v0.15.1

What's Changed

• feat(helm): bump infra helm chart to 0.20.0 by @mxyng in #2976
• fix(build): ignore synchronize job if triggered by tag by @mxyng in #3099
• Add userID and orgID to API request logs by @dnephin in #3073
• Send auth header from connector when requesting the jwk by @dnephin in #3083
• maintain: update Helm upgrade docs by @mxyng in #3100
• maintain: update quickstart for selfhost with ui by @technovangelist in #3105
• fix: check signup password requirements in api by @BruceMacD in #3081
• fix: remove smtp testClient by @mxyng in #3109
• fix: fix the groups page browser title by @hoyyeva in #3110
• maintain: update readme and install on k8s docs by @technovangelist in #3107
• maintain: forgot to add the values file to the cmd by @technovangelist in #3111
• fix: email domain and missing rcpt to by @ssoroka in #3113
• fix: add build-args back to docker image build by @mxyng in #3117

Full Changelog: v0.15.0...v0.15.1

v0.15.0

What's Changed

• Add a test case to show that initial schema matches a migrated schema by @dnephin in #2804
• Replace gorm.AutoMigrate with schema.sql by @dnephin in #2843
• Replace gorm.Migrator calls with sql by @dnephin in #2846
• Support running all tests against postgres by @dnephin in #2845
• improve: refactor workflows by @mxyng in #2836
• fix: reloading redirect issue by @hoyyeva in #2886
• maintain: remove PaginationResponse omitemptys by @j-sneh in #2872
• improve: separate ci workflows by @mxyng in #2867
• improve: add helm cd workflow by @mxyng in #2869
• improve: add core and ui cd workflows by @mxyng in #2873
• fix: sort custom role by @hoyyeva in #2871
• maintain(ui): increase limits to max temporarily by @j-sneh in #2890
• fix(build): helm build/release is not able to publish artifacts by @mxyng in #2897
• feat: Icons revisit by @hoyyeva in #2887
• fix(cd): helm artifact path by @mxyng in #2905
• feat(api): hide connector by default through showSystem query parameter by @j-sneh in #2892
• improve: better error message when user tries to delete last admin grant by @kimskimchi in #2900
• Add organization ID, and remove FKs and sequences by @dnephin in #2896
• Add default organization by @dnephin in #2902
• Add domains field to orgs, and use it to identify the org in unauthenticated requests by @dnephin in #2911
• improve: refactor release workflow by @mxyng in #2889
• maintain: orgs with signup changes by @BruceMacD in #2910
• fix: avoid annoying mac port warning running tests by @ssoroka in #2914
• fix: sort order tests on mac should be skipped by @ssoroka in #2912
• feat: sign-up for orgs by @BruceMacD in #2919
• fix: allow direct access key for idp user by @BruceMacD in #2916
• maintain: replace stale action with app by @mxyng in #2926
• fix: hide connector grants by @j-sneh in #2913
• improve: add component concurrency controls by @mxyng in #2915
• feat: completions for infra use by @j-sneh in #2918
• fix: reuse connections with a properly-sized connection pool by @ssoroka in #2920
• improve: super important update to contributor log by @j-sneh in #2929
• feature: cli: select grants by user, supports inherited by @ssoroka in #2551
• improve: fixes docs for cli completion cmd by @kimskimchi in #2942
• feat: create and mount db encryption key by @mxyng in #2568
• improve: skip server selection and update docs for auto-login by @j-sneh in #2906
• improve: better error message for cert mismatch by @kimskimchi in #2899
• fix(helm): default false to overriding old chart by @mxyng in #2948
• fix: checking hosts properly by @ssoroka in #2945
• feat: endpoint to check server configuration by @ssoroka in #2863
• Fix reading the domain from the request by @dnephin in #2930
• Remove the second DB field from server by @dnephin in #2922
• Make NewDB safer by not setting an org in the context by @dnephin in #2921
• Replace the last of AutoMigrate by @dnephin in #2862
• fix: signup redirect should expect full domain by @ssoroka in #2953
• fix: set key expiry during exchance by @BruceMacD in #2931
• Try go1.19 by @dnephin in #2954
• fix: do not make external API calls in tests by @BruceMacD in #2950
• fix: create connector identity for org by @BruceMacD in #2959
• More test coverage for org ID migration by @dnephin in #2961
• fix: login page rendering on sso login by @jmorganca in #2965
• fix: add X-Frame-Options headers by @jmorganca in #2963
• fix: org flow docs update from discussions by @ssoroka in #2968
• feat(helm): deploy postgres as part of infra chart by @mxyng in #2602
• Invite email by @ssoroka in #2962
• fix: dont re-render login page on sso login by @jmorganca in #2975
• fix: only check postgres pod if deploy it as part of the chart by @mxyng in #2972
• fix: grant the org connector role by @BruceMacD in #2973
• maintain: clean up org db context setting by @BruceMacD in #2952
• fix(helm): quote integer value by @mxyng in #2983
• maintain: tune prometheus latency rule by @mxyng in #2984
• feat: add orgs prom metrics by @mxyng in #2985
• improve: extend invite expiry time by @ssoroka in #2974
• maintain: simplify build and install processes by removing unnecessary steps by @mxyng in #2951
• improve: output component for workflow run by @mxyng in #2986
• feat: allow specified org domain on sign up by @BruceMacD in #2978
• maintain: add website to dependabot by @mxyng in #2989
• fix: exclude builtin users and providers from metrics by @mxyng in #2990
• Accept Org ID from access key for unauthenticated endpoints by @dnephin in #2967
• maintain: update contributing doc by @BruceMacD in #2998
• maintain: update ui dev config by @BruceMacD in #3000
• Refactor a test function and remove a test helper by @dnephin in #2977
• fix: overlapping prs caused a build failure by @dnephin in #3007
• Remove gorm from the migrator by @dnephin in #3006
• fix: openapi doc generation command by @dnephin in #3015
• improve: streamline cd workflows by @mxyng in #3017
• fix: always display base domain on signup page by @kimskimchi in #3016
• fix(build): bad step name in ui build by @mxyng in #3021
• maintain: set org cookie on signup redirect by @BruceMacD in #3018
• Replace gorm.DB with an interface by @dnephin in #3008
• Remove db from gin context by @dnephin in #3022
• maintain: google idp experience by @BruceMacD in #2901
• improve: remove border by @kimskimchi in #3023
• maintain: update config tests for orgs by @BruceMacD in #3030
• maintain: reword org name placeholder by @mxyng in #3026
• fix(helm): use helper to check if server enabled by @mxyng in #3034
• maintain(dev): individual image checksums by @mxyng in #3035
• maintain: log real client IP by @mxyng in #3033
• fix: only migrate sqlite db if it exists by @mxyng in #3057
• fix(dev): force set Helm string value by @mxyng in #3062
• fix: new signup session priority by @BruceMacD in #3059
• fix: correct article based on table name by @BruceMacD in #3065
• improve: better analytics by @ssoroka in #3014
• feat: add sql functions uidStrToInt and uidIntToStr by @ssoroka in #3013
• fix: fixes issue caused by bad merge by @ssoroka in #3068
• fix: typo in db file path by @mxyng in #3070
• maintain: validate that provider user sessions are revoked on provider delete by @BruceMacD in #3067
• Update website styling, bring blog into website codebase b...

