v0.16.0

🔥 What's new

• New Infra Dashboard
  
• 🖥 Headless login through Infra (Device flow)
  To enable Headless login, additional configuration is required in your identity provider. A new Redirect URI with the value https://<your org>.infrahq.com must be added. For more info see https://infrahq.com/docs/identity/okta#configure-your-new-okta-app
• 🗽 User syncing (provisioning) from identity providers (SCIM) - group support coming soon
• 🗄 Cluster-admin role can be applied to individual namespaces
  🐛 Bug fixes & Improvements
• Identity providers can now be edited
• improve: use variable weight fonts on website by @jmorganca in #3292
• improve: copy button for password after adding a user by @kimskimchi in #3288
• improve: security headers for website & ui by @jmorganca in #3287
• improve: add tab sync to website by @jmorganca in #3275
• fix: allow users to issue access keys to themselves by @ssoroka in #3271
• fix: typo in web signup error handling by @jmorganca in #3289
• fix(website): use env for public write keys by @jmorganca in #3285
• fix: better errors on bad email by @ssoroka in #3208
• fix: scope group names by @BruceMacD in #3290
• fix: sorting bugs by @hoyyeva in #3283
• fix: select same user to grant access with different roles on destination page by @hoyyeva in #3295
• identity provider name is optional by @kimskimchi in #3296
• Fix gofmt by @dnephin in #3331
• fix: reduce request transaction lifetime by @dnephin in #3299
• fix: do not load client secret from infra secrets by @BruceMacD in #3334
• fix: signup user gets create access key scope by @ssoroka in #3337
• fix: cli redirect by @jmorganca in #3340
• improve: move database dialector to data package by @mxyng in #3300
• improve: make learn more help link consistent by @kimskimchi in #3336
• Refactor request authentication to remove duplication by @dnephin in #3302
• Add TxOptions to txn.Begin by @dnephin in #3327
• Add a check to the data migration test by @dnephin in #3338
• improve: add tests for timeouts by @ssoroka in #3339
• fix: signup analytics and csp policies by @jmorganca in #3341
• Use a different port for dev postgres by @dnephin in #3346
• fix: allow users to delete their own access keys from cli by @ssoroka in #3297
• Use a transaction to run data migrations by @dnephin in #3157
• fix: update secrets with better error message by @ssoroka in #3286
• maintain: set dev version by @mxyng in #3294
• improve: add configurable db connection options by @mxyng in #3301
• Use a transaction in the migration test by @dnephin in #3329
• Added rate limiting on the number of requests that can be sent to Infra server by @mxyng in #3231
• fix: use correct case when sending forgot domain email by @pdevine in #3349
• maintain: migrate provider user data to direct sql by @BruceMacD in #3345
• Allow routes to specify transaction options by @dnephin in #3328
• fix: use the correct field name in org conflict error by @dnephin in #3355
• Fix order of provider_user index by @dnephin in #3347
• Remove secret storage from connector by @dnephin in #3220
• feat(agent): add retries to tolerate minor interruptions by @mxyng in #3352
• Allow the connector to run outside of a kube pod by @dnephin in #2613
• Allow the connector to run outside of a kube pod (part 2) by @dnephin in #3350
• fix: minor ui bugs by @hoyyeva in #3376
• improve(ui): simpler auth and admin checks by @jmorganca in #3387
• Add a test for running the connector by @dnephin in #3377
• Use SQL for Destination{Create,Update,Delete} by @dnephin in #3356
• fix(ui): do not use decoded next parameter if unset by @jmorganca in #3388
• improve: table revisit by @hoyyeva in #3385
• fix(ui): minor flashes of content when logging in by @jmorganca in #3389
• fix: improve error message on login page by @hoyyeva in #3354
• improve: buttons behaviour and colours by @hoyyeva in #3390
• fix(ui): fix page loading flickers and redirects by @jmorganca in #3393
