From 909c4217bc272cac06cdd2c60f31342a44011bff Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 18 Oct 2021 17:06:18 +0200 Subject: [PATCH] website/docs: prepare 2021.10 Signed-off-by: Jens Langhammer --- website/docs/releases/v2021.10.md | 123 ++++++++++++++++++++++++++++++ website/sidebars.js | 5 +- 2 files changed, 126 insertions(+), 2 deletions(-) create mode 100644 website/docs/releases/v2021.10.md diff --git a/website/docs/releases/v2021.10.md b/website/docs/releases/v2021.10.md new file mode 100644 index 000000000..d21971ce5 --- /dev/null +++ b/website/docs/releases/v2021.10.md @@ -0,0 +1,123 @@ +--- +title: Release 2021.10 +slug: "2021.10" +--- + +## Headline Changes + +- Flow Inspector + + To better understand how a flow works, and why things might not be working as intended, you can now launch Flows with an inspector enabled. This is simply triggered by adding a `?inspector` to the URL. Currently, only superuser have the permission to access the Inspector. + + The inspector shows the current stage, previous stages, next planned stages, and the current flow context. + +- SMS Authenticator + + You can now use SMS-based TOTP authenticators. This new Stage supports both Twilio, and a generic API endpoint, if using another provider. This stage does not have to be used for authentication, it can simply be used during enrollment to verify your users phone numbers. + +- Sign in with Apple + + It is now possible to add an Apple OAuth Source, to allow your users to authenticate with their Apple ID. + +A huge shoutout to all the people that contributed, helped test and also translated authentik. This is the first release that has as full French translation! + +## Minor changes + +- *: Squash Migrations (#1593) +- admin: clear update notification when notification's version matches current version +- cmd: prevent outposts from panicking when failing to get their config +- core: add default for user's settings attribute +- core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes +- core: improve detection for s3 settings to trigger backup +- core: include group uuids in self serializer +- core: make user's name field fully optional +- flows: inspector (#1469) +- internal: add internal healthchecking to prevent websocket errors +- internal/proxyv2: improve error handling when configuring app +- lifecycle: bump celery healthcheck to 5s timeout +- lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock +- lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker +- managed: don't run managed reconciler in foreground on startup +- outpost/proxy: fix missing negation for internal host ssl verification +- outposts: add additional error checking for docker controller +- outposts: Adding more flexibility to outposts in Kubernetes. (#1617) +- outposts: allow disabling of docker controller port mapping +- outposts: check ports of deployment in kubernetes outpost controller +- outposts: don't always build permissions on outpost.user access, only in signals and tasks +- outposts: fallback to known-good outpost image if configured image cannot be pulled +- outposts: fix error when comparing ports in docker controller when port mapping is disabled +- outposts: handle k8s 422 response code by recreating objects +- outposts: rename docker_image_base to container_image_base, since its not docker specific +- outposts/ldap: Support hard coded `uidNumber` and `gidNumber`. (#1582) +- outposts/proxy: add new headers with unified naming +- outposts/proxy: fix duplicate protocol in domain auth mode +- outposts/proxy: show full error message when user is authenticated +- policies: add additional filters to create flow charts on frontend +- policies/password: add extra sub_text field in tests +- providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514) +- providers/proxy: always check ingress secret in kubernetes controller +- providers/proxy: update ingress controller to work with k8s 1.22 +- recovery: handle error when user doesn't exist +- root: add docker-native healthcheck for web and celery +- root: add translation for backend strings +- root: coverage with toml support +- root: fix error with sentry proxy +- root: migrate docker images to netlify proxy (#1603) +- root: remove redundant internal network from compose +- root: remove structlog.processors.format_exc_info for new structlog version +- root: Use fully qualified names for docker bases base images. (#1490) +- sources/ldap: add support for Active Directory `userAccountControl` attribute +- sources/ldap: don't sync ldap source when no property mappings are set +- sources/ldap: fix logic error in Active Directory account disabled status +- sources/oauth: add Sign in with Apple (#1635) +- stages/authenticator_sms: add generic provider (#1595) +- stages/authenticator_sms: Add SMS Authenticator Stage (#1577) +- stages/authenticator_validate: create a default authenticator validate stage with sensible defaults +- stages/email: add activate_user_on_success flag, add for all example flows +- stages/prompt: add sub_text field to add HTML below prompt fields +- stages/prompt: fix sub_text not allowing blank +- stages/prompt: fix wrong field type of field_key +- stages/user_login: add check for user.is_active and tests +- stages/user_write: allow recursive writing to user.attributes +- web: add locale detection +- web: ensure fallback locale is loaded +- web: fix rendering of token copy button in dark mode +- web: fix strings not being translated at all when matching browser locale not found +- web: make table pagination size user-configurable +- web: new default flow background +- web: Translate /web/src/locales/en.po in fr_FR (#1506) +- web/admin: add fallback font for doughnut charts +- web/admin: default to warning state for backup task +- web/admin: don't require username nor name for activate/deactivate toggles +- web/admin: fix description for flow import +- web/admin: fix LDAP Source form not exposing syncParentGroup +- web/admin: fix search group label +- web/admin: fix SMS Authenticator stage not loading state correctly +- web/admin: improve visibility of oauth rsa key +- web/admin: only show outpost deployment info when not embedded +- web/admin: truncate prompt label when too long +- web/elements: fix initialLoad not being done when viewportCheck was disabled +- web/elements: fix model form always loading when viewport check is disabled +- web/elements: use dedicated button for search clear instead of webkit exclusive one +- web/flows: adjust message for email stage +- web/user: don't show managed tokens in user interface +- web/user: initial optimisation for smaller screens +- web/user: load interface settings from user settings + +## Upgrading + +This release does not introduce any new requirements. + +### docker-compose + +Download the docker-compose file for 2021.10 from [here](https://goauthentik.io/version/2021.10/docker-compose.yml). Afterwards, simply run `docker-compose up -d`. + +### Kubernetes + +Update your values to use the new images: + +```yaml +image: + repository: goauthentik.io/server + tag: 2021.10.1 +``` diff --git a/website/sidebars.js b/website/sidebars.js index 3163bb35e..756079b34 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -177,14 +177,15 @@ module.exports = { type: "category", label: "Release Notes", items: [ + "releases/v2021.10", "releases/v2021.9", "releases/v2021.8", - "releases/v2021.7", - "releases/v2021.6", { type: "category", label: "Previous versions", items: [ + "releases/v2021.7", + "releases/v2021.6", "releases/v2021.5", "releases/v2021.4", "releases/v2021.3",