This repository has been archived by the owner on Feb 16, 2023. It is now read-only.
Releases: secrethub/secrethub-cli
Releases · secrethub/secrethub-cli
v0.44.1
v0.44.0
v0.43.0
Added
- Added commands that allows you to migrate secrethub.env files, configuration files that include secret references and template files (used with
inject
) to 1Password. See https://secrethub.io/docs/1password/migration/ for detailed instructions on how to use these new commands. (#386, #389, #390)
Changed
- The command to migrate your secrets from SecretHub to 1Password is now idempotent, so it supports running them again to apply any new changes without changing the already migrated secrets. (#379)
- When migrating your secrets to 1Password, the API Credential item type is now used instead of the Login item type (#387)
v0.42.1
Fixed
- Fixed a bug that causes testcases to sometimes fail on some systems. This is relevant for AUR, since the tests are run as part of the installation process. (#382)
- Added support for more 1Password CLI configuration directories for the migration commands. (#378)
- In the migration commands, handle the case were a user is a member of a repository, but does not have read access on any directories in the repo (#380)
v0.42.0
Release v0.42.0
Added
- Added commands to plan and execute a migration of secrets to 1Passsword and a command to assist in using those secrets with the 1Password Kubernetes operator. Check out https://secrethub.io/blog/secrethub-joins-1password/ for the announcement of the acquisition and https://secrethub.io/docs/1password/migration/ for detailed instructions on migrating to 1Password Secrets Automation. (37521a4)
- Added auto-completion (#333)
- Improved error message for missing credentials of machine accounts (#370)
- Added support to use
secrethub account inspect
for service accounts (#359) - Improved help-text for --secrets-dir flag of run command (#350)
Fixed
- Corrected help-text message for AWS service account default descriptions (#356)
Removed
- Removed the previously deprecated signup command. Use https://signup.secrethub.io instead.
v0.41.2
v0.41.1
v0.41.0
Added
--secrets-dir
flag that maps all secrets in a directory to environment variables (#299)-f
,-i
and--noreport
flags totree
command (#319)
Changed
- New signup flow using https://signup.secrethub.io/ (#332, #340, #341, #342)
demo init
doesn't error when demo repo already exists (#321)
Fixed
- Masker race condition (#320)
v0.40.0
Added
- Introducing keyless apps for Google Cloud Platform: applications running on Google's compute services (GCE, GKE, etc.) can now natively authenticate to SecretHub to fetch their secrets, without needing to manage another key.
- Functions to create and manage links to GCP projects:
secrethub service gcp link
,secrethub service gcp list-links
andsecrethub service gcp delete-link
. These links are needed to create a service account that makes use of the SecretHub Identity Provider. The GCP project of every GCP Service Account that is used for the Identity Provider first has to be linked to a SecretHub namespace. (#298)
Changed
secrethub service init
now returns an error if it is passed the path to a directory instead of a repository as the argument. (#311)
v0.39.0
Added
- Proxy to use for connecting to the SecretHub API can now be set with the
--proxy-address
flag or by setting theSECRETHUB_PROXY_ADDRESS
environment variable. (#293) secrethub mkdir
now accepts multiple arguments for directories to create. (#290)secrethub audit
now supports--output-format=json
to output the audit log entries in JSON format. (#269)- [private beta] Functionality for creating and using the GCP Identity Provider to use keyless authentication on GCP was introduced.
Changed
secrethub audit
uses the OS's default pager ($PAGER
) to paginate its output. If no default is set,less
or elsemore
is used if it's available. If no pager is available, the output is limited to 100 lines. (#269)
Please note that the GCP Identity Provider is released as a private beta. This means that the API will not accept the creation of a service account using this Identity Provider if you're not admitted to the private beta. Furthermore, the signature of this functionality might change in the future.
If you want to test this functionality, please reach out to us at [email protected].