Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release 17.2.1 #51385

Merged
merged 2 commits into from
Jan 23, 2025
Merged

Release 17.2.1 #51385

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
56a0661
Release 17.2.1
camscale Jan 22, 2025
4fe61d1
changelog: Call out Azure join validation as security fix
camscale Jan 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,22 @@
# Changelog

## 17.2.1 (01/22/2025)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's call out #51085 as a security fix.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Is that fine as a separate section like that, just listing the changelog entry, or is there some more wording to add around this?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah this is fine. And let's mark the Github release a security release.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will do. I've already updated the release checklist for the step where the release is created to add a reminder and how-to for security releases.


### Security Fixes

* Improve Azure join validation by verifying subscription ID. [#51328](https://github.com/gravitational/teleport/pull/51328)

### Other Improvements and Fixes

* Added support for multiple active CAs in `tctl auth export`. [#51375](https://github.com/gravitational/teleport/pull/51375)
* Teleport Connect now shows a resource name in the status bar. [#51374](https://github.com/gravitational/teleport/pull/51374)
* Role presets now include default values for `github_permissions` and the `git_server` resource kind. `github_permissions` now supports traits. [#51369](https://github.com/gravitational/teleport/pull/51369)
* Fix backwards compatibility error where users were unable to login with Teleport Connect if Connect version is below v17.2.0 with Teleport cluster version v17.2.0. [#51368](https://github.com/gravitational/teleport/pull/51368)
* Added `wildcard-workload-identity-issuer` preset role to improve Day 0 experience with configuring Teleport Workload Identity. [#51341](https://github.com/gravitational/teleport/pull/51341)
* Added more granular audit logging surrounding SSH port forwarding. [#51325](https://github.com/gravitational/teleport/pull/51325)
* FIxes a bug causing the `terraform-provider` preset role to not automatically allow newly supported resources. [#51320](https://github.com/gravitational/teleport/pull/51320)
* GitHub server resource now shows in Web UI. [#51303](https://github.com/gravitational/teleport/pull/51303)

## 17.2.0 (01/21/2025)

### Per-session MFA via IdP
Expand Down
2 changes: 1 addition & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
# Stable releases: "1.0.0"
# Pre-releases: "1.0.0-alpha.1", "1.0.0-beta.2", "1.0.0-rc.3"
# Master/dev branch: "1.0.0-dev"
VERSION=17.2.0
VERSION=17.2.1

DOCKER_IMAGE ?= teleport

Expand Down
2 changes: 1 addition & 1 deletion api/version.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions build.assets/macos/tsh/tsh.app/Contents/Info.plist
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,13 @@
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>17.2.0</string>
<string>17.2.1</string>
<key>CFBundleSupportedPlatforms</key>
<array>
<string>MacOSX</string>
</array>
<key>CFBundleVersion</key>
<string>17.2.0</string>
<string>17.2.1</string>
<key>DTCompiler</key>
<string>com.apple.compilers.llvm.clang.1_0</string>
<key>DTPlatformBuild</key>
Expand Down
4 changes: 2 additions & 2 deletions build.assets/macos/tshdev/tsh.app/Contents/Info.plist
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,13 @@
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>17.2.0</string>
<string>17.2.1</string>
<key>CFBundleSupportedPlatforms</key>
<array>
<string>MacOSX</string>
</array>
<key>CFBundleVersion</key>
<string>17.2.0</string>
<string>17.2.1</string>
<key>DTCompiler</key>
<string>com.apple.compilers.llvm.clang.1_0</string>
<key>DTPlatformBuild</key>
Expand Down
2 changes: 1 addition & 1 deletion examples/chart/access/datadog/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.version: &version "17.2.0"
.version: &version "17.2.1"

apiVersion: v2
name: teleport-plugin-datadog
Expand Down
4 changes: 2 additions & 2 deletions examples/chart/access/datadog/tests/__snapshot__/configmap_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,6 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-datadog
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-datadog-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-datadog-17.2.1
name: RELEASE-NAME-teleport-plugin-datadog
8 changes: 4 additions & 4 deletions examples/chart/access/datadog/tests/__snapshot__/deployment_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-datadog
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-datadog-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-datadog-17.2.1
name: RELEASE-NAME-teleport-plugin-datadog
spec:
replicas: 1
Expand All @@ -22,8 +22,8 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-datadog
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-datadog-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-datadog-17.2.1
spec:
containers:
- command:
Expand Down
2 changes: 1 addition & 1 deletion examples/chart/access/discord/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.version: &version "17.2.0"
.version: &version "17.2.1"

