Skip to content

Latest commit

 

History

History
611 lines (322 loc) · 44.5 KB

CHANGELOG.md

File metadata and controls

611 lines (322 loc) · 44.5 KB

Changelog

0.32.0 (2024-12-20)

Features

  • upgrade UCS base image to 2024-12-12 (252852b)

0.31.1 (2024-12-19)

Bug Fixes

  • leader-elector: Overwrite the labelSelector on the primary service every 15 seconds to recover from initial state after the service is overwritten by helm (58a0343)

0.31.0 (2024-12-11)

Features

  • Avoid echoing the commands in shell scripts by default (2ca48d1)

0.30.0 (2024-12-10)

Features

  • Explicit opt-in to enable the status ConfigMap (ccc4a54)

0.29.1 (2024-12-10)

Bug Fixes

  • kyverno lint for ldap-server (5648b79)

0.29.0 (2024-12-09)

Features

  • Add "managed-by" label to the status ConfigMap (0b157f5)
  • Add debug logging into the get_or_create function (59ae0d4)
  • Add dependencies via pipenv (0a1be10)
  • Add environment variable "LDAP_SERVER_ROLE" (3b1a2c8)
  • Add logging output around database initialization in entrypoint script (c293812)
  • Allow to configure the configmap name via cli and environment variable (6b3fdfa)
  • Allow to configure the namespace via environment variable STATUS_NAMESPACE (42e281a)
  • Create the status ConfigMap if needed (16c1fed)
  • Do not remove the Apt related artifacts (adeea9a)
  • leader-elector: Check if an LDAP database is present before trying to become leader (8e6c24e)
  • Only load initial content if "LDAP_SERVER_ROLE" is "primary" or unset (3b6ab9c)
  • Remove echoing of commands in additional entrypoint scripts of ldap-server (5b70abe)
  • Stop dumping all environment variables on startup (002608f)
  • Stop dumping the full configuration to standard output (80b14be)
  • Stop echoing the slapd.conf to stdout (281ff68)
  • Stop tracing all commands in "40-self-service-acl" (d055274)
  • Stop tracing all shell commands in the entrypoint of ldap-server (e43bffa)
  • Update ucs base image to version 0.13.3-build-2024-12-05 (6f287a9)
  • Validate the status data using a Pydantic model (98bebe1)

Bug Fixes

  • Add docstring to subcommand "database-initialized" (fe7d8c1)
  • Adjust the Role permissions so that the status ConnfigMap can be created (fb850c0)
  • Configure logging to print timestamps (77c5496)
  • Correct capturing of exit code in entrypoint script (c07d730)
  • Correct handling of empty ConfigMap (19e1b35)
  • Correct usage of the logging api (9d1777a)
  • Disable configMap script in docker compose to fix the ldap smoke tests (28cd2f0)
  • Fail if the database status cannot be evaluated (d056597)
  • fix linter warnings (45e18d5)
  • fix unit tests (78a7cab)
  • ldap-server: Add intitialization script to Dockerfile (2cecdbc)
  • ldap-server: Check LDAP database initialization flag in configmap (bf0bc66)
  • ldap-server: improve LDAP database initialization script with log level and more (9e56539)
  • ldap-server: LDAP database initialization in mirror-mode (be4e879)

0.28.0 (2024-12-04)

Features

  • ldap-server: Add service for ldap-server-primary-0 to be used by listeners (8256526)

Bug Fixes

  • ldap-server: Do not match any Pod until a leader claims the lead (93e8336)
  • ldap-server: ldap-primaries cannot see each other without a headless service for mirror mode (04e8ae6)
  • ldap-server: multiprovider instead of mirrormode as of openldap 2.5 (035712e)
  • ldap-server: serverID must be sequential starting from non 0 (1dea0c2)
  • ldap-server: Update bitnami common source (765b2bd)

0.27.0 (2024-11-28)

Features

  • improve leader election and ldap server configuration (f743a52)
  • ldap leader election (70e8e65)
  • leader-elector container (e5b3b28)
  • make ldap-server-primary service headed (ed5c96e)

