new release: 0.12.1-stable

providers/proxy: fix creation of ingress
helm: fix permissions for ingresses in networking
2026-05-11 17:36:35 +02:00 · 2020-10-19 15:30:27 +02:00 · 2020-10-19 15:06:50 +02:00 · 2020-10-19 14:55:14 +02:00 · 2020-10-19 14:35:38 +02:00 · 2020-10-19 14:35:22 +02:00
18 changed files with 68 additions and 40 deletions
--- a/.bumpversion.cfg
+++ b/.bumpversion.cfg
@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.12.0-stable
+current_version = 0.12.1-stable
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,11 +18,11 @@ jobs:
      - name: Building Docker Image
        run: docker build
          --no-cache
-          -t beryju/passbook:0.12.0-stable
+          -t beryju/passbook:0.12.1-stable
          -t beryju/passbook:latest
          -f Dockerfile .
      - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/passbook:0.12.0-stable
+        run: docker push beryju/passbook:0.12.1-stable
      - name: Push Docker Container to Registry (latest)
        run: docker push beryju/passbook:latest
  build-proxy:
@@ -48,11 +48,11 @@ jobs:
          cd proxy
          docker build \
          --no-cache \
-          -t beryju/passbook-proxy:0.12.0-stable \
+          -t beryju/passbook-proxy:0.12.1-stable \
          -t beryju/passbook-proxy:latest \
          -f Dockerfile .
      - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/passbook-proxy:0.12.0-stable
+        run: docker push beryju/passbook-proxy:0.12.1-stable
      - name: Push Docker Container to Registry (latest)
        run: docker push beryju/passbook-proxy:latest
  build-static:
@@ -77,11 +77,11 @@ jobs:
        run: docker build
          --no-cache
          --network=$(docker network ls | grep github | awk '{print $1}')
-          -t beryju/passbook-static:0.12.0-stable
+          -t beryju/passbook-static:0.12.1-stable
          -t beryju/passbook-static:latest
          -f static.Dockerfile .
      - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/passbook-static:0.12.0-stable
+        run: docker push beryju/passbook-static:0.12.1-stable
      - name: Push Docker Container to Registry (latest)
        run: docker push beryju/passbook-static:latest
  test-release:
@@ -114,5 +114,5 @@ jobs:
          SENTRY_PROJECT: passbook
          SENTRY_URL: https://sentry.beryju.org
        with:
-          tagName: 0.12.0-stable
+          tagName: 0.12.1-stable
          environment: beryjuorg-prod
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -179,13 +179,13 @@ stages:
          - task: CmdLine@2
            inputs:
              script: |
-                export PB_TEST_K8S=true
                sudo pip install -U wheel pipenv
                pipenv install --dev
          - task: CmdLine@2
            displayName: Run full test suite
            inputs:
              script: |
+                export PB_TEST_K8S=true
                pipenv run coverage run ./manage.py test passbook -v 3
          - task: CmdLine@2
            inputs:
@@ -221,7 +221,6 @@ stages:
          - task: CmdLine@2
            inputs:
              script: |
-                export PB_TEST_K8S=true
                sudo pip install -U wheel pipenv
                pipenv install --dev
          - task: DockerCompose@0
@@ -241,6 +240,7 @@ stages:
            displayName: Run full test suite
            inputs:
              script: |
+                export PB_TEST_K8S=true
                pipenv run coverage run ./manage.py test e2e -v 3 --failfast
          - task: CmdLine@2
            condition: always()
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -19,7 +19,7 @@ services:
    networks:
      - internal
  server:
-    image: beryju/passbook:${PASSBOOK_TAG:-0.12.0-stable}
+    image: beryju/passbook:${PASSBOOK_TAG:-0.12.1-stable}
    command: server
    environment:
      PASSBOOK_REDIS__HOST: redis
@@ -40,7 +40,7 @@ services:
    env_file:
      - .env
  worker:
-    image: beryju/passbook:${PASSBOOK_TAG:-0.12.0-stable}
+    image: beryju/passbook:${PASSBOOK_TAG:-0.12.1-stable}
    command: worker
    networks:
      - internal
@@ -54,7 +54,7 @@ services:
    env_file:
      - .env
  static:
-    image: beryju/passbook-static:${PASSBOOK_TAG:-0.12.0-stable}
+    image: beryju/passbook-static:${PASSBOOK_TAG:-0.12.1-stable}
    networks:
      - internal
    labels:
--- a/docs/installation/docker-compose.md
+++ b/docs/installation/docker-compose.md
@@ -13,7 +13,7 @@ Download the latest `docker-compose.yml` from [here](https://raw.githubuserconte

