Changes in this release

Full release notes to come

API & Authentication subsystem

• Fix column type for active/standby routes @shreddedbacon (#2172)
• Bump elliptic from 6.5.1 to 6.5.3 @dependabot (#2124)
• Allow non-admin users to run more queries @rocketeerbkw (#2153)
• Fix hard-coded DB host in wait-for-mariadb.sh @smlx (#2169)
• Paramaterise API graphql URL in various locations @smlx (#2175)
• Un-break port-forwarding for keycloak @smlx (#2173)
• Actually list all openshifts defined in the API @shreddedbacon (#2020)
• Fix removeNotificationFromProject @shreddedbacon (#2121)
• Hotfix - BillingGroups Removing Cluster @justinlevi (#2111)

Admin & User Interfaces subsystem

• Ensures nulls are empty strings for composite Problems index @bomoko (#2155)
• Projects w/o Billing Groups - UI for monthly maintenance @justinlevi (#2135)
• Some UI improvements/bug fixes for problems dashboard @timclifford (#2146)
• Problem notifications @bomoko (#2051)
• Adding in Clustername to project @justinlevi (#2112)
• Fix display of dev hours on polysite billing projects @rocketeerbkw (#2170)
• Update UI SSH Key Handling @cdchris12 (#2125)

Build & Deploy subsystem

• Add Project/Environment EnvVar overrides for service types @shreddedbacon (#2156)
• Ignore the watchdog table for backups @smlx (#2149)
• Rely on tar in $PATH for elasticsearch backups @smlx (#2150)
• Remap database details in prebackuppod to avoid invalid names @smlx (#2151)
• Fix autogenerated routes handling @smlx (#2183)
• Add cluster level Uptime Robot status page @twardnw (#2019)
• Add the ability to specify a list of prefixes for all autogenerated routes @twardnw (#2145)
• Add readinessProbe to CLI containers @twardnw (#2031)

Operators & Provisioning subsystem

• Support for Remote Lagoon build and task controllers @shreddedbacon (#2095)

Base Images & Testing subsystem

• add publish-amazeeiolagoon-taskimages step to makefile & Jenkins @tobybellwood (#2192)
• Remove charts from the lagoon repository @smlx (#2107)
• Use curl over wget in Dockerfiles for improved proxy handling @smlx (#2176)
• Added mongodb-tools to the base cli image @vincenzodnp (#2117)
• Update OpenResty to 1.17.8.2 @seanhamlin (#2122)
• Remove duplicate Python versions from images and use it in our tests @tobybellwood (#2128)
• Fix CiActiveStandby gitUrl for local-dev @tobybellwood (#2130)
• Pin curl to >7.68 and pull from Alpine v3.12 @tobybellwood (#2178)
• Add skip-openshift-tests label to Jenkins to reduce intermittent test failures @tobybellwood (#2152)
• improve branch existence test for skip-openshift label @tobybellwood (#2190)
• Reduce Parallelism and Document Testing Steps @cdchris12 (#2136)
• Updates healthz-php to version 0.0.6 @bomoko (#2115)
• Improve reliability of CI testing @cdchris12 (#2132)

Documentation & Examples / DX subsystem

• update monitoring_urls documentation to include schema @twardnw (#2113)
• Clarifying env variables documentation. @AlannaBurke (#2137)
• Add ClamAV Scanner Docs @cdchris12 (#2067)
• Add sub-directory links to root README.md @dan2k3k4 (#1762)
• Fix minor spacing typo in php-fpm documentation @mgdhs (#2106)
• Fixing broken link to contribute documentation @AlannaBurke (#2161)

Automation, Services & Helpers subsystem

• Adds error rc for no access and invalid project names on ssh:rsh.sh @bomoko (#2166)
• Add api-redis to make api/ui-development @shreddedbacon (#2120)
• Environment level Facts DB @bomoko (#2096)

See also the releases at
https://github.com/amazeeio/lagoon/releases/tag/v1.8.0
https://github.com/amazeeio/lagoon/releases/tag/v1.8.1

Changes in this release

API & Authentication subsystem

• POLYSITE Billing Calculation Adjustments @justinlevi (#2093)
• HOTFIX: Don't cache keycloak authz denials in redis @rocketeerbkw (#2081)

Admin & User Interfaces subsystem

• Problems section for Environments and Problems dashboard @timclifford (#1986)
• Add Cluster Name on Billing Group Admin pages @justinlevi (#2070)
• Additional tests and formatting for POLYSITES greater than 10 @justinlevi (#2082)

Build & Deploy subsystem

• Changing twig emptyDir mount to only mount "php" folder @cdchris12 (#2100)

Logging & Reporting subsystem

• Keep raw nginx log message @smlx (#2075)
• Logging updates @smlx (#2063)

Base Images & Testing subsystem

• Update Newrelic to v9.12.0.268 / Update Composer to v1.10.9 @dasrecht (#2099)
• Removes return statement in custom vcl to allow fallback in order to deal with no-cache/private/no-store @bomoko (#2066)
• Add PECL Yaml 2.1.0 to the base PHP images @seanhamlin (#2057)

Documentation & Examples / DX subsystem

• Update README for more services @rocketeerbkw (#1966)
• Removing client info from base images docs @AlannaBurke (#2102)

Automation, Services & Helpers subsystem

• improved migrate-resize-pv-nginx @Schnitzel (#2097)
• add migrate-resize-pv-nginx.sh @Schnitzel (#2091)
• Some enhancements for check_acme_routes.sh script @vincenzodnp (#2079)
• Add helper script for labelling namespaces @smlx (#2077)

Changes in this release

Admin & User Interfaces subsystem

• HOTFIX: 1.8.0 - bug fix for BillingCost query, missing sqlClient for Project … @justinlevi (#2061)

Build & Deploy subsystem

• Use lagoon task system retrying instead of internal retrying @Schnitzel (#2033)

Changes in this release

API & Authentication subsystem

• add redis-password @Schnitzel (#2060)
• Improve API performance @rocketeerbkw (#2048)
• Segment groups lookup @twardnw (#2028)

Admin & User Interfaces subsystem

• Minor active/standby adjustments @shreddedbacon (#1990)

Build & Deploy subsystem

• Label using the target env-type instead of the build env-type @smlx (#2045)
• Allow additional options for configuring auto generated routes @shreddedbacon (#1981)
• Fix rollout task disabling via environment env-vars @smlx (#1997)
• Added Quotes for Harbor-Core Configmap @cdchris12 (#1999)
• Fix for incorrect image selection when images share a SHA hash @cdchris12 (#2029)
• run 6 task monitors at once per pod @Schnitzel (#2034)
• Patch existing routes with disable_cookies upon deployment. @seanhamlin (#2039)
• Segment groups lookup @twardnw (#2028)

Metrics & Alerting subsytem

• Adds healthz-php to php fpm @bomoko (#1979)

Base Images & Testing subsystem

• Adds healthz-php to php fpm @bomoko (#1979)
• Fix nslookup returns non-zero error code on 'host.docker.internal' @rocketeerbkw (#2002)
• Fixed the re-creation of .my.cnf symbolic link @vincenzodnp (#2043)
• Update Composer to v1.10.8 / Update NewRelic to v9.11.0.267 @dasrecht (#1992)

Documentation & Examples / DX subsystem

• Update solr.md with some helpful usability additions @ChandeepKhosa (#2001)
• Documentation updates for Active/Standby @shreddedbacon (#1994)
• Update to new webhook url @dasrecht (#2016)
• Fixed the downgit link @vincenzodnp (#2022)

