Releases: AthenZ/athenz
Releases · AthenZ/athenz
Athenz v1.11.49 Release
What's Changed
- fix first time user error by @jimmytsang in #2456
- add logic to handle submit of role/group review by @jimmytsang in #2455
- support proxyForPrincipal parameter in GenerateAccessTokenRequestString at athenzutils/ztsclient.go by @WindzCUHK in #2457
- fix zms-cli calls for get role/group for review by @havetisyan in #2459
- make role/group review days limit configurable by @havetisyan in #2461
- fix functional tests pt1 by @jimmytsang in #2463
- UI: add missing props timeZone for policy versions by @chandrasekhar1996 in #2458
- fix functional test sd job by @jimmytsang in #2466
- Add functional test support for role and group review by @jimmytsang in #2465
- attempt to fix functional test by @jimmytsang in #2468
- add maxmembers and self renew fields by @jimmytsang in #2467
- fix functional test, tested and works by @jimmytsang in #2469
- update java and go dependencies to their latest releases by @havetisyan in #2470
Full Changelog: v1.11.48...v1.11.49
Athenz v1.11.48 Release
What's Changed
- libs/go/sia/access/tokens: fix dropped test errors by @alrs in #2423
- show notification bell icon more obviously with role/group to review by @jimmytsang in #2425
- [2427] fix invalid audit log json on adding /deleting a template by @chandrasekhar1996 in #2428
- support max member limit on roles and groups by @havetisyan in #2424
- support domain contacts by @havetisyan in #2431
- Bump axios from 1.4.0 to 1.6.0 in /clients/nodejs/zts by @dependabot in #2414
- fix unbound variable errors in deploy-scripts by @hiragi-gkuth in #2426
- Bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.12 in /libs/java/gcp_zts_creds/examples/gcp-zts-creds by @dependabot in #2435
- self-renew option for roles/groups by @havetisyan in #2434
- simplify expiry notification lookups by @havetisyan in #2439
- update java dependencies to their latest releases by @havetisyan in #2440
- extend schema to allow : (colon) in Tag keys by @chandrasekhar1996 in #2448
- extend schema for contact type to string by @havetisyan in #2443
- unique error message for invalid/reserved service names by @havetisyan in #2450
- UI: fix bug when viewing roles, group is part of with expiry by @chandrasekhar1996 in #2451
- sia init/rolecert command line option - report error code for failures by @havetisyan in #2445
- enhance zms-cli update-domain to handle assertions in existing policies by @havetisyan in #2447
- new get transport policies for a domain and service api by @abvaidya in #2452
- add role and group review tabs by @jimmytsang in #2446
- update java and go dependencies by @havetisyan in #2454
- zms-cli: add -audit-enabled flag for role/group add operations by @havetisyan in #2453
- missing tags from policy/service requests by @havetisyan in #2449
This release includes required schema updates:
- https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231120.sql
- https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231122.sql
- https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231127.sql
Full Changelog: v1.11.47...v1.11.48
Athenz v1.11.47 Release
What's Changed
- add GCP project ID in manage domains by @Raja0623 in #2398
- upgrade prettier and run fix-lint by @chandrasekhar1996 in #2400
- update service provider manager test case by @havetisyan in #2399
- centre align business service column by @chandrasekhar1996 in #2406
- Fix the server side authorization for the msd api to return kubernetes network policy object by @rajeshal in #2405
- pull in the latest and greatest rdl endpoints by @jimmytsang in #2410
- expose sandns_x509_cnames field in sia config file by @havetisyan in #2411
- provide Roles/ExternalCredentials interfaces for instance providers by @havetisyan in #2408
- simplify error messages for access tokens to avoid confusion by @havetisyan in #2415
- new role/group/domain attributes - no implementation by @havetisyan in #2416
- provide option to request issuer based on external creds attributes by @havetisyan in #2418
- zts gcp dns client example by @havetisyan in #2409
- Enable use of locally built components in local Docker environment by @hiragi-gkuth in #2403
- update go host ip check test case to ignore docker/bridge interface by @havetisyan in #2419
- update java and go dependencies to their latest releases by @havetisyan in #2421
- new msd api to create transport policy by @abvaidya in #2422
New Contributors
Full Changelog: v1.11.46...v1.11.47
Athenz v1.10.60 Release
- downgrade ehcache for javax namespace support
- access the SD secret to skip published packages
Athenz v1.10.59 Release
What's Changed
- fetch verification key from server during access token validation for 1.10.x-jetty9 by @RikuyaMatsumura in #2369
- 1.10.x release - update dependencies + unit tests by @havetisyan in #2413
Full Changelog: v1.10.58...v1.10.59
This version was not published in Maven Central. Instead please use v1.10.60 Release
Athenz v1.11.46 Release
What's Changed
- for notification emails expand groups and delegated role membership by @havetisyan in #2388
- replace interface{} with string for zms-cli import operations by @havetisyan in #2391
- support proxy principal spiffe uri in access token requests by @havetisyan in #2392
- new bit to disable notifications over a week away by @havetisyan in #2393
- Extract and reuse duplicate helper function ExtractSignerInfo. by @zhaoyonghe in #2324
- for groups to disable expiry notfs look for both expiration/reminder tags by @havetisyan in #2397
- msd api to return kubernetes network policy object by @abvaidya in #2396
Full Changelog: v1.11.45...v1.11.46
Athenz v1.11.45 Release
What's Changed