 To optionally enable error-reporting, run `echo PASSBOOK_ERROR_REPORTING__ENABLED=true >> .env`

-To optionally deploy a different version run `echo PASSBOOK_TAG=0.12.0-stable >> .env`
+To optionally deploy a different version run `echo PASSBOOK_TAG=0.12.1-stable >> .env`

 If this is a fresh passbook install run the following commands to generate a password:

--- a/docs/installation/kubernetes.md
+++ b/docs/installation/kubernetes.md
@@ -11,7 +11,7 @@ This installation automatically applies database migrations on startup. After th
 image:
  name: beryju/passbook
  name_static: beryju/passbook-static
-  tag: 0.12.0-stable
+  tag: 0.12.1-stable

 nameOverride: ""

@@ -35,8 +35,8 @@ config:

 # Enable Database Backups to S3
 # backup:
-#   access_key: access-key
-#   secret_key: secret-key
+#   accessKey: access-key
+#   secretKey: secret-key
 #   bucket: s3-bucket
 #   region: eu-central-1
 #   host: s3-host
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "0.12.0-stable"
+appVersion: "0.12.1-stable"
 description: A Helm chart for passbook.
 name: passbook
-version: "0.12.0-stable"
+version: "0.12.1-stable"
 icon: https://github.com/BeryJu/passbook/blob/master/docs/images/logo.svg
 dependencies:
  - name: postgresql
--- a/helm/templates/configmap.yaml
+++ b/helm/templates/configmap.yaml
@@ -7,8 +7,8 @@ data:
  POSTGRESQL__NAME: "{{ .Values.postgresql.postgresqlDatabase }}"
  POSTGRESQL__USER: "{{ .Values.postgresql.postgresqlUsername }}"
  {{- if .Values.backup }}
-  POSTGRESQL__S3_BACKUP__ACCESS_KEY: "{{ .Values.backup.access_key }}"
-  POSTGRESQL__S3_BACKUP__SECRET_KEY: "{{ .Values.backup.secret_key }}"
+  POSTGRESQL__S3_BACKUP__ACCESS_KEY: "{{ .Values.backup.accessKey }}"
+  POSTGRESQL__S3_BACKUP__SECRET_KEY: "{{ .Values.backup.secretKey }}"
  POSTGRESQL__S3_BACKUP__BUCKET: "{{ .Values.backup.bucket }}"
  POSTGRESQL__S3_BACKUP__REGION: "{{ .Values.backup.region }}"
  POSTGRESQL__S3_BACKUP__HOST: "{{ .Values.backup.host }}"
--- a/helm/templates/service-account.yaml
+++ b/helm/templates/service-account.yaml
@@ -28,9 +28,9 @@ rules:
    - "patch"
 - apiGroups:
    - "extensions"
-    - "networking"
+    - "networking.k8s.io"
  resources:
-    - "ingress"
+    - "ingresses"
  verbs:
    - "get"
    - "create"
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -4,7 +4,7 @@
 image:
  name: beryju/passbook
  name_static: beryju/passbook-static
-  tag: 0.12.0-stable
+  tag: 0.12.1-stable

 nameOverride: ""

@@ -28,8 +28,8 @@ config:

 # Enable Database Backups to S3
 # backup:
-#   access_key: access-key
-#   secret_key: secret-key
+#   accessKey: access-key
+#   secretKey: secret-key
 #   bucket: s3-bucket
 #   region: eu-central-1
 #   host: s3-host
--- a/lifecycle/system_migrations/to_0_12.py
+++ b/lifecycle/system_migrations/to_0_12.py
@@ -0,0 +1,28 @@
+from pickle import loads  # nosec
+
+from redis import Redis
+
+from lifecycle.migrate import BaseMigration
+from passbook.lib.config import CONFIG
+
+
+class To012Migration(BaseMigration):
+    def __init__(self) -> None:
+        self.redis = Redis(
+            host=CONFIG.y("redis.host"),
+            port=6379,
+            db=CONFIG.y("redis.cache_db"),
+            password=CONFIG.y("redis.password"),
+        )
+
+    def needs_migration(self) -> bool:
+        keys = self.redis.keys(":1:outpost_*")
+        for key in keys:
+            value = loads(self.redis.get(key))  # nosec
+            if isinstance(value, str):
+                return True
+        return False
+
+    def run(self):
+        keys_to_delete = self.redis.keys(":1:outpost_*")
+        self.redis.delete(*keys_to_delete)
--- a/passbook/init.py
+++ b/passbook/init.py
@@ -1,2 +1,2 @@
 """passbook"""
-__version__ = "0.12.0-stable"
+__version__ = "0.12.1-stable"
--- a/passbook/core/api/tokens.py
+++ b/passbook/core/api/tokens.py
@@ -1,6 +1,4 @@
 """Tokens API Viewset"""
-from uuid import UUID
-
 from django.http.response import Http404
 from rest_framework.decorators import action
 from rest_framework.request import Request
@@ -29,10 +27,9 @@ class TokenViewSet(ModelViewSet):
    serializer_class = TokenSerializer

