Skip to content

Latest commit

 

History

History
301 lines (236 loc) · 15.2 KB

CHANGELOG.md

File metadata and controls

301 lines (236 loc) · 15.2 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

1.3.0 - 2024-10-22

Changed

  • Generated policy uses groups instead of layers (CNJR-6738)
  • Rewrite application in Go.

1.2.10 - 2023-05-04

Security

1.2.9 - 2023-04-10

Security

  • Update rack in Gemfile.lock and tests/integration/test-app/Gemfile.lock to 2.2.6.4 to address CVE-2023-27539, and activesupport in Gemfile.lock and tests/integration/test-app/Gemfile.lock to 6.1.7.3 for CVE-2023-28120 (not vulnerable) cyberark/conjur-service-broker#323
  • Update rack in Gemfile.lock and tests/integration/test-app/Gemfile.lock to 2.2.6.3 for CVE-2023-27630 (not vulnerable) cyberark/conjur-service-broker#320

1.2.8 - 2023-03-14

Changed

Security

1.2.7 - 2022-11-27

Security

1.2.6 - 2022-08-16

Security

1.2.5 - 2022-06-16

Changed

Security

1.2.4 - 2022-05-05

Security

Fixed

  • Unpin the Ruby Buildpack in the service broker's manifest.yml and update the pinned Ruby version in the service broker's Gemfile to ~> 2.7. This captures the idea that the service broker works for all 2.x Ruby versions from 2.7 and up, anything less has reached end of life. cyberark/conjur-service-broker#266

1.2.3 - 2021-12-31

Changed

1.2.2 - 2021-11-03

Security

1.2.1 - 2021-08-02

Fixed

1.2.0 - 2021-06-09

Added

  • Service Broker API spec 2.15 and above provide organization_name and space_name. If these are available, they are added as annotations on the organization and space policies that are created in Conjur. Note that this requires Conjur Open Source v1.3.7+ and Conjur Enterprise (formerly Dynamic Access Provider) v11.3.0+; prior to these versions, Conjur did not support adding annotations to policy resources. cyberark/conjur-service-broker#238

Security

1.1.5 - 2021-03-01

Removed

Fixed

  • The service broker Gemfile now specifies the Ruby version so that the service broker no longer fails to install when using a version of the Ruby Buildpack v1.8.15 or older, due to an incompatibility issue between Ruby and Nokogiri versions. cyberark/conjur-service-broker#229

1.1.4 - 2021-01-11

Changed

  • Previously, our ZIP included our test directories, which increased the size of the service broker. We've introduced a manifest.txt within the dev directory which dictates what will be included in the final ZIP used in our releases and during installation, and allows us to exclude the test directories and developer scripts. cyberark/conjur-service-broker#142

Fixed

  • When the value for CONJUR_VERSION is null or empty, we default to 5. If an invalid value is given, we raise an error immediately. cyberark/conjur-service-broker#47

Deprecated

  • Support for using the Conjur Service Broker with Conjur Enterprise v4 is now deprecated. Support will be removed in the next release. cyberark/conjur-service-broker#191

Security

1.1.3 - 2020-07-17

Fixed

1.1.2 - 2020-05-15

Security

  • Removed unused development and test gems from main image (#159)
  • Removed unused development and test gems from ZIP artifact (#167)

1.1.1 - 2020-01-29

Added

  • Added open source acknowledgements file (NOTICES.txt)
  • Added daily build trigger to Jenkinsfile

Changed

  • Bumped dependency versions (rack, puma, loofah, nokogiri, crass, rubyzip)
  • Updated license to standard format
  • Updated README instructions, including adding Java example
  • Updated CI tests to pull cluster info from Conjur using Summon

1.1.0 - 2019-05-01

Added

  • Added a health check to verify that the Conjur connection settings will work as expected with the Conjur buildpack.
  • Provisioning creates a space-level host when loading the org and space policies.
  • Added a new bind configuration option ENABLE_SPACE_IDENTITY to the service broker. When this service broker environment value is set to true, then the broker will return a space host identity on application bind, rather than create a host identity for the app.

Changed

  • Updated actionview (CVE-2019-5418) and railties (CVE-2019-5420) dependency versions

1.0.0 - 2019-03-05

Added

  • The service broker will now automatically generate the org and space policy when the service is provisioned into a CF space.
  • Added service broker environment parameter for CONJUR_FOLLOWER_URL. When set, the service broker will provide the URL of a follower to an application for retrieving secret values.

Changed

  • Updated dependencies and Ruby version of Docker image
  • Service broker configuration is updated to explicitly disable instance sharing
  • The service broker now adds application Hosts to a Conjur Layer for a Space when the bind context contains context.organization_guid and context.space_guid (CAPI 1.30.0+)

0.3.2 - 2018-06-26

Added

  • Health check now verifies that the Service Broker Conjur identity has read privileges on its own resource
  • Added cukes to check that Service Broker returns 403 if host does not have proper privileges

Fixed

  • ServiceBinding handles RestClient::NotFound errors on host creation gracefully

Changed

  • Tests now run against Conjur 0.7.0

0.3.1 - 2018-06-15

Added

  • The build is updated to run in deployment mode and produce a ZIP file of the project with all dependencies included.

0.3.0 - 2018-04-27

Security

  • Updated dependencies to address potential vulnerability in rails-html-sanitizer (more info) and loofah (more info)

Added

  • If the service broker host identity has a platform annotation in Conjur, hosts added to policy by the service broker will also include an annotation for the platform.

0.2.0 - 2018-02-12

Added

  • Added support for v4 Conjur, including health check that verifies HF existence

0.1.0 - 2018-01-24

Added

  • The first tagged version.