Merge pull request #1623 from influxdata/chronograf-187

Chronograf 187

content/chronograf/v1.8/about_the_project/release-notes-changelog.md

@@ -8,6 +8,30 @@ menu:
     parent: About the project
 ---
 
+## v.1.8.7 [2020-10-06]
+
+{{% warn %}}
+This release includes breaking changes:
+TLS1.2 is now the default minimum required TLS version. If you have clients that require older TLS versions, use one of the following when starting Chronograf:
+  - The `--tls-min-version=1.1` option
+  - The `TLS_MIN_VERSION=1.1` environment variable
+{{% /warn %}}
+
+## Features
+- Allow to configure HTTP basic access authentication.
+- Allow setting token-prefix in Alerta configuration.
+- Make session inactivity duration configurable.
+- Allow configuration of TLS ciphers and versions.
+
+## Bug Fixes
+- Disable default dashboard auto-refresh.
+- Fix to user migration.
+- Add `isPresent` filter to rule TICKscript.
+- Make vertical scrollbar visible when rows overflow in TableGraph.
+- Upgrade `papaparse` to 5.3.0.
+- Require well-formatted commit messages in pull request.
+- Upgrade `node` to v12.
+
 ## v1.8.6 [2020-08-27]
 
 ### Features

content/chronograf/v1.8/administration/config-options.md

@@ -280,12 +280,6 @@ Environment variable: `$HOST_PAGE_DISABLED=true`
 
 ### General authentication options
 
-#### `--token-secret=` | `-t`
-
-The secret for signing tokens.
-
-Environment variable: `$TOKEN_SECRET`
-
 #### `--auth-duration=`
 
 The total duration (in hours) of cookie life for authentication.
@@ -296,6 +290,14 @@ Authentication expires on browser close when `--auth-duration=0`.
 
 Environment variable: `$AUTH_DURATION`
 
+#### `--inactivity-duration=`
+
+The duration that a token is valid without any new activity.
+
+Default value: `5m`
+
+Environment variable: `$INACTIVITY_DURATION`
+
 #### `--public-url=`
 
 The public URL required to access Chronograf using a web browser. For example, if you access Chronograf using the default URL, the public URL value would be `http://localhost:8888`.
@@ -303,6 +305,12 @@ Required for Google OAuth 2.0 authentication. Used for Auth0 and some generic OA
 
 Environment variable: `$PUBLIC_URL`
 
+#### `--token-secret=` | `-t`
+
+The secret for signing tokens.
+
+Environment variable: `$TOKEN_SECRET`
+
 
 ### GitHub-specific OAuth 2.0 authentication options
 

content/chronograf/v1.8/tools/chronograf-cli/_index.md

@@ -53,6 +53,9 @@ chronograf [flags]
 |:---------|:------------------------------------------------------------|:--------------------|
 | `--cert` | File path to PEM-encoded public key certificate            | `$TLS_CERTIFICATE` |
 | `--key` | File path to private key associated with given certificate | `$TLS_PRIVATE_KEY` |
+| `--tls-ciphers` | Comma-separated list of supported cipher suites. Use `help` to print available ciphers. | `$TLS_CIPHERS` |
+| `--tls-min-version` | Minimum version of the TLS protocol that will be negotiated. (default: 1.2) | `$TLS_MIN_VERSION` |
+| `--tls-max-version` | Maximum version of the TLS protocol that will be negotiated. | `$TLS_MAX_VERSION` |
 
 ## Other service option flags