v1.7.0 #BlackLivesMatter

⠀⠀⠀⠀⠀⠀⠀⠀⣴⣶⣿⣿⣿⣿⣿⣿⣶⣦⣤⣀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⣠⣴⣿⣿⠿⠛⠉⢉⣿⣄⠀⠉⠉⠉⠛⠿⣿⣿⣦⣄⠀⠀⠀⠀⠀
⠀⠀⠀⣠⣾⣿⠿⠉⠀⠀⠀⣰⣿⣿⣿⢃⣶⡀⠀⠀⠀⠀⠙⢿⣿⣷⣄⠀⠀⠀
⠀⠀⣴⣿⡟⠃⠀⠀⠀⣰⣶⣮⣝⡻⢡⣿⣿⣿⡆⣀⠀⠀⠀⠀⠙⢿⣿⣦⠀⠀
⠀⣼⣿⡟⠀⠀⠀⢀⣼⣿⣿⣿⣿⣿⣷⣮⠹⢋⣾⣿⣷⡄⡀⠀⠀⠀⢻⣿⣧⠀
⢰⣿⡟⠀⠀⠀⢠⣾⣿⣿⡿⠎⣛⣿⣿⡟⣰⣿⣿⡿⢋⣼⣷⡀⠀⠀⠀⢻⣿⡆
⣿⣿⡇⠀⠀⠀⠻⣿⣿⣿⣿⣷⣦⠨⣭⣘⡿⣿⢟⣵⣿⣿⠿⠋⠀⠀⠀⢸⣿⣿
⣿⣿⠀⠀⠀⠀⠀⠙⣿⣿⣿⣿⣿⣷⡘⣿⣿⣷⣝⢿⣿⣵⡇⠀⠀⠀⠀⠀⣿⣿
⣿⣿⡇⠀⠀⠀⠀⠀⠘⢿⣿⣿⣿⣿⣿⡌⢿⣿⣿⣿⣿⣿⠁⠀⠀⠀⠀⢸⣿⣿
⠸⣿⣧⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⣿⣿⣿⠎⢿⣿⣿⣿⠏⠀⠀⠀⠀⠀⣼⣿⠇
⠀⢻⣿⣧⠀⠀⠀⠀⠀⠀⠀⣹⣿⣿⣿⣿⡆⣾⣿⣿⠃⠀⠀⠀⠀⠀⣼⣿⡟⠀
⠀⠀⠻⣿⣧⡄⠀⠀⠀⠀⠀⣿⣿⣿⣿⣿⢃⣿⣿⣿⠀⠀⠀⠀⣠⣼⣿⠟⠀⠀
⠀⠀⠀⠙⢿⣿⣶⣀⠀⠀⢠⣿⣿⣿⣿⣿⢸⣿⣿⣿⠀⠀⣀⣾⣿⡿⠋⠀⠀⠀
⠀⠀⠀⠀⠀⠙⠻⣿⣿⣶⣼⣿⣿⣿⣿⣿⣸⣿⣿⣿⣶⣿⣿⠟.

#BlackLivesMatter

Changes in this release

API & Authentication subsystem

• Add newrelic to api @rocketeerbkw (#1983)
• Support for Active/Standby in Kubernetes @shreddedbacon (#1920)
• Bump apollo-server-express from 2.9.4 to 2.14.2 @dependabot (#1939)
• Introduces Problems Database System @bomoko (#1943)
• Convert lagoon to typescript @rocketeerbkw (#1692)

Admin & User Interfaces subsystem

• Billing UI Updates @justinlevi (#1926)
• Introduces Problems Database System @bomoko (#1943)
• Avoid exclusive language "blacklist" @rocketeerbkw (#1930)

Build & Deploy subsystem

• persistentStorageName fixes and other nits @Schnitzel (#1977)
• Support for Active/Standby in Kubernetes @shreddedbacon (#1920)
• Update project logic for Harbor projects @cdchris12 (#1776)
• Add support for stakater/ingressmonitorcontroller @twardnw (#1872)
• Adding varnish control port to k8s helmfiles @dasrecht (#1961)
• Updated default robot token duration to 500 days. @cdchris12 (#1953)
• Label namespaces with lagoon.sh/environmentType @smlx (#1960)
• Fix indentation for annotations in rabbitmq template @shreddedbacon (#1968)
• Small chart template changes to fix helm linting @tobybellwood (#1928)
• Improve harbor migration script @cdchris12 (#1843)

