Releases: AthenZ/athenz
Releases · AthenZ/athenz
Athenz v1.12.31 Release
What's Changed
- fix athenz version for the example code by @havetisyan in #3134
- Adding GCP Firestore implementations for CertRecordStore and SSHRecordStore by @psasidhar in #3133
- add HTTP support for sia agents for health checks by @havetisyan in #3137
- allow to return jag token with subset of scopes by @havetisyan in #3138
- membership decision should reject if the approver is the same as the member being reviewed by @havetisyan in #3140
- update go/java dependencies to their latest releases by @havetisyan in #3141
Full Changelog: v1.12.30...v1.12.31
Contributors
psasidhar and havetisyan
Assets 2
Athenz v1.12.30 Release
What's Changed
- ui - add static instance external appliance support for fqdn and wildcard in subdomain by @ArtjomsPorss in #3123
- Implement sia provider for client assertion use cases for fetching access tokens by @havetisyan in #3122
- initial work for supporting token exchange rfc by @havetisyan in #3128
- configure oauth client id per athenz service by @havetisyan in #3130
- support external identity provider for issuing jag tokens by @havetisyan in #3131
- Add sia go lib to support use default service identity from pod service account annotation by @MartinTrojans in #3126
- update java and go dependencies to their latest releases by @havetisyan in #3132
This release requires a schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20251119.sql
Full Changelog: v1.12.29...v1.12.30
Contributors
havetisyan, ArtjomsPorss, and MartinTrojans
Assets 2
Athenz v1.12.29 Release
What's Changed
- remove filter validation for simple name for resource access list by @havetisyan in #3109
- additional unit tests for jwts signing key resolver class by @havetisyan in #3110
- correct handling of notifications if member domain has no admins by @havetisyan in #3112
- option to auto-expunge audit log entries from role/group log tables by @havetisyan in #3114
- sia helper function for adding certificates into aws acm by @havetisyan in #3117
- sia helper function to store cert in gcp certificate manager by @havetisyan in #3118
- update go and java deps to their latest release by @havetisyan in #3120
- expose jag api functions in zts java client by @havetisyan in #3119
Full Changelog: v1.12.28...v1.12.29
Contributors
havetisyan
Assets 2
Athenz v1.12.28 Release
What's Changed
- convert filter argument in resource access list to string from SimpleName by @havetisyan in #3097
- Add autoDeleteTenantAssumeRoleAssertions field handling to domain metadata API by @gyakami in #3098
- expose signer key id argument in zts-svccert utility by @havetisyan in #3099
- add support for token request attributes for jag by @havetisyan in #3101
- fix the order of cert and key in function call by @chandrasekhar1996 in #3102
- sysadmin delete domain tag support for skipping provider check by @havetisyan in #3104
- initial support for exchaning jag tokens with access tokens by @havetisyan in #3103
- support HTTP & GRPC protocol in sia otel instrumentation by @py4chen in #3105
- support issuing jwt authorization grant (jag) tokens by @havetisyan in #3106
- update go and java dependencies to their latest releases by @havetisyan in #3107
- extend otel metrics implementation to support provider metrics for register/refresh by @havetisyan in #3108
Full Changelog: v1.12.27...v1.12.28
Contributors
havetisyan, py4chen, and 2 other contributors
Assets 2
Athenz v1.12.27 Release
What's Changed
- expose on-call URL value in client-side config by @tsultanov00 in #3055
- ui - switch from zms to msd for policy creation by @ArtjomsPorss in #3034
- feat: Add functionality to search My Domains in UI by @chandrasekhar1996 in #3058
- fix: preserve domain contacts when updating an individual contact wit… by @chandrasekhar1996 in #3083
- Use correct URL path and query param for athenz role. by @gjoranv in #3089
- use metadata to specify use of default identity by @havetisyan in #3084
- Make ZpeUpdPolLoader ScheduledExecutorService thread daemon by @thonra in #3086
- make otel metric options more configurable by @havetisyan in #3090
- expose openid_issuer field for access tokens in zts java client by @havetisyan in #3091
- Add FreeBSD support to libs/go/sia/util by @olgeni in #3093
- expose x509/ssh key id for instance register/refresh operations by @havetisyan in #3092
- fix util test os filenames + new GetGroupGID impl by @havetisyan in #3094
- update go and java dependencies to their latest releases by @havetisyan in #3095
- allow wildcard in first domain component of StaticWorkloadName by @abvaidya in #3096
New Contributors
- @gjoranv made their first contribution in #3089
- @thonra made their first contribution in #3086
- @olgeni made their first contribution in #3093
Full Changelog: v1.12.26...v1.12.27
Contributors
olgeni, gjoranv, and 6 other contributors
Assets 2
Athenz v1.12.26 Release
What's Changed
- Bump axios from 1.8.2 to 1.12.1 in /ui by @dependabot[bot] in #3069
