Update athenz.version to v1.12.6

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
com.yahoo.athenz:athenz-auth-core	1.11.28 -> 1.12.6
com.yahoo.athenz:athenz-zts-java-client	1.11.28 -> 1.12.6
com.yahoo.athenz:athenz-zpe-java-client	1.11.28 -> 1.12.6
com.yahoo.athenz:athenz-zms-java-client	1.11.28 -> 1.12.6
com.yahoo.athenz:athenz-cert-refresher	1.11.28 -> 1.12.6

---

Release Notes

AthenZ/athenz (com.yahoo.athenz:athenz-auth-core)

v1.12.6

Compare Source

#​2804 UI: use authorization check to determine launch provider access
#​2808 UI: add domain filter to groups and roles
#​2813 UI: refactor functional test to use conditional afterEach
#​2814 UI: update ui dependencies - axios and cookie
#​2816 aws sdk v2 requires regional url with https scheme
#​2817 UI: bump wdio dependencies
#​2819 UI: fix ui functional tests
#​2820 UI: include instance profile module with zts server binary image
#​2821 UI: fix ui user reload
#​2822 call close for http based providers only
#​2824 move pulsar messaging changelog impl into its own module
#​2825 correct handling of pending state field in role/group insert method
#​2826 update java/go dependencies to their latest release

v1.12.5

Compare Source

#​2789 UI: display all domains that reference current user
#​2794 disable member extension in role and group review
#​2799 UI: bump cross-spawn from 7.0.3 to 7.0.5 in /ui
#​2800 provide new api to search services across all domains
#​2801 UI: bump dependency version
#​2803 provide useful utility to fetch domain attrs
#​2805 improve interoperability of TF with audit/review-enabled roles/groups
#​2807 include configured role/group notify details in expiry notification emails
#​2809 initialize sia agent/main directories always
#​2810 If there is only one admin role member, the member cannot be deleted
#​2812 update java/go dependencies to their latest releases

v1.12.4

Compare Source

#​2788 use default value for sia-provider for dyanamodb
#​2791 support for suspended principals when updating roles/groups
#​2792 UI: prettier formatting changes for UI js files
#​2793 define new role/group notify_details and domain slack_channel attributes
#​2795 Enable changing the provider for X509 certificate
#​2796 add support to provide server-side bundles per key-id
#​2797 Fix the SIA secret json for parameter store
#​2798 update java/go dependencies to their latest releases

This release includes a required schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20241107.sql

v1.12.3

Compare Source

#​2765 UI: ump next from 13.5.4 to 14.2.15 in /ui
#​2772 Store SIA user agent information in x509 certificate request table
#​2773 Athenz Identity Provider for Harness
#​2774 UI: improve UX of dropdown inputs
#​2775 update harness api key env variable name
#​2776 Store SIA certificate creds in AWS parameter store, use custom json format
#​2777 allow % character in tag value
#​2779 clean up unused consts in the aws common library
#​2780 use configured identity instead of hard-coded sys.auth.monitor identity
#​2781 UI: fix functional tests in services.spec
#​2782 keep track of request entries in the role audit log
#​2783 updated java and go dependencies to their latest releases
#​2784 consistent indentation - formatting change only
#​2786 UI: fix functional tests in roles.spec
#​2787 config option to support ambiguous uris in jetty servlets

v1.12.2

Compare Source

#​2760 maven central publishing fixes
#​2761 UI: display service provider error message
#​2762 specify source/target in example pom.xml
#​2763 update package build list for docker image
#​2764 update example to utilize nimbus library for token validation
#​2766 touch done files after individual sia commands
#​2767 update go and java versions for docker builds
#​2769 update go/java dependencies to their latest release
#​2770 defer access token error logging
#​2771 docker build fixes for go 1.22 - no GO111MODULE support

v1.12.1

Compare Source

Upgrade to Jetty 12.x / EE10 Release using Jakarta 6.x
Remove all deprecated methods from server side interfaces
Migrate all aws v1 usage from server side code to aws v2 since v1 sdk is EOL
Migrate Apache HttpClient 4.x to 5.x
Server builds are released w/ JDK 17 due to jetty requirement but all client libraries are continued to be built and published with JDK 11 support
Replace jjwt library with nimbus-jwt library
CI/CD pipeline will be moved from SD to GitHub Actions
Move AWSPrivateKeyStore implementation from server-common to auth-core where it belongs with the correct package name
Remove single email notification support and only support consolidated email notifications

Full details about required changes: https://github.com/AthenZ/athenz/blob/master/docs/migration-1.11-to-1.12.md

v1.11.66: Athenz v1.11.66 Release

Compare Source

What's Changed

• do not exit when token refresh fails while pod is running by @​havetisyan in https://github.com/AthenZ/athenz/pull/2724
• Bump serve-static and express in /ui by @​dependabot in https://github.com/AthenZ/athenz/pull/2728
• Bump send and express in /ui by @​dependabot in https://github.com/AthenZ/athenz/pull/2726
• Bump body-parser from 1.20.0 to 1.20.3 in /ui by @​dependabot in https://github.com/AthenZ/athenz/pull/2725
• disable advanced settings for delegated roles during role creation or editing by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2733
• send notification for put role membership decision by @​chandrasekhar1996 in https://github.com/AthenZ/athenz/pull/2737
• Adding resource ownership support for MSD API by @​yosrixp in https://github.com/AthenZ/athenz/pull/2744
• during delete tenancy check the primary db instance by @​havetisyan in https://github.com/AthenZ/athenz/pull/2743
• Adding support to GCE SIA multiple service by @​yosrixp in https://github.com/AthenZ/athenz/pull/2740
• send notification for put group membership decision by @​chandrasekhar1996 in https://github.com/AthenZ/athenz/pull/2742
• update java and go dependencies to their latest releases by @​havetisyan in https://github.com/AthenZ/athenz/pull/2745

Full Changelog: AthenZ/athenz@v1.11.65...v1.11.66

v1.11.65: Athenz v1.11.65 Release

Compare Source

What's Changed

• not allow principal to approve/reject own requests for audit enabled roles/groups by @​havetisyan in https://github.com/AthenZ/athenz/pull/2702
• fix tests failing to run due to babel node sytax conflicts by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2703
• add role member UI enhancement by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2700
• add group review icon, it becomes red when group review required by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2705
• enforce resource ownership for delete role member operation by @​chandrasekhar1996 in https://github.com/AthenZ/athenz/pull/2708
• enforce resource ownership for delete group member operation by @​chandrasekhar1996 in https://github.com/AthenZ/athenz/pull/2709
• enforce resource ownership for delete assertion operation by @​chandrasekhar1996 in https://github.com/AthenZ/athenz/pull/2710
• allow adding authorization header on msd-agent calls by @​abvaidya in https://github.com/AthenZ/athenz/pull/2701
• Jonmv/build kite integration by @​jonmv in https://github.com/AthenZ/athenz/pull/2706
• Bump micromatch from 4.0.7 to 4.0.8 in /ui by @​dependabot in https://github.com/AthenZ/athenz/pull/2716
• fix added tag is displayed in UI, fix delete last tag by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2712
• open role and group members in new tab by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2718
• email notifications improvements with notify roles and groups by @​havetisyan in https://github.com/AthenZ/athenz/pull/2719
• update zms go client with latest rdl changes by @​havetisyan in https://github.com/AthenZ/athenz/pull/2722

