Opened in error #10856

webvictim · 2022-03-04T17:51:19Z

Updated webassets reference.
Pin Packer version to 1.7.6
Release 8.0.0-beta.1.
Fix event code duplication for PrivilegeTokenCreateCode (Fix event code duplication #8733) ([backport v8] Fix event code duplication #8743)
Add Rust to buildbox
Stop linking lcrypto and lssl
Update e to match branch/v8
Release 8.0.0-dev.33
Ensure that Rust libraries are cleaned
Update e
Release 8.0.0-beta.2.
URL-encode Postgres username in connection string ((v8) URL-encode Postgres username in connection string #8772)
Add link to Teleport Changelog in helm chart repository site. ([v8] Add link to Teleport Changelog in helm chart repository site. #8780)
Update mac builds
Remove checking for error from session end in web terminal (Remove checking for error from session end from web terminal #8797) ([backport v8] Remove checking for error from session end in web terminal (#8797) #8816)
Fix reverse tunnel web ping call log severity (Fix reverse tunnel web ping call log severity #8776)
Set user verification to "discouraged" for WebAuthn (Set user verification to "discouraged" for WebAuthn #8759) (Set user verification to "discouraged" for WebAuthn (#8759) #8801)
[ami] Get wildcard DNS cert when using certbot/Letsencrypt with Terraform AMI ([ami] Get wildcard DNS cert when using Letsencrypt with Terraform AMI #8792) ([branch/v8] Backport #8792 #8809)
[helm] Change path -> mountPath under extraVolumeMounts ([helm] Change path -> mountPath under extraVolumeMounts #8806) ([branch/v8] Backport #8806 #8825)
Update rdp-rs to fix horizontal scroll + extended keys
Fix mongo access with mfa and add tests ((v8) Fix mongo access with mfa and add tests #8800)
Bring back previous u2f challenge response for web terminal (Bring back previous u2f challenge response for web terminal #8830) ([backport v8] Bring back previous u2f challenge response for web terminal (#8830) #8844)
flips struct ordering to match with tdp spec (MouseWheel fix #8753) (scroll wheel backport #8814)
comment out teleport configure output example ([branch/v8] fix example cluster config #8856)
Add dynamic registration and discovery guides ((v8) Add dynamic registration and discovery guides #8862)
Updated Go to 1.17.3.
Update Enterprise reference.
Release 8.0.0-beta.3.
Split auth.AccessPoint into variant specific interfaces (Split auth.AccessPoint into variant specific interfaces #8471) ((v8) Split auth.AccessPoint into variant specific interfaces #8859)
Disable desktop access in Web UI in Cloud clusters (Disable desktop access in Web UI in Cloud clusters #8858) ([v8] backport #8858 #8873)
Fix MFA for DB Access (Fix MFA for DB Access #8796) (Fix MFA for DB Access #8870)
Fix tsh ssh proxy (Fix tsh ssh proxy #8826) (Fix tsh ssh proxy #8871)
Don't allow running Desktop Access in FIPS mode.
Fix ACME strict ALPN (Fix ACME strict ALPN #8869) ((v8) Fix ACME strict ALPN #8889)
Release 8.0.0-rc.1.
Return created date with new recovery codes (Return created date with new recovery codes #8777) ([backport v8] Return created date with new recovery codes (#8777) #8903)
Fix the client idle disconnect audit event for desktops
Fix heartbeat for LDAP hosts
Use cgo.Handle for passing client refs between Rust/Go
Rust & Desktop Access fixes (Rust & Desktop Access fixes #8822)
remove roletester toolchain
fix buildbox
Fix the buildbox (again) (Fix the buildbox (again) #8892)
Link libatomic on Linux
[auto] Update webassets in branch/v8 ([auto] Update webassets in branch/v8 #8911)
Improve SSH agent forwarding error message in proxy mode (Improve SSH agent forwarding error message in proxy mode #8832)
Update e-ref ([branch v8] Update e-ref #8927)
tctl: allow issuing app access certificates via tctl auth sign (tctl: allow issuing app access certificates via tctl auth sign #8717) ([v8] Backport #8717 #8941)
windows ldaps port (Use LDAPS port 636 #8932)
[auto] Update webassets in branch/v8 ([auto] Update webassets in branch/v8 #8965)
Fix KUBECONFIG server name (Fix KUBECONFIG server name #8940) ((v8) Fix KUBECONFIG server name #8971)
Merge 'config-proxy' and 'proxy ssh' commands logic (Merge 'config-proxy' and 'proxy ssh' commands logic #8920) ((v8) Merge 'config-proxy' and 'proxy ssh' commands logic #8958)
backport bot improvements
Updated CHANGELOG.md.
Release 8.0.0-rc.2.
Remove explicit "deny" from preset "auditor" role, make preset roles V4 (Remove explicit "deny" from preset "auditor" role, make preset roles V4 #8959) ([v8] Backport #8959 #8998)
Updated build-darwin-* pipeline.
Fix tunnel address for TLS routing if public tunnel address is present ( (v8) Fix tunnel address for TLS routing if public tunnel address is present #8995)
Fix dialing kube trusted cluser in v2 telport config ((v8) Fix dialling kube trusted cluster in v2 telport config #8996)
Release 8.0.0-rc.3.
Release 8.0.0.
[pr-buddy] helm: Add support for annotation on secrets generated by cert-manager ([pr-buddy] helm: Add support for annotation on secrets generated by cert-manager #8872) ([branch/v8] helm: Add support for annotation on secrets generated by cert-manager (#8872) #9013)
Fixed Helm publishing.
Updated Docker Quickstart/Labs.
Add meta redirect ([v8] Add meta redirect #8980)
