6c23fc4b2b
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
102 lines
4.6 KiB
Markdown
102 lines
4.6 KiB
Markdown
---
|
|
title: Release 2021.12
|
|
slug: "2021.12"
|
|
---
|
|
|
|
## Headline Changes
|
|
|
|
This release does not have any headline features, and mostly fixes bugs.
|
|
|
|
## Minor changes
|
|
|
|
- core: make defaults for _change_email and _change_username configurable
|
|
- core: remove dump_config, handle directly in config loader without booting django, don't check database
|
|
- events: add gdpr_compliance option
|
|
- internal: fix integrated docs not working
|
|
- internal: use runserver when debug for code reload
|
|
- lib: add cli option for lib.config
|
|
- lib: add improved log to sentry events being sent
|
|
- lib: fix custom URL schemes being overwritten
|
|
- lib: load json strings in config env variables
|
|
- lib: log error for file:// in config
|
|
- lifecycle: allow custom worker count in k8s
|
|
- lifecycle: improve backup restore by dropping database before
|
|
- lifecycle: improve redis connection debug py printing full URL
|
|
- outpost: configure error reporting based off of main instance config
|
|
- outposts: don't panic when listening for metrics fails
|
|
- outposts: reload on signal USR1, fix display of reload offset
|
|
- outposts/ldap: copy boundUsers map when running refresh instead of using blank map
|
|
- outposts/ldap: fix panic when attempting to update without locked users mutex
|
|
- outposts/proxy: continue compiling additional regexes even when one fails
|
|
- outposts/proxy: show better error when hostname isn't configured
|
|
- outposts/proxy: use disableIndex for static files
|
|
- policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type (#1849)
|
|
- providers/saml: fix SessionNotOnOrAfter not being included
|
|
- root: add lifespan shim to prevent errors
|
|
- root: fix settings for managed not loaded
|
|
- root: make sentry sample rate configurable
|
|
- stages/authenticator_validate: catch error when attempting to configure user without flow
|
|
- stages/email: fix missing component in response when retrying email send
|
|
- stages/email: minify email css template
|
|
- stages/email: prevent error with duplicate token
|
|
- web: improve dark theme for vertical tabs
|
|
- web: only show applications with http link
|
|
- web/admin: allow flow edit on flow view page
|
|
- web/admin: fix actions column on ip reputation page
|
|
- web/admin: fix Forms with file uploads not handling errors correctly
|
|
- web/admin: make object view pages more consistent
|
|
- web/admin: make user clickable for bound policies list
|
|
- web/admin: redesign provider pages to provide more info
|
|
- web/admin: show changelog on user info page
|
|
- web/admin: unify rendering and sorting of user lists
|
|
- web/elements: add new API to store attributes in URL, use for table and tabs
|
|
- web/elements: allow app.model names for ak-object-changelog
|
|
- web/elements: allow multiple tabs with different state
|
|
- web/flows: fix spinner during webauthn not centred
|
|
- web/flows: update default background
|
|
- web/user: fix filtering for applications based on launchURL
|
|
- web/user: fix height issues on user interface
|
|
|
|
## Fixed in 2021.12.1-rc2
|
|
|
|
- *: don't use go embed to make using custom files easier
|
|
- crypto: add certificate discovery to automatically import certificates from lets encrypt
|
|
- crypto: fix default API not having an ordering
|
|
- outposts: always trigger outpost reconcile on startup
|
|
- outposts/ldap: Rework/improve LDAP search logic. (#1687)
|
|
- outposts/proxy: make logging fields more consistent
|
|
- outposts/proxy: re-add rs256 support
|
|
- providers/proxy: fix defaults for traefik integration
|
|
- providers/proxy: use wildcard for traefik headers copy
|
|
- providers/saml: fix error when using post bindings and user freshly logged in
|
|
- providers/saml: fix IndexError in signature check
|
|
- sources/ldap: add optional tls verification certificate
|
|
- sources/ldap: allow multiple server URIs for loadbalancing and failover
|
|
- sources/ldap: don't cache LDAP Connection, use random server
|
|
- sources/ldap: handle typeerror during creation of objects when using wrong keyword params
|
|
- sources/plex: fix plex token being included in event log
|
|
- stages/prompt: fix error when both default and required are set
|
|
- web/admin: add spinner to table refresh button to show progress
|
|
- web/admin: don't show disabled http basic as red
|
|
- web/admin: fix wrong description for reputation policy
|
|
- web/flows: fix linting errors
|
|
- web/flows: Revise duo authenticator login prompt text (#1872)
|
|
|
|
## Upgrading
|
|
|
|
This release does not introduce any new requirements.
|
|
|
|
### docker-compose
|
|
|
|
Download the docker-compose file for 2021.12 from [here](https://goauthentik.io/version/2021.12/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
|
|
|
|
### Kubernetes
|
|
|
|
Update your values to use the new images:
|
|
|
|
```yaml
|
|
image:
|
|
repository: goauthentik.io/server
|
|
tag: 2021.12.1-rc1
|
|
```
|