Full Changelog: AthenZ/athenz@v1.11.64...v1.11.65

v1.11.64: Athenz v1.11.64 Release

Compare Source

What's Changed

• display warning for expired and disabled members in Roles and Groups by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2668
• fix skip non revocable attribute logic by @​havetisyan in https://github.com/AthenZ/athenz/pull/2680
• [documentation/github actions provider] Fix service name for prs by @​tokle in https://github.com/AthenZ/athenz/pull/2681
• provide java api for gcp workloads to refresh their identity certificates by @​havetisyan in https://github.com/AthenZ/athenz/pull/2672
• minor update to the key refresher unit test by @​havetisyan in https://github.com/AthenZ/athenz/pull/2682
• more specific error message for user authority filter checks by @​havetisyan in https://github.com/AthenZ/athenz/pull/2683
• fix red role review icon conditions by @​ArtjomsPorss in https://github.com/AthenZ/athenz/pull/2684
• Adding the Otel Implementation by @​salladi30 in https://github.com/AthenZ/athenz/pull/2687
• Bump axios from 1.6.0 to 1.7.4 in /clients/nodejs/zts by @​dependabot in https://github.com/AthenZ/athenz/pull/2690
• update java and go dependencies to their latest releases by @​havetisyan in https://github.com/AthenZ/athenz/pull/2694
• SIA (Service Identity Agent for GCP Runs by @​havetisyan in https://github.com/AthenZ/athenz/pull/2693

New Contributors

• @​ArtjomsPorss made their first contribution in https://github.com/AthenZ/athenz/pull/2668
• @​salladi30 made their first contribution in https://github.com/AthenZ/athenz/pull/2687

Full Changelog: AthenZ/athenz@v1.11.63...v1.11.64

v1.11.63: Athenz v1.11.63 Release

Compare Source

What's Changed

• include recently added fields in domain audit log by @​abvaidya in https://github.com/AthenZ/athenz/pull/2664
• Extend support for authority filter for roles/groups to skip unnecessary checks by @​havetisyan in https://github.com/AthenZ/athenz/pull/2663
• expose github provider specific error back to client for debugging by @​havetisyan in https://github.com/AthenZ/athenz/pull/2665
• UI: update dependencies and unit test by @​chandrasekhar1996 in https://github.com/AthenZ/athenz/pull/2666
• DIscover additional instances to MSD, with dynamic/static workloads by @​rajeshal in https://github.com/AthenZ/athenz/pull/2660

Full Changelog: AthenZ/athenz@v1.11.62...v1.11.63

v1.11.62

Compare Source

#​2650 Omit specifying trust store or CA cert when generating KeyRefresher
#​2652 add x509-cert-signer-keyid and ssh-cert-signer-keyid fields to domain meta
#​2654 update ZTS to honor domain's x509/ssh signer key ids
#​2655 UI fix: group review submitted for wrong domain
#​2656 update test cases to use valid keystore
#​2658 add new option for id token request to require all scope items to be present
#​2659 update go and java dependencies to their latest releases

This release includes a required schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20240708.sql

v1.11.61

Compare Source

#​2634 assume azure services
#​2635 Enable SSH Host certificate for AWS EC2 instances
#​2637 update error messages/formatting + fix zts property name in docs
#​2639 UI: Bump braces from 3.0.2 to 3.0.3 in /ui
#​2641 implement domain group members api
#​2642 /oauth2/keys Specify the service to obtain the public key
#​2643 UI: fix not able to update POC in domain
#​2644 support refreshing provider ip blocks every hour
#​2645 change order of signature validation for zpu policies
#​2646 separate key algorithm setting for instance provider
#​2648 extend the logic to set the preferred expiry time for service certificates
#​2649 update java and go dependencies to their latest releases

This release includes a required schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20240523.sql

v1.11.60

Compare Source

#​2622 address CodeQL warning about safe int32 conversion and insecure cipher
#​2623 keep state when key/cert were backed up for restore in case of failure
#​2624 update schema for azure support
#​2625 for role/group member expiry support all restrictions
#​2626 support system allowed roles in id tokens by skipping limit check
#​2627 remove dependency on jetty from client libraries
#​2629 support principal domain filter for role/group members
#​2630 fix comparing ecdsa key/cert public key match
#​2631 aws parameter store implementation for PrivateKeyStore interface
#​2632 server k8s common module
#​2633 update java and go dependencies to their latest releases

