wonderfully unique software solutions

Octopus Deploy deprecates Server authentication, certifies with HashiCorp

Devops-focused config management company Octopus Deploy has rounded off November with a trio of updates — affecting Octopus Server developers, HashiCorp Vault users, and its Tentacle Windows agent service.

According to Robert Erez, writing for Octopus Deploy, Octopus Server is deprecating support for BYO authentication mechanisms, affecting those who have built and installed custom authentication extensions.

“Opening the authentication pipeline for customisation was a win-win; our customers could ensure the system worked precisely as required for their organisation, and we could relieve some pressure supporting all the different mechanisms required,” Erez explained in a blog post.

“As we’ve grown, some of our previous assumptions haven’t had the desired impact, but instead caused unwanted side effects.”

By breaking up the Octopus Server responsibilities, Octopus is decoupling parts of the system from one another, potentially speeding up development cycles, he said.

In attempting to isolate Octopus dependencies out into separate libraries to open source authentication, development across dependencies became more difficult, Erez said.

Temporary work-arounds are being provided until the end of 2023 via new versions of Octopus Server from 2022.4 — affecting new environment variables, updated identities, and custom route handlers.

“To improve our delivery process and strengthen the safety checks for authentication providers, we plan to fully deprecate the ability to BYO authentication into Octopus Deploy by the end of 2023,” Erez said.

In other news, the developer has become a certified partner of open-source cloud applications developer HashiCorp, which means the former’s external secrets storage templates for HashiCorp Vault.

According to Octopus Deploy’s Mark Harrison, this can streamline secrets management for customers.

“Octopus has supported the concept of sensitive variables since Octopus 2.0, but customers asked about support for secret managers,” Harrison wrote.

Additionally, Octopus Deploy is moving its lightweight Windows agent service Tentacle to .NET Framework 4.8 for the Windows installer only, and .NET 6 for “everything else” including the Windows Docker image from 13 December, due to earlier .NET versions hitting end of support, says the company’s Ian Khor.

“We’ll compile Tentacle for .NET 6 and .NET Framework 4.8, as there are still many deployment targets using different versions of Windows 7 and 8 (including Windows 7 SP1 and Windows Server 2008 SP2), which need a supported .NET version for the short to medium term,” he writes.

( Photo by Tim Mossholder on Unsplash)

Recent Articles

CoreView expects further sales growth as Microsoft launches ‘disruptive’ tools

Microsoft 365 (M365) management software vendor CoreView is gearing up for greater demand, predicted to be fuelled further by AI adoption via...

Keeper Security expands global reach with new investments in zero-trust security

Keeper Security has opened an Asia-Pacific (APAC) headquarters in Japan, reflecting increased global interest and investment in unified, zero-trust enterprise passwords, secrets...

iSpring follows Salesforce integration with Albato no-code automation

Edtech software vendor iSpring Solutions has announced integration of the iSpring Learn learning management system (LMS) with no-code automation from Albato, expanding...

Cybersecurity alignment can help drive business success: Delinea

Business leaders often overlook the role of cybersecurity in business success, according to privileged access management (PAM) software provider Delinea.

Patch Tuesday targets zero-day vulnerabilities every month, warns Automox

Monthly 'Patch Tuesday' reports have recorded 11 months in a row of zero-day vulnerabilities, according to an update from patch management vendor...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox