From 75a21e5c3bd4c49911e18462b79cf3625f058a8d Mon Sep 17 00:00:00 2001 From: Geri Jennings Date: Fri, 11 Sep 2020 11:33:04 -0400 Subject: [PATCH 1/6] Update instructions for revising NOTICES We used to have a much more involved process for updating NOTICES in this project. In this commit, we remove the old instructions and utilities and document the new, simpler instructions instead. --- CONTRIBUTING.md | 27 +++++++++++--------------- assets/license_finder.txt | 40 --------------------------------------- bin/check_dependencies | 26 ------------------------- 3 files changed, 11 insertions(+), 82 deletions(-) delete mode 100644 assets/license_finder.txt delete mode 100755 bin/check_dependencies diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f87e20d09..0c119bd7d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -415,22 +415,17 @@ than master. Make sure your change to secretless considers this. ## Releasing ### Verify and update dependencies -1. Check whether any dependencies have been changed since the last release by running - `./bin/check_dependencies`. The script will tell you what has changed. Beware - the script at current DOES NOT appropriately handle `replace` directives - you will need to process these manually. - -1. If any dependencies have changed, for each changed dependency in assets/license_finder.txt you'll need to do the following: - - - Update the [dependency spreadsheet](https://cyberark365.sharepoint.com/:x:/s/Conjur/Edko_eT7CfpEuPxnnbIEfmAB4j2ybNozY9B8QAIDOxKynQ?e=CfP6ym). - Copy the most recent release's tab to a new tab for this new version. Use - the diff of `assets/license_finder.txt` to update the spreadsheet: - - For new dependencies, add a row to the spreadsheet. Make sure - a corresponding update is made to NOTICES.txt to add the dependency - and copyright. - - For dependencies whose version has changed, update the version and - license link in the spreadsheet. Be sure to also update the version and - copyright in NOTICES.txt. - - For dependencies that have been removed, delete the row from the - spreadsheet and remove the dependency / copyright from NOTICES.txt. +1. Review the changes to `go.mod` since the last release and make any needed + updates to [NOTICES.txt](./NOTICES.txt): + - Add any dependencies that have been added since the last tag, including + an entry for them alphabetically under the license type (make sure you + check the license type for the version of the project we use) and a copy + of the copyright later in the same file. + - Update any dependencies whose versions have changed - there are usually at + least two version entries that need to be modified, but if the license type + of the dependency has also changed, then you will need to remove the old + entries and add it as if it were a new dependency. + - Remove any dependencies we no longer include. If no dependencies have changed, you can move on to the next step. diff --git a/assets/license_finder.txt b/assets/license_finder.txt deleted file mode 100644 index 323c94777..000000000 --- a/assets/license_finder.txt +++ /dev/null @@ -1,40 +0,0 @@ -LicenseFinder::GoModules: is active - -Dependencies that need approval: -github.com/aws/aws-sdk-go, v1.15.79, unknown -github.com/cenkalti/backoff, v2.2.1+incompatible, unknown -github.com/codegangsta/cli, v1.20.0, unknown -github.com/containerd/containerd, v1.3.2, unknown -github.com/cyberark/conjur-api-go, v0.5.2, unknown -github.com/cyberark/conjur-authn-k8s-client, v0.16.1, unknown -github.com/cyberark/summon, v0.7.0, unknown -github.com/denisenkom/go-mssqldb, v0.0.0-20191001013358-cfbb681360f0, unknown -github.com/docker/distribution, v2.7.1+incompatible, unknown -github.com/docker/docker, v1.4.2-0.20191231165639-e6f6c35b7902, unknown -github.com/docker/go-connections, v0.4.0, unknown -github.com/docker/go-units, v0.4.0, unknown -github.com/fsnotify/fsnotify, v1.4.7, unknown -github.com/go-ozzo/ozzo-validation, v3.6.0+incompatible, unknown -github.com/google/btree, v1.0.0, unknown -github.com/googleapis/gnostic, v0.3.1, unknown -github.com/gregjones/httpcache, v0.0.0-20190611155906-901d90724c79, unknown -github.com/hashicorp/vault/api, v1.0.2, unknown -github.com/heptiolabs/healthcheck, v0.0.0-20180807145615-6ff867650f40, unknown -github.com/imdario/mergo, v0.3.8, unknown -github.com/joho/godotenv, v1.2.0, unknown -github.com/json-iterator/go, v1.1.8, unknown -github.com/lib/pq, v0.0.0-20180123210206-19c8e9ad0095, unknown -github.com/opencontainers/go-digest, v1.0.0-rc1, unknown -github.com/opencontainers/image-spec, v1.0.1, unknown -github.com/pkg/errors, v0.8.1, unknown -github.com/pkg/profile, v1.2.1, unknown -github.com/prometheus/client_golang, v1.2.1, unknown -github.com/smartystreets/goconvey, v0.0.0-20190731233626-505e41936337, unknown -github.com/spf13/pflag, v1.0.5, unknown -github.com/stretchr/testify, v1.3.0, unknown -golang.org/x/crypto, v0.0.0-20190510104115-cbcb75029529, unknown -gopkg.in/yaml.v2, v2.2.2, unknown -k8s.io/api, v0.0.0-20180712090710-2d6f90ab1293, unknown -k8s.io/apiextensions-apiserver, v0.0.0-20180808065829-408db4a50408, unknown -k8s.io/apimachinery, v0.0.0-20180621070125-103fd098999d, unknown -k8s.io/client-go, v0.0.0-20180806134042-1f13a808da65, unknown diff --git a/bin/check_dependencies b/bin/check_dependencies deleted file mode 100755 index 42b5497a4..000000000 --- a/bin/check_dependencies +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -set -uo pipefail - -current_dir=$("$(dirname "$0")"/abspath) -toplevel_dir=$current_dir/.. - -# get a new list of project licenses -# this command syntax is wild but it's what the license_finder image requires -docker run --rm \ - -v "$toplevel_dir":/scan \ - licensefinder/license_finder \ - /bin/bash -lc "cd /scan && license_finder" \ - > "$toplevel_dir/assets/license_finder.txt" - -# check if there are any differences (assumes you are working from a git clone); -# if not, exit -diff=$(git diff "$toplevel_dir/assets/license_finder.txt") - -if [ -z "$diff" ]; then - echo "No dependencies have changed." -else - echo -e "\nWarning - dependencies have changed. NOTICES.txt will need to be updated.\n" - echo "$diff" - exit 1 -fi From 69588e4d632563a1b9a111ca887741253d3ba5d9 Mon Sep 17 00:00:00 2001 From: Geri Jennings Date: Fri, 11 Sep 2020 11:37:13 -0400 Subject: [PATCH 2/6] Update release instructions for change logs Previously we used a script to auto-fill the changelog since the last release; since then we've put processes in place to be adding changelog entries as we make code changes, so this tool is no longer relevant. In this commit we remove the tool and update the release instructions. --- CONTRIBUTING.md | 14 +++++-- bin/prefill_changelog | 87 ------------------------------------------- 2 files changed, 10 insertions(+), 91 deletions(-) delete mode 100755 bin/prefill_changelog diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0c119bd7d..b37098bbc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -433,12 +433,18 @@ than master. Make sure your change to secretless considers this. 1. Create a new branch for the version