Add --public-addr --cert-file --key-file for teleport configure (add --publid-addr --cert-file --key-file for teleport configure (#9033 backport v8) #9049)
teleport configure: generate web_listen_addr (teleport configure: generate web_listen_addr (backport v8) #9071)
Restart entire node on tunnel collapse (Restart entire node on tunnel collapse #8102) ([Backport] Restart entire node on tunnel collapse (#8102) #9043)
Update CODEOWNERS ([backport/v8] Update CODEOWNERS #9058)
Add app metatada to app audit events ((v8) Add app metatada to app audit events #9056)
Update docs for TLS routing ((v8) Update docs for TLS routing #9097)
Make Teleport startup resilient to invalid roles (Make Teleport startup resilient to invalid roles #9062) (Make Teleport startup resilient to invalid roles (#9062) #9105)
Implement where conditions for active sessions (Implement where conditions for active sessions #9040) (Implement where conditions for active sessions (#9040) #9076)
Add '+' to key sanitizer whitelist (Add '+' to key sanitizer whitelist #8396)
Refresh getting started guide to use TLS routing (Refresh getting started guide to use TLS routing #8988) (Refresh getting started guide to use TLS routing (#8988) #9101)
Fix MySQL proxy handshake ((v8) MySQL proxy handshake fix #9162)
[Backport] Google CloudBuild support (Google CloudBuild support #9090) ([Backport] Google CloudBuild support (#9090) #9165)
Add Azure access token auth support for Postgres/MySQL ((v8) Add Azure access token auth support for Postgres/MySQL #9185)
Update Workflow Config Files ([v8] Update Workflow Configuration Files #9207)
Bump x/crypto ((v8) Bump x/crypto #9203)
Do not prompt for hardware MFA using tsh on Windows (Do not prompt for hardware MFA using tsh on Windows #9081) (Do not prompt for hardware MFA using tsh on Windows (#9081) #9198)
[v8]: desktop access backports ([v8]: desktop access backports #9201)
Release 8.0.1 (Release 8.0.1 #9223)
Fix tsh ssh proxy for openssh client ([v8] Fix tsh ssh proxy for OpenSSH client #9249)
[backport v8] Fix sessions endpoint and remove namespaces ([backport v8] Fix sessions endpoint and remove namespaces #9360)
Add support for configurable KMS CMK keys for S3 SSE (Add support for configurable KMS CMK keys for S3 SSE #8354) ([branch/v8] Backport #8354 #9262)
Release 8.0.4 (Release 8.0.4 #9368)
Drone fix (Removed valid hotp tokens from signup client side #84)
Fix the CRL distribution point in Windows certs (Fix the CRL distribution point in Windows certs #9299)
Release 8.0.5
Ensure we don't miss the resolution of an access request (Ensure we don't miss the resolution of an access request #9193) ([branch/v8] Backport #9193 #9338)
Post Release 1/4 (Post Release 1/4 #9005)
[v8] Add ability to run Postgres and Mongo proxy on separate listeners ([v8] Add ability to run Postgres and Mongo proxy on separate listeners #9341)
Add WebAuthn and Active Session docs (Add WebAuthn and Active Session docs #9390)
[auto] Update webassets in branch/v8
Update AWS CLI application access docs ref (Update AWS CLI application access docs ref #8634) ([v8] Update AWS CLI application access docs ref (#8634) #9396)
Updated CHANGELOG.md.
Release 8.0.6.
Fix confusing port example in standalone docs
Update which pull request events to trigger workflow on
Don't run workflows on draft PRs
Trigger on ready_for_review event
Add synchronize event
Clear web terminal when session ends (Clear web terminal when session ends #8850)
Change invalid TOTP message
Fix NO_PROXY addr logic (Fix NO_PROXY addr logic #9287) ([v8] Fix NO_PROXY addr logic #9394)
Do not parse MySQL server packets ((v8) Do not parse MySQL server packets #9411)
[v8] Prevent infinite dialing to Auth ([v8] Prevent infinite dialing to Auth #9403)
Add Videos to Teleport Desktop Access (Add Videos to Teleport Desktop Access [backport] #9374)
Avoid "Entering/Leaving directory" output in Make (Avoid "Entering/Leaving directory" output in Make #9246) ([v8] Backport #9246 #9424)
Clarify the Linux Getting Started guide ([backport v8] Clarify the Linux Getting Started guide #9429)
[Backport v8] Create a blast radius reduction guide ([Backport v8] Create a blast radius reduction guide #9430)
[branch/v8] Backport Allow a configurable event TTL in DynamoDB #8840 ([branch/v8] Backport #8840 #9395)
feat: ListResources gRPC rpc (Add "ListResources" gRPC call #9096) ((v8) Add "ListResources" gRPC call #9458)
Fix app server goroutine leak (Fix app server goroutine leak #9332) ([v8] Fix app server goroutine leak #9459)
Fix CryptoRandomHex function (Fix CryptoRandomHex function #9186) ([v8] Fix CryptoRandomHex function #9433)
simplify desktop access getting started guide (simplify desktop access getting started guide #9100) (Update live v8 docs #9467)
Update aws-console.mdx (Update aws-console.mdx #9480)
Updated Enterprise reference.
Added support for buildings CentOS 7 RPMs.
Update Drone pipeline to fix CentOS 7 repository.
Remove dronegen from Teleport 8.
updted Helm install guide in installation page. - link to getting started with kubernetes access page to refer Helm which is more up to date guide - removed which shows deprecated warning
Added support for service.spec.loadBalancerIP.
Added log configuration to teleport-cluster chart.
add TLS routing support to helm chart
