New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release 2018-10-25 #500
Merged
Merged
Release 2018-10-25 #500
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Fix stack.yaml: drop redundant version pinning. * Fix stack.yaml: drop outdated version pinning. lts-11.13 has tasty-1.0.1.1, not 1.0.0.1. weirdly, the older version led to compilation errors in brig integration tests. i have no explanation for why this didn't show up in #478. * Trigger CI
* Add Imports and migrate cargohold, gundeck, proxy * Fix warnings * Rebuild
- Implement binding users to sso identities. - Fix: make public URLs of SP non-team-specific (this reverts part of #470). - Fix: distinguish end-points initiate-login, initiate-bind. - Fix: dynamic type error (which mysteriously went unnoticed for quite a while). - Fix: derive SP Issuer from opts at start time, not in the request handler. - Work on integration tests. - Move a bunch of types from Spar.API to new Spar.API.Types. - Move a bunch of types from Spar.Options to new Spar.Types. - Restrict module exports.
* Simplify, clarify test email address construction. Document distinction between trusted and untrusted emails. Make it harder for test authors to confuse the two. 'registerUser': instead of taking an argument and requesting that the argument be "success@simulator.amazonzes.com"... don't take the argument. :-) * Make validateEmail both shorter and more helpful. * Fix `make run-docker-build` rule. docker exited with non-0 here in situations where you didn't want to trigger a local build and then re-run. now it's more manual, but also easier to understand what the rule does. * alpine-builder stack config (Fixup dfbcd4f) Setting the stack-work inside docker is important for those of us who run integration tests interactively on this image. Without it, running integration tests destroys the default `.stack-work` that is used from outside docker because it is faster. * Explain alpine-builder Dockerfile better.
* Spar cleanup. - separate config and idpconfig - remove application logic from interface for storing requests / assertions. - connect C* tests to C* directly, without going via internal api end-points. - completely rewrite DataSpec.hs, factor out AppSpec.hs. - add helpers to run Spar actions from inside TestSpar. - replace microlens with lens (on recommendation of the author). - bump saml2-web-sso dep.
nginz exposes the `/sso/` prefix without authentication, but the bind end-point needs to be authenticated. so we give it its own prefix `/sso-initiate-bind/` prefix.
Upgrade to the lastest `cql-io`. There are multiple reasons for upgrading, see [the changelog](https://gitlab.com/twittner/cql-io/blob/develop/CHANGELOG#L1-23). One reason is to try out the changes from [this MR](https://gitlab.com/twittner/cql-io/merge_requests/14) relating to the problem described [here](https://gitlab.com/twittner/cql-io/issues/21). To this end, `initialContactsDNS` is no longer used, so that cql-io can re-resolve the DNS upon losing a control connection. (I tried this out locally by adding an entry to `/etc/hosts`, connecting via DNS, then changing the bind IP of the underlying cassandra - this works as advertised.) One change done was to map the existing usage of `x1` to `defaultRetrySettings` and `x5` to `eagerRetrySettings`. As commented on `x5`, it is only safe to use this on idempotent queries. Upon inspection of our current queries using x5, it appears all of these queries are idempotent. Side-effects: * switch from `MonadBaseControl` and `Control.Concurrent.*` to `UnliftIO.*` everywhere (thanks @neongreen).
* Fix: re-authentication for password-less users. * Fix: names. * Add a roundtrip unit test. * Fix: integration test behavior has changed. * Add galley integration tests for password-less users. * Add brig integration tests for password-less users.
* Spar: make it an error for the idp request uri to not be https. * Fix: prometheus end-point must be `/metrics`. * bump saml2-web-sso dep.
* Cleanup; add failing test case. * Fix: spar https test. * Fixup
There should be a new release with the changelog and latest fix from develop. |
rebased the branch. |
(this is another benefit of the making the release on a dedicated release branch rather than develop.) |
tiago-loureiro
approved these changes
Oct 26, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New Features
SSO: team member deletion, team deletion do not require
the user to have chosen a password. (Needed for
SAML-authenticated team co-admins.) Fix reauth without password #497
SSO:
sso-initiate-bind
end-point for inviting ("binding")existing users to SAML auth. Fix: URI path for initiate-bind. #496
SSO: shell script for registering IdPs in wire-teams.
(
/deploy/services-demo/register_idp.sh
) Script for registering IdPs in wire teams. #489Allow setting a different endpoint for generating download links.
Allow setting a different endpoint for generating download links #480
Allow setting specific ports for SMTP and use different image for
SMTP. Allow setting specific ports for SMTP and use different image for SMTP #481
Route calls/config in the demo to brig. Route calls/config in the demo to brig #487
Internal Changes
Metrics for spar (service for SSO). Add metrics middleware to spar. #498
Upgrade to stackage lts-11. LTS 11, squashed #478
Upgrade cql-io library. Upgrade cql-io #495
Allow easily running tests against AWS. Allow easily running tests against AWS #482