Lagoon Episode I: The permission wars (v1.0.0)
Today we feel as excited as we where exactly two years ago when we launched Lagoon two years ago.
Today we launch Lagoon Version 1.0.0, the first Major Version jump of Lagoon. We want to thank everybody who made this possible:
❤️ Our employees that work every day to improve Lagoon and make it better
💚 All the companies, enterprises, governments and freelancers that use Lagoon believe in Open Source and support it
💙 All contributors to the repository that decide to spend additional minutes to open a ticket, create a pull request or just like the project.
Thanks everybody for this, we always believed that Lagoon could make it that far, but without you it would never have happened.
As this is a major version jump there will be a dedicated upgrade documentation be created. But as it is a bit complicated we do not suggest to upgrade just now, but instead wait for 1.0.x and the upgrade documentation.
Edit - July 29 2020:
Here is a gist with the steps to upgrade to 1.0.0 - YMMV but this should get you there!
Changes:
- Groups and Subgroups instead of Customers. Starting in Lagoon 1.0.0 customers as we know if from v0.24.0 are gone: There are Groups instead. Projects can be assigned to one or multiple Groups. Users are added to Groups with a Role (see RBAC). Groups can be nested within Subgroups. This change provides a lot more flexibility and the possibility to recreate real world teams within Lagoon. The migration script will create for each existing customer a new group. #1200
- Role Based Access Control (RBAC). When assigning a user to a group, you need to provide a role for that user inside this group. Each one of the 5 current existing roles gives the user different permissions to the group and projects assigned to the group. There is a [full overview of all Roles existing]. The migration script will give each user the "Owner" Role. (https://docs.google.com/spreadsheets/d/1SBf7LxxgbJoefFg00DKA4m8HAshUjVpRHuqN3p_MyI4/edit?usp=sharing).
- Private Keys for Customers are now assigned to Projects. As we removed Customers and Projects can have multiple Groups assigned, the private keys for a project (which is used to access the git code) is now saved on the project directly. The migration script will assign the existing private keys from the customer directly to the projects. #1200
amazeeio/elasticsearch:latest
amazeeio/kibana:latest
amazeeio/logstash:latest
are not updated anymore! We now have versions for6
and7
, like:amazeeio/elasticsearch:6
#1179- Updated makefile and php Dockerfiles to pin correct alpine version for php 7.0 #1136
- Upgrading to PHPRedis 5.0.0 for PHP 7 and pin PHPRedis version 4.3.0 for PHP 5.6 image building process due to PHPRedis 5.0.0 dropping PHP5 support #1135
Features:
- If you don't provide any ssh private key during creation of a project, Lagoon will create a key pair automatically. #1200
- Prioritize production environments #995
Bugfixes:
- Projects with Promote Deployment Types do not create k8up objects - #1192
- Improved how fluentd handles connection interruptions #1171
- Retry API requests that timeout and reduce API load when syncing backups #1160
- Upgrade git-url-parse package to remove errant colon in UI #1066
- Exit and fail the deployment if the docker-host is not reachable #1143
Improvements:
- Searchguard is now using Groups instead of Projects for it's permissions. #1200
- Allow CronJobs to be scheduled on build nodes. #1196
- Allow any additional configurations to be added to elasticsearch #1188 #1182
- docker-host images now use the versioned
amazeeio/docker-host:latest
which is updated on every lagoon release and not on merges to master #1187 - exited containers are removed every 4 hours from docker-host #1187
- Update Drush to v8.3.0 #1185
- Update Drupal Console to v1.9.1 #1185
- Updating Composer to v1.9.0 #1184
- Bumps lodash.mergewith from 4.6.1 to 4.6.2. #1149
- Bump lodash.merge from 4.6.1 to 4.6.2 #1148
- Set memory resource limits for cli DeploymentConfigs (#1140)
- Xdebug will be enabled only if XDEBUG_ENABLE variable has a value #1170
- Allow adjustable interval in service idler (#1138)
- Check running builds and pods before idling (#1138)
- Allow services to be force idled manually ./idle-services.sh force #1139
- Enable much larger environment variable definitions in api #1133
- Also publish -latest suffix images for baseimages with versions #1131
- MDEV-17429 has been fixed, using newest mariadb-client again 821050d
Documentation: