2.8.3

2.8.3

(2020-09-15)

What’s new

  • In the bootstrapper, all visible name references to Universal Control Plane have been changed to ** Mirantis Kubernetes Engine, and all name references to UCP have been changed to MKE (ENGDTR-2246).

  • Messaging information has been edited to refer to Mirantis.

  • The default TLS server certificate generated when MSR is installed can now be used for server authentication. Chrome running in its default configuration will now permit users to bypass the certificate error and access MSR.

  • MSR is now fully functional without a license, with the exception of image scanning, which continues to require an Advanced license (ENGDTR-1812).

  • MSR now creates events for changes to repository descriptions.

  • MSR now creates events for a change to a repository’s ImmutableTags field.

  • Documented API endpoints now display in the Swagger Live API documentation:

    • /_ping

    • /health

    • /nginx_status

    • /admin/settings

    (ENGDTR-1701)

Bug fixes

  • Fixed an issue that caused tags to appear as if they were pushed 2019 years ago by a nameless entity.

  • Fixed an issue wherein repository team access was not cleaned up following team deletion (ENGDTR-989).

  • Fixed the following API handlers so that they correctly return an HTTP 401 Unauthorized response when unauthenticated:

    • /repositories

    • /index/dockersearch

    • /index/autocomplete

    (ENGDTR-1824)

  • Fixed an issue wherin a blank page would display when viewing scanned image components while looking at multi arch image constituents.

  • Fixed an issue wherein the read-only registry banner would remain following a backup/restore, even once the registry was returned to read-write mode. In addition, also fixed an issue in which following a backup/restore the registry could not be set back into read-only mode after it had been unset (ENGDTR-2015, FIELD-2775).

  • Fixed an issue wherein the UI was not properly handling a fresh MSR setup without a garbage collection cron set, which resulted in seemingly infinite loading (ENGDTR-2029).

  • Fixed an issue wherein garbage collection cron job could not be disabled from the UI (ENGDTR-2030).

  • Fixed an issue wherein users were not able to configure MSR to check for upgrades after having previously disabled the feature (ENGDTR-2036).

  • Fixed an issue wherein non-admin users were seeing admin options on the settings page (ENGDTR-2032).

  • Fixed an issue in which the update_vuln_db (vulnerability database update) job returned success even when a replica failed to update its database (ENGDTR-2039).

  • Fixed an issue in which usage analytics were sometimes sent even when the Analytics: Send data setting was turned off.

  • Fixed an issue whereby scanning data was not cleaned up following images garbage collection (ENGDTR-1692).

Security

  • Updated component signature files used for image scanning.

  • Bumped Alpine base image to 3.12.

  • Fixed an issue wherein requests to remote /v2/ endpoints for mirroring would leak information about the remote registry (ENGDTR-1821).

  • Updated RethinkDB Client used to v6 and bump many other component libraries

  • Updated images to be built from Go 1.14 (ENGDTR-1989).

Known issues

  • If an image’s vulnerability information is not available, rescan the image. If this does not resolve the situation, contact customer support. (Intermittent failures will be addressed in an upcoming release.) (ENGDTR-2053)

  • Several of the highest severity CVEs have been resolved in MSR, and this work will continue going forward (ENGDTR-1874).