Releases: AthenZ/athenz
Releases · AthenZ/athenz
Athenz v1.11.56 Release
What's Changed
- set resource ownership commands in zms-cli by @havetisyan in #2581
- Perform a retry when error code 3101 is returned from the MySQL DB by @sh1myama in #2583
- provide option to disable resource ownership server-side by @havetisyan in #2582
- update java dependencies by @havetisyan in #2587
- migrate from gopkg.in/square/go-jose.v2 to github.com/go-jose/go-jose/v4 by @havetisyan in #2588
- add close method to zpe by @TakuyaMatsu in #2585
- generate notifications 3 days before expiry by @havetisyan in #2586
New Contributors
Full Changelog: v1.11.55...v1.11.56
Contributors
havetisyan, TakuyaMatsu, and sh1myama
Assets 2
Athenz v1.11.55 Release
What's Changed
- Fixed ZMSUtils to correctly determine PrincipalType by @hiragi-gkuth in #2556
- Update README.md by @adir852 in #2569
- Group MSD transport policy conditions by @rajeshal in #2565
- correct handling of audit enabled flag in zms-cli import by @havetisyan in #2568
- Option to build GCPZTSCredentials using a pre-existing SSLContext by @tokle in #2571
- initial changes for resource owner feature by @havetisyan in #2572
- Bump express from 4.18.1 to 4.19.2 in /ui by @dependabot in #2575
- add new environment field to domain details by @jimmytsang in #2574
- resource ownership feature: part 2 by @havetisyan in #2576
- verification and validation of resource ownership by @havetisyan in #2578
- provide sia config option to exit process if run_after script fails by @havetisyan in #2580
This release includes a required schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20240325.sql
New Contributors
Full Changelog: v1.11.54...v1.11.55
Contributors
tokle, havetisyan, and 5 other contributors
Assets 2
Athenz v1.10.61 Release
What's Changed
- support gcp-zts-creds for jdk8 clients by @havetisyan in #2579
Full Changelog: v1.10.60...v1.10.61
Contributors
havetisyan
Assets 2
Athenz v1.11.54 Release
What's Changed
- fetch verification key from server via proxy during accesstoken and roletoken verification by @Bigdrea6 in #2527
- limit jest max workers to 8 for SD by @havetisyan in #2544
- improve role/group review list based on creation time by @havetisyan in #2543
- aws role session name can include _'s by @havetisyan in #2541
- use spiffe namespace of default by @havetisyan in #2547
- validate principals during role/group review api by @havetisyan in #2551
- add support for -spiffe-trust-domain to zts-svccert utility by @havetisyan in #2550
- correct handling for put system meta with invalid service name by @havetisyan in #2546
- do not allow deletion of domain is it's associated with aws/gcp/azure by @havetisyan in #2552
- Option to include public IP in ssh host certificate requests by @havetisyan in #2549
- Adding provider interface for fetching public keys of a service by @psasidhar in #2553
- Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #2554
- update provider interface impl in sia agents by @havetisyan in #2555
- sia-aws: set service cert and key in role option by @chandrasekhar1996 in #2557
- sia: set service cert and key in role option by @chandrasekhar1996 in #2558
- correct handling of review-enabled roles/groups during review api by @havetisyan in #2560
- Allowing SSH certificates for secureboot by @psasidhar in #2563
- update java and go dependencies to their latest releases by @havetisyan in #2561
- Bump follow-redirects from 1.15.4 to 1.15.6 in /ui by @dependabot in #2564
New Contributors
Full Changelog: v1.11.53...v1.11.54
Contributors
psasidhar, havetisyan, and 3 other contributors
Assets 2
Athenz v1.11.53 Release
What's Changed
- update action during domain template request by @havetisyan in #2522
- support domain (security) point of contact fields by @jimmytsang in #2521
- optional argument to skip errors during sia init by @havetisyan in #2524
- extend subdomain delete capability to domain admins by @havetisyan in #2523
- sia run-after-scripts for cmd line options must be in blocking mode by @havetisyan in #2529
- log authz failure for github action provider by @havetisyan in #2530
- fix direct link service tabs bug by @jimmytsang in #2531
- fix to not omit the user domain when completion search result is empty by @hiragi-gkuth in #2532
- minor lowercase of a word by @jimmytsang in #2534
- update java/go dependencies to their latest releases by @havetisyan in #2539
- delete user groups before deleting user from system by @havetisyan in #2538
- extend instance id for github actions identity to include :: by @havetisyan in #2537
- replace aws role session name from harcoded to principal name by @havetisyan in #2536
- minor update to zts java client unit test by @havetisyan in #2535
- set role/group last review date check differenly for new and updated objects by @havetisyan in #2533
Full Changelog: v1.11.52...v1.11.53
Contributors
havetisyan, jimmytsang, and hiragi-gkuth
Assets 2
Athenz v1.11.52 Release
What's Changed
- upgrade nextjs major version by @jimmytsang in #2500
- include instance-id as a principal in ssh host certificates on aws ec2 by @havetisyan in #2498
- upgrade babel related packages by @jimmytsang in #2501
- upgrade jest related pkgs by @jimmytsang in #2502
- upgrade jest related pkgs and package-lock.json by @jimmytsang in #2503
- upgrade saucelabs and webdriver pkgs by @jimmytsang in #2504
- update entityName in audit logs for role/group meta calls by @chandrasekhar1996 in #2505
- UI: fix filter by role in domain history by @chandrasekhar1996 in #2507
- upgrade axios and jsdom by @jimmytsang in #2508
- update tagKey and tagValue type for all ZMS roles by @chandrasekhar1996 in #2509
- GitHub actions service identity provider by @havetisyan in #2510
