4.4 Release notes - 22th June 2017
FRENDS 4.4 has many new features, mainly focused on making it easier to create and manage Processes implementing HTTP APIs, as well as users and their access.
API Management
You can now easily create and manage Processes that implement an operation from an OpenAPI 2.0 (Swagger) specification. If you have a ready-made OpenAPI specification, implementing it in FRENDS is as simple as importing the specification and then creating a new process for each operation. The Process designer has auto-complete support for the request parameters, and template responses based on the operation specification are also automatically generated.
The Processes use the same FRENDS version control scheme as other Processes, so you can easily continue developing Processes in Development while the current stable version has been deployed to Production. You can also deploy all Processes implementing a specific API version together right from the API Management page, so you can deploy the complete API implementation in one go when needed.
As a developer using the exposed APIs, you can easily see the available specifications and operations in the API discovery page. The page is hosted in the public HTTP endpoint also hosting the actual API operations. It shows you the operation documentation and allows you to test the operations as well, provided you have the necessary API key or otherwise can authenticate to the agent.
For more details, please see the API Management section.
API Key Authentication
You can now create and manage API keys for authorizing access in HTTP and API triggers. You can do this right in the FRENDS UI, and the changes will be automatically propagated to the agents. Compared to the authentication methods previoysly (basic or certificate authentication), which required you to have custom deployment steps to create users or deploy certificates, API key management is much less work.
API keys are Environment-specific, so there is no danger of someone gaining access to your Production environments with just a developer key. Furthermore, you can also easily limit which paths the API key grants access to, making it possible to grant rights to just e.g. specific API operations.
User management UI and OpenID Connect Support
You can now easily manage users as well as their roles and access rules in the User management UI. There you can easily see which roles a user is part of and what they can view and access.
You can now set up FRENDS UI to use an existing user directory supporting OpenID Connect. For instance, if your Active Directory is federated to Azure AD or Office365, you can easily use your existing user accounts and passwords to access the FRENDS UI.
If you are updating from an existing installation with customized authorization rules, you will need to do the customizations manually after upgrade, as the syntax and rule storage format have changed a bit. Unfortunately, there is no migration for existing authorization rules to the new ones.
Updated Process Log Settings
You can now define Process log settings for all processes in an Environment. This allows you to e.g. shorten the default data retention period for all processes in Test. You can still override the default for individual Processes if needed.
The "Only Errors" log level has been tweaked to really only log errors, i.e. the results of any steps that have failed. This improves performance and reduces the amount of redundant data logged. This is especially important for API processes with low latency requirements; it is recommended to set the "Only errors" level as the default for any Production environments.
There is now also the option to log full Process parameters and return values. This is meant especially for API processes with high request rates: if you set the log level to "Only errors" for performance, you may want to log the incoming request and outgoing response in full, e.g. for auditing or error diagnosis purposes.
In order to use the new log level settings, you will need to create and deploy a new version of the Processes (or Subprocesses)
If you are using monitoring rules, please note that the logged values may also have changed a bit, e.g. for throw shapes. After upgrade, please make sure your rules still behave as expected.
Upgrade notes
Process triggers are now activated by default when deploying a Process to an Environment. This change was done especially to make deploying API processes easier. You can still choose to not activate the Process triggers during deployment; see Deploying a Process for more.
4.4.1 - 4th August 2017
This is a maintenance release, fixing the following issues:
In 4.4, Processes are set active by default when deploying them. As this may not be desired in some situations, now the deploy dialog has an option to choose not to activate the process triggers on deploy.
Request-reply messaging using the service bus trigger did not work correctly, because the trigger did not the SessionId correctly to the reply messages. Now it does.
Some UI issues are fixed, especially some crashes in the new API management views if the environments had multiple agents in them.
4.4.2 - 29th August 2017
This release mainly fixes some performance and process deployment issues:
In 4.4, Processes are set active by default, but this may not always be desirable. Now you can choose whether to activate a Process when creating or importing it. Also copied Processes are not activated by default.
The environment variables page could take over 10 seconds to view if you had lots of environment variables. Now the view is paged, and the search has been improved so you can find variables by subkeys and values as well.
The periodic Process instance cleanup job could slow down if you had millions of instances in the database. Now the cleanup job works much better even with large data amounts.
Using expressions to set enum values in task parameters now works.
4.4.3 - 20th September 2017
This release fixes some performance and API process schema issues:
Process count updates could freeze the UI on the process list if there are hundreds of processes.
API processes did not correctly include referenced definitions in their operation schemas.
API Swagger editor did not validate schemas with referenced definitions correctly.
4.4.4 - 4th October 2017
This release fixes issues with the monitoring rules expressions and UI:
Monitoring rules always reported errors for rules with “less than” conditions if there was no data
The monitoring rule editor fields were redesigned a bit for clarity
You now can define the sender address for the monitoring rule alert emails
API trigger now always has the raw request body as string accessible via #trigger.data.httpBody, the same way as with HttpTrigger