Restart teleport-kube-agent can't join cluster.
Added 12/17 Release Update.
tool/tsh: support ID for tsh play -f json
Fix initKube: broadcast KubeReady event ([v8] Fix initKube: broadcast KubeReady event #9444)
[helm] Re-add space after type in service definition ([helm] Re-add space after type in service definition #9503)
Updated CHANGELOG.md.
Release 8.0.7.
Escape access request and access resolution reasons in tctl (Escape access request and access resolution reasons in tctl #9381) ([v8] Escape access request and access resolution reasons in tctl (#9381) #9455)
[v8] Use t.Setenv in tests (Use t.Setenv in tests #9154) ([v8] Use t.Setenv in tests (#9154) #9428)
Prevent Linear Retry from converging on Max ([v8] Prevent Linear Retry from converging on Max #9449)
[v8] Skip tests on a docs-only PR (Skip tests on a docs-only PR #9416) ([v8] Skip tests on a docs-only PR (#9416) #9510)
Update config.json
Fix tsh db connect mongo dbuser logic ([v8] Fix tsh db connect mongo dbuser logic #9445)
Fix the UI to correctly determine if a user has access to a resource (Fix the UI to correctly determine if a user has access to a resource #9473) (Fix the UI to correctly determine if a user has access to a resource (#9473) #9525)
Add --cluster flag to all tsh db subcommands, Add "--diag_addr" flag to teleport db/app start (Add --cluster flag to all tsh db subcommands, Add "--diag_addr" flag to teleport db/app start #9220) ([v8] backport #9220 #9518)
[v8] Disable drone triggers (Disable drone triggers #9313) ([v8] Disable drone triggers (#9313) #9532)
Sign dronefile
removes experimental note from example config (removes experimental note from example config #9195) (v8 backport 9195 #9526)
Update API client: dial auth service with TLS Routing ([v8] Update API client: dial auth service with TLS Routing #9578)
[branch/v8] update doc examples to change from admin role to editor,access ([branch/v8] update doc examples to change from admin role to editor,access #9335)
Exclude Jitter from logging
Specify level of TLS verification for database connections (Specify level of TLS verification for database connections #9197) ([v8] Specify level of TLS verification for database connections #9659)
(v8) Add note about TLS routing backwards compatibility ((v8) Add note about TLS routing backwards compatibility #9631)
Sign rpm repo metadata ([v8] Sign rpm repo metadata #9623)
[v8]: Desktop Access backports for 8.1.0 ([v8]: Desktop Access backports for 8.1.0 #9678)
Update previews page ((v8) Update previews page #9670)
Update e ref
Release 8.1.0 (Release 8.1.0 #9675)
[v8] backport Upgrade from go.etcd.io/etcd v3.4.14 to go.etcd.io/etcd/{api,client}/v3 v3.5.1 #9607 (upgrade go.etcd.io/etcd) ([v8] backport #9607 (upgrade go.etcd.io/etcd) #9733)
Run gpg in batch mode ([v8] Run gpg in batch mode #9730)
backport terraform provider syntax changes to v8 (backport terraform provider syntax changes to v8 #9541)
backport Update google.golang.org/grpc to v1.43.0 #9656 to branch/v8 (backport #9656 to branch/v8 #9746)
[v8] Restores linting of non-go files in CI ([v8] Restores linting of non-go files in CI #9664)
fix dynamo error types
[backport v8] force http2 kubernetes Naji/force http2 kubernetes #9294 ([backport v8] force http2 kubernetes #9294 #9796)
Forward TELEPORT_HOME to kubeconfig ([v8] Forward TELEPORT_HOME to kubeconfig (#9546) #9760)
Add info about upcoming databases to previews page (Add info about upcoming databases to previews page #9832)
[Backport V8] Treat EC2 Node IDs as UUIDs ([Backport V8] Treat EC2 Node IDs as UUIDs #9833)
Fall back to "/" when home directory doesn't exist for tsh ssh (Fall back to "/" when home directory doesn't exist for tsh ssh #9413) ([v8] Fall back to "/" when home directory doesn't exist for tsh ssh (#9413) #9662)
Add the access_request.delete event (Add the access_request.delete event #9552) ([v8] backport #9552 (access_request.delete event) #9787)
Upload release binaries to new release infrastructure (Upload release binaries to new release infrastructure #8722) ([v8] Backport #8722 #9615)
[docs] Add region and use of SSM decryption to Terraform docs ([docs] Add region and use of SSM decryption to Terraform docs #8907) ([v8] Backport "[docs] Add region and use of SSM decryption to Terraform docs (#8907)" #9813)
fix: removing new line convergance (fix: removing new line convergance #9579) ([v8] Backport "fix: removing new line convergance (#9579)" #9816)
[auto] Update webassets in branch/v8
Conditionally publish deb packages ([v8] Conditionally publish deb packages #9783)
Updated CHANGELOG.md.
Release 8.1.1.
[auto] Update webassets in branch/v8 ([auto] Update webassets in branch/v8 #9872)
omit invalid aws tags in rds autodiscovery (omit invalid aws tags in rds autodiscovery #9742) ([v8] omit invalid aws tags in rds autodiscovery (#9742) #9766)
feat: app server requests failover (Retry app access requests in different servers when there is a connection failure #9288) ((v8) Retry app access requests in different servers when there is a connection failure #9819)
update RDS and Redshift CA URL (update RDS and Redshift CA URL #9890) ([v8] update RDS and Redshift CA URL (#9890) #9904)