Bug Fixes

0.26.5 (2024-11-25)

Bug Fixes

  • add a systemExtension to the linter_values.yaml file (9e9bcdd)
  • kyverno lint (23f9406)

0.26.4 (2024-11-20)

Bug Fixes

  • ldap-server: remove file ownership errors in the univention-compatibility initContainer (237d1f3)

0.26.3 (2024-11-01)

Bug Fixes

  • add digest to wait-for-dependency image tag (fe42efb)

0.26.2 (2024-10-02)

Bug Fixes

  • ldif-producer: fix typo leading to missing DN in log (9f0705a)

0.26.1 (2024-10-01)

Bug Fixes

  • ci: use kaniko for building the ldap-notifier image (76bfab1)

0.26.0 (2024-09-26)

Features

  • ci: enable malware scanning, disable sbom generation (ab19c5f)

0.25.2 (2024-09-23)

Bug Fixes

  • configuration name consistency (6e31dd2)

0.25.1 (2024-09-23)

Bug Fixes

  • ldap-server: Don't leak secrets in bash scripts (5cddbb3)

0.25.0 (2024-09-16)

Features

  • update UCS base image to 2024-09-09 (59d4f84)
  • upgrade wait-for-dependency image (dcae7c7)

0.24.0 (2024-09-06)

Features

  • add support for extraInitContainers (612579f)
  • changes relating to BSI compliance (a94a0f8)

Bug Fixes

  • remove testrunner from list of containers to sign (ef5939c)

0.23.0 (2024-08-28)

Features

  • unify UCR configuration (dc68ddb)

0.22.1 (2024-08-19)

Bug Fixes

  • initialize queue with the 'WorkQueuePolicy' RetentionPolicy (fec8810)
  • update provisioning consumer client (2288bf1)

0.22.0 (2024-07-25)

Features

  • ldif-producer: use async slapdsock, simplify project structure (60b0178)
  • ldif-producer: use asyncio streams instead of sockserver with threading (1c7e5b1)
  • send message and request IDs (af813f0)

Bug Fixes

  • improve logging (dc66be3)
  • ldif-producer: don't accept socket requests if the nats connection is not (yet) active (6ea8e3d)
  • ldif-producer: don't log expected behavior (fdd0ddb)
  • ldif-producer: don't respond to empty requests (e3cf94e)
  • ldif-producer: fix container entrypoint and remove default arguments (52aeea5)
  • ldif-producer: fix typos (8db24b8)
  • ldif-producer: improvements with Arvid (a6cbcc9)
  • ldif-producer: make request_throttling non-blocking to not block forever if the outgoing_queue is full (96f21a3)
  • ldif-producer: propperly instantiate the two coroutines with a task group (cc2c68b)
  • ldif-producer: shorten log lines (49a33a5)

0.21.0 (2024-07-19)

Features

  • ldap-server: load, activate and configure the back-sock overlay in the ldap-server slapd.conf (99fa529)
  • ldif-producer: add the ldif-producer sidecar container to the ldap-server helm chart (d13e4b1)
  • ldif-producer: new, more reliable backpressure mechanism without pre- and post-hook synchronization (7187c60)

Bug Fixes

  • ldif-producer: improvements with Arvid (dea6176)
  • ldif-producer: log exception tracebacks (e681532)
  • ldif-producer: make existing backpressure-mechanism non-blocking (e3e9454)
  • ldif-producer: put the ldif-producer and slapd-sock overlay behind a feature-flag (cfdbded)
  • ldif-producer: return Continue for requests with empty body and improve logging (bc0a7f4)

0.20.1 (2024-07-05)

Bug Fixes

0.20.0 (2024-07-05)

Features

  • Add support for dynamic extension configuration (cc8d63c)

0.19.0 (2024-07-04)

Features

  • remove extensions for Guardian, App Center; keep Self-service; temp. keep Portal, OX-Connector (fccd26e)

0.18.1 (2024-07-04)