This release includes a required schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20240525.sql

v1.11.59

Compare Source

#​2613 in jws domain object return service resource ownership
#​2614 use issuer aws account or gcp project for launch authorization
#​2615 update interface to use both enterprise and cloud hostname resolvers
#​2616 provide capability to enable/disable principals
#​2618 provide capability for system admins to use zms-cli to set business service
#​2619 remove dups from role/group review list
#​2620 updated go and java dependencies to their latest releases
#​2621 bcprov-ext does not have 1.78.1 version

v1.11.58

Compare Source

#​2598 support trust domains in spiffe uri in role certificates
#​2599 systemd-notify-all option to notify systemd after role certificates
#​2601 explicit launch authorization for k8s provider multi-tenancy use cases
#​2602 UI: Bump ejs from 3.1.9 to 3.1.10 in /ui
#​2603 extended notification support
#​2604 for sia settings from env, set the config service field
#​2605 extend gcp functions identity method to be generic for vm workloads
#​2606 switch to using mysql 8.0 image from 5.7 for unit tests
#​2607 automatically skip empty roles/group from review list
#​2608 include additional sandns entry for pod ip
#​2609 allow groups in admin role based on config setting
#​2610 update role/service/group last modified time on tag update
#​2611 updated go (1.22.3) and java dependencies to their latest releases

v1.11.57

Compare Source

#​2589 allow attribute validator for K8SProvider issuer validation
#​2591 spiffe trust domain in role certificates
#​2593 support for systemd notify option for sia agents
#​2595 extend update_members action for role/group review api
#​2596 Add identifier in transport policy response
#​2597 UI: Bump formidable and supertest in /ui

v1.11.56

Compare Source

#​2581 set resource ownership commands in zms-cli
#​2582 provide option to disable resource ownership server-side
#​2583 Perform a retry when error code 3101 is returned from the MySQL DB
#​2585 add close method to zpe
#​2586 generate notifications 3 days before expiry
#​2587 update java dependencies
#​2588 migrate from gopkg.in/square/go-jose.v2 to github.com/go-jose/go-jose/v4

v1.11.55

Compare Source

#​2556 Fixed ZMSUtils to correctly determine PrincipalType
#​2565 Group MSD transport policy conditions
#​2568 correct handling of audit enabled flag in zms-cli import
#​2569 Update README.md
#​2571 Option to build GCPZTSCredentials using a pre-existing SSLContext
#​2572 initial changes for resource owner feature
#​2574 UI: add new environment field to domain details
#​2575 UI: Bump express from 4.18.1 to 4.19.2 in /ui
#​2576 resource ownership feature: part 2
#​2578 verification and validation of resource ownership
#​2580 provide sia config option to exit process if run_after script fails

This release includes a required schema update:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20240325.sql

v1.11.54

Compare Source

#​2527 fetch verification key from server via proxy during accesstoken and roletoken verification
#​2541 aws role session name can include _'s
#​2543 improve role/group review list based on creation time
#​2544 limit jest max workers to 8 for SD
#​2546 correct handling for put system meta with invalid service name
#​2547 use spiffe namespace of default
#​2549 Option to include public IP in ssh host certificate requests
#​2550 add support for -spiffe-trust-domain to zts-svccert utility
#​2551 validate principals during role/group review api
#​2552 do not allow deletion of domain is it's associated with aws/gcp/azure
#​2553 Adding provider interface for fetching public keys of a service
#​2554 Bump google.golang.org/protobuf from 1.32.0 to 1.33.0
#​2555 update provider interface impl in sia agents
#​2557 sia-aws: set service cert and key in role option
#​2558 sia: set service cert and key in role option
#​2560 correct handling of review-enabled roles/groups during review api
#​2561 update java and go dependencies to their latest releases
#​2563 Allowing SSH certificates for secureboot
#​2564 Bump follow-redirects from 1.15.4 to 1.15.6 in /ui

v1.11.53

Compare Source

#​2521 UI: support domain (security) point of contact fields
#​2522 update action during domain template request
#​2523 extend subdomain delete capability to domain admins
#​2524 optional argument to skip errors during sia init
#​2529 sia run-after-scripts for cmd line options must be in blocking mode
#​2530 log authz failure for github action provider
#​2531 UI: fix direct link service tabs bug
#​2532 UI: fix to not omit the user domain when completion search result is empty
#​2533 set role/group last review date check differently for new and updated objects
#​2534 UI: minor lowercase of a word
#​2535 minor update to zts java client unit test
#​2536 replace aws role session name from hardcoded to principal name
#​2537 extend instance id for github actions identity to include repo details
#​2538 delete user groups before deleting user from system
#​2539 update java/go dependencies to their latest releases

