Do not use this version. This version has a database schema migration error that will be fixed in an upcoming patch release.
Helm Support! This version of SHIELD ships with OCI Docker
images that can be used in the new (Beta!) helm chart for
SHIELD. See https://github.com/shieldproject/helm for more
details, and to give it a spin yourself.
The SHIELD Core can now be configured almost entirely through
environment variables, for ease of configuration in Docker,
Compose, and even Kubernetes.
We have a new Prometheus-compatible metrics exporter, accessible
/metrics, and governed by a separate set of HTTP Basic Auth
fabrics array in the configuration file has been replaced with
Previously, configuration for this would look like
fabrics: - name: legacy ssh-key: | -----BEGIN RSA PRIVATE KEY----- kEy -----END RSA PRIVATE KEY-----
Now, that should be configured like the following:
legacy-agents: enabled: true private-key: | -----BEGIN RSA PRIVATE KEY----- kEy -----END RSA PRIVATE KEY-----
Agent SSH is now constrained to a more secure set of message
authentication codes (MACs). Specifically, we got rid of one
embarassing 96-bit MAC algorithm. Ooof!
Several quality-of-life improvements were made to the web UI
and message bus / websocket implementations. In general, the
web interface is easier to use and more robust now.
Old task logs and purged archives will now be removed from the
database after a minimum retention period has passed. If you've
been with us since the 0.x days, this update is for you, and
we're sorry it's taken us so long to do this type of cleanup.
The SHIELD IP Address (which gets less and less relevant every
day) is no longer reported via the API / web UI.
Uncompressed backups can now properly be restored.
pausedfields of the Jobs table now no
longer allows NULL values, landing us squarely back in the
territory of booleanitude -- things are either true or false;
there is no maybe.
Negative daily storage increases now properly convert to kilo-,
mega-, and giga- units, to help humans understand magnitude.
api.session.timeoutvalue is now interpreted properly as
seconds, not hours. This effectively means that sessions now
expire when they ought to, not several orders of magnitude