Bug Fixes

  • ldif-producer: copy SlapdSockHandler.handle() into subclass (d656aa7)
  • ldif-producer: don't cache handler function responses (f512e4d)
  • ldif-producer: ignore memberOf overlay requests in do_result aswell (b575dfd)
  • ldif-producer: ignore socket requests from the memeberOf overlay and add test-cases for it (876975c)
  • ldif-producer: improve tests and raise exceptions in unittest scenarios (b208d18)
  • ldif-producer: improvements with Arvid (068419f)
  • ldif-producer: LDAPHandler unit tests (4ae3214)
  • ldif-producer: make backpressure timeout configurable (66a64f6)
  • ldif-producer: optionally ignore temporary objects also in pre-hooks (0930ec7)

0.18.0 (2024-06-27)

Features

  • Update the ox-connector extensions to version 0.9.0 (f3d3ab8)

0.17.1 (2024-06-25)

Bug Fixes

0.17.0 (2024-06-19)

Features

  • Adjust build to updated portal-extension image (former portal-udm-extensions) (74dce4c)
  • Update the portal-extensions version to 0.26.0 (d846f20)

0.16.0 (2024-06-14)

Features

  • ldap-server: install and activate lapdsock in the ldap-server container (1ca787d)
  • ldif-producer: scaffolding to push messages to nats (e355f6e)
  • ldif-producer: separate asyncio thread (03d0e31)
  • ldif-producer: wip docker-compose (12df461)

Bug Fixes

  • ldif-producer: add exit signal handling (39729ac)
  • ldif-producer: add nats to docker-compose (dd57f1a)
  • ldif-producer: Adjust slapd-sock path (2db3d80)
  • ldif-producer: better logging for threaded app (bf0ce63)
  • ldif-producer: copy demo files from Arvid (90f2a99)
  • ldif-producer: increase backpressure timeout (e392799)
  • ldif-producer: refinements with arvid (3592a5f)
  • ldif-producer: some cleanup (3bf12ea)
  • ldif-producer: sort-of working SlapdSockServer (42b59ec)
  • ldif-producer: update dependencies and project metadata (942cef1)

0.15.2 (2024-05-24)

Bug Fixes

  • ci: use fixed common-ci/helm package to not update dependency waiter tags (a2e9e80)

0.15.1 (2024-05-23)

Bug Fixes

  • ldap-notifier use global registry (435be6e)

0.15.0 (2024-05-23)

Features

0.14.0 (2024-05-21)

Features

  • add back_ldap proxy configuration (0569ccf)
  • allow for separate podAnnotations for primaries, secondaries and proxies (e990b65)
  • allow for simplified HA configuration (3ce1263)
  • make primary a scalable multi-master configuration (156c8b0)
  • split into primary and secondary instances, secondary instances scalable (026c0d9)
  • support for templating of global.configMapUcr (f48733f)
  • type based replicacounts and resource specification, pre-flight check, service selector based on replicacounts (00b530a)

Bug Fixes

  • add LOG_LEVEL variable definition to entrypoint script (290214d)
  • add sasl proxy authentication support (85065a1)
  • fine-tuning network values for syncrepl (4718fad)
  • pod affinities and antiaffinities (9b9c27d)

0.13.0 (2024-05-07)

Features

  • Update base image to 5.0-7 (689b4b6)

0.12.0 (2024-04-25)

Features

  • changes to support the refactored umbrella values in a nubus deployment (04d3337)
  • export nubusTemplates.ldapNotifier.connection.host (ad24c75)
  • set additional nubusTemplates (b2cb030)

Bug Fixes

  • configMapForced default value, only use global values for baseDn and domainName, added adminDn template, set waitForDependency tag to latest (61dc87f)
  • typos, change samlMetadataUrl and samlMetadataUrlInternal to http protocol (859a6ce)

0.11.0 (2024-04-19)

Features

  • Avoid call to "apt-get update" in builder stage (cf10ee9)
  • Avoid calling "apt-get update" in final stage of ldap-server (844547f)
  • Use date based build tag of the base image in ldap-notifier (1c1e090)
  • Use the date tagged base image to ensure a stable base package set (2227da1)