Logging & Reporting subsystem

• Logging overhaul @smlx (#1959)
• Make lagoon-logging helm chart OpenShift compatible @smlx (#1918)
• Add missing builddeploy-kubernetes:complete task to RC notifications @twardnw (#1973)
• Improve resilience of logs-forwarder @smlx (#1940)

Base Images & Testing subsystem

• Capability to prepopulate mariadb and solr on start @Schnitzel (#1978)
• Disable caching of large binary files in Varnish @seanhamlin (#1784)
• set up emptyDir volume for twig render cache @twardnw (#1967)
• First iteration of Lagoon Version Update Helper @dasrecht (#1852)
• Add a new environment variable to control New Relic browser monitoring. @seanhamlin (#1955)
• Update curl to 7.70.0-r0 in the PHP images @seanhamlin (#1954)
• #1799: Update the lagoon-kickstart process to use the Lagoon API @fubarhouse (#1867)
• Pin docker upstream tags to Alpine 3.11 @tobybellwood (#1931)

Documentation & Examples / DX subsystem

• docs: Kubernetes installation @xantrix (#1853)
• Moving contributing and CoC to docs root. @AlannaBurke (#1937)

Automation, Services & Helpers subsystem

• Added some initial checks, support for rocketchat, and shellcheck @vincenzodnp (#1984)
• Improve shared-to-shared-migrate script @smlx (#1768)
• Add support for stakater/ingressmonitorcontroller @twardnw (#1872)
• Bash script to check and update TLS broken routes @vincenzodnp (#1972)
• Auto-idler cronjobs @shreddedbacon (#1892)

Security subsystem

• Upgraded Trivy to v0.9.0 @cdchris12 (#1963)
• Trivy Container Permission Fixes @cdchris12 (#1927)

Welcome Drupal 9! - v1.6.0

Drupal 9 support, Lagoon metadata and Trivy scanning

• The main reason for this release is to ensure that our images and infrastructure are ready to support Drupal 9 on release day. We’ll also be releasing a blog post outlining what we’ve put in place.
• This release has also added customisable metadata fields to Lagoon projects, contributed by @stooit (and thanks to Salsa Digital) - we’ll expand more on what’s possible with this, and why it’s so important shortly.
• Also, in big ticket items, we have updated the image and vulnerability scanning component bundled with our Harbor install to use Trivy (instead of Clair). In our tests, Trivy not only detected more vulnerabilities, but was significantly less resource-heavy, and returned faster results - triple win!

Update to v1.6.0

With #1917 landed within Lagoon v1.6.0 we're now labeling all new created OpenShift and Kubernetes Namespaces with two new Labels: lagoon.sh/project and lagoon.sh/environment.
In order to label all existing namespaces please use this script:

#!/usr/bin/env bash

while read PROJECT; do
  echo "Handling lagoon project ${PROJECT}"
  while read LINE; do
    NAMESPACE=$(echo "$LINE" | awk '{print $5}')
    ENVIRONMENT=$(echo "$LINE" | awk '{print $2}')
    if kubectl get ns ${NAMESPACE} &> /dev/null; then
      PATCH="{\"metadata\": {\"labels\": {\"lagoon.sh/project\": \"${PROJECT}\", \"lagoon.sh/environment\": \"${ENVIRONMENT}\"}}}"
      echo "Updating namespace labels for ${NAMESPACE}"
      kubectl patch ns "${NAMESPACE}" -p "${PATCH}"
    else
      echo "${NAMESPACE} not found on this cluster"
    fi
  done < <(lagoon list environments --no-header --project="${PROJECT}")
done < <(lagoon list projects --no-header | awk '{print $2}')

this requires lagoon-cli >=v0.9.1 and kubectl, both fully authenticated against Lagoon and an OpenShift/Kubernetes cluster, run the script for each cluster that is managed by Lagoon.

Changes in this release

API & Authentication subsystem

• Re-implement JWT generation script using pyjwt @smlx (#1830)
• Added support to arbitrary project metadata key/value pairs @stooit (#1775)

Admin & User Interfaces subsystem

• Elasticsearch date bounds calculate @Schnitzel (#1874)

Build & Deploy subsystem

• Redeploy pods if the ConfigMap changes @shreddedbacon (#1923)
• Ability to temporarily disable pre or post rollout tasks @shreddedbacon (#1921)
• use lagoon.sh as label prefix @Schnitzel (#1835)
• Add Trivy Scanner to Harbor @cdchris12 (#1912)
• Ingress annotations @Schnitzel (#1903)
• Ensure project and environment labels exist on OpenShift projects. @nicksantamaria (#1917)
• ingress annotations support @Schnitzel (#1899)
• Disabling quota sync for harbor-core @cdchris12 (#1865)
• only run helm template if the folder actually exists @Schnitzel (#1862)

Logging & Reporting subsystem

• Lagoon logging helm chart @smlx (#1859)

Base Images & Testing subsystem

• Initial attempt at d9 tests @tobybellwood (#1904)
• Build Python3.7 images from Alpine 3.10 instead of 3.11 @tobybellwood (#1889)
• Moved es-curl to elasticsearch base images @vincenzodnp (#1886)
• Run mysql_upgrade on existing databases after upgrade @tobybellwood (#1891)
• Update MariaDB image to latest Alpine & remove Galera-based images @tobybellwood (#1866)

Documentation & Examples / DX subsystem

• Basic Authentication documentation update @seanhamlin (#1698)
• Fix markdown rendering for code blocks for container registries @seanhamlin (#1803)
• Reformat and update Lagoon service README files @rocketeerbkw (#1906)

Automation, Services & Helpers subsystem

• Alter the error message for webhook payloads that are not JSON. @seanhamlin (#1870)
• Automated Billing - Poly Site Calculations @justinlevi (#1914)
• Added support to arbitrary project metadata key/value pairs @stooit (#1775)
• k8s k8up backup fixes @Schnitzel (#1864)

Security subsystem

• Re-implement JWT generation script using pyjwt @smlx (#1830)

Release side notes

• Release drink: Old Fashioned - Maker's Mark 46
• Release song: You're the Conversation, I'm the Game by Chris Corner, Sue Denim

v1.5.0 - And we thought this is just gonna be a small one

The name of this release says it all: Originally v1.5.0 was expected to have a couple of fixes while we're working on v2.0.0 of Lagoon. But then the Lagoon Gods had something different in mind:

Our security A-12 @smlx found another security issue (on a Friday evening in Australia nonetheless) and so the US team (it being only Friday morning at that time) joined forces. Security bug slayer @cdchris12 with support of rollout strategy consultant @twardnw and pull request review hawk @Schnitzel got a PR formed that used as much as automated update magic as possible, in order to create the least amount of work for any Lagoon Maintainer Magicians out there.
After a couple of hours the PR finally passed (e38818c) and was ready to set sail. As this is a security release, we hot-released fixed images on all Lagoon versions managed by the Lagoon Maintainer Squadron and of course found another bug that was promptly fixed (#1861) and confirmed by master tester @shreddedbacon. While in the same time PR and Issue organizer @tobybellwood made sure that the Lagoon milestones were aligned to the new world order.

Just a couple of hours after the security bug was discovered, the Lagoons are safe again and this release marks the second security release of Lagoon.

Upgrade Instructions

During the release of 1.5.0 (not waiting until the build pod has finished!)

1. Immediately after keycloak-db has restarted, run:

   mysql -e "SET PASSWORD FOR '$MARIADB_USER'@'%' = PASSWORD('$MARIADB_PASSWORD'); FLUSH PRIVILEGES;"
   

   inside the keycloak-db pod.
2. Immediately after keycloak-db has restarted, run:

   /rerun_initdb.sh
   

   inside the api-db pod.

Failure to do these two things might cause the api and keycloak pods to not be able to connect to the databases and cause a downtime of Lagoon and a failed build.
To recover: run the two commands in the respective db pods and trigger another Lagoon build.

