v1.3.0

What's Changed

• fix-swagger-openapi by @ihiverlet in #307

• Layered jar by @olevitt in #293

• Refactor readme by @olevitt in #313

• chore(deps): update eclipse-temurin docker tag to v21.0.1_12-jre by @renovate in #297

• chore(deps): update actions/setup-java action to v4 by @renovate in #308

• chore(deps): update dependency com.diffplug.spotless:spotless-maven-plugin to v2.41.1 by @renovate in #306

• fix(deps): update dependency org.apache.commons:commons-compress to v1.25.0 by @renovate in #304

• Renovate : allow more PR by @olevitt in #312

• fix(deps): update dependency org.springdoc:springdoc-openapi-starter-webmvc-ui to v2.3.0 by @renovate in #311

• chore(deps): update crazy-max/ghaction-docker-meta action to v5.3.0 by @renovate in #310

• fix(deps): update dependency org.apache.commons:commons-lang3 to v3.14.0 by @renovate in #305

• fix(deps): update okhttp monorepo to v4.12.0 by @renovate in #292

• fix(deps): update aws-java-sdk-v2 monorepo to v2.21.38 by @renovate in #281

• chore(deps): update kotlin monorepo to v1.9.21 by @renovate in #295

• chore(deps): update fabric8-kubernetes-client monorepo to v6.9.2 by @renovate in #273

• Helm 3.13.2 by @olevitt in #314

New Contributors

• @ihiverlet made their first contribution in #307

Full Changelog: v1.2.0...v1.3.0

v1.2.0

What's Changed

• Arbitrary custom values by @olevitt in #298
• Hide user defined values by @olevitt in #299
• Add git configuration to region by @fcomte in #300
• Helper text and label for internationalization by @fcomte in #303

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

• Migration to spring boot 3 by @olevitt in #205
• Java 21 by @olevitt in #288
• Fix NPE when groups is null by @olevitt in #296

Full Changelog: v1.0.1...v1.1.0

v1.0.1

What's Changed

• fix token claims by @olevitt in #284

Full Changelog: v1.0...v1.0.1

v1.0

v1.0 is Finally Here!

We're excited to announce that Onyxia API v1.0 is now available. Before upgrading, please read the breaking changes listed below. A comprehensive migration guide is available at our documentation site, including guides for Helm chart and web app changes.

Breaking changes

• OpenID Connect Support: Onyxia now supports standard OpenID Connect providers, not just Keycloak. Configuration options have shifted from Keycloak-specific settings to more general OIDC settings. Please consult our OIDC configuration guide and update your settings accordingly. If you also have region-specific configurations for other services like S3 or Vault, note that keycloakParams has been renamed to oidcConfiguration and has been refactored. Additional details can be found here.
  Onyxia API now also provides this configuration to the web app through the public/configuration endpoint allowing the web app to bootstrap it's authentication configuration meaning starting from web app v5 you won't need to specify authentication configuration to the web app. Please read the migration guide at https://docs.onyxia.sh/migration-guides

• API authentication modes (the way Onyxia API interacts with the APIServer) have been renamed to clarify. admin is now serviceAccount and is now the default value. Please read https://github.com/InseeFrLab/onyxia-api/blob/master/docs/region-configuration.md#services-properties for description of the three currently supported modes : serviceAccount, impersonate and tokenPassthrough. If you want to use a mode other than serviceAccount please make sure to set it on your region configuration.

What's Changed

• Keycloak to OIDC by @olevitt in #202
• Authentication modes : rename and clarify by @olevitt in #272
• Catalog : fix maintainers by @olevitt in #267
• Fix when group bucket prefix is null by @olevitt in #266
• Fix wrong value injected from region to ephemeral storage requests by @phlg in #282
• Catalog : add visibility and allowsharing configuration by @olevitt in #269

Chores

• Renovate : disable dashboard by @olevitt in #268
• Bump org.apache.commons:commons-compress from 1.23.0 to 1.24.0 in /onyxia-api by @dependabot in #257
• Update aws-java-sdk-v2 monorepo to v2.20.158 by @renovate in #211
• Update dependency com.squareup.okhttp3:okhttp to v4.11.0 by @renovate in #218
• Update dependency com.squareup.okhttp3:logging-interceptor to v4.11.0 by @renovate in #217
• Update dependency org.springframework.boot:spring-boot-starter-parent to v2.7.16 by @renovate in #254
• Update dependency org.keycloak:keycloak-spring-boot-starter to v21.1.2 by @renovate in #253
• Update kotlin monorepo to v1.9.10 by @renovate in #233
• Update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.11.0 by @renovate in #221
• Update actions/setup-java action to v3 by @renovate in #236
• Update eclipse-temurin Docker tag to v17.0.8_7-jre by @renovate in #256
• Update dependency com.diffplug.spotless:spotless-maven-plugin to v2.40.0 by @renovate in #270
• Update dependency org.apache.commons:commons-lang3 to v3.13.0 by @renovate in #271
• Ci bump dependencies by @olevitt in #283
• chore(deps): update actions/checkout action to v4 by @renovate in #274

New Contributors

• @dependabot made their first contribution in #257
• @phlg made their first contribution in #282

Full Changelog: v0.31...v1.0

v0.31

What's Changed

• add gpu and ephemeral-storage quota by @alexisdondon in #251
• Update CI versions by @olevitt in #252
• Helm wrapper : Hardening by @olevitt in #255
• Update dependency org.apache.commons:commons-compress to v1.24.0 [SECURITY] by @renovate in #258

Full Changelog: v0.30...v0.31

v0.30 : Security and bug fixes

Security notice

This release fixes a security flaw that allowed privilege escalation (if running with authenticationMode=ADMIN) for authenticated users through helm injection.
Please upgrade ASAP (either by using helm chart release 4.0.1+ or by explicitly setting Onyxia API version to v0.30+ in your values file. If using helm chart 4.0.1+, please make sure to read breaking changes introduced in 4.0.0)

What's Changed

• Construct service urls from all ingress types (K8S ingress, Istio VirtualService, OpenShift Route) by @johnksv in #244
• Fix onboarding single namespace and improve response http codes for exceptions by @johnksv in #245
• Prevent crash when failing to parse manifest by @olevitt in #247
• Hide not shared services by @olevitt in #249
• Fix : prevent invalid helm names by @olevitt in #250

Full Changelog: v0.29...v0.30

v0.29

What's Changed

• Better exception message when loading package fails by @johnksv in #229
• add user and group quotas possible in region by @alexisdondon in #231
• Bump dependencies by @olevitt in #232
• Update actions/checkout action to v3 by @renovate in #234
• Update dependency com.diffplug.spotless:spotless-maven-plugin to v2.37.0 by @renovate in #216
• Update crazy-max/ghaction-docker-meta action to v1.12.0 by @renovate in #215
• Add istio to region configuration by @johnksv in #242
• add packagemanager injection by @alexisdondon in #243

New Contributors

• @johnksv made their first contribution in #229

Full Changelog: v0.28...v0.29

v0.28

What's Changed

• Configure Renovate by @renovate in #153
• Authpath by @fcomte in #226

New Contributors

• @renovate made their first contribution in #153

Full Changelog: v0.27...v0.28

v0.27

What's Changed

• Labelsannotations by @fcomte in #210
• Fix keytool error at startup by @olevitt in #209

Full Changelog: v0.26...v0.27