github hashicorp/boundary v0.2.0
on GitHub

latest releases: v0.18.1, v0.18.0, v0.17.2...
3 years ago

0.2.0 (2021/04/14)

Deprecations/Changes

  • The auth-methods/<id>:authenticate:login action is deprecated and will be
    removed in a few releases. (Yes, this was meant to deprecate the
    authenticate action; apologies for going back on this!) To better support
    future auth methods, and especially the potential for plugins, rather than
    defining custom actions on the URL path the authenticate action will consume
    both a map of parameters but also a command parameter that specifies the
    type of command. This allows workflows that require multiple steps, such as
    OIDC, to not require custom subactions. Additionally, the credentials map in
    the authenticate action has been renamed attributes to better match other
    types of resources. credentials will still work for now but will be removed
    in a few releases. Finally, in the Go SDK, the Authenticate function now
    requires a command value to be passed in.
  • Related to the above change, the output of an API
    auth-methods/<id>:authenticate call will return the given command value
    and a map of attributes that depend on the given command. On the SDK side, the
    output of the Authenticate function returns a map, from which a concrete
    type can be easily umarshaled (see the updated authenticate password command
    for an example).
  • Anonymous scope/auth method listing: When listing auth methods and scopes
    without authentication (that is, as the anonymous user u_anon), only
    information necessary for navigation to an auth method and authenticating to
    the auth method is now output. Granting u_anon list access to other resource
    types will not currently filter any information out.

New and Improved

  • cli/api/sdk: New OIDC auth method type added with support for create, read,
    update, delete, and list (see new cli oidc subcommands available on CRUDL
    operations for examples).
    PR
  • cli: support to login using an OIDC auth method (see the new authenticate password oidc subcommand for an example)
    PR
  • server: When performing recursive listing, list action is not longer
    required to be granted to the calling user. Instead, the given scope acts as
    the root point (so only results under that scope will be shown), and list
    grant is evaluated per-scope.
    PR
  • database init: If the database is already initialized, return 0 as the exit
    code. This matches how the database migrate command works.
    PR

Bug Fixes

  • server: Roles for auto generated scopes are now generated at database init.
    PR
  • cli: Don't panic on certain commands when outputting in json format
    (Issue,
    PR)
Check out latest releases or
releases around hashicorp/boundary v0.2.0

Don't miss a new boundary release

NewReleases is sending notifications on new releases.

Get notifications