diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6547a637319ca..b80cac241033f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,30 @@
# Changelog
+## 15.1.2 (03/08/24)
+
+* Fix a bug when using automatic updates and the discovery service. The default install script now installs the correct teleport version by querying the version server. [#39099](https://github.com/gravitational/teleport/pull/39099)
+* Fix a regression where `tsh kube credentials` fails to re-login when credentials expire. [#39075](https://github.com/gravitational/teleport/pull/39075)
+* TBot now supports `--proxy-server` for explicitly configuring the Proxy address. We recommend switching to this if you currently specify the address of your Teleport proxy to `--auth-server`. [#39055](https://github.com/gravitational/teleport/pull/39055)
+* Expand the EC2 joining process to include newly created AWS regions. [#39051](https://github.com/gravitational/teleport/pull/39051)
+* Added GCP MySQL access IAM Authentication support. [#39040](https://github.com/gravitational/teleport/pull/39040)
+* Fixed compatibility of the Teleport service file with older versions of systemd. [#39032](https://github.com/gravitational/teleport/pull/39032)
+* Update WebUI database connection instructions. [#39027](https://github.com/gravitational/teleport/pull/39027)
+* Teleport Proxy Service now runs a version server by default serving its own version. [#39017](https://github.com/gravitational/teleport/pull/39017)
+* Significantly reduced latency of network calls in Teleport Connect. [#39012](https://github.com/gravitational/teleport/pull/39012)
+* SPIFFE SVID generation introduced to tbot (experimental). [#39011](https://github.com/gravitational/teleport/pull/39011)
+* Adds `tsh workload issue` command for issuing SVIDs using `tsh`. [#39115](https://github.com/gravitational/teleport/pull/39115)
+* Fixed an issue in SAML IdP entity descriptor generator process, which would fail to generate entity descriptor if the configured Entity ID endpoint would return HTTP status code above `200` and below `400` . [#38987](https://github.com/gravitational/teleport/pull/38987)
+* Updated Go to 1.21.8. [#38983](https://github.com/gravitational/teleport/pull/38983)
+* Updated electron-builder dependency to address possible arbitrary code execution in the Windows installer of Teleport Connect (CVE-2024-27303). [#38964](https://github.com/gravitational/teleport/pull/38964)
+* Fixed an issue where it was possible to skip providing old password when setting a new one. [#38962](https://github.com/gravitational/teleport/pull/38962)
+* Added database permission management support for Postgres. [#38945](https://github.com/gravitational/teleport/pull/38945)
+* Improved reliability and performance of `tbot`. [#38928](https://github.com/gravitational/teleport/pull/38928)
+* Filter terminated sessions from the `tsh sessions ls` output. [#38887](https://github.com/gravitational/teleport/pull/38887)
+* Make it easier to identify Teleport browser tabs by placing the session information before the cluster name. [#38737](https://github.com/gravitational/teleport/pull/38737)
+* The `teleport-ent-upgrader` package now gracefully restarts the Teleport binary if possible, to avoid cutting off ongoing connections. [#3578](https://github.com/gravitational/teleport.e/pull/3578)
+* Trusted device authentication failures may now include a brief explanation message in the corresponding audit event. [#3572](https://github.com/gravitational/teleport.e/pull/3572)
+* Okta access lists sync will now sync groups without members. [#3636](https://github.com/gravitational/teleport.e/pull/3636)
+
## 15.1.1 (03/01/24)
* Fixed panic when an older `tsh` or proxy changes an access list. [#38861](https://github.com/gravitational/teleport/pull/38861)
diff --git a/Makefile b/Makefile
index 31ffc8da590d4..772bce75d0808 100644
--- a/Makefile
+++ b/Makefile
@@ -11,7 +11,7 @@
# Stable releases: "1.0.0"
# Pre-releases: "1.0.0-alpha.1", "1.0.0-beta.2", "1.0.0-rc.3"
# Master/dev branch: "1.0.0-dev"
-VERSION=15.1.1
+VERSION=15.1.2
DOCKER_IMAGE ?= teleport
diff --git a/api/version.go b/api/version.go
index 62a29da5b61d8..227bcbadda55b 100644
--- a/api/version.go
+++ b/api/version.go
@@ -3,6 +3,6 @@ package api
import "github.com/coreos/go-semver/semver"
-const Version = "15.1.1"
+const Version = "15.1.2"
var SemVersion = semver.New(Version)
diff --git a/build.assets/macos/tsh/tsh.app/Contents/Info.plist b/build.assets/macos/tsh/tsh.app/Contents/Info.plist
index d29b2b9104830..377dbb97cf306 100644
--- a/build.assets/macos/tsh/tsh.app/Contents/Info.plist
+++ b/build.assets/macos/tsh/tsh.app/Contents/Info.plist
@@ -19,13 +19,13 @@
CFBundlePackageType
APPL
CFBundleShortVersionString
- 15.1.1
+ 15.1.2
CFBundleSupportedPlatforms
MacOSX
CFBundleVersion
- 15.1.1
+ 15.1.2
DTCompiler
com.apple.compilers.llvm.clang.1_0