API & Authentication subsystem

• Adding Keycloak DB and API DB password generation @cdchris12 (e38818c)
• inject api-db connection credentials via env variables @Schnitzel (#1861)
• Fix favicon URL typo @smlx (#1790)
• Destructive Action Button Color @shreddedbacon (#1794)
• Fix running cron via UI tasks @fubarhouse (#1809)
• Allow the lagoon UI to pre-select a keycloak identity provider for login @rocketeerbkw (#1847)
• Add (non-admin) users who create projects as owners of the created pr… @rocketeerbkw (#1849)
• Fix typo in api subscription constructor @rocketeerbkw (#1839)

Admin & User Interfaces subsystem

• Storage Description - Additional Calculation @justinlevi (#1857)
• Fix favicon URL typo @smlx (#1790)
• Destructive Action Button Color @shreddedbacon (#1794)
• Pricing Fix - Hotfix @justinlevi (#1792)
• Fix running cron via UI tasks @fubarhouse (#1809)
• Billing Invoice English/Germain Translation @justinlevi (#1856)
• Additional Hotfix Tweaks to the UI @justinlevi (#1850)
• Billing UI: Adding Modifiers & Currency Character Fix @justinlevi (#1848)
• Feature/billing invoicing ui @justinlevi (#1842)
• Billing UI Invoice @justinlevi (#1828)
• handle empty hours in hits @Schnitzel (#1841)

Build & Deploy subsystem

• [Harbor] Custom S3 Region Endpoint Support @cdchris12 (#1719)
• Remove legacy CLI image @smlx (#1798)
• Adding the --compatability flag to all docker-compose up -d commands. @cdchris12 (#1800)
• Label namespaces with lagoon/project in k8s @smlx (#1833)
• Use labels on kubernetes jobs to not block builds on cron/backups/tasks @rocketeerbkw (#1846)
• capability to deploy PRs into k8s @Schnitzel (#1844)
• Support k3d running in docker on btrfs @smlx (#1829)
• Add Harbor Migration Script @cdchris12 (#1806)
• use parallel retries 4 to handle docker registry failures @Schnitzel (#1813)

Logging & Reporting subsystem

• Add logs-dispatcher service image @smlx (#1845)
• Upgrade ElasticSearch/Kibana to 7.6.1 @vincenzodnp (#1814)
• curator: allow to set use_ssl @Schnitzel (#1854)

Base Images & Testing subsystem

• Added support for ImageMagick in php images @vincenzodnp (#1770)
• Add Node.js v14 images @rocketeerbkw (#1810)
• Add logs-dispatcher service image @smlx (#1845)
• Upgrade ElasticSearch/Kibana to 7.6.1 @vincenzodnp (#1814)
• Update Newrelic to 9.10.1.263 @dasrecht (#1855)
• Update Newrelic 9.10.0.262 and install Newrelic on PHP 7.4 @dasrecht (#1838)
• Limit k3d cluster name length @smlx (#1832)
• Add workaround for missing localhost dns on linux @smlx (#1526)
• #1482 clean docker image cache on tag deployments @Schnitzel (#1816)
• Fix for issue #1818. Pin ubuntu image version as 18.04 in ssh/Dockerfile @josephgultekin (#1819)
• Added support for Solr7.7 and latest Search API Solr module @vincenzodnp (#1731)

Documentation & Examples / DX subsystem

• Added documentation snippet for generating JWT on command line. @nicksantamaria (#1796)
• Add Github issue template config with a link to Discussions feature @dan2k3k4 (#1821)

v_______1_______._______4_______._______1

Changes in this release

• Implement k8up support with k8s @Schnitzel (#1782)

API & Authentication subsystem

• Expose Lagoon tag/version in UI and API @shreddedbacon (#1773)
• Billing dev cost calculation fix @justinlevi (#1779)

Build & Deploy subsystem

• Throttling Clair container @cdchris12 (#1781)
• Add webhooks for all harbor projects when created @cdchris12 (#1753)
• Fix Log links in openshiftbuilddeploymonitor @shreddedbacon (#1765)

Logging & Reporting subsystem

• Fix issue with elasticsearch buffers overflowing in logs-forwarder @smlx (#1738)

Base Images & Testing subsystem

• Update newrelic to v9.9.0.260 @dasrecht (#1766)
• Minor Makefile fixes @smlx (#1780)

Documentation & Examples / DX subsystem

• Harbor documentation bugfix @cdchris12 (#1767)

