Skip to content

Commit

Permalink
Merge branch 'branch/v16' into bot/backport-48372-branch/v16
Browse files Browse the repository at this point in the history
  • Loading branch information
@bl-nero
bl-nero authored Nov 13, 2024
2 parents 2526fe7 + 771d085 commit ec22de7
Show file tree
Hide file tree
Showing 264 changed files with 10,906 additions and 5,189 deletions.
32 changes: 32 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,37 @@
# Changelog

## 16.4.7 (11/11/2024)

* Fixed bug in Kubernetes session recordings where both root and leaf cluster recorded the same Kubernetes session. Recordings of leaf resources are only available in leaf clusters. [#48738](https://github.com/gravitational/teleport/pull/48738)
* Machine ID can now be forced to use the explicitly configured proxy address using the `TBOT_USE_PROXY_ADDR` environment variable. This should better support split proxy address operation. [#48675](https://github.com/gravitational/teleport/pull/48675)
* Fixed undefined error in open source version when clicking on `Add Application` tile in the Enroll Resources page in the Web UI. [#48616](https://github.com/gravitational/teleport/pull/48616)
* Updated Go to 1.22.9. [#48581](https://github.com/gravitational/teleport/pull/48581)
* The teleport-cluster Helm chart now uses the configured `serviceAccount.name` from chart values for its pre-deploy configuration check Jobs. [#48579](https://github.com/gravitational/teleport/pull/48579)
* Fixed a bug that prevented the Teleport UI from properly displaying Plugin Audit log details. [#48462](https://github.com/gravitational/teleport/pull/48462)
* Fixed an issue preventing migration of unmanaged users to Teleport host users when including `teleport-keep` in a role's `host_groups`. [#48455](https://github.com/gravitational/teleport/pull/48455)
* Fixed showing the list of access requests in Teleport Connect when a leaf cluster is selected in the cluster selector. [#48441](https://github.com/gravitational/teleport/pull/48441)
* Added Connect support for selecting Kubernetes namespaces during access requests. [#48413](https://github.com/gravitational/teleport/pull/48413)
* Fixed a rare "internal error" on older U2F authenticators when using tsh. [#48402](https://github.com/gravitational/teleport/pull/48402)
* Fixed `tsh play` not skipping idle time when `--skip-idle-time` was provided. [#48397](https://github.com/gravitational/teleport/pull/48397)
* Added a warning to `tctl edit` about dynamic edits to statically configured resources. [#48392](https://github.com/gravitational/teleport/pull/48392)
* Define a new `role.allow.request` field called `kubernetes_resources` that allows admins to define what kinds of Kubernetes resources a requester can make. [#48387](https://github.com/gravitational/teleport/pull/48387)
* Fixed a Teleport Kubernetes Operator bug that happened for OIDCConnector resources with non-nil `max_age`. [#48376](https://github.com/gravitational/teleport/pull/48376)
* Updated host user creation to prevent local password expiration policies from affecting Teleport managed users. [#48163](https://github.com/gravitational/teleport/pull/48163)
* Added support for Entra ID directory synchronization for clusters without public internet access. [#48089](https://github.com/gravitational/teleport/pull/48089)
* Fixed "Missing Region" error for teleport bootstrap commands. [#47995](https://github.com/gravitational/teleport/pull/47995)
* Fixed a bug that prevented selecting security groups during the Aurora database enrollment wizard in the web UI. [#47975](https://github.com/gravitational/teleport/pull/47975)
* During the Set Up Access of the Enroll New Resource flows, Okta users will be asked to change the role instead of entering the principals and getting an error afterwards. [#47957](https://github.com/gravitational/teleport/pull/47957)
* Fixed `teleport_connected_resource` metric overshooting after keepalive errors. [#47949](https://github.com/gravitational/teleport/pull/47949)
* Fixed an issue preventing connections with users whose configured home directories were inaccessible. [#47916](https://github.com/gravitational/teleport/pull/47916)
* Added a `resolve` command to tsh that may be used as the target for a Match exec condition in an SSH config. [#47868](https://github.com/gravitational/teleport/pull/47868)
* Respect `HTTP_PROXY` environment variables for Access Request integrations. [#47738](https://github.com/gravitational/teleport/pull/47738)
* Updated tsh ssh to support the `--` delimiter similar to openssh. It is now possible to execute a command via `tsh ssh user@host -- echo test` or `tsh ssh -- host uptime`. [#47493](https://github.com/gravitational/teleport/pull/47493)

Enterprise:
* Jamf requests from Teleport set "teleport/$version" as the User-Agent.
* Add Web UI support for selecting Kubernetes namespaces during access requests.
* Import user roles and traits when using the EntraID directory sync.

## 16.4.6 (10/22/2024)

### Security Fixes
Expand Down
19 changes: 12 additions & 7 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
# Stable releases: "1.0.0"
# Pre-releases: "1.0.0-alpha.1", "1.0.0-beta.2", "1.0.0-rc.3"
# Master/dev branch: "1.0.0-dev"
VERSION=16.4.6
VERSION=16.4.7

DOCKER_IMAGE ?= teleport

Expand Down Expand Up @@ -1474,7 +1474,7 @@ derive:
.PHONY: derive-up-to-date
derive-up-to-date: must-start-clean/host derive
@if ! git diff --quiet; then \
echo 'Please run make derive.'; \
./build.assets/please-run.sh "derived functions" "make derive"; \
exit 1; \
fi

Expand Down Expand Up @@ -1509,14 +1509,15 @@ endif
.PHONY: protos-up-to-date/host
protos-up-to-date/host: must-start-clean/host grpc/host
@if ! git diff --quiet; then \
echo 'Please run make grpc.'; \
./build.assets/please-run.sh "protos gRPC" "make grpc"; \
exit 1; \
fi

.PHONY: must-start-clean/host
must-start-clean/host:
@if ! git diff --quiet; then \
echo 'This must be run from a repo with no unstaged commits.'; \
@echo 'This must be run from a repo with no unstaged commits.'; \
git diff; \
exit 1; \
fi

Expand All @@ -1525,7 +1526,12 @@ must-start-clean/host:
crds-up-to-date: must-start-clean/host
$(MAKE) -C integrations/operator manifests
@if ! git diff --quiet; then \
echo 'Please run make -C integrations/operator manifests.'; \
./build.assets/please-run.sh "operator CRD manifests" "make -C integrations/operator crd"; \
exit 1; \
fi
$(MAKE) -C integrations/operator crd-docs
@if ! git diff --quiet; then \
./build.assets/please-run.sh "operator CRD docs" "make -C integrations/operator crd"; \
exit 1; \
fi
$(MAKE) -C integrations/operator crd-docs
Expand All @@ -1540,8 +1546,7 @@ crds-up-to-date: must-start-clean/host
terraform-resources-up-to-date: must-start-clean/host
$(MAKE) -C integrations/terraform docs
@if ! git diff --quiet; then \
echo 'Please run make -C integrations/terraform docs.'; \
git diff; \
./build.assets/please-run.sh "TF provider docs" "make -C integrations/terraform docs"; \
exit 1; \
fi

Expand Down
Loading

0 comments on commit ec22de7

Please sign in to comment.