Automation, Services & Helpers subsystem

• #1976 - always explicitly use the k3s-lagoon kubeconfig @twardnw (#2027)
• Add api-development make command @shreddedbacon (#2032)
• Fix notification of error message to rocketchat/slack @vincenzodnp (#1989)
• Billing UI - German Translation Issues @justinlevi (#2026)
• Change Problems Database population code to use OpenShiftProjectName @bomoko (#2037)
• Only run auto-idler service in production Lagoon @shreddedbacon (#2047)

In honor of Urban Müller - https://en.wikipedia.org/wiki/Brainfuck

>++++++++++
[>++++>+++++++>+++++++++++>++++++++++>++++++++++>+++++++++++>++++++++>+++++++++++>++++++++++++>++++++++++>++++++++++++>++++++++>++++++++++>++++++++++++>++++++++++++>++++++++++>+++++++++++><<<<<<<<<<<<<<<<<<-]
>----->---->-->--->->--->---->----->-->+>----->--->--->---->---->+>++++>
<<<<<<<<<<<<<<<<<<
>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.

Changes in this release

Base Images & Testing subsystem

• #1987 hotfix: correct escaping of slashes @Schnitzel (#1988)

Drupal 9 support, Lagoon metadata and Trivy scanning

• The main reason for this release is to ensure that our images and infrastructure are ready to support Drupal 9 on release day. We’ll also be releasing a blog post outlining what we’ve put in place.
• This release has also added customisable metadata fields to Lagoon projects, contributed by @stooit (and thanks to Salsa Digital) - we’ll expand more on what’s possible with this, and why it’s so important shortly.
• Also, in big ticket items, we have updated the image and vulnerability scanning component bundled with our Harbor install to use Trivy (instead of Clair). In our tests, Trivy not only detected more vulnerabilities, but was significantly less resource-heavy, and returned faster results - triple win!

Update to v1.6.0

With #1917 landed within Lagoon v1.6.0 we're now labeling all new created OpenShift and Kubernetes Namespaces with two new Labels: lagoon.sh/project and lagoon.sh/environment.
In order to label all existing namespaces please use this script:

#!/usr/bin/env bash

while read PROJECT; do
  echo "Handling lagoon project ${PROJECT}"
  while read LINE; do
    NAMESPACE=$(echo "$LINE" | awk '{print $5}')
    ENVIRONMENT=$(echo "$LINE" | awk '{print $2}')
    if kubectl get ns ${NAMESPACE} &> /dev/null; then
      PATCH="{\"metadata\": {\"labels\": {\"lagoon.sh/project\": \"${PROJECT}\", \"lagoon.sh/environment\": \"${ENVIRONMENT}\"}}}"
      echo "Updating namespace labels for ${NAMESPACE}"
      kubectl patch ns "${NAMESPACE}" -p "${PATCH}"
    else
      echo "${NAMESPACE} not found on this cluster"
    fi
  done < <(lagoon list environments --no-header --project="${PROJECT}")
done < <(lagoon list projects --no-header | awk '{print $2}')

this requires lagoon-cli >=v0.9.1 and kubectl, both fully authenticated against Lagoon and an OpenShift/Kubernetes cluster, run the script for each cluster that is managed by Lagoon.

Changes in this release

API & Authentication subsystem

• Re-implement JWT generation script using pyjwt @smlx (#1830)
• Added support to arbitrary project metadata key/value pairs @stooit (#1775)

Admin & User Interfaces subsystem

• Elasticsearch date bounds calculate @Schnitzel (#1874)

Build & Deploy subsystem

• Redeploy pods if the ConfigMap changes @shreddedbacon (#1923)
• Ability to temporarily disable pre or post rollout tasks @shreddedbacon (#1921)
• use lagoon.sh as label prefix @Schnitzel (#1835)
• Add Trivy Scanner to Harbor @cdchris12 (#1912)
• Ingress annotations @Schnitzel (#1903)
• Ensure project and environment labels exist on OpenShift projects. @nicksantamaria (#1917)
• ingress annotations support @Schnitzel (#1899)
• Disabling quota sync for harbor-core @cdchris12 (#1865)
• only run helm template if the folder actually exists @Schnitzel (#1862)

Logging & Reporting subsystem

• Lagoon logging helm chart @smlx (#1859)

Base Images & Testing subsystem

• Initial attempt at d9 tests @tobybellwood (#1904)
• Build Python3.7 images from Alpine 3.10 instead of 3.11 @tobybellwood (#1889)
• Moved es-curl to elasticsearch base images @vincenzodnp (#1886)
• Run mysql_upgrade on existing databases after upgrade @tobybellwood (#1891)
• Update MariaDB image to latest Alpine & remove Galera-based images @tobybellwood (#1866)

Documentation & Examples / DX subsystem

• Basic Authentication documentation update @seanhamlin (#1698)
• Fix markdown rendering for code blocks for container registries @seanhamlin (#1803)
• Reformat and update Lagoon service README files @rocketeerbkw (#1906)

Automation, Services & Helpers subsystem

• Alter the error message for webhook payloads that are not JSON. @seanhamlin (#1870)
• Automated Billing - Poly Site Calculations @justinlevi (#1914)
• Added support to arbitrary project metadata key/value pairs @stooit (#1775)
• k8s k8up backup fixes @Schnitzel (#1864)

Security subsystem

• Re-implement JWT generation script using pyjwt @smlx (#1830)

Release side notes

• Release drink: Old Fashioned - Maker's Mark 46
• Release song: You're the Conversation, I'm the Game by Chris Corner, Sue Denim

The name of this release says it all: Originally v1.5.0 was expected to have a couple of fixes while we're working on v2.0.0 of Lagoon. But then the Lagoon Gods had something different in mind:

Our security A-12 @smlx found another security issue (on a Friday evening in Australia nonetheless) and so the US team (it being only Friday morning at that time) joined forces. Security bug slayer @cdchris12 with support of rollout strategy consultant @twardnw and pull request review hawk @Schnitzel got a PR formed that used as much as automated update magic as possible, in order to create the least amount of work for any Lagoon Maintainer Magicians out there.
After a couple of hours the PR finally passed (e38818c) and was ready to set sail. As this is a security release, we hot-released fixed images on all Lagoon versions managed by the Lagoon Maintainer Squadron and of course found another bug that was promptly fixed (#1861) and confirmed by master tester @shreddedbacon. While in the same time PR and Issue organizer @tobybellwood made sure that the Lagoon milestones were aligned to the new world order.

Just a couple of hours after the security bug was discovered, the Lagoons are safe again and this release marks the second security release of Lagoon.

Upgrade Instructions

During the release of 1.5.0 (not waiting until the build pod has finished!)

1. Immediately after keycloak-db has restarted, run:

   mysql -e "SET PASSWORD FOR '$MARIADB_USER'@'%' = PASSWORD('$MARIADB_PASSWORD'); FLUSH PRIVILEGES;"
   

   inside the keycloak-db pod.
2. Immediately after keycloak-db has restarted, run:

   /rerun_initdb.sh
   

   inside the api-db pod.

Failure to do these two things might cause the api and keycloak pods to not be able to connect to the databases and cause a downtime of Lagoon and a failed build.
To recover: run the two commands in the respective db pods and trigger another Lagoon build.

API & Authentication subsystem

• Adding Keycloak DB and API DB password generation @cdchris12 (e38818c)
• inject api-db connection credentials via env variables @Schnitzel (#1861)
• Fix favicon URL typo @smlx (#1790)
• Destructive Action Button Color @shreddedbacon (#1794)
• Fix running cron via UI tasks @fubarhouse (#1809)
• Allow the lagoon UI to pre-select a keycloak identity provider for login @rocketeerbkw (#1847)
• Add (non-admin) users who create projects as owners of the created pr… @rocketeerbkw (#1849)
• Fix typo in api subscription constructor @rocketeerbkw (#1839)

Admin & User Interfaces subsystem

• Storage Description - Additional Calculation @justinlevi (#1857)
• Fix favicon URL typo @smlx (#1790)
• Destructive Action Button Color @shreddedbacon (#1794)
• Pricing Fix - Hotfix @justinlevi (#1792)
• Fix running cron via UI tasks @fubarhouse (#1809)
• Billing Invoice English/Germain Translation @justinlevi (#1856)
• Additional Hotfix Tweaks to the UI @justinlevi (#1850)
• Billing UI: Adding Modifiers & Currency Character Fix @justinlevi (#1848)
• Feature/billing invoicing ui @justinlevi (#1842)
• Billing UI Invoice @justinlevi (#1828)
• handle empty hours in hits @Schnitzel (#1841)

Build & Deploy subsystem

• [Harbor] Custom S3 Region Endpoint Support @cdchris12 (#1719)
• Remove legacy CLI image @smlx (#1798)
• Adding the --compatability flag to all docker-compose up -d commands. @cdchris12 (#1800)
• Label namespaces with lagoon/project in k8s @smlx (#1833)
• Use labels on kubernetes jobs to not block builds on cron/backups/tasks @rocketeerbkw (#1846)
• capability to deploy PRs into k8s @Schnitzel (#1844)
• Support k3d running in docker on btrfs @smlx (#1829)
• Add Harbor Migration Script @cdchris12 (#1806)
• use parallel retries 4 to handle docker registry failures @Schnitzel (#1813)

Logging & Reporting subsystem

• Add logs-dispatcher service image @smlx (#1845)
• Upgrade ElasticSearch/Kibana to 7.6.1 @vincenzodnp (#1814)
• curator: allow to set use_ssl @Schnitzel (#1854)

Base Images & Testing subsystem

• Added support for ImageMagick in php images @vincenzodnp (#1770)
• Add Node.js v14 images @rocketeerbkw (#1810)
• Add logs-dispatcher service image @smlx (#1845)
• Upgrade ElasticSearch/Kibana to 7.6.1 @vincenzodnp (#1814)
• Update Newrelic to 9.10.1.263 @dasrecht (#1855)
• Update Newrelic 9.10.0.262 and install Newrelic on PHP 7.4 @dasrecht (#1838)
• Limit k3d cluster name length @smlx (#1832)
• Add workaround for missing localhost dns on linux @smlx (#1526)
• #1482 clean docker image cache on tag deployments @Schnitzel (#1816)
• Fix for issue #1818. Pin ubuntu image version as 18.04 in ssh/Dockerfile @josephgultekin (#1819)
• Added support for Solr7.7 and latest Search API Solr module @vincenzodnp (#1731)

Documentation & Examples / DX subsystem

• Added documentation snippet for generating JWT on command line. @nicksantamaria (#1796)
• Add Github issue template config with a link to Discussions feature @dan2k3k4 (#1821)

Changes in this release

• Implement k8up support with k8s @Schnitzel (#1782)

API & Authentication subsystem

• Expose Lagoon tag/version in UI and API @shreddedbacon (#1773)
• Billing dev cost calculation fix @justinlevi (#1779)

Build & Deploy subsystem

• Throttling Clair container @cdchris12 (#1781)
• Add webhooks for all harbor projects when created @cdchris12 (#1753)
• Fix Log links in openshiftbuilddeploymonitor @shreddedbacon (#1765)

Logging & Reporting subsystem

• Fix issue with elasticsearch buffers overflowing in logs-forwarder @smlx (#1738)

Base Images & Testing subsystem

• Update newrelic to v9.9.0.260 @dasrecht (#1766)
• Minor Makefile fixes @smlx (#1780)

Documentation & Examples / DX subsystem

• Harbor documentation bugfix @cdchris12 (#1767)

Automation, Services & Helpers subsystem

• add -o ConnectTimeout=5 to solve issues with Catalina 10.15.4 and proxy settings @Schnitzel (#1783)
• Billing dev cost calculation fix @justinlevi (#1779)
• Fix scaling of cli during ssh connection @Schnitzel (#1769)

Security subsystem

• Add webhooks for all harbor projects when created @cdchris12 (#1753)

Alternative Release Names

• Quarantine Edition
• social distancing edition
• Flaming Poisoning Raging Sword Of Doom
• "The One-Four-One"
• v1.4.1 - six feet / two meters distance

This is a hotfix release for the issues we found in #1722

Changes in this release

• #1722 Pin curl to Version 7.69.1-r0 @Schnitzel (#1723)

API & Authentication subsystem

• Remove tty creation of ssh call inside drush aliases @shreddedbacon (#1721)

Logging & Reporting subsystem

• Allow logs2logs-db to create missing lagoon-logs exchange @rocketeerbkw (#1691)

This is a security release of Lagoon! Learn more at #1646 about the vulnerability

As this is a security release that has already been applied to production clusters, and v1.3.0 is due out in the next week, no base images have been published to docker hub for this release.

Full list of changes by subsystem

API & Authentication:

• Protect auth-server with admin token ea7b2c4 (reported by @smlx fixed by @rocketeerbkw)
• Create jwt token inside ssh service via bash instead of npm 9aa9076 20a821b (@Schnitzel @rocketeerbkw)

Build & Deploy:

• Remove unused parameters that also caused build to fail 928f2b7 (@Schnitzel)

Testing and Local Development:

• Implement SKIP_IMAGE_PUBLISH cbe2073 (@Schnitzel)

Release Video:

https://www.youtube.com/watch?v=I5cYgRnfFDA

Alternative Release Names:

• MultiPass
• These are not the tokens you’re looking for
• Just When You Thought We Couldn’t Get Any More Parallel Branches, We Go And Pull A Stunt Like This
• The one where we discovered a vulnerability, patched and released in 24 hours, all on a Friday

More information over at https://stories.amazee.io/what-to-expect-in-lagoon-1-2-0-e62d9b3cc51a

Headline items:

• First release of Harbor integration to Lagoon
• More notification options (Microsoft Teams and e-mail)
• Improved API and authentication performance
• First release of amazee.io docker images for PHP 7.4
• Last release of amazee.io docker images for PHP 5.6, 7.0 and 7.1

Full list of changes by subsystem

API & Authentication:

• Reduce keycloak requests for getAllProjects api query #1430 (@rocketeerbkw)
• Add retry queue for sync-groups-opendistro-security helper #1404 (@rocketeerbkw)
• 1337 keycloak request retries #1386 (@rocketeerbkw)
• Keycloak API stability improvements #1362 (@rocketeerbkw)
• Fix permissions check for adding environment variable to projects #1335 (@rocketeerbkw)
• Validate the gitUrl in addProject and updateProject mutations. #1422 (@blazeyo)
• Adding the DeleteSshKeyById API endpoint. #1147 (@cdchris12)
• Add Github usernames to closed Pull Requests #1332 (@dan2k3k4)
• Add Task for running Drupal core-cron. #1346 (@fubarhouse)
• Upgrade GraphQL to v14 #1414 (@JohnAlbin)
• Patch keycloak Dockerfile and entrypoint for new base image #1358 (@smlx)
• API updateProject returns auth denied for some users #1450 (@rocketeerbkw)
• Fix error loading groups with no projects #1484 (@rocketeerbkw)
• Upgrade knex node package #1431 (@rocketeerbkw)
• Availability Fix - v2 #1483 (@justinlevi)
• Default Availability set to STANDARD #1474 (@justinlevi)
• correct secret key for auth-server #1302 (@Schnitzel)

Build & Deploy:

• Allow use of private docker registries #1293 (@shreddedbacon)
• Stop if rebinding of secret doesn't work #1331 (@Schnitzel)
• Update version of oc used in oc image #1158 (@shreddedbacon)
• Updating absolute softlinks to relative softlinks #1462 (@cdchris12)
• Bugfix for RabbitMQ yaml error. #1468 (@cdchris12)
• Remove duplicated harbor images #1486 (@smlx)
• SAFE_BRANCH and SAFE_PROJECT args build-deploy #1480 (@shreddedbacon)
• Harbor Integration #1269 (@cdchris12)
• Fix type errors with jobs system #1493 (@rocketeerbkw)
• handle priorityClassName for 3.9 #1317 (@Schnitzel)

Logging & Reporting:

• Add default fields mapping to kibana index patterns #1408 (@shreddedbacon)
• allow to overwrite amount of processors #1336 (@Schnitzel)
• #1241 #1242 - logs2email logs2microsoftteams integration #1283 (@twardnw)
• #1363: tell elasticsearch which format we're sending data #1380 (@Schnitzel)
• Notifications updates #1423 (@twardnw)
• Configurable elastic endpoints #1315 (@shreddedbacon)

Operators & Provisioning:

• Add DB_READREPLICA_HOSTS to lagoon-env #1342 (@smlx)

Images:

• Solr 7.5 - setting $solr.lock.type to none #1440 (@dasrecht)
• Preparing for PHP 7.4 Release #1417 (@dasrecht)
• Update drush8 to 8.3.1 #1416 (@vincenzodnp)
• Expose max_allowed_packet to env vars. #1349 (@steveworley)
• Update Drupal Console Launcher to v1.9.4 #1395 (@dasrecht)
• Updating to composer V1.9.1 #1365 (@dasrecht)
• fixing postgres not starting issue #1419 (@Schnitzel)
• Fix typo in auth-server Dockerfile #1457 (@smlx)
• Remove broken docker tag override for PHP7.0 images and remove tests #1445 (@tobybellwood)
• Remove image that doesn't build #1458 (@smlx)
• Added mytop utility #1478 (@vincenzodnp)
• Handle new gd configure options in php 7.4 image #1481 (@smlx)
• pin version 0.2 of svcat, as latest downloads 0.3 beta #1304 (@Schnitzel)
• elasticsearch dockerimage had yml typo #1303 (@Schnitzel)
• Improvement: Extract favicon nginx conf. #1334 (@steveworley)
• mariadb-single for api and keycloak #1300 (@Schnitzel)
• Better Lagoon Types for Development #1299 (@Schnitzel)

Testing and Local Development:

• Update PHP7 versions supported and tested. #1444 (@tobybellwood)
• more dependencies #1427 (@Schnitzel)
• use api/deploy-branch instead of rest/branch for node tests #1410 (@tobybellwood)
• Kvm support #1429 (@Schnitzel)
• Use KVM as the minishift vm-driver on Linux #1355 (@smlx)
• Fix deploymentconfig test #1356 (@smlx)
• Fix a bash syntax error #1282 (@smlx)
• Fix some typos and .PHONY targets #1354 (@smlx)
• #1021 document lagoon base docker images #1323 (@vincenzodnp)
• Minor documentation fix #1353 (@smlx)
• #1347 - fix s3-load/save #1435 (@twardnw)
• Use installed minishift if it's the required version #1360 (@smlx)
• run tests in dedicated containers instead of the already running one #1448 (@Schnitzel)
• Add logs-db-service alias for logs-db when running locally #1350 (@rocketeerbkw)
• Added KVM support instructions #1476 (@vincenzodnp)
• Remove unnecessary line continuation #1488 (@smlx)
• Login to minishift registry again before pushing the rebuilt dind image #1296 (@shreddedbacon)

Documentation & Examples / DX:

• Corrects PHP-FPM to use host.docker.internal for xdebug #1387 (@fubarhouse)
• Documentation - adding elasticsearch image documentation #1405 (@dasrecht)
• Fixed remote-shell examples #1277 (@vincenzodnp)
• clarified the role descriptions a bit #1345 (@jaimed-amazee)
• use newer check if drupal installed #1432 (@Schnitzel)
• More details about the PR deployments #1426 (@Leksat)
• Added missing pages in mkdocs.yml #1379 (@vincenzodnp)
• added instructions to select tenant #1330 (@jaimed-amazee)
• Fix broken docs logo image by adding missing "!". Fixes #1307 #1326 (@JohnAlbin)
• Documentation: Add ~~~ to terminal code #1309 (@dan2k3k4)
• fixed code format #1310 (@jaimed-amazee)
• Add Lagoon logo to docs #1314 (@JohnAlbin)
• Documentation: Fix typo in Content Type in webhooks documentation. #1316 (@kehh)
• Update docs to use same insecure registry IP for all platforms #1452 (@rocketeerbkw)
• Adding legacy to the title to make it more clear #1446 (@dasrecht)
• Documentation improvements #1467 (@dasrecht)
• fixing graphql example #1464 (@dasrecht)
• Documentation work #1490 (@dasrecht)

Automation, Services & Helpers:

• Update shared-cleanup script #1388 (@smlx)
• adding toolbox container for operations purposes #1391 (@dasrecht)
• Improve storage-calculator script add update to support oc 3.9. #1291 (@thom8)
• API Automated Billing Calculations #1396 (@justinlevi)
• Update lagoon sync script #1496 (@cdchris12)
• Automated billing helpers fix #1491 (@wintercreative)
• update cronjobs inside lagoon to newer api version #1301 (@Schnitzel)

Admin UI:

• Closes #1284: Add timezone abbreviation to UI #1285 (@dan2k3k4)
• UI Deployments Improvements #1165 (@rocketeerbkw)
• Add Lagoon favicon. Fixes #1305 #1399 (@JohnAlbin)
• Fix errors on UI task page plus other small follow up issues #1438 (@rocketeerbkw)
• Add storybook to Lagoon UI #1456 (@JohnAlbin)
• Fix display of download button on Backups page. #1463 #1465 (@JohnAlbin)
• Show timezone offset in hours since name is not supported #1485 (@rocketeerbkw)

Another short fix. Sorry for any failed builds this might have caused.
PSA: Please do not use this version in an emergency, instead call 112.

Changes:

• Stop using edge package versions for node and friends - the versions of node coming in alpine 3.10 are the same major versions as in edge now #1288

After our big 1.0.0 release, here the next minor update. It features mainly High Availability of Keycloak, better high availability of RabbitMQ, plus a switch to Elasticsearch 7 with a migration from Searchguard to OpenDistro. Please read the Changes section carefully as there is an important thing regarding Elasticsearch upgrades.

