Changes
- Improved container security: Rauthy is based off a Scratch container image by default now. This improved the security
quite a lot, since you cannot even get a shell into the container anymore, and it reduced the image size by another
~4MB.
This makes it difficult however if you need to debug something, for instance when you use a SQLite deployment. For this reason, you can append-debug
to a tag
and you will get an Alpine based version just like before.
1a7e79d - More stable HA deployment: In some specific K8s HA deployments, the default HTTP2 keep-alive's from
redhac were not good enough and we got broken pipes in some environments which
caused the leader to change often. This has been fixed in redhac-0.6.0
too, which at the same time makes Rauthy HA really stable now. - The client branding section in the UI has better responsiveness for smaller screens
dfaa23a - For a HA deployment, cache modifications are now using proper HA cache functions. These default back to the single
instance functions in non-HA mode since redhac-0.6.0
7dae043 - All static UI files are now precompressed with gzip and brotli to use even fewer resources
10ad51a - CSP script-src unsafe-inline was removed in favor of custom nonce's
7de918d - UI migrated to Svelte 4
21f73ab
New Docker images:
Default (now based on Scratch)
sdobedev/rauthy:0.13.0@sha256:a374b592b4e489d13eaf7d1b9154e0346303c82f615341cf8e6cfc57a286b38a
Debug Image
sdobedev/rauthy:0.13.0@sha256:29882a03b90b9339a02bbd4ee2a8a96f23beb2d27b1cae14c603e32d4e249fa2