Gateway response
AUTHORIZER_CONFIGURATION_ERROR
- API Gateway responses are not overridden any more
- API hook now normalizes the path to avoid bad function naming
package.include
support for all API hooks
timeout
support for all API hooksfunctionRawProps
support for all API hookseventRawProps
support for all API hooks
- Custom authorizer support added in event listeners
- Custom authorizers can now be defined in
custom.authorizers
object in initial config and they will be remain untouched
- Authorizers now use the correct ARN
- Access denied API Gateway response resource added with CORS headers
authorizers
now have require the Account ID as a configuration option- Added the
@janiscommerce/serverless-plugin-remove-authorizer-permissions
serverless plugin to allow cross-account deployments
authorizers
now have the name property to avoid collisions
eventListener
hook function name now includes the service name
base
hook prune plugin typo fix
eventListener
documentation fixed
janis.api
hook added to implement custom APIs
- Option
serviceName
changed toserviceCode
injanis.base
hook BREAKING CHANGE - Added service name to naming, file path and API path in
janis.eventListener
hook
- Authorizers in event listeners are now correctly configured
- Authorizers fixed to match the correct function name
- Serverless offline cache invalidation regex fixed
- Service name in lower case is now in kebab-case
apiSecrets
configuration in base hook- Sample service example in README
base
documentation updated with required fields
- Runtime upgraded to nodejs.12x
- Base hook updated to the last configurations
- New authorizers added
- Event listener hook added