From f580b39e564d7b2457236865d123c4c19e0c8333 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Z=C3=A1vora?= <pavel.zavora@bonitoo.io>
Date: Sat, 3 Oct 2020 08:53:23 +0200
Subject: [PATCH 1/5] feat(chronograf-cli): add TLS ciphers and versions

https://github.com/influxdata/chronograf/pull/5591 introduces new options, these are required in the 1.8.7 release of chronograf
---
 content/chronograf/v1.8/tools/chronograf-cli/_index.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/content/chronograf/v1.8/tools/chronograf-cli/_index.md b/content/chronograf/v1.8/tools/chronograf-cli/_index.md
index 7e92b6ba5..0848c162c 100644
--- a/content/chronograf/v1.8/tools/chronograf-cli/_index.md
+++ b/content/chronograf/v1.8/tools/chronograf-cli/_index.md
@@ -53,6 +53,9 @@ chronograf [flags]
 |:---------|:------------------------------------------------------------|:--------------------|
 | `--cert` | File path to PEM-encoded public key certificate            | `$TLS_CERTIFICATE` |
 | `--key` | File path to private key associated with given certificate | `$TLS_PRIVATE_KEY` |
+| `--tls-ciphers` | Comma-separated list of cipher suites to use. Use 'help' cipher to print available ciphers. | `$TLS_CIPHERS` |
+| `--tls-min-version` | Minimum version of the TLS protocol that will be negotiated. (default: 1.2) | `$TLS_MIN_VERSION` |
+| `--tls-max-version` | Maximum version of the TLS protocol that will be negotiated. | `$TLS_MAX_VERSION` |
 
 ## Other service option flags
 

From 954102793766ff7c99e4ac235f2f14831ae37c45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Z=C3=A1vora?= <pavel.zavora@bonitoo.io>
Date: Mon, 5 Oct 2020 19:15:00 +0200
Subject: [PATCH 2/5] chore: apply review of
 content/chronograf/v1.8/tools/chronograf-cli/_index.md

Co-authored-by: pierwill <19642016+pierwill@users.noreply.github.com>
---
 content/chronograf/v1.8/tools/chronograf-cli/_index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/chronograf/v1.8/tools/chronograf-cli/_index.md b/content/chronograf/v1.8/tools/chronograf-cli/_index.md
index 0848c162c..890851594 100644
--- a/content/chronograf/v1.8/tools/chronograf-cli/_index.md
+++ b/content/chronograf/v1.8/tools/chronograf-cli/_index.md
@@ -53,7 +53,7 @@ chronograf [flags]
 |:---------|:------------------------------------------------------------|:--------------------|
 | `--cert` | File path to PEM-encoded public key certificate            | `$TLS_CERTIFICATE` |
 | `--key` | File path to private key associated with given certificate | `$TLS_PRIVATE_KEY` |
-| `--tls-ciphers` | Comma-separated list of cipher suites to use. Use 'help' cipher to print available ciphers. | `$TLS_CIPHERS` |
+| `--tls-ciphers` | Comma-separated list of supported cipher suites. Use `help` to print available ciphers. | `$TLS_CIPHERS` |
 | `--tls-min-version` | Minimum version of the TLS protocol that will be negotiated. (default: 1.2) | `$TLS_MIN_VERSION` |
 | `--tls-max-version` | Maximum version of the TLS protocol that will be negotiated. | `$TLS_MAX_VERSION` |
 

From f5c3023fe2c0e39fdfc7b786e043e257f21bc4e9 Mon Sep 17 00:00:00 2001
From: noramullen1 <42354779+noramullen1@users.noreply.github.com>
Date: Tue, 6 Oct 2020 16:01:44 -0700
Subject: [PATCH 3/5] Add changelog for 1.8.7

---
 .../release-notes-changelog.md                | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/content/chronograf/v1.8/about_the_project/release-notes-changelog.md b/content/chronograf/v1.8/about_the_project/release-notes-changelog.md
index 2de79dc2a..60b9c7cf8 100644
--- a/content/chronograf/v1.8/about_the_project/release-notes-changelog.md
+++ b/content/chronograf/v1.8/about_the_project/release-notes-changelog.md
@@ -8,6 +8,30 @@ menu:
     parent: About the project
 ---
 
