Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v1.15.0+suite.1 #242

Merged
merged 1 commit into from
Jan 24, 2022
Merged

Release v1.15.0+suite.1 #242

merged 1 commit into from
Jan 24, 2022

Conversation

jtuttle
Copy link
Member

@jtuttle jtuttle commented Jan 19, 2022
edited
Loading

Release Notes

All notable changes to this project will be documented in this file.

[v1.15.0+suite.1] - 2022-01-19

Table of Contents

Components

These are the components that combine to create this Conjur OSS Suite release and links
to their releases:

Conjur Server

Conjur SDK

Platform Integrations

DevOps Tools

Secretless Broker

Summon

Installation Instructions for the Suite Release Version of Conjur

Installing the Suite Release Version of Conjur requires setting the container image tag. Below are more specific instructions depending on environment.

  • Docker or docker-compose

    Set the container image tag to cyberark/conjur:1.15.0.
    For example, make the following update to the conjur service in the quickstart docker-compose.yml

    image: cyberark/conjur:1.15.0

  • Conjur Open Source Helm chart

    Update the image.tag value and use the appropriate release of the helm chart:

    helm install ... \
  --set image.tag="1.15.0" \
  ...
  https://github.com/cyberark/conjur-oss-helm-chart/releases/download/v2.0.4/conjur-oss-2.0.4.tgz

Upgrade Instructions

Upgrade instructions are available for the following components:

Changes

The following are changes to the constituent components since the last Conjur
OSS Suite release:

cyberark/conjur

v1.14.2 (2021-12-13)

  • Changed
    • Failed Login now writes the error code in the log
      #2424
    • Bump cyberark base images from 1.0.5 to 1.0.6
      #2420
    • Bump cyberark base images from 1.0.4 to 1.0.5
      #2418
  • Fixed
    • Return 401 instead of 500 for invalid basic auth header.
      #1990
    • Added check to stop hosts from setting passwords
      #1920
  • Security
    • Bump gems related to openid_connect stack for improving the certificate
      validation procedure during the OIDC keys discovery process
      #2441

v1.15.0 (2021-12-21)

  • Added
    • Added API endpoint to enable and disable GCP authenticator
      #2448
  • Fixed
    • Check to stop hosts from setting passwords fixed for admin user
      #2440

cyberark/conjur-api-python3

v7.1.0 (2021-12-22)

  • Added
    • Init command is now strict to run in one of three modes described in SslVerificationMode enum
    • For CLI Init flow, Additional certificate validation steps where added. for --self-signed and --ca-cert flows
    • Support http domains if working in insecure mode
    • The hostfactory method create token is now available in CLI and SDK to create a hostfactory token to manage hosts
      and permissions in a dynamic way
      cyberark/conjur-api-python3#339
    • Stop supporting Client initialization from disk.
    • The list options --members-of, --permitted-roles, and --privilege are now available in the Conjur CLI
  • Fixed
    • Fixed Load policy "hides" the error message

cyberark/conjur-service-broker

v1.2.2 (2021-11-03)

v1.2.3 (2021-12-31)

cyberark/secrets-provider-for-k8s

v1.2.0 (2021-11-30)

v1.3.0 (2022-01-03)

@jtuttle jtuttle requested a review from a team as a code owner January 19, 2022 20:53
@jtuttle jtuttle force-pushed the release-v1.15.0+suite.1 branch from 970ed16 to 0ffecb0 Compare January 21, 2022 21:03
@jtuttle jtuttle force-pushed the release-v1.15.0+suite.1 branch from 0ffecb0 to 6f4eebd Compare January 21, 2022 21:03
@jtuttle
Copy link
Member Author

jtuttle commented Jan 21, 2022
edited
Loading

@alexkalish

What's New

This suite release aligned with Conjur Server version 1.15.0. It includes a collection of minor fixes to Conjur itself, as well as the GA release of Push-to-File Mode in the Secrets Provider for Kubernetes.

Push-to-File Mode (GA release)

The Secrets Provider for Kubernetes can now be configured to output secret values to a file that can be accessed through a shared mounted volume. Providing secrets in this manner should require zero application changes, as reading local files is a common, platform agnostic delivery method. See PUSH_TO_FILE.md for more details.

With the GA release, we have made minor improvements to stability and user experience, as well as improved documentation.

Security and Logging Improvements

Security and logging improvements have been made to cyberark/conjur, cyberark/conjur-api-python3, and cyberark/conjur-service-broker.

alexkalish
alexkalish suggested changes Jan 21, 2022
View reviewed changes
Copy link
Contributor

@alexkalish alexkalish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One of the issues in the CL has a JIRA link:
image
Otherwise, LGTM

@jtuttle jtuttle merged commit 3f072ba into main Jan 24, 2022
@jtuttle jtuttle deleted the release-v1.15.0+suite.1 branch January 24, 2022 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexkalish alexkalish alexkalish approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jtuttle @alexkalish