v0.23.0

Release notes for v0.23.0

Changelog since v0.22.0

Notice

• Release contains breaking changes for server operators, please see tagged release notes below.
• This release upgrade to golang version 1.6

Changes by Kind

New Features

• Allow system administrators to set system notices. See the system admin guide for more information. (#1877, @sethvargo)
• Introduce configurable Authenticated SMS failure modes. The default behavior is to "fail open" (continue on error). Operators can configure the system to "fail closed" (halt on error) by setting the SMS_FAIL_CLOSED environment variable on the server and adminapi services. We recommend leaving the default configuration. Regardless of the configuration, this also introduces a new non-paging alert to inform operators when an out-of-threshold number of failures occur while signing SMS messages, per realm. See the new playbook for more information. (#1834, @sethvargo)

Documentation

• Document authenticated sms in realm admin guide (#1848, @sethvargo)

Statistics

• Clarify naming on code claim charts. Change units on mean claim graph from seconds to minutes. (#1867, @mikehelmick)
• The tokens claimed/invalid chart has been removed (data is still in exports)
  • Add total publish requests to the codes/issued claim chart (if key server stats are enabled)
  • Separate out revisions and missing onset from TEKs published
  • Add total publish requests and missing onset as overlays on the publish bar chart (#1886, @mikehelmick)

Bug Fixes and Improvements

• BREAKING Remove backwards-compatibility for TOKEN_SIGNING_KEY. Specifying multiple values has been deprecated since 0.21 and token signing keys have moved into the database. If you are on an older version, you **MUST upgrade to v0.22 for at least 24h before applying this update.*- You should ensure that the value of TOKEN_SIGNING_KEY points to a key (not a key version) in the service environment before applying this upgrade. Since v0.22, TOKEN_SIGNING_KEY accepted a key version or a parent key. This release only accepts a parent key. (#1872, @sethvargo)
• Link out to Twilio splits calculator for advanced calculations (#1858, @sethvargo)
• Add and connect recovery middleware (#1827, @sethvargo)
• Drop support for crypto/dsa in public key parsing. The EN system only supports ecdsa keys, so this will not affect the system. (#1866, @sethvargo)
• Make per-test timeout a project function (#1826, @sethvargo)
• Merge e2e tests and integration tests (#1856, @sethvargo)
• Only return a signer if Authenticated SMS is enabled (#1843, @sethvargo)
• Only update SMS preview when the textarea is updated (#1840, @sethvargo)
• Reduce arbitrary sleeps in tests (#1859, @sethvargo)
• Refactor user tests to use less chromedp (#1852, @sethvargo)
• Remove shared state from tests (#1888, @sethvargo)
• Remove unneeded chromedp from realmadmin and realmkeys (#1871, @sethvargo)
• Simulate sending SMS in e2e-runner and enable authenticated SMS for the e2e test realm. Operators will either need to opt out of the e2e-runner service testing SMS paths by setting E2E_SKIP_SMS (not recommended) or configure the e2e test realm with Twilio Test Credentials. See the updated production guide for screenshots and examples. We recommend configuring the e2e-test-realm before upgrading the service to minimize alerts. (#1839, @sethvargo)
• Upgrade e2e-runner's HTTP client. This changes the required configuration for KEY_SERVER from the full URL to the /publish endpoint to just the URL to the key server. Where previously you may have configured KEY_SERVER=https://foo.bar/v1/publish, please re-configure with KEY_SERVER=https://foo.bar. The system attempts to maintain backwards compatibility by parsing the URL, but this may be removed at a later date. (#1850, @sethvargo)
• Upgrade to Firebase Auth version 8.2.9. (#1881, @sethvargo)
• Upgrade to Go 1.16 (#1865, @sethvargo)
• Use append instead of inserting at index in e2e test (#1822, @sethvargo)
• Use less chromedp and less database churn in API key tests (#1857, @sethvargo)
• Use less chromedp in login controller (#1863, @sethvargo)
• Use less chromedp on admin controller tests (#1861, @sethvargo)
• Use less chromedp on codes tests (#1862, @sethvargo)
• Wrap returned error from decoding form (#1828, @sethvargo)

Infrastructure

• Add structured logger for gorm (#1845, @sethvargo)
• Admin API gets signing config in terraform (#1831, @mikehelmick)
• Also run tests on pushes to the main branch (#1854, @sethvargo)
• Change rate limiting defaults from 60/min to 120/min (#1860, @sethvargo)
• Change to tmpdir when installing linters (#1882, @sethvargo)
• Disable authenticated sms in tests when the creds are missing (#1855, @sethvargo)
• Do not remove ASSETS_PATH and LOCALES_PATH from Terraform just yet. (#1869, @sethvargo)
• Do not use embedded fs in dev mode (#1878, @sethvargo)
• Enable query insights (#1879, @sethvargo)
• Fixing path of buildinfo package for build flags (#1835, @bschlaman)
• Get Cloud SQL Proxy from new link for migrate (#1842, @sethvargo)
• Ignore more annotations in Terraform diff (#1821, @sethvargo)
• Set blobstore, key manager, and secret manager in migrate (#1818, @sethvargo)
• Set blobstore, key manager, and secret manager on services (#1820, @sethvargo)
• Set service names and fix build cache (#1870, @sethvargo)
• Strictify MQL for CloudSchedulerFailed (#1847, @sethvargo)
• Switch to Go 1.16 embed directive. ASSETS_PATH and LOCALES_PATH are deprecated and no longer used. (#1868, @sethvargo)
• Update accuracy for security alerts for HumanAccessSecret and HumanDecryptedValue (#1837, @sethvargo)
• Update to latest bootstrap, jquery, and intlTelInput (#1884, @sethvargo)

Dependencies

Added

• github.com/magefile/mage: v1.11.0

Changed

• cloud.google.com/go: v0.76.0 → v0.77.0
• github.com/aws/aws-sdk-go: v1.37.10 → v1.37.12
• github.com/google/exposure-notifications-server: v0.22.0 → v0.23.0
• github.com/mikehelmick/go-chaff: v0.4.1 → v0.5.0
• github.com/sirupsen/logrus: v1.7.0 → v1.7.1
• golang.org/x/oauth2: 6667018 → 16ff188
• golang.org/x/sys: 22da62e → f992740

Removed

Nothing has changed.