Release 1.1.0-alpha.10 (#1164)

Cargo.lock

@@ -1149,7 +1149,7 @@ dependencies = [
 
 [[package]]
 name = "daemon"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "clap",
  "clap_complete",
@@ -2247,7 +2247,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_client"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "kanidm_proto",
  "reqwest",
@@ -2264,7 +2264,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_proto"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "base32",
  "base64urlsafedata",
@@ -2280,7 +2280,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_tools"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "clap",
  "clap_complete",
@@ -2307,7 +2307,7 @@ dependencies = [
 
 [[package]]
 name = "kanidm_unix_int"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "bytes",
  "clap",
@@ -2338,7 +2338,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_core"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "async-trait",
  "chrono",
@@ -2370,7 +2370,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_lib"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "async-std",
  "async-trait",
@@ -2438,7 +2438,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_testkit"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "compact_jwt",
  "futures",
@@ -2460,7 +2460,7 @@ dependencies = [
 
 [[package]]
 name = "kanidmd_web_ui"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "compact_jwt",
  "gloo 0.8.0",
@@ -2811,7 +2811,7 @@ dependencies = [
 
 [[package]]
 name = "nss_kanidm"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "kanidm_unix_int",
  "lazy_static",
@@ -3028,7 +3028,7 @@ dependencies = [
 
 [[package]]
 name = "orca"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "clap",
  "crossbeam",
@@ -3068,7 +3068,7 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
 
 [[package]]
 name = "pam_kanidm"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "kanidm_unix_int",
  "libc",
@@ -3310,7 +3310,7 @@ dependencies = [
 
 [[package]]
 name = "profiles"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "base64 0.13.1",
  "serde",
@@ -4040,7 +4040,7 @@ dependencies = [
 
 [[package]]
 name = "sketching"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 dependencies = [
  "async-trait",
  "num_enum",

Cargo.toml

@@ -28,7 +28,7 @@ exclude = [
 ]
 
 [workspace.package]
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 authors = [
     "William Brown <william@blackhats.net.au>",
     "James Hodgkinson <james@terminaloutcomes.com>",

RELEASE_NOTES.md

@@ -16,6 +16,42 @@ can help. If you find a bug or issue, we'd love you to report it to our
 
 # Release Notes
 
+## 2022-11-01 - Kanidm 1.1.0-alpha10
+
+This is the tenth alpha series release of the Kanidm Identity Management
+project. Alpha releases are to help get feedback and ideas from the community
+on how we can continue to make this project better for a future supported release.
+
+The project is shaping up very nicely, and a beta will be coming soon!
+
+### Upgrade Note!
+
+This version will *require* TLS on all servers, even if behind a load balancer or
+TLS terminating proxy. You should be ready for this change when you upgrade to the
+latest version.
+
+### Release Highlights
+
+* Management and tracking of authenticated sessions
+* Make upgrade migrations more robust when upgrading over multiple versions
+* Add support for service account tokens via ldap for extended read permissions
+* Unix password management in web ui for posix accounts
+* Support internal dynamic group entries
+* Allow selection of name/spn in oidc claims
+* Admin UI wireframes and basic elements
+* TLS enforced as a requirement for all servers
+* Support API service account tokens
+* Make name rules stricter due to issues found in production
+* Improve Oauth2 PKCE testing
+* Add support for new password import hashes
+* Allow configuration of trusting x forward for headers
+* Components for account permission elevation modes
+* Make pam\_unix more robust in high latency environments
+* Add proc macros for test cases
+* Improve authentication requests with cookie/token seperation
+* Cleanup of expired authentication sessions
+* Improved administration of password badlists
+
 ## 2022-08-02 - Kanidm 1.1.0-alpha9
 
 This is the ninth alpha series release of the Kanidm Identity Management

kanidmd/lib/src/constants/mod.rs

@@ -17,7 +17,7 @@ pub use crate::constants::values::*;
 use std::time::Duration;
 
 // Increment this as we add new schema types and values!!!
-pub const SYSTEM_INDEX_VERSION: i64 = 26;
+pub const SYSTEM_INDEX_VERSION: i64 = 27;
 // On test builds, define to 60 seconds
 #[cfg(test)]
 pub const PURGE_FREQUENCY: u64 = 60;

kanidmd_web_ui/Cargo.toml

@@ -2,7 +2,7 @@
 name = "kanidmd_web_ui"
 description = "Kanidm Server Web User Interface"
 documentation = "https://docs.rs/kanidm/latest/kanidm/"
-version = "1.1.0-alpha.9"
+version = "1.1.0-alpha.10"
 authors = [
     "William Brown <william@blackhats.net.au>",
     "James Hodgkinson <james@terminaloutcomes.com>",

kanidmd_web_ui/pkg/kanidmd_web_ui.js

@@ -421,7 +421,7 @@ function getImports() {
         const ret = false;
         return ret;
     };
-    imports.wbg.__wbg_modalhidebyid_3090e1f0ff737387 = function(arg0, arg1) {
+    imports.wbg.__wbg_modalhidebyid_4a1a18ce4b8f3393 = function(arg0, arg1) {
         modal_hide_by_id(getStringFromWasm0(arg0, arg1));
     };
     imports.wbg.__wbindgen_number_new = function(arg0) {

kanidmd_web_ui/pkg/package.json

@@ -5,7 +5,7 @@
     "James Hodgkinson <james@terminaloutcomes.com>"
   ],
   "description": "Kanidm Server Web User Interface",
-  "version": "1.1.0-alpha.9",
+  "version": "1.1.0-alpha.10",
   "license": "MPL-2.0",
   "repository": {
     "type": "git",

project_docs/RELEASE_CHECKLIST.md

@@ -3,7 +3,6 @@
 
     cargo install cargo-audit
     cargo install cargo-outdated
-    cargo install cargo-release
 
 ## Check List
 
@@ -11,26 +10,27 @@
 
 * [ ] git checkout -b YYYYMMDD-release
 
-### Code Changes
-
-* [ ] upgrade crypto policy values if requires
-* [ ] bump index version in constants
-* [ ] check for breaking db entry changes.
-* [ ] cargo test
-
 ### Cargo Tasks
 
 * [ ] cargo outdated -R
 * [ ] cargo audit
 * [ ] cargo test
-* [ ] build wasm components with release
+
+### Code Changes
+
+* [ ] upgrade crypto policy values if requires
+* [ ] bump index version in constants
+* [ ] check for breaking db entry changes.
 
 ### Administration
 
-* [ ] cargo release --no-dev-version --no-push --no-publish --no-tag  1.1.0-alpha.X
-* [ ] git rebase -i HEAD~X
+* [ ] update version in ./kanidmd\_web\_ui/Cargo.toml
+* [ ] update version in ./Cargo.toml
+* [ ] cargo test
+* [ ] build wasm components with release profile
 * [ ] Update `RELEASE_NOTES.md`
 * [ ] git commit
+* [ ] git rebase -i HEAD~X
 * [ ] git push origin YYYYMMDD-release
 * [ ] Merge PR
 
@@ -63,3 +63,12 @@
 
 * [ ] vendor and release to build.opensuse.org
 
+### Follow up
+
+* [ ] git checkout master
+* [ ] git pull
+* [ ] git branch YYYYMMDD-dev-version
+* [ ] update version in ./kanidmd\_web\_ui/Cargo.toml
+* [ ] update version in ./Cargo.toml
+* [ ] build wasm components with debug profile
+