This repository has been archived by the owner on Oct 6, 2019. It is now read-only.
Releases: Caiyeon/goldfish
Releases · Caiyeon/goldfish
v0.9.0
Summary:
The deployment config file has slightly changed. The certificate information has been moved to its own struct. Check this wiki page for samples, or the sample config file
Goldfish now also accepts non-approle tokens for deployment. They still must be wrapped. The procedures for bootstrapping are identical, goldfish will determine whether the token is approle or not. The recommended bootstrap method is still an approle token, and therefore deployment instructions on wiki pages will remain in approle fashion.
Fixes:
- 1718640 Fixed a bug in token creator regarding periodic TTLs
- e63d3e1 PKI integration now includes the
issuing_cafield, for a full certificate chain
Features:
- 9c75ad5 Allow custom login paths (#185)
- ca3d9a0 Support for Vault with custom CA certs (#220)
- 089caa6 Support for bootstrapping with a non-approle wrapped token (#222)
- 143f6f3 Support
ip_sansandalt_namesfields to PKI integration (#223) - 5280814 Added explicit
common_namefield to PKI integration - ee66442 Allow for multi-line pastes in secret input boxes (#234)
- f64ef16 Added warning notification for users when their token is about to expire
- dd2576b Added a revoke-self button on login page
Misc:
- 35184cc Fixed misaligned footer on low-resolution screens
- 344fca9 Secrets page inputs made monospace (#235)
- ad4d0ce Corrected sort triangle orientation (#236)
- 803e758 Vault API updated to v0.9.3
- 888c28b Added self-compile instructions
- cf72faa Updated VueJS to v2.5.13
- 0de45b3 Minor text changes
Verifications:
SHA256 sum of binaries:
- goldfish-linux-amd64:
a716db6277afcac21a404b6155d0c52b1d633f27d39fba240aae4b9d67d70943 - goldfish-windows-amd64.exe:
1a270bda441168e17d96952c78a24725ccd40c637b702e8e27e3ab5d664de10b
v0.8.0
Summary:
v0.8.0 brings some security updates and new features to the frontend.
Deployment steps remain the same.
Notes:
- TLS1.0, TLS1.1 have been disabled (#205)
- DES/3DES ciphersuites have been disabled (#205)
- Goldfish can now fetch its certificates from vault's PKI backend (#143)
Fixes:
- f9ef8c6 Fixed a bug with editing non-string secret values
- 6d893df Disabled TLS1.0 and TLS1.1, and disabled deprecated ciphersuites (#205)
- 8e4b003 Fixed non-critical panics when an authentication backend is empty
Features:
- b693f7d Allow using certificates from PKI backend (#143)
- 3d5cc83 Allow sorting secrets alphabetically (#200)
- e1e22a8 Updated frontend to Bulma v0.6.1 (Color-scheme changed as a result)
- 250c15a User (tokens, userpass, etc.) page modal views have been filled out with details (#210)
- 2914960 Line-by-line diff views added to policy requests
- Syntax highlight and diff don't play ball together. Pull requests are welcome (#192)
- 7762cba Smart search (policies page) got a lot smarter (#212)
- Goldfish now borrows Vault's core code to check for a policy's capabilities on a path
Misc:
- c7a17b8 Fixed icon alignments (#182)
- 47a4a8a Favicon added (#168)
- ceef80c Added screenshots and very basic frontend integration testing with Chromeless (#184)
- 3caaed9 Secrets (key and value) boxes have been made monospace (#189)
- 40632e2 Added confirmation to deleting multiple secrets (#196)
- 715de22 Fixed typos
- abc52a5 Frontend assets are now built with node v8.2.0+
- 2cf9d6d Added confirmations for deleting single secret
- c37d8ff Vault API updated to v0.9.0
v0.8.0-rc1
This is a release candidate only! Deployment steps remain the same.
