From 4e2999e0fc7ac9c8b2381487e5a6f36746fc2b06 Mon Sep 17 00:00:00 2001 From: Charith Ellawala Date: Mon, 5 Jun 2023 17:53:14 +0100 Subject: [PATCH] chore(release): Add v0.27.0 release notes (#1628) Signed-off-by: Charith Ellawala --- docs/modules/releases/nav.adoc | 3 +- docs/modules/releases/pages/v0.27.0.adoc | 80 ++++++++++++++++++++++++ 2 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 docs/modules/releases/pages/v0.27.0.adoc diff --git a/docs/modules/releases/nav.adoc b/docs/modules/releases/nav.adoc index ebdfaa2f7..96ec7e8a4 100644 --- a/docs/modules/releases/nav.adoc +++ b/docs/modules/releases/nav.adoc @@ -1,8 +1,9 @@ .Release Notes +* xref:v0.27.0.adoc[v0.27.0] * xref:v0.26.0.adoc[v0.26.0] * xref:v0.25.0.adoc[v0.25.0] -* xref:v0.24.0.adoc[v0.24.0] * Archives +** xref:v0.24.0.adoc[v0.24.0] ** xref:v0.23.1.adoc[v0.23.1] ** xref:v0.23.0.adoc[v0.23.0] ** xref:v0.22.0.adoc[v0.22.0] diff --git a/docs/modules/releases/pages/v0.27.0.adoc b/docs/modules/releases/pages/v0.27.0.adoc new file mode 100644 index 000000000..04ee30e2b --- /dev/null +++ b/docs/modules/releases/pages/v0.27.0.adoc @@ -0,0 +1,80 @@ +include::ROOT:partial$attributes.adoc[] + +[#v0.27.0] += Cerbos v0.27.0 + +== Highlights + +Cerbos now supports returning user-defined output values from policy evaluation. Policy authors define an optional expression to evaluate if a rule is activated and Cerbos collects and returns the set of outputs as part of the API response. This enables developers to take specific actions in their applications based on the outcome of an authorization check. See the xref:0.27.0@policies:outputs.adoc[outputs documentation] for more information. + +The new `overlay` storage is a special driver that allows you to configure any two Cerbos xref:configuration:storage.adoc[storage drivers] as base and fallback stores. If the base store becomes unavailable for some reason, Cerbos automatically switches to the fallback store until the base becomes available again. See the xref:0.27.0@configuration:storage.adoc#redundancy[overlay documentation] for more information. + +The database storage drivers now perform a schema check on startup to make sure that the required tables exist. This behaviour can be switched off in the configuration. + +Policy conditions can now make use of the new `math.greatest` and `math.least` functions to find the maximum and minimum values in a list of numbers. + +Common causes of errors such as the incorrect placement of schemas directory and invalid content structure in policies now produces detailed error messages to help debug those issues. + +The `HorizontalPodAutoscaler` resources created by the Cerbos Helm chart now uses the `v2` API which requires Kubernetes 1.23.0 or higher. + + +== Changelog + + +=== Bug Fixes + +* Mark /tmp as a container volume (link:https://github.com/cerbos/cerbos/pull/1546[#1546]) +* Return correct error code when store is invalid (link:https://github.com/cerbos/cerbos/pull/1592[#1592]) +* Use IncludeMetadata option on all gRPC requests (link:https://github.com/cerbos/cerbos/pull/1586[#1586]) + +=== Features + +* Storage overlay (link:https://github.com/cerbos/cerbos/pull/1560[#1560]) +* User-defined output from policy evaluation (link:https://github.com/cerbos/cerbos/pull/1594[#1594]) +* Validate policy and test files with JSON schema (link:https://github.com/cerbos/cerbos/pull/1526[#1526]) + +=== Enhancements + +* Add CEL math extension (link:https://github.com/cerbos/cerbos/pull/1569[#1569]) +* Allow LoadBalancerIP to be set (link:https://github.com/cerbos/cerbos/pull/1605[#1605]) +* Handle schemas folder being in wrong place with more verbose error (link:https://github.com/cerbos/cerbos/pull/1550[#1550]) +* Upgrade to HPA v2 API (link:https://github.com/cerbos/cerbos/pull/1548[#1548]) +* Verify required tables are present in the db (link:https://github.com/cerbos/cerbos/pull/1584[#1584]) +* Volume mounts for Cerbos Cloud (link:https://github.com/cerbos/cerbos/pull/1547[#1547]) + +=== Documentation + +* Add page with output example (link:https://github.com/cerbos/cerbos/pull/1622[#1622]) +* Clarify policy repository layout (link:https://github.com/cerbos/cerbos/pull/1551[#1551]) +* Fix typo in `charAt` example (link:https://github.com/cerbos/cerbos/pull/1606[#1606]) + +=== Chores + +* Add bundle driver info to telemetry (link:https://github.com/cerbos/cerbos/pull/1545[#1545]) +* Add paths to test schema files (link:https://github.com/cerbos/cerbos/pull/1564[#1564]) +* Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (link:https://github.com/cerbos/cerbos/pull/1577[#1577]) +* Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /tools (link:https://github.com/cerbos/cerbos/pull/1578[#1578]) +* Bump github.com/goreleaser/nfpm/v2 from 2.28.0 to 2.29.0 in /tools (link:https://github.com/cerbos/cerbos/pull/1599[#1599]) +* Bump github.com/sigstore/rekor from 1.0.1 to 1.1.1 in /tools (link:https://github.com/cerbos/cerbos/pull/1563[#1563]) +* Bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 in /tools (link:https://github.com/cerbos/cerbos/pull/1600[#1600]) +* Bump version to 0.27.0 +* Change Cloud API version to `api.cerbos.cloud/v1` (link:https://github.com/cerbos/cerbos/pull/1559[#1559]) +* Disable automatic label updates (link:https://github.com/cerbos/cerbos/pull/1544[#1544]) +* Fix data race in store test (link:https://github.com/cerbos/cerbos/pull/1537[#1537]) +* Fix referencing non-existent format flag (link:https://github.com/cerbos/cerbos/pull/1617[#1617]) +* Overlay e2e test (link:https://github.com/cerbos/cerbos/pull/1579[#1579]) +* Remove the cerbos prefix from output keys (link:https://github.com/cerbos/cerbos/pull/1614[#1614]) +* Update Antora to 3.1.2 (link:https://github.com/cerbos/cerbos/pull/1575[#1575]) +* Update Renovate labels (link:https://github.com/cerbos/cerbos/pull/1565[#1565]) +* Update bufbuild/buf-setup-action action to v1.18.0 (link:https://github.com/cerbos/cerbos/pull/1567[#1567]) +* Update github actions deps (link:https://github.com/cerbos/cerbos/pull/1597[#1597]) +* Update github actions deps (link:https://github.com/cerbos/cerbos/pull/1625[#1625]) +* Update go deps (link:https://github.com/cerbos/cerbos/pull/1553[#1553]) +* Update go deps (link:https://github.com/cerbos/cerbos/pull/1556[#1556]) +* Update go deps (link:https://github.com/cerbos/cerbos/pull/1568[#1568]) +* Update go deps (link:https://github.com/cerbos/cerbos/pull/1581[#1581]) +* Update go deps (link:https://github.com/cerbos/cerbos/pull/1596[#1596]) +* Update go deps (link:https://github.com/cerbos/cerbos/pull/1624[#1624]) +* Update google-github-actions/setup-gcloud action to v1.1.1 (link:https://github.com/cerbos/cerbos/pull/1582[#1582]) +* Update module github.com/envoyproxy/protoc-gen-validate to v1 (link:https://github.com/cerbos/cerbos/pull/1557[#1557]) +* Update to go 1.19 (link:https://github.com/cerbos/cerbos/pull/1543[#1543])