Changes:

• Move from Searchguard to Opendistro #1232
  IMPORTANT: You cannot upgrade from a Lagoon 0.x.x Version directly to 1.1.0, as the included Elasticsearch would try to upgrade from 6.6 to 7 which is not possible. Only upgrades from Elasticsearch 6.6 (included in Lagoon 0.x) to Elasticsearch 6.8 (included in Lagoon 1.0.x) to Elasticsearch 7 (included in Lagoon 1.1.x) are possible. So if you are on 0.x.x, upgrade to 1.0.x first and then to 1.1.0.
• Disable PHP notices on production environments by default #1162
• Add Drush launcher to /bin, with Drush 8 fallback #1183
• Adjust k8up backup webhooks for new format #1167
• Give default project user maintainer role #1252
  IMPORTANT: This is a change from 1.0.0! In 1.0.0 the default project user had the guest role. This caused drush sql-sync tasks in post-rollout to fail, as soon as #1229 has been merged, this will change back to the guest role.

Features:

• add migrate-resize-pv.sh script #1201

Bugfixes:

• Fix API slowness by caching keycloak authz response per API request #1222
• Fix API slowness in getBackupsByEnvironmentId resolver #1180 #1223
• Resolver for Backup > Environment was missing #1223
• deleteProject mutation not working (#1227)
• API queries/mutations related to environment variables always returned permission denied #1259
• Fix removeNotificationFromProject mutation #1261
• Renamed the VARNISH_UNSET_HEADER_CACHE_TAGS variable to VARNISH_SET_HEADER_CACHE_TAGS #1264

Improvements:

• Implement Native Cronjob Removal #1178
• Added containers for Node version 12 #1216
• Adding end of life notification for node versions v6 and v9 and upcoming end of life for node v8 #1215
• Update Lagoon node packages #1218
• Set RabbitMQ policy to enable Mirrored Queue by default for all "lagoon-" queues #1226
• Add group listing API queries/resolvers #1228
• Cleanup of tests #1231
• High Available Keycloak #1235
• Update Lagoon internal Node services to Node 10 #1240
• Makefile still references node 8 deps #1262
• Support for search_api_solr 8.x-3.x module with Solr 7.x #1246
• Updating to NewRelic Agent 9.1.0.246 #1248
• MariaDB Galera: add check package #1253
• deploymentconfigs and pods don't need to be deleted manually anymore #1257
• Use of REDIS_SERVICE_PORT instead of REDIS_PORT #1263
• Drush Config: define backup-dir #1266

Documentation:

• Allow Xdebug to work with .twig files #1239
• addSshKey schema change: userId changed to UserInput #1243
• RBAC doc changes #1245
• Update Drush 9 doc to include fix for updating drush aliases and rsync between remote envs #1256
• Kibana examples docs update #1268

1.0.2 is just a short hotfix for 1.0.0. Unfortunately Drupal does not support the newest Redis 5.0.0 release and therefore we reverted back to redis 4.3.0 in PHP Images. At the same time we also solved some documentation and Node.js issues.

Changes:

• Reverting #1135 and going back to PHPRedis 4.3.0 for all PHP Versions as Drupal 8 and Drupal 7 is not ready for Redis 5.0.0 yet. - #1206

Features:

• none

Bugfixes:

• Force installing nghttp2-libs as the upstream image shipped an outdated version of the library #1209 and #1213

Improvements:

• none

Documentation:

• added example for deleting environment #1211
• Small fix to use use the correct Loadbalancer name #1204
• Documentation Edits #1205

Today we feel as excited as we where exactly two years ago when we launched Lagoon two years ago.
Today we launch Lagoon Version 1.0.0, the first Major Version jump of Lagoon. We want to thank everybody who made this possible:

❤️ Our employees that work every day to improve Lagoon and make it better
💚 All the companies, enterprises, governments and freelancers that use Lagoon believe in Open Source and support it
💙 All contributors to the repository that decide to spend additional minutes to open a ticket, create a pull request or just like the project.

Thanks everybody for this, we always believed that Lagoon could make it that far, but without you it would never have happened.

As this is a major version jump there will be a dedicated upgrade documentation be created. But as it is a bit complicated we do not suggest to upgrade just now, but instead wait for 1.0.x and the upgrade documentation.

Changes:

• Groups and Subgroups instead of Customers. Starting in Lagoon 1.0.0 customers as we know if from v0.24.0 are gone: There are Groups instead. Projects can be assigned to one or multiple Groups. Users are added to Groups with a Role (see RBAC). Groups can be nested within Subgroups. This change provides a lot more flexibility and the possibility to recreate real world teams within Lagoon. The migration script will create for each existing customer a new group. #1200
• Role Based Access Control (RBAC). When assigning a user to a group, you need to provide a role for that user inside this group. Each one of the 5 current existing roles gives the user different permissions to the group and projects assigned to the group. There is a [full overview of all Roles existing]. The migration script will give each user the "Owner" Role. (https://docs.google.com/spreadsheets/d/1SBf7LxxgbJoefFg00DKA4m8HAshUjVpRHuqN3p_MyI4/edit?usp=sharing).
• Private Keys for Customers are now assigned to Projects. As we removed Customers and Projects can have multiple Groups assigned, the private keys for a project (which is used to access the git code) is now saved on the project directly. The migration script will assign the existing private keys from the customer directly to the projects. #1200
• amazeeio/elasticsearch:latest amazeeio/kibana:latest amazeeio/logstash:latest are not updated anymore! We now have versions for 6 and 7, like: amazeeio/elasticsearch:6 #1179
• Updated makefile and php Dockerfiles to pin correct alpine version for php 7.0 #1136
• Upgrading to PHPRedis 5.0.0 for PHP 7 and pin PHPRedis version 4.3.0 for PHP 5.6 image building process due to PHPRedis 5.0.0 dropping PHP5 support #1135

Features:

• If you don't provide any ssh private key during creation of a project, Lagoon will create a key pair automatically. #1200
• Prioritize production environments #995

Bugfixes:

• Projects with Promote Deployment Types do not create k8up objects - #1192
• Improved how fluentd handles connection interruptions #1171
• Retry API requests that timeout and reduce API load when syncing backups #1160
• Upgrade git-url-parse package to remove errant colon in UI #1066
• Exit and fail the deployment if the docker-host is not reachable #1143

Improvements:

• Searchguard is now using Groups instead of Projects for it's permissions. #1200
• Allow CronJobs to be scheduled on build nodes. #1196
• Allow any additional configurations to be added to elasticsearch #1188 #1182
• docker-host images now use the versioned amazeeio/docker-host:latest which is updated on every lagoon release and not on merges to master #1187
• exited containers are removed every 4 hours from docker-host #1187
• Update Drush to v8.3.0 #1185
• Update Drupal Console to v1.9.1 #1185
• Updating Composer to v1.9.0 #1184
• Bumps lodash.mergewith from 4.6.1 to 4.6.2. #1149
• Bump lodash.merge from 4.6.1 to 4.6.2 #1148
• Set memory resource limits for cli DeploymentConfigs (#1140)
• Xdebug will be enabled only if XDEBUG_ENABLE variable has a value #1170
• Allow adjustable interval in service idler (#1138)
• Check running builds and pods before idling (#1138)
• Allow services to be force idled manually ./idle-services.sh force #1139
• Enable much larger environment variable definitions in api #1133
• Also publish -latest suffix images for baseimages with versions #1131
• MDEV-17429 has been fixed, using newest mariadb-client again 821050d

Documentation:

• Update Dockerfile naming convention to .dockerfile #1190
• adding information hint for transition between CA certs and LE certs #1186
• Fixes small grammar issue in test documentation #1166
• Don't use "here" as link text #1163
• Document how to gracefully shutdown node.js containers #1159

Nothing super crazy here, just some smaller bug-fixes and improvements. Jack Bauer would be proud for a quiet day.

