Skip to content

Latest commit

 

History

History
79 lines (48 loc) · 4.05 KB

release-notes.hbs.md

File metadata and controls

79 lines (48 loc) · 4.05 KB
Raw

Release notes

This topic contains release notes for Tanzu Application Platform v1.5.

v1.5.0

Release Date: April 11, 2023

Tanzu Application Platform new features

New features by component and area

Application Single Sign-On (AppSSO)

  • Introduces AuthServer CORS API that enables configuration of allowed HTTP origins. This is useful for public clients, such as single-page apps.
  • Introduces an API for filtering external roles, groups, and memberships across OpenID, LDAP, and SAML identity providers in AuthServer resource into the roles claim of the resulting identity token. For more information, see Roles claim filtering.
  • Introduces mapping of users' roles, filtered and propagated in the identity token's roles claim, into scopes of the access token. For access tokens that are in the JWT format, the resulting scopes are part of the access token's scope claim, if the ClientRegistration contains the scopes. For more information, see Configure authorization.
  • Introduces default access token scopes for user's authentication by using an identity provider. For more information, see Default authorization scopes.
  • Introduces standardized client authentication methods to ClientRegistration custom resource. For more information, see ClientRegistration.

Supply Chain Security Tools - Policy Controller

  • ClusterImagePolicy resync is triggered every 10 hours to get updated values from KMS.

cert-manager

Breaking changes

This release has the following breaking changes, listed by area and component.

Tanzu Build Service

  • The default ClusterBuilder now uses the Ubuntu Jammy (22.04) instead of Bionic (18.04) stack, ensure that your workloads can be built and run on Jammy.

Security fixes

This release has the following security fixes, listed by area and component.

Resolved issues

The following issues, listed by area and component, are resolved in this release.

Application Single Sign-On (AppSSO)

  • Resolves redirect URI issue with insecure http redirection on TKGm clusters.

Known issues

This release has the following known issues, listed by area and component.

Cloud Native Runtimes

  • When using auto-tls, on by default, DomainMapping resources must have names that are less than 63 characters. Otherwise, the DomainMapping fails to become ready due to CertificateNotReady.

Deprecations

The following features, listed by component, are deprecated. Deprecated features will remain on this list until they are retired from Tanzu Application Platform.

Application Single Sign-On (AppSSO)

  • ClientRegistration resource clientAuthenticationMethod field values post and basic are deprecated. Use client_secret_post and client_secret_basic instead.

Convention Controller

  • This component is deprecated in this release and is replaced by Cartographer Conventions. Cartographer Conventions implements the conventions.carto.run API that includes all the features that were available in the Convention Controller component.