Skip to content

OpenRMF OSS v1.12 Release

Latest
Latest
Compare
Choose a tag to compare
@Cingulara Cingulara released this 19 Sep 12:12
v1.12.00
b10279e
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Version 1.12 has the following added features and fixes:

  • Added unique checklist match based on system package, hostname, checklist/STIG type, web or database, site, and instance fields
  • Updated the checklist naming to account for unique web or database fields
  • Updated Keycloak v25.0.4 KC_PROXY_HEADERS=xforwarded environment variable from KC_PROXY=edge
  • Updated Keycloak v25.0.5 theme for OpenRMF OSS
  • Updated base images for web, code
  • Updated 3rd party infrastructure images
  • Updated matching SCAP to DISA Checklist Templates on naming conventions
  • Latest DISA Templates as of September 16, 2024

If you are upgrading and have not made major configuration changes (password, HTTPS, etc.), stop the current OpenRMF® OSS stack. Then unzip the contents of the OpenRMF v1.12 ZIP file into another directory/folder.

Otherwise, the only file you need if upgrading from v1.11 is the docker-compose.yml file with the changes to updated image tags and the full path to images. There is an update to the Keycloak KC_PROXY as it got renamed and needs a new value as well. If manually editing your own docker-compose.yml please note this area.

It is a good idea to make a backup of all your files before upgrading.

Step-by-Step Instructions for Initial Setup/Installation Everyone Must Read and Apply

https://cingulara.github.io/openrmf-docs/install.html use these once you download the ZIP into its own folder.

IMPORTANT: You must look at the .env file to set the Keycloak/OpenID location and realm. Check the .env file in the OpenRMF folder you unzip to set the IP address correctly. The docker-compose stack YML files read that .env file to launch. These cannot be "localhost" or "127.0.0.1" as inside a docker container those mean that container, not the host it is running on.

This release is for AMD or Intel based 64-bit operating systems and machines. ARM machines such as Windows Surface and Raspberry Pi are not supported and do not work correctly.

Once done read over the other documents in the repo on minimum requirements, HTTPS, security, etc. as well.

What's Changed

Full Changelog: v1.11.00...v1.12.00

Contributors

Cingulara
Assets 3
Loading