Releases: SparebankenVest/azure-key-vault-to-kubernetes
Releases · SparebankenVest/azure-key-vault-to-kubernetes
What's Changed
- build(deps): bump from 0.18.0 to 0.23.0 in /tools by @dependabot in #705
- Fix issue related to multiarch build, the app has now been tested on both linux/amd64 as well as linux/arm64 architecture
Full Changelog: 1.7.2...1.7.3
Fixing issue where multiarch builds werent correctly pushed to Dockerhub
build(deps): bump from 0.16.1 to 0.20.2 by in #754
Full Changelog: 1.7.0...webhook-1.7.1
What's Changed
- Fixing issue where multiarch builds werent correctly pushed to Dockerhub
- build(deps): bump from 0.16.1 to 0.20.2 by @dependabot in #754
Full Changelog: 1.7.0...webhook-1.7.1
What's Changed
- Updated to Go 1.23.1
- Bumped Base Image to Alpine:3.20.3
- Build docker images for linux/amd64 and linux/arm64 by @Olsenius in #477
- Update Dockerfile to address CVEs in alpine linux by @kristianjaeger in #694
- Security updates to fix all known CVEs in the app
New Contributors
- @Olsenius made their first contribution in #477
- @andreasthuen made their first contribution in #741
- @kristianjaeger made their first contribution in #694
Full Changelog: 1.6.0...1.7.0
What's Changed
- Upgrade k8s 0.28.3
- Upgrade go 1.21
- Do not mutate pod spec security context by @tspearconquest in #592
- Don't set default UID and GID for injected containers by @erdeiattila in #594
- azure-keyvault-controller: restrict Kubernetes event generation to changes by @erdeiattila in #604
- Fix CVE-2023-39325 by bumping Go to 1.21.3 by @tspearconquest in #621
- Add support for setting seccomp profile and allow privilege escalatio… by @tspearconquest in #622
- Use registry authentication for azure sp credentials, when authType i… by @abhilashjoseph in #631
Helm chart
- Remove unneeded role and rolebinding definitions from controller by @tspearconquest in SparebankenVest/public-helm-charts#117
Chart and Image versions
Type | Component | Version |
Helm Chart | akv2k8s | 2.6.0 |
Docker Image | spvest/azure-keyvault-controller | 1.6.0 |
Docker Image | spvest/azure-keyvault-webhook | 1.6.0 |
Docker Image | spvest/azure-keyvault-env | 1.6.0 |
New Contributors
- @erdeiattila made their first contribution in #594
- @abhilashjoseph made their first contribution in #631
Full Changelog: 1.5.0...1.6.0
What's Changed
- 👀 Add support for workload identity by @cgroschupp in #442
- Authentication service secret efficiency change by @waterfoul in #437
- Increment counter for failed sync by @timbuchinger in #450
- Fix env lookup regex in env injector by @181192 in #456
- Fix regex and match group for env lookup akvs by @181192 in #475
- Pass environmental key vault suffix to client by @laozc in #524
- Increment Prometheus counter for keyvault sync failures by @sdwerwed in #525
- Fixes secret not found when label selector is set by @laozc in #366
- Fix some typos and add additional debug info to a couple of error mes… by @tspearconquest in #560
- 👀 Added SecurityContext capabilities. by @YouJinTou in #548
- Expose init container image pull policy by @181192 in #561
- Always serve /healthz endpoint for controller by @181192 in #562
Helm chart
- Remove unused 'ca.crt' key from 'Secret' resources by @tspearconquest in SparebankenVest/public-helm-charts#87
- Add labels to controller service account by @cgroschupp in SparebankenVest/public-helm-charts#84
- Fix controller labels indention fixes SparebankenVest/public-helm-charts#88 by @181192 in SparebankenVest/public-helm-charts#89
- Add labels to env-injector service account by @181192 in SparebankenVest/public-helm-charts#90
- Allow patch and update to azurekeyvaultsecrets/finalizers by @kptranum in SparebankenVest/public-helm-charts#95
- Adds probes to the controler and liveness probe to the env-injector by @LennartTimmers in SparebankenVest/public-helm-charts#99
- Initial implementation of custom RBAC subjects for environment injector by @tspearconquest in SparebankenVest/public-helm-charts#107
- Fix broken volumeMount when userDefinedMSI is enabled by @KenADev in SparebankenVest/public-helm-charts#109
- Support user-defined deployment strategies to allow setting custom ma… by @tspearconquest in SparebankenVest/public-helm-charts#110
- Allow deploying RBAC resources when controller and env_injector are disabled to support separation of privileges by @tspearconquest in SparebankenVest/public-helm-charts#112
- Remove leftover podsecuritypolicy references by @tspearconquest in SparebankenVest/public-helm-charts#113
Chart and Image versions
Type | Component | Version |
Helm Chart | akv2k8s | 2.5.0 |
Docker Image | spvest/azure-keyvault-controller | 1.5.0 |
Docker Image | spvest/azure-keyvault-webhook | 1.5.0 |
Docker Image | spvest/azure-keyvault-env | 1.5.0 |
New Contributors
- @waterfoul made their first contribution in #437
- @timbuchinger made their first contribution in #450
- @cgroschupp made their first contribution in #442
- @sdwerwed made their first contribution in #525
- @YouJinTou made their first contribution in #548
- @tspearconquest made their first contribution in SparebankenVest/public-helm-charts#87
- @cgroschupp made their first contribution in SparebankenVest/public-helm-charts#84
- @kptranum made their first contribution in SparebankenVest/public-helm-charts#95
- @LennartTimmers made their first contribution in SparebankenVest/public-helm-charts#99
- @KenADev made their first contribution in SparebankenVest/public-helm-charts#109
Full Changelog: 1.4.0...1.5.0
What's Changed
- Upgrade dependencies
- Upgrade Go 1.19
Helm chart
- Allow older policy apiversion by @Firgeis in SparebankenVest/public-helm-charts#74
- env-injector-deployment imagePullSecrets by @DanielBronk in SparebankenVest/public-helm-charts#72
- Add possibility to run deployment as non root with custom MSI by @eegseth in SparebankenVest/public-helm-charts#73
- Allow setting custom resync periods from helm by @PsychoNineSix in SparebankenVest/public-helm-charts#76
- Allow for setting custom annotations of ServiceAccounts by @lukipro in SparebankenVest/public-helm-charts#83
- Update Chart.yaml by @iamraj007 in SparebankenVest/public-helm-charts#80
Chart and Image versions
Type | Component | Version |
Helm Chart | akv2k8s | 2.3.0 |
Docker Image | spvest/azure-keyvault-controller | 1.4.0 |
Docker Image | spvest/azure-keyvault-webhook | 1.4.0 |
Docker Image | spvest/azure-keyvault-env | 1.4.0 |
Full Changelog: 1.3.1...1.4.0
What's Changed
- Authentication service secret efficiency change by @waterfoul in #437
New Contributors
- @waterfoul made their first contribution in #437
Full Changelog: 1.4.0...webhook-1.4.1
What's Changed
- Patch golang x/net vulnerability by @tspearconquest in #418
New Contributors
- @tspearconquest made their first contribution in #418
Full Changelog: controller-1.3.2...controller-1.3.3