DTPlatformBuild
diff --git a/build.assets/macos/tshdev/tsh.app/Contents/Info.plist b/build.assets/macos/tshdev/tsh.app/Contents/Info.plist
index e9c43529df9e1..e6a94d606ae4a 100644
--- a/build.assets/macos/tshdev/tsh.app/Contents/Info.plist
+++ b/build.assets/macos/tshdev/tsh.app/Contents/Info.plist
@@ -17,13 +17,13 @@
CFBundlePackageType
APPL
CFBundleShortVersionString
- 15.1.1
+ 15.1.2
CFBundleSupportedPlatforms
MacOSX
CFBundleVersion
- 15.1.1
+ 15.1.2
DTCompiler
com.apple.compilers.llvm.clang.1_0
DTPlatformBuild
diff --git a/docs/cspell.json b/docs/cspell.json
index e424598cbe001..711d5e84cce3f 100644
--- a/docs/cspell.json
+++ b/docs/cspell.json
@@ -179,6 +179,7 @@
"SLAVEOF",
"SLES",
"SLOWLOG",
+ "SPIFFE",
"SQLSTATE",
"SSRF",
"SSUBSCRIBE",
@@ -186,6 +187,8 @@
"STIG",
"SUNSUBSCRIBE",
"SUPATH",
+ "SVID",
+ "SVIDs",
"Shockbyte",
"Slackbot",
"Sllavd",
@@ -911,4 +914,4 @@
"flagWords": [
"hte"
]
-}
+}
\ No newline at end of file
diff --git a/e b/e
index 4dab7b796d5e9..544d4d66bd305 160000
--- a/e
+++ b/e
@@ -1 +1 @@
-Subproject commit 4dab7b796d5e917861ff934ecfadab25d441b910
+Subproject commit 544d4d66bd305122f2d2a6fe71745a9d563a7b56
diff --git a/examples/chart/teleport-cluster/Chart.yaml b/examples/chart/teleport-cluster/Chart.yaml
index b2ff43050a8e0..7efd8518babfe 100644
--- a/examples/chart/teleport-cluster/Chart.yaml
+++ b/examples/chart/teleport-cluster/Chart.yaml
@@ -1,4 +1,4 @@
-.version: &version "15.1.1"
+.version: &version "15.1.2"
name: teleport-cluster
apiVersion: v2
diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml
index 6371d24025422..ac0eac01daff5 100644
--- a/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml
+++ b/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml
@@ -1,4 +1,4 @@
-.version: &version "15.1.1"
+.version: &version "15.1.2"
name: teleport-operator
apiVersion: v2
diff --git a/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap b/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap
index 1535809d55443..8fb4b6c507468 100644
--- a/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap
+++ b/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap
@@ -8,7 +8,7 @@
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -141,7 +141,7 @@ should set nodeSelector when set in values:
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -238,7 +238,7 @@ should set resources when set in values:
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -324,7 +324,7 @@ should set securityContext when set in values:
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
diff --git a/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap b/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap
index 99d422143682c..e6bea282da5c7 100644
--- a/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap
+++ b/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap
@@ -5,7 +5,7 @@ should provision initContainer correctly when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
name: wait-auth-update
resources:
limits:
@@ -69,7 +69,7 @@ should set nodeSelector when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -130,7 +130,7 @@ should set nodeSelector when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
name: wait-auth-update
nodeSelector:
environment: security
@@ -181,7 +181,7 @@ should set resources for wait-auth-update initContainer when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -249,7 +249,7 @@ should set resources for wait-auth-update initContainer when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
name: wait-auth-update
resources:
limits:
@@ -289,7 +289,7 @@ should set resources when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -357,7 +357,7 @@ should set resources when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
name: wait-auth-update
resources:
limits:
@@ -397,7 +397,7 @@ should set securityContext for initContainers when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -465,7 +465,7 @@ should set securityContext for initContainers when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
name: wait-auth-update
securityContext:
allowPrivilegeEscalation: false
@@ -505,7 +505,7 @@ should set securityContext when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -573,7 +573,7 @@ should set securityContext when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
name: wait-auth-update
securityContext:
allowPrivilegeEscalation: false
diff --git a/examples/chart/teleport-kube-agent/Chart.yaml b/examples/chart/teleport-kube-agent/Chart.yaml
index b4ff1ce3d3f5d..e97059bd188f9 100644
--- a/examples/chart/teleport-kube-agent/Chart.yaml
+++ b/examples/chart/teleport-kube-agent/Chart.yaml
@@ -1,4 +1,4 @@
-.version: &version "15.1.1"
+.version: &version "15.1.2"
name: teleport-kube-agent
apiVersion: v2
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap
index e6e342574f104..8739970f13f56 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap
@@ -30,7 +30,7 @@ sets Deployment annotations when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -103,7 +103,7 @@ sets Deployment labels when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -163,7 +163,7 @@ sets Pod annotations when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -223,7 +223,7 @@ sets Pod labels when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -300,7 +300,7 @@ should add emptyDir for data when existingDataVolume is not set if action is Upg
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -361,7 +361,7 @@ should add insecureSkipProxyTLSVerify to args when set in values if action is Up
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -421,7 +421,7 @@ should correctly configure existingDataVolume when set if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -479,7 +479,7 @@ should expose diag port if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -551,7 +551,7 @@ should have multiple replicas when replicaCount is set (using .replicaCount, dep
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -623,7 +623,7 @@ should have multiple replicas when replicaCount is set (using highAvailability.r
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -683,7 +683,7 @@ should have one replica when replicaCount is not set if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -743,7 +743,7 @@ should mount extraVolumes and extraVolumeMounts if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -810,7 +810,7 @@ should mount tls.existingCASecretName and set environment when set in values if
value: "true"
- name: SSL_CERT_FILE
value: /etc/teleport-tls-ca/ca.pem
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -880,7 +880,7 @@ should mount tls.existingCASecretName and set extra environment when set in valu
value: http://username:password@my.proxy.host:3128
- name: SSL_CERT_FILE
value: /etc/teleport-tls-ca/ca.pem
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -946,7 +946,7 @@ should provision initContainer correctly when set in values if action is Upgrade
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1042,7 +1042,7 @@ should set SecurityContext if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1122,7 +1122,7 @@ should set affinity when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1182,7 +1182,7 @@ should set default serviceAccountName when not set in values if action is Upgrad
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1255,7 +1255,7 @@ should set environment when extraEnv set in values if action is Upgrade:
value: "true"
- name: HTTPS_PROXY
value: http://username:password@my.proxy.host:3128
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1375,7 +1375,7 @@ should set imagePullPolicy when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 6
@@ -1435,7 +1435,7 @@ should set nodeSelector if set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1497,7 +1497,7 @@ should set not set priorityClassName when not set in values if action is Upgrade
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1569,7 +1569,7 @@ should set preferred affinity when more than one replica is used if action is Up
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1629,7 +1629,7 @@ should set priorityClassName when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1690,7 +1690,7 @@ should set probeTimeoutSeconds when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1760,7 +1760,7 @@ should set required affinity when highAvailability.requireAntiAffinity is set if
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1820,7 +1820,7 @@ should set resources when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1887,7 +1887,7 @@ should set serviceAccountName when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1947,7 +1947,7 @@ should set tolerations when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap
index b9e0f9d8e6b40..6dbd233d5af1c 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap
@@ -25,7 +25,7 @@ should create ServiceAccount for post-delete hook by default:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -104,7 +104,7 @@ should not create ServiceAccount for post-delete hook if serviceAccount.create i
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -132,7 +132,7 @@ should not create ServiceAccount, Role or RoleBinding for post-delete hook if se
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -160,7 +160,7 @@ should set nodeSelector in post-delete hook:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -190,7 +190,7 @@ should set securityContext in post-delete hook:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap
index fc258e2ac9179..ab4a47592a9d4 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap
@@ -16,7 +16,7 @@ sets Pod annotations when specified:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -84,7 +84,7 @@ sets Pod labels when specified:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -176,7 +176,7 @@ sets StatefulSet labels when specified:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -272,7 +272,7 @@ should add insecureSkipProxyTLSVerify to args when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -340,7 +340,7 @@ should add volumeClaimTemplate for data volume when using StatefulSet and action
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -428,7 +428,7 @@ should add volumeClaimTemplate for data volume when using StatefulSet and is Fre
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -506,7 +506,7 @@ should add volumeMount for data volume when using StatefulSet:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -574,7 +574,7 @@ should expose diag port:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -642,7 +642,7 @@ should generate Statefulset when storage is disabled and mode is a Upgrade:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -724,7 +724,7 @@ should have multiple replicas when replicaCount is set (using .replicaCount, dep
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -804,7 +804,7 @@ should have multiple replicas when replicaCount is set (using highAvailability.r
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -872,7 +872,7 @@ should have one replica when replicaCount is not set:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -940,7 +940,7 @@ should install Statefulset when storage is disabled and mode is a Fresh Install:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1010,7 +1010,7 @@ should mount extraVolumes and extraVolumeMounts:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1085,7 +1085,7 @@ should mount tls.existingCASecretName and set environment when set in values:
value: RELEASE-NAME
- name: SSL_CERT_FILE
value: /etc/teleport-tls-ca/ca.pem
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1165,7 +1165,7 @@ should mount tls.existingCASecretName and set extra environment when set in valu
value: /etc/teleport-tls-ca/ca.pem
- name: HTTPS_PROXY
value: http://username:password@my.proxy.host:3128
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1241,7 +1241,7 @@ should not add emptyDir for data when using StatefulSet:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1309,7 +1309,7 @@ should provision initContainer correctly when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1413,7 +1413,7 @@ should set SecurityContext:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1501,7 +1501,7 @@ should set affinity when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1569,7 +1569,7 @@ should set default serviceAccountName when not set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1650,7 +1650,7 @@ should set environment when extraEnv set in values:
value: RELEASE-NAME
- name: HTTPS_PROXY
value: http://username:password@my.proxy.host:3128
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1786,7 +1786,7 @@ should set imagePullPolicy when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 6
@@ -1854,7 +1854,7 @@ should set nodeSelector if set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1936,7 +1936,7 @@ should set preferred affinity when more than one replica is used:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2004,7 +2004,7 @@ should set probeTimeoutSeconds when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2082,7 +2082,7 @@ should set required affinity when highAvailability.requireAntiAffinity is set:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2150,7 +2150,7 @@ should set resources when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2225,7 +2225,7 @@ should set serviceAccountName when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2293,7 +2293,7 @@ should set storage.requests when set in values and action is an Upgrade:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2361,7 +2361,7 @@ should set storage.storageClassName when set in values and action is an Upgrade:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2429,7 +2429,7 @@ should set tolerations when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.1.1
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap
index 2ca1b724ae15b..c89ae7cf8b74b 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap
@@ -27,7 +27,7 @@ sets the affinity:
- --base-image=public.ecr.aws/gravitational/teleport-distroless
- --version-server=https://my-custom-version-server/v1
- --version-channel=custom/preview
- image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.1.1
+ image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -71,7 +71,7 @@ sets the tolerations:
- --base-image=public.ecr.aws/gravitational/teleport-distroless
- --version-server=https://my-custom-version-server/v1
- --version-channel=custom/preview
- image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.1.1
+ image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6