v1.11.52

Compare Source

#​2498 include instance-id as a principal in ssh host certificates on aws ec2
#​2500 UI: upgrade nextjs major version
#​2501 UI: upgrade babel related packages
#​2502 UI: upgrade jest related pkgs
#​2503 UI: upgrade jest related pkgs and package-lock.json
#​2504 UI: upgrade saucelabs and webdriver pkgs
#​2505 update entityName in audit logs for role/group meta calls
#​2507 UI: fix filter by role in domain history
#​2508 UI: upgrade axios and jsdom
#​2509 update tagKey and tagValue type for all ZMS roles
#​2510 GitHub actions service identity provider
#​2511 allow param values to include any string
#​2513 use correct algorithm when generating csr
#​2514 update jetty and go/java dependencies
#​2515 fix rdl for meta string fields so they can be unset
#​2516 update role certificate handling in sia agents
#​2519 store operation type as part of the auth history record
#​2520 UI: Bump ip from 1.1.8 to 1.1.9 in /ui

v1.11.51

Compare Source

#​2485 UI: remove gcp related changes
#​2487 introduce environment metadata field for domains
#​2489 Update go clients to support additional request headers
#​2490 Adding Vespa.ai as an adopter
#​2491 update developer documentation
#​2492 mark athenz directory as a safe
#​2494 support internal authz check with roles specified
#​2495 improve interoperability between self-signer in dev environments with openssl generated certs
#​2496 increase width for email notification body to full page
#​2497 update java/go dependencies to their latest releases

This release includes required schema updates:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20240121.sql

v1.11.50

Compare Source

#​2471 UI: add scope field to micro-segmentation table
#​2472 use relocated mysql artifact id
#​2474 support for IMSDv2 when reading AWS metadata
#​2475 delete transport policies api, optional attribute for existing api
#​2476 maintain a static map of trusted roles for resource list lookup api
#​2477 don't use --user flag for local
#​2478 mark trust role vars as volatile
#​2479 remove sia run-after script path starting with / on windows
#​2481 Change transport policy delete endpoint to match with create
#​2480 UI: Add GCP scope for micro-segmentation policy
#​2482 UI: Bump follow-redirects from 1.15.1 to 1.15.4 in /ui

v1.11.49

Compare Source

#​2455 UI: add logic to handle submit of role/group review
#​2456 UI: fix first time user error
#​2457 support proxyForPrincipal parameter in GenerateAccessTokenRequestString
#​2458 UI: add missing props timeZone for policy versions
#​2459 fix zms-cli calls for get role/group for review
#​2461 make role/group review days limit configurable
#​2463 UI: fix functional tests pt1
#​2465 UI: Add functional test support for role and group review
#​2466 UI: fix functional test sd job
#​2467 UI: add maxmembers and self renew fields
#​2468 UI: attempt to fix functional test
#​2469 UI: fix functional test, tested and works
#​2470 update java and go dependencies to their latest releases

v1.11.48

Compare Source

#​2414 Bump axios from 1.4.0 to 1.6.0 in /clients/nodejs/zts
#​2423 libs/go/sia/access/tokens: fix dropped test errors
#​2424 support max member limit on roles and groups
#​2425 show notification bell icon more obviously with role/group to review
#​2426 fix unbound variable errors in deploy-scripts
#​2428 fix invalid audit log json on adding /deleting a template
#​2431 support domain contacts
#​2434 self-renew option for roles/groups
#​2435 Bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.12 in gcp_zts_creds
#​2439 simplify expiry notification lookups
#​2440 update java dependencies to their latest releases
#​2443 extend schema for contact type to string
#​2445 sia init/rolecert command line option - report error code for failures
#​2446 add role and group review tabs
#​2447 enhance zms-cli update-domain to handle assertions in existing policies
#​2448 extend schema to allow : (colon) in Tag keys
#​2449 missing tags from policy/service requests
#​2450 unique error message for invalid/reserved service names
#​2451 UI: fix bug when viewing roles, group is part of with expiry
#​2452 new get transport policies for a domain and service api
#​2453 zms-cli: add -audit-enabled flag for role/group add operations
#​2454 update java and go dependencies

