Skip to content

v0.8.0
Compare
Choose a tag to compare
@clockworksoul clockworksoul released this 26 Jul 15:46
· 125 commits to main since this release
v0.8.0
512dd61
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This is the official release for v0.8.0!

This release focuses on authentication and authorization, and includes a fully-functional RBAC implementation for bundle commands. We consider this to be the "killer feature" for Gort, and we're very excited for its completion.

With this release, Gort is now considered to be minimally feature complete. This does NOT mean that it's feature complete! In fact, it's still missing some very important features (dynamic command configuration and templates are particularly glaring). These will be implemented over the next few months.

RBAC for command execution

  • Roles and permissions. Roles group one or more permissions, and can be granted to groups. Groups are groups of users. Includes the addition of the gort role CLI subcommands.
  • Command rules and permissions. Permissions and execution rules are fully implemented. This is a major feature. See the Gort Guide for more details.
  • Default Gort Bundle. When first bootstrapped, a Gort deployment receives a default gort bundle for basic administration. It includes several rules that restrict execution to the administrator (and anybody who may get the appropriate permissions in the future).
  • Addition of RBAC to REST API. The REST API now performs user authentication and authorization by comparing the given function against the rules defined in the default Gort bundle. So, if you can execute the default Gort command, you can execute the same function via the API.

Command changes

  • Removed the entire concept of default bundles, since they added quite a bit of complexity for very little value (#41)
  • Added "long descriptions" to bundle commands, and made !help COMMAND output it (#70)
  • Standardized output format for various list subcommands (#88)
  • The bootstrap subcommand no longer accepts an email, password, or username. The admin account is expected to be used to create a daily use account, and its routine use should be discouraged (#78)
  • Added a hidden subcommand to gort, under which commands intended to be used primarily via the Gort bundle (but not harmful if they're discovered and used via the CLI) can live (ex., !gort:help is served by gort hidden command)

Controller configuration changes

  • Updated configuration to use durations for time-based configurations (for example, command_timeout_seconds: 60 becomes command_timeout: 60s). This allows users to use duration strings to set arbitrary durations (1d, 1h30m, 5m, etc.)
  • Updated Postgres settings to allow certain basic connection settings that were neglected before.
  • Added a docker.network field, which if set will automatically add all spawned workers to the specified Docker network. This lets the gort command bundle communicate with the API, for example.

Miscellaneous changes

  • Certain env vars are now injected into worker containers as per the existing documentation.
  • Bundle commands executable field is now a list instead of a simple string. This allows bundle commands to be served by binary subcommands (for example, !gort:user has an executable of [ "/bin/gort", "user" ].
  • Lots and lots of tweaks and bug fixes.
Assets 2
Loading