Automation, Services & Helpers subsystem

• add -o ConnectTimeout=5 to solve issues with Catalina 10.15.4 and proxy settings @Schnitzel (#1783)
• Billing dev cost calculation fix @justinlevi (#1779)
• Fix scaling of cli during ssh connection @Schnitzel (#1769)

Security subsystem

• Add webhooks for all harbor projects when created @cdchris12 (#1753)

Alternative Release Names

• Quarantine Edition
• social distancing edition
• Flaming Poisoning Raging Sword Of Doom
• "The One-Four-One"
• v1.4.1 - six feet / two meters distance

v1.4.0 - Lagoobernetes

This release marks the first version of Lagoon with support to deploy into Kubernetes. It is though in no way suggested to use this for Kubernetes deployments yet, not every feature of Lagoon is supported and there is no full documentation yet. This will follow with Lagoon 2.0.0 following in the next weeks.

It is though a big step for Lagoon and saying that we are super excited is an understatement. Thanks everybody for their tremendous amount of work.

Changes in this release

Vanilla Kubernetes support

• fix some small kubernetes things @Schnitzel (#1760)
• add prebackuppods support for k8s @Schnitzel (#1759)
• Add Harbor Docs @cdchris12 (#1680)
• replace auth can-i with just get @Schnitzel (#1749)
• K8s MariaDBConsumer check @shreddedbacon (#1683)
• Don't require token authentication for local k3d dashboard @rocketeerbkw (#1693)
• add kibana helm chart @shreddedbacon (#1649)
• Support deploying projects to Kubernetes clusters @Schnitzel (#1369)
• Rename dbaas-shared to mariadb-dbaas @shreddedbacon (#1654)
• K8s DBaaS Operator improvments @shreddedbacon (#1694)
• Feature/2577 deployment success failure msg @justinlevi (#1724)
• Harbor k8s @cdchris12 (#1563)
• KubernetesMisc Service @justinlevi (#1690)

API & Authentication subsystem

• Active/Standby Implementation @shreddedbacon (#1704)
• Deleting environment variable permission issue - Hot Fix @justinlevi (#1740)
• Bug fix: Self-Service ssh key adds _ if the ssh key has a comment @justinlevi (#1745)
• Fix incorrect variable name that caused errors with API subscriptions and fix error logging @rocketeerbkw (#1710)
• Add drush uli task to API and UI @twardnw (#1713)

Build & Deploy subsystem

• Variables from API escaped incorrectly in build-args @shreddedbacon (#1671)
• no busybox on elasticsearch images, use /usr/bin/tar for prebackuppods @Schnitzel (#1764)
• Active/Standby Implementation @shreddedbacon (#1704)
• Add Harbor Docs @cdchris12 (#1680)
• Add Restart Flags for Harbor Containers When Running Locally @cdchris12 (#1751)
• replace auth can-i with just get @Schnitzel (#1749)
• Prevent service broker environment variables having dashes. @seanhamlin (#1707)
• Fix #1684 by setting system:image-puller to default serviceaccount @vincenzodnp (#1685)

Logging & Reporting subsystem

• Cater for missing extensions in the restic backups. @seanhamlin (#1716)
• #1449 move cronjobs into environment variable to force in-pod cronjob @Schnitzel (#1547)
• add elasticsearch s3 and azure repository plugins @Schnitzel (#1727)

Operators & Provisioning subsystem

• Active/Standby Implementation @shreddedbacon (#1704)

Base Images & Testing subsystem

• Active/Standby Implementation @shreddedbacon (#1704)
• k8s more features tests @Schnitzel (#1746)
• Updating composer to v1.10.1 @dasrecht (#1744)
• Update New Relic to v9.8.0.259 @dasrecht (#1742)
• Update Drupal to 8.8.4, install from sqldump @Schnitzel (#1734)

Documentation & Examples / DX subsystem

• Add Harbor Docs @cdchris12 (#1680)
• Fixes 1101 - Comments out scripts folder from dockerfile. @fjgarlin (#1669)
• Docs update base images @AlannaBurke (#1672)

Automation, Services & Helpers subsystem

• Check for a mariadb-shared service instance in the namespace @shreddedbacon (#1737)
• Add backup handler @shreddedbacon (#1736)
• k8up initiate-archive scripts @Schnitzel (#1510)
• Fix #1675 by increasing backup retention window to 6 weeks @vincenzodnp (#1676)

v1.3.1 - Friday the 13th

This is a hotfix release for the issues we found in #1722

Changes in this release

• #1722 Pin curl to Version 7.69.1-r0 @Schnitzel (#1723)