This release includes required schema updates:
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231120.sql
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231122.sql
https://github.com/AthenZ/athenz/blob/master/servers/zms/schema/updates/update-20231127.sql

v1.11.47

Compare Source

#​2398 UI: add GCP project ID in manage domains
#​2399 update service provider manager test case
#​2400 UI: upgrade prettier and run fix-lint
#​2403 Enable use of locally built components in local Docker environment
#​2405 Fix the server side authorization for the msd api to return kubernetes network policy object
#​2406 UI: centre align business service column
#​2408 provide Roles/ExternalCredentials interfaces for instance providers
#​2409 zts gcp dns client example
#​2410 UI: pull in the latest and greatest rdl endpoints
#​2411 expose sandns_x509_cnames field in sia config file
#​2415 simplify error messages for access tokens to avoid confusion
#​2416 new role/group/domain attributes - no implementation
#​2418 provide option to request issuer based on external creds attributes
#​2419 update go host ip check test case to ignore docker/bridge interface
#​2421 update java and go dependencies to their latest releases
#​2422 new msd api to create transport policy

v1.11.46

Compare Source

#​2324 Extract and reuse duplicate helper function ExtractSignerInfo
#​2388 for notification emails expand groups and delegated role membership
#​2391 replace interface{} with string for zms-cli import operations
#​2392 support proxy principal spiffe uri in access token requests
#​2393 new bit to disable notifications over a week away
#​2396 msd api to return kubernetes network policy object
#​2397 for groups to disable expiry notfs look for both expiration/reminder tags

v1.11.45

Compare Source

#​2358 UI: fix add/edit tags for policy and service
#​2361 Fix service tags tab hiding other tabs
#​2365 failure with insert principal where 2 roles are created simultaneously with the same new member
#​2366 Add GetZone from meta endpoint for gcp
#​2367 oidc response - make redirect uri optional if json output is requested
#​2368 failure with insert principal where 2 roles are created simultaneously with the same new member
#​2370 double encoding name parameter for deleteStaticWorkload
#​2372 bump awssdk from 2.20.162 to 2.21.6 for netty vuln
#​2375 remove redirect-uri from fetch id token call since it's optional for json output
#​2376 new zms-cli option show-domain-attrs to display domain attributes
#​2377 fix membership approval email view in gmail
#​2378 adding support for service_name.service_namespace.svc in K8S san dns
#​2379 Temporary network issue causes aws temp creds stop refreshing
#​2381 allow updating the last_reviewed_date for role/group through meta api
#​2382 clean-up hostname verifier support in zts java client
#​2384 replacing wix-embedded-mysql with testcontainers-java
#​2386 update jetty/java/go deps to their latest releases

v1.11.44

Compare Source

#​2323 fetch verification key from server during access token validation
#​2342 UI: Add microsegmentation to services table
#​2344 Creating a PR Template file
#​2345 Bump golang.org/x/net from 0.16.0 to 0.17.0
#​2346 Make KeyRefresher's background thread more efficient
#​2347 UI: add fetcherError null check, debug only if there is error
#​2348 fix 'make deploy-local'
#​2349 change the athenz-zpe-java-client jacoco coverage threshold from 0.8711 to 0.8702
#​2350 Fix pr template
#​2351 provide domain authz for expanded role lookup
#​2352 Introduce new endpoint to search workloads by domain and services
#​2355 provide zms endpoint to return list of roles and groups for review
#​2356 Update go zpe README.md
#​2357 updated go/grpc and java dependencies
#​2360 Update LY Corporation name (formerly known as Yahoo! Japan)
#​2362 msd go client sync up with rdl

v1.11.43

Compare Source

#​2304 UI: add role description tooltip
#​2315 UI: Fix delete static workload
#​2317 UI: Show msd error
#​2318 DB names are lower case for last notification time check
#​2319 UI: fix user service users map
#​2320 UI: Make project labels selectable on GCP login page
#​2321 Extract and export ClientTLSConfigFromPEM
[#​2322](https://redirect.github.com/AthenZ/athe

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.