Releases: openbao/openbao
Releases · openbao/openbao
v2.0.0
Note:
- This release does not ship with the UI enabled. The UI will be available in the future. #129
- This release provides initial support for artifact signing.
- OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request.
- OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found here.
- The
v2.0.0
tag was originally pushed as commit 7e0e830; changes to the workflows needed to occur causingv2.0.0
to be re-tagged as commit 700fe3f. If a local copy was pulled with this tag, please rungit tag -d v2.0.0 && git fetch origin tag v2.0.0
to update to the correct commit. No code changes occurred between these two releases.
Changelog over v2.0.0-beta
- 7e40243: Add GOOS matrix to release workflow (#411) (@cipherboy)
- 5c7b08d: Bump actions/configure-pages from 4 to 5 (#370) (@dependabot[bot])
- 9a4c16e: Bump actions/github-script from 6.4.1 to 7.0.1 (#198) (@dependabot[bot])
- 0852db8: Bump actions/upload-artifact from 3.1.2 to 4.3.3 (#376) (@dependabot[bot])
- 84b25c2: Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#395) (@dependabot[bot])
- 5412ae6: Bump browser-actions/setup-chrome from 1.5.0 to 1.7.1 (#377) (@dependabot[bot])
- eb709ea: Bump test-summary/action from 2.1 to 2.3 (#199) (@dependabot[bot])
- f8b0953: Bump test-summary/action from 2.2 to 2.4 (#387) (@dependabot[bot])
- d7130e1: Clarify fork point in FAQ (#392) (@cipherboy)
- 4dc1fa0: Downgrade test-summary/action from 2.3 to 2.2 (#381) (@JanMa)
- 9a3a3a4: Fix artifact signing, use default runner (@cipherboy)
- 700fe3f: Gate Docker steps behind GOOS (#412) (@cipherboy)
- 22c93f7: Remove cross-cluster revocation from PKI (#365) (@cipherboy)
- ac47724: Remove mlock and replace with cgroups (#363) (@IohannesArnold)
- 7e0e830: Update Go version, changelog, modules for GA (#410) (@cipherboy)
- 603efd3: Update docs to include mlock removal RFC (#391) (@IohannesArnold)
- 7276406: docs(token): document the token format (#372) (@nobe4)
- 1971309: fix release asset parsing for download page (#378) (@JanMa)
- f0288a1: set bao binary version info with Goreleaser (#401) (@JanMa)
- b2b9021: update website dependencies (#368) (@JanMa)
v2.0.0-beta20240618
This release is for development and testing only
Note:
- This release does not ship with the UI enabled. The UI will be available in the future. #129
- This release provides beta support for artifact signing. Artifact signing will be stable in the next GA release of OpenBao.
- OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request.
- OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found here
Changelog
- a5e299d: Add changelog entry for #313 (@ruuda)
- ec9b2e8: Added Dockerhub and quay.io to goreleaser ( <>)
- 26a0717: Added changelog for Docker registries ( <>)
- ee45b4d: Adding OpenBao's new maintainers, working group, and tsc voting member. (@naphelps)
- 8578e57: Adding linux/ppc64le and linux/s390x support. Adding sbom support for all artifacts. Updated Docker base image versions. (@naphelps)
- 37cafcd: Adding sbom support to the release process. (@naphelps)
- 6cd4807: Avoid invoking token helper on login (@ruuda)
- 1800244: Bump actions/checkout from 3.5.3 to 4.1.7 (#367) (@dependabot[bot])
- 67dd84e: Bump go version to 1.22.4 (@cipherboy)
- 5ac7393: Clarify Integrated Storage is only backend (@IohannesArnold)
- cf73343: Complete the conversion of jwt plugin html responses to OpenBao (@DrDaveD)
- eea3d80: Correctly seek in raft's ListPage when after=. (@cipherboy)
- 553d045: Fix command usage docs (#364) (@Wouterkoorn)
- 9c8b041: Fix compatibility with Vault plugins (@cipherboy)
- 74c2ddd: Fix remote port information in plugins (@tsipinakis)
- 8499e4e: Fix tests for release and remove legacy build process (#362) (@cipherboy)
- 87aca6e: Fixed docker registry in build flow ( <>)
- 6b68e6c: Fixed typo in quay login ( <>)
- dec7a66: Fixing broken readme logo. (@naphelps)
- df55735: Issue 285: Corrected Viaccess-Orca's company name on website. (@naphelps)
- 8283776: Issue 330: Adding TSC Alternate. (@naphelps)