API & Authentication subsystem

• Remove tty creation of ssh call inside drush aliases @shreddedbacon (#1721)

Logging & Reporting subsystem

• Allow logs2logs-db to create missing lagoon-logs exchange @rocketeerbkw (#1691)

v1.3.0 - The One Without PHP 5.6

More information over at https://stories.amazee.io/what-to-expect-in-lagoon-1-3-0-6683bc19e8c8

Headline Items

• Incorporating the security release v1.2.1
• Self-service SSH key updating in the UI
• Much better timeframe-based Cronjob allocation
• Image deprecations for PHP 5.6, 7.0 and 7.1, NodeJS 6, 8 and 9
• Upstream alpine and minor version image pinning for predictability
• Release (and incorporation) of the brand new amazee.io database-as-a-service operator
• Billing automation
• Documentation super-overhaul

API & Authentication subsystem

• Update keycloak memory allocation @twardnw (#1661)
• Upgrade newman to resolve security update with its depdency csv-parse @rocketeerbkw (#1628)
• Fix alignment for SSH key fields in UI @smlx (#1632)
• Force serialize-javascript to ^2.1.1 @rocketeerbkw (#1645)
• Release/v1.2.1 @Schnitzel (#1663)
• Adding in fragments for UI Mocks @justinlevi (#1559)
• Environment Hits Bug Fix - (Billing Modifiers Addendum) @justinlevi (#1636)
• Add a bitbucket project permissions sync script @rocketeerbkw (#1550)
• Adjust cron task button to use standard style @fubarhouse (#1573)
• Update the SSH public key in Lagoon UI. @justinlevi (#1552)
• create jwt token inside ssh service via bash instead of npm @Schnitzel (#1619)
• Also delete branches and pull requests that do not match the supplied regex. @seanhamlin (#1576)

Build & Deploy subsystem

• Openshift mariadb dbaas-operator support @Schnitzel (#1657)
• Reduce verbosity in build logs @shreddedbacon (#1643)
• Avoid piping to head where possible @smlx (#1529)
• Fixes for lagoon-tug @dasrecht (#1536)
• Add ability to set NATIVE_CRON_POD_MINIMUM_FREQUENCY variable @Schnitzel (#1412)
• Additional check for newrelic when container starts @shreddedbacon (#1532)
• Harbor 1.10 upgrade @cdchris12 (#1495)
• No need to expose to host mailhog SMTP port @twardnw (#1530)

Logging & Reporting subsystem

• Add OpenDistro SQL plugin to logs-db image @shreddedbacon (#1625)

Operators & Provisioning subsystem

• Openshift mariadb dbaas-operator support @Schnitzel (#1657)

Base Images & Testing subsystem

• fix issues with nginx temp folder in wrong place @Schnitzel (#1656)
• Switch local-dev/git image to alpine @smlx (#1542)
• Pin to a default alpine version (3.11) for most images @tobybellwood (#1523)
• Removing Node versions 6, 8, and 9 and PHP versions 5.6, 7.0, and 7.1 @cdchris12 (#1521)
• Fix IP regex on Mac @shreddedbacon (#1629)
• Fix reference to old testing subnet @smlx (#1497)
• Updating Varnish default CACHE_SIZE to 500M @dasrecht (#1585)
• #1610: Add service broker to local development @fubarhouse (#1611)
• Add profiling to test suite @smlx (#1566)
• Add mariadb-client MARIADB_MAX_ALLOWED_PACKET variable. @steveworley (#1375)
• Fix regex to handle all possible IP addresses @smlx (#1489)
• Silence useless "command not found" if minishift not installed @smlx (#1502)
• Update New Relic PHP Agent to 9.6.0.255 and pin Xdebug to 2.6.0 for PHP 7.0 @seanhamlin (#1554)
• Sync output of parallel make tasks in CI @smlx (#1503)
• Run the securityadmin demo script as part of make up @smlx (#1525)
• Remove unnecessary sleep in Jenkinsfile @smlx (#1524)
• Fix some ansible warnings in test suite @smlx (#1520)
• Update tests dependencies to run only once in the right order @smlx (#1516)
• Switch tests to use docker library alpine image @smlx (#1535)
• correctly escape nginx regex in redirects @Schnitzel (#1546)
• Pin Python Alpine to 3.10 instead of latest @tobybellwood (#1517)

