All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Added
ignore-already-initialized
configuration flag to the sensu-backend init command for returning exit code 0 when a cluster has already been initialized. - Added javascript mutators, which can be selected by setting "type": "javascript" on core/v2.Mutators, and specifying valid ECMAScript 5 code in the "eval" field. See documentation for details.
- Added --retry-min, --retry-max, and --retry-multiplier flags to sensu-agent for controlling agent retry exponential backoff behaviour. --retry-min and --retry-max expect duration values like 1s, 10m, 4h. --retry-multiplier expects a decimal multiplier value.
- Added ProcessedBy field to check results. The ProcessedBy field indicates which agent processed a particular event.
- Added
core/v2.Pipeline
resource for configuring Pipeline resources.- Addedpipelines
field toCheck
andCheckConfig
- Added API key support for admin user at cluster init time.
- Added
sensu_go_agentd_event_bytes
&sensu_go_store_event_bytes
summary metrics to the/metrics
endpoint. - Added support for environment variable arguments in
sensuctl
.
- When deleting resource with sensuctl, the resource type will now be displayed in the confirmation prompt
- When keepalived encounters round-robin ring errors, the backend no longer internally restarts.
- The core/v2.Mutator type now has a Type field which can be used to tell Sensu that the mutator is a different type from the default (pipe). Currently, the supported types are "pipe" and "javascript".
- The default retry values have been increased from a minimum of 10ms to 1s, a maximum of 10s to 120s, and the multiplier decreased from 10.0 to 2.0.
- The backend internal bus default buffer sizes have been increased from 100 to 1000 items.
- Sensu Go OSS can now be built on
darwin/arm64
. - Fixed a regression in
sensu-backend init
where the exit status returned 0 if the store was already initialized. - Guard against potential crash in the sensuctl cluster member-list command when the etcd response header is nil.
- Agent events API now accepts metrics event.
- Fixed rare cases where the agent could fail to delete temporary files when downloading assets.
- Forwards compatibility with newer Sensu backends has been improved. Users can now create resources with fields that are unknown to Sensu.
- API and agent services now log at warn level when the start up, not at info.
- Backend now reports when it is ready to process events at warn level.
- Added
etcd-log-level
configuration flag for setting the log level of the embedded etcd server. - Added wait flag to the sensu-backend init command which toggles waiting indefinitely for etcd to become available.
- Added sensu_go_keepalives prometheus counter.
- Upgraded Go version from 1.13.15 to 1.16.5.
- Upgraded Etcd version from 3.3.22 to 3.5.0.
- The loadit tool now uses UUIDv4 instead of UUIDv1 for agent names.
- Some Prometheus metric names have changed with the upgrade to Etcd 3.5. See https://etcd.io/docs/v3.5/metrics/etcd-metrics-latest.txt for the metrics that Etcd 3.5 exposes.
- The timeout flag for
sensu-backend init
is now treated as a duration instead of seconds. If the value is less than 1 second, the value is converted to seconds.
- Fixed config deprecation warnings from being shown when deprecated config options weren't set.
- Fixed issue with keepalive status remaining in OK status after agent shutdown.
- Fixed a bug where role bindings that refer to missing roles would cause the wrong status to be returned from the HTTP API, and the dashboard to go into a crash loop.
- Fixed a bug where an empty subscription was present in the deregistration event's check.
- Fixed issue with Windows agent not handling command timeouts properly
- Sensu Go OSS can now be built on
darwin/arm64
.
- Added API key authentication support to sensuctl.
- Added ResourceTemplate resource. ResourceTemplate will be used to populate namespaces with initial resources.
- Added
GetResourceV3Watcher()
to thestore/etcd
package. - Add
EntityServiceClass
constant to thecorev2
package, representing BSM Services. - Added ResourceTemplate instantiation on namespace creation.
- Added more context when logging JavaScript filter evaluation errors.
- Both V2 & V3 resources are now validated when used with storev2.
- Initialize labels & annotations for v3 resources when fields are nil.
- Fixed the
agent-managed-entity
agent config attribute when no labels are defined. - Fixed a bug where the scheduler could crash in rare circumstances, when using round robin checks.
- Fixed a bug where build information would get calculated for every keepalive in OSS builds.
- Don't trigger internal restart on SIGHUP.
- Concatenated YAML files now support CRLF.
- Remove extraneous auto-completion suggestions.
- Fixed a potential crash in tessend.
- Fixed a potential deadlock in agentd.
- Fixed a bug where some Etcd watchers could try to process watch events holding invalid pointers.
- Fixed the
agent-managed-entity
agent config attribute when no labels are defined. - Fixed a bug where events from namespaces other than the one requested could appear in sensuctl dump output. The bug only applied to users who had access to the other namespaces.
- The expire field of silenced entries represents the configured expiration, in seconds, not the remaining duration.
- Allow agents labels & annotations to be configured via configuration flags.
- Fixed a bug where a small amount of extra etcd or postgres traffic was generated on keepalive failure.
- Event check history now contains an entry for the first received event.
- Sensuctl and sensu-backend ask for password retype when a new password is created when in interactive mode.
- Build info is now exposed as a prometheus metric via the /metrics endpoint.
- Added
/health
endpoint to agentd. - Added the Scheduler field to Check and CheckConfig.
- Add support for environment variables to define configuration file paths of
sensu-backend (
SENSU_BACKEND_CONFIG_FILE
) & sensu-agent (SENSU_CONFIG_FILE
). - Added event sequence numbers.
- Entities may now be managed exclusively by their agents when sensu-agent is
started with the new
agent-managed-entity
configuration attribute.
- Adjust the date and duration formats used when listing and displaying silenced entries in sensuctl.
- Make
event_id
usage in logging consistent. - Changed sensuctl commands that only contain subcommands to exit with status code 46 when no arguments or incorrect arguments are given.
- The config-file flag is no longer order dependant.
- Added description to sensuctl dump command.
- The sensuctl command descriptions now have consistent capitalization.
- The
v3.V3EntityToV2()
API function now properly carries over the metadata'sCreatedBy
field.
- Fixed a bug where the entity API could panic.
- The agent asset fetcher now respects the HTTP proxy environment variables when trusted-ca-file is configured.
- Improve error message around asset checksum mismatch.
- Fixed a crash in the backend and agent related to Javascript execution.
sensuctl edit
no longer automatically adds thesensu.io/managed_by
label.
- Fixed a bug where silences could take longer to expire than they should, if the cluster goes through a restart, or an etcd election.
- Fixed a bug where sensu-agent would not shut down correctly.
- The per-entity subscription now persists with PATCH requests.
- sensuctl now resolves symbolic links.
- Allow HookConfig to be exported via
sensuctl dump
. - Properly log any API error in
sensuctl dump
. - An RBAC rule with the
update
permission now properly authorizes PATCH requests. - eventd errors now include additional context for debugging.
- Entities are now properly created using
sensuctl create
.
- A warning is now logged when a runtime asset was requested but does not exist.
- Added Prometheus transformer for extracting metrics from check output using the Prometheus Exposition Text Format.
- The backend flag
--api-request-limit
is now available to configure the maximum API request body size, in bytes. - Add support for the PATCH method on the REST API for most configuration resources.
- The trusted CA file is now used for agent, backend and sensuctl asset retrieval.
- The backend will no longer start when the dashboard TLS configuration is not fully specified.
- Include the agent entity in data passed to the command process' STDIN.
- Per-entity subscriptions (ex.
entity:entityName
) are always available on agent entities, even if removed via the/entities
API. - Fixed a crash in the backend and agent related to Javascript execution.
- Proxy entities that are used in round-robin check requests are no longer stale.
- Fixed a bug where entity listing would be incorrect if agent entities were created via the API instead of with sensu-agent.
- Close the response body when done reading from it while downloading assets.
sensuctl user hash-password
command no longer requires a config to run.
- Failed check events now get written to the event log file.
- Log a warning when secrets cannot be sent to an agent because mTLS is not enabled.
- Added the is_silenced boolean key to event.Check object.
- Clarifies wording around a secret provider error message.
- Logs and returns an error if a mutator cannot be found.
- User-Agent header is only set on new client creation rather than on each request.
- Fixed a bug where highly concurrent event filtering could result in a panic.
- Fixed a bug where nil labels or annotations in an event filtering context would result in a bad user experience, with the user having to explicitly check if the annotations or labels are undefined. Now, the user is guaranteed that labels and annotations are always defined, though they may be empty.
- Automatically capitalize the roleRef and subject types in ClusterRoleBindings and RoleBindings.
- Log the proper CA certificate path in the error message when it can't be properly parsed by the agent.
- Fix the log entry field for the check's name in schedulerd.
- Store fewer keys in etcd for agents.
- Keepalive and round robin scheduling leases are now dealt with more efficiently.
- The web interface is now a standalone product and no longer distributed inside the sensu-backend binary. Refer to https://github.com/sensu/web for more.
- The database schema for entities has changed. After upgrading, users will not be able to use their database with older versions of Sensu.
- After initial creation, sensu-agent entity configuration cannot be changed by modifying the agent's configuration file.
