Skip to content

Version: 1.8.0

Choose a tag to compare

View all tags
@GZTimeWalker GZTimeWalker released this 11 Dec 12:25
· 55 commits to develop since this release
v1.8.0
b7b5cd7
This commit was signed with the committer’s verified signature.
GZTimeWalker GZTime
GPG key ID: 373640C748EA3E19
Verified
Learn about vigilant mode.

1.8.0 - 2025-12-10

Feel free to ♥️ sponsor GZCTF ♥️!

Warning

Breaking Changes & Migration Required
This release introduces significant changes to the container network architecture and database schema.

  • Database Schema: A database migration is required to support the new Network Mode features.
  • Docker Swarm: Support for Docker Swarm has been removed. Please migrate to Kubernetes for better security and scalability.
  • Configuration: The behavior of ChallengeNetwork and Kubernetes network policies has changed. Please review the Upgrade Notes carefully.

✨ Highlights

  • Network Modes: Introduced the concept of "Network Mode" for challenges, supporting Open, Isolated, and Custom modes to provide finer control over challenge network isolation.
  • Enhanced Proxy Configuration: Updated ForwardedOptions to support KnownProxies and KnownIPNetworks for more robust reverse proxy handling.

⛰️ Features & Improvements

  • Custom Network Mode: Added support for configuring network modes per challenge, allowing for complex network topologies (#534).
  • Transfer Support: Updated TransferChallenge model to include NetworkMode information during import/export.
  • Proxy Configuration: Enhanced ForwardedOptions with KnownProxies and KnownIPNetworks to better support complex reverse proxy environments.

🐛 Bug Fixes

  • Cache Consistency: Reordered cache flushing calls in GameRepository to ensure data consistency.
  • Challenge Preview: Fixed an issue where the default score was not correctly set to 0 in the challenge preview.
  • Configuration: Updated ForwardedOptions binding to correctly support new proxy and network properties.
  • Frontend: Excluded isPinned from the post update payload to prevent unintended state changes.

🔧 Refactor

  • Core Optimization: Improved index cache control, CSP generation, and language extraction logic for better performance and security.

✅ Upgrade Notes

1. Database Migration

This release includes changes to the database schema. Ensure you run dotnet ef database update or let the application apply migrations automatically on startup.

2. Container Network Configuration (Important)

  • Docker Swarm Removed: The Docker Swarm provider is no longer supported.
  • ChallengeNetwork (Docker):
    • Old behavior: Specified the exact network name.
    • New behavior: Now treated as a prefix. GZCTF will automatically create <ChallengeNetwork>-open and <ChallengeNetwork>-isolated. You can manually create <ChallengeNetwork>-custom for custom network requirements.
  • Kubernetes Network Policies:
    • GZCTF now automatically manages gzctf-network-open and gzctf-network-isolated NetworkPolicies.
    • Do not modify these auto-generated policies.
    • For custom isolation, create additional NetworkPolicies in the same namespace using the label gzctf.gzti.me/NetworkMode.
    • Refer to the Container Provider Configuration for details.

3. Reverse Proxy Configuration

  • While ForwardedOptions maintains backward compatibility, it is strongly recommended to use the new KnownProxies (IP/Domain list) and KnownIPNetworks (CIDR list) configuration items for defining trusted proxies.

Changelog: https://github.com/GZTimeWalker/GZCTF/blob/HEAD/CHANGELOG.md
Commits: https://github.com/GZTimeWalker/GZCTF/compare/v1.7.2..v1.8.0

Assets 2
Loading