Skip to content

Latest commit

 

History

History
547 lines (333 loc) · 21.4 KB

CHANGELOG.md

File metadata and controls

547 lines (333 loc) · 21.4 KB

Change Log

All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.

4.1.0 - 2024-12-30

Added

  • GitHub release notes automation
  • GitHub actions for tests
  • Error logging redirection to stderr by default

Changed

  • Improved automated image tests

4.0.0 - 2023-06-15

Changed

  • bookworm as base container
  • php version set to 8.2
  • Mariadb set to 10.11
  • Updated rootless superchronic to 0.2.25
  • Supervisor php-fpm command updated to php-fpm8.2
  • Small refactor in kitchen tests

3.10.0 - 2023-05-02

Added

  • Make rootless docker image to own the supervisor files #197

3.9.4 - 2023-04-18

Added

  • Update mariadb to version 10.10 #190
  • Added PASSBOLT_GPG_SERVER_KEY_FINGERPRINT_FORCE env variable. Fixes #192
  • Arm arch support for arm64/v8, arm/v7 and arm/v5 linux architectures.

3.9.3 - 2023-03-17

Added

  • Allow SHA1 overwrite from build_args #191
  • Bumped supercronic to latest version on rootless images 0.2.2
  • Updated dev container to work with ldap

Fixed

  • Docker compose ports #180

3.9.2 - 2023-02-09

Fixed

  • Fix trivy entrypoint on vulnerability test jobs

3.9.1 - 2023-01-31

Fixed

  • Github actions on new path for development composer files

3.9.0 - 2023-01-31

Changed

  • Now environment is dumped during entrypoint script running instead of during cron runs
  • Migrations are executed without clearing the cache by default and only core and model caches are cleared.

Added

  • Development only: Configuration for xdebug to ease working with IDES

Fixed

  • Ports for rootless version pointing to 4433 on docker-compose files

3.8.1 - 2023-01-18

Changed

  • Minor changes on the internal publishing process

3.8.0 - 2023-01-13

Added

  • Support for docker secrets
  • Shellspec for entrypoint testing

Changed

  • Entrypoint refactor in separated libraries for increased testability

3.7.5 - 2022-12-01

Added

  • Improved logging for cron tasks

3.7.4 - 2022-11-17

Added

  • Directory sync commands on docker-compose pro

Fixed

  • Multiple merge request from community. Thanks a lot to all of you who contributed!

3.7.3 - 2022-11-04

Added

  • PB-19792 add github actions to automate release creation
  • Fix dev Dockerfile ln command syntax
  • PB-19311: directory sync command on entrypoint for pro
  • PB-14006: docker-compose file for postgresql
  • Add new subscription file machinery
  • Add pro dependencies

Changed

  • Default key length from 2048 to 3072
  • Bump php version to 8 on dev Dockerfile
  • PB-14373 fix composer files
  • PB-14373 use relative paths on build field
  • PB-14373 bump php version to 7.4
  • PB-14111: Set https://passbolt.local as APP_FULL_BASE_URL
  • PB-13681 add subaltname parameter on the automatic certs
  • PB-13552 check jwt variable before executing create_jwt_keys
  • PB-13533 add create_jwt_keys in the entrypoint
  • PB-13533 remove jwt keys during build
  • Security upgrade php from 7.3.31-fpm to 7.3.33-fpm
  • Refactor dockerfile args and vars
  • PB-9399 fix ipv6 http port on rootless image
  • Security upgrade php from 7.3.30-fpm to 7-fpm
  • PB-8416 Use debian 11 image as base image.
  • Fix deprecated license path
  • Add PASSBOLT_FLAVOUR env variable
  • Fix ln command syntax

3.0.2 - 2021-03-12

  • This is a sync release. Check changes for passbolt_api

3.0.1 - 2021-02-24

  • This is a sync release. Check changes for passbolt_api

3.0.0 - 2021-02-23

We are happy to announce the release of passbolt docker 3.0.0!

This release contains passbolt-api 3.0.0 as well as some new additions and deprection notices.

Passbolt docker images now rely on passbolt's debian package. As a result the dockerfiles are now using debian-slim as base images and not longer rely on docker php library images.

As a result of using debian packages some paths such as /var/www/passbolt are going to be deprecated. This release still supports both paths by symlinking so users should not be impacted by the path changes. We strongly recommend that you update your volumes accordingly.

We have also released a rootless image that runs entirely under www-data user and uses supercronic instead of plain cron to run the background tasks. We aim to make a transition to rootless images by default to make our docker images a bit more secure by default. However, rootless alternatives are still considered beta.

As with this release passbolt images are no longer tagged with the '-debian' suffix. Instead:

  • Passbolt docker CE images will be tagged as: passbolt/passbolt:-ce
  • Passbolt docker CE rootless images will be tagged as: passbolt/passbolt:-ce-non-root
  • Passbolt docker pro images will be tagged as: passbolt/passbolt:-pro
  • Passbolt docker pro rootless images will be tagged as: passbolt/passbolt:-pro-non-root

You can still find the old Dockerfiles on the dev/ directory as they are still quite handy for development purposes.

Added

  • New debian package based docker images
  • New rootless images
  • Supercronic introduced on rootless images

Changed

  • Passbolt installation uses official passbolt debian packages
  • /var/www/passbolt files are now in /usr/share/php/passbolt
  • /var/www/passbolt/config files are no in /etc/passbolt
  • Default workdir is now /usr/share/php/passbolt
  • Old docker images moved to dev/ directory
  • debian Dockerfiles moved to debian/ directory
  • Deprecation message is shown on startup of the containers if old paths detected

2.13.5 - 2020-08-04

  • Passbolt api bumped to 2.13.5

2.13.1 - 2020-07-07

  • Passbolt api bumped to 2.13.1

2.13.0 - 2020-06-23

  • Passbolt api bumped to 2.13.0
  • PHP version pinned to 7.3.19

2.12.1 - 2020-04-14

Changed

  • Dockerfile pins specific php version for better control
  • Passbolt code version bumped to 2.12.1

2.12.0 - 2019-12-06

Changed

  • Timeout set to 0 in wait-for.sh. Fixes #133

2.11.0 - 2019-08-08

Changed

  • Base Container switched to php7.3 and debian 10
  • Entrypoint runs supervisor with exec to take over PID 1
  • Minor changes: Maintainer label

2.10.0 - 2019-05-16

  • This is a sync release. Check changes for passbolt_api

2.9.0 - 2019-04-24

Added

  • Build arg to pass headers to curl
  • Removed git as dev dependency

Fixed

  • Fix typo in Readme #125

2.8.4 - 2019-04-17

This is a sync release. Check changes for passbolt_api

2.8.3 - 2019-04-02

Added

  • Documentation for PASSBOLT_PLUGINS_EXPORT_ENABLED and PASSBOLT_PLUGINS_IMPORT_ENABLED

2.8.2 - 2019-04-01

This is a sync release. Check changes for passbolt_api

2.8.1 - 2019-04-01

Added

  • Documentation for new env variable APP_BASE to use passbolt in a subfolder
  • Added wait-for.sh to the docker image as part of #123

Fixed

  • Now passbolt checks for the mysql status outside of the docker image #97

2.7.1 - 2019-02-13

Added

  • Use php.ini-production for saner defaults in php

2.7.0 - 2019-02-12

Fixed

  • Added small warning message when entropy is low at container startup #121

2.5.0 - 2018-11-15

Added

  • Enabled opcache extension to increase overall performance

2.4.0 - 2018-10-15

Added

  • Merged: Adding SSL configuration for mysql/mariadb #111

Fixed

  • Minor fix: Remove duplicate arg PHP_EXTENSIONS from Dockerfile

2.3.0 - 2018-09-03

See Changes for passbolt_api

2.2.0 - 2018-08-13

Added

  • Added wait-for-it instead of wait for to eliminate netcat dependency

Changed

  • Merged: hide nginx and php version #107
  • Merged: restrict MySQL port access #109
  • Supervisor config files split into conf.d/{php.conf,nginx.conf,cron.conf}
  • Default stdout logging is more verbose now allowing users to see more details on the requests

2.1.0 - 2018-06-14

Fixed

  • cron EmailQueue.sender job fails if db password contains certain characters #105

2.0.7 - 2018-05-09

Sync release. See release notes on [https://github.com/passbolt/passbolt_api](passbolt api repo)

2.0.5 - 2018-05-08

Fixed

  • Nginx configuration file root directive for passbolt

2.0.4 - 2018-04-26

Fixed

  • Authentication plugin 'caching_sha2_password' cannot be loaded #103

Changed

  • MariaDB as default SQL backend option in docker-compose files related with #103
  • Replace php copy with curl for use with proxy #102
  • Documentation requirements moved up in the README

2.0.3 - 2018-04-20

Fixed

  • Updated path for images volume. #101

Changed

  • Run passbolt migrate task instead of cake migrations migrate

2.0.2 - 2018-04-17

Fixed

  • Unable to load a jpeg image as avatar. #100
  • docker-entrypoint.sh adds email-sending-job everytime you restart the container. #98

Changed

  • Removed composer binary after dependency installation.