- dc3bea3: Issue 330: Adding TSC alternate. (@naphelps)
- bcb326e: Issue 330: Adding Technical Steering Committee members to the Contributing.md document. (@naphelps)
- bb70c6f: Issue 330: Fixed github account reference. (@naphelps)
- 7f838e9: Issue 358: Swapped Hashicorp's CoC for LF's. Added a Maintainers markdown file. (@naphelps)
- 1c194a1: Limit parallelism on goreleaser (@cipherboy)
- 99fc565: Remove "Migration pre 1.5.1" in docs (@IohannesArnold)
- 527fb9e: Remove references to tutorials (@cipherboy)
- c297148: Removed dragonfly from build process. Issues with os.signals. (@naphelps)
- f62d36c: Removed misc dash. (@naphelps)
- 15c4855: Revert "Remove Server Side Consistent Tokens (SSCTs)" (@cipherboy)
- 4d13206: Separating UBI from Alpine based images. Generalizing container organization for development/testing. (@naphelps)
- 53ff6ef: Set DisableSSCTokens=true as the default config (@cipherboy)
- f8dbc4b: Start a contributing guide with code layout (@cipherboy)
- 0bb52bf: Update use-cases.mdx (@goldenson)
- 1c37b6d: Updated github action to log into all registries ( <>)
- 637519c: Updated workflow build to include other registries ( <>)
- 5a9f3c1: add 2.0.0-alpha20240329 release notes to website (@JanMa)
- 154c647: add download page to website (@JanMa)
- 5048f5e: add warning about missing UI to changelog (@JanMa)
- 94238c0: changed Docker registry to docker.io ( <>)
- 0534d95: chore: remove refs to deprecated io/ioutil (@testwill)
- 141bfca: cleanup unused static assets (@JanMa)
- 02e0c9b: download docker images from quay.io (@JanMa)
- 5a1d104: fix LF Edge Logo path in footer (@JanMa)
- 015bd84: remove unused images from website (@JanMa)
- feab8cb: update website dependencies (@JanMa)
- 44f445b: update website footer (@JanMa)
v2.0.0-alpha20240329
This release is for development and testing only
Note:
- This release does not ship with the UI enabled. The UI will be available in the future. #129
- This release does not support artifact signing. Artifact signing will be available in the next GA release of OpenBao.
- OpenBao does not provide support for Vault Enterprise features. If there is an enterprise feature you would like to see added to the project, please open a feature request.
- OpenBao is fully API compatible with Vault 1.14.9, and seal compatible with the plugins the project supports. Plugin support for OpenBao can be found here
What's Changed
- Adjust issue template and PR template to fit OpenBao by @Scorpil in #5
- Adjust static files to fit OpenBao by @Scorpil in #8
- Replace Vault with OpenBao by @jmls in #10
- Update go mod ref by @jbutlerdev in #2
- gofmt entire project by @alrs in #28
- Replace Vault with OpenBao in API docs by @JanMa in #22
- Remove vault-enterprise test by @cipherboy in #52
- replace Vault with OpenBao in documentation by @JanMa in #44
- Fix duplicate raft-boltdb declaration by @cipherboy in #58
- Switch to new openbao/go-kms-wrapping repository by @cipherboy in #59
- Re-add stepwise to sdk by @cipherboy in #57
- Remove HCP Link from OpenBao by @cipherboy in #63
- Fix API & SDK failing tests by @cipherboy in #62
- Remove Enterprise documentation by @JanMa in #65
- Clean up CODEOWNERS, remove last changelog entries by @cipherboy in #70
- Remove Enos Test Scenarios by @cipherboy in #83
- Adding Basic SBOM Support by @naphelps in #95
- Part 1/n - Remove non-raft storage backends by @cipherboy in #99
- Part 2/n - Remove non-OSI database plugins by @cipherboy in #100
- Part 3/n - Remove auth plugins by @cipherboy in #101
- Part 4/n - Remove secrets plugins by @cipherboy in #102
- Part 5/n - Add jwt plugin by @cipherboy in #103
- Part 6/n - Add kerberos plugin by @cipherboy in #104
- Part 7/n - Add kubernetes auth plugin by @cipherboy in #105
- Part 8/n - Add redis plugin by @cipherboy in #106
- Part 9/n - Add kubernetes secret plugin by @cipherboy in #107
- Part 10/n - Add openldap plugin by @cipherboy in #108
- Part 11/n - Add K/V Secrets Engine by @cipherboy in #109
- Part 13/n - Remove non-OSI auth methods from API by @cipherboy in #111
- Part 14/n - Remove last references to MongoDB by @cipherboy in #112
