Important Note: A regression has been reported by some users regarding cf login
. We are currently reviewing this issue and are likely to release a patch. It is not recommended to use 6.47.0
.
Note: this release does not include the Windows installer because we are in the middle of renewing the certificate. We are currently working to include the Windows installer in the next release. Please reach out on Slack Cloud Foundry #cli if you have feedback or questions.
Package Manager Installation
Installers
Binaries
Change Log
Installers
Note this release does not include the Windows installer because we are in the middle of renewing the certificate. We are currently working to include the Windows installer in the next release. Please reach out on Slack Cloud Foundry #cli if you have feedback or questions.
CF Login Refactor
In order to prepare for an upcoming feature for cf login
, and to support the v7 beta cf CLI effort, the cf CLI embarked on a refactor of cf login
.
User-facing changes include:
cf login
is backed by the v3 API for calling resources such asorgs
andspaces
- this is in accordance with our minimum version policy- instead of outputting the
v2
version of the api in theAPI endpoint
information, we now output the correspondingv3
version - improving and restructuring error messages where possible to improve user experience and consistency. For example:
- if we detect your minimum version is outside our window of support, we've added additional text to inform you where to download the newer version of the cf CLI. story
- when using
--skip-ssl-validation
, we've added thehttps
protocol to the error message, and we've changedTIP
to prompt you to usecf login
instead ofcf api
for for consistency. story - moving
FAILED
after the error output - if you have less than 50 orgs and spaces, positive integers at the prompts will always be used as a list index. story
- if you have more than 50 orgs and spaces, numbers at the space prompt will always be interpreted as a space name. story
- subtle changes to UX. Examples include:
- replacing
>
with:
for prompts - removing flavor text from the
>
prompts and the final output to confirmAPI endpoint
,User
,Org
,Space
- replacing
- warnings and errors will consistently be outputted to stderr instead of stdout
- when using
CTRL-C
to exit the prompt, the^C
no longer echos in the prompt field. story - when you attempt to login with
cf login
, the configuration file is updated once after authentication succeeds, and then again when the entire command completes successfully. For example, if you attempt to login withcf l -a api.cli.fun
and you hitCTRL-C
at the following prompt, then the CLI will no longer write the api version and endpoint to the config file. If you hitCTRL-C
at the prompt to choose an organization, the config file will be updated with the new API endpoints and access tokens [story] (https://www.pivotaltracker.com/story/show/163101114) - users can now pipe input into username and password prompts for
cf login
. story
Non user-facing changes of note:
AuthorizationEndpoint
changed fromuaa
tologin
in the config changed due to API updates storySSHOAuthClient
changed fromssh-proxy
to""
this field is not configurable by the user story
Deprecation of custom client workflow
This release adds a deprecation notice to login
and auth
for "custom client workflows". In an early version of the cf CLI, support was added to allow users to extend their refresh token by writing secrets to their config.json. Since this is a security concern, in cf CLI release 6.44.0
onwards we've changed this behavior such that the default refresh token expires within 12 hours, which we believe, is sufficient for most pipelines to run. If users require a longer-lived token, see the UAAC documentation. More details about this can be found here.
In v7 cf CLI, we will completely remove the functionality to write secrets to the config.json in order to obtain a longer-lived refresh token.
Enhancements:
- Since usernames are not unique, users with the same name can exist in different external identity providers. This release supports a new flag on
login
:--origin
which allow users to disambiguate the user and identity provider they want to log in to. story - Adds a deprecation warning to
cf login
andcf auth
for custom clients. In CLI V7, we are encouraging users to adopt the client credential workflow because it is more secure (secrets are not written to the config). story and story - If you are not logged in and attempt to run commands, now a slightly more verbose output appears to prompt the user to run either
'cf login' or 'cf login --sso' to log in.
. story - the
CF_DIAL_TIMEOUT
default has been updated from5
to6
seconds to avoid race conditions story
Bug Fixes:
create-buildpack
will now retry if attempting to create a large buildpack and the fresh token is about to expire story- now when you push an application with a buildpack, and if you delete the buildpack, and then subsequently push the same app with multiple buildpacks,
push
should stage your app story
Plugins:
- Updates multiapps plugin to 2.1.2 plugin story
- Updates SCS CF CLI plugin to v1.0.22 story
- Updates cfdev to 0.0.17 story
Note: For users who are scripting using the cf CLI, we advise usage of the cf auth
command as cf login
is an interactive command which does not lend well to automation.
Contributors: Brendan Smith, Abby Chau, Andrew Crump, Alexander Berezovsky, Steve Taylor, Jenna Goldstrich, Eric Promislow, SAPI team (Aarti Kriplani, Alex Blease, George Blue, Georgi Lozev, Henry Stanley, Nikolay Maslarski, Will Martin) for all the services-related work, and Simon Seif (thanks for the pull request!),
Note: The minimum version of the CC API this CF CLI release is compatible with is CC API v2.100.0 (3.35). See our minimum supported version policy for more information.