v0.14.4

0.14.4 (2022-08-09)

🐛 Bug fixes & Improvements

• UI: fix issue where settings page would sometimes throw an error (#2879) (67224a7)

v0.14.3

0.14.3 (2022-08-08)

Features

• infra shell completion (#2792) (35f0aee)
• add infra support admin user (#2755) (c19170c)
• add noTruncate flag to groups ls (c3c75c9)
• add the total users to group table (#2798) (86e3602)
• api: add totalUsers to groups endpoint (#2736) (8f0d485)
• implement api get/update settings (#2808) (e25518f)
• password reset (#2661) (184ee64)
• truncate users in groups list (d7e1049)
• ui: add providers to user metadata (#2754) (b8a426f)

Bug Fixes

• infra info handle error when session is invalid for the server (not expired or cleared, but just invalid) (#2756) (a65352e)
• add missing middleware next (1726bfa)
• add safeguard for CommaSeparatedStrings (58b72d5)
• data migration of group index name (8b7f0ef)
• deleting provider doesn't update the table until refresh (#2774) (daee235)
• groups and users remove improvement (#2686) (728f596)
• helm: dont deploy ui in connector-only configurations (#2794) (b411fba)
• helm: server.config.ui.proxyURL (#2805) (ca30bfa)
• helm: use config http(s) addrs (cbc2326)
• make infra header optional for well-known jwks (a48fe6f)
• mute the password reset link for this release (e77ee7c)
• path for go fuzz cache (b1b6386)
• remove deleted identities from identities_groups (#2767) (fe568fa)
• rollback postgres db transaction on fail (#2759) (2e95b8c)
• ui: add groups / users bugs and badge ui bug (#2842) (4388d29)
• ui: bug where modal dialog would not close when removing a user from a group (#2834) (1941a79)
• ui: fix ui build by including qemu dependency in github actions (#2763) (dcc51fb)
• ui: remove empty ui flicker while loading initial data (#2769) (94521fc)
• ui: use inherited grants instead of fetching groups (#2837) (7b9058b)

v0.14.2

0.14.2 (2022-07-27)

