v1.7.0

Pre-release

Pre-release

izgeri released this 29 May 20:42

· 1709 commits to master since this release

Change log

Fixed

The k8s authenticator correctly authenticates an app using the host ID to specify
the k8s resource constraints and an annotation to specify the authenticator
container name using the "authn-k8s" prefix (cyberark/conjur#1535, conjurinc/dap-support#79) - PR.
Fixed exception in conjurctl when loading policy (conjurinc/dap-support#80) - PR.

Changed

Updated the title of status page to Conjur Status from Conjur (conjurinc/dap-support) - PR.
Policy load API endpoints now default to the application/x-yaml content-type if no content type is provided in the request (conjurinc/dap-support#74) - PR.
ActiveSupport uses SHA1 instead of MD5 (cyberark/conjur#1418).
Authentication audit events now use separate operations for authenticate,
login, and validate-status workflows
(cyberark/conjur#1054).
Authentication workflow checks origin before credentials to insure a request can authenticate before authenticating (cyberark/conjur#1568).

Added

The Kubernetes authentication /inject-client-cert endpoint now generates
an authentication audit event with the k8s-inject-client-cert operation
(cyberark/conjur#1538).
Adds a CertMissingCNEntry error to improve visibility of Kubernetes authenticator failures (cyberark/conjur#1278).
Logs the authenticator used when the authentication-container-name annotation is missing (conjurinc/dap-support#69) - PR.

Removed

Images are no longer published to Quay.io.

Security

Upgraded Rails to v5.2.4.3 to resolve CVE-2020-8164.

Assets 3