Documentation & Examples / DX subsystem

• Documentation updates Round 2! @AlannaBurke (#1630)
• Updating default HAProxy config to conform to current industry standards @cdchris12 (#1551)
• Fix typo in documented XDEBUG variable name @smlx (#1507)
• Document how Drupal can be run in a subfolder @Schnitzel (#1564)
• Configure Lagoon project for "release-drafter" Github Action @tobybellwood (#1534)
• Documentation Update Round 1! @AlannaBurke (#1522)

Automation, Services & Helpers subsystem

• Shared cleanup script bug fix @seanhamlin (#1700)
• Update the shared cleanup script to support multiple ASB configs, also deal with the read replica support @seanhamlin (#1650)
• Billing Cost Modifiers @justinlevi (#1505)
• Add a new helper script to perform shared to shared migrations and update the network service along the way @seanhamlin (#1615)
• Avoid piping to head where possible @smlx (#1529)
• Stub file timeout @shreddedbacon (#1461)
• Improvements to the auto-idler @shreddedbacon (#1512)
• Remove unused oc variable from run-in-all helper script @smlx (#1513)

Security subsystem

• Updating default HAProxy config to conform to current industry standards @cdchris12 (#1551)

1.21 gigawatts? Great Scott! (v1.2.1)

This is a security release of Lagoon! Learn more at #1646 about the vulnerability

As this is a security release that has already been applied to production clusters, and v1.3.0 is due out in the next week, no base images have been published to docker hub for this release.

Full list of changes by subsystem

API & Authentication:

• Protect auth-server with admin token ea7b2c4 (reported by @smlx fixed by @rocketeerbkw)
• Create jwt token inside ssh service via bash instead of npm 9aa9076 20a821b (@Schnitzel @rocketeerbkw)

Build & Deploy:

• Remove unused parameters that also caused build to fail 928f2b7 (@Schnitzel)

Testing and Local Development:

• Implement SKIP_IMAGE_PUBLISH cbe2073 (@Schnitzel)

Release Video:

https://www.youtube.com/watch?v=I5cYgRnfFDA

Alternative Release Names:

• MultiPass
• These are not the tokens you’re looking for
• Just When You Thought We Couldn’t Get Any More Parallel Branches, We Go And Pull A Stunt Like This
• The one where we discovered a vulnerability, patched and released in 24 hours, all on a Friday

Hyperdodecahedron (v1.2.0)

More information over at https://stories.amazee.io/what-to-expect-in-lagoon-1-2-0-e62d9b3cc51a

Headline items:

• First release of Harbor integration to Lagoon
• More notification options (Microsoft Teams and e-mail)
• Improved API and authentication performance
• First release of amazee.io docker images for PHP 7.4
• Last release of amazee.io docker images for PHP 5.6, 7.0 and 7.1

Full list of changes by subsystem

API & Authentication:

• Reduce keycloak requests for getAllProjects api query #1430 (@rocketeerbkw)
• Add retry queue for sync-groups-opendistro-security helper #1404 (@rocketeerbkw)
• 1337 keycloak request retries #1386 (@rocketeerbkw)
• Keycloak API stability improvements #1362 (@rocketeerbkw)
• Fix permissions check for adding environment variable to projects #1335 (@rocketeerbkw)
• Validate the gitUrl in addProject and updateProject mutations. #1422 (@blazeyo)
• Adding the DeleteSshKeyById API endpoint. #1147 (@cdchris12)
• Add Github usernames to closed Pull Requests #1332 (@dan2k3k4)
• Add Task for running Drupal core-cron. #1346 (@fubarhouse)
• Upgrade GraphQL to v14 #1414 (@JohnAlbin)
• Patch keycloak Dockerfile and entrypoint for new base image #1358 (@smlx)
• API updateProject returns auth denied for some users #1450 (@rocketeerbkw)
• Fix error loading groups with no projects #1484 (@rocketeerbkw)
• Upgrade knex node package #1431 (@rocketeerbkw)
• Availability Fix - v2 #1483 (@justinlevi)
• Default Availability set to STANDARD #1474 (@justinlevi)
• correct secret key for auth-server #1302 (@Schnitzel)