Database auto discovery to be more tolerable to find as many as it can (Database auto discovery to be more tolerable to find as many as it can #9426) ([v8] Database auto discovery to be more tolerable to find as many as it can (#9426) #9903)
Ignore failures for artifact registration step (Ignore failures for artifact registration step #9921) ([v8] Ignore failures for artifact registration step #9927)
Fix reverse tunnel dialing for Windows Desktops
Clean up system role parsing (Clean up system role parsing #9756)
docs: recommend a highly available LDAP endpoint. (docs: recommend a highly available LDAP endpoint. #9744)
Fix first desktop discovery reconcile loop (Fix first desktop discovery reconcile loop #9654)
Reject TDP ClientUsername messages that are too long
Add an Error message to TDP (Add an Error message to TDP #9586)
Tweak the PNG encoder (Customize the PNG encoder #9817)
[auto] Update webassets in zmb3/v8-backports ([auto] Update webassets in zmb3/v8-backports #9906)
Ignore artifact failures in remaining pipelines (Ignore artifact failures in remaining pipelines #9932) ([v8] Ignore artifact failures in remaining pipelines #9940)
Fix TLS Router serverName 'kube.' prefix based routing logic (Fix TLS Router serverName 'kube.' prefix based routing logic #9777) (Fix TLS Router serverName 'kube.' prefix based routing logic #9902)
do not register Aurora serverless db clusters (do not register Aurora serverless db clusters #9386) ([v8] do not register Aurora serverless db clusters (#9386) #9934)
helm: Add logging configuration to teleport-kube-agent chart (helm: Add logging configuration to teleport-kube-agent chart #9632) ([v8] Backport "helm: Add logging configuration to teleport-kube-agent chart (#9632)" #9814)
Update upcoming-releases.mdx
[v8] backport Add access requests to TLS certificates #9501 (access requests in TLS certs) ([v8] backport #9501 (access requests in TLS certs) #9922)
tip on cloud and getting ports, added desktop port ([branch/v8] add desktop and tip on assigned ports for networking ref #9971)
[v8] Auto discovery aurora reader and custom endpoints (Auto discovery aurora reader and custom endpoints #9668) ([v8] Auto discovery aurora reader and custom endpoints (#9668) #9965)
Fix k8 access - respect kube service labels (Fix k8 access - respect kube service labels #9759) ([v8] Fix k8 access - respect kube service labels #9955)
Access request locks (Access request locks #9478) ([v8] backport #9478 (access request locks) #9930)
backport Add jitter and backoff to prevent thundering herd on auth #9133 to branch/v8 (backport #9133 to branch/v8 #9867)
add extra checks to avoid getSigninToken failure (add extra checks to avoid getSigninToken failure #9792) ([v8] add extra checks to avoid getSigninToken failure (#9792) #9964)
[v8] backport Improved Google OIDC connector #9697 (improved Google OIDC) ([v8] backport #9697 (improved Google OIDC) #9926)
Add access request locks to the docs ([v8] backport #9866 (docs update for access request locks) #9983)
[v8] backport Add access requests to audit events #9758 (access requests in audit log) ([v8] backport #9758 (access requests in audit log) #9933)
Emit event when connecting to non-Teleport server (Emit event when connecting to non-Teleport server #9370)
Update golang.org/x/crypto to v0.0.0-20220126234351-aa10faf2a1f8 (Update golang.org/x/crypto to v0.0.0-20220126234351-aa10faf2a1f8 #9984) (Update golang.org/x/crypto to v0.0.0-20220126234351-aa10faf2a1f8 (#9984) #10015)
Make diag-addr in teleport help start unhidden ([branch/v8] Unhide diagnostic address flag #9981)
Replace cluster periodics with watchers (Replace cluster periodics with watchers #9609) (backport #9609 to branch/v8 #9998)
[v8] Client Certificate Authentication for GCP Cloud SQL ([v8] Client Certificate Authentication for GCP Cloud SQL #10059)
Enable canned ACL for S3 (Enable canned ACL for S3 #9042)
Respect errors from UserInfo (Respect errors from UserInfo #9951)
Add guide for Azure Postgres/MySQL database access (Add guide for Azure Postgres/MySQL database access #9729) ((v8) Add guide for Azure Postgres/MySQL database access #10096)
backport aws guide changes ([v8] Modify verbiage on AWS CLI #10106)
Turned http2 off for kube streaming endpoints.
fix tests - forwarder is not set during cluster session init anymore
Updated CHANGELOG.md.
Release 8.1.2.
Update version-check paths ([v8] Update version-check paths #10119)
Fix panic running TestIntegration/RotateChangeSigningAlg (backport #9316 to branch/v8 #10048)
helm: Allow setting issuer group for certificate in teleport-cluster (helm: Allow setting issuer group for certificate in teleport-cluster #9138) ([v8] Backport "helm: Allow setting issuer group for certificate in teleport-cluster (#9138)" #9812)
Backward compatible kubernetes_labels behaviour for v3 and v4 roles ([v8] Backward compatible kubernetes_labels behaviour for v3 and v4 roles #10127)
Release 8.1.3 (Release 8.1.3 #10120)
Backport Use correct unmarshaller for json durations #10124 (Backport #10124 #10125)
Update config.json ((v8) Update config.json #10145)
Add teleport_build_info Prometheus metric to Teleport (Add teleport_build_info Prometheus metric to Teleport #9595) ([v8] Backport Add teleport_build_info Prometheus metric to Teleport (#9595) #10135)
