Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 2020-07-29 #1182

Merged
merged 16 commits into from
Jul 30, 2020
Merged

Release 2020-07-29 #1182

merged 16 commits into from
Jul 30, 2020

Conversation

fisx
Copy link
Contributor

@fisx fisx commented Jul 29, 2020
edited
Loading

Release Notes

  • This release makes a couple of changes to the elasticsearch mapping and requires a data migration. The correct order of upgrade is:
    1. Update mapping
    2. Upgrade brig as usual
    3. Run data migration
      Search should continue to work normally during this upgrade.
  • Now with cargohold using V4 signatures, the region is part of the Authorization header, so please make sure it is configured correctly. This can be provided the same way as the AWS credentials, e.g. using the AWS_REGION environment variable.

Bug Fixes

New Features

Internal changes

jschaul and others added 15 commits July 13, 2020 17:09
@jschaul @fisx
gundeck: drop deprecated tables (#1163)
3610f89 
Co-authored-by: Matthias Fischmann <[email protected]>
@mheinzel
Upgrade stack to 2.3.1 (#1166)
348a62a 
* upgrade stack in Dockerfile.prebuilder

* update installation instructions for Stack
@mheinzel
hscim: add license headers (#1165)
07a8ac9
@fisx
Merge branch 'master' into develop
ee3f808 
Conflicts:
        services/gundeck/gundeck.cabal
@mheinzel @tiago-loureiro @fisx
Make cargohold use amazonka instead of aws (#1157)
e5fefd6 
* squash #483

* remove all usages of aws

* support s3DownloadEndpoint config

* stack.yaml: pin updated fork of amazonka

The update to stack.yaml just takes all amazonka packages from the pinned fork.
They depend on core, so need to be rebuilt anyways.
We also drop elb, redshift, route53

* depend on OpenSSL again

This is mostly done for consistency with the other services. If we want to change it,
we should change it everywhere.

* remove unnecessary dependencies on binary and blaze-builder

* Add comment on how to use cloudfront

Co-authored-by: Tiago Loureiro <[email protected]>
@jschaul
handy cqlsh make target to manually poke at the database (#1170)
a130914
@fisx
SCIM Cleanup (#1169)
8482188 
* More structure in ValidScimUser type.

* Eliminate NeededInfo in favor of ValidScimUser.

* Eliminate raw inbound scim data from ValidScimUser.

We don't need this anywhere, except for storing it in
`spar.scim_user`, which will go away in this branch.

* Fix integration tests.

* Remove `IdP` from `ValidScimData`.

*Much* easier that way!
@mheinzel
Federation: Implement ID mapping (brig) (#1162)
2881c7e 
* add Cassandra table

* update cassandra-schema.cql

* add integration tests

* move hashQualifiedId into types-common
@jschaul
Pending invitations by email lookup (#1168)
0e5bf97 
"Allow people to know if there is a pending invitation for a given email".

Context: zinfra/backend-issues#1489
@akshaymankar @mheinzel
Index suspended users also in ElasticSearch (#1171)
dd31e54 
This will ensure that the team size is calculated correctly even for suspended teams. 

Co-authored-by: Matthias Heinzel <[email protected]>
@mheinzel
Refactor: Simplify SRV lookup logic in federation-util (#1175)
ad3c38d 
* stronger types for SRV lookup

* point-free

* avoid excessive tuple unpacking

* stop abusing tuples
@akshaymankar
Use ++FAILURES as it will not evaluate to 0 (#1178)
3d376f6 
When an expression evaluates to 0, its exit code is set to 1. Life is always
interesting when you write bash.
More information:
https://unix.stackexchange.com/questions/32250/why-does-a-0-let-a-return-exit-code-1/32251
@tiago-loureiro
Disallow team creation when setRestrictUserCreation is true (#1174)
431d94d
@fisx @akshaymankar
SCIM cleanup 2 (#1172)
82f1c29 
* Drop table `spar.scim_user` and obtain most information from brig.

- keep timestamps in `spar.scim_user_times`.
- delete db handles for old table and add ones for the new one.
- re-adjust docs.
- re-adjust application logic to get user data from brig.
- fix some tests in hscim, spar-integration.
- simplify ValidScimUser type slightly.
- remove some deprecated scim code.

* simplify!

* Fix: write access times if they are missing, ...

... not if the user was not managed by scim.  it's not clear whether
the former is a bug, but it's certainly less straight-forward.

* Parse rich-info returned by brig as RichInfoAssocList

* Ensure rich info has at least 1 field in tests

When rich info doesn't have any fields, some stuff doesn't get properly tested

* Move assocListToRichInfo to its rightful place

* Write down our regained context about RichInfo

* Ensure order of RichInfoAssocList is always maintained

* haddocks

* Forgotten rename

* Cleanup test cases for getScim, add failing ones.

* Do team membership test outside synthesizeStoredUser.

This way we can throw a 404 on getUser and return the empty list on
getUsers, which is the expected behavior.

* Make up a handle if none is present (corner case).

* More tests; duplicate more integration test plumbing.

* Cleanup.

* Make function only take what it needs (more robust that way).

* Fix tests.

* Fix hscim test suite.

There is one less test in hscim now, but that test is already
happening in the spar integration tests.

* Refactor RichInfo; haddocks.

we now store assoc lists everywhere, but do not change behavior
in scim (except for bug fixes).  see haddocks for details.

* Link to github issue about future work.

* Fix haddocks.

* Fixup

* Fixup

Co-authored-by: Akshay Mankar <[email protected]>
@fisx
CHANGELOG
4917194
@fisx fisx changed the base branch from develop to master July 29, 2020 11:53
@mheinzel
Copy link
Contributor

Could we add a note to the release notes along the lines of

Now with cargohold using V4 signatures, the region is part of the Authorization header, so please make sure it is configured correctly. This can be provided the same way as the AWS credentials, e.g. using the AWS_REGION environment variable.

We already took care of this in wire-server-deploy (wireapp/wire-server-deploy#314), but it might still be useful to list here?

@fisx
Copy link
Contributor Author

fisx commented Jul 30, 2020

Could we add a note to the release notes along the lines of

Now with cargohold using V4 signatures, the region is part of the Authorization header, so please make sure it is configured correctly. This can be provided the same way as the AWS credentials, e.g. using the AWS_REGION environment variable.

We already took care of this in wire-server-deploy (wireapp/wire-server-deploy#314), but it might still be useful to list here?

done: c9f6834

@akshaymankar
Copy link
Member

done: c9f6834

It is on wrong branch! 😄

@fisx
Copy link
Contributor Author

fisx commented Jul 30, 2020

oops

b30d08a

@fisx fisx merged commit 4cb3364 into master Jul 30, 2020
@fisx fisx deleted the release_2020_07_29 branch July 30, 2020 08:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akshaymankar akshaymankar akshaymankar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@fisx @mheinzel @akshaymankar @jschaul @tiago-loureiro