bump. 1. Based on the unreleased content, determine the new version number and update the [version.go](pkg/secretless/version.go) file. -1. Run `./bin/prefill_changelog` to populate the [changelog](CHANGELOG.md) with - the changes included in the release. +1. Review the [changelog](CHANGELOG.md) to make sure all relevant changes since + the last release have been captured. You may find it helpful to look at the + list of commits since the last release - you can find this by visiting the + [releases page](https://github.com/cyberark/secretless-broker/releases) and + clicking the "`N commits` to master since this release" link for the latest + release. + + This is also a good time to make sure all entries conform to our + [changelog guidelines](https://github.com/cyberark/community/blob/master/Conjur/CONTRIBUTING.md#changelog-guidelines). 1. Commit these changes - `Bump version to x.y.z` is an acceptable commit message - and open a PR for review. Your PR should include updates to `pkg/secretless/version.go`, - `CHANGELOG.md`, and if there are any license updates, to `NOTICES.txt` and - `assets/license_finder.txt`. + `CHANGELOG.md`, and if there are any license updates, to `NOTICES.txt`. ### Add a git tag 1. Once your changes have been reviewed and merged into master, tag the version diff --git a/bin/prefill_changelog b/bin/prefill_changelog deleted file mode 100755 index cf9b091da..000000000 --- a/bin/prefill_changelog +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/bash - -set -e - -. ./bin/build_utils - -if [[ $# -ge 1 ]] && [[ "${1:-}" != "--dry-run" ]]; then - echo "Usage: $0 [--dry-run]" - exit 1 -fi - -most_recent_version() { - sort --reverse --version-sort | head -1 -} - -dry_run="false" -if [[ "${1:-}" == "--dry-run" ]]; then - dry_run="true" - shift -fi - -readonly secretless_version=$(short_version_tag) -echo "Secretless-broker code version: $secretless_version" - -readonly latest_tag=$(git tag | sed 's/^v//' | most_recent_version) -readonly latest_version="v${latest_tag}" - -readonly desired_tag="${secretless_version}" -readonly desired_version="v${desired_tag}" - -echo "Latest known tag: '${latest_tag}'" -echo "New version: 'v${desired_tag}'" - -# Sanity check -newest_tag=$(printf '%s\n%s' "${latest_tag}" "${desired_tag}" | most_recent_version) -if [[ "${newest_tag}" != "${desired_tag}" ]]; then - echo "ERROR! Desired version '${desired_version}' is below latest version '${latest_version}'!" - echo "Exiting!" - exit 1 -fi - -echo "Fetching git commit data..." -git_diff=$(git log --format="- %s" "${latest_version}..HEAD") -change_date=$(date +%Y-%m-%d) - -changelog_snippet='\n' -changelog_snippet+="## [%s] - %s"'\n\n' # $desired_tag, $change_date (see below) -changelog_snippet+="### TODO: Don't commit this without proofreading!!!"'\n\n' -changelog_snippet+='### Added\n\n' -changelog_snippet+='### Changed\n' -changelog_snippet+='%s' # $git_diff (see below) - -echo "Adding snippet to tempfile..." -tmp_file=$(mktemp /tmp/changelog_snippet.XXXXXX) -# Note: In this case, the format string is stored in a variable by design. -# Hence we are correctly ignoring shellcheck here. -# shellcheck disable=SC2059 -printf "${changelog_snippet}\n" "${desired_tag}" "${change_date}" "${git_diff}" >> "${tmp_file}" -echo "Tempfile: ${tmp_file}" - -echo "Adding snippet to CHANGELOG..." -sed "/^## \\[Unreleased\\]/r ${tmp_file}" CHANGELOG.md > CHANGELOG.md.tmp - -rm -f "${tmp_file}" - -echo "Appending link to diff..." -printf "[%s]: https://github.com/cyberark/secretless-broker/compare/%s...%s\n\n" \ - "${desired_tag}" "${latest_version}" "${desired_version}" \ - >> CHANGELOG.md.tmp - -# delete newline at EOF -sed -i '' '$ { /^$/ d;}' "CHANGELOG.md.tmp" - -# shellcheck disable=SC1117 -sed -i .bak \ - "s/^\[Unreleased\]: .*/[Unreleased]: https:\/\/github.com\/cyberark\/secretless-broker\/compare\/${desired_version}...HEAD/" \ - CHANGELOG.md.tmp - -if [[ "${dry_run}" == "true" ]]; then - cat CHANGELOG.md.tmp - rm -rf CHANGELOG.md.tmp -else - mv CHANGELOG.md.tmp CHANGELOG.md - "${EDITOR:-vi}" CHANGELOG.md -fi - -echo "--- DONE ---" From 388a770ce15a1524d4a1671a5560e44efd868f06 Mon Sep 17 00:00:00 2001 From: Geri Jennings Date: Fri, 11 Sep 2020 11:42:17 -0400 Subject: [PATCH 3/6] Update the release instructions for goreleaser Previously we were manually building the goreleaser artifacts on our local machines, but in #1234 we started running goreleaser in our build pipeline and archiving the output. This commit updates the release instructions so that the releaser will grab the artifacts from the Jenkins output and upload them to the github release, rather than building them locally. --- CONTRIBUTING.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b37098bbc..8a0ee8ef0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -454,11 +454,12 @@ than master. Make sure your change to secretless considers this. 1. Push the tag: `git push vx.y.z` (or `git push origin vx.y.z` if you are working from your local machine). -### Build a release +### Create a GitHub pre-release **Note:** Until the stable quality exercises have completed, the GitHub release should be officially marked as a `pre-release` (eg "non-production ready") -1. From a **clean checkout of master** run `./bin/build_release` to generate - the release artifacts. + +1. From the Jenkins pipeline for the tag, retrieve the archived `dist/goreleaser` + directory. 1. Create a GitHub release from the tag, add a description by copying the CHANGELOG entries from the version, and upload the release artifacts from `dist/goreleaser` to the GitHub release. The following artifacts should be uploaded to the release: From 36dc25ac013f7aa32b7ee4c99cf02d28868f7d86 Mon Sep 17 00:00:00 2001 From: Geri Jennings Date: Fri, 11 Sep 2020 11:53:02 -0400 Subject: [PATCH 4/6] Update security reporting email We previously had this set to security@secretless.io, but to streamline communications (and since we are as of now the same set of people), this has been updated to security@conjur.org. --- SECURITY.md | 2 +- docs/community.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 4b095bdd2..5315a3953 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -14,7 +14,7 @@ Thank you for improving the security of the Conjur suite. We appreciate your eff responsible disclosure and will make every effort to acknowledge your contributions. -Report security bugs by emailing the lead maintainers at security@secretless.io. +Report security bugs by emailing the lead maintainers at security@conjur.org. The maintainers will acknowledge your email within 2 business days. Subsequently, we will send a more detailed response within 2 business days of our acknowledgement indicating diff --git a/docs/community.md b/docs/community.md index bcf280ac2..96e43f148 100644 --- a/docs/community.md +++ b/docs/community.md @@ -17,6 +17,6 @@ description: Secretless Broker Community

Report

-

Want to report a potential security vulnerability? Contact us at security@secretless.io.

+

Want to report a potential security vulnerability? Contact us at security@conjur.org.

From e44232d655aa52159880ae9291dab77ea3d3daab Mon Sep 17 00:00:00 2001 From: Geri Jennings Date: Fri, 11 Sep 2020 11:54:09 -0400 Subject: [PATCH 5/6] Bump versions of dependencies for secretless.io --- .gitignore | 47 +++++++++++------------ docs/Gemfile | 12 +++--- docs/Gemfile.lock | 97 +++++++++++++++++++++++++---------------------- 3 files changed, 80 insertions(+), 76 deletions(-) diff --git a/.gitignore b/.gitignore index f3246f471..d278fb33d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,51 +1,48 @@ +# Miscellaneous files +.DS_Store .env +.idea +.jekyll-cache/ +.keep +.vscode/ + bench.* debug debug.* -.vscode/ -.idea -.keep +dist +run +tmp vendor + /demo/godoc /secretless /showpw -run -tmp -dist + +*.bak *.retry +*.so +*.sw[po] + +# Demo temp files demo/**/proxy_tls demo/**/myapp !demo/**/src/myapp + +# Test temp files +c.out +coverage.xml +results.json test/junit.* test/**/junit.* test/*.xml test/plugin/out/ -# Remove common editors' swapfiles -*.sw[po] - -# Remove sed tempfiles -*.bak - -# Remove compiled go plugin files -*.so - -# Remove OSX-specific temp files -.DS_Store - # We don't use dep anymore Gopkg.* # Ignore auto-generated temporary files github.com/cyberark/ -# Ignore any JSON results files -results.json - -# Ignore test coverage files -c.out -coverage.xml - # Image scan files scan_results-*.json scan_results-*.xml diff --git a/docs/Gemfile b/docs/Gemfile index 573e7410b..c5646ab60 100644 --- a/docs/Gemfile +++ b/docs/Gemfile @@ -8,10 +8,10 @@ source "https://rubygems.org" # # This will help ensure the proper Jekyll version is running. # Happy Jekylling! -gem "jekyll", "~> 3.8.4" +gem "jekyll", "~> 4.1.1" # This is the default theme for new Jekyll sites. You may change this to anything you like. -gem "minima", "~> 2.0" +gem "minima", "~> 2.5" # If you want to use GitHub Pages, remove the "gem "jekyll"" above and # uncomment the line below. To upgrade, run `bundle update github-pages`. @@ -19,17 +19,19 @@ gem "minima", "~> 2.0" # If you have any plugins, put them here! group :jekyll_plugins do - gem "jekyll-feed", "~> 0.6" + gem "jekyll-feed", "~> 0.15" end # Windows does not include zoneinfo files, so bundle the tzinfo-data gem gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby] # Performance-booster for watching directories on Windows -gem "wdm", "~> 0.1.0" if Gem.win_platform? +gem "wdm", "~> 0.1.1" if Gem.win_platform? # Rouge handles syntax highlighting for Markdown code blocks. -gem "rouge", "~> 3.1" +gem "rouge", "~> 3.23" # Link redirection gem 'jekyll-redirect-from' + +gem "kramdown", ">= 2.3.0" diff --git a/docs/Gemfile.lock b/docs/Gemfile.lock index 276840901..bf6d2c231 100644 --- a/docs/Gemfile.lock +++ b/docs/Gemfile.lock @@ -1,78 +1,83 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.5.2) - public_suffix (>= 2.0.2, < 4.0) + addressable (2.7.0) + public_suffix (>= 2.0.2, < 5.0) colorator (1.1.0) - concurrent-ruby (1.1.3) + concurrent-ruby (1.1.7) em-websocket (0.5.1) eventmachine (>= 0.12.9) http_parser.rb (~> 0.6.0) eventmachine (1.2.7) - ffi (1.9.25) + ffi (1.13.1) forwardable-extended (2.6.0) http_parser.rb (0.6.0) - i18n (0.9.5) + i18n (1.8.5) concurrent-ruby (~> 1.0) - jekyll (3.8.5) + jekyll (4.1.1) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) - i18n (~> 0.7) - jekyll-sass-converter (~> 1.0) + i18n (~> 1.0) + jekyll-sass-converter (~> 2.0) jekyll-watch (~> 2.0) - kramdown (~> 1.14) + kramdown (~> 2.1) + kramdown-parser-gfm (~> 1.0) liquid (~> 4.0) - mercenary (~> 0.3.3) + mercenary (~> 0.4.0) pathutil (~> 0.9) - rouge (>= 1.7, < 4) + rouge (~> 3.0) safe_yaml (~> 