Releases: IABTechLab/uid2-operator
v5.38.104
2024 Q3 Operator Release
Update to all Private Operators on all cloud providers.
Integration Guides - UID2
AWS Marketplace
GCP Confidential Space
Microsoft Azure
Integration Guides - EUID
Installation
docker pull us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator:5.38.104-gcp-oidc
docker pull ghcr.io/iabtechlab/uid2-operator:5.38.104-azure-cc
Release Notes
Advertising Token Format Change
- Advertising token format has changed from v2 to v4.
- This impacts the advertising_token JSON response field in the /token/generate and /token/refresh endpoints, or the SDKs which consume these endpoints.
- There is no impact to participants that are correctly treating these tokens as opaque strings.
- The following information is provided as informational only, as these details will change in future token versions:
- v2 tokens are 180 characters long and base64 encoded (alphanumeric characters and =, +, /).
- Example v2 token:
AgAACbZaXQwHNgkLuMHhc6QUdAddC5rFTw0ln+nh6fzMmEd+18U2X7bCxoA1YU1TxW8SA2MnX7vct4Lwku3nKAN/Z1d7I+bTO6W99ZYdJ8Dmc111+BqfPg9cCFtSW510lJuMm4IgN5UCskarj2P6ckHRBkBfkaX6QcervMT+imJKKGm/BA=
- Example v2 token:
- v4 tokens are 218 characters long and base64url encoded (alphanumeric characters and _, -).
- Example v4 token:
A4AAABG4juxqlIbJn8hFe3bWRFwe2DWAcxA-Pwa9a69Kodg4AsxWxIzGE-arhwG0_9VM6vSMNjbc1SR2pZ3jB4tKio6wy1rjPPb0wnYCOD_cgjAejQyZzKoHYmgHfacQ02tKpSBwG6GpmJ-Var2ZGHRKOSFkxiTI1bCDP_X0KM3WPolQzNm-Yy3_FzESugv6jfOrn6LqcAskqwoDxuCOw0yk1w
- Example v4 token:
- v2 tokens are 180 characters long and base64 encoded (alphanumeric characters and =, +, /).
/optout/status endpoint enabled by default:
- The endpoint POST /optout/status is now enabled by default.
- See https://unifiedid.com/docs/endpoints/post-optout-status for more information.
GCP and Azure exposes metrics endpoint:
- GCP and Azure exposes Prometheus-formatted metrics on port 9080 through the /metrics endpoint.
- See documentation for more information:
AWS base AMI upgrade
AWS base AMI has been upgraded from Amazon Linux 2 to Amazon Linux 2023.
Base Docker Images:
- Azure and GCP has been upgraded to Java 21.
- Azure and GCP are now using eclipse-temurin 21.0.4_7-jre-alpine.
Other changes:
- Added information about refresh token version in the logs.
- Various bug fixes to improve system stability.
Full Changelog: v5.37.12...v5.38.104
v5.37.12
2024 Q2 Operator Release
Update to all Private Operators on all cloud providers.
Integration Guides - UID2
AWS Marketplace
GCP Confidential Space
Microsoft Azure
Integration Guides - EUID
Installation
docker pull us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator:5.37.12-gcp-oidc
docker pull ghcr.io/iabtechlab/uid2-operator:5.37.12-azure-cc
Release Notes
Enclave logs are available
This will enhance the monitoring and troubleshooting of enclaves.
- AWS: See https://unifiedid.com/docs/guides/operator-guide-aws-marketplace.
- Log rotation is enabled by default and can be configured by participants if necessary.
- Azure: the logs are written to the container log for the uid2-operator container.
- GCP: container log redirection has been enabled. The logs will be available in Logs Explorer.
Attestation Process
The URLs for the core services now form part of the attestation process, which enhances the security of the enclaves and attestation process.
Base Docker Images
The base docker image for both GCP and Azure has been updated to eclipse-temurin 11.0.22_7-jre-alpine.
Other Changes
- The handling of expired salts has been improved.
- The Azure container resource allocation has changed to give more resources to the skr container. This resolved an issue where the Azure Operator would fail to start.