- allow param values to include any string by @havetisyan in #2511
- use correct algorithm when generating csr by @havetisyan in #2513
- update jetty and go/java dependencies by @havetisyan in #2514
- Bump ip from 1.1.8 to 1.1.9 in /ui by @dependabot in #2520
- fix rdl for meta string fields so they can be unset by @havetisyan in #2515
- update role certificate handling in sia agents by @havetisyan in #2516
- store operation type as part of the auth history record by @havetisyan in #2519
Full Changelog: v1.11.51...v1.11.52
Contributors
havetisyan, jimmytsang, and 2 other contributors
Assets 2
Athenz v1.11.51 Release
What's Changed
- remove gcp related changes by @jimmytsang in #2485
- introduce environment metadata field for domains by @havetisyan in #2487
- Adding Vespa.ai as an adopter by @frodelu in #2490
- Update go clients to support additional request headers by @yosrixp in #2489
- [skip ci] update developer documentation by @havetisyan in #2491
- mark athenz directory as a safe by @hiragi-gkuth in #2492
- support internal authz check with roles specified by @havetisyan in #2494
- improve interoperability between self-signer in dev environments with openssl generated certs by @havetisyan in #2495
- increase width for email notification body to full page by @havetisyan in #2496
- update java/go dependencies to their latest releases by @havetisyan in #2497
New Contributors
Full Changelog: v1.11.50...v1.11.51
Contributors
frodelu, yosrixp, and 3 other contributors
Assets 2
Athenz v1.11.50 Release
What's Changed
- use relocated mysql artifact id by @havetisyan in #2472
- support for IMSDv2 when reading AWS metadata by @havetisyan in #2474
- delete transport policies api, optional attribute for existing api en… by @abvaidya in #2475
- maintain a static map of trusted roles for resource list lookup api by @havetisyan in #2476
- dont use --user flag for local by @abvaidya in #2477
- add scope field to microsegmentation table by @jimmytsang in #2471
- mark trust role vars as volatile by @havetisyan in #2478
- remove sia run-after script path starting with / on windows by @havetisyan in #2479
- Change transport policy delete endpoint to match with create by @rajeshal in #2481
- Add GCP scope for microsegmentation policy by @chandrasekhar1996 in #2480
- Bump follow-redirects from 1.15.1 to 1.15.4 in /ui by @dependabot in #2482
Full Changelog: v1.11.49...v1.11.50
Contributors
havetisyan, rajeshal, and 4 other contributors
Assets 2
Athenz v1.11.49 Release
What's Changed
- fix first time user error by @jimmytsang in #2456
- add logic to handle submit of role/group review by @jimmytsang in #2455
- support proxyForPrincipal parameter in GenerateAccessTokenRequestString at athenzutils/ztsclient.go by @WindzCUHK in #2457
- fix zms-cli calls for get role/group for review by @havetisyan in #2459
- make role/group review days limit configurable by @havetisyan in #2461
- fix functional tests pt1 by @jimmytsang in #2463
- UI: add missing props timeZone for policy versions by @chandrasekhar1996 in #2458
- fix functional test sd job by @jimmytsang in #2466
- Add functional test support for role and group review by @jimmytsang in #2465
- attempt to fix functional test by @jimmytsang in #2468
- add maxmembers and self renew fields by @jimmytsang in #2467
- fix functional test, tested and works by @jimmytsang in #2469
- update java and go dependencies to their latest releases by @havetisyan in #2470
Full Changelog: v1.11.48...v1.11.49
Contributors
havetisyan, WindzCUHK, and 2 other contributors
Assets 2
Athenz v1.11.48 Release
What's Changed
- libs/go/sia/access/tokens: fix dropped test errors by @alrs in #2423
- show notification bell icon more obviously with role/group to review by @jimmytsang in #2425
- [2427] fix invalid audit log json on adding /deleting a template by @chandrasekhar1996 in #2428
- support max member limit on roles and groups by @havetisyan in #2424
- support domain contacts by @havetisyan in #2431
- Bump axios from 1.4.0 to 1.6.0 in /clients/nodejs/zts by @dependabot in #2414
- fix unbound variable errors in deploy-scripts by @hiragi-gkuth in #2426
- Bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.12 in /libs/java/gcp_zts_creds/examples/gcp-zts-creds by @dependabot in #2435
- self-renew option for roles/groups by @havetisyan in #2434
- simplify expiry notification lookups by @havetisyan in #2439
- update java dependencies to their latest releases by @havetisyan in #2440
- extend schema to allow : (colon) in Tag keys by @chandrasekhar1996 in #2448
- extend schema for contact type to string by @havetisyan in #2443
- unique error message for invalid/reserved service names by @havetisyan in #2450
- UI: fix bug when viewing roles, group is part of with expiry by @chandrasekhar1996 in #2451
- sia init/rolecert command line option - report error code for failures by @havetisyan in #2445
- enhance zms-cli update-domain to handle assertions in existing policies by @havetisyan in #2447
- new get transport policies for a domain and service api by @abvaidya in #2452
- add role and group review tabs by @jimmytsang in #2446
- update java and go dependencies by @havetisyan in #2454
- zms-cli: add -audit-enabled flag for role/group add operations by @havetisyan in #2453
- missing tags from policy/service requests by @havetisyan in #2449
This release includes required schema updates:
- https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231120.sql
- https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231122.sql
- https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231127.sql
Full Changelog: v1.11.47...v1.11.48
Contributors
alrs, havetisyan, and 5 other contributors