Promitor Changelog

Moving container images from Docker Hub to GitHub Container Registry

Deprecated as of Janurary 1st, 2021 and newer versions will be published to GitHub Container Registry only

Promitor provides Docker images to deploy agents on any container orchestrator supporting either Linux or Windows. You can find them on Docker Hub and easily pull them on your nodes.

In 2020, however, Docker Hub announced changes to their image retention & rate limiting which can impact Promitor customers which is why we are moving our images to GitHub Container Registry.

This allows us to bring our artifacts closer to the project itself and improve how we manage Promitor.

Announcement: GitHub Issue

Impact: Migration is required for newer versions - Use our new Docker images on GitHub Container Registry.

Alternative: None

Discussion: GitHub Discussions

Service Principle identity is moved to runtime configuration

Deprecated as of April 5th, 2021 and will be removed in new major version

Promitor has been using service principle authentication from its inception where the identity inforation was configured through the following environment variables:

  • PROMITOR_AUTH_APPKEY
  • PROMITOR_AUTH_APPID

However, as of Promitor Scraper v2.2.0 & Resource Discovery v0.3.0, users can choose how agents authenticate to Microsoft Azure by declaring the authentication mode in the server configuration:

authentication:
  # Options are ServicePrincipal, SystemAssignedManagedIdentity, UserAssignedManagedIdentity.
  mode: ServicePrincipal
  identityId: xxxx-xxxx-xxxx

With this new approach, users can use Managed Identity authentication leveraging no-secret authentication or keep on using Service Principle authentication.

Announcement: GitHub Issue

Impact: Migration is required - Use the authentication configuration to specify Service Principle authentication and configure the identity id in the server configuration.

Alternative: None

Discussion: GitHub Discussions

Scraper

None.

Resource Discovery

None.

Scraper - v2.11.1

released on 2024-02-29
  • changed Migrate to .NET 8
  • security Patch for CVE-2024-21386 (Critical - CVE Report)
  • security Patch for CVE-2023-36414 (High - CVE Report)
  • security Patch for CVE-2023-4911 (High - CVE Report)
  • security Patch for CVE-2023-5156 (High - CVE Report)
  • security Patch for CVE-2023-4039 (Medium - CVE Report)
  • security Patch for CVE-2023-4806 (Medium - CVE Report)

Full release notes can be found here.

Resource Discovery - v0.11.1

released on 2024-02-29
  • changed Migrate to .NET 8
  • security Patch for CVE-2024-21386 (Critical - CVE Report)
  • security Patch for CVE-2023-36414 (High - CVE Report)
  • security Patch for CVE-2023-4911 (High - CVE Report)
  • security Patch for CVE-2023-5156 (High - CVE Report)
  • security Patch for CVE-2023-4039 (Medium - CVE Report)
  • security Patch for CVE-2023-4806 (Medium - CVE Report)

Full release notes can be found here.

Scraper - v2.11.0

released on 2023-09-25
  • added Provide support for Azure PowerBI Dedicated (docs)
  • fixed Provide missing functionality for multi-dimension scraping in StatsD sink.
  • security Patch for CVE-2023-33170 (High - CVE Report)
  • security Patch for CVE-2023-36799 (Medium - CVE Report)
  • security Patch for CVE-2023-36054 (Medium - CVE Report)
  • security Patch for CVE-2023-3817 (Medium - CVE Report)
  • security Patch for CVE-2023-2650 (Medium - CVE Report)

Full release notes can be found here.

Resource Discovery - v0.11.0

released on 2023-09-25
  • added Provide support for Azure PowerBI Dedicated (docs)
  • security Patch for CVE-2023-33170 (High - CVE Report)
  • security Patch for CVE-2023-36799 (Medium - CVE Report)
  • security Patch for CVE-2023-36054 (Medium - CVE Report)
  • security Patch for CVE-2023-3817 (Medium - CVE Report)
  • security Patch for CVE-2023-2650 (Medium - CVE Report)

Full release notes can be found here.

Scraper - v2.10.0

released on 2023-07-29
  • fixed Improve handling of time series with missing dimensions that are requested (#2331)
  • added Provide support for all label scenarios in StatsD & OpenTelemetry metric sink. This includes dimensions, customer & default labels.
  • added Provide support for scraping multiple metrics dimensions.
  • changed Switch to Mariner distroless base images
  • security Patch for CVE-2023-29331 (High)
  • deprecated Support for scraping single metric dimension by using metrics[x].azureMetricConfiguration.dimension.

Full release notes can be found here.

Resource Discovery - v0.10.0

released on 2023-07-29
  • changed Switch to Mariner distroless base images
  • security Patch for CVE-2023-29331 (High)

Full release notes can be found here.

Scraper - v2.9.1

released on 2023-03-20

Full release notes can be found here.

Resource Discovery - v0.9.1

released on 2023-03-20

Full release notes can be found here.

Scraper - v2.9.0

released on 2023-03-24
  • added Provide Public IP Address scraper (docs)
  • added Provide Azure Traffic Manager scraper (docs)
  • added Provide Azure Log Analytics scraper (docs)
  • added Provide Azure Data Explorer Cluster scraper (docs)
  • added Provide Azure NAT Gateway scraper (docs)
  • added Provide capability to read Azure AD service principal secret from a file (docs)
  • added Provide option to use a User Assigned Managed Identity without specifying the Client ID
  • added Provide custom formatting for emitting metrics using StatsD sink in Geneva format
  • added Provide container vulnerability scanning in CI
  • security Patch for CVE-2023-0286 (Critical | Base image)
  • security Patch for CVE-2023-0215 (Critical | Base image)
  • security Patch for CVE-2022-41032 (High)
  • security Patch for CVE-2022-4450 (High | Base image)
  • security Patch for CVE-2023-0215 (High | Base image)
  • security Patch for CVE-2022-42898 (High | Base image)
  • security Patch for CVE-2022-4304 (Moderate | Base image)
  • fixed Fixed a bug where startup throws scheduling exception due to metric misconfiguration
  • fixed Fixed a bug where resource discovery for Azure Container Instances was not working
  • fixed Fixed a bug where Promitor was reported as unknown_service:dotnet job in OpenTelemetry Collector
  • fixed Fixed a bug where OpenTelemetry sink had concurrency issues
  • changed Migrate to .NET 7
  • changed Migrate Resharper code quality check to GitHub Actions

Full release notes can be found here.

Resource Discovery - v0.9.0

released on 2023-03-24
  • added Provide Public IP Address scraper (docs)
  • added Provide Azure Traffic Manager scraper (docs)
  • added Provide Azure Log Analytics scraper (docs)
  • added Provide Azure Data Explorer Cluster scraper (docs)
  • added Provide Azure NAT Gateway scraper (docs)
  • added Provide capability to read Azure AD service principal secret from a file (docs)
  • added Provide option to use a User Assigned Managed Identity without specifying the Client ID
  • added Provide container vulnerability scanning in CI
  • security Patch for CVE-2022-37434 (Critical | Base image)
  • security Patch for CVE-2021-42377 (Critical | Base image)
  • security Patch for CVE-2022-38013 (High)
  • security Patch for CVE-2022-41032 (High)
  • security Patch for CVE-2023-0215 (High | Base image)
  • security Patch for CVE-2022-2097 (High | Base image)
  • security Patch for CVE-2021-42373 (High | Base image)
  • security Patch for CVE-2022-34716 (Moderate)
  • security Patch for CVE-2022-4304 (Moderate | Base image)
  • changed Migrate to .NET 7
  • changed Migrate Resharper code quality check to GitHub Actions

Full release notes can be found here.