- Part 15/n - Minor plugin related changes by @cipherboy in #113
- Part 16/n - Use kv plugin for tests by @cipherboy in #114
- Part 17/17 - Move testIdentityStore to use AppRole instead of GitHub by @cipherboy in #115
- Add proposals to documentation website by @cipherboy in #122
- feat: rename Vault to OpenBao in build files by @kvendingoldo in #45
- Rename Vault->OpenBao in API field descriptions by @cipherboy in #72
- delete docs of removed plugins by @JanMa in #116
- Remove patch for SHA-1 certificates by @cipherboy in #119
- Remove upstream's upgrading guides and release notes by @cipherboy in #123
- Update lf-edge/openbao to openbao/openbao as GH Org reference by @cipherboy in #131
- Fix plugin versioning, references to bao on CLI, version number by @cipherboy in #132
- Add support to Transit, keysutil for XChaCha20-Poly1305 by @cipherboy in #36
- pki: Preserve ordering of submitted SAN names by @cipherboy in #50
- Forbid v1 & v2 convergent keys in Transit by @cipherboy in #85
- Remove old version docs by @JanMa in #137
- Cleanup more obsolete docs by @JanMa in #141
- Allow setting KeyUsage, ExtKeyUsage on CAs by @cipherboy in #76
- Move to Go 1.22.0 by @cipherboy in #124
- Update to protoc-gen-go-v1.31.0 by @cipherboy in #135
- Add accepted migration policy by @cipherboy in #144
- Transit: Fix bug where locks were not being freed on specific operations - with tests by @cipherboy in #139
- Update Vault->OpenBao in the UI by @cipherboy in #128
- fork: Rename Environment Variables by @Mab879 in #138
- Use api.ReadBaoVariable everywhere by @cipherboy in #157
- Fix running API, SDK tests & vetting by @cipherboy in #155
- Build new website for documentation by @JanMa in #156
- Run external tools directly by @cipherboy in #159
- Swap hashicorp/consul-template to openbao/openbao-template by @cipherboy in #160
- Remove Consul storage backend test helper by @cipherboy in #165
- Remove last of the BUSL code by @cipherboy in #166
- Remove Consul service registration by @cipherboy in #167
- Correctly validate leaf certificate trust by @cipherboy in #173
- Fix CI Pipelines, remove references to HashiCorp Infrastructure by @cipherboy in #168
- Fork: Remove 'Enterprise' and related references from user-visible codebase by @Gabrielopesantos in #142
- Remove workflow permission requirements by @cipherboy in #177
- Fix vulnerable dependencies in core, api/, and sdk/ by @cipherboy in #183
- Add Shamir's to shared sdk/, fix titles in API & SDK READMEs by @cipherboy in #181
- Fix OpenBao OIDC followed by Google OIDC not working on Android by @siepkes in #185
- Issue 174: Adding source-available licensing policy to contributing by @naphelps in #175
- Temporarily remove UI from release pipelines by @cipherboy in #190
- Bump actions/go-dependency-submission from 2.0.0 to 2.0.1 by @dependabot in #179
- Bump browser-actions/setup-chrome from 1.2.0 to 1.5.0 by @dependabot in #145
- Bump actions/download-artifact from 3.0.2 to 4.1.4 by @dependabot in #178
- Remove remaining permissions issues in pipelines by @cipherboy in #191
- Remove Performance Secondary, DR Secondary consts by @cipherboy in #193
- Remove activity log from OpenBao by @cipherboy in #194
- Remove eventing & experimental subsystems by @cipherboy in #195
- Remove references to enterprise in vault/ by @cipherboy in #197
- Transit: Remove enterprise no-ops references from API and SDK by @Gabrielopesantos in #196
- PKI: Remove references to managed keys and enterprise no-ops functions by @Gabrielopesantos in #169
- Remove Server Side Consistent Tokens (SSCTs) by @cipherboy in #203
- Improvements to Shamir's implementation by @cipherboy in #210
- Add soft deletion of Transit keys by @cipherboy in #211
- Allow customizing key export format in Transit by @cipherboy in #212
- Document 404 is also an empty list by @cipherboy in #214
- Add delta CRL distribution point extension by @cipherboy in #215
- Fix running external binary tests in CI by @cipherboy in #216
- Fix Solaris and remove i386 builds by @cipherboy in #205
- Docs - Clarify behavior of role'...