The v0.32 release of Cerbos is packed with new features such as transition to OpenTelemetry, enhanced policy testing, and more.
We have been working closely with users of Cerbos such as Envoy, Blockchain.com, Utility Warehouse, 9fin, and Salesroom on this release. We can’t wait to hear more about what you would like to see in future releases - join our Slack community to join the conversation.
Cerbos fully transitioned from OpenCensus to OpenTelemetry, a move that significantly boosts our metrics and tracing capabilities. This shift allows for more efficient integration with a variety of observability products supporting the OpenTelemetry protocol (OTLP) but also offers the flexibility to use push metrics and fine-tune trace sampling. With this update, configuration through the tracing
block in Cerbos files is deprecated in favor of using OpenTelemetry environment variables.
Support for the Jaeger native protocol has been deprecated as well in favour of OTLP, and with the next release it will be removed.
For those who rely on dashboards and metric-based alerts, we recommend a review post-upgrade. Even though we tried to keep all the metric names unchanged, the subtle distinctions between OpenCensus and OpenTelemetry may impact your existing dashboards and metric-based alerts, and we want to ensure your monitoring remains seamless.
The policy test framework now includes support for defining the contents of globals
per test case or for the whole test suite. Check our docs to learn more about how to use globals
.
When you run tests with the --verbose
flag, expect to see detailed outputs including expected effects and policy results for successful cases, making your test results more comprehensive and informative.
Now, instead of just seeing the [OK]
for successful test cases, you will be able to further understand why they are passing by looking at something like this:
```
│ └─┬CerHub Organizations Policy Tests
│ ├─┬alice
│ │ ├─┬data_corp
│ │ │ ├─┬access_repositories [OK]
│ │ │ │ └──RESULT: EFFECT_DENY
│ │ │ ├─┬create_project_boards [OK]
│ │ │ │ └──RESULT: EFFECT_ALLOW
As part of our continuous effort to optimize development workflows, we've mirrored the Cerbos image to Docker Hub. By leveraging Docker Hub's extensive infrastructure, this update ensures smoother and more efficient builds and deployments.
You can find the full release notes for v0.32 on docs.cerbos.dev, and if you have any questions join our Slack community.
Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team