• feat(connector): create destination as soon as possible by @mxyng in #3384
• fix: some minor ui bugs by @hoyyeva in #3394
• Revert "feat: SCIM list provider users (#3379)" by @BruceMacD in #3395
• fix: minor ui bugs and improvements by @hoyyeva in #3401
• feat: add endpoint to get a user's own organization by @pdevine in #3402
• fix: remove server lookup by @mxyng in #3383
• fix: do not allow dots in destination names by @dnephin in #3382
• fix: group trait telemetry by @jmorganca in #3381
• Add unique constraint to destination name by @dnephin in #3392
• Use SQL for GetDestination and ListDestination by @dnephin in #3357
• fix: edit provider only update changed fields by @mxyng in #3406
• connector: Use a separate goroutine for update destination by @dnephin in #3391
• data: generate methods for data models by @dnephin in #2761
• improve: org name and notification by @hoyyeva in #3404
• fix: broken doc link in readme by @jmorganca in #3411
• api: add support to list grants by destination by @dnephin in #3396
• fix: delete users from specific identity provider by @BruceMacD in #3398
• fix: remove provider users for deleted identities by @BruceMacD in #3399
• fix postgres-dev to only listen on localhost by @dnephin in #3403
• data: add helper for scanning rows into a slice by @dnephin in #3412
• maintain: clean up architecture...and the rest by @technovangelist in #3413
• fix: only remove password reset scope on cred update by @BruceMacD in #3429
• fix: postgres-dev container listen address by @dnephin in #3430
• fix(ui): crash on users page by @jmorganca in #3433
• maintain: cli docgen fixes to clean up the resulting file by @technovangelist in #3431
• maintain: add redirect for cli-reference to docs by @technovangelist in #3432
• feat: SCIM list provider users by @BruceMacD in #3405
• Require oldpassword by @pdevine in #3434
• Remove transaction TableName method by @dnephin in #3440
• fix: include organization_id in where clause of update queries by @dnephin in #3439
• fix: dont require server config base url on login by @BruceMacD in #3375
• Add test coverage of email templates by @dnephin in #3414
• Remove getDB and hasAuthorization by @dnephin in #3437
• Listen and notify for grants by @dnephin in #3400
• fix: migration for update_index by @dnephin in #3464
• improve: add signup to website by @jmorganca in #3447
• fix(website): signup api properties by @jmorganca in #3467
• fix(website): fix button rendering on landing page by @jmorganca in #3468
• fix: minor ui bugs by @hoyyeva in #3465
• fix: remove authinfo for context by @mxyng in #3470
• maintain: convert identities to direct sql by @BruceMacD in #3471
• Add API handler support for ListGrants blocking request by @dnephin in #3436
• Improve blocking requests and add more test coverage by @dnephin in #3443
• feat: device flow by @ssoroka in #3446
• Fix context cancellation in blocking requests by @dnephin in #3477
• Throttle database updates for LastSeenAt and ExtensionDeadline by @dnephin in #3478
• feat: destination table by @hoyyeva in #3473
• fix: minor bugs on infrastructure table by @hoyyeva in #3485
• fix: minor bugs on infrastructure page by @jmorganca in #3486
• Tooltip by @hoyyeva in #3469
• feat: create access keys for idp scim by @BruceMacD in #3407
• feat: parse scim query filters by @BruceMacD in #3408
• fix: color style for connection status by @jmorganca in #3487
• fix: style improvements to destinations page by @jmorganca in #3488
• feat: users scim by @BruceMacD in #3442
• Make pprof endpoint a blocking request by @dnephin in #3484
• Use the same pattern for repeating operations in agent, server, and connector by @dnephin in #3472
• improve: change device flow input and layout to separate boxes with no sidebar by @ssoroka in #3482
• feat: ui generate scim access key for provider by @BruceMacD in #3483
• maintain: remove commitlint by @mxyng in #3505