1.8

A long overdue version bump, notable changes include:

features:

• pre-deploy-checks, run a healthcheck before activating
  the new system closure.

• --passcmd flag, get ssh credentials from another process

• structured nix invocation args

fixes:

• evalConfig: Ensure system is null for eval-config

• restore the defaults entry in the network file

Thank you @cleverca22 for the contribution. :)

1.7.0

First of all: Thank you @tomprice, @ckiee, @c4710n, @tp-la, @cole-h,
@mweinelt, for the great contributions. Very much appreciated. 🥇

It's time to cut another morph release. Besides
moving away from deprecated nix features, the following
is notably changed:

• Option uploadAt for secret provisioning.
• Added morph eval, a wrapper around nix-instantiate.
• support added for targetPort.
• Wait for mount before deploying secrets.
• Migrated assets to ldflags instead of go-bindata.

1.6.0

We made it! A new release is born 👶, just shy of a year since the previous one. 🎉
Our apologies for being slow to react to PR's and issues. We're trying our best to improve. 🙂

Thanks for you contributions and hard work: @adamtulinius @blaggacao @cole-h @fooker @kalbasit @phile314, which finally made it into a release.

Noteable changes and fixes:

• evaluations now work in restricted mode on Hydra (#116)
• hosts can now have tags (#125)
• ensure lazy evaluation of unused nodes (#147)
• ensure that SSH_CONFIG_FILE is passed to Nix-tools (#141)
• building morph directly with nix without custom shell scripts has become much easier (#53 #148)

Commits:

534875b Run simple nix-build in travis
833a016 go get -u plus vendorSha256
46401e8 simplify and drop features from nix build/shell
6c3a475 Fix source of lib files
2de9ca1 modSha256 -> vendorSha256
ef42c7f nixpkgsSrc -> nixpkgs
20450f4 fix it
6cacee8 remove dep2nix deps
d28dcd1 not working yet
809bede Go mod did not like the mix of dbcdk/morph and DBCDK/morph
6bb8e02 tidy it up
29c035a create the go.mod
cdd9f7d nix: add config file to NIX_SSHOPTS
8e01ad8 evalConfig: lazy unchecked eval of nodes
60900a5 Create lib derivation using correct resources
1218190 Cleanup dead code
7e6c8ca tags: document the feature and add to examples
2deb6d9 examples: update pin so the examples build again
32b321b tags: change --tagged require all tags
48761e6 tags: support listing multiple tags to whitelist
0d36e25 tags: support ordering of hosts based on tags
cedb084 tags: rudimentary support for tagging and filtering
2fa745d travis: use a newer nix
23e3af8 shell: make shell actually use the nixpkgs pin for building
8781f90 Allow evaluation in restricted mode

1.5.0

Release time! Have a cookie. 🍪 🎉

Special thanks to @zimbatm, @bb010g and @andir for your contributions and observations. 🥇

Breaking changes - read carefully:

Morph 1.5.0 nix-packaging will not build with current stable (20.03) nixpkgs and earlier. This is due to a breaking change in nixpkgs.buildGoPackage. See #114 , #115 and #119 for details.

Other notable changes/fixes:

• Deterministic manual builds with documentation.nixos.includeAllModules (#108)
• Support for optional custom build-shells (#117, #120)
• Support for overridable/injectable ssh config-file (#112)

Commits:
1e6b62d Add buildShell note in advanced configuration
c3c7adb Guard buildShell behind explicit allow-build-shell flag
08130e3 shell.nix: Use nixos-unstable by default
c5936b3 go fmt
57b3f36 Experimental network.buildShell
bb87a41 Revert "Add support for ports in hostnames"
78792a4 Initial commit: splitting hostname to have ports
f3719f2 nix-packaging: buildGoPackage no longer produces the $bin output
06b46d0 use documentation.nixos.extraModuleSources option
1c4809f go-bindata is a build time input
fef9efe runtime deps: just-in-time validation for ssh and scp
3f90aa8 add a SSH_CONFIG_FILE option
09b6685 generate assets in postPatch instead of prePatch

1.4.0

Here's finally another major release. It's been a while, but now is the time! We've compiled a good collection of nice features and bugfixes for you.