- Entities are now stored as two separate data structures, in order to optimize data access patterns.
- The
dead
andhandleUpdate
methods in keepalived now useEntityConfig
andEntityState
respectively. - The
dead()
andcreateProxyEntity()
methods in eventd now usecorev3.EntityConfig
andcorev3.EntityState
. - sensu-agent configuration can now be managed via the HTTP API.
- ClusterRoleBinding and RoleBinding subjects names can now contain any unicode characters.
- Enriches output of
sensuctl asset add
with help usage for how to use the runtime asset. - Unless the entity is a proxy entity, updates to entities now ignore state related fields.
- Upgraded Go version from 1.13.7 to 1.13.15.
- Upgraded etcd version from 3.3.17 to 3.3.22.
- Improves logging around the agent websocket connection.
- Fixed potential Web UI crash when fetching events in namespace with > 1000 events.
- Errors produced in the agent by assets, check validation, token substitution, and event unmarshaling are logged once again.
- Added
SENSU_LICENSE_FILE
environment variable to handler executions. - Added the
sensuctl user hash-password
command to generate password hashes - Added the ability to reset passwords via the backend API &
sensuctl user reset-password
- The user resource now has a
password_hash
field to specify the password hash, in place of the cleartext password - Added the beginnings of the core/v3 API.
- Added automatically generated tests for the core/v2 API.
sensu-agent
's default log level is nowinfo
instead ofwarn
.sensuctl command exec
now spawns the plugin directly instead of going through a sub-shell.
- The password verification logic when running
sensuctl user change-password
has been moved from sensuctl to the backend API. - Errors while publishing proxy check requests do not block scheduling for other entities.
- Listing namespaces in sensuctl with
--chunk-size
now works properly. - Prevent the agent from immediately exiting in certain scenarios where components are disabled.
- Fixed an issue where a GraphQL query could fail when querying a namespace containing event data in excess of 2GBs.
- Deregistration events now contain a timestamp.
- Checks configured with missing hooks no longer cause the agent to crash.
- Added the username as a field to the API request logger.
- The Process struct only contains the name of the process.
- The proper libc implementation is now displayed for Ubuntu entities.
- Add validation for subjects in RBAC RoleBinding and ClusterRoleBinding.
- Fixed a bug where single-letter subscriptions were not allowed, even though they were intended to be.
- Fix retrieving command assets from bonsai.
No changelog for this release.
- Added the ability to omit types from sensuctl dump when using the "all" flag.
- Fixed a bug in sensuctl dump where duplicate resource names could be specified.
- Added ability to make the Resty HTTP Timeout configurable.
- Added the
event.is_silenced
&event.check.is_silenced
field selectors. - Added
processes
field to the system type to store agent local processes (commercial feature). - Users can now increment the logging level by sending SIGUSR1 to the sensu-backend or sensu-agent process.
- Added a new
sensuctl describe-type
command to list all resource types. - Added
labels
andannotations
as backend config options. - Added token substitution for assets.
- Added
Edition
field to version information. - Added
GoVersion
field to version information. - Assets paths are now accessible to consumers via an environment variable.
- Added a helper function to token substitution to retrieve an asset path.
- Windows agent now has log rotation capabilities.
- [Web] Added check hook output to event details page.
- Warning messages from Resty library are now suppressed in sensuctl.
- Notepad is now the default editor on Windows, instead of vi.
- [Web] Any leading and trailing whitespace is now trimmed from the username when authenticating.
- [Web] A toast is now displayed when a user attempts to delete an event but does not have appropriate authorization.
- [Web] Only the first five groups a user belongs to are displayed in the preferences dialog. Showing too many made it difficult for users to locate the sign-out button.
- Windows agent now accepts and remembers arguments passed to 'service run' and 'service install'.
- Windows agent synchronizes writes to its log file, ensuring that file size will update with every log line written.
- Windows agent now logs to both console and log file when 'service run' is used.
- [Web] Fixed issue where the de-registration handler would always show up as undefined on the entity details page.
- Added a
timeout
flag tosensu-backend init
. - [Web] Added the ability for labels and annotations with links to images to be displayed inline.
- [Web] Added additional modes for those with colour blindness.
- Added support for restarting the backend via SIGHUP. Config reloading is not supported yet.
- Removed deprecated flags in
sensuctl silenced update
subcommand.
sensu-backend init
now logs any TLS failures encountered.- Fixes a bug in multi-line metric extraction that appeared in windows agents.
- Fixed an authn bug where sensu-backend would restart when agents disconnect.
- Fixed a bug where check state and last_ok were not computed until the second instance of the event.
- Fix the validation for env_vars to allow the equal sign in values.
- Log to the warning level when an asset is not installed because none of the filters matched.
- Return underlying errors when fetching an asset.
- Fixed a bug where the etcd event store would return prefixed matches rather than exact matches when getting events by entity.
sensuctl logout
now resets the TLS configuration.- [Web] Fixes issue where labels with links could lead to a crash.
- Added a global rate limit for fetching assets so that asset retries are not abusive (can be
configured using
--assets-rate-limit
and--assets-burst-limit
on the agent and backend). - [Web] Fixed an issue where trying to use an unregistered theme could lead to a crash.
- Fixed a bug that would cause the backend to crash.
- Fixed a bug that would cause messages like "unary invoker failed" to appear in the logs.
- Fixed several goroutine leaks.
- Fixed a bug that would cause the backend to crash when the etcd client got an error saying "etcdserver: too many requests".
No changelog for this release.
- Require that pipe handlers have a command set.
- The config file default path is now shown in the help for sensu-backend start and sensu-agent start.
- Keepalives can now be published via the HTTP API.
- Token substitution templates can now express escape-quoted strings.
- [Web] Fixes issue where labels with links could lead to a crash.
- Fixed a bug where keepalives would not always fire correctly when using the postgres event store.
- The REST API now uses a timeout of 3 seconds by default when querying etcd health.
- sensu-agent will not longer allow configuring keepalive timeouts less than the keepalive interval.
- Eventd can no longer mistake keepalive events for checks with TTL.
- Keepalives now generate a new event UUID for each keepalive failure event.
- Agents now correctly reset keepalive switches on reconnect, fixing a bug where old keepalive timeout settings would persist too long.
- The system's libc_type attribute is now populated on alpine containers.
- The
sensu.io/managed_by
label is now automatically applied to resources created viasensuctl create
. - Added
created_by
to object metadata and populate that field via the HTTP API. - Added agent discovery of libc type, VM system/role, and cloud provider.
- Added
float_type
field to system type to store which float type (softfloat, hardfloat) a system is using. - Additional Tessen resource metrics can now be registered at runtime.
- Added a generic client POST function that can return the response.
- Tessen now reports the type of store used for events ("etcd or "postgres").
- Updated the store so that it may create wrapped resources.
- Bonsai client now logs at debug level instead of info level.
- The dashboard service now returns an error if the client User-Agent is curl or sensuctl. This should prevent users from using the dashboard port by mistake.
- Fixed a bug where the agent could connect to a backend using a namespace that doesn't exist.
- Subscriptions can no longer be empty strings (#2932)
- The proper HTTP status codes are returned for unauthenticated & permission denied errors in the REST API.
- Check history is now in FIFO order, not ordered by executed timestamp.
- Fixed bug where flapping would incorrectly end when
total_state_change
was belowhigh_flap_threshold
instead of belowlow_flap_threshold
. - sensu-backend no longers hang indefinitely if a file lock for the asset manager cannot be obtained, and returns instead an error after 60 seconds.
- Stopped using the etcd embedded client, which seems to trigger nil pointer panics when used against an etcd that is shutting down.
- 64-bit align the
Resource
struct in the store cache to fix a crash on 32-bit systems. - Fixed a bug where sensu-backend would restart when agents disconnect.
- Added the
/version
API in sensu-agent. - Indicate in log messages which filter dropped an event.
- sensuctl now supports the http_proxy, https_proxy, and no_proxy environment variables.
- returns 401 instead of 500 when issues occur refreshing the access token.
- Support Bonsai assets versions prefixed with the letter
v
. - Fixed a bug where wrapped resources were not getting their namespaces set by the default sensuctl configuration.
- read/writes
initializationKey
to/fromEtcdRoot
, while support legacy as fallback (read-only) - check for a non-200 response when fetching assets
/silenced
now supports API filtering (commercial feature).- Fixed event payload validation on the backend events API to validate the payload with the URL parameters on the /events/:entity/:check endpoint and reject events that do not match.
- The
auth/test
endpoint now returns the correct error messages. - The
log-level
configuration option is now properly applied when running the Sensu Agent Windows service.
- Updated Go version from 1.13.5 to 1.13.7.
- Default
event.entity.entity_class
toproxy
in the POST/PUT/events
API. - Proxy entities are now automatically created when events are published with an entity that does not exist.
- Fixed a bug where on an internal restart, enterprise HTTP routes could fail to intialize.
- Cluster configuration of sensuctl should be reset when
configure
is called. - Some namespaces would not appear in the curated namespace functionality under certain circonstances.
- Fix a bug with tar assets that contain hardlinked files.
