diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6e07312b17c5e..76400f55fb1ff 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,55 @@
# Changelog
+## 15.1.0 (02/29/24)
+
+### New Features
+
+#### Standalone tbot Docker image
+We now ship a new container image that contains tbot but omits other Teleport binaries, providing a light-weight option for Machine ID users.
+
+#### Custom mouse pointers for remote desktop sessions
+Teleport remote desktop sessions now automatically change the mouse cursor depending on context (when hovering over a link, resizing a window, or editing text, for example).
+
+#### Synchronization of Okta groups and apps
+Okta integration now support automatic synchronization of Okta groups and app assignments to Teleport as access lists giving users ability to request access to Okta apps without extra configuration.
+
+#### EKS auto-discovery in Access Management UI
+Users going through EKS enrollment flow in Access Management web UI now have an option to enable auto-discovery for EKS clusters.
+
+### Other changes
+
+* Fixed application access events being overwritten when using DynamoDB as event storage. [#38815](https://github.com/gravitational/teleport/pull/38815)
+* Fixed a regression that had reintroduced long freezes for certain actions like "Run as different user". [#38805](https://github.com/gravitational/teleport/pull/38805)
+* When teleport is configured to require MFA for admin actions, MFA is required to get certificate authority secrets. Ex: `tctl auth export --keys` or `tctl get cert_authority/host/root.example.com --with-secrets`. [#38777](https://github.com/gravitational/teleport/pull/38777)
+* Added auto-enrolling capabilities to EKS discover flow in the web UI. [#38773](https://github.com/gravitational/teleport/pull/38773)
+* Heavily optimized the Access List page in the UI, speeding things up considerably. [#38764](https://github.com/gravitational/teleport/pull/38764)
+* Align DynamoDB BatchWriteItem max items limit. [#38763](https://github.com/gravitational/teleport/pull/38763)
+* tbot-distroless image is now published. This contains just the tbot binary and therefore has a smaller image size. [#38718](https://github.com/gravitational/teleport/pull/38718)
+* Fixed a regression with Teleport Connect not showing the re-login reason and connection errors when accessing databases, Kube clusters, and apps with an expired cert. [#38716](https://github.com/gravitational/teleport/pull/38716)
+* Re-enabled the Windows key and prevents it from sticking or otherwise causing problems when cmd+tab-ing or alt+tab-ing away from the browser during desktop sessions. [#38699](https://github.com/gravitational/teleport/pull/38699)
+* Resource limits are now correctly applied to the `wait-auth-update` initContainer in the `teleport-cluster` Helm chart. [#38692](https://github.com/gravitational/teleport/pull/38692)
+* When teleport is configured to require MFA for admin actions, MFA is required to create, update, or delete trusted clusters. [#38690](https://github.com/gravitational/teleport/pull/38690)
+* Fixed error in `tctl get users --with-secrets` when using SSO. [#38663](https://github.com/gravitational/teleport/pull/38663)
+* When device trust is required and MFA is optional, users will need to add their first MFA device from a trusted device. [#38657](https://github.com/gravitational/teleport/pull/38657)
+* Temporary files are no longer created during Discover UI EKS cluster enrollment. [#38649](https://github.com/gravitational/teleport/pull/38649)
+* When teleport is configured to require MFA for admin actions, MFA is required to get or list tokens with `tctl`. Ex: `tctl tokens ls` or `tctl get tokens/foo`. [#38645](https://github.com/gravitational/teleport/pull/38645)
+* Implemented dynamic mouse pointer updates to reflect context-specific actions, e.g. window resizing. [#38614](https://github.com/gravitational/teleport/pull/38614)
+* MFA approval is no longer required in the beginning of EKS Discover flow. [#38580](https://github.com/gravitational/teleport/pull/38580)
+* Fixed Postgres v16.x compatibility issue preventing multiple connections for auto-provisioned users. [#38543](https://github.com/gravitational/teleport/pull/38543)
+* Fixed incorrect color of resource cards after changing the theme in Web UI and Connect. [#38537](https://github.com/gravitational/teleport/pull/38537)
+* Updated the dialog for adding new authentication methods in the account settings screen. [#38535](https://github.com/gravitational/teleport/pull/38535)