- make auth-history object fields optional by @havetisyan in #3076
- Msd domain dependency check by @rajeshal in #3075
- Bump tar-fs from 3.0.8 to 3.1.1 in /ui by @dependabot[bot] in #3080
- Bump form-data from 4.0.0 to 4.0.4 in /ui by @dependabot[bot] in #3022
- Bump brace-expansion from 1.1.11 to 1.1.12 in /ui by @dependabot[bot] in #2999
- provide option to skip error metrics by @havetisyan in #3079
- extend gcp identity validation to remove identical athenz service name check by @havetisyan in #3077
- GcsChangeLogStore implementation by @psasidhar in #3081
- update java/go dependencies to their latest releases by @havetisyan in #3082
Full Changelog: v1.12.25...v1.12.26
Contributors
psasidhar, havetisyan, and 2 other contributors
Assets 2
Athenz v1.12.25 Release
What's Changed
- Bump next from 14.2.30 to 14.2.32 in /ui by @dependabot[bot] in #3064
- Bump tmp and @wdio/cli in /ui by @dependabot[bot] in #3043
- Bump on-headers and cookie-session in /ui by @dependabot[bot] in #3019
- correct handling/publishing of gcp-common library by @havetisyan in #3065
- Separating GCP SyncLauncher into its own project under "syncers" by @psasidhar in #3067
- Add an automatic cleanup feature for delegated roles. by @gyakami in #3027
- correct handling of resource ownership for self-serve roles by @havetisyan in #3068
- support id tokens for gcp external creds by @havetisyan in #3070
- update java and go dependencies to their latest releases by @havetisyan in #3071
- Bump axios from 1.8.2 to 1.12.0 in /clients/nodejs/zts by @dependabot[bot] in #3072
- support for per request/principal domain metrics by @havetisyan in #3074
Required Schema Change
Full Changelog: v1.12.24...v1.12.25
Contributors
psasidhar, havetisyan, and 2 other contributors
Assets 2
Athenz v1.12.24 Release
What's Changed
- handle 404 error from getDomainRoleMembers by @chandrasekhar1996 in #3048
- sort server template details list by @chandrasekhar1996 in #3046
- when going to invalid domain pages, redirect to home page by @chandrasekhar1996 in #3047
- Add a Gauge method for recording event metrics by @yosrixp in #3049
- handle 404 when principal is not part of any roles by @chandrasekhar1996 in #3052
- cloudsso - make api resource access call cloudsso and fallback to zms by @ArtjomsPorss in #3051
- make resource-access value rewrite configurable/generic by @havetisyan in #3056
- fix: preserve existing group members when applying domain templates by @chandrasekhar1996 in #3057
- ZMS Syncer implementation for GCP/GCS by @psasidhar in #3050
- move assertionDomainCheck method to server common library by @havetisyan in #3059
- update mocks to avoid CannotStubVoidMethodWithReturnValue error by @havetisyan in #3061
- locale-independent message regex by @frumioj in #3060
- make metric gauge method default void to maintain backward compatibility by @havetisyan in #3062
- update java/go dependencies to their latest releases by @havetisyan in #3063
New Contributors
Full Changelog: v1.12.23...v1.12.24
Contributors
frumioj, yosrixp, and 4 other contributors
Assets 2
Athenz v1.12.23 Release
What's Changed
- ParameterManagerPrivateKeyStore implementation for KeyStore using GCP Parameter Manager by @psasidhar in #3030
- update MSDClient to add addCredentials function by @MartinTrojans in #3035
- do not allow put admin role with no members by @havetisyan in #3036
- fix function return to be int to avoid casting by @havetisyan in #3037
- sia option to require successful role certs during startup by @havetisyan in #3038
- introduce config option to validate sanIP address for AWS and GCP providers by @havetisyan in #3041
- Adding ConfigProviderParameterManager implementation for GCP by @psasidhar in #3039
- host key race condition - check for contents before returning by @havetisyan in #3042
- enable async operations on StaticWorkloadDataRepository by @abvaidya in #3044
- replace business service functionality with on-call team link by @tsultanov00 in #3032
- update java and go dependencies to their latest releases by @havetisyan in #3045
- Enhance SIA serverless to support role certificate by @rajeshal in #3040
Full Changelog: v1.12.22...v1.12.23
Contributors
psasidhar, havetisyan, and 4 other contributors
Assets 2
Athenz v1.12.22 Release
What's Changed
- Add SSL certificate auto-reloader functionality by @chandrasekhar1996 in #3021
- extract subject validation for InstanceK8SProvider in a separate interface by @abvaidya in #3024
- fix: UI microsegmentation policy display logic by @chandrasekhar1996 in #3026
- add oTel options for SIA running in GCP by @py4chen in #3025
- update java and go dependencies to their latest release by @havetisyan in #3029
- Add EC as an alias to ECDSA while extracting pub key from elliptic curve private key by @abvaidya in #3031
- add capability to click on search icon to search by @chandrasekhar1996 in #3028
Full Changelog: v1.12.21...v1.12.22
Contributors
havetisyan, py4chen, and 2 other contributors