- Assets name may contain capital letters.
- When
--trusted-ca-file
is used to configure sensuctl, it now detects and saves the absolute file path in the cluster config. - [Web] Changing order on event list will no longer cause filters to be reset.
- [Web] URLs inside annotations are now rendered as links.
- Added the secrets provider interface and secrets provider manager to be used by commercial secrets providers. Implemented for checks, mutators, and handlers.
- Added the
secrets
field to checks, mutators, and handlers. - Added the
keepalive-handlers
configuration flag on the agent to specify the entity's keepalive handlers. - Added
event.entity.name
as a supported field selector.
- Fixed a memory leak in the entity cache.
- [Web] Labels with links can now be followed.
- [Web] Fixed a inconsistent crash that occurred in Firefox browsers.
- [Web] Fixed bug where event history was duplicated in the event timeline chart.
- [Web] Fixed issue where silenced entries with a start date would result in a crash.
- Fixed a bug where
sensuctl entity delete
was not returning an error when attempting to delete a non-existent entity. - sensuctl command assets installed via Bonsai will now use the "sensuctl" namespace.
- Fixed a memory leak in the entity cache
- Users with implicit permissions to a namespace can now display resources within that namespace via the Web UI.
- Explicit access to namespaces can only be granted via cluster-wide RBAC resources.
- Split rules ClusterRole and Role verbs, resources and resource names on comma.
- Add support for the
--format
flag in thesensuctl command list
subcommand. - Namespace can be ommited from event when performing an HTTP POST request to
the
/events
endpoint. - Fixed a bug where failing check TTL events could occur event if keepalive failures had already occurred.
- Initialize the sensu_go_events_processed counter with the
success
label so it's always displayed. - Fixed a performance regression that was introduced in 5.15.0, which would cause the API to timeout past 20k agent sessions.
- Display the JWT expiration Unix timestamp in
sensuctl config view
. - Added the 'sensu-backend init' subcommand.
- Added a new flag, --etcd-client-urls, which should be used with sensu-backend when it is not operating as an etcd member. The flag is also used by the new sensu-backend init tool.
- Added the cluster's distribution to Tessen data.
- Added a new field, ClusterIDHex, to the ClusterHealth datatype.
- Added the
--etcd-discovery
and--etcd-discovery-srv
flags tosensu-backend
. These are used to take advantage of the embedded etcd's auto-discovery features. - Added
--keepalive-critical-timeout
to define the time after which a critical keepalive event should be created for an agent. - Added
--keepalive-warning-timeout
which is an alias of--keepalive-timeout
for backwards compatibility.
- Add a timeout to etcd requests when retrieving the nodes health.
- Show the correct default value for the format flag in
sensuctl dump
help usage. - Installing sensuctl commands via Bonsai will now check for correct labels before checking if the asset has 1 or more builds.
- Listing assets with no results returns an empty array.
- Fixed a panic that could occur when creating resources in a namespace that does not exist.
- [Web] Links to documentation now point to the version of the product being run instead of the latest; helpful when running an older version of Sensu.
- Fixed issue where keepalive events and events created through the agent's socket interface could be missing a namespace.
- Fixed an issue where 'sensuctl cluster health' would hang indefinitely.
- Fixed several issues around the metadata of resources encoded using the wrapped-json format, where the metadata would go missing when listing resources or prevent resources from being created.
- The backend will no longer automatically be seeded with a default admin username and password. Users will need to run 'sensu-backend init' on every new installation.
- Several deprecated flags were removed from sensu-backend.
- [Web] Changes to navigation. The app bar has been replaced by an omnipresent drawer increasing the available space for content. Additionally, each page now includes breadcrumbs.
- [Web] Switching namespaces is easier than ever, with the new and improved switcher. The new component can be accessed from the drawer or with the shortcut ctrl+k. For those with many namespaces the switcher now includes fuzzy search and improved keyboard navigation.
- 'sensuctl cluster health' will now use a 3s timeout when gathering cluster health information.
- 'sensuctl cluster health' now collects cluster health information concurrently.
- Added better error logging for mutator execution.
- Fixed the order of flap detection weighting for checks.
- The pprof server now only binds to localhost.
- Added the
APIKey
resource and HTTP API support for POST, GET, and DELETE. - Added sensuctl commands to manage the
APIKey
resource. - Added support for api keys to be used in api authentication.
- Added support for sensu-backend service environment variables.
- Added support for timezones in check cron strings.
- Added support for extending sensuctl support with commands.
- Moved
corev2.BonsaiAsset
tobonsai.Asset
and movedcorev2.OutdatedBonsaiAsset
tobonsai.OutdatedAsset
along with subsequent bonsai package refactors. - Colons and periods are now allowed to be used in all resource names, with the exception of users.
- Upgraded etcd to 3.3.17
- Listing namespaces is now done implicitly based on access to resources within a namespace. Users will no longer be able to list all namespaces by default, in new installations. Existing installations will function as before. Operators can change to the new behaviour, by modifying the system:user role.
- As a result of upgrading etcd, TLS etcd clients that lose their connection will successfully reconnect when using --no-embed-etcd.
- Check TTL switches are now correctly buried when associated events and entities are deleted.
- Keepalive switches are now correctly buried when the keepalive event is deleted.
- Sensu now uses far fewer leases for keepalives and check TTLs, resulting in a stability improvement for most deployments.
- Fixed a minor UX issue in interactive filter commands in sensuctl.
- Silences now successfully apply to proxy entities where the check doesn't contain the same subscriptions as the entity (#3356)
- Added prometheus gauges for check schedulers.
- Opening an already open Bolt database should not cause sensu-agent to hang indefinitely.
- [CLI] Dump multiple types as YAML to a file would print separator STDOUT instead of specified file
- Fixed a bug where Sensu would crash with a panic due to a send on a closed channel.
- [Web] Added an additional option to the error dialog allowing users to completely wipe the application's persisted state; in lieu of them having to manually wipe their local / session storage. This may help in the rare cases where something in said state is leading to an uncaught exception.
- [Web] For operating systems with support for selecting a preferred light /dark theme, the application now respects the system preference by default.
- sensuctl dump can now list the types of supported resources with --types.
- Added the
sensu_agent_version
field to theEntity
resource, which reflects the Sensu semver version of the agent entity. - Added the
--etcd-heartbeat-interval
and--etcd-election-timeout
flags tosensu-backend
- [Web] Github is not always the best place for feature requests and discussion, as such we've changed CTA for feedback to point to Discourse instead of the web repository's issues page.
- [Web] When a user lands on a page inside a namespace that no longer exists or they do not have access to, the drawer is now opened so that namespace switcher is front and center. Hopefully this should reduce any confusion around next steps.
- Support agent TLS authentication, usable with a licensed sensu-backend.
- Updated Go version from 1.12.3 to 1.13.1.
- [GraphQL]
putWrapped
mutation now accepts wrapped JSON with empty outer objectmeta.
- [Web] Fixed issue where a user with an appropriate role may have been unable to resolve events, queue checks, and create silenced entries.
- Splayed proxy checks are now executed every interval, instead of every
interval + interval * splay_coverage
. - [GraphQL] Ensures that proxy entity label & annotations are redacted.
- Fixed a bug in the ring where round robin schedules would not recover after quorum loss.
- [Web] Unauthorized errors emitted while creating silences or resolving events are now caught and a toast is presented to communicate what occurred.
- [Web] Internal errors are now avoided when a user attempts to queue an ad-hoc check for a keepalive.
- Do not separate asset builds into several assets unless the the tabular format
is used in
sensuctl asset list
. - Fix the 'flag accessed but not defined' error in
sensuctl asset outdated
- Fix generic API client's
SetTypeMeta
method. The APIGroup is now correctly configured and by virtue unintended authorization denied errs are avoided. - Fixed a bug where checks would stop executing after a network error.
- Fixed a bug where sensuctl create with stdin was not working.
- Enterprise bug fix.
- Multi-build asset definitions with no matching filters will no longer cause a panic.
- Added the
sensuctl env
command. - sensuctl asset add (fetches & adds assets from Bonsai).
- sensuctl asset outdated (checks for newer versions of assets from Bonsai).
- Add HTTP and directory support to
sensuctl create
- Only validate check interval/cron when publish true
- sensuctl dump no longer silently discards errors.
- Interactive check create and update modes now have 'none' as the first highlighted option, instead of nagios-perfdata.
- Fixed a bug where silences would not expire on event resolution.
- Added functionality for the agent
--allow-list
configuration, which whitelists check and check hook executables. - Added the
runtime_assets
field toHookConfig
. Assets are enabled for check hook execution. - Added backwards compatible content negotiation to the websocket connection. Protobuf will be used for serialization/deserialization unless indicated by the backend to use JSON.
- Added delete functionality for assets in the API and sensuctl.
- Added
sensuctl dump
to dump resources to a file or STDOUT. - Added
event.check.name
as a supported field selector. - [Web] Added timeline chart to event details view.
- Added
entity.system.arm_version
to record the value ofGOARM
at compile time. - Added
ProviderType
field toAuthProviderClaims
- Added
builds
field to theAsset
type to allow assets to specify different URLs for each platform/architecture/arch_version.
- The project now uses Go modules instead of dep for dependency management.
- The internal reverse proxy relied on by the dashboard has been eliminated.
- The generic etcd watcher now keeps track of revisions.
- The resource caches can now rebuild themselves in case of failures.
- Event and Entity resources can now be created without an explicit namespace; the system will refer to the namespace in the URL.
- Events and Entities can now be created with the POST verb.
- [Web] Changed styling of namespace labels.
- Log token substitution failures more clearly.
- Fixed the tabular output of
sensuctl filter list
so inclusive filter expressions are joined with&&
and exclusive filter expressions are joined with||
. - The REST API now correctly only returns events for the specific entity
queried in the
GET /events/:entity
endpoint (#3141) - Prevent a segmentation fault when running
sensuctl config view
without configuration. - Added entity name to the interactive sensuctl survey.
- Check hooks with
stdin: true
now receive actual event data on STDIN instead of an empty event. - Prevent a segmentation fault on the agent when a command execution returns an error.
- [Web] Fixed issue where a bad or revoked access token could crash the app.
- Removed encoded protobuf payloads from log messages (when decoded, they can reveal redacted secrets).
- The agent now sends heartbeats to the backend in order to detect network failures and reconnect faster.
- The default handshake timeout for the WebSocket connection negotiation has been lowered from 45 to 15 seconds and is now configurable.
- Silenced entries are now retrieved from the cache when determining if an event is silenced.
- Added --disable-assets flag to sensu-agent.
- Added ability to query mutators to the GraphQL service
- Added ability to query event filters to the GraphQL service
- Added prometheus metrics for topics in wizard bus and agent sessions.
- The buffer size and worker count of keepalived, eventd & pipelined can now be configured on sensu-backend.
- Added a
headers
field to theAsset
struct. Headers is a map of key/value string pairs used as HTTP headers for asset retrieval. - Added the current user to the output of
sensuctl config view
. - [Web] Adds list and details views for mutators
- [Web] Adds list and details views for event filters
- Added sensuctl delete command
- [Web] Updated embedded web assets from
46cd0ee
...8f50155
- The REST API now returns the
201 Created
success status response code for POST & PUT requests instead of204 No Content
.
- The REST API now returns an error when trying to delete an entity that does not exist.
- Fixed a bug where basic authorization was not being performed on the agent websocket connection.
- Fixed an aliasing regression where event timestamps from the /events API were not getting properly populated.
- Fixed a bug where multiple nested set handlers could be incorrectly flagged as deeply nested.
- Fixed a bug where round robin proxy checks could fail to execute.
- Fixed a bug where watchers could enter a tight loop, causing very high CPU usage until sensu-backend was restarted.
- Fixed the entity_attributes in proxy_requests so all attributes must match instead of only one of them.
- Fixed a bug where events were not deleted when their corresponding entity was.
- Added POST
/api/core/v2/tessen/metrics
. - Added the ability in TessenD to listen for metric points on the message bus, populate, and send them to the Tessen service.
- [Web] Adds ability to delete entities
- [GraphQL] Adds simple auto-suggestion feature.
- Added a tag to all Tessen metrics to differentiate internal builds.
- Added a unique sensu cluster id, accessible by GET
/api/core/v2/cluster/id
. - Added
sensuctl cluster id
which exposes the unique sensu cluster id.
- [Web] Updated embedded web assets from
275386a
...46cd0ee
- Refactoring of the REST API.
- Changed the identifying cluster id in TessenD from the etcd cluster id to the sensu cluster id.
- [GraphQL] Updates
PutResource
mutation to accept anupsert
boolean flag parameter. Theupsert
param defaults totrue
, but if set tofalse
the mutation will return an error when attempting to create a duplicate resource. - Eventd has been refactored. Users should not perceive any changes, but a substantial amount of business logic has been moved into other packages.
- The
sensuctl create
command now accepts resources without a declared namespace. If the namespace is omitted, the resource will be created in the current namespace, or overridden by the--namespace
flag. - Eventd now uses a constant number of requests to etcd when working with silenced entries, instead of a number that is proportional to the number of subscriptions in a check.
- The check state and check total_state_change properties are now more correct.
- Scheduling proxy checks now consumes far fewer CPU resources.
- [Web] Unless required- scrollbars on code blocks are hidden.
- [Web] Ensure that we redirect user to a valid namespace when first signing in.
- [Web] Correctly display timeout value for handlers.
- [Web] Avoid exception when parsing non-standard cron statements. (Eg.
@every 1h
or@weekly
) - The resources metadata are now validated with the request URI.
- [GraphQL] Added field to retrieve REST API representation of a resource to each core type
- [Web] Add views for handlers
- [Web] Updated embedded web assets from
9d91d7f
...275386a
- [Web] Implements simpler & more efficient filtering.
- [GraphQL] fields that previously accepted a JS filter have been deprecated and replaced with a simpler syntax.
- Fixed the behaviors for check
Occurrences
andOccurrencesWatermark
. - Fixed a panic that could occur when seeding initial data.
- [Web] Compress dashboard assets
- [Web] Fixed regression where dashboard assets were no longer compressed.
- Fixed listing of silenced entries by check or subscription.
- The docker-compose.yaml file now refers to the sensu/sensu:latest image.
- Added per resource counts to tessen data collection.
- Added event processing counts to tessen data collection.
- Added ability to query for
Handlers
(individual and collections) from the GraphQL query endpoint. - Added
/version
to retrieve the current etcd server/cluster version and the sensu-backend version. - --etcd-cipher-suites option is now available for sensu-backend.
- Added the
--chunk-size
flag tosensuctl * list
sub-commands
- eventd and keepalived now use 1000 handlers for events.
- etcd database size and request size are now configurable.
- Most resources now use protobuf serialization in etcd.
- Only bury switchsets of checks that no longer have a TTL, in order to reduce the number of write operations made to etcd.
- Fixed keepalives switchsets for entities with deregistration.
- Fixed continue token generation in namespace and user pagination.
- Added a Windows service wrapper for sensu-agent. See "sensu-agent service --help" for more information.
- Fixed
sensuctl
color output on Windows. - Fixed a regression in
sensuctl cluster
json/wrapped-json output. - Fixed a regression that caused listing objects for a given namespace to also include results from namespaces sharing a similar prefix.
- Added filtering support to
sensuctl
. This feature only works against asensu-backend
with a valid enterprise license. - Added fields getter functions for resources available via the REST API.
- Added the message bus to Tessend in order to track Tessen configuration changes from the API.
- Added a performance optimizing
Count()
function to the generic store. - Added a hexadecimal Cluster ID title to the
sensuctl cluster health
andsensuctl cluster member-list
commands in tabular format. - Added a
Header
field to theHealthResponse
type returned by/health
.
- Fixed the agent
--annotations
and--labels
flags.
- Added parsing annoatations to sensu-agent, both from agent.yml and command line arguments
- Updated Go version from 1.11.4 to 1.12.3 for CI builds.
- Changed the 1.x
client
field tosource
in the 1.x compatible agent socket. Theclient
field is now deprecated. - Deprecated the agent TCP/UDP sockets in favor of the agent rest api.
- [GraphQL] Added mutation to create / update using wrapped resources.
- [GraphQL] Added field returning wrapped resource given ID.
- apid uses a new generic router for listing resources.
- The store uses the generic List function for listing resources.
- Fixed an issue where etcd watchers were used incorrectly. This was causing 100% CPU usage in some components, as they would loop endlessly trying to get results from watchers that broke, due to their stream terminating. Other components would simply stop updating. Watchers now get reinstated when the client regains connectivity.
- Fixed the
/events/:entity
route in the REST API. - Fixed a bug where the --labels arg was not working as expected in sensu-agent.
- Added the TessenD daemon.
- Added an etcd watcher for tessen configuration.
- Added ring support for TessenD so that the service is invoked in a round-robin fashion within a cluster.
- Added
tessen opt-in
command tosensuctl
. - Added
tessen opt-out
command tosensuctl
. - Added
tessen info
command tosensuctl
. - Added more verbose logging to indicate when a proxy request matches an entity according to its entity attributes.
- Removed the unused etcd watcher for hook configurations.
- [Web] Ensure user chip is never rendered when creator is not present.
- Add support for pagination to the API
- Add two new flags for
backend
daemon to optionally allow for separate TLS cert/key for dashboard. the flags are:--dashboard-cert-file
and--dashboard-key-file
. The dashboard will use the same TLS config of the API unless these new flags are specified. - Added notion of asset collections to dashboard daemon
- Added a store for Tessen opt-in/opt-out configuration.
- Added /tessen GET and PUT endpoints to the API.
- Added queueing to the agent /events API
- [Web] Updated dependencies that had warnings
- [Web] Updated dependency babel to ^7.4
- [Web] Updated UI library to ^3.8
- Fixed a bug in
sensuctl
where global/persistent flags, such as--namespace
and--config-dir
, would get ignored if they were passed after a sub-command local flag, such as--format
. - Fixed a bug in
sensuctl
where handlers and filters would only be deleted from the default namespace, unless a--namespace
flag was specified. - Fixed a bug where events could be stored without a timestamp.
