2.8.10

(2021-11-09)

What’s new

  • Added new sub-command rotate-certificates to the rethinkops binary that exists inside of the dtr-rethinkdb image. This command allows you to rotate the certificates that provide intracluster communication between the MSR system containers and RethinkDB.

    To rotate certificates, docker exec into the dtr-rethinkdb container and use the command below (you can provide the --debug flag for more information):

    REPLICA_ID=$(docker ps -lf name='^/dtr-rethinkdb-.{12}$' --format '{{.Names}}' | cut -d- -f3)
$ docker exec -e DTR_REPLICA_ID=$REPLICA_ID -it $(docker ps -q --filter name=dtr-rethinkdb)
# rethinkops rotate-certificates --replica-id $DTR_REPLICA_ID --debug

    (FIELD-4044)

Bug fixes

  • Fixed an issue wherein the webhook could fail to trigger, thus issuing the “argument list too long” error (FIELD-3424).

  • Fixed an issue wherein the MSR image scan CSV report was missing the CVSS3 score and only had the CVSS2 score (FIELD-3946).

  • Fixed issues wherein the list of org repositories was limited to ten and was wrapping incorrectly (FIELD-3987).

  • Fixed an issue with the MSR web UI wherein performing a search from the left-side navigation panel produced search results that displayed on top of the background text (FIELD-4268).

  • Made improvements to MSR administrative actions to circumvent failures that can result from stale containers (FIELD-4270) (FIELD-4291).

  • Fixed an image signing regression issue that applies to MSR 2.8.9 (FIELD-4320).

Security

Known issue

  • The image signing functionality in MSR 2.8.9 is incompatible with other MSR versions.

    Workaround:

    For images signed by MSR 2.8.9 it is necessary to delete trust data and re-sign the images using MSR 2.8.10 (FIELD-4320).