Features:

• none

Changes:

• none

Bugfixes:

• Close hanging SQL connections related to API subscriptions #1113
• Use SAFE_PROJECT for bucket names in backup schedule
• add -f to force cleanup of build images #1128

Improvements:

• Bump axios from 0.18.0 to 0.18.1 #1112
• Bump js-yaml from 3.13.0 to 3.13.1 #1117
• Update mariadb-client to 10.2.24-r0 #1119
• Updated composer to v1.8.6 #1121 #1122
• Allow Lagoon to run with one pod a976730
• backoffLimit: 0 for cli pods 15d43f3
• remote logs-forwarder with better back-off 1d12d96

Documentation:

• none

Here another small release that addresses a Bugfix plus small new features and improvements that will make people happy.

Features:

• Add order field to allProjects and allEnvironments GraphQL API endpoints (#1109)
• Smal script that updates all liveness and readiness checks of nginx-php pods 5d85dae

Changes:

• none

Bugfixes:

• Fix broken Backup Page in UI - d89447f

Improvements:

• Liveness and Readiness checks of containers run every 10 secs instead of 5 (lower load for the cluster) - 28788b6

Documentation:

• none

We tried and we failed (a bit). Therefore there is a new release right after the big v0.23.0 one. This brings mostly improvements for the k8up integration and a new env variable:

Features:

• Provides support for a new .lagoon.env env file for catch-all variables #1108

Changes:

• none

Bugfixes:

• none

Improvements:

• Multiple Improvements for k8up integration #1110

Documentation:

• none

With this version of Lagoon we start to deprecate the rest2task service in favor of the GraphQL API. rest2task was created as a small workaround as the GraphQL API did not have any mutations in the beginning of Lagoon. Now as the GraphQL API is fully grown and mature we can deprecate the rest2task for good. In this version http requests to rest2task still work, but a friendly HTTP header and a message in the response body will inform you that rest2tasks is deprecated (the HTTP return code is still 200 though). In future Versions rest2tasks will be completely disabled. Thank you rest2tasks!

Features:

• Varnish Image: allow to define listen and management listen ports (#900)
• API has new mutations for triggering deployments (#894)

Changes:

• API requires new deployment information when creating/updating environments (#894)
• rest2tasks is deprecated in favor of GraphQL API (#894)

Bugfixes:

• Fixed a few styling regressions in the UI caused by #976 (#986)
• UI/API load too much task data and logs and causes slow page loads and timeouts (#961)
• Fixing an issue with route generation on PolySites (#915)
• Fixing a small bug in the api-db duplicate ssh key script (#1005)
• address duplicate values in LAGOON_ROUTES (#1000)
• Fixing small issues in logs-db-forwarder (aka fluentd) (#1006)

Improvements:

• Prevent a previously-moved newrelic.disabled file from causing an error at container restart (#979)
• upgrade New Relic agent to 8.6.0.238 and enable for php 7.3. (#966)
• Shorter expire time for S3 links and use in more places (#999)
• Upgraded all node modules (#994)
• Better UI/API error handling (#987)
• UI can now trigger new deployments for environments (#838)
• Skip pull request deploys from forked repos (#789)
• Add ability to disable auto-idle per environment (#980)

Documentation:

• none

As we are working on a full overhaul of the permission system in Lagoon (is there a version 1.0.0 on it's way??) we have some Lagoon installations that need to protect some users from themselves and we implement a blacklist env variable which allows to disable some GraphQL Mutations from regular users to be used.
As soon as we have the RBAC based system running, this will be obsolete and removed again.

Features:

• Add environment variable to restrict API operations to admins only (#977)
• Python 2.7 and 3.7 Base Images (#897) - thanks @srowlands
• CKAN Base Images (#897) - thanks @srowlands

Changes:

• UI has clean URLs (#960)

Bugfixes:

• UI project page now returns 404 when no project is returned (#931)
• UI stuck in infinite loop when any runtime error is thrown in production mode

Improvements:

• API no longer allows adding duplicate ssh keys (#577) - IMPORTANT for Lagoon Admins: Make sure that you run /rerun_initdb.sh within the api-db container after release. This will generate the necessary ssh fingerprints in the api databases. Also if there are already existing duplicated keys, you need to fix them (the script warns you)
• Broker (RabbitMQ Cluster) is now having a separate headless service for cluster discovery (broker-headless) and a regular service for accessing the rabbitmq directly (broker). Before it was just a headless service which caused all kind of issues of connecting to the rabbitmq. - IMPORTANT for Lagoon Admins: you should delete the broker service and statefulset in your installation before deploying this version of Lagoon, as the deployment will fail otherwise. (#984)

Documentation:

• Fix Markdown (#970) thanks @petk !
• Better Shorthand ifs in the Drupal example files (#978)

Unfortunately the curl issue from #923 returns and this will solve it for good real with also downgrading libcurl.

Features:

• none

Changes:

• Downgrade libcurl to 7.61.1 38a3efa

Bugfixes:

• none

Improvements:

• none

Documentation:

• none

This Release is a set of a lot of small improvements and fixes, things that over time accumulated and make the system a bit better working.

Features:

• Allow to define an S3 region via the S3_REGION env variable for Lagoon Tasks (#957)

Changes:

• SSH Key Syncing from Gitlab is disabled for now (3041b36) if you use this features, please be aware that this will cause desynced ssh keys. We're working on getting the feature back and also provide a sync-everything feature

Bugfixes:

• Increase the Gitlab timeout to 30secs as the previous timeout of 2secs caused issues (96affbc)

Improvements:

• Remove ::ffff: also from fastcgi param REMOTE_ADDR, as we already do it for the X-Forwarded-For Header (#958)
• Storage Calculator can now also calculate the storage for mariadb-shared service (#956)
• The Lagoon UI backup tab now informs customers about the new tasks tab where they can get on-demand backups (#955)
• Some less logging in the services which reduces the amount of container-logs created by Lagoon (#954)
• Better non-technical names for Lagoon Tasks (#952) - thanks @klonos!

Documentation:

• none

We now have full k8up support, also for the newest release with individual S3 Buckets per Lagoon Project. So far we already supported k8up, but only the global S3 bucket system. Which unfortunately is not really usable in very big cluster with thousand of backups.

Beside of that we also have:

Features:

• Add a PROJECT_SECRET which injects a random secret into all environment which is the same across all Lagoon Projects. (#947)

Changes:

• none

Bugfixes:

• Fix the start of RabbitMQ Cluster with non standard service names (#937)
• Force deprovisioning of "Provisioned Services" when deleting environments (#939)

Improvements:

• Allow certain Lagoon tasks to be disabled in the UI via the environment variable LAGOON_UI_TASK_BLACKLIST (#946)

Documentation:

• Code Standard improvement of the Drupal example files in Lagoon (#938) thank you @dan2k3k4

Always tracking master branches and upstream is great to keep stuff up to date and things fresh. As Lagoon grows we're running more and more into issues of not having versioned Lagoon Releases or Lagoon Images, here just a short recap of the pain that we suffered in the last weeks:

1. A recent update of curl caused some deployment issues for some projects, the developers unfortunately had to wait while we figured out what the problem was and released a Hotfix of the affected Images - #925
2. As more and more people are using, the fact that openshiftBuildDeploy always used the newest published master version of oc-build-deploy-dind, made it very complicated to keep the newest code backwards compatible with a slightly older Lagoon version.
3. A build of the master branch of Lagoon automatically published new Lagoon Images. This meant we could only merge into master when we actually wanted to publish new images. While this maybe was okay when we had 2-3 PRs to release, recent Lagoon releases had up to 35 PRs that needed to be merged all at once, this caused confusion and a lot of complexity which wasn't necessary.

