IMPROVEMENTS:
- Add
scope
field touser_token/<username>
to allows override of token scope. PR: #192
IMPROVEMENTS:
- Make
access_token
field toconfig/admin
optional for path. This allows the plugin to be configured without requiring an admin access token even if the plugin is used only to generate user token using identity token withconfig/user_token
path. PR: #189
IMPROVEMENTS:
- Add
force_revocable
field toconfig/admin
,config/user_token
, andconfig/user_token/<username>
paths. Issue: #174 PR: #147, #175
IMPROVEMENTS:
- Add
allow_scope_override
field toconfig/admin
path. This allows override ofscope
field when generating new admin scope token usingartifactory/roles/<name>
path. Issue: #134 PR: #147, #163
IMPROVEMENTS:
- Add
revoke_on_delete
field toconfig/admin
path. This enable automatic revocation of admin access token when set totrue
. This field will also be set totrue
if admin access token is rotated. Issue: #86 PR: #161
BUG FIXES:
IMPROVEMENTS:
- Add support for username specific user token configuration path:
config/user_token/<username>
- Add ability to override
access_token
inconfig/user_token/<username>
path. - Add
refresh_token
field to allow manual refreshing of access token. - When access token expires, plugin now attempts to get a new access token using the refresh token
- Update README with more details documentation for all paths
BUG FIXES:
- Fix
refreshable
andinclude_reference_token
parameters not working for user token. Issue: #154 - Fix
default_ttl
,max_ttl
, etc. logic and applies to token expiration (when applicable).
PR: 155
IMPROVEMENTS:
- Add
refreshable
andinclude_reference_token
parameters to bothroles/<role name>
anduser_token/<username>
paths. PR: 144 - Bump jfrog/artifactory-jcr from 7.71.8 to 7.71.9 in /scripts PR: 143
- Bump golang.org/x/crypto from 0.14.0 to 0.17.0 PR: 142
- Bump github.com/hashicorp/go-hclog from 1.6.1 to 1.6.2 PR: 141
- Bump jfrog/artifactory-jcr from 7.71.5 to 7.71.8 in /scripts PR: 140
- Bump github.com/hashicorp/go-hclog from 1.5.0 to 1.6.1 PR: 139
- Bump jfrog/artifactory-jcr from 7.71.4 to 7.71.5 in /scripts PR: 138
BUG FIXES:
- bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 PR: 137
BUG FIXES:
- Bump google.golang.org/grpc from 1.57.0 to 1.57.1 PR: 131
- Bump jfrog/artifactory-jcr from 7.68.14 to 7.71.3 in /scripts PR: 132
- Bump github.com/docker/docker from 24.0.5+incompatible to 24.0.7+incompatible PR: 133
BUG FIXES:
- Bump golang.org/x/net from 0.8.0 to 0.17.0 PR: 129
BUG FIXES:
- Bump github.com/hashicorp/vault/sdk from 0.9.1 to 0.10.0 PR: 128
IMPROVEMENTS:
- Add the artifactory/user_token/ path to support users obtaining tokens for themselves. PR: #113
BREAKING CHANGES:
IMPROVEMENTS:
- Add new, optional, field
bypass_artifactory_tls_verification
toconfig/admin
path. This allows bypassing TLS connection verification with Artifactory instance. PR: #100
IMPROVEMENTS:
- Update release process to publish the binaries directly (without zipping). The checksums file now contain checksums for the binaries (vs the zip file). Issue: #81 PR: #99
IMPROVEMENTS:
- Add support for optional
username
anddescription
to token rotation. PR: #85
BUG FIXES:
- Fix premature export of
JFROG_ACCESS_TOKEN
env var in makefile. PR: #77 - Fix parsing of admin usernames with
/
. PR: #78 - Additional makefile fixes. PR: #79
IMPROVEMENTS:
- Add version suffix for development build (
-dev+<git short hash>
). PR: #74 - Update Vault API module to 1.9.1. PR: #75
IMPROVEMENTS:
- Fix empty strings for optional attributes when reading roles. PR: #66
- Fix inconsistent use of env vars for acceptance tests. PR: #71
IMPROVEMENTS:
- Upgrade dependencies to latest version.
- Update Go minimum version to 1.18 (which we have been using for a while now).
PR: #65
IMPROVEMENTS:
- Sign release checksums file with GPG key. Release also include public key for signature verification.
PR: #54
IMPROVEMENTS:
- Plugin now reports its version to Vault server. You can see it with
vault plugin list
command. - Remove version number from the binary file name (now
artifactory-secrets-plugin
, vsartifactory-secrets-plugin_v0.2.6
) now that it registers as 'versioned' plugin with Vault server. - Update README on how to register plugin to reflect this change of binary name.
- Update Makefile to use GoRelease (same as GitHub Action) to build binary for development process.
PR: #53
IMPROVEMENTS:
- Switch to using POSTing JSON (instead of form) when creating token.
expires_in
andforce_revocable
fields are now opt-in.
BUG FIXES:
IMPROVEMENTS:
- Add support for Vault Username Templating.
- Improve README.md
- Update Vault API and SDK packages to latest version.
PR: #47
IMPROVEMENTS:
- Add support for
force_revocable
flag available in Artifactory 7.50.3+. PR: #45
BUG FIXES:
- Fix revoke token error check only for HTTP status code 200. Now it errors only for status code >= 400. Also include token ID in logs and error message. PR: #41
IMPROVEMENTS:
- Include additional token information when reading from config. PR: #39
IMPROVEMENTS:
- Use username from current token for new token during rotation. PR: #34
- Add env vars to make command
make setup
works. PR: #37
IMPROVEMENTS:
- Update
golang.org/x/net
andgolang.org/x/crypto
modules to latest version. PR: #32 Dependabot alerts: 1, 2, 3, 4
BUG FIXES:
- Fix breakage introduced in 0.2.0 where default port fallback was incorrectly handled. PR: #29
BUG FIXES:
- Fix HTTP response body not closed before root certificate error is returned. PR: #28
BUG FIXES:
- Fix HTTP response body not closed, thus leading to memory leak. PR: #26
IMPROVEMENTS: