Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update suite.yml for v1.13.0+suite.1 release #230

Merged
merged 1 commit into from
Aug 18, 2021
Merged

Update suite.yml for v1.13.0+suite.1 release #230

merged 1 commit into from
Aug 18, 2021

Conversation

jtuttle
Copy link
Member

@jtuttle jtuttle commented Aug 13, 2021
edited
Loading

Release Notes

All notable changes to this project will be documented in this file.

[1.13.0+suite.1] - 2021-08-13

Table of Contents

Components

These are the components that combine to create this Conjur OSS Suite release and links
to their releases:

Conjur Server

Conjur SDK

Platform Integrations

DevOps Tools

Secretless Broker

Summon

Installation Instructions for the Suite Release Version of Conjur

Installing the Suite Release Version of Conjur requires setting the container image tag. Below are more specific instructions depending on environment.

  • Docker or docker-compose

    Set the container image tag to cyberark/conjur:1.13.0.
    For example, make the following update to the conjur service in the quickstart docker-compose.yml

    image: cyberark/conjur:1.13.0

  • Conjur Open Source Helm chart

    Update the image.tag value and use the appropriate release of the helm chart:

    helm install ... \
  --set image.tag="1.13.0" \
  ...
  https://github.com/cyberark/conjur-oss-helm-chart/releases/download/v2.0.4/conjur-oss-2.0.4.tgz

Upgrade Instructions

Upgrade instructions are available for the following components:

Changes

The following are changes to the constituent components since the last Conjur
OSS Suite release:

cyberark/conjur

v1.12.0 (2021-06-25)

  • Added
    • The JWT Authenticator (authn-jwt) supports authenticating third-party vendors that utilize JWT.
      See design
    • Set MAX_REQUESTS_PER_CONNECTION to infinity and introduced an
      environment variable to allow users to set their own value,
      see PR for further information:
      cyberark/conjur#2282
  • Changed
    • Parsing a Conjur config with invalid YAML content now outputs a more user
      friendly error message without a stack trace.
      cyberark/conjur#2256
    • Set the Puma process explicitly to reliably restart the correct process
      when the Conjur configuration is reloaded.
      cyberark/conjur#2291
  • Security
    • Upgrade bindata to 2.4.10 to resolve Unspecified Issue reported by JFrog Xray
      cyberark/conjur#2257

v1.13.0 (2021-07-29)

  • Added
  • Security
    • Bump cyberark/ubi-ruby-fips from 1.0.3 to 1.0.4 to address CVE-2021-33910.
      cyberark/conjur#2333
    • Upgraded addressable in ./Gemfile.lock and ./docs/Gemfile.lock to 2.8.0 to resolve
      GHSA-jxhc-q857-3j6g cyberark/conjur#2311
    • Previously, OIDC authentication requests that included a user ID in the URL
      path would return a Conjur access token without requiring a valid OIDC token
      in the request. OIDC authentication requests that attempt to include a user ID
      in the URL path now return a 404 Not Found response.
      Security Bulletin

cyberark/conjur-cli

v6.2.4 (2021-07-01)

cyberark/conjur-service-broker

v1.2.0 (2021-06-09)

v1.2.1 (2021-08-02)

cyberark/secrets-provider-for-k8s

v1.1.4 (2021-06-30)

cyberark/terraform-provider-conjur

v0.6.0 (2021-08-12)

cyberark/secretless-broker

v1.7.4 (2021-06-30)

v1.7.5 (2021-08-04)

cyberark/summon

v0.9.0 (2021-07-19)

  • Added
  • Fixed
    • Default provider path can be overridden via the SUMMON_PROVIDER_PATH environment variable,
      resolving an issue where providers cannot be found when installed via homebrew in a non-default location.
      cyberark/summon#213

cyberark/summon-conjur

v0.5.5 (2021-06-01)

v0.6.0 (2021-08-11)

@jtuttle jtuttle requested a review from a team as a code owner August 13, 2021 17:44
@jtuttle
Copy link
Member Author

jtuttle commented Aug 13, 2021

@boazmichaely @alexkalish

What's New

This suite release aligned with Conjur Server version 1.13.0. It includes a new JWT authenticator for Conjur and Apple Silicon support for Summon along with several bug fixes and security patches.

JWT Authenticator

The new JWT Authenticator allows applications to authenticate with Conjur using an identity token signed by a JWT provider. For more information, see the JWT Authenticator documentation.

Apple Silicon Support

Secretless Broker, Summon (along with the summon-conjur provider), and the Conjur Terraform provider have been updated to be compatible with the Apple Silicon processor. They can be installed or upgraded through homebrew or by following the installation instructions in the READMEs of their repositories.

Service Broker org / space Annotations

The Conjur Service Broker now automatically adds the org and space name as annotations to the host identity defined in Conjur policy. Special thanks to open-source contributor mkkeffeler for working in this change.

@alexkalish
Copy link
Contributor

@jtuttle: Could you please remove the JIRA CHANGELOG links and replace them with the appropriate PR links? Thanks.

@jtuttle
Copy link
Member Author

jtuttle commented Aug 17, 2021

@alexkalish Done. Made a PR to fix in the repo too.

alexkalish
alexkalish approved these changes Aug 18, 2021
View reviewed changes
Copy link
Contributor

@alexkalish alexkalish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx, John!

@jtuttle jtuttle merged commit c92ca2b into main Aug 18, 2021
@jtuttle jtuttle deleted the release-1.13.0+suite.1 branch August 18, 2021 13:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexkalish alexkalish alexkalish approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jtuttle @alexkalish