Shield v8.6.0 Release Notes

Release Date: 2019-11-14 // over 4 years ago
  • โš  WARNING

    ๐Ÿš€ Do not use this version. This version has a database schema migration error that will be fixed in an upcoming patch release.

    ๐Ÿ†• New Features

    ๐Ÿณ Helm Support! This version of SHIELD ships with OCI Docker
    images that can be used in the new (Beta!) helm chart for
    ๐Ÿ‘€ SHIELD. See https://github.com/shieldproject/helm for more
    details, and to give it a spin yourself.

    ๐Ÿ”ง The SHIELD Core can now be configured almost entirely through
    ๐Ÿณ environment variables, for ease of configuration in Docker,
    Compose, and even Kubernetes.

    We have a new Prometheus-compatible metrics exporter, accessible
    at /metrics, and governed by a separate set of HTTP Basic Auth
    credentials.

    ๐Ÿ’ฅ Breaking Changes

    ๐Ÿ”ง The fabrics array in the configuration file has been replaced with
    the legacy-agents hash.

    ๐Ÿ”ง Previously, configuration for this would look like

    fabrics: - name: legacyssh-key: | -----BEGIN RSA PRIVATE KEY----- kEy -----END RSA PRIVATE KEY-----
    

    ๐Ÿ”ง Now, that should be configured like the following:

    legacy-agents: enabled: trueprivate-key: | -----BEGIN RSA PRIVATE KEY----- kEy -----END RSA PRIVATE KEY-----
    

    ๐Ÿ‘Œ Improvements

    Agent SSH is now constrained to a more secure set of message
    authentication codes (MACs). Specifically, we got rid of one
    embarassing 96-bit MAC algorithm. Ooof!

    ๐Ÿ’ป Several quality-of-life improvements were made to the web UI
    and message bus / websocket implementations. In general, the
    ๐ŸŒ web interface is easier to use and more robust now.

    ๐Ÿšš Old task logs and purged archives will now be removed from the
    database after a minimum retention period has passed. If you've
    โšก๏ธ been with us since the 0.x days, this update is for you, and
    we're sorry it's taken us so long to do this type of cleanup.

    The SHIELD IP Address (which gets less and less relevant every
    ๐Ÿ’ป day) is no longer reported via the API / web UI.

    ๐Ÿ› Bug Fixes

    โช Uncompressed backups can now properly be restored.

    ๐Ÿ‘ท The healthy and paused fields of the Jobs table now no
    longer allows NULL values, landing us squarely back in the
    territory of booleanitude -- things are either true or false;
    there is no maybe.

    Negative daily storage increases now properly convert to kilo-,
    mega-, and giga- units, to help humans understand magnitude.

    โฑ The api.session.timeout value is now interpreted properly as
    seconds, not hours. This effectively means that sessions now
    expire when they ought to, not several orders of magnitude
    later.