Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v1.1.20230906 backward compatibility #275

Open
fpev42 opened this issue Jan 10, 2025 · 2 comments
Open

v1.1.20230906 backward compatibility #275

fpev42 opened this issue Jan 10, 2025 · 2 comments
Labels
Issue-Feature Complex enough to require an in depth planning process and actual budgeted, scheduled work.

Comments

@fpev42
Copy link

fpev42 commented Jan 10, 2025

We have many hundreds of private repositories deployed with this package serving dozens of thousands of end users. They work fine for us and our customers.

After a new version of the package is released, we want to update our existing function apps to use the new version.

Unfortunately we note that the latest version released (v1.9.1) contains some breaking changes comparing to the previous version (v1.1.20230906), i.e.:

  • some API endpoints of the function app are not accessible now for GET requests without function keys (they were definitely accessible in the previous version);
  • the local auth is disabled for the Cosmos database, there is no way to use cosmos db keys.

Seems like there is no backward compatibility with previous version which drastically complicates upgrade process for existing customers. On top of breaking changes above there are also some additional challenges and concerns:

  • New version requires to deploy API manager service which in its order is expensive and breaks existing linked repositories linked to Windows hosts. We need to access function API the previous way as we've been doing for years.
  • Function app's managed identity now requires new role set up to interact with cosmos db. It can't be granted in an automated way since our application does not have Owner or User Access Administrator on necessary resources. This might not be an issue for new installs knowing all pre-requisites, but we don't have automation options for existing deployments.

Worth mentioning that we don't have direct control over customers' resources since our application is deployed via marketplace. Also list above is most likely incomplete since we're still doing our research. But seems like getting rid of breaking changes will do the job.

Is it possible by any chance to introduce backward compatibility with existing deployments of v1.1.20230906? Thanks in advance.
@denelon
Copy link
Contributor

denelon commented Jan 13, 2025

Thanks for reporting this. We'll have to take a look to see what can be done. We've had several new security requirements imposed based on our Secure Future Initiative.

@denelon denelon added the Issue-Feature Complex enough to require an in depth planning process and actual budgeted, scheduled work. label Jan 13, 2025
@yao-msft
Copy link
Contributor

In theory, we could release 2 versions of the rest source. One that has public function endpoints (not SFI compliant and backward compatible). And the other with endpoints not publicly accessible and SFI compliant. This work requires some non-trivial effort though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Issue-Feature Complex enough to require an in depth planning process and actual budgeted, scheduled work.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yao-msft @denelon @fpev42