+* Displays review dates for access lists in dates, not remaining hours in tsh. [#38525](https://github.com/gravitational/teleport/pull/38525)
+* Ensure that tsh continues to function if one of its profiles is invalid. [#38514](https://github.com/gravitational/teleport/pull/38514)
+* Fixed logging output for `teleport configure ...` commands. [#38508](https://github.com/gravitational/teleport/pull/38508)
+* Fixed tsh/WebAuthn.dll panic on Windows Server 2019. [#38490](https://github.com/gravitational/teleport/pull/38490)
+* Fixes an issue that prevented the Web UI from properly displaying the hostname of servers in leaf clusters. [#38469](https://github.com/gravitational/teleport/pull/38469)
+* Added `ssh_service.enhanced_recording.root_path` configuration option to change the cgroup slice path used by the agent. [#38394](https://github.com/gravitational/teleport/pull/38394)
+* Fixed a bug that could cause expired SSH servers from appearing in the Web UI until the Proxy is restarted. [#38310](https://github.com/gravitational/teleport/pull/38310)
+* Desktops can now be configured to use the same screen resolution for all sessions. [#38307](https://github.com/gravitational/teleport/pull/38307)
+* The maximum duration for an access request is now 14 days, the okta-requester role has been added which takes advantage of this. [#38224](https://github.com/gravitational/teleport/pull/38224)
+* Added TLS routing native WebSocket connection upgrade support. [#38108](https://github.com/gravitational/teleport/pull/38108)
+* Fixed a bug allowing the operator to delete resource it does not own. [#37750](https://github.com/gravitational/teleport/pull/37750)
+
## 15.0.2 (02/15/24)
* Fixed a potential panic in the `tsh status` command. [#38305](https://github.com/gravitational/teleport/pull/38305)
diff --git a/Makefile b/Makefile
index fc2dfb7dd1352..595319d50e7e6 100644
--- a/Makefile
+++ b/Makefile
@@ -11,7 +11,7 @@
# Stable releases: "1.0.0"
# Pre-releases: "1.0.0-alpha.1", "1.0.0-beta.2", "1.0.0-rc.3"
# Master/dev branch: "1.0.0-dev"
-VERSION=15.0.2
+VERSION=15.1.0
DOCKER_IMAGE ?= teleport
diff --git a/api/version.go b/api/version.go
index b0cf185e98515..faadde21c9ae7 100644
--- a/api/version.go
+++ b/api/version.go
@@ -3,6 +3,6 @@ package api
import "github.com/coreos/go-semver/semver"
-const Version = "15.0.2"
+const Version = "15.1.0"
var SemVersion = semver.New(Version)
diff --git a/build.assets/macos/tsh/tsh.app/Contents/Info.plist b/build.assets/macos/tsh/tsh.app/Contents/Info.plist
index 7ca15ff9ac054..63a32c655e012 100644
--- a/build.assets/macos/tsh/tsh.app/Contents/Info.plist
+++ b/build.assets/macos/tsh/tsh.app/Contents/Info.plist
@@ -19,13 +19,13 @@
CFBundlePackageType
APPL
CFBundleShortVersionString
- 15.0.2
+ 15.1.0
CFBundleSupportedPlatforms
MacOSX
CFBundleVersion
- 15.0.2
+ 15.1.0
DTCompiler
com.apple.compilers.llvm.clang.1_0
DTPlatformBuild
diff --git a/build.assets/macos/tshdev/tsh.app/Contents/Info.plist b/build.assets/macos/tshdev/tsh.app/Contents/Info.plist
index 46514aace34b8..b6cbd62865dab 100644
--- a/build.assets/macos/tshdev/tsh.app/Contents/Info.plist
+++ b/build.assets/macos/tshdev/tsh.app/Contents/Info.plist
@@ -17,13 +17,13 @@
CFBundlePackageType
APPL
CFBundleShortVersionString
- 15.0.2
+ 15.1.0
CFBundleSupportedPlatforms
MacOSX
CFBundleVersion
- 15.0.2
+ 15.1.0
DTCompiler
com.apple.compilers.llvm.clang.1_0
DTPlatformBuild
diff --git a/e b/e
index 71bdd537ebc14..31e24155cd6ac 160000
--- a/e
+++ b/e
@@ -1 +1 @@
-Subproject commit 71bdd537ebc149c691d82a1fa18a8cacb87e7d9c
+Subproject commit 31e24155cd6ac2963b5d8ada686552bcab10dc6e
diff --git a/examples/chart/teleport-cluster/Chart.yaml b/examples/chart/teleport-cluster/Chart.yaml
index 6ccf0164564fc..1736597eff068 100644
--- a/examples/chart/teleport-cluster/Chart.yaml
+++ b/examples/chart/teleport-cluster/Chart.yaml
@@ -1,4 +1,4 @@
-.version: &version "15.0.2"
+.version: &version "15.1.0"
name: teleport-cluster
apiVersion: v2
diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml
index fe0c8a5ca7fbe..206e9ddc05c9b 100644
--- a/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml
+++ b/examples/chart/teleport-cluster/charts/teleport-operator/Chart.yaml
@@ -1,4 +1,4 @@
-.version: &version "15.0.2"
+.version: &version "15.1.0"
name: teleport-operator
apiVersion: v2
diff --git a/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap b/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap
index e2a989da336cd..3e596230f04e3 100644
--- a/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap
+++ b/examples/chart/teleport-cluster/tests/__snapshot__/auth_deployment_test.yaml.snap
@@ -8,7 +8,7 @@
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -141,7 +141,7 @@ should set nodeSelector when set in values:
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -238,7 +238,7 @@ should set resources when set in values:
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -324,7 +324,7 @@ should set securityContext when set in values:
- args:
- --diag-addr=0.0.0.0:3000
- --apply-on-startup=/etc/teleport/apply-on-startup.yaml
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
diff --git a/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap b/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap
index aa97e2245e02e..2bd916854da4a 100644
--- a/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap
+++ b/examples/chart/teleport-cluster/tests/__snapshot__/proxy_deployment_test.yaml.snap
@@ -5,7 +5,7 @@ should provision initContainer correctly when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
name: wait-auth-update
resources:
limits:
@@ -69,7 +69,7 @@ should set nodeSelector when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -130,7 +130,7 @@ should set nodeSelector when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
name: wait-auth-update
nodeSelector:
environment: security
@@ -181,7 +181,7 @@ should set resources for wait-auth-update initContainer when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -249,7 +249,7 @@ should set resources for wait-auth-update initContainer when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
name: wait-auth-update
resources:
limits:
@@ -289,7 +289,7 @@ should set resources when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -357,7 +357,7 @@ should set resources when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
name: wait-auth-update
resources:
limits:
@@ -397,7 +397,7 @@ should set securityContext for initContainers when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -465,7 +465,7 @@ should set securityContext for initContainers when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
name: wait-auth-update
securityContext:
allowPrivilegeEscalation: false
@@ -505,7 +505,7 @@ should set securityContext when set in values:
containers:
- args:
- --diag-addr=0.0.0.0:3000
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -573,7 +573,7 @@ should set securityContext when set in values:
- wait
- no-resolve
- RELEASE-NAME-auth-v14.NAMESPACE.svc.cluster.local
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
name: wait-auth-update
securityContext:
allowPrivilegeEscalation: false
diff --git a/examples/chart/teleport-kube-agent/Chart.yaml b/examples/chart/teleport-kube-agent/Chart.yaml
index c55a69b053a0c..aba484bc298a2 100644
--- a/examples/chart/teleport-kube-agent/Chart.yaml
+++ b/examples/chart/teleport-kube-agent/Chart.yaml
@@ -1,4 +1,4 @@
-.version: &version "15.0.2"
+.version: &version "15.1.0"
name: teleport-kube-agent
apiVersion: v2
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap
index 08c045641d090..c149dfed0b080 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/deployment_test.yaml.snap
@@ -30,7 +30,7 @@ sets Deployment annotations when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -103,7 +103,7 @@ sets Deployment labels when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -163,7 +163,7 @@ sets Pod annotations when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -223,7 +223,7 @@ sets Pod labels when specified if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -300,7 +300,7 @@ should add emptyDir for data when existingDataVolume is not set if action is Upg
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -361,7 +361,7 @@ should add insecureSkipProxyTLSVerify to args when set in values if action is Up
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -421,7 +421,7 @@ should correctly configure existingDataVolume when set if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -479,7 +479,7 @@ should expose diag port if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -551,7 +551,7 @@ should have multiple replicas when replicaCount is set (using .replicaCount, dep
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -623,7 +623,7 @@ should have multiple replicas when replicaCount is set (using highAvailability.r
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -683,7 +683,7 @@ should have one replica when replicaCount is not set if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -743,7 +743,7 @@ should mount extraVolumes and extraVolumeMounts if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -810,7 +810,7 @@ should mount tls.existingCASecretName and set environment when set in values if
