A summary of the Cockpit weekly release. There’s a new release every week. Here are the highlights from this weeks 0.105 release.
Strict Content-Security-Policy enforced everywhere -------------------------------------------------- All of the Cockpit components now ship strict Content-Security-Policy. This is like SELinux in your browser, where you declare the kind of things the application is permitted to do and anything else is blocked. Cockpit now only allows talking to and loading code from the server(s) that it's running on. Everything else is blocked, including inline scripts, evaluating javascript code, and using inline styles. Change: https://trello.com/c/JDZB3T4M/251-0-105-implement-content-security-policy Timeout for Cockpit Authentication ---------------------------------- Cockpit uses PAM for authenticating local users. It now expects that authentication process to complete within a certain timeout. Details: https://github.com/cockpit-project/cockpit/blob/master/doc/authentication.md Change: https://github.com/cockpit-project/cockpit/pull/4339 Cluster Users can be Added and Removed from Groups -------------------------------------------------- In the Cluster admin interface, users can be added to groups and remove them with a few clicks. Demo: https://www.youtube.com/TzvqNj9VywM Change: https://github.com/cockpit-project/cockpit/pull/4066 Registry Mirroring from Insecure Registries ------------------------------------------- In the Registry user interface http://www.projectatomic.io/registry/ there's now a checkbox that allows you to choose whether the registry from which you're mirroring container images is insecure or not. Aaron has been working on further changes to the mirroring views, such as reporting errors, and syncing on demand. Screenshot: http://stef.thewalter.net/images/cockpit-insecure-registry.png Change: https://github.com/cockpit-project/cockpit/pull/4307 Deletion of Kubernetes Nodes ---------------------------- In the Cluster admin interface you can now delete Nodes from the cluster, and select which ones to delete. Andreas has also done design work to allow upgrading the node operating system as well as cordoning nodes, which makes them unavailable for scheduling containers. Screenshot: http://stef.thewalter.net/images/cockpit-delete-nodes.png Change: https://github.com/cockpit-project/cockpit/pull/4344 Get it ------ You can get Cockpit here: http://cockpit-project.org/running.html Cockpit 0.105 is available in Fedora 24: https://bodhi.fedoraproject.org/updates/cockpit-0.105-1.fc24 Or download the tarball here: https://github.com/cockpit-project/cockpit/releases/tag/0.105 Take care, Stef
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cockpit-devel mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
