Snowplow Mini 0.14.0 released

We are pleased to announce version 0.14.0 of Snowplow Mini

Enrich 3.0.2

The new Mini has Enrich 3.0.2 running inside of it. The most significant change for Mini users is that the Javascript enrichment now allows ES6 syntax, as described in the 3.0.0 release announcement

Swagger interface to the Control Plane and Iglu Server

Mini has a Control Plane API for admins to configure and control the Mini. We have now integrated a Swagger user interface, which gives a thorough documentation of the available methods, and allows you to interact with the control plane in a convenient way. To start using Swagger, navigate to http://<your-mini-address>/swagger in your browser.

Mini has an Iglu Server embedded with it, for hosting schemas for your events. The Iglu server has its own Swagger user interface to help with common Iglu operations. Navigate to http://<your-mini-address>/iglu-server/static/swagger-ui/index.html in your browser to explore this way of managing schemas.

In light of this new integration, we have removed the previous Control Plane user interface from the Mini home page at http://<your-mini-address>/home.

Content Security Policies

Not the most glamorous feature, but Content Security Policies (CSPs) are an important layer of security for protecting web applications.
Mini now has CSPs on all service pages (e.g. Kibana, Swagger, the Home page), which could help protect Mini against certain threats, such as click-jacking.

New port 8443

It a common production setup is to put Mini behind a load balancer that accepts both HTTP and HTTPS requests. If you run Mini in this way, then we suggest you start routing requests to Mini’s new open port 8443 instead of port 80. Port 8443 inspects the requests X-Forwarded-Proto request header to see if the original request used the HTTP or HTTPS protocol.

For HTTPS requests, port 8443 behaves exactly like the old port 80; i.e. it serves up Mini’s administrative services (/kibana, /control-plane, /elasticsearch etc) as well as the collector endpoints (e.g. /i). But for HTTP requests, port 8443 redirects to HTTPS for the admin services. This is better security practice, because the admin services require password authentication, which should not be sent unencrypted. HTTP requests to the collector endpoints are not redirected, unless turned on using the redirect feature in the collector hocon file.

Upgrading

Checkout the documentation to learn how to setup and use the latest Mini on AWS and GCP.

3 Likes