Revert "Emit event when connecting to non-Teleport server (Emit event when connecting to non-Teleport server #9370)" (Revert "[v8] Emit event when connecting to non-Teleport server (#9370)" #10156)
Dynamically resolve reverse tunnel address (Dynamically resolve reverse tunnel address #9958) (backport #9958 to branch/v8 #10139)
Release 8.1.4 (Release 8.1.4 #10157)
[v8] Update Documentation for GCP Cloud SQL Client Authentication ([v8] Update Documentation for GCP Cloud SQL Client Authentication #10140)
Add xauth binary to buildbox for X11 forwarding. (Add xauth binary to buildbox #10164) (Add xauth binary to buildbox for X11 forwarding #10174)
Release 8.1.5 (Release 8.1.5 #10194)
Backport Updated docs for the improved Google OIDC connector #9907 to branch/v8 (Backport #9907 to branch/v8 #10198)
Add metric tracking number of Teleport agents joined to cluster (Add metric tracking number of Teleport agents joined to cluster #9749) ([v8] Backport Add metric tracking number of Teleport agents joined to cluster (#9749) #10162)
(v8) Update config.json for 8.1.5 ((v8) Update config.json for 8.1.5 #10200)
Tag build images with teleport8 instead of go version (Tag build images with teleport8 instead of go version #10211)
Restore root user in CI buildbox (Restore root user in CI buildbox #10215)
[v8] Use buildbox image from quay.io ([v8] Use buildbox image from quay.io #10178)
Restore DEVBOX in build.assets/Makefile ([v8] Restore DEVBOX in build.assets/Makefile #10220)
Clarify tsh config usage docs on Windows ([v8] Clarify tsh config usage docs on Windows (backport of #8409) #10208)
Expand cloud in production usage ([v8] Expand cloud in production usage faq question #10221)
Add teleport_reverse_tunnels_connected Prometheus metric (Add teleport_reverse_tunnels_connected Prometheus metric #9698) ([v8] Backport Add teleport_reverse_tunnels_connected Prometheus metric (#9698) #10224)
Fixed TestDisconnection
Fixed TestSessionStartContainsAccessRequest.
Cleaned up NewClient in integration tests.
x11 forwarding (x11 forwarding #9897)
Removed TestProxyReverseTunnel.
Updated CHANGELOG.md.
Release 8.2.0.
Fix Doctests CI (Fixes DocTest CI #10117) ([v8] Fix Doctests CI (#10117) #10149)
Modified FedRamp to FedRAMP in docs for proper acronym ([v8] Modified FedRamp to FedRAMP in docs for proper acronym #10116)
Remove Teleport DB Users only message for tctl users ls ([v8] Remove Teleport DB Users only message for tctl users ls #10240)
Update upcoming-releases.mdx
Update Docker image tags in docs ([v8 backport] Update Docker image tags in docs #9402)
Update config.json
Add github teams to available traits
Truncate label output in tsh ls and tsh app ls commands
[Backport v8] IAM Join Method ([Backport v8] IAM Join Method #10263)
Document docs labels
Make our docs guidance discoverable ([v8 backport] Make our docs guidance discoverable #10278)
Use an apt-key alternative in install instructions ([v8 backport] Use an apt-key alternative in install instructions #10276)
Don't return nil, nil in (*AuditWriter).tryResumeStream (Backport #10254 to branch/v8 #10298)
Add docs for IAM join method (Add docs for IAM join method #8899) ([Backport v8] Add docs for IAM join method #10310)
Add documentation for moderated sessions (Add documentation for moderated sessions #9425) (Backport Moderated Sessions docs to branch/v8 #10302)
[auto] Update webassets in branch/v8 ([auto] Update webassets in branch/v8 #10303)
Add the cert.create event (Add the cert.create event #9822) ([v8] backport #9822 (cert.create event) #10222)
Sync cloud preview plans ([v8] Sync cloud preview plans #10317)
Set role examples to v4 and add detail warnings (Set role examples to v4 and add detail warnings #10345)
bump backend limit
improve concurrent watcher registration perf
improve Cache.ListNodes perf
improve lock tests
Fix tctl insecure flag when TLS Routing is enabled ([v8] Fix tctl insecure flag when TLS Routing is enabled #10361)
Fix docker-compose Getting Started guide issues (Fix docker-compose Getting Started guide issues #9709) ([v8 backport] Fix docker-compose Getting Started guide issues (#9709) #10167)
Add Teleport Cloud instructions to 3 guides ([v8 backport] Add Teleport Cloud instructions to 3 guides #10308)
backport Fix Reverse Tunnels Not Properly reconnecting #10368 to branch/v8 (backport #10368 to branch/v8 #10377)
[v8] Desktop backports for 8.3.0 ([v8] Desktop backports for 8.3.0 #10357)
Updated CHANGELOG.md.
Release 8.3.0.
Add list,read for session to access role preset ([v8] Adds session read, list rule for access role for user's sessions #10382)
Update upcoming-releases.mdx
[v8] Revert Moderated Sessions docs ([v8] Revert Moderated Sessions docs #10399)
Add Prometheus metrics cache events and stale events (Add Prometheus metrics cache events and stale events #9826) ([v8] Backport Add Prometheus metrics cache events and stale events (#9826) #10312)
Check for home dir as user. ([v8] Backport: Check for shell user's home directory as that user #10418)
docs: add warning about auditor role (docs: add warning about auditor role + session RBAC #10258) ([v8] docs: add warning about auditor role (#10258) #10395)
Update teleport docs to use 8.3.0 version (Update teleport V8 docs to use 8.3.0 version #10437)