- Fixed a bug where metrics could be persisted to etcd in some cases.
- Fixed a bug where agents would sometimes refuse to terminate on SIGTERM and SIGINT.
- Fixed a bug where agents would always try to reconnect to the same backend, even when multiple backends were specified. Agents will now try to connect to other backends, in pseudorandom fashion.
- [Web] Avoids crash when the creator of a check is inaccessible.
- [Api] Respond with 404 from the users endpoint when user for given name cannot be found.
- Commands wrap on the event details page and will display "-" if there is no command (keepalives)
- Added additional check config and entity information to event details page.
- Fixed all known TLS vulnerabilities affecting the backend server:
- TLS min version increased to 1.2
- Removed ALL but perfect-forward-secrecy ciphers
- Removed requirement of specifying
--trusted-ca-file
when using TLS on backend - Prevented backend from loading server TLS configuration for http client
- Enforced uniform TLS configuration for all three backend components (apid, agentd, dashboardd)
- Set http client timeout to 15 seconds for sensuctl
- Round robin scheduling is now fully functional.
- Web UI offline state detection and and alert banner.
- Asset downloading now uses buffered I/O.
- Check results sent via the agent socket now support handlers.
sensuctl user list
can now output yaml and wrapped-json- Fixed bug with how long commands were displayed on check details page.
- Assets downloads no longer specify a client timeout.
- Fixed a bug where agent entity subscriptions would be communicated to the backend incorrectly. Due to the scheduler using the subscriptions from the HTTP header, this does not have any effect on scheduling.
- Web - Fixes issue where timeout value was not displayed.
- Fixed bug with how long commands were displayed on check details page.
- Removed the concept of "edition" and the edition header.
- Fixed a regression in the agent that would not allow proxy checks to be run for subsequent executions.
- Web UI - support for labels and annotations
- Added support for the following TLS related options to
sensuctl
:--trusted-ca-file
and--insecure-skip-tls-verify
. This allows sensuctl users to use a self-signed certificate without adding it to the operating system's CA store, either by explicitly trusting the signer, or by disabling TLS hostname verification. - Added a generic watcher in the store.
- Added
RemoveProvider
method to authenticator. - Check output truncation support has been added. Check output can be truncated by adjusting the max_output_size and discard_output properties.
- Added ability to silence/unsilence from the event details page.
- Added support for wrapped resources in the API with
sensuctl create
&sensuctl edit
. - Web UI - platform version displays on the entity details page.
- Web UI - include proxy request configuration on check details page.
- Web UI - display deregistration config on the entity details page.
- Removed unused workflow
rel_build_and_test
in CircleCI config. - Moved the
Provider
interface toapi/core/v2
package. - Moved the
Authenticator
interface tobackend/authentication
package. - Updated confirmation messages for sensuctl commands:
Created
,Deleted
andUpdated
instead ofOK
. - Exported some functions and methods in the CLI client.
- The API authenticator now identifies providers by their name only.
- Check TTL failure events are now much more reliable, and will persist even in the presence cluster member failures and cluster restarts.
- Fix snakeCase version of keys in typeMap for acronyms.
- Fixed a bug in keepalive processing that could result in a crash.
- Pin childprocess to v0.9.0 in CircleCI so fpm can be installed.
- Substitutions applied to command & hooks are now omitted from events.
- Fixes a bug where generic store methods assumed a namespace was provided for non-namespaced resources.
- Keepalive and check TTL database state is now properly garbage-collected on entity deletion.
- Fixed a bug where
sensuctl version
required configuration files to exist. - Updates the copy on the confirm disable dialog to accurately reflect the operation.
- Added the notion of authentication providers.
- Improved logging for errors in proxy check requests.
- Updated Go version from 1.10 to 1.11.4.
- Refactoring of the internal authentication mechanism into a
basic
authentication provider. - Modified private generic store methods as public functions.
- Improved logging for errors in proxy check requests.
- Updated Go version from 1.10 to 1.11.4.
- Changed keepalive event to include check.output
- Fixed a bug where
sensuctl edit
was not removing the temp file it created. - Fixed a bug where adhoc checks were not retrieving asset dependencies.
- Fixed a bug where check updates would cause the check to immediately fire.
- Fixed a bug where a bad line in check output would abort metric extraction. An error is now logged instead, and extraction continues after a bad line is encountered.
- Keepalive events will now continue to fire after cluster restarts.
- Fixed a panic in the dashboardd shutdown routine.
- Fixed a bug where deleting a non-existent entity with sensuctl would not return an error.
- Web UI - toolbar menu buttons now switch with dark theme.
- Web UI - some buttons easier to see with dark theme.
- Agents will now take proxy entity names into consideration when guarding against duplicate check requests.
- Improved logging for errors in proxy check requests.
- Updated Go version from 1.10 to 1.11.4.
- Support for the trusted-ca-file and insecure-skip-tls-verify flags in sensu-agent. These flags have the same meaning and use as their sensu-backend counterparts.
- Default location for sensu-backend data has changed from /var/lib/sensu to /var/lib/sensu/sensu-backend. See release notes for more information.
- Keepalive and check TTL failure events now fire continuously until resolved.
- Listing an empty set of assets now correctly returns [] instead of null.
- Fixed API endpoint used by the CLI to create hooks via the 'sensuctl create' command. It's now possible to create objects of type 'Hook' with this command again.
- Firefox status icons not fully rendering
- Added --etcd-advertise-client-urls options to docker-compose.yaml sensu-backend start command
- Prevent a panic when using an external etcd cluster.
- Silences List in web ui sorted by ascending order; defaults to descending
- Reduces shuffling of items as events list updates
- Fixed error in UI where status value could not be coerced
- Copy local environment variables into execution context when running checks
- Ensure environment variables are joined with a semicolon on Windows
- Command arguments are no longer needlessly escaped on Windows
- Backend environments are now included in handler & mutator execution requests.
- Add the
etcd-advertise-client-urls
config attribute to sensu-backend - Support for multiple API versions added to sensuctl create
- Support for metadata added to wrapped resources (yaml, wrapped-json)
- Added the backend configuration attributes
api-listen-address
&api-url
. - Adds feedback when rerunning check[s] in the web app
- Check subdue functionality has been disabled. Users that have checks with subdues defined should delete and recreate the check. The subdue feature was found to have issues, and we are re-working the feature for a future release.
- Filter when functionality has been disabled. Users that have filters with 'when' properties defined should delete and recreate the filter. Filter when uses the same facility as check subdue for handling time windows.
- Removed event.Hooks and event.Silenced deprecated fields
- Extensions have been removed until we have time to revisit the feature.
- Assets and checks environments are now merged, with a preference given to the values coming from the check's environment.
- Assets and handlers environments are now merged, with a preference given to the values coming from the handler's environment.
- Assets and mutators environments are now merged, with a preference given to the values coming from the mutator's environment.
- Metadata from wrappers and resources is now merged, with a preference given to the values coming from the wrapper. Labels and annotations are deep-merged.
- Round-robin scheduling has been temporarily disabled.
- The dashboard now uses the
api-url
configuration attribute to connect to the API.
- Fixed several resource leaks in the check scheduler.
- Fixed a bug in the dashboard where entities could not be silenced.
- Fix the
sensuctl cluster health
command. - Fixed issue filtering by status on the events page
- Fixed interactive operations on entities in the CLI
- Removed rerun and check links for keepalives on event details page.
- Web UI - Made silencing language more clear on Silences List page
- Fixed a bug where resources from namespaces that share a common prefix, eg: "sensu" and "sensu-devel", could be listed together.
- Fixed a bug in the agent where the agent would deadlock after a significant period of disconnection from the backend.
- Fixed a bug where logging events without checks would cause a nil panic.
- Removed the ability to rerun keepalives on the events list page
- A panic in keepalive/check ttl monitors causing a panic.
- Monitors are now properly namespaced in etcd.
- Updating a users groups will no longer corrupt their password
- Prevent empty error messages in sensuctl.
- Fixed a bug where keepalive failures could be influenced by check TTL successes, and vice versa.
- Fixed a bug where check TTL events were not formed correctly.
- Fixed a web-ui bug causing the app to crash on window resize in FireFox
- The backend configuration attributes
api-host
&api-port
have been replaced withapi-listen-address
.
- Assets are included on check details page.
- Adds links to view entities and checks from the events page.
- Added an agent/cmd package, migrated startup logic out of agent main
- Improved debug logging in pipeline filtering.
- Add object metadata to entities (including labels).
- Add filter query support for labels.
- Add support for setting labels on agents with the command line.
- The sensuctl tool now supports yaml.
- Add support for
--all-namespaces
flag insensuctl extension list
subcommand. - Added functionality to the dynamic synthesize function, allowing it to flatten embedded and non-embedded fields to the top level.
- Added the sensuctl edit command.
- Added javascript filtering.
- Govaluate is no longer part of sensu-go.
- Display appropriate fallback when an entity's lastSeen field is empty.