0.10.3 (2024-04-02)

Bug Fixes

  • pinning container name to ldap-notifier (35cb66c)

0.10.2 (2024-03-25)

Bug Fixes

  • ci: update common-ci from v1.24.4 to v1.24.5 (8406404)

0.10.1 (2024-03-21)

Bug Fixes

  • create communication files with permissions of the ldap server (9c9d4b9)

0.10.0 (2024-03-20)

Features

  • Helm/container: BSI-compliant bitnami based Helm chart (56f4c24)

Bug Fixes

  • add mising ucr entries (bcb20e8)
  • adding devops-based helm chart, making required adjustment to entrypoint script (9c6ae9d)
  • adjust ldap-notifier registry ref (d35befc)
  • make resources for init containers adjustable via values (78db204)
  • re-add waitForDependency (ceca47e)
  • remove duplicates from base-defaults.conf (0331ad4)
  • remove unwanted chart category (a10b7d0)
  • update common-ci ref (8ace7bd)

0.9.5 (2024-03-19)

Bug Fixes

  • Update TLS related UCR variables to "directory/manager/starttls" (72d4b86)

0.9.4 (2024-03-19)

Bug Fixes

  • Remove "appVersion" from chart "ldap-server" (473c474)

0.9.3 (2024-03-12)

Bug Fixes

  • add get_int to ucr-light-filter Registry implementation (2de4ea3)
  • restore upstream ucr compatibility (1306b86)

0.9.2 (2024-01-31)

Bug Fixes

  • deps: update all dependencies (57b8d3f)

0.9.1 (2024-01-23)

Bug Fixes

  • helm: Use the internal knut registry as default image source (b328966)

0.9.0 (2024-01-16)

Features

  • ci: add debian update check jobs for scheduled pipeline (232ec97)

Bug Fixes

  • deps: add renovate.json (78b12eb)

0.8.2 (2023-12-21)

Bug Fixes

  • licensing/ci: add spdx license headers, add license header checking with common-ci v1.13.x (dbb3a94)

0.8.1 (2023-12-21)

Bug Fixes

  • docker: update ucs-base from 5.0-5 to 5.0-6 (f2f15c4)

0.8.0 (2023-12-20)

Features

0.7.2 (2023-12-18)

Bug Fixes

  • ci: add Helm chart signing and publishing to souvap via OCI (a8a452f)

0.7.1 (2023-12-11)

Bug Fixes

  • ci: reference common-ci v1.11.0 to push sbom and signature to souvap (a0f1077)

0.7.0 (2023-11-15)

Features

  • server: add ACL for self-service (7e42e66)

0.6.0 (2023-11-14)

Features

  • helm: support for extra volumes (50ddd93)

0.5.3 (2023-11-14)

Bug Fixes

  • Add "kerberos/realm" in UCR values for test run (3543a0f)

0.5.2 (2023-11-13)

Bug Fixes

  • Pin the version of portal-udm-extensions (d830557)

0.5.1 (2023-11-13)

Bug Fixes

  • ldap-server: Ensure that notifier directories exist (2012d36)

0.5.0 (2023-11-10)

Features

  • Remove custom deb builder container (f61ab66)
  • Use the plain univention ldap packages (cb1df95)

0.4.3 (2023-11-10)

Bug Fixes

  • helm: add a toggle to enable the wait-for-SAML init container (ee91fb4)

0.4.2 (2023-11-09)

Bug Fixes

  • server: read UCR settings from ConfigMap (1d6270b)
  • tests: run tests using DinD instead of GitLab services (566fc2d)

0.4.1 (2023-11-06)

Bug Fixes

  • docker: bump common-ci to build latest image (6710b8b)

0.4.0 (2023-11-03)

Features

  • helm: The Pod "ldap-server" waits until the SAML metadata is available (eb3f6c9)

0.3.1 (2023-11-03)

Bug Fixes

  • versions: produce version-tagged Docker images (f8b8b02)

0.3.0 (2023-11-02)

Features

  • server: ox-connector schemas (f62a762)