[Backport v8] IAM Joining Docs: Set join_method in token.yaml ([Backport v8] IAM Joining Docs: Set join_method in token.yaml #10435)
docs: Updated path to tctl/tsh for Enterprise binaries ([v8] Backport: "docs: Updated path to tctl/tsh for Enterprise binaries" #10429)
Add missing DatabasesReady event to DB proxy (Add missing DatabasesReady event #10152) ([v8] Add missing DatabasesReady event to DB proxy #10306)
Revert "Add list,read for session to access role preset ([v8] Adds session read, list rule for access role for user's sessions #10382)"
Updated CHANGLOG.md.
Release 8.3.1.
Add PDB to teleport-kube-agent chart
Fix server compare to check expiry last ([v8 backport] Fix server compare to check expiry last #10464)
Update config.json
Expose tunnel public addr to config.js ([v8 backport] Expose reverse tunnel address to web ui #10514)
helm: Add AWS database auto-discovery to teleport-kube-agent (helm: Add AWS database auto-discovery to teleport-kube-agent #10344) ([v8] Backport "helm: Add AWS database auto-discovery to teleport-kube-agent (#10344)" #10544)
Add teleport_audit_emit_event prometheus metric (Add audit_emit_event prometheus metric #9134) ([v8] Backport Add teleport_audit_emit_event prometheus metric (#9134) #10462)
add teleport_connected_resources metric (Add teleport_connected_resources metric #9603) ([v8] Backport add teleport_connected_resources metric (#9603) #10461)
docs: fix code block (docs: fix code block #10495) ([v8] Backport #10495 #10556)
Address Cloud users in guides ([v8] Address Cloud users in guides #10527)
Ensure docs nav titles use title case consistently (Ensure docs nav titles use title case consistently #10353) ([v8] Ensure docs nav titles use title case consistently #10523)
[v8] Backport "helm: Revert PodSecurityPolicy change" ([v8] Backport "helm: Revert PodSecurityPolicy change" #10564)
Mention Teleport Cloud in some of our guides ([v8] Mention Teleport Cloud in some of our guides #10526)
Add a prominent warning to the config reference ([v8] Add a prominent warning to the config reference #10524)
Restore teleport-private deb/rpm gating ([v8] Restore teleport private deb/rpm gating #10537)
Add a Cloud compatibility warning to Helm guides ([v8] Add a Cloud compatibility warning to Helm guides #10525)
Update x11 sshserver test to test concurrent sessions and requests. ([v8] Concurrent X11 sessions fix #10473)
helm: Fix indenting on database autodiscovery ([v8] Backport: "helm: Fix indenting on database autodiscovery" #10623)
update enterprise getting started ([v8] Updating quick start enterprise #10606)
backport severity ([v8] Update logging severity values in config reference #10667)
[Docs update] Mention unsupported scenarios for IAM join method ([Docs update] Mention unsupported scenarios for IAM join method #10530) ([v8] Backport IAM Docs Update #10530 #10651)
Disable BPF tests in CI (Disable BPF tests in CI #10654) ([v8] Disable BPF tests in CI (#10654) #10680)
Add documentation for static windows hosts
[auto] Update webassets in branch/v8 ([auto] Update webassets in branch/v8 #10490)
Add missing read verb to ListResources ([v8] Add missing action VerbRead to ListResources #10421)
Backport fixes to apt publishing logic ([v8] Backport fixes to apt publishing logic #10436)
Fix artifacts path for build-darwin-amd64-pkg-tsh drone pipeline ((v8) Fix artifacts path for build-darwin-amd64-pkg-tsh drone pipeline #10601)
[v8] Sanitize leaf cluster CA ([v8] backport #10741 (leaf cluster CA sanitizing) #10743)
[v8] Fix Mongo topology resource release ([v8] Fix Mongo topology resource release #10730)
Fix x11 server config issues (Fix x11 server config issues #10471) ([v8] Fix x11 server config issues #10758)
Clear terminal when auth server is in FIPS mode (Clear terminal when auth server is in FIPS mode #10095)
Release 8.3.3 (Release 8.3.3 #10756)
TF provider configuration environment variables (TF provider configuration environment variables #10417) ([v8] TF provider configuration environment variables (#10417) #10547)
Update upcoming-releases.mdx
Fix nindent of service.spec in teleport-cluster chart
Fix broken link
Print proxy server on instructions on nodes add command for cloud ([v8] Add proxy to instructions when creating a token for a node #10749)
Backport Fix utmp accounting on system with bad glibc default #10460 to branch/v8 (Backport #10460 to branch/v8 #10617)
docs: update CA rotation page (docs: update CA rotation page #10419)
Improve HA behavior of database agents in leaf clusters (Improve HA behavior of database agents in leaf clusters #10641) ((v8) Improve HA behavior of database agents in leaf clusters #10770)
Do not block apt publishing if there is a more current pre-release ([v8] Do not block apt publishing if there is a more current pre-release #10806)
Restore docs deply hook ([v8] Restore docs deply hook #10839)
Complete empty uploads
Open parts files one at a time
Backport Clarify Cloud compatibility in the VS Code guide #10061 to branch/v8 (Backport #10061 to branch/v8 #10828)
Fix DynamoDB getAllRecords logic when 1MB query limit is reached (Fix DynamoDB getAllRecords logic when 1MB query limit is reached #10726) ([v8] Fix DynamoDB getAllRecords logic when 1MB query limit is reached #10847)
helm: Add details on AWS ACM to AWS guide