Therefore today we're addressing these issues with three updates:

1. Lagoon Base Images (php, nginx, nodejs, etc.) exist with a :latest tag (like they always did), plus a new Lagoon Version Tag, like amazeeio/nginx:v0.21.0. Important is that this is not the version number of the service, but the Lagoon Version. For Images that already provided tags for different versions of the service, we now publish a tag with a version suffix like: amazeeio/amazeeio/php:7.1-fpm-v0.21.0 plus the already existing "latest" version without a suffix: amazeeio/amazeeio/php:7.1-fpm. We still suggest to always use the latest versions of the images as we do not maintain older version of images for security updates, but there are some cases where the versioned base images are coming in handy.
2. Merges into master branch do not automatically publish new Lagoon Images. New Images are only pushed if an actual release (a git tag) has been pushed. This improves the PR workflow drastically as we can now merge into master as soon as a single PR is coming back green from the CI system. Also all PRs and Branch builds still push images to the amazeeiolagoon Dockerhub Organisation, like amazeeiolagoon/php:7.1-fpm-master. As you can see they are suffixed with the branch or PR name. These Images should only be used for testing purposes!
3. All Version builds of Lagoon Images now include a new LAGOON_VERSION environment variable which includes the version number of the Lagoon Version they have been published from. This can be used for all kind of purposes in your code and is used by openshiftBuildDeploy to use the same oc-build-deploy-dind image version that works together with the Lagoon Version that is running.

We know that many people where wondering since some time why these changes have not been implemented before and why it took so long for this to implement. We're sorry that we took a bit of time to realize and figure out a system that works for us.
We're very excited about the changes and look forward to a versioned future!

Beside all of that there are of course additional changes:

Features:

• Versioned Lagoon Images (read above) #930

Changes:

• none

Bugfixes:

• Fixes log link missing from RocketChat messages, described in #858

Improvements:

• Further improvements on the integration with th Backup-as-a-Service (K8up) system (#929) - which now creates individual S3 buckets for each Lagoon Project and improves the performance of Backups and Restores drastically (like 1000x faster for bigger Lagoon implementations).
• Updating Composer from V1.6.5 to v1.8.4 in all php cli images (#927)
• Logstash upstream images had some changes and we need to follow them (#926)
• Fluentd elasticsearch plugin has some new settings and defaults, we're using them now (#926)
• The Build Logs include some tokens, while they cannot really be used for anything, we're hiding them now (#924)
• Multiple scheduled builds are now skipped and only the last one run (#932)

Documentation:

• Use php:7.1 containers instead of php:5.6 containers as PHP 5.6 is officially dead (#864) - thanks @marji !

As promised in Blogposts before, a bit focus from our engineering team goes towards the Lagoon UI and making is more self service. With todays release we bring two exiting new features to the Lagoon UI and API!

Features:

• Lagoon UI Tasks (#860 and #845)
  You can now via the Lagoon UI create tasks that run within your site without the need to connect via the SSH Remote Shell 🎉 , currently there is support for the following Tasks:
  • drush cr/drush cc all (automatically based on Drupal Version)
  • drush sql-sync and drush rsync (both with the possibility to define the source environment where whould be synced from)
  • drush sql-dump and drush archive-dump (both with the possibility to download the generated files via the UI directly!)
• Lagoon UI Environment Delete (#852)
  Which allows a convenient way to delete environments (branches or pull-requests) via the UI.

Changes:

• ❗️ Deletion of environments via rest2tasks has been removed ❗️ (#852)
  Before this change environments where able to be deleted via

  curl -X POST \
    https://<rest2tasksURL>/remove \
    -H 'Content-Type: application/json' \
    -d '{ "projectName" :"myproject", "branch": "develop" }'
  

  this is not possible anymore and now needs to happen via the GraphQL API:

   curl -X POST \
     https://<apiURL>/graphql \
     -H 'Authorization: Bearer <LagoonAPIBearerToken>' \
     -H 'Content-Type: application/json' \
     -d '{ "query": "mutation { deleteEnvironment(input: {name: \"develop\", project: \"myproject\"}) }" }'
  

  If you wonder how to get the LagoonAPIBearerToken, please see the documentation for it: https://lagoon.readthedocs.io/en/latest/using_lagoon/graphql_api/#connect-to-graphql-api

Bugfixes:

• Environment variables injected via the Lagoon API not present in environments (#861)

Improvements:

• Better mariadb-shared migration Scripts (#859)
• Updated Elasticsearch, Kibana, Logstash to version 6.5.4, plus SearchGuard to the same versions (d5da69a)

Documentation:

• #855
• PHP 5.6 and 7.0 Deprecation: (#857)

Happy new Year from the Lagoon Team!
First we really would like to say sorry for the not existing change-logs of the last releases, unfortunately they fell a bit through the cracks of life.
But here is to the new year: We pledge that every release in 2019 and every year after will have a change-log!

Changes:

• Update default Solr Image Configs to run with solr.lock.type:none, this fixes issues where the Solr didn't fully bootstrap after the container was stopped non-gracefully. (#552)
  Move the Solr Data dir from /opt/solr/server/solr/mycores/${corename}/data to /var/solr/${corename} while keeping the solr config still at /opt/solr/server/solr/mycores/${corename}/config. This split of data and config allows upcoming Solr Docker Images to automatically update the solr config, before this was not possible as the solr core was configured once and the config never ever updated. (#552)
  ❗️ Important: ❗️
  If you customized the Docker Solr Images please update your Dockerfile from:

  CMD ["solr-precreate", "corename", "/solr-conf"]
  

  to:

  RUN precreate-core corename /solr-conf
  CMD ["solr-foreground"]
  

  Additionally update the provided Solr Configs from:

  <dataDir>${solr.data.dir:}</dataDir>
  <lockType>${solr.lock.type:native}</lockType>
  

  to:

  <dataDir>/var/solr/${solr.core.name}</dataDir>
  <lockType>${solr.lock.type:none}</lockType>
  

New Features:

• Convert mariadb to a meta-server and auto discover mariadb-shared if the cluster supports it (#826)
  This basically means that Lagoon will automatically check if the OpenShift Cluster supports the lagoon-dbaas-mariadb-apb service broker class and if yes it will create a new service broker instance for this mariadb service. This means there is not a single pod anymore created for this environment, but instead a shared mariadb/mysql is used. If you still would like to have a single mariadb then use the service type mariadb-single. Existing projects not migrated to mariadb-shared are still automatically using the existing mariadb pod, to migrate see:
• Added helper script to migrate existing projects to mariadb-shared (#819)
• Support for Solr 7.5 (#807)
• Support for PHP 7.3 (#811)
• Support to run Tasks (shell commands) via the UI/API that are executed in a new pod in the same namespace (#845)
• GraphQL API and UI have now support for GraphQL Subscriptions which automatically update in realtime on a new or updated Deployment, Backup or Task (#801)
• Lagoon Tasks can now create artifacts which will be uploaded automatically by the API in an S3 compatible service and then served from there if requested via the UI/API (#820)
• Added a new nginx-php-redis-persistent which puts nginx, php and redis into a single pod. More added for consistency and for specific cases where this can be useful (#813)
• Added Support for upcoming Restic Backup-as-a-Service System (#813)
• SSH Remote Shell now also supports SFTP into cli (#840)

