From 89d96b33150c1c89bebeacc45dab5abef7b9f5d5 Mon Sep 17 00:00:00 2001 From: Lagovas Date: Wed, 15 Dec 2021 19:24:11 +0100 Subject: [PATCH] Up version, update Changelog.md (#474) * up version, update Changelog.md * deprecate transport key types for acra-keys --- CHANGELOG.md | 46 +++++++++++++++++++++++++++++ CHANGELOG_DEV.md | 1 + cmd/acra-keys/keys/generate.go | 6 ++-- configs/acra-addzone.yaml | 2 +- configs/acra-backup.yaml | 2 +- configs/acra-connector.yaml | 2 +- configs/acra-keymaker.yaml | 2 +- configs/acra-keys.yaml | 8 ++--- configs/acra-poisonrecordmaker.yaml | 2 +- configs/acra-rollback.yaml | 2 +- configs/acra-rotate.yaml | 2 +- configs/acra-server.yaml | 2 +- configs/acra-tokens.yaml | 2 +- configs/acra-translator.yaml | 2 +- utils/version.go | 2 +- 15 files changed, 65 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e56853685..4b41c4954 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,51 @@ # Acra ChangeLog +## [0.91.0](https://github.com/cossacklabs/acra/releases/tag/0.91.0), December 16th 2021 + +_Core_: +- **AcraWebConfig, AcraAuthManager**: + - Have been deprecated and not supported anymore [#456](https://github.com/cossacklabs/acra/pull/456). The following changes have been made: + - removed `docker/acra-authmanager.dockerfile`, `docker/acra-webconfig.dockerfile` files. + - removed `acra-webconfig` and `acra-authmanager` from `docker/acra-build.dockerfile` file that is base image for all + other service's images. + - removed `acra-webconfig` and `acra-authmanager` from all `docker/docker-compose.*.yml` files. + - reserved [event codes](https://github.com/cossacklabs/acra/blob/0.90.0/logging/event_codes.go#L64) for log entries in range [550, 558] related to AcraWebConfig. +- **AcraConnector**: + - Has been deprecated and will be removed in the next releases. AcraServer and AcraTranslator will accept only direct TLS. See [Transport security/TLS](https://docs.cossacklabs.com/acra/security-controls/transport-security/tls/). + connections from applications. + - Removed mentions and usage from [acra-engineering-demo](https://github.com/cossacklabs/acra-engineering-demo/tree/0.90.0)s. +- **AcraKeymaker**: + - Some keys can be configured without ClientID [#454](https://github.com/cossacklabs/acra/pull/454). + - Removed `--generate_acrawebconfig_keys` flag according to AcraWebConfig/AcraAuthManager deprecation [#456](https://github.com/cossacklabs/acra/pull/456). +- **AcraKeys**: + - `read` command supports symmetric encryption keys with ClientID and ZoneID [#472](https://github.com/cossacklabs/acra/pull/472/files). + - `generate` command: + - supports rotation for symmetric encryption keys with ZoneID [#472](https://github.com/cossacklabs/acra/pull/472/files). + - deprecates next flags: `--acraconnector_transport_key`, `--acraserver_transport_key`, `--acratranslator_transport_key`. + - removed `--acrawebconfig_symmetric_key` flag according to AcraWebConfig/AcraAuthManager deprecation [#456](https://github.com/cossacklabs/acra/pull/456). + - Improved handling CLI parameters related to Redis [#459](https://github.com/cossacklabs/acra/pull/459). +- **AcraServer**: + - Removed `--auth_keys` parameter according to AcraWebConfig/AcraAuthManager deprecation [#456](https://github.com/cossacklabs/acra/pull/456). + - Removed `/loadAuthData`, `/getConfig`, `/setConfig` endpoints from HTTP API according to AcraWebConfig/AcraAuthManager deprecation [#456](https://github.com/cossacklabs/acra/pull/456). +- **AcraTranslator**: + - Accepts `POST` HTTP request method additionally to `GET` for v2 API. Method `GET` marked as deprecated and warns with log message. + `Deprecated HTTP GET method was used. Please use HTTP POST method instead.