apiVersion: v2
name: teleport-plugin-discord
Expand Down
4 changes: 2 additions & 2 deletions examples/chart/access/discord/tests/__snapshot__/configmap_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,6 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-discord
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-discord-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-discord-17.2.1
name: RELEASE-NAME-teleport-plugin-discord
8 changes: 4 additions & 4 deletions examples/chart/access/discord/tests/__snapshot__/deployment_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-discord
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-discord-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-discord-17.2.1
name: RELEASE-NAME-teleport-plugin-discord
spec:
replicas: 1
Expand All @@ -22,8 +22,8 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-discord
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-discord-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-discord-17.2.1
spec:
containers:
- command:
Expand Down
2 changes: 1 addition & 1 deletion examples/chart/access/email/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.version: &version "17.2.0"
.version: &version "17.2.1"

apiVersion: v2
name: teleport-plugin-email
Expand Down
24 changes: 12 additions & 12 deletions examples/chart/access/email/tests/__snapshot__/configmap_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ should match the snapshot (mailgun on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
should match the snapshot (smtp on):
1: |
Expand Down Expand Up @@ -59,8 +59,8 @@ should match the snapshot (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
should match the snapshot (smtp on, no starttls):
1: |
Expand Down Expand Up @@ -92,8 +92,8 @@ should match the snapshot (smtp on, no starttls):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
should match the snapshot (smtp on, password file):
1: |
Expand Down Expand Up @@ -125,8 +125,8 @@ should match the snapshot (smtp on, password file):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
should match the snapshot (smtp on, roleToRecipients set):
1: |
Expand Down Expand Up @@ -161,8 +161,8 @@ should match the snapshot (smtp on, roleToRecipients set):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
should match the snapshot (smtp on, starttls disabled):
1: |
Expand Down Expand Up @@ -194,6 +194,6 @@ should match the snapshot (smtp on, starttls disabled):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
58 changes: 29 additions & 29 deletions examples/chart/access/email/tests/__snapshot__/deployment_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ should be possible to override volume name (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
spec:
replicas: 1
Expand All @@ -22,8 +22,8 @@ should be possible to override volume name (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
spec:
containers:
- command:
Expand All @@ -34,7 +34,7 @@ should be possible to override volume name (smtp on):
env:
- name: TELEPORT_PLUGIN_FAIL_FAST
value: "true"
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.0
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.1
imagePullPolicy: IfNotPresent
name: teleport-plugin-email
ports:
Expand Down Expand Up @@ -75,8 +75,8 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
spec:
replicas: 1
Expand All @@ -90,8 +90,8 @@ should match the snapshot:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
spec:
containers:
- command:
Expand Down Expand Up @@ -136,8 +136,8 @@ should match the snapshot (mailgun on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
spec:
replicas: 1
Expand All @@ -151,8 +151,8 @@ should match the snapshot (mailgun on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
spec:
containers:
- command:
Expand All @@ -163,7 +163,7 @@ should match the snapshot (mailgun on):
env:
- name: TELEPORT_PLUGIN_FAIL_FAST
value: "true"
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.0
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.1
imagePullPolicy: IfNotPresent
name: teleport-plugin-email
ports:
Expand Down Expand Up @@ -204,8 +204,8 @@ should match the snapshot (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
spec:
replicas: 1
Expand All @@ -219,8 +219,8 @@ should match the snapshot (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
spec:
containers:
- command:
Expand All @@ -231,7 +231,7 @@ should match the snapshot (smtp on):
env:
- name: TELEPORT_PLUGIN_FAIL_FAST
value: "true"
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.0
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.1
imagePullPolicy: IfNotPresent
name: teleport-plugin-email
ports:
Expand Down Expand Up @@ -272,8 +272,8 @@ should mount external secret (mailgun on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
spec:
replicas: 1
Expand All @@ -287,8 +287,8 @@ should mount external secret (mailgun on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
spec:
containers:
- command:
Expand All @@ -299,7 +299,7 @@ should mount external secret (mailgun on):
env:
- name: TELEPORT_PLUGIN_FAIL_FAST
value: "true"
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.0
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.1
imagePullPolicy: IfNotPresent
name: teleport-plugin-email
ports:
Expand Down Expand Up @@ -340,8 +340,8 @@ should mount external secret (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
name: RELEASE-NAME-teleport-plugin-email
spec:
replicas: 1
Expand All @@ -355,8 +355,8 @@ should mount external secret (smtp on):
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: teleport-plugin-email
app.kubernetes.io/version: 17.2.0
helm.sh/chart: teleport-plugin-email-17.2.0
app.kubernetes.io/version: 17.2.1
helm.sh/chart: teleport-plugin-email-17.2.1
spec:
containers:
- command:
Expand All @@ -367,7 +367,7 @@ should mount external secret (smtp on):
env:
- name: TELEPORT_PLUGIN_FAIL_FAST
value: "true"
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.0
image: public.ecr.aws/gravitational/teleport-plugin-email:17.2.1
imagePullPolicy: IfNotPresent
name: teleport-plugin-email
ports:
Expand Down
2 changes: 1 addition & 1 deletion examples/chart/access/jira/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.version: &version "17.2.0"
.version: &version "17.2.1"

apiVersion: v2
name: teleport-plugin-jira
Expand Down
Loading
Loading