value: "true"
- name: SSL_CERT_FILE
value: /etc/teleport-tls-ca/ca.pem
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -880,7 +880,7 @@ should mount tls.existingCASecretName and set extra environment when set in valu
value: http://username:password@my.proxy.host:3128
- name: SSL_CERT_FILE
value: /etc/teleport-tls-ca/ca.pem
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -946,7 +946,7 @@ should provision initContainer correctly when set in values if action is Upgrade
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1042,7 +1042,7 @@ should set SecurityContext if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1122,7 +1122,7 @@ should set affinity when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1182,7 +1182,7 @@ should set default serviceAccountName when not set in values if action is Upgrad
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1255,7 +1255,7 @@ should set environment when extraEnv set in values if action is Upgrade:
value: "true"
- name: HTTPS_PROXY
value: http://username:password@my.proxy.host:3128
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1375,7 +1375,7 @@ should set imagePullPolicy when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: Always
livenessProbe:
failureThreshold: 6
@@ -1435,7 +1435,7 @@ should set nodeSelector if set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1497,7 +1497,7 @@ should set not set priorityClassName when not set in values if action is Upgrade
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1569,7 +1569,7 @@ should set preferred affinity when more than one replica is used if action is Up
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1629,7 +1629,7 @@ should set priorityClassName when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1690,7 +1690,7 @@ should set probeTimeoutSeconds when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1760,7 +1760,7 @@ should set required affinity when highAvailability.requireAntiAffinity is set if
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1820,7 +1820,7 @@ should set resources when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1887,7 +1887,7 @@ should set serviceAccountName when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1947,7 +1947,7 @@ should set tolerations when set in values if action is Upgrade:
env:
- name: TELEPORT_INSTALL_METHOD_HELM_KUBE_AGENT
value: "true"
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap
index 5f8a9e706ebea..40f1d72094c2c 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/job_test.yaml.snap
@@ -25,7 +25,7 @@ should create ServiceAccount for post-delete hook by default:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -104,7 +104,7 @@ should not create ServiceAccount for post-delete hook if serviceAccount.create i
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -132,7 +132,7 @@ should not create ServiceAccount, Role or RoleBinding for post-delete hook if se
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -160,7 +160,7 @@ should set nodeSelector in post-delete hook:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
@@ -190,7 +190,7 @@ should set securityContext in post-delete hook:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
name: post-delete-job
securityContext:
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap
index 0133359f59c56..344315b244b0c 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/statefulset_test.yaml.snap
@@ -16,7 +16,7 @@ sets Pod annotations when specified:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -84,7 +84,7 @@ sets Pod labels when specified:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -176,7 +176,7 @@ sets StatefulSet labels when specified:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -272,7 +272,7 @@ should add insecureSkipProxyTLSVerify to args when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -340,7 +340,7 @@ should add volumeClaimTemplate for data volume when using StatefulSet and action
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -428,7 +428,7 @@ should add volumeClaimTemplate for data volume when using StatefulSet and is Fre
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -506,7 +506,7 @@ should add volumeMount for data volume when using StatefulSet:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -574,7 +574,7 @@ should expose diag port:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -642,7 +642,7 @@ should generate Statefulset when storage is disabled and mode is a Upgrade:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -724,7 +724,7 @@ should have multiple replicas when replicaCount is set (using .replicaCount, dep
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -804,7 +804,7 @@ should have multiple replicas when replicaCount is set (using highAvailability.r
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -872,7 +872,7 @@ should have one replica when replicaCount is not set:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -940,7 +940,7 @@ should install Statefulset when storage is disabled and mode is a Fresh Install:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1010,7 +1010,7 @@ should mount extraVolumes and extraVolumeMounts:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1085,7 +1085,7 @@ should mount tls.existingCASecretName and set environment when set in values:
value: RELEASE-NAME
- name: SSL_CERT_FILE
value: /etc/teleport-tls-ca/ca.pem
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1165,7 +1165,7 @@ should mount tls.existingCASecretName and set extra environment when set in valu
value: /etc/teleport-tls-ca/ca.pem
- name: HTTPS_PROXY
value: http://username:password@my.proxy.host:3128
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1241,7 +1241,7 @@ should not add emptyDir for data when using StatefulSet:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1309,7 +1309,7 @@ should provision initContainer correctly when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1413,7 +1413,7 @@ should set SecurityContext:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1501,7 +1501,7 @@ should set affinity when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1569,7 +1569,7 @@ should set default serviceAccountName when not set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1650,7 +1650,7 @@ should set environment when extraEnv set in values:
value: RELEASE-NAME
- name: HTTPS_PROXY
value: http://username:password@my.proxy.host:3128
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1786,7 +1786,7 @@ should set imagePullPolicy when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: Always
livenessProbe:
failureThreshold: 6
@@ -1854,7 +1854,7 @@ should set nodeSelector if set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -1936,7 +1936,7 @@ should set preferred affinity when more than one replica is used:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2004,7 +2004,7 @@ should set probeTimeoutSeconds when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2082,7 +2082,7 @@ should set required affinity when highAvailability.requireAntiAffinity is set:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2150,7 +2150,7 @@ should set resources when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2225,7 +2225,7 @@ should set serviceAccountName when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2293,7 +2293,7 @@ should set storage.requests when set in values and action is an Upgrade:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2361,7 +2361,7 @@ should set storage.storageClassName when set in values and action is an Upgrade:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -2429,7 +2429,7 @@ should set tolerations when set in values:
fieldPath: metadata.namespace
- name: RELEASE_NAME
value: RELEASE-NAME
- image: public.ecr.aws/gravitational/teleport-distroless:15.0.2
+ image: public.ecr.aws/gravitational/teleport-distroless:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
diff --git a/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap b/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap
index fc463046c7402..2440003cea4a6 100644
--- a/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap
+++ b/examples/chart/teleport-kube-agent/tests/__snapshot__/updater_deployment_test.yaml.snap
@@ -27,7 +27,7 @@ sets the affinity:
- --base-image=public.ecr.aws/gravitational/teleport-distroless
- --version-server=https://my-custom-version-server/v1
- --version-channel=custom/preview
- image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.0.2
+ image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
@@ -71,7 +71,7 @@ sets the tolerations:
- --base-image=public.ecr.aws/gravitational/teleport-distroless
- --version-server=https://my-custom-version-server/v1
- --version-channel=custom/preview
- image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.0.2
+ image: public.ecr.aws/gravitational/teleport-kube-agent-updater:15.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6