+## v.1.8.7 [2020-10-06]
+
+{{% warn %}}
+This release includes breaking changes:
+TLS1.2 is now the default minimum required TLS version. If you have clients that require older TLS versions, use one of the following when starting Chronograf:
+  - The `--tls-min-version=1.1` option
+  - The `TLS_MIN_VERSION=1.1` environment variable
+{{% /warn %}}
+
+## Features
+- Allow to configure HTTP basic access authentication.
+- Allow setting token-prefix in Alerta configuration.
+- Make session inactivity duration configurable.
+- Allow configuration of TLS ciphers and versions.
+
+## Bug Fixes
+- Disable default dashboard auto-refresh.
+- Fix to user migration.
+- Add `isPresent` filter to rule TICKscript.
+- Make vertical scrollbar visible when rows overflow in TableGraph.
+- Upgrade `papaparse` to 5.3.0.
+- Require well-formatted commit messages in pull request.
+- Upgrade `node` to v12.
+
 ## v1.8.6 [2020-08-27]
 
 ### Features

From 2900d72d5fac6c7add8d3b5d01487f25a86a281b Mon Sep 17 00:00:00 2001
From: pierwill <pierwill@users.noreply.github.com>
Date: Wed, 7 Oct 2020 10:21:14 -0700
Subject: [PATCH 4/5] Document Chronograf inactivity duration option

---
 content/chronograf/v1.8/administration/config-options.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/content/chronograf/v1.8/administration/config-options.md b/content/chronograf/v1.8/administration/config-options.md
index 474ee0246..7bf7d4a43 100644
--- a/content/chronograf/v1.8/administration/config-options.md
+++ b/content/chronograf/v1.8/administration/config-options.md
@@ -280,6 +280,14 @@ Environment variable: `$HOST_PAGE_DISABLED=true`
 
 ### General authentication options
 
+#### `--inactivity-duration=`
+
+The duration that a token is valid without any new activity.
+
+Default value: `5m`
+
+Environment variable: `$INACTIVITY_DURATION`
+
 #### `--token-secret=` | `-t`
 
 The secret for signing tokens.

From ee515e4c1e6bba1b191834aef862159e688ad165 Mon Sep 17 00:00:00 2001
From: pierwill <pierwill@users.noreply.github.com>
Date: Wed, 7 Oct 2020 14:32:56 -0700
Subject: [PATCH 5/5] Alphabatize Chronograf authentication options

---
 .../v1.8/administration/config-options.md     | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/content/chronograf/v1.8/administration/config-options.md b/content/chronograf/v1.8/administration/config-options.md
index 7bf7d4a43..e518eff95 100644
--- a/content/chronograf/v1.8/administration/config-options.md
+++ b/content/chronograf/v1.8/administration/config-options.md
@@ -280,20 +280,6 @@ Environment variable: `$HOST_PAGE_DISABLED=true`
 
 ### General authentication options
 
-#### `--inactivity-duration=`
-
-The duration that a token is valid without any new activity.
-
-Default value: `5m`
-
-Environment variable: `$INACTIVITY_DURATION`
-
-#### `--token-secret=` | `-t`
-
-The secret for signing tokens.
-
-Environment variable: `$TOKEN_SECRET`
-
 #### `--auth-duration=`
 
 The total duration (in hours) of cookie life for authentication.
@@ -304,6 +290,14 @@ Authentication expires on browser close when `--auth-duration=0`.
 
 Environment variable: `$AUTH_DURATION`
 
+#### `--inactivity-duration=`
+
+The duration that a token is valid without any new activity.
+
+Default value: `5m`
+
+Environment variable: `$INACTIVITY_DURATION`
+
 #### `--public-url=`
 
 The public URL required to access Chronograf using a web browser. For example, if you access Chronograf using the default URL, the public URL value would be `http://localhost:8888`.
@@ -311,6 +305,12 @@ Required for Google OAuth 2.0 authentication. Used for Auth0 and some generic OA
 
 Environment variable: `$PUBLIC_URL`
 
+#### `--token-secret=` | `-t`
+
+The secret for signing tokens.
+
+Environment variable: `$TOKEN_SECRET`
+
 
 ### GitHub-specific OAuth 2.0 authentication options