chore: bump release to 1.0.0-beta.37

NUWCDIVNPT · Aug 16, 2021 · 644521e · 644521e
1 parent 892f581
commit 644521e
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 6 deletions.
diff --git a/api/source/package-lock.json b/api/source/package-lock.json
diff --git a/api/source/package.json b/api/source/package.json
@@ -1,6 +1,6 @@
 {
   "name": "stig-management-api",
-  "version": "1.0.0-beta.36",
+  "version": "1.0.0-beta.37",
   "description": "An API for managing evaluations of Security Technical Implementation Guide (STIG) assessments.",
   "main": "index.js",
   "scripts": {

diff --git a/docs/the-project/DockerHub_Readme.md b/docs/the-project/DockerHub_Readme.md
@@ -44,14 +44,14 @@ services:
   api:
     image: nuwcdivnpt/stig-manager
     environment:
-      - STIGMAN_API_AUTHORITY=http://auth:8080/auth/realms/stigman
+      - STIGMAN_OIDC_PROVIDER=http://auth:8080/auth/realms/stigman
       - STIGMAN_CLASSIFICATION=U
       - STIGMAN_DB_HOST=db
       - STIGMAN_DB_PASSWORD=stigman
       - STIGMAN_INIT_IMPORT_STIGS=true
       - STIGMAN_INIT_IMPORT_SCAP=true
       # Set envvar below if non-localhost browsers will access the API
-      # - STIGMAN_CLIENT_KEYCLOAK_AUTH=<the Keycloak authorization URL relative to the Client>
+      # - STIGMAN_CLIENT_OIDC_PROVIDER=<the Keycloak authorization URL relative to the Client>
     init: true
     ports:
       - "54000:54000"
@@ -107,7 +107,7 @@ docker run --name stig-manager-api \
   -p 54000:54000 \
   -e STIGMAN_DB_HOST=<DATABASE_IP> \
   -e STIGMAN_DB_PORT=<DATABASE_PORT> \
-  -e STIGMAN_API_AUTHORITY=http://<KEYCLOAK_IP>:<KEYCLOAK_PORT>/auth/realms/stigman \
+  -e STIGMAN_OIDC_PROVIDER=http://<KEYCLOAK_IP>:<KEYCLOAK_PORT>/auth/realms/stigman \
   nuwcdivnpt/stig-manager
 ```
 
diff --git a/release-notes.rst b/release-notes.rst
@@ -1,3 +1,34 @@
+1.0.0-beta.37
+-----------------------
+- feat: support generic OIDC providers (#403)
+- fix: cci param, added checks for projections to tests (#404)
+- feat: Adds metadata handling for Assets and Collections (#396)
+- feat: STIGMAN_DEV_RESPONSE_VALIDATION environment variable (#398)
+- fix: access control checks for assets (#400)
+- chore: update sample appdata (#394)
+- fix: implement delete STIG revision (#383)
+- feat: Removed global_access privilege (#386)
+- feat: UI for asset transfers (#385)
+- feat: switched OpenAPI validation/router library to express-openapi-validator (#382)
+- feat: continue on corrupted member of STIG zip (#377)
+- feat: continue on error when importing zips of STIGs (#376)
+- feat: All users can access Collection Review (#375)
+- fix: use promise interface for conn.query() (#372)
+- fix: implement CCI endpoints (#363)
+- fix: recalculate stats on Review delete (#367)
+- feat: add name and email to User object (#369)
+- fix: UI sends correct projections (#368)
+- fix: implement GET /stigs/rules/{ruleId} (#354)
+
+Introduced new envvars, which deprecate existing envvars in some cases:
+
+- ``STIGMAN_OIDC_PROVIDER`` deprecates ``STIGMAN_API_AUTHORITY``
+- ``STIGMAN_CLIENT_EXTRA_SCOPES`` is new
+- ``STIGMAN_CLIENT_ID`` deprecates ``STIGMAN_CLIENT_KEYCLOAK_CLIENTID``
+- ``STIGMAN_CLIENT_OIDC_PROVIDER`` deprecates ``STIGMAN_CLIENT_KEYCLOAK_AUTH`` and ``STIGMAN_CLIENT_KEYCLOAK_REALM``
+- ``STIGMAN_JWT_PRIVILEGES_CLAIM`` deprecates ``STIGMAN_JWT_ROLES_CLAIM``
+- ``STIGMAN_SWAGGER_OIDC_PROVIDER`` deprecates ``STIGMAN_SWAGGER_AUTHORITY``
+
 1.0.0-beta.36
 -----------------------
 - fix: UI now handles missing vulnDiscussion (#361)