2.0.1 - 2018-04-09

2.0.0 - 2018-04-09

Changed

  • Base image switched to php:7-fpm (debian based) due performance issues with passbolt and alpine based images
  • Web user is now www-data
  • Supervisor provides better logging to stdout
  • Upload max filesize increased to 5M for avatar uploads
  • README documentation updated
  • Composer file loads images directory in passbolt container as a docker volume

Added

  • Added composer installer signature check according to official composer docs #91

1.6.10 - 2018-03-28

Fixed

  • chown fails with Docker Secrets, can't start container #89

Changed

The container base image has been migrated from alpine to debian. The reason behind this change is that we have detected slower performance in alpine based images. Changing the image introduced a few changes in the structure of the container:

  • Bigger images
  • www user is now www-data user
  • cron jobs are managed as crontabs in /var/spool/cron/crontabs/root
  • Permissions check on the passbolt base dir has been removed as it was a big performance penalty on startup times.
  • Docker hub tags will now follow the PASSBOLT_VERSION-debian pattern

2.0.0-rc2 - 2018-02-20

Changed

  • README documentation updated
  • PECL_PASSBOLT_EXTENSIONS, PASSBOLT_VERSION and PASSBOLT_URL are now a docker build arg

Added

  • Docker composer files to run passbolt_docker in different environments
  • Codacy badges and reports

Fixed

  • Minor issues regarding bash syntax shellcheck SC2034 and SC2166
  • Hadolint DL3003 fixed

2.0.0-rc1 - 2018-01-17

Changed

  • Moved away from plain alpine to php:7-fpm-alpine series
  • Environment variables interface has been revamped and moved to application domain default.php and app.default.php
  • PHP extensions management no longer using alpine packages
  • Introduced supervisord for process monitoring
  • Introduced testing framework for development purposes based on rspec
  • Reduced the dependencies installed in Dockerfile
  • Default user moved from nginx to www-data
  • Slightly changed paths of gpg serverkeys (<PASSBOLT_ROOT>/app/Config/gpg/serverkey.private.asc -> <PASSBOLT_ROOT>/config/gpg/serverkey_private.asc)
  • Refactor or docker-entrypoint.sh:
    • Moved away from bash to sh
    • Make it compliant with shellcheck
    • Removed search and replace commands

1.6.9-1 - 2018-01-15

Fixed

  • Fix bug in how the email 'client' is edited. #84

1.6.9 - 2018-01-14

This release provides the last passbolt_api 1.x series release along with several pull requests and fixes.

Fixed

  • Unable to access default installation with http #59
  • Check and correct the permissions and ownership of /var/www/passbolt #67
  • cp: Unrecognized option -T #75
  • turn URL config independent from SSL var #76
  • Set the default MySQL port to 3306 #77
  • Add environment variable to set email client #81

1.6.5+1 - 2017-11-14

Fixed

  • Introduce EMAIL_AUTH=false Environment variable #71
  • Fixed https in App.fullBaseUrl for SSL=false. #73

1.6.5 - 2017-09-14

Fixed

  • PASSBOLT-2406: change to LABEL, add docker-compose file for testing #69
  • PASSBOLT-2407: Check for email cron before setting it #63
  • PASSBOLT-2408: Strict Transport Security (HSTS) Invalid Server provided more than one HSTS header #65
  • PASSBOLT-2410: nginx config sub optimal #66

1.6.3 - 2017-08-31

1.6.2+1 - 2017-08-16

Fixed

  • PASSBOLT-2295: Added environment variable DB_PORT for non standard database ports (reopened) #43

1.6.2 - 2017-08-16

Added

  • PASSBOLT-2295: Added environment variable DB_PORT for non standard database ports. #43
  • PASSBOLT-2321: Upgraded passbolt container to latest stable alpine (3.6)

Fixed

  • PASSBOLT-2319: Fullbaseurl parameter was not changing when specifying URL #50
  • PASSBOLT-2320: TLS value on email.php should not be quoted PR#53

1.6.1+1 - 2017-07-31

Notes

This release aims to distribute passbolt-1.6.1 and include most relevant community contributions The most notable change from user perspective is the switch from lowercase to uppercase environment variables. Users will have to review their previous scripts and update any environment variable to match the new naming convention. Please refer to PR#39

Added

  • PASSBOLT-2276: ENV-Variable uppercase convention PR#39
  • PASSBOLT-2279: Allow Config files to be symbolic links PR#32
  • PASSBOLT-2278: Allow no db environment variable setting PR#20
  • PASSBOLT-2280: On MacOS systems note you should access it using https PR#35

Fixed

  • PASSBOLT-2159: Added registration env support PR#37

1.6.1 - 2017-06-29

Fixed

  • PASSBOLT-2158: corrected management of fullbaseurl throug url env variable.
  • PASSBOLT-2164: corrected typo on email_transport env variable. #24
  • PASSBOLT-2166: http to https redirection fixed. #19
  • PASSBOLT-2167: healthcheck does not work on container. #26

Added

  • PASSBOLT-2165: Added TLS support through email_tls env variable. #25

1.6.0 - 2017-06-23

Added

  • Added email set up support though environment variables
  • Added cronjob to send queued emails
  • Automated builds on the docker hub
  • Updated README documentation

Fixed

  • Image build fails when using alpine:latest. Switched to alpine:3.5
  • Deletion of passwords on docker image
  • Avoid importing already imported secret keys on the gpg keyring