- Silences List in web ui sorted by ascending order
- Sorting button now works properly
- Fixed unresponsive silencing entry form begin date input.
- Removed lastSeen field from check summary
- Fixed a panic on the backend when handling keepalives from older agent versions.
- Fixed a bug that would prevent some keepalive failures from occurring.
- Improved event validation error messages.
- Improved agent logging for statsd events.
- Fixues issue with tooltip positioning.
- Fixed bug with toolbar menus collapsing into the overflow menu
- The agent now reconnects to the backend if its first connection attempt fails.
- Avoid infinite loop when code cannot be highlighted.
- Deprecated the sensu-agent
--id
flag,--name
should be used instead.
- Environments and organizations have been replaced with namespaces.
- Removed unused asset metadata field.
- Agent subscriptions are now specified in the config file as an array instead instead of a comma-delimited list of strings.
- Extended attributes have been removed and replaced with labels. Labels are string-string key-value pairs.
- Silenced
id
/ID
field has changed toname
/Name
. - Entity
id
/ID
field has changed toname
/Name
. - Entity
class
/Class
field has changed toentity_class
/EntityClass
. - Check
proxy_entity_id
/ProxyEntityID
field has changed toproxy_entity_name
/ProxyEntityName
. - Objects containing both a
name
/Name
andnamespace
/Namespace
field have been replaced withmetadata
/ObjectMeta
(which contains both of those fields). - Role-based access control (RBAC) has been completely redesigned.
- Filter and token substitution variable names now match API naming. Most names that were previously UpperCased are now lower_cased.
- Filter statements are now called expressions. Users should update their filter definitions to use this new naming.
- Asset functionality for mutators and handlers.
- Web ui allows publishing and unpublishing on checks page.
- Web ui allows publishing and unpublishing on check details page.
- Web ui code highlighting added.
- fixes exception thrown when web ui browser window is resized.
- Add windows/386 to binary gcs releases
- TLS authentication and encryption for etcd client and peer communication.
- Added a debug log message for interval timer initial offset.
- Added a privilege escalation test for RBAC.
- Staging resources and configurations have been removed from sensu-go.
- Removed handlers/slack from sensu/sensu-go. It can now be found in sensu/slack-handler.
- Removed the
Error
store and type.
- Changed sensu-agent's internal asset manager to use BoltDB.
- Changed sensuctl title colour to use terminal's configured default for bold text.
- The backend no longer forcibly binds to localhost.
- Keepalive intervals and timeouts are now configured in the check object of keepalive events.
- The sensu-agent binary is now located at ./cmd/sensu-agent.
- Sensuctl no longer uses auto text wrapping.
- The backend no longer requires embedded etcd. External etcd instances can be used by providing the --no-embed option. In this case, the client will dial the URLs provided by --listen-client-urls.
- The sensu-agent binary is now located at ./cmd/sensu-agent.
- Sensuctl no longer uses auto text wrapping.
- The backend no longer requires embedded etcd. External etcd instances can be used by providing the --no-embed option. In this case, the client will dial the URLs provided by --listen-client-urls.
- Deprecated daemon
Status()
functions and/info
(/info
will be re-implemented in sensu#1739). - The sensu-backend flags related to etcd are now all prefixed with
etcd
and the older versions are now deprecated. - Web ui entity recent events are sorted by last ok.
- etcd is now the last component to shutdown during a graceful shutdown.
- Web ui entity recent events are sorted by last ok
- Deprecated --custom-attributes in the sensu-agent command, changed to --extended-attributes.
- Interfaced command execution and mocked it for testing.
- Updated the version of
libprotoc
used to 3.6.1.
- Fixed a bug in
sensuctl configure
where an output format callednone
could be selected instead oftabular
. - Fixes a bug in
sensuctl cluster health
so the correct error is handled. - Fixed a bug where assets could not extract git tarballs.
- Fixed a bug where assets would not install if given cache directory was a relative path.
- Fixed a bug where an agent's collection of system information could delay sending of keepalive messages.
- Fixed a bug in nagios perfdata parsing.
- Etcd client URLs can now be a comma-separated list.
- Fixed a bug where output metric format could not be unset.
- Fixed a bug where the agent does not validate the ID at startup.
- Fixed a bug in
sensuctl cluster health
that resulted in an unmarshal error in an unhealthy cluster. - Fixed a bug in the web ui, removed references to keepaliveTimeout.
- Keepalive checks now have a history.
- Some keepalive events were misinterpreted as resolution events, which caused these events to be handled instead of filtered.
- Some failing keepalive events were not properly emitted after a restart of sensu-backend.
- The check output attribute is still present in JSON-encoded events even if empty.
- Prevent an empty Path environment variable for agents on Windows.
- Fixed a bug in
sensuctl check update
interactive mode. Boolean defaults were being displayed rather than the check's current values. - Use the provided etcd client TLS information when the flag
--no-embed-etcd
is used. - Increase duration delta in TestPeriodicKeepalive integration test.
- Fixed some problems introduced by Go 1.11.
- Removed the KeepaliveTimeout attribute from entities.
- Added the Sensu edition in sensuctl config view subcommand.
- List the supported resource types in sensuctl.
- Added agent ID and IP address to backend session connect/disconnect logs
- Licenses collection for RHEL Dockerfiles and separated RHEL Dockerfiles.
- API responses are inspected after each request for the Sensu Edition header.
- Rename list-rules subcommand to info in sensuctl role commmand with alias for backward compatibility.
- Updated gogo/protobuf and golang/protobuf versions.
- Health API now returns etcd alarms in addition to cluster health.
- Fixed agentd so it does not subscribe to empty subscriptions.
- Rules are now implicitly granting read permission to their configured environment & organization.
- The splay_coverage attribute is no longer mandatory in sensuctl for proxy check requests and use its default value instead.
- sensu-agent & sensu-backend no longer display help usage and duplicated error message on startup failure.
Issued
&History
are now set on keepalive events.- Resolves a potential panic in
sensuctl cluster health
. - Fixed a bug in InfluxDB metric parsing. The timestamp is now optional and compliant with InfluxDB line protocol.
- Fixed an issue where adhoc checks would not be issued to all agents in a clustered installation.
- Corrects the check field
total_state-change
json tag tototal_state_change
.
- Added unit test coverage for check routers.
- Added API support for cluster management.
- Added sensuctl cluster member-list command.
- Added Sensu edition detection in sensuctl.
- Added sensuctl cluster member-add command.
- Added API client support for enterprise license management.
- Added a header to API calls that returns the current Sensu Edition.
- Added sensuctl cluster health command.
- The Backend struct has been refactored to allow easier customization in enterprise edition.
- Use etcd monitor instead of in-memory monitor.
- Refactoring of the cmd package for sensuctl to allow easier customization in the enterprise edition.
- Upgrade dep to v0.5.0
- Added cluster health information to /health endpoint in sensu-backend.
- Fixed
sensuctl completion
help for bash and zsh. - Fixed a bug in build.sh where versions for Windows and Mac OS were not generated correctly.
- Display the name of extensions with table formatting in sensuctl.
- Fixed TLS issue that occurred when dashboard communicated with API.
- Check TTL now works with round robin checks.
- Format string for --format flag help now shows actual arguments.
- Push the sensu/sensu:nightly docker image to the Docker Hub.
- Replaced dummy certs with ones that won't expire until 100 years in the future.
- Fixed a bug where clustered round robin check execution executed checks too often.
- Catch errors in type assertions in cli.
- Fixed a bug where users could accidentally create invalid gRPC handlers.
- Removed check subdue e2e test.
- Removed unused Peek method in the Ring data structure.
- Removed deprecated import command.
- Performed an audit of events and checks. Added
event.HasCheck()
nil checks prior to assuming the existence of said check. - Added a Create method to the entities api.
- Added the ability to set round robin scheduling in sensuctl
- Added Output field to GRPC handlers
- Additional logging around handlers
- Accept additional time formats in sensuctl
- Entities can now be created via sensuctl.
- Added the format
wrapped-json
to sensuctlconfigure
,list
andinfo
commands, which is compatible withsensuctl create
. - Added debug event log with all event data.
- Added yml.example configurations for staging backend and agents.
- Added test resources in
testing/config/resources.json
to be used in staging. - Added all missing configuration options to
agent.yml.example
andbackend.yml.example
. - Added environment variables to checks.
- Added logging redaction integration test.
- Added check token substitution integration test.
- Added the
sensuctl config view
subcommand. - Added extension service configuration to staging resources.
- Added some documentation around extensions.
- Added Dockerfile.rhel to build RHEL containers.
- Upgraded gometalinter to v2.
- Add logging around the Sensu event pipeline.
- Split out the docker commands in build script so that building images and pushing can be done separately.
- Migrated the InfluxDB handler from the sensu-go repository to github.com/nikkiki/sensu-influxdb-handler
- Entry point for sensu-backend has been changed to
github.com/sensu/sensu-go/cmd/sensu-backend
- Don't allow unknown fields in types that do not support custom attributes
when creating resources with
sensuctl create
. - Provided additional context to metric event logs.