` if was used [#466](https://github.com/cossacklabs/acra/pull/466). + +_Infrastructure_: +- Build binaries with `-tags netgo` flag, that forces usage of Go resolver to solve issues related to resolving hostnames. + between Docker containers. Updated `acra-build.dockerfile` used as base image for all `cossacklabs/acra-*` images ([#452](https://github.com/cossacklabs/acra/pull/452)). +- Added missing parameter `--keystore=v1` for existing docker-compose files that caused errors ([#452](https://github.com/cossacklabs/acra/pull/452)). + +_Documentation_: +- Has been updated :) +- Improved guide about [integration AcraTranslator](https://docs.cossacklabs.com/acra/guides/integrating-acra-translator-into-new-infrastructure/) into infrastructure. +- Extended description for AcraTranslator's [HTTP API](https://docs.cossacklabs.com/acra/guides/integrating-acra-translator-into-new-infrastructure/http_api/). + +_Example projects and demos_: +- [Python examples](https://github.com/cossacklabs/acra/tree/0.90.0/examples/python): now work with TLS connections to + AcraServer/Database. Also has been updated sqlalchemy version and binary column type from `Binary` to `LargeBinary` [#463](https://github.com/cossacklabs/acra/pull/463). +- [acra-engineering-demo](https://github.com/cossacklabs/acra-engineering-demo/tree/0.90.0)s don't illustrate AcraConnector usage anymore. All applications and services connect to AcraServer directly. + ## [0.90.0](https://github.com/cossacklabs/acra/releases/tag/0.90.0), November 05th 2021 _New_: diff --git a/CHANGELOG_DEV.md b/CHANGELOG_DEV.md index cac81138b..cc593f3f5 100644 --- a/CHANGELOG_DEV.md +++ b/CHANGELOG_DEV.md @@ -5,6 +5,7 @@ - `acra-server` CLI parameters: `--securesession_id`, `--acraconnector_tls_transport_enable`, `--acraconnector_transport_encryption_disable` - `acra-keymaker` CLI parameters: `--generate_acraconnector_keys`, `--generate_acraserver_keys`, `--generate_acratranslator_keys` - `acra-translator` CLI parameters: `--securesession_id`, `--acraconnector_transport_encryption_disable`, `--acratranslator_tls_transport_enable` +- `acra-keys` CLI parameters for `generate` command: `--acraconnector_transport_key`, `--acraserver_transport_key`, `--acratranslator_transport_key` ## 0.91.0 - 2021-12-13 ### Changed diff --git a/cmd/acra-keys/keys/generate.go b/cmd/acra-keys/keys/generate.go index a9aef002e..6a0112e38 100644 --- a/cmd/acra-keys/keys/generate.go +++ b/cmd/acra-keys/keys/generate.go @@ -200,9 +200,9 @@ func (g *GenerateKeySubcommand) RegisterFlags() { g.flagSet.StringVar(&g.clientID, "client_id", "", "Client ID") g.flagSet.StringVar(&g.zoneID, "zone_id", "", "Zone ID") g.flagSet.StringVar(&g.masterKeyFile, "master_key_path", "", "Generate new random master key and save to file") - g.flagSet.BoolVar(&g.acraConnector, "acraconnector_transport_key", false, "Generate transport keypair for AcraConnector") - g.flagSet.BoolVar(&g.acraServer, "acraserver_transport_key", false, "Generate transport keypair for AcraServer") - g.flagSet.BoolVar(&g.acraTranslator, "acratranslator_transport_key", false, "Generate transport keypair for AcraTranslator") + g.flagSet.BoolVar(&g.acraConnector, "acraconnector_transport_key", false, "Generate transport keypair for AcraConnector (deprecated since 0.91.0, will be removed soon)") + g.flagSet.BoolVar(&g.acraServer, "acraserver_transport_key", false, "Generate transport keypair for AcraServer (deprecated since 0.91.0, will be removed soon)") + g.flagSet.BoolVar(&g.acraTranslator, "acratranslator_transport_key", false, "Generate transport keypair for AcraTranslator (deprecated since 0.91.0, will be removed soon)") g.flagSet.BoolVar(&g.acraWriter, "client_storage_key", false, "Generate keypair for data encryption/decryption (for a client)") g.flagSet.BoolVar(&g.newZone, "zone", false, "Generate new Acra storage zone") g.flagSet.BoolVar(&g.rotateZone, "zone_storage_key", false, "Rotate existing Acra zone storage keypair") diff --git a/configs/acra-addzone.yaml b/configs/acra-addzone.yaml index 487ddbd78..56a81ecf9 100644 --- a/configs/acra-addzone.yaml +++ b/configs/acra-addzone.