    @action(detail=True)
-    # pylint: disable=invalid-name
-    def view_key(self, request: Request, pk: UUID) -> Response:
+    def view_key(self, request: Request, identifier: str) -> Response:
        """Return token key and log access"""
-        tokens = Token.filter_not_expired(pk=pk)
+        tokens = Token.filter_not_expired(identifier=identifier)
        if not tokens.exists():
            raise Http404
        token = tokens.first()
--- a/passbook/outposts/controllers/k8s/deployment.py
+++ b/passbook/outposts/controllers/k8s/deployment.py
@@ -69,7 +69,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
                    spec=V1PodSpec(
                        containers=[
                            V1Container(
-                                name=self.outpost.type,
+                                name=str(self.outpost.type),
                                image=f"{self.image_base}-{self.outpost.type}:{__version__}",
                                ports=container_ports,
                                env=[
--- a/passbook/outposts/controllers/kubernetes.py
+++ b/passbook/outposts/controllers/kubernetes.py
@@ -56,7 +56,6 @@ class KubernetesController(BaseController):
        documents = []
        for reconcile_key in self.reconcile_order:
            reconciler = self.reconcilers[reconcile_key](self)
-            reconciler.up()
            documents.append(reconciler.get_reference_object().to_dict())

        with StringIO() as _str:
--- a/passbook/providers/proxy/controllers/k8s/ingress.py
+++ b/passbook/providers/proxy/controllers/k8s/ingress.py
@@ -56,7 +56,10 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
        have_hosts = [rule.host for rule in reference.spec.rules]
        have_hosts.sort()

-        have_hosts_tls = reference.spec.tls.hosts
+        have_hosts_tls = []
+        for tls_config in reference.spec.tls:
+            if tls_config:
+                have_hosts_tls += tls_config.hosts
        have_hosts_tls.sort()

        if have_hosts != expected_hosts:
@@ -102,7 +105,7 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
            )
        return NetworkingV1beta1Ingress(
            metadata=meta,
-            spec=NetworkingV1beta1IngressSpec(rules=rules, tls=tls_config),
+            spec=NetworkingV1beta1IngressSpec(rules=rules, tls=[tls_config]),
        )

    def create(self, reference: NetworkingV1beta1Ingress):
--- a/passbook/providers/proxy/tests.py
+++ b/passbook/providers/proxy/tests.py
@@ -31,9 +31,9 @@ class TestControllers(TestCase):
        outpost.providers.add(provider)
        outpost.save()

-        controller = ProxyKubernetesController(outpost.pk)
+        controller = ProxyKubernetesController(outpost)
        manifest = controller.get_static_deployment()
-        self.assertEqual(len(list(yaml.load_all(manifest, Loader=yaml.SafeLoader))), 3)
+        self.assertEqual(len(list(yaml.load_all(manifest, Loader=yaml.SafeLoader))), 4)

    def test_kubernetes_controller_deploy(self):
        """Test Kubernetes Controller"""
@@ -51,5 +51,6 @@ class TestControllers(TestCase):
        outpost.providers.add(provider)
        outpost.save()

-        controller = ProxyKubernetesController(outpost.pk)
+        controller = ProxyKubernetesController(outpost)
        controller.up()
+        controller.down()
--- a/proxy/pkg/version.go
+++ b/proxy/pkg/version.go
@@ -1,3 +1,3 @@
 package pkg

-const VERSION = "0.12.0-stable"
+const VERSION = "0.12.1-stable"
Author	SHA1	Message	Date
Jens Langhammer	ac4c314042	new release: 0.12.1-stable	2020-10-19 15:30:27 +02:00
Jens Langhammer	05866d3544	providers/proxy: fix creation of ingress	2020-10-19 15:06:50 +02:00
Jens Langhammer	6596bc6034	helm: fix permissions for ingresses in networking	2020-10-19 14:55:14 +02:00
Jens Langhammer	c6661ef4d2	lifecycle: add migration to 0.12 which removes old outpost state from cache	2020-10-19 14:35:38 +02:00
Jens Langhammer	386e23dfac	core: fix api signature for view_key	2020-10-19 14:35:22 +02:00
Jens Langhammer	5d7220ca70	helm: fix keys for s3 backup	2020-10-19 14:30:44 +02:00