Full Changelog: v5.26.19-56899dc0d7...v5.37.12
v5.32.16
What's Changed
- Gave the skr container more cpu and memory by @thomasm-ttd in #551
- [CI Pipeline] Released Patch version: 5.32.16 by @github-actions in #552
Full Changelog: v5.32.10...v5.32.16
v5.32.10
What's Changed
- enable tls 1.3 by @Ian-Nara in #532
- [CI Pipeline] Released Minor version: 5.31.0 by @github-actions in #533
- enable tls 1.3 by @Ian-Nara in #534
- [CI Pipeline] Released Minor version: 5.32.0 by @github-actions in #535
- revert tls enable by @Ian-Nara in #542
- [CI Pipeline] Released Patch version: 5.32.4 by @github-actions in #543
- Add a delay container start by @thomasm-ttd in #540
- [CI Pipeline] Released Patch version: 5.32.10 by @github-actions in #544
Full Changelog: v5.30.0...v5.32.10
v5.30.0
What's Changed
- Update action versions to remove warnings by @thomasm-ttd in #522
- Bug Fix, Initialize Shutdown Handler For Local Run by @Ian-Nara in #525
- Removed pre-commit and trivy-secret.yaml by @gmsdelmundo in #526
- [UID2-2831] Send Site's app name in key/sharing and key/bidstream endpoints by @asloobq in #508
- [CI Pipeline] Released Minor version: 5.30.0 by @github-actions in #527
Full Changelog: v5.29.2...v5.30.0
v5.29.2
What's Changed
- CSTG: Validate app name by @mcollins-ttd in #515
- Add a validation for Azure build by @thomasm-ttd in #521
- generate with expired salts, shutdown after 12 hours by @Ian-Nara in #478
Full Changelog: v5.28.156...v5.29.2
v5.28.156
📦 Uncategorized
- Use latest version for version_number
- PR: #517
What's Changed
- Use latest version for version_number by @thomasm-ttd in #517
Full Changelog: v5.28.152-20c315dfc7...v5.28.156
v5.28.152-20c315dfc7
v5.26.19-56899dc0d7
2024 Q1 Operator Release
Update to all Private Operators on all cloud providers.
Integration Guides
AWS Marketplace
GCP Confidential Space
Microsoft Azure
Installation
docker pull us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator:5.26.19-56899dc0d7-gcp-oidc
docker pull ghcr.io/iabtechlab/uid2-operator:5.26.19-56899dc0d7-azure-cc
Release Notes
UID2 Sharing:
- In UID2, sharing is a process for distributing raw UID2s securely between UID2 participants.
- With this round of updates, UID2 sharing is now supported for Private Operators.
- For more details, please visit: https://unifiedid.com/docs/sharing/sharing-overview.
Attestation:
- The attestation token has been replaced with an industry-standard JWT token.
- The attestation process has changed to randomize the time between attestation requests to reduce the load spikes on the UID2 Core service. This has no impact on participants running Private Operators.
Logging:
- To protect confidential data, logging has been reduced and logs are redacted where necessary.
Improvements:
- The vsock proxy used by AWS Private Operators has been updated to fix a small memory leak issue.
- Client API keys are now stored as salted hashes instead of in plaintext, for better security.
Other changes:
- The POST /token/generate and POST /token/refresh responses no longer contain user_token.
Full Changelog: v5.25.56-5cb84da6f1...v5.26.19-56899dc0d7
v5.25.56-5cb84da6f1
What's Changed
- UID2-2283 - Fixed draft release creation by @gmsdelmundo in #320
- Add
ENFORCE_HTTPS
environment variable by @cYKatherine in #321 - Change allowed env override to
enforce_https
by @cYKatherine in #323 - Only add env override for
ENABLE_HTTPS
by @cYKatherine in #324 - UID2-2339 create test pipeline for gcp by @cYKatherine in #315
- Add E2E test as a part of the gcp publish pipeline by @cYKatherine in #326
- Enable CSTG domain name check for E2E public operators by @mcollins-ttd in #330
- UID2-2340 Add test pipeline for Azure by @cYKatherine in #328
- Set ad token v4 percentage to 0 for private operators by @mcollins-ttd in #336
- Update shared to allow enforce jwt by @thomasm-ttd in #338
Full Changelog: v5.25.24-84ab4e3a86...v5.25.56-5cb84da6f1