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # path to config config_file: diff --git a/configs/acra-backup.yaml b/configs/acra-backup.yaml index f43657dbf..962e8e872 100644 --- a/configs/acra-backup.yaml +++ b/configs/acra-backup.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # import|export values are accepted action: diff --git a/configs/acra-connector.yaml b/configs/acra-connector.yaml index b18bdf1f4..6a03da846 100644 --- a/configs/acra-connector.yaml +++ b/configs/acra-connector.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # Port of Acra HTTP API acraserver_api_connection_port: 9090 diff --git a/configs/acra-keymaker.yaml b/configs/acra-keymaker.yaml index a44c696be..3f60af04e 100644 --- a/configs/acra-keymaker.yaml +++ b/configs/acra-keymaker.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # Client ID client_id: client diff --git a/configs/acra-keys.yaml b/configs/acra-keys.yaml index bfcc5ca00..2a42b8d25 100644 --- a/configs/acra-keys.yaml +++ b/configs/acra-keys.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # path to config config_file: @@ -140,13 +140,13 @@ private: false # read public key of the keypair public: false -# Generate transport keypair for AcraConnector +# Generate transport keypair for AcraConnector (deprecated since 0.91.0, will be removed soon) acraconnector_transport_key: false -# Generate transport keypair for AcraServer +# Generate transport keypair for AcraServer (deprecated since 0.91.0, will be removed soon) acraserver_transport_key: false -# Generate transport keypair for AcraTranslator +# Generate transport keypair for AcraTranslator (deprecated since 0.91.0, will be removed soon) acratranslator_transport_key: false # Generate symmetric key for log integrity checks diff --git a/configs/acra-poisonrecordmaker.yaml b/configs/acra-poisonrecordmaker.yaml index 0139ac317..2276f22fc 100644 --- a/configs/acra-poisonrecordmaker.yaml +++ b/configs/acra-poisonrecordmaker.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # path to config config_file: diff --git a/configs/acra-rollback.yaml b/configs/acra-rollback.yaml index 601d174f3..0e8931082 100644 --- a/configs/acra-rollback.yaml +++ b/configs/acra-rollback.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # Client ID should be name of file with private key client_id: diff --git a/configs/acra-rotate.yaml b/configs/acra-rotate.yaml index 61fa4960e..9b943f632 100644 --- a/configs/acra-rotate.yaml +++ b/configs/acra-rotate.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # path to config config_file: diff --git a/configs/acra-server.yaml b/configs/acra-server.yaml index fba646c51..2da5c09ba 100644 --- a/configs/acra-server.yaml +++ b/configs/acra-server.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # Path to AcraCensor configuration file acracensor_config_file: diff --git a/configs/acra-tokens.yaml b/configs/acra-tokens.yaml index 0f517ac99..e7d8f48c4 100644 --- a/configs/acra-tokens.yaml +++ b/configs/acra-tokens.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # path to config config_file: diff --git a/configs/acra-translator.yaml b/configs/acra-translator.yaml index 52f9c1a4f..91e4b012b 100644 --- a/configs/acra-translator.yaml +++ b/configs/acra-translator.yaml @@ -1,4 +1,4 @@ -version: 0.90.0 +version: 0.91.0 # Use raw transport (tcp/unix socket) between AcraTranslator and client app. It turns off reading trace from client app's side which usually sent by AcraConnector (deprecated since 0.91.0, will be removed soon). acraconnector_transport_encryption_disable: false diff --git a/utils/version.go b/utils/version.go index 312eb0a4b..c2737d7d2 100644 --- a/utils/version.go +++ b/utils/version.go @@ -26,7 +26,7 @@ import ( // VERSION is current Acra suite version // store it as string instead initialized struct value to easy change/grep/sed/replace value via scripts or with // -ldflags "-X github.com/cossacklabs/acra/utils.VERSION=X.X.X" -var VERSION = "0.90.0" +var VERSION = "0.91.0" // Version store version info type Version struct {