1.0) - jekyll-feed (0.10.0) - jekyll (~> 3.3) - jekyll-redirect-from (0.14.0) - jekyll (~> 3.3) - jekyll-sass-converter (1.5.2) - sass (~> 3.4) - jekyll-seo-tag (2.5.0) - jekyll (~> 3.3) - jekyll-watch (2.1.2) + terminal-table (~> 1.8) + jekyll-feed (0.15.0) + jekyll (>= 3.7, < 5.0) + jekyll-redirect-from (0.16.0) + jekyll (>= 3.3, < 5.0) + jekyll-sass-converter (2.1.0) + sassc (> 2.0.1, < 3.0) + jekyll-seo-tag (2.6.1) + jekyll (>= 3.3, < 5.0) + jekyll-watch (2.2.1) listen (~> 3.0) - kramdown (1.17.0) - liquid (4.0.1) - listen (3.1.5) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - ruby_dep (~> 1.2) - mercenary (0.3.6) - minima (2.5.0) - jekyll (~> 3.5) + kramdown (2.3.0) + rexml + kramdown-parser-gfm (1.1.0) + kramdown (~> 2.0) + liquid (4.0.3) + listen (3.2.1) + rb-fsevent (~> 0.10, >= 0.10.3) + rb-inotify (~> 0.9, >= 0.9.10) + mercenary (0.4.0) + minima (2.5.1) + jekyll (>= 3.5, < 5.0) jekyll-feed (~> 0.9) jekyll-seo-tag (~> 2.1) pathutil (0.16.2) forwardable-extended (~> 2.6) - public_suffix (3.0.3) - rb-fsevent (0.10.3) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) - rouge (3.3.0) - ruby_dep (1.5.0) - safe_yaml (1.0.4) - sass (3.7.2) - sass-listen (~> 4.0.0) - sass-listen (4.0.0) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) + public_suffix (4.0.6) + rb-fsevent (0.10.4) + rb-inotify (0.10.1) + ffi (~> 1.0) + rexml (3.2.4) + rouge (3.23.0) + safe_yaml (1.0.5) + sassc (2.4.0) + ffi (~> 1.9) + terminal-table (1.8.0) + unicode-display_width (~> 1.1, >= 1.1.1) + unicode-display_width (1.7.0) PLATFORMS ruby DEPENDENCIES - jekyll (~> 3.8.4) - jekyll-feed (~> 0.6) + jekyll (~> 4.1.1) + jekyll-feed (~> 0.15) jekyll-redirect-from - minima (~> 2.0) - rouge (~> 3.1) + kramdown (>= 2.3.0) + minima (~> 2.5) + rouge (~> 3.23) tzinfo-data BUNDLED WITH - 1.17.2 + 1.17.3 From 5810665f425e43162d556e577d035bfa00d008b9 Mon Sep 17 00:00:00 2001 From: Geri Jennings Date: Fri, 11 Sep 2020 11:44:25 -0400 Subject: [PATCH 6/6] Bump version to v1.7.0 --- CHANGELOG.md | 24 ++++++++++++++++++------ NOTICES.txt | 36 ++++++++++++++++++++++++++++++++++++ pkg/secretless/version.go | 2 +- 3 files changed, 55 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 20d5fbd62..511b7d5e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,21 +6,32 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +## [1.7.0] - 2020-09-11 + ### Added - Secretless and secretless-redhat containers now use Alpine 3.12 as their base - image. [PR #1296](https://github.com/cyberark/secretless-broker/pull/1296) + image. [PR cyberark/secretless-broker#1296](https://github.com/cyberark/secretless-broker/pull/1296) - MySQL and PostgreSQL connectors support SSL host name verification with `verify-full` SSL mode. Also adds optional `sslhost` configuration parameter - that is compared to the server's certificate SAN. [#548](https://github.com/cyberark/secretless-broker/issues/548) + that is compared to the server's certificate SAN. + [cyberark/secretless-broker#548](https://github.com/cyberark/secretless-broker/issues/548) - Generic HTTP connector now supports `queryParam` as a configurable section - in the secretless configuration file, under `config`. This allows the + in the Secretless configuration file, under `config`. This allows the construction of a query string which can have credentials injected - as needed. [#1290](https://github.com/cyberark/secretless-broker/issues/1290) + as needed. + [cyberark/secretless-broker#1290](https://github.com/cyberark/secretless-broker/issues/1290) - Generic HTTP connector now supports `oauth1` as a configurable section in the secretless