* Update oxy * Do not allow MySQL COM_CHANGE_USER command * Add support for all MongoDB wire messages * Release 8.0.4

A bug introduced in #9152 resulted in us publishing a CRL distribution point to LDAP which was different than the one encoded in the certs. Refactor the logic for generating these DNs into shared methods and add test coverage that verifies the certs meet Windows requirements. Fixes #9292

This makes it so that tsh will watch for access request resolution on the correct (root) cluster, and it will not create access requests before the event watcher is ready. Fixes #9003 and #9244. Includes v8 backport fixups.

* Updated version of Teleport in docs. * Updated supported version of Teleport in docs.

#9341)

Add WebAuthn and Active Session docs * Add user-facing documentation for WebAuthn (#8479) Add the WebAuthn Access Control guide and tweak various pages that mention U2F to either refer to WebAuthn or use more generic terms. * Added `/docs/access-controls/guides/webauthn/` (branched from u2f.mdx) * Added `webauthn` section to reference configuration (`u2f` kept unchanged) * U2F access control guide moved under the "References" section and removed from the index / navigation menu * Cloud guides removed (U2F was the last guide, now deleted) * WebAuthn access control guide * Update access controls pages Update links to WebAuthn and changes lingo to refer to either WebAuthn, MFA, "second factor hardware token" and "second factor authenticator", where appropriate. U2F is moved to the references sections and WebAuthn is favored as the guide to be followed in regards to MFA hardware tokens. Generic language is used whenever possible, excluding places where we reference server configuration or protocol support. * WebAuthn cloud guide * Update cloud pages * WebAuthn config reference * Update references to U2F in various pages * Link to the WebAuthn guide in from the Authentication reference page Incorporates ibeckermayer's suggestion from #8703. * Rephrase sentences according to reviewer feedback * Replace explicit <h2> with `##` * Move "Migrating from U2F" section to the bottom * Use numbered steps * Include tabs for Cloud in config examples * Add tctl as a prerequisite for WebAuthn setup * Remove Cloud guides U2F and WebAuthn were the last remaining items. * Make linter happy * Add public docs for active and recorded sessions "where" (#9084) Document features added by RFD 44 and RFD 45. * https://github.com/gravitational/teleport/blob/master/rfd/0044-session-where-condition.md * https://github.com/gravitational/teleport/blob/master/rfd/0045-ssh_session-where-condition.md

41fbc6e [backport v8] Update e-ref for TOTP Invite/Reset Fix (#505) gravitational/webapps@41fbc6e [source: -w teleport-v8] [target: -t branch/v8]

External listeners should always be on port 3026, not 3027. This `kube_public_addr` doesn't conform and is causing confusion.

This change clears the screen when an ssh session ends (only in FIPS mode). Note: This doesn't currently do anything in `tsh` on Windows since BoringCrypto isn't supported, but once it is supported, the behavior will match Unix and web. Co-authored-by: Grzegorz <grzegorz.zdunek@goteleport.com> Co-authored-by: Russell Jones <russjones@users.noreply.github.com>

[v8] Backport of #9254

- Prerequisites: Make the requirement for a DNS server a bit more generalized. - Add an admonition box directing users expecting a local evaluation setup to our Docker Compose guide. - Add a bit more context around how ACME works - Move "Configure DNS" before "Configure Teleport" to provide a clearer order of tasks. - Add a bit of explanation for why a user would create DNS records. - Add some explanation for how "teleport configure" sets up TLS. - Add a "Start Teleport" H3 section to separate this step from previous ones. - Various minor additions to add clarity. Closes #9077 since it refers users without access to a DNS server to the Docker Compose guide. Closes #9083

* Create a blast radius reduction guide This is the first guide within the "Security" subsection within the "Setup" section of the docs site. Closes #9055 * Respond to PR feedback

* Allow a configurable event TTL in DynamoDB (#8840) * Split dev tools into a seperate docker container (#9410)

Fixes gravitational/teleport-private#79 LAT-APP21-4: DOS - Goroutine leak in app server Prevent the app server's HandleConnection from blocking for every connection until the server closes. This change blocks only until the connection is closed.