🔥 What's new

• helm: bind services to non-privileged port ranges (b63db21)

🐛 Bug fixes & Improvements

• amend helm index.yaml instead of overriding (13be800)
• hard delete provider users on removal (#2750) (ce7588f)
• helm: Change default podSecurityContext & securityContext (#2741) (614ce0a)
• validation accepts names of length 2 (#2719) (a2f34de)

v0.14.1

0.14.1 (2022-07-25)

🔥 What's new

• Security enhancement by make infra server read-only at runtime (#2692) (5d928cf)

🐛 Bug fixes & Improvements

• migrate sqlite3 db owner if changing security contexts (cfd684b)
• rename UI input label (#2691) (7cb04cf)
• run as non-root user by default (c21623d)

v0.14.0

0.14.0 (2022-07-21)

📣 API Change

• API request validation for access key and destination names is now much more strict (#2501)

🔥 What's new

• 🤯 Added support for group sync via Google identity (#2592) (a0d5f83)
• Infra's dashboard now supports groups from both identity providers or local users from Infra (#2510) (dd1f835)
• Added graphical buttons for logging in via identity providers (#2562) (bdae00f)
• Pagination support in CLI (#2569) (631a5f5)
• Infra version can be reported via destinations API (9963d90)
• Reducing log volume by sampling API requests based on fields (eca0969)
• Updated Prometheus resource metrics with labels (10f52b8)
• Infra's destination status now has a metrics label - connected or disconnected (ceb570f)

🐛 Bug fixes & Improvements

• bugs on groups page (#2573) (949c465)
• build: jq already exists in the runner (24f7b50)
• build: latest tag on dev docker image (4d96aa1)
• change field name (#2670) (9939e44)
• coalesce provider.kind and destinations.version (7243b0d)
• destinations query errors in postgres (c4dbb1a)
• docs: remove bash syntax highlighting (#2457) (7b0dde7)
• filter deleted items in db.Raw queries (cf0a48e)
• fix the flashes when adding user to a group on sidebar (#2643) (9cdfb99)
• force release version in goreleaser (36216dc)
• handle temp file (#2610) (e48fc7f)
• inconsistencies between role and access (fb37a48)
• infra keys list works with postgres (99a56ab)
• labels applied to the server in the helm chart (#2574) (865be28)
• linter: add read-header timeouts for all servers (#2637) (1c62906)
• load env var RELEASE_NAME into goreleaser (8b6308e)
• loading groups table (#2633) (df1abf7)
• make infra version header required (c763f3d)
• notifies user when adding duplicate grant (#2360) (f70a1fe)
• possible panic on server restart (03cfb33)
• remove email validation lib (#2565) (ed97980)
• remove group name validation (b1d8b26)
• resize provider icon on table (#2632) (51a224e)
• resolve the provider url when not provided (#2554) (54e2956)
• restore skipTLSVerify for connector helm template (8dd57c0)
• sidebar and setting page flashes bug (#2655) (b3f331b)
• ui: fix issue where grant would be deleted (#2597) (766419d)
• ui: fix issue where grant would be deleted incorrectly in the dropdown (#2671) (6c4b529)
• ui: fix scrollbar rendering showing gray gutters on macOS (#2599) (9af0571)
• anonymousId behavior for heartbeat (#2641) (6c25d55)
• wait for logout to complete (#2660) (13540fb)
• add password settings columns (#2563) (fdc354c)
• add more unit testing for components (#2656) (0253eb7)
• password requirements - api (#2577) (78688e3)
• password requirements - cli (admin signup, user edit) (#2651) (802ea27)

v0.13.6

📣 API change

• The Infra-Version header is now required for all API requests; we are doing this to help with future migrations