configuration file, under `config`. This allows the construction of a header for an OAuth 1.0 request. The OAuth 1.0 feature currently only supports HMAC-SHA1, but there is an [issue](https://github.com/cyberark/secretless-broker/issues/1324) - logged to support other hashing methods. [#1297](https://github.com/cyberark/secretless-broker/issues/1297) + logged to support other hashing methods. + [cyberark/secretless-broker#1297](https://github.com/cyberark/secretless-broker/issues/1297) +- Many (20+) example generic connector configurations were added to the project, + to demonstrate support for a broad set of popular APIs and to serve as an + example for other APIs users may need to use Secretless with their apps. + See [here](https://github.com/cyberark/secretless-broker/tree/master/examples/generic_connector_configs) + for the full list of examples. + [cyberark/secretless-broker#1248](https://github.com/cyberark/secretless-broker/issues/1248) ## [1.6.0] - 2020-05-04 @@ -502,7 +513,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ### Added - The first tagged version. -[Unreleased]: https://github.com/cyberark/secretless-broker/compare/v1.6.0...HEAD +[Unreleased]: https://github.com/cyberark/secretless-broker/compare/v1.7.0...HEAD [0.2.0]: https://github.com/cyberark/secretless-broker/compare/v0.1.0...v0.2.0 [0.3.0]: https://github.com/cyberark/secretless-broker/compare/v0.2.0...v0.3.0 [0.4.0]: https://github.com/cyberark/secretless-broker/compare/v0.3.0...v0.4.0 @@ -528,3 +539,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. [1.5.1]: https://github.com/cyberark/secretless-broker/compare/v1.5.0...v1.5.1 [1.5.2]: https://github.com/cyberark/secretless-broker/compare/v1.5.1...v1.5.2 [1.6.0]: https://github.com/cyberark/secretless-broker/compare/v1.5.2...v1.6.0 +[1.7.0]: https://github.com/cyberark/secretless-broker/compare/v1.6.0...v1.7.0 diff --git a/NOTICES.txt b/NOTICES.txt index d3c5edac6..6e993d006 100644 --- a/NOTICES.txt +++ b/NOTICES.txt @@ -21,9 +21,11 @@ SECTION 1: Apache License 2.0 >>> github.com/google/btree-1.0.0 >>> github.com/googleapis/gnostic-0.3.1 >>> github.com/heptiolabs/healthcheck-0.0.0-20180807145615-6ff867650f40 +>>> github.com/modern-go/reflect2-1.0.1 >>> github.com/opencontainers/go-digest-1.0.0-rc1 >>> github.com/opencontainers/image-spec-1.0.1 >>> github.com/prometheus/client_golang-1.2.1 +>>> google.golang.org/appengine-1.4.0 >>> gopkg.in/yaml.v2-2.2.2 >>> k8s.io/api-0.0.0-20180712090710-2d6f90ab1293 >>> k8s.io/apiextensions-apiserver-0.0.0-20180808065829-408db4a50408 @@ -298,6 +300,23 @@ See the License for the specific language governing permissions and limitations under the License. +>>> github.com/modern-go/reflect2-1.0.1 + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + + >>> github.com/opencontainers/go-digest-1.0.0-rc1 Copyright 2016 Docker, Inc. @@ -349,6 +368,23 @@ See the License for the specific language governing permissions and limitations under the License. +>>> google.golang.org/appengine-1.4.0 + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + + >>> gopkg.in/yaml.v2-2.2.2 Copyright {yyyy} {name of copyright owner} diff --git a/pkg/secretless/version.go b/pkg/secretless/version.go index 7333c7d39..eceb5c9e7 100644 --- a/pkg/secretless/version.go +++ b/pkg/secretless/version.go @@ -4,7 +4,7 @@ import "fmt" // Version field is a SemVer that should indicate the baked-in version // of the broker -var Version = "1.6.0" +var Version = "1.7.0" // Tag field denotes the specific build type for the broker. It may // be replaced by compile-time variables if needed to provide the git