- fix add/edit tags for policy and service by @jimmytsang in #2358
- failure with insert principal where 2 roles are created simultaneously with the same new member by @havetisyan in #2365
- oidc response - make redirect uri optional if json output is requested by @havetisyan in #2367
- failure with insert principal where 2 roles are created simultaneously with the same new member by @havetisyan in #2368
- Fix service tags tab hiding other tabs by @jimmytsang in #2361
- Add GetZone from meta endpoint for gcp by @YuchenWang01 in #2366
- double encoding name parameter for deleteStaticWorkload by @jimmytsang in #2370
- bump awssdk from 2.20.162 to 2.21.6 for netty vuln by @ysknkd in #2372
- new zms-cli option show-domain-attrs to display domain attributes by @havetisyan in #2376
- remove redirect-uri from fetch id token call since it's optional for json output by @havetisyan in #2375
- fix membership approval email view in gmail by @havetisyan in #2377
- adding support for service_name.service_namespace.svc in K8S san dns by @abvaidya in #2378
- allow updating the last_reviewed_date for role/group through meta api by @havetisyan in #2381
- clean-up hostname verifier support in zts java client by @havetisyan in #2382
- Temporary network issue causes aws temp creds stop refreshing by @havetisyan in #2379
- replacing wix-embedded-mysql with testcontainers-java by @abvaidya in #2384
- update jetty/java/go deps to their latest releases by @havetisyan in #2386
Full Changelog: v1.11.44...v1.11.45
Athenz v1.11.44 Release
What's Changed
- add fetcherError null check, debug only if there is error by @jimmytsang in #2347
- fetch verification key from server during access token validation by @ricordanza in #2323
- Creating a PR Template file by @oohsai in #2344
- Make KeyRefresher's background thread more efficient by @jeffreytolar in #2346
- Bump golang.org/x/net from 0.16.0 to 0.17.0 by @dependabot in #2345
- Fix pr template by @hiragi-gkuth in #2350
- change the athenz-zpe-java-client jacoco coverage threshold from 0.8711 to 0.8702 by @ricordanza in #2349
- fix 'make deploy-local' by @hiragi-gkuth in #2348
- provide domain authz for expanded role lookup by @havetisyan in #2351
- Update go zpe README.md by @WindzCUHK in #2356
- updated go/grpc and java dependencies by @havetisyan in #2357
- Update LY Corporation name (formerly known as Yahoo! Japan) by @WindzCUHK in #2360
- Add microsegmentation to services table (Copied from Noy) by @jimmytsang in #2342
- provide zms endpoint to return list of roles and groups for review by @havetisyan in #2355
- Introduce new endpoint to search workloads by domain and services by @rajeshal in #2352
- msd go client sync up with rdl by @havetisyan in #2362
New Contributors
Full Changelog: v1.11.43...v1.11.44
Athenz v1.11.43 Release
What's Changed
- DB names are lower case for last notification time check by @havetisyan in #2318
- Extract and export ClientTLSConfigFromPEM. by @zhaoyonghe in #2321
- Show msd error by @mendi160 in #2317
- Fix delete static workload by @mendi160 in #2315
- fix user service users map by @dvirguttman in #2319
- Make project labels selectable on GCP login page by @jeffreytolar in #2320
- skip loading on parent component for msd edit by @jimmytsang in #2322
- updated rdl schemas by @abvaidya in #2326
- log x509 cert serial number in the access log files by @havetisyan in #2325
- Add support for CIDR blocks and fix search for static instances by @MartinTrojans in #2327
- add role description tooltip by @dvirguttman in #2304
- unit test for jwt with none algorithm by @havetisyan in #2329
- Fix gcp login initially loading error no roles incorrectly by @jimmytsang in #2330
- sanitize error logs by @jimmytsang in #2333
- When user selects scope aws, disable report mode by @jimmytsang in #2328
- support omit-domain flag in sia through ATHENZ_SIA_OMIT_DOMAIN env va… by @havetisyan in #2336
- add logic to skip packages during publish by @havetisyan in #2337
- using a dedicated regex for msd static workload name validation by @abvaidya in #2338
- fix test access token signing key to 2048bit+ for valid testing by @ysknkd in #2339
- update java/go dependencies to their latest releases by @havetisyan in #2341
New Contributors
- @zhaoyonghe made their first contribution in #2321
Full Changelog: v1.11.42...v1.11.43
Athenz v1.11.42 Release
What's Changed
- zts server code cleanup - replace deprecated calls, etc by @havetisyan in #2294
- server common library code cleanup - replace deprecated calls, etc by @havetisyan in #2299
- zms server code cleanup - replace deprecated calls, etc by @havetisyan in #2295
- container library code cleanup - replace deprecated calls, etc by @havetisyan in #2296
- auth-core library code cleanup - replace deprecated calls, etc by @havetisyan in #2297
- common libraries code cleanup - replace deprecated calls, etc by @havetisyan in #2298
- libs/go/zmscli: fix dropped errors by @alrs in #2301
- handle assertion conditions in putPolicy api by @mendi160 in #2300
- update jacoco code coverage percentages by @havetisyan in #2303
- make sure only one notification run per-day by @havetisyan in #2305
- new static instance type - service_subnet by @abvaidya in #2307
- Add support for policy tags. by @royelbaum in #2210
- Add accountId, projectNumber, launchTime in raw.Doc by @YuchenWang01 in #2309
- Add support for service tag by @royelbaum in #2237
- Add new fields to hostdoc.Doc by @YuchenWang01 in #2311
- utils/zts-svccert: fix dropped errors by @alrs in #2312
- new store-token-option to store access token without quotes by @havetisyan in #2313
New Contributors
- @YuchenWang01 made their first contribution in #2309
Full Changelog: v1.11.41...v1.11.42