Mojaloop v15 Release
The Mojaloop community is excited to announce the release of Mojaloop v15.0.0, which introduces a number of fundamental features and enhancements aimed at improving financial inclusion and increasing access to digital financial services for all.
Below you will find a quick rundown of the key features, bugs, breaking changes, and deploying mojaloop.
Refer to the “New Features” section in the release notes for the full list.
- Improved Maintainability – Externalised Backend Dependencies
The Backend Dependencies have been externalized from the Mojaloop Helm charts, this includes dependencies such as Redis, MySQL, Kafka, etc. This was done deliberately for the following reasons:
- External Dependencies should be managed separately from the Mojaloop deployment itself, ensuring that each dependency has its own life-cycle process.
- Breaking changes on External Dependencies has no direct impact on a Mojaloop deployment as they are now decoupled.
- Maintenance has been reduced for both Helm chart maintainers and deployers of Mojaloop.
- Improved Security – Externalised Secrets
I recommend having a look at the following blog if you want more details with some examples: Helm and Configuration to Resolve External Dependencies and Improve Upgradability in Mojaloop v14.
Security has always been a top priority for Mojaloop, and version 15 includes key enhancements around credential management to further strengthen the platform’s security features. The Mojaloop Helm charts now support the configuration of external secrets, thereby supporting the ability of the platform to automatically provision and assign secrets from a Kubernetes-native Key Management Store. There are several ways to achieve this, but arguably, the most popular method utilizes the operator pattern to minimize the overhead of creating secrets in the correct namespaces as well as to reduce the risk of leaking sensitive information into the configuration management repositories. As an example of the use of this operator pattern, the Mojaloop IaC platform makes use of the vault-config-operator in conjunction with the popular Hashicorp Vault secrets management tool in order to achieve a zero-touch and fully automated solution to this problem.
Refer to the “Bug Fixes” section in the release notes for the full list.
- Central Ledger – Missing Transfer Error Codes in Database
Transfer timeout error codes were not being stored in the Database, which meant that GET /transfer callbacks were not returning the correct error information.
- SDK-Scheme-Adapter – Fixes for BulkTransactions API flows
Several fixes to BulkTransactions API operations:
- Outbound FSPIOP Source/Destination Header mappings corrected
- Auth headers being propagated correctly
- Testing-Toolkit – Stability Enhancements
Several stability fixes have been implemented:
- The WebSocket client lib configurations have been tweaked to increase stability between UI and Backend interactions
- Parameterized and tweaked Inbound request size
- Re-factored “Break on Error” for better consistency
Refer to the “Breaking Change” section in the release notes for the full list.
In this section, let us first start off by understanding what isn’t and is meant by a “Breaking Change” in the context of the Mojaloop v15 Release.
- It does not mean you cannot upgrade an existing v14.x Mojaloop deployment to v15.
- It does mean that if you are going to upgrade from an existing v14.x Mojaloop deployment to v15, you will need to be aware of certain issues that may fall into one or a combination of the following three categories:
- Due to structure or renaming changes, the Helm Values configuration may require the remapping of values.
- The Helm Values configuration may require new values to be added due to the introduction of new features.
- You may need to manually execute pre or post-deployment scripts due to changes that cannot be handled by the Helm upgrade process.
The following breaking changes will fall into one of the above A, B, or C categories:
- Externalized Backend Dependencies – Category A & C
In v14.x, a default Mojaloop deployment includes Backend Dependencies as part of the installation.
These Backend Dependencies have been externalized with the introduction of v15.
Refer to Mojaloop’s Upgrade Strategy Guide for some guidance on best practices for your deployment topology, as well as how to migrate between tightly-coupled topologies if required.
- Charts have been re-factored for consistency – Category A
This means that the configuration values in the Mojaloop/values.yaml should now be more consistent:
- Image tags, commands, pull policies, etc
- Service definitions
- Config sections now contain just general configurations
- Config_files now contain “native” file configurations that generally support templates
- Connection URI-based Configs have been replaced – Category A & B
Connection URIs have been replaced explicitly with configs for Host, User, Pass, DB, Port, etc instead. This is to support the security enhancements for external secrets.
In conjunction with this release, we are also excited to announce a new version of the Mojaloop IaC (Infrastructure as Code) Platform v4.0.1, which provides a comprehensive Mojaloop deployment aimed at giving users a starting point for building a production system that includes enterprise-grade security features such:
- Secure WSO2 API Gateway Ingress/Egress using mTLS, and OAuth-based access control.
- Secret Management via Hashicorp Vault in conjunction with the vault-config-operator.
- Out-of-the-box support for the Mojaloop Connection Manager (MCM) which provides connectivity onboarding and certificate management to Payment Manager enabled Digital Financial Service Providers (DFSPs) connected to the Mojaloop platform.
However, this is not the only way you can deploy Mojaloop, so make sure you consult the following resources:
- Getting Started – Installation Mojaloop
Provides links to several installation options for Mojaloop which includes installing Mojaloop on your own Kubernetes cluster to using IaC tooling to build a secured environment that is production-grade-like.
Keep in mind that not all options have been updated to support the Mojaloop v15 release at this time, but are being actively worked on by the Mojaloop community to do so.
Here is a list of installation methods that do currently support v15 at the time of publishing this blog:
- Mojaloop Deployment Guide
The Deployment Guide has been simplified and updated to reflect the Externalised Backend Dependencies.
- Mojaloop IaC (Infrastructure as Code) Platform
IaC v4.0.1 has been updated to support Mojaloop v15 release, taking full advantage of the maintenance and security improvements introduced by Mojaloop v15.0. release. I recommend having a look at the Release Notes for more information.
- Mojaloop Deployment Guide
- v15 Release Notes – Test Matrix
Here you will find a detailed list of dependencies (e.g. Kubernetes, MySQL, Kafka, etc) and the Testing-Toolkit Test Collection with their respective versions that were used to verify this release.
Overall, Mojaloop v15 represents a major step forward for the platform and the community as a whole. With improved security features, easier deployment, and more consistent configuration, we’re confident that Mojaloop will continue to play a critical role in promoting financial inclusion and expanding access to digital financial services for all.
We would like to extend our gratitude to all the contributors who have made this release possible. We invite you to download and explore Mojaloop v15, and we look forward to your feedback and contributions.
To learn more about Mojaloop v15, visit the Helm GitHub v15 Release page at https://github.com/mojaloop/helm/releases/tag/v15.0.0.
#mojaloop #infitx #open-source #leveloneproject #finos #DPG #DPI #PISP #financialinclusion #fintech #financialservices #payments #paymentsolutions #OSS #open-source #opensource