v0.27.0

Changes since v0.26.0

Upgrade notes

• Automated secrets rotation - this release introduces automated secrets rotation for improved security. See the updated production.md for a list of secrets that still require manual rotation. This also introduces a new monitoring metric for forward-progress on secrets rotation. The initial terraform apply may fail on the en-alerting module due to the missing metric. You can proceed with the deploy, manually invoke the rotation-secrets worker, and then re-run Terraform to pick up the changes.

  As part of this upgrade, you may encounter errors like the following while running Terraform:

  The metric referenced by the provided filter is unknown.
  

  You can safely ignore this error for now. Continue with the deploy and then, after the service has been deployed, wait 15 minutes and re-run Terraform to create the metrics and alerts.

• Terraform 0.15 - the Terraform configurations are only tested against Terraform v0.15+. If you are using Terraform 0.14+, please upgrade. While we don't intentionally depend on 0.15-only features, we are no longer testing the 0.14 series.

• Missing random provider - If you encounter the following error when applying Terraform:

  │ Error: Provider configuration not present
  │
  │ To work with module.en.THING (orphan) its original provider configuration at module.en.provider["registry.terraform.io/hashicorp/random"] is required, but it has been removed. This occurs when a provider
  │ configuration is removed while objects created by that provider still exist in the state. Re-add the provider configuration to destroy module.en.THING (orphan), after which you can remove the provider
  │ configuration again.
  

  You can safely remove the item from the state:

  terraform state rm module.en.THING
  

• Temporarily failing e2e-user-report. During the initial deployment, you may see errors in the logs that the e2e-user-report is failing. You can ignore these logs during the deployment. The worker should begin functioning as-expected within 5 minutes of the complete deploy.

Enhancement

• Add automated secrets rotation.- This introduces automated rotation for most application-level secrets. Whereas previously it was the responsibility of server administrators to rotate secrets, the application will now rotate a variety of secrets on regular intervals for improved security. (#2039, @sethvargo)
• Add custom cookiestore codec for dynamically resolving secrets. (#2034, @sethvargo)
• Add secret models and structure to info page. (#2031, @sethvargo)
• Add secret resolver. (#2033, @sethvargo)
• Display feature statuses on system admin info page. (#2056, @sethvargo)
• Do not store firebase cookie and verify ID token is < 5min old. (#2024, @sethvargo)
• Extract key/secret bootstrapping from rotation controller into functions for seeding. (#2032, @sethvargo)
• Remove unused csrf token from Terraform. (#2025, @sethvargo)
• System admins can allow for a domain to have longer short code expiration times (up to 2 hours) and for that realm to edit their short code expiration time even if ENX is enabled (#2047, @mikehelmick)
• The configurable timing for NBF is also applied to IAT, accounting for clock skew between key and verification servers. (#2049, @mikehelmick)
• The not before (nbf) time on certificates is no configurable to account for clock skew between verification and key servers. (#2048, @mikehelmick)
• Unescape mobile app paths in UI. (#2036, @sethvargo)
• User-report types are part of the default accept list on the verify API now. (#2043, @mikehelmick)
• Begin tracking API key "last used" (#2022, @sethvargo)

Operations

• Fix an issue where adminapi metrics were not tagged with the realm ID. (#2041, @sethvargo)
• Handle gorm log at debug level instead of error. (#2023, @sethvargo)
• Handle string or log in gorm log type. (#2027, @sethvargo)
• Lowering threshold for hostdown alert (#2046, @bschlaman)

Infrastructure

• Adds end to end test runner for user-report if that feature is enabled. (#2040, @mikehelmick)
• Lower Cloud KMS database-encrypter rotation to 90d (#2019, @sethvargo)
• Use a wildcard for redirect domains. This fixes an issue for installations with more than 50 realms exceeding the limit on the URL map. (#2029, @sethvargo)

Docs

• Note that last_used_time has 15m granularity in the UI. (#2026, @sethvargo)
• Remove beta notice from authenticated SMS guide. (#2030, @sethvargo)

Bug or Regression

• Do not run email verification javascript until after load. This fixes an issue where users may be unable to verify their email address. (#2037, @sethvargo)

Misc

• Introduce function for getting the e2e-realm (if one exists). (#2020, @sethvargo)

Dependencies

Added

Nothing has changed.

Changed

• cloud.google.com/go/storage: v1.14.0 → v1.15.0
• github.com/Azure/azure-sdk-for-go: v53.1.0+incompatible → v53.4.0+incompatible
• github.com/Microsoft/go-winio: v0.4.16 → v0.5.0
• github.com/aws/aws-sdk-go: v1.38.17 → v1.38.25
• github.com/containerd/continuity: 93e1549 → v0.1.0
• github.com/google/exposure-notifications-server: v0.26.0 → v0.27.0
• github.com/lib/pq: v1.10.0 → v1.10.1
• github.com/microcosm-cc/bluemonday: v1.0.6 → v1.0.9
• github.com/prometheus/common: v0.20.0 → v0.21.0
• github.com/sethvargo/go-envconfig: v0.3.4 → v0.3.5
• golang.org/x/crypto: 0c34fe9 → 83a5a9b
• golang.org/x/net: afb366f → 5f58ad6
• golang.org/x/oauth2: 2e8d934 → 5e61552
• golang.org/x/sys: 5e06dd2 → c94f622
• google.golang.org/api: v0.44.0 → v0.45.0
• google.golang.org/genproto: e86de6b → 3a41ef9

Removed

Nothing has changed.