Fixes gravitational/teleport-private#80 LAT-APP21-5: Insecure random number generation - updated rand call from rand.Reader.Read to rand.Read - changed length parameter name from len to l. - changed byte slice var name to b. - updated godoc

)

…10806) We do not publish pre-releases to apt repos, but we do publish them to github. That means we need to filter them out when considering if an apt release should be published. We don't want v8.3.3 to be blocked by v9.0.0-dev.1, only by v9.0.0. Honestly, this is a bit of a mess, but it only needs to hold out a bit longer until #10746 lands. Contributes to #10800 (cherry picked from commit 08bc483) Co-authored-by: Roman Tkachenko <roman@goteleport.com>

The upload completer scans for uploads that need to be completed, likely due to an error or process restart. Prior to this change, it only completed uploads that had 1 or more parts. Since completing an upload is what cleans up the directory on disk (or in the case of cloud storage, finishes the multipart upload), it was possible for us to leave behind empty directories (or multipart uploads) for uploads with no parts. This change makes it valid to complete uploads with no parts, which ensures that these directories get cleaned up. Also fix an issue with the GCS uploader, which failed to properly calculate the upload ID from the path. This is because strings.Split(s, "/") returns an empty string as the last element when s ends with a /. Updates #9646

When completing a file-based upload, open the parts files one at a time and write them to the upload, closing each file before opening the next one. This is preferrable to opening them all at once and closing all files at the end, because it consumes less file descriptors. Updates #10660

* Clarify Cloud compatibility in the VS Code guide - Mention Teleport Cloud in the guide's Prerequisites section - Add a warning for Cloud users re: the tsh config command Also add misc style and clarity tweaks. * Respond to PR feedback * Address PR feedback - Fix spelling - Clarify the username you should use in the ssh command * Appease the linter

) (#10847)

webvictim · 2022-03-05T01:09:31Z

Opened this one against the wrong branch 🤦‍♂️

r0mant and others added 30 commits December 13, 2021 13:00

Release 8.0.4 (#9368)

f630d06

* Update oxy * Do not allow MySQL COM_CHANGE_USER command * Add support for all MongoDB wire messages * Release 8.0.4

Drone fix (#84)

3389e02

Release 8.0.5

0e304c3

Post Release 1/4 (#9005)

c1fe312

* Updated version of Teleport in docs. * Updated supported version of Teleport in docs.

[v8] Add ability to run Postgres and Mongo proxy on separate listeners (

6975fa5

#9341)

[auto] Update webassets in branch/v8

af90b29

41fbc6e [backport v8] Update e-ref for TOTP Invite/Reset Fix (#505) gravitational/webapps@41fbc6e [source: -w teleport-v8] [target: -t branch/v8]

Update AWS CLI application access docs ref (#8634) (#9396)

dd80e8c

Updated CHANGELOG.md.

a350fed

Release 8.0.6.

807c6d6

Fix confusing port example in standalone docs

3c90983

External listeners should always be on port 3026, not 3027. This `kube_public_addr` doesn't conform and is causing confusion.

Update which pull request events to trigger workflow on

420f381

Don't run workflows on draft PRs

4a11cc8

Trigger on ready_for_review event

827d24d

Add synchronize event

d41e8d3

Change invalid TOTP message

34a091c

Fix NO_PROXY addr logic (#9287) (#9394)

19a68e4

Do not parse MySQL server packets (#9411)

ac6b6f0

[v8] Prevent infinite dialing to Auth (#9403)

913a881

[v8] Backport of #9254

Add Videos to Teleport Desktop Access (#9374)

4105120

Avoid "Entering/Leaving directory" output in Make (#9246) (#9424)

0775475

[Backport v8] Create a blast radius reduction guide (#9430)

45c4540

* Create a blast radius reduction guide This is the first guide within the "Security" subsection within the "Setup" section of the docs site. Closes #9055 * Respond to PR feedback

[branch/v8] Backport #8840 (#9395)

0cd95f7

* Allow a configurable event TTL in DynamoDB (#8840) * Split dev tools into a seperate docker container (#9410)

feat: ListResources gRPC rpc (#9096) (#9458)

e06874c

Fix CryptoRandomHex function (#9186) (#9433)

19c2114

Fixes gravitational/teleport-private#80 LAT-APP21-5: Insecure random number generation - updated rand call from rand.Reader.Read to rand.Read - changed length parameter name from len to l. - changed byte slice var name to b. - updated godoc

r0mant and others added 8 commits March 3, 2022 22:58

Improve HA behavior of database agents in leaf clusters (#10641) (#10770

ad55e5e

)

Restore docs deply hook (#10839)

5b3e5b0

Fix DynamoDB getAllRecords logic when 1MB query limit is reached (#10726

3be5eec

) (#10847)

helm: Add details on AWS ACM to AWS guide

572529c

webvictim requested review from klizhentas, russjones, r0mant and zmb3 as code owners March 4, 2022 17:51

github-actions bot requested review from ptgott and xinding33 March 4, 2022 17:52

Update --set syntax

669dcc8

webvictim closed this Mar 5, 2022

webvictim changed the title ~~gus/docs/helm aws acm~~ Opened in error Apr 11, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Opened in error #10856

Opened in error #10856

webvictim commented Mar 4, 2022

webvictim commented Mar 5, 2022

Opened in error #10856

Opened in error #10856

Conversation

webvictim commented Mar 4, 2022

webvictim commented Mar 5, 2022