- Updated goversion in the appveyor configuration for minor releases.
- Use a default hostname if one cannot be retrieved.
- Return an error from
sensuctl configure
when the configured organization or environment does not exist. - Remove an unnecessary parameter from sensuctl environment create.
- The profile environment & organization values are used by default when creating a resource with sensuctl.
- Migrated docker image to sensu Docker Hub organization from sensuapp.
- Use the sensu/sensu image instead of sensu/sensu-go in Docker Hub.
- Prevent panic when verifying if a metric event is silenced.
- Add logging around the Sensu event pipeline
- Marked silenced and hooks fields in event as deprecated
- Fixed a bug where hooks could not be created with
create -f
- Metrics with zero-values are now displayed correctly
- Fix handler validation routine
- Fixed a small bug in the opentsdb transformer so that it trims trailing whitespace characters.
- Sensu-agent logs an error if the statsd listener is unable to start due to an invalid address or is stopped due to any other error.
- Fixed a bug where --organization and --environment flags were hidden for all commands
- Fix a bug where environments could not be created with sensuctl create
- StatsD listener on Windows is functional
- Add version output for dev and nightly builds (#1320).
- Improve git version detection by directly querying for the most recent tag.
- Fixed
sensuctl create -f
forRole
- Fixed
sensuctl create -f
forEvent
- Added validation for asset SHA512 checksum, requiring that it be at least 128 characters and therefore fixing a bug in sensuctl
- Silenced IDs are now generated when not set in
create -f
resources - API requests that result in a 404 response are now logged
- Fixed a bug where only a single resource could be created with
sensuctl create
at a time. - Fixed a bug where environments couldn't be deleted if there was an asset in the organization they reside in.
- Dashboard's backend reverse proxy now works with TLS certs are configured.
- Fixed a bug with the IN operator in query statements.
- Boolean fields with a value of
false
now appear in json format (removedomitempty
from protobufs). - The sensuctl create command no longer prints a spurious warning when non-default organizations or environments are configured.
- When installing assets, errors no longer cause file descriptors to leak, or lockfiles to not be cleaned up.
- Fixed a bug where the CLI default for round robin checks was not appearing.
- Missing custom attributes in govaluate expressions no longer result in an error being logged. Instead, a debug message is logged.
- Update AppVeyor API token to enable GitHub deployments.
- Allow creation of metric events via backend API.
- Fixed a bug where in some circumstances checks created with sensuctl create would never fail.
- Fixed a goroutine leak in the ring.
- Fixed
sensuctl completion
help for bash and zsh.
- Removed Linux/386 & Windows/386 e2e jobs on Travis CI & AppVeyor
- Removed check output metric extraction e2e test, in favor of more detailed integration coverage.
- Removed the
leader
package - Removed logging redaction e2e test, in favor of integration coverage.
- Removed check token substitution e2e test, in favor of integration coverage.
- Removed round robin scheduling e2e test.
- Removed proxy check e2e test.
- Removed check scheduling e2e test.
- Removed keepalive e2e test.
- Removed event handler e2e test.
- Removed
sensuctl
create e2e tests. - Removed hooks e2e test.
- Removed assets e2e test.
- Removed agent reconnection e2e test.
- Removed extensions e2e test.
- Add Ubuntu 18.04 repository
- Support for managing mutators via sensuctl.
- Added ability to sort events in web UI.
- Add PUT support to APId for the various resource types.
- Added flags to disable the agent's API and Socket listeners
- Made Changelog examples in CONTRIBUTING.md more obvious
- Added cli support for setting environment variables in mutators and handlers.
- Added gRPC extension service definition.
- The slack handler now uses the iconURL & username flag parameters.
- Support for nightlies in build/packaging tooling.
- Added extension registry support to apid.
- Added extension registry to the store.
- Add sensuctl create command.
- Adds a statsd server to the sensu-agent which runs statsd at a configurable flush interval and converts gostatsd metrics to Sensu Metric Format.
- Add event filtering to extensions.
- Proper 404 page for web UI.
- Add sensuctl extension command.
- Add extensions to pipelined.
- Added more tests surrounding the sensu-agent's statsd server and udp port.
- Add the
--statsd-event-handlers
flag to sensu-agent which configures the event handlers for statsd metrics. - Add default user with username "sensu" with global, read-only permissions.
- Add end-to-end test for extensions.
- Add configuration setting for backend and agent log level.
- Add extension package for building third-party Sensu extensions in Go.
- Add the
--statsd-disable
flag to sensu-agent which configures the statsd listener. The listener is enabled by default. - Added an influx-db handler for events containing metrics.
- Add 'remove-when' and 'set-when' subcommands to sensuctl filter command.
- Added the Transformer interface.
- Added a Graphite Plain Text transformer.
- Add support for
metric_format
andmetric_handlers
fields in the Check and CheckConfig structs. - Add CLI support for
metric_format
andmetric_handlers
fields insensuctl
. - Add support for metric extraction from check output for
graphite_plaintext
transformer. - Added a OpenTSDB transformer.
- Add support for metric extraction from check output for
opentsdb_line
- Added a Nagios performance data transformer.
- Add support for metric extraction from check output for
nagios_perfdata
- Added an InfluxDB Line transformer.
- Add support for metric extraction from check output for
influxdb_line
transformer. - Add e2e test for metric extraction.
- Changed the maximum number of open file descriptors on a system to from 1024 (default) to 65535.
- Increased the default etcd size limit from 2GB to 4GB.
- Move Hooks and Silenced out of Event and into Check.
- Handle round-robin scheduling in wizardbus.
- Added informational logging for failed entity keepalives.
- Replaced fileb0x with vfsgen for bundling static assets into binary. Nodejs 8+ and yarn are now dependencies for building the backend.
- Updated etcd to 3.3.2 from 3.3.1 to fix an issue with autocompaction settings.
- Updated and corrected logging style for variable fields.
- Build protobufs with go generate.
- Creating roles via sensuctl now supports passing flags for setting permissions rules.
- Removed -c (check) flag in sensuctl check execute command.
- Fix a deadlock in the monitor.
- Don't allow the bus to drop messages.
- Events list can properly be viewed on mobile.
- Updated Sirupsen/logrus to sirupsen/logrus and other applicable dependencies using the former.
- Set default log level to 'warn'.
- Optimize check marshaling.
- Silenced API only accepts 'id' parameter on DELETE requests.
- Disable gostatsd internal metric collection.
- Improved log entries produced by pipelined.
- Allow the InfluxDB handler to parse the Sensu metric for an InfluxDB field tag and measurement.
- Removed organization and environment flags from create command.
- Changed
metric_format
tooutput_metric_format
. - Changed
metric_handlers
tooutput_metric_handlers
.
- Terminate processes gracefully in e2e tests, allowing ports to be reused.
- Shut down sessions properly when agent connections are disrupted.
- Fixed shutdown log message in backend
- Stopped double-writing events in eventd
- Agents from different orgs/envs with the same ID connected to the same backend no longer overwrite each other's messagebus subscriptions.
- Fix the manual packaging process.
- Properly log the event being handled in pipelined
- The http_check.sh example script now hides its output
- Silenced entries using an asterisk can be deleted
- Improve json unmarshaling performance.
- Events created from the metrics passed to the statsd listener are no longer swallowed. The events are sent through the pipeline.
- Fixed a bug where the Issued field was never populated.
- When creating a new statsd server, use the default flush interval if given 0.
- Fixed a bug where check and checkconfig handlers and subscriptions are null in rendered JSON.
- Allow checks and hooks to escape zombie processes that have timed out.
- Install all dependencies with
dep ensure
in build.sh. - Fixed an issue in which some agents intermittently miss check requests.
- Agent statsd daemon listens on IPv4 for Windows.
- Include zero-valued integers in JSON output for all types.
- Check event entities now have a last_seen timestamp.
- Improved silenced entry display and UX.
- Fixed a small bug in the opentsdb transformer so that it trims trailing whitespace characters.
- A
--debug
flag on sensu-backend for enabling a pprof HTTP endpoint on localhost. - Add CLI support for adhoc check requests.
- Check scheduler now handles adhoc check requests.
- Added
set-FIELD
andremove-FIELD
commands for all updatable fields of a check. This allows updating single fields and completely clearing out non-required fields. - Add built-in only_check_output mutator to pipelined.
- Allow publish, cron, ttl, timeout, low flap threshold and more fields to be set when importing legacy settings.
- Add CPU architecture in system information of entities.
- The
sensuctl user change-password
subcommand now accepts flag parameters. - Configured and enabled etcd autocompaction.
- Add event metrics type, implementing the Sensu Metrics Format.
- Agents now try to reconnect to the backend if the connection is lost.
- Added non-functional selections for resolving and silencing to web ui
- Add LastOk to check type. This will be updated to reflect the last timestamp of a successful check.
- Added GraphQL explorer to web UI.
- Added check occurrences and occurrences_watermark attributes from Sensu 1.x.
- Added issue template for GitHub.
- Added custom functions to evaluate a unix timestamp in govaluate.
