Releases: AthenZ/athenz
Releases · AthenZ/athenz
Athenz v1.11.38 Release
What's Changed
- new optional attribute in instance identity register/refresh request … by @abvaidya in #2262
- skip tests if -DskipTests=true is provided by @abvaidya in #2263
- support adding cert to secret manager by @havetisyan in #2264
- support external gcp access token support from registered projects by @havetisyan in #2266
- Generic Kubernetes provider for Athenz by @abvaidya in #2265
- add wildcard support for ServiceSkipDomains by @ricordanza in #2267
- fix for deploying Athenz UI container locally by @WindzCUHK in #2268
New Contributors
- @ricordanza made their first contribution in #2267
Full Changelog: v1.11.37...v1.11.38
Contributors
ricordanza, havetisyan, and 2 other contributors
Assets 2
Athenz v1.11.37 Release
What's Changed
- fix policy tags fetch + increase unit test coverage by @havetisyan in #2248
- introduce shutdown method for connection logger by @havetisyan in #2249
- introduce feature-flags system attribute for domains by @havetisyan in #2250
- support new allow service underscore feature flag by @havetisyan in #2251
- Add test for get policy by @royelbaum in #2254
- allow specifying cipher suites for the ui server via config by @abvaidya in #2252
- add set-role-description option in zms-cli by @havetisyan in #2255
- use read replica when fetching domain change list in read-only mode by @havetisyan in #2256
- support proxy auth with gcp http transport by @havetisyan in #2261
Full Changelog: v1.11.36...v1.11.37
Contributors
havetisyan, abvaidya, and royelbaum
Assets 2
Athenz v1.11.36 Release
What's Changed
- Adding policy tags by @royelbaum in #2219
- update deps and move from sun.jakarta.mail to angus-mail by @havetisyan in #2240
- Bump word-wrap from 1.2.3 to 1.2.4 in /ui by @dependabot in #2243
- Add support in service tags by @royelbaum in #2195
- for go gcp function sia - provide method to store identity in secret manager by @havetisyan in #2244
- add support for new spiffe format in gcp java cloud function support by @havetisyan in #2246
Full Changelog: v1.11.35...v1.11.36
Contributors
havetisyan, dependabot, and royelbaum
Assets 2
Athenz v1.11.35 Release
What's Changed
- update zms-cli getDomain call to use JWS domain by @chandrasekhar1996 in #2230
- Bump semver from 5.7.1 to 5.7.2 in /ui by @dependabot in #2233
- extend principal role lookup api with expand option by @havetisyan in #2232
- extend GetSanUri method to take spiffe trust domain/namespace arguments by @havetisyan in #2234
- Initiate AthenzSslContextFactory as part of AthenzJettyContainer by @dvirguttman in #2235
- Make the properties of functions.SiaCertData public (Capitalized) by @gilad-bendor in #2236
- support numeric and string product ids in zms-cli by @havetisyan in #2239
Full Changelog: v1.11.34...v1.11.35
Contributors
havetisyan, gilad-bendor, and 3 other contributors
Assets 2
Athenz v1.11.34 Release
What's Changed
- excluce bc jdk15on from pom in favor of jdk18on by @havetisyan in #2221
- Go code to get SIA certs from a CGF (Google Cloud Function) by @gilad-bendor in #2220
- config options to specify preferred key algorithms for zts sign operations by @havetisyan in #2222
- Support PKCS#8-formatted private key by @haruyama480 in #2223
- improve error reporting from gcp identity provider by @havetisyan in #2224
- introduce trust-domain/namesparce components into service spiffe uri by @havetisyan in #2228
New Contributors
- @haruyama480 made their first contribution in #2223
Full Changelog: v1.11.33...v1.11.34
Contributors
havetisyan, gilad-bendor, and haruyama480
Assets 2
Athenz v1.11.33 Release
What's Changed
- increased/configure json string limit for jackson by @havetisyan in #2203
- UI: apply timezone settings by @ysknkd in #2124
- refactor out request pkg in zts client by @jimmytsang in #2211
- Prevent buffer overflow by @tokle in #2212
- log Athenz principal as part of the JettyConnectionLogger by @dvirguttman in #2207
- Generic way to handle tags by @dvirguttman in #2204
- add wildcard support for ServiceMemberSkipDomains by @hiragi-gkuth in #2202
- provide capability to provide proxy host details for gcp-zts-creds by @havetisyan in #2214
- correct handling of role cert key path when service key filename is user-specified by @havetisyan in #2213
- update dependency libraries to their latest releases by @havetisyan in #2215
- GCF support for Java by @gilad-bendor in #2209
- add license headers + full code coverage by @havetisyan in #2216
Full Changelog: v1.11.32...v1.11.33
Contributors
ysknkd, tokle, and 5 other contributors
Assets 2
Athenz v1.11.32 Release
What's Changed
- support headless user type - managed by user authority but treated like service by @havetisyan in #2197
- disable wadl output by @havetisyan in #2198
- update java and go dependencies to their latest releases by @havetisyan in #2199
Full Changelog: v1.11.31...v1.11.32
Contributors
havetisyan
Assets 2
Athenz v1.11.31 Release
What's Changed
- Disable Microsegmentation validation checkbox for AWS env by @chandrasekhar1996 in #2173
- Deriving ssh cert principals from the GCP provider attestation data t… by @abvaidya in #2177
- add principals from metadata in ssh cert request by @abvaidya in #2178
- add overwrite option for zms-cli by @TakuyaMatsu in #2179
- replace deprecated request pkg by @jimmytsang in #2180
- checked in package-lock.json was generated with old npm version by @havetisyan in #2189
- fix role update on expiration and review dates by @noy93845 in #2185
- disallow by default services with _ in their names by @havetisyan in #2191
- support athenz as oidc provider for aws iam by @havetisyan in #2190
- support product id (string) format association with domains by @havetisyan in #2193
Full Changelog: v1.11.30...v1.11.31
Contributors
havetisyan, TakuyaMatsu, and 4 other contributors
Assets 2
Athenz v1.11.30 Release
What's Changed
- for oidc redirect uri check both configured endpoint and auto-generated value by @havetisyan in #2167
- option to return id token in json output instead of redirect uri by @havetisyan in #2166
- option to continously update zts domain cache files by @havetisyan in #2169
- single command line argument for sia called init by @havetisyan in #2170
- new athenz-gcp-zts-creds library to simplify fetching Google credentials based on ZTS ID Tokens by @havetisyan in #2168
- provide run-after (cert/tokens) capability for sia by @havetisyan in #2174
Full Changelog: v1.11.29...v1.11.30
Contributors
havetisyan
Assets 2
Athenz v1.11.29 Release
What's Changed
- return dns suffix through method so the AWS Provider can be extended by @havetisyan in #2150
- correct handling of java client code generation for status 302 by @havetisyan in #2151
- for id tokens with group scope always use full arns by @havetisyan in #2157
- sia copy if source file exists, gcp meta functions to get instance ip by @abvaidya in #2161
- Ensure snow error does not interfere with UI usability by @jimmytsang in #2143
- expose getIdToken methods in ZTS Java Client by @havetisyan in #2163
- Update dynamodbMaxRetries to avoid Integer Overflow by @4xpl0r3r in #2164
- better attribute name for Athenz domain in GCP project metadata by @abvaidya in #2165
Full Changelog: v1.11.28...v1.11.29
Contributors
havetisyan, 4xpl0r3r, and 2 other contributors