Build & Deploy:

• Allow use of private docker registries #1293 (@shreddedbacon)
• Stop if rebinding of secret doesn't work #1331 (@Schnitzel)
• Update version of oc used in oc image #1158 (@shreddedbacon)
• Updating absolute softlinks to relative softlinks #1462 (@cdchris12)
• Bugfix for RabbitMQ yaml error. #1468 (@cdchris12)
• Remove duplicated harbor images #1486 (@smlx)
• SAFE_BRANCH and SAFE_PROJECT args build-deploy #1480 (@shreddedbacon)
• Harbor Integration #1269 (@cdchris12)
• Fix type errors with jobs system #1493 (@rocketeerbkw)
• handle priorityClassName for 3.9 #1317 (@Schnitzel)

Logging & Reporting:

• Add default fields mapping to kibana index patterns #1408 (@shreddedbacon)
• allow to overwrite amount of processors #1336 (@Schnitzel)
• #1241 #1242 - logs2email logs2microsoftteams integration #1283 (@twardnw)
• #1363: tell elasticsearch which format we're sending data #1380 (@Schnitzel)
• Notifications updates #1423 (@twardnw)
• Configurable elastic endpoints #1315 (@shreddedbacon)

Operators & Provisioning:

• Add DB_READREPLICA_HOSTS to lagoon-env #1342 (@smlx)

Images:

• Solr 7.5 - setting $solr.lock.type to none #1440 (@dasrecht)
• Preparing for PHP 7.4 Release #1417 (@dasrecht)
• Update drush8 to 8.3.1 #1416 (@vincenzodnp)
• Expose max_allowed_packet to env vars. #1349 (@steveworley)
• Update Drupal Console Launcher to v1.9.4 #1395 (@dasrecht)
• Updating to composer V1.9.1 #1365 (@dasrecht)
• fixing postgres not starting issue #1419 (@Schnitzel)
• Fix typo in auth-server Dockerfile #1457 (@smlx)
• Remove broken docker tag override for PHP7.0 images and remove tests #1445 (@tobybellwood)
• Remove image that doesn't build #1458 (@smlx)
• Added mytop utility #1478 (@vincenzodnp)
• Handle new gd configure options in php 7.4 image #1481 (@smlx)
• pin version 0.2 of svcat, as latest downloads 0.3 beta #1304 (@Schnitzel)
• elasticsearch dockerimage had yml typo #1303 (@Schnitzel)
• Improvement: Extract favicon nginx conf. #1334 (@steveworley)
• mariadb-single for api and keycloak #1300 (@Schnitzel)
• Better Lagoon Types for Development #1299 (@Schnitzel)

Testing and Local Development:

• Update PHP7 versions supported and tested. #1444 (@tobybellwood)
• more dependencies #1427 (@Schnitzel)
• use api/deploy-branch instead of rest/branch for node tests #1410 (@tobybellwood)
• Kvm support #1429 (@Schnitzel)
• Use KVM as the minishift vm-driver on Linux #1355 (@smlx)
• Fix deploymentconfig test #1356 (@smlx)
• Fix a bash syntax error #1282 (@smlx)
• Fix some typos and .PHONY targets #1354 (@smlx)
• #1021 document lagoon base docker images #1323 (@vincenzodnp)
• Minor documentation fix #1353 (@smlx)
• #1347 - fix s3-load/save #1435 (@twardnw)
• Use installed minishift if it's the required version #1360 (@smlx)
• run tests in dedicated containers instead of the already running one #1448 (@Schnitzel)
• Add logs-db-service alias for logs-db when running locally #1350 (@rocketeerbkw)
• Added KVM support instructions #1476 (@vincenzodnp)
• Remove unnecessary line continuation [#1488](ht...

🚒 🚑 🚓 (v1.1.2)

Another short fix. Sorry for any failed builds this might have caused.
PSA: Please do not use this version in an emergency, instead call 112.

Changes:

• Stop using edge package versions for node and friends - the versions of node coming in alpine 3.10 are the same major versions as in edge now #1288