- Refactor Check data structure to not depend on CheckConfig. This is a breaking change that will cause existing Sensu alpha installations to break if upgraded. This change was made before beta release so that further breaking changes could be avoided.
- Make indentation in protocol buffers files consistent.
- Refactor Hook data structure. This is similar to what was done to Check, except that HookConfig is now embedded in Hook.
- Refactor CheckExecutor and AdhocRequestExecutor into an Executor interface.
- Changed the sensu-backend etcd flag constants to match the etcd flag names.
- Upgraded to Etcd v3.3.1
- Removed 3DES from the list of allowed ciphers in the backend and agent.
- Password input fields are now aligned in
sensuctl user change-password
subcommand. - Agent backend URLs without a port specified will now default to port 8081.
- Travis encrypted variables have been updated to work with travis-ci.org
- Upgraded all builds to use Go 1.10.
- Use megacheck instead of errcheck.
- Cleaned agent configuration.
- We no longer duplicate hook execution for types that fall into both an exit code and severity (ex. 0, ok).
- Updated the sensuctl guidelines.
- Changed travis badge to use travis-ci.org in README.md.
- Govaluate's modifier tokens can now be optionally forbidden.
- Increase the stack size on Travis CI.
- Refactor store, queue and ring interfaces, and daemon I/O details.
- Separated global from local flags in sensuctl usage.
- Fixed a bug in time.InWindow that in some cases would cause subdued checks to be executed.
- Fixed a bug in the HTTP API where resource names could not contain special characters.
- Resolved a bug in the keepalive monitor timer which was causing it to erroneously expire.
- Resolved a bug in how an executor processes checks. If a check contains proxy requests, the check should not duplicately execute after the proxy requests.
- Removed an erroneous validation statement in check handler.
- Fixed HookList
hooks
validation and updatedtype
validation message to allow "0" as a valid type. - Events' check statuses & execution times are now properly added to CheckHistory.
- Sensu v1 Check's with TTL, timeout and threshold values can now be imported correctly.
- Use uint32 for status so it's not empty when marshalling.
- Automatically create a "default" environment when creating a new organization.
- Add .gitattributes file with merge strategy for the Changelog.
- Context switcher added for dashboard.
- Add API support for adhoc check requests.
- Check scheduler now supports round-robin scheduling.
- Added better error checking for CLI commands and support for mutually exclusive fields.
- Added
--interactive
flag to CLI which is required to run interactive mode. - Added CLI role rule-add Organization and Environment interactive prompts.
- Added events page list and simple buttons to filter
- Silenced
begin
supports human readable time (Format: Jan 02 2006 3:04PM MST) insensuctl
with optional timezone. Stores the field as unix epoch time. - Increased the timeout in the store's watchers tests.
- Incremental retry mechanism when waiting for agent and backend in e2e tests.
- Renamed CLI asset create interactive prompt "Org" to "Organization".
- Fixed required flags in
sensuctl
so requirements are enforced. - Add support for embedded fields to dynamic.Marshal.
- Add an e2e test for proxy check requests.
- Add integration tests to our CI.
- Context switcher added for dashboard
- Add api support for adhoc check requests.
- Tracks in-progress checks with a map and mutex rather than an array to increase time efficiency and synchronize goroutines reading from and writing to that map.
- Fixed a bug where we were attempting to kill processes that had already finished before its allotted execution timeout.
- Fixed a bug where an event could erroneously be shown as silenced.
- Properly log errors whenever a check request can't be published.
- Fixed some build tags for tests using etcd stores.
- Keepalive monitors now get updated with changes to a keepalive timeout.
- Prevent tests timeout in queue package
- Prevent tests timeout in ring package
- Fixed a bug in the queue package where timestamps were not parsed correctly.
- Fixed Ring's Next method hanging in cases where watch events are not propagated.
- Queues are now durable.
- Refactoring of the check scheduling integration tests.
- CLI resource delete confirmation is now
(y/N)
.
- Dependency github.com/chzyer/readline
- Add function for matching entities to a proxy check request.
- Added functions for publishing proxy check requests.
- Added proxy request validation.
- CLI functionality for proxy check requests (add set-proxy-requests command).
- Entities have been added to the state manager and synchronizer.
- Added package leader, for facilitating execution by a single backend.
- Proxy check requests are now published to all entities described in
ProxyRequests
andEntityAttributes
. - Add quick navigation component for dashboard
- Govaluate logic is now wrapped in the
util/eval
package. - Cron and Interval scheduling are now mutually exclusive.
- Fixed a bug where retrieving check hooks were only from the check's organization, rather than the check's environment, too.
- Add
Timeout
field to CheckConfig. - CLI functionality for check
Timeout
field. - Add timeout support for check execution.
- Add timeout support for check hook execution.
- Token substitution is now available for check hooks
- Add an e2e test for logging redaction
- Support for
When
field inFilter
which enables filtering based on days and times of the week. - New gRPC inspired GraphQL implementation. See graphql/README for usage.
- Support for TTLs in check configs to monitor stale check results.
- Moved monitor code out of keepalived and into its own package.
- Moved KeyBuilder from etcd package to store package.
- Logging redaction for entities
- Fixed e2e test for token substitution on Windows
- Fixed check subdue unit test for token substitution on Windows
- Consider the first and last seconds of a time window when comparing the current time
- Fixed Travis deploy stage by removing caching for $GOPATH
- Parse for traditional cron strings, rather than GoDoc cron strings.
- Removed the Visual Studio 2017 image in AppVeyor to prevent random failures
- Made some slight quality-of-life adjustments to build-gcs-release.sh.
- Add check subdue mechanism. Checks can now be subdued for specified time windows.
- Silenced entries now include a
begin
timestamp for scheduled maintenance. - Store clients can now use watchers to be notified of changes to objects in the store.
- Add check
Cron
field. Checks can now be scheduled according to the cron string stored in this field. - Add a distributed queue package for use in the backend.
- Token substitution is now available for checks.
- CLI functionality for check
Cron
field. - Add an e2e test for cron scheduling.
- Add an e2e test for check hook execution.
- The
Source
field on a check has been renamed toProxyEntityID
. Any checks using the Source field will have to be recreated.
- Silenced entries with ExpireOnResolve set to true will now be deleted when an event which has previously failing was resolved
- TCP/UDP sockets now accept 1.x backward compatible payloads. 1.x Check Result gets translated to a 2.x Event.
- Custom attributes can be added to the agent at start.
- New and improved Check Hooks are implemented (see whats new about hooks here: Hooks)
- Add check subdue CLI support.
- Avoid using reflection in time.InWindows function.
- Use multiple parallel jobs in CI tools to speed up the tests
- Pulled in latest github.com/coreos/etcd.
- Includes fix for panic that occurred on shutdown.
- Refer to their changelog for more.
- Switch to using github.com/golang/dep for
managing dependencies;
vendor/
directory has been removed. - See README for usage.
- End-to-end test for the silencing functionality
- Silenced events are now identified in sensuctl
- Events that transitioned from incidents to a healthy state are no longer filtered by the pipeline
- Errcheck was added to the build script, and the project was given a once-over to clean up existing errcheck lint.
- Creating a silenced entry via sensuctl no longer requires an expiry value
- Entities can now be silenced using their entity subscription
- Fixed a bug in the agent where it was ignoring keepalive interval and timeout settings on start
- Keepalives now alert when entities go away!
- Fixed a bug in package dynamic that could lead to an error in json.Marshal in certain cases.
- Fixed an issue in keepalived to handle cases of nil entities in keepalive messages
- Proxy entities are now dynamically created through the "Source" attribute of a check configuration
- Flag to sensuctl configure allowing it to be configured non-interactively (usage: --non-interactive or -n)
- New function SetField in package dynamic, for setting fields on types supporting extended attributes.
- Automatically append entity:entityID subscription for agent entities
- Add silenced command to sensuctl for silencing checks and subscriptions.
- Add healthz endpoint to agent api for checking agent liveness.
- Add ability to pass JSON event data to check command STDIN.
- Add POST /events endpoint to manually create, update, and resolve events.
- Add "event resolve" command to sensuctl to manually resolve events.
- Add the time.InWindow & time.InWindows functions to support time windows, used in filters and check subdue
- Fixed a bug in how silenced entries were deleted. Only one silenced entry will be deleted at a time, regardless of wildcard presence for subscription or check.
- New "event delete" subcommand in sensuctl
- The "Store" interface is now properly documented
- The incoming request body size is now limited to 512 KB
- Silenced entries in the store now have a TTL so they automatically expire
- Initial support for custom attributes in various Sensu objects
- Add "Error" type for capturing pipeline errors
- Add registration events for new agents
- Add a migration tool for the store directly within sensu-backend
- Refactoring of the sensu-backend API
- Modified the description for the API URL when configuring sensuctl
- A docker image with the master tag is built for every commit on master branch
- The "latest" docker tag is only pushed once a new release is created
- Fix the "asset update" subcommand in sensuctl
- Fix Go linting in build script
- Fix querying across organizations and environments with sensuctl
- Set a standard redirect policy to sensuctl HTTP client
- Removed extraneous GetEnv & GetOrg getter methods