🔥 What's new

• Infra server can now report when a connected infrastructure is last seen and its status (accc0b9) (c5d4360)(6b6cfaa)(f967d6d)
• Infra CLI can now list the groups from a connected identity provider using infra groups command. (#2507) (64b2f90)
• In the Infra UI, we now show which roles user has access to for a connected infrastructure (#2474) (40c5224)
• Added prometheus metrics to report Infra connector version and other build information (9ca7448)
• Added trace level logging (8943afc)
• Improved feedback for when the Infra connector keys expire (#2486) (fc64278)
• Infra API can now return the identity provider auth url (#2443) (c90d39b)
• Ability to edit identity providers using Infra's CLI (#2434) (d536643)
• Backend improvements (#2041) (78d5bc4) (b63665b)(a04e90b) (#2423) (0eb7aca)

🐛 Bug fixes

• client delete request (8c8488f)
• do not redirect adding unknown providers (#2491) (40550b7)
• find server endpoint for localhost (#2481) (6db14a0)
• offline access for google (#2502) (898ba7c)
• password confirmation field and minor improvements (#2479) (3a69150)
• strip port from self-signed certs (#2438) (6b82ede)
• ui: fix issue where editing role would clear access (#2475) (6fe7bb4)
• ui: layout on smaller window sizes (#2477) (9e059f0)
• ui: limit destination name to regex (#2471) (f92b714)
• ui: minor display issues in UI (#2460) (337a9eb)
• ui: show correct error message when using temporary password (#2461) (7729198)

v0.13.5

0.13.5 (2022-06-27)

Features

• add rm users in groups (#2349) (6d1cbbf)
• ui: Improved experience around granting and listing access (#2370) (09c4ee0)

Bug Fixes

• db migration from 0.13.3 (4fc18b1)
• do not update provider user groups in sync (#2413) (91903ed)
• rename one time password to temporary password (#2383) (5ceceda)

v0.13.4

0.13.4 (2022-06-23)

Features

• added optional pagination to list endpoints (#2282) (6516b2e)
• azure groups (#2355) (8d66805)
• edit own password (#2243) (edd5ee4)
• introduce format flag, support json output (#2208) (88a2c8c)
• prompt to verify server certificate (60a020b)
• ui: namespace access (#2251) (fbc50a9)
• updates cli forbidden to more user friendly messages (#2213) (2eb49b0)

Bug Fixes

• broken anchor in docs (#2317) (42df8e5)
• cmd: insert newline between user and group grants (e6cbe29)
• delete access keys and users when providers are removed (#2311) (8def756)
• docs: active directory docs (#2380) (a73e475)
• docs: okta bullets not aligned (#2326) (765480a)
• docs: search more logs for server cert fingerprint (#2389) (a5c8067)
• helm: remove deprecated adminAccessKey (1fc9f07)
• helm: s/server/connector/ (d4c76e4)
• hides expired keys by default (#2257) (8067a89)
• hides non-extended access keys (#2308) (642a7fc)
• improve grants list performance (47fd0c2)
• nil check for AccessKey.IssuedForIdentity (b5c13a0)
• normalize uids (#2289) (24dfdfd)
• one password input field bug (#2239) (589e1b1)
• redirect on website (#2315) (6acd482)
• remove agent message (#2292) (9ab3751)
• respect context namespace if overwritten by user (f5b8791)
• set logLevel from helm chart values (fde3746)
• ui: dont scroll grants view (#2336) (cdfcfe7)
• ui: fix a few edge cases around missing namespaces and no admin access (#2371) (0be435f)
• ui: hide group grants for now (#2350) (9ffc62e)
• ui: no longer require type="url" for identity provider (#2334) (1f2022f)
• ui: use correct name on inherited access; fix potential crash (#2351) (b91c135)
• update api client on login (cff3e78)
• update providers add example (beb7148)
• url running over when clicking on cluster (#2296) (5c9166e)
• use the correct TLS certificate (0cad9c1)
• website: add missing redirect from an older page (#2325) (c439b7f)
• website: add missing redirect link (#2335) (81e08e9)
• website: break words if necessary to avoid layout issues (#2382) (7eb3af2)
• website: broken code scroll and padding (#2330) (0252bd1)
• website: nav button background on hover (#2352) (8884ce1)
• website: newsletter signup (#2331) (9741c6b)
• website: remove button duration classes causing flash (#2323) (c219113)
• website: replace link to api docs (#2388) (768e7a2)
• website: scroll issue on safari (#2319) (bd2e1b5)