Notes:
- TLS1.0, TLS1.1 have been disabled (#205)
- DES/3DES ciphersuites have been disabled (#205)
- Goldfish can now fetch its certificates from vault's PKI backend (#143)
- This feature requires a vault token (i.e. bootstrapping) to be provided at launch time
- See the sample config file for usage
Fixes:
- f9ef8c6 Fixed a bug with editing non-string secret values
- 6d893df Disabled TLS1.0 and TLS1.1, and disabled deprecated ciphersuites (#205)
Features:
- b693f7d Allow using certificates from PKI backend (#143)
- 3d5cc83 Allow sorting secrets by type and name (#200)
Misc:
- c7a17b8 Fixed icon alignments (#182)
- 47a4a8a Favicon added (#168)
- ceef80c Added screenshots and very basic frontend integration testing with Chromeless (#184)
- 3caaed9 Secrets (key and value) boxes have been made monospace (#189)
- 40632e2 Added confirmation to deleting multiple secrets (#196)
- 715de22 Fixed typos
v0.7.4
Deployment steps are unchanged. Simply change your URL's version number and redeploy.
Fixes:
Features:
Misc:
v0.7.3
v0.7.2
v0.7.1
Deployment steps are unchanged. Simply change your URL's version number and redeploy.
Fixes:
- 0bf4e9f Fixed decoding on token requests
- 2c2cf30 Fixed Github login error
- 0d24c91 Fixed leaking file descriptor
- 3b46f0f Fixed #159
Major:
- 0f3ae97 Added support for nomad bootstrap file
- 0b00478 Requested tokens are orphaned by default
- 21933d5 Allow multi-select on secrets page - #153
- c1dc09e Allow multi-delete on secrets page - #153
- 76f0496 4294d93 Secrets page navigation changed to query parameters in url - #151
- This allows for back & forward button navigation, and for URLs to load secrets directly
Minor:
v0.7.1-rc1
This is a release candidate only!
Deployment steps are unchanged
Fixes:
- 0bf4e9f Fixed decoding on token requests
- 2c2cf30 Fixed Github login error
- 0d24c91 Fixed leaking file descriptor
Major:
- 0f3ae97 Added support for nomad bootstrap file
- 0b00478 Requested tokens are orphaned by default
- 21933d5 Allow multi-select on secrets page - #153
- c1dc09e Allow multi-delete on secrets page - #153
- 76f0496 4294d93 Secrets page navigation changed to query parameters in url - #151
- This allows for back & forward button navigation, and for URLs to load secrets directly
Minor:
v0.7.0
v0.7.0 brings an expanded requests system. Users can now request for:
- Creating a new policy
- Deleting an existing policy
- Creating a vault token (must be wrapped)
- This means you can generate a root token in seconds!
Deployment steps are identical to that of v0.6.0
Fixes:
- 64d74d4 Granular mutexes added to request system to prevent race condition
- 5cfebf0 Fixed 404 in renew button in nav bar
- 19c536c Fixed periodic entry in token creator
- cddc6f6 Fixed the
too many open fileserror #149
Major:
- dba9ca5 Revamped request system
- There are 20+ commits for this, unlisted for conciseness
- 390ec54 Added policy deletion request
- 01a86da Added policy creation request
- 5c8962a bd767ad Added token creation to requests system
- Accessible in token creator page
- 9bc367c Add orphan option to token creator #138
- 197a3eb Okta login support #146
Minor:
- da8b0c0 Updated VueJS to 2.4.2
- e011a1c Added confirmation button to deleting secrets
- 8e7869f Added goldfish version update checks from GitHub
- 21880fe Development script launches vault with 5 unseal keys instead of 1
- 5033594 Added a reset button to dependencies page
- a028612 Viewing
Userspage will no longer load the first page of tokens immediately
v0.7.0-rc1
v0.7.0 brings an expanded requests system. Users can now request for:
- Creating a new policy
- Deleting an existing policy
- Creating a vault token (must be wrapped)
- This means you can generate a root token in seconds!
Deployment steps are identical to that of v0.6.0
Fixes:
- 64d74d4 Granular mutexes added to request system to prevent race condition
- 5cfebf0 Fixed 404 in renew button in nav bar
Major:
- dba9ca5 Revamped request system
- There are 20+ commits for this, unlisted for conciseness
- 390ec54 Added policy deletion request
- 01a86da Added policy creation request
- 5c8962a bd767ad Added token creation to requests system
- Accessible in token creator page
- 9bc367c Add orphan option to token creator #138