Improvements:

• Performance tune default mariadb-single and mariadb-galera configs (#793)
• Added the haproxy config template that Lagoon expects to run within OpenShift (#825)
• Improve Elasticsearch Curator (7949a03)
• Better and faster mysqldumps for Backups (8031181)
• Change default max_input_vars in php from 1000 to 2000 (#788)
• UI improvements (#776)
• Default Varnish Image ships now with dynamic director which can handle DNS changes on the fly and not only during Varnish starts (#759)
• Default Varnish Image ships now with libvmod-bodyaccess (#759)
• Add Projects to Customer Object in GraphQL API (#777)
• Fix not found Tika extension in Solr (#808)
• GraphQL API had issues loading the Hits for a month the year before (#839)
• Remove ::ffff: in front of IPv6 addressed within X-Forwarded-For request headers (#837)
• Enable xdebug's remote_log with an environment variable (#836)
• Support for Drupal BigPipe (#846)
• Longer timeouts for internal GraphQL Requests (aae899b)

Bug Fixes:

• Handle environment names longer than 64 characters (#806)
• Escape special characters in Pull Request Titles (#804)
• Handle long environment variables within nginx health check (https://github.com/amazeeio/lagoon/pull/823/files)
• Fix error with GraphQL deleteEnv (#822)
• Handle environments with dots in .lagoon.yml (#818)
• Fix overwritten lagoon-env config map (#792)
• Fix issues with Keycloak 4.6.0 (#790)

Documentation:

• #815
• #812
• #814
• #779
• Example how to automatically load BaseURL in Drupal 7 from Request (#847)

Another week, another Lagoon Release. This time we're at v0.16.1 (no worries, the v1.0.0 is coming soon).

In this release we have:

• Much much more documentation. We feel that many of the functionalities of Lagoon are now stable, so they also deserve a proper entry in the documentation over at http://lagoon.readthedocs.io/en/stable/ - thanks to @rtprio @twardnw @dasrecht
• A lot of preparation for our upcoming cli called lagu - thanks @karlhorky
• Cleanups like removing an old centos image - #529 (thanks @twardnw)
• building MongoDB Image again, after it builds again - #509 (thanks @rtprio)
• Fixing an issue where Drush wasn't happy when a Branch contained a slash and failed - #486(thanks @rtprio)
• Added a long awaited ll command by @Schnitzel - #524 (thanks @twardnw)

Unfortunately, sometimes little bugs don't show themselves during the automated testing and builds, so we squashed a few since the last release.

We also turned some heavy attention to the docs and have made some substantial updates. Head over to http://lagoon.readthedocs.io/ and check it all out.

Today marks another big step for Lagoon, with the v0.15.0 release we have now a better logging system (#478, #481) which will allow us to keep logs of:

• Router Logs (each single Hit)
• Pod Logs (stderr and stdout of every single pod)
• Lagoon Logs (build fails, etc.)
• Syslog Logs (Logs emitted via Syslog from the Applications)
  As the system is quite complicated and depending on a lot of different services, this probably will only fully automatically work with v0.16 but it's a step in the right direction.

Beside of that we have many other improvements:

• Drupal 7 Support in Varnish #479 (thanks to @ron_s for working with us on this)
• Possibility to set another memory limit for Varnish than the default 100MB - #474 (thanks to @dasrecht)
• Better Default Character sets for MariaDB so we can support all the emojis 😱 💚 #490 (thanks @twardnw)
• Possibility to overwrite the storage size for MariaDB PVCs, because who would have thought that there are Databases bigger than 5GB?! - #487 thanks to @twardnw
• Better Idling behavior: Don't idle Databases (they take quite long and generate all kind of timeouts), Idle Projects only after they have not been used for 4 hours (was 1 hour before) - #473 thanks @rtprio
• Some small maxscale improvements - #494
• More documentation: #471

And a special big shout out to @markxtji which is an active user of Lagoon and started to contribute back to Lagoon, with improving the elasticsearch PVC configurations: #463 (thanks also to @thom8 for reviewing). OpenSource Love all the way!

Whew! What a last couple of weeks. After 316 commits later we are super proud to present Lagoon Version 0.7.0. Here a short overview of the new goodies:

1. The API learned more Objects. We have now a new Object called Environments which is automatically propagated by new deployments. It keeps track of the generated OpenShift Projects and the type of environment (development or production). They are also automatically removed when a Branch or PR is deleted.
2. The API is now authenticated by User. JSON Web Tokens for Users include now the SSH Key of the user and with that we can figure out to which projects and customers a User belongs. Based on that the API will only show API Objects that should actually be seen by the User. (Authenticated Create, Delete and Update is still in the works)
3. The varnish Image has been split up into varnish and varnish-drupal 🔀
4. Drupal specific things of the php-cli image (drush, console) have been removed and moved into php-cli-drupal
5. There is a new service called ssh which has magic powers 🎩 ! It can do two things:
   • Generate JSON Web Tokens for a user with the SSH Key of the connecting User
   • Provide remote shell access to a running container of an OpenShift Project. So it basically feels like you connect via ssh to the container even though you don't :) (this also provides possibilities for rsync and other tools that depend on rsync).
6. A new lagoon type called cli-persistent which allows to mount an already existing persistent storage name into the cli container
7. Refactored Drush Aliases that auto generate a JWT for the User and makes API calls with that token, plus it also uses the new ssh connection to run drush sql-sync, drush rsync and drush ssh.
8. The php-cli-drupal images are shipped with an drushrc.php that tells Drush where it finds the Drupal root and what routes it currently has. This removes the need to cd into the correct drupal folder before running Drush commands! 💚
9. Injecting the already existing ssh key into the cli containers so that the cli itself can make remote shell commands (needed to sync a remote environment with another remote environment)
10. Updates to the nginx image:
    • Auto adding x-robots-tag if we are on a development environment
    • an easy redirect-map file that allows for easy redirects without the need to write actual nginx configs
    • an easy way to create basic auth via Environment Variables (auto generated the .htpasswd file! 💪 )
11. Solr 5 and 6 Images! Also with a Drupal Flavor.
12. MongoDB Images!
13. A fully function LAGOON_ENVIRONMENT_TYPE environment variable. Also production environments cannot be deleted automatically and need to beforced
14. Mail Sending Support for php with an external Mail Relay (either provided by the hosting Infra, or something like Mailgun, etc.)
15. Custom Routes per Environment definable in .lagoon.yml
16. Cronjobs definable in .lagoon.yml
17. Much much nicer shell and bash prompts
18. Updated drupal-example with all the above mentioned changes: https://github.com/amazeeio/drupal-example
19. Fought and conquered Spectre and Meltdown on the production servers. ⚔️

And probably the most exciting but not visible part of Lagoon:
We are running the first fully Dockerized Production environment sites (we always had sites that where hybrid of the new and old system, but now it's actually all in the new system).
If you are an amazee.io client we will contact you soon how we will migrate everybody over to Lagoon. Stay tuned!