lagoon-core v2.6.0
·
1919 commits
to refs/heads/main
since this release
Security FIx
This release of Lagoon patches a security vulnerability present in Lagoon v2.5.0 only. In this release, a service-api client was added to Keycloak without a secret being automatically generated. This client isn't in a release yet (it is pre-work for the SSH portal coming shortly). THis v2.6.0 releae resolves this by automatically creating or rotating a secret. The corresponding charts release also allows for the definition of a secret, although this isn't supported in our version of keycloak yet.
If you are unable to upgrade to v2.6.0 immediately, you can log in to Keycloak, go to the service-api client, and click "Regenerate secret".
What's Changed
- fix api-db fix-permissions permissions to actually fix api-db permissions by @tobybellwood in #3081
- feature: add a timeout on the rollout status watch by @shreddedbacon in #3089
- Typo: Correct version number for Solr 8 image by @kasperg in #3054
- Typo fix by @mxr576 in #3091
- Update README.md by @AlannaBurke in #3084
- feature: add a failure notice message to pod rollout failures by @shreddedbacon in #3088
- Minor fixes to Logging and Contributing documentation by @smlx in #3079
- add rootless rsync commands to drush rsync task by @Schnitzel in #3080
- Adds ack for environments with no workflows by @bomoko in #3078
- Add example for pinning Node.js version in
php-cliimages by @rocketeerbkw in #3076 - refactor: capture errors for deploytargets by @shreddedbacon in #3090
- fix autogenerated urls to correctly truncate if they are too long by @shreddedbacon in #3098
- Add support in kubectl-build-deploy-dind for running rootless by @smlx in #2572
- strip acl param from multipart task file uploads by @shreddedbacon in #3097
- ECDSA ssh key type support by @cdchris12 in #3099
- Dep. trivy integration from core by @bomoko in #3083
- feat: validate TLS for all k8s API interactions by @smlx in #3107
- initial k8s install docs update by @tobybellwood in #3085
- check s3 object exists before generating signed url by @shreddedbacon in #3105
- Feature/confirmation text for custom tasks by @bomoko in #3094
- Fixing links. by @AlannaBurke in #3109
- Update upstream images and deprecate oc-build-deploy-dind by @tobybellwood in #3110
- Adds custom task argument documentation to docs by @bomoko in #3111
New Contributors
Full Changelog: v2.5.0...v2.6.0
Contributors
kasperg, rocketeerbkw, and 8 other contributors