The "special thanks" of this release goes out to @fooker and @flokli . Thank you both for your contributions! 🥇

Breaking changes - read carefully:

• The default build targets have been reduced to include only the target NixOS system, not its derivation. (#69, #91)
• nixpkgs.* NixOS options are no longer special-cased by morph eval-machines.nix, meaning that everything except from nixpkgs.overlays will not work, if either network.pkgs or nixpkgs.pkgs is set. (#96)

Other notable changes/fixes:

• morph push now supports substitute-on-destination (#73, #83)
• morph deploy .. dry-activate and deployment.targetHost now actually works as expected. (#81, #86)

Commits:

f73a045 (johanot/optional-network-pkgs, optional-network-pkgs) eval-machines: let network.pkgs be optional
97cd1ed (origin/fix-askpass-signals, fix-askpass-signals) ssh-askpass: ensure term restore before unclean exit
9221e28 misc: cleanup
a60124b main: remove generic tmp-dir
00fa9fa Implement finalizers
e3acc5a (flokli/remove-drv, remove-drv) eval-machines: remove .drv file which pulls in unneeded deps
65e279f (fooker/target-user, target-user) fmt
1513c12 Add support for target user name option
fc6c574 (fooker/master) Sort up usage of targetHost
58676c3 go fmt
685a0f7 added deployment module option for nix copy --substitute-on-destination
86f1760 addded support for optional nixConfig attrset on network-level
83bf6d4 It is really not possible to get a sane dry-activate output without being root
2dfcc09 clarify how to upload secrets with morph
87d1256 Fixed typo in ssh/ssh.go
ac518fe Document the SSH_ environment variables (#74)

1.3.1

Just a small bugfix release addressing issues #68 and #71.
Special thanks to @delroth for reporting these.

Commits:

d16b750 Don't apply overlays twice (@johanot)
45c845c Workaround/fix for issue #68 (@Shados)

1.3.0

Only one new feature this time, but we've fixed some annoying bugs and that's awesome! Thanks to everybody who contributed. 🥇

The highlights of the release are:

• New flag --keep-result instructs morph to create a gcroot on the local system to prevent unwanted garbage collection.
• Fix of bug #34 now allows for per-machine specific config and proper cross-platform support.

Please note: morph >=v1.3.0 will not be able to build NixOS systems prior to version 19.09.

Commits:

00d7675 aligned comment with implementation (@johanot)
e88558c Merge per-machine nixpkgs arguments on top of network-wide ones (@Shados)
3856a9c healthchecks: fix bug in http-header implementation (@johanot)
8c232a4 Describe commands: build, push and deploy (#63) (@nhey)
593352d Typo in help for --reboot option (@eskytthe)
76fa9fc gcroot: addressing review comments (@johanot)
97928f9 gcroot: fail to KeepGCRoot disabled (@krav)
1815179 Don't dereference flag before it is set, default to false (@krav)
0d4cd43 nix-build: Keep latest build result around to prevent GC (@krav)
3f098a2 SSH_SKIP_HOST_KEY_CHECK should have affect for "nix copy ssh://" as well (@johanot)

1.2.0

This release contains 17 new commits, by three authors, and we've now hit exactly 200 commits 🎉

The main highlights of this release are

• easier debugging with the new --show-trace flag
• a new sub-command, 'list-secrets', that can output secrets in json format
• an option for skipping SSH host key checking
• command based health checks that honer the timeout option on the health check type
• new flags for specifying build targets either as an inline lambda expression (--target) or by a file containing an attrset of build targets (--target-file), see #38
• the flag --build-arg has been deprecated

and various bug fixes.

Commits:

• c9b07b7: Read mktemp output from stdout only, and put stderr output into a separate stream (@johanot)
• 189b16c: Added env var SSH_SKIP_HOST_KEY_CHECK which disables host key checking on morph ssh context. (@johanot)
• 7c4416a: Let both scp and ssh commands use the same function for building initial ssh args (@johanot)
• a5e0824: gofmt fixes (@Shados)
• 515afc6: Control value of morph version output via ldflags (@johanot)
• 98a14b4: Add a String() method to the Secret type (@Shados)
• e6fff65: Add a 'list-secrets' subcommand to display secrets for a deployment (@Shados)
• ce2975c: Add a '--json' flag to the 'list-secrets' subcommand, for JSON output (@Shados)
• 29b975d: Added --show-trace flag to morph (@johanot)
• 29b0319: go fmt (@johanot)
• facd2f2: Add variants of ssh.Cmd,ssh.SudoCmd that takes a context.Context as arg (@adamtulinius)
• 3761136: Use context.Context for timeout in SSHContext.CmdInteractive (@adamtulinius)
• bfb367a: ensure consistent timeout behaviour for health checks (@adamtulinius)
• 4230d3b: Add a 'buildTargets' argument to the machine builder Nix expression (@Shados)
• 27fe820: Add a 'target-file' build flag, for importing build targets from file (@Shados)
• b3eb9cb: Add a 'target' build flag, for passing a single custom target on the CLI (@Shados)
• 5f0476d: delay health checks until host has finished rebooting (@adamtulinius)

1.1.0

For changes see https://github.com/DBCDK/morph/milestone/1

First public release

After more than 6 months of internal use, Morph is now released to the public.