Releases: SparebankenVest/azure-key-vault-to-kubernetes
Release 1.0.2
Unfortunately we had to patch away the functionality in the env-injector for removing sensitive files. The previous implementation caused issues if a pod crashed after initial startup and was unable to recover (because the filles needed where no longer present). We are currently working on a better and more secure solution, which will be released as soon as we can.
Helm Chart versions
We have bumped all versions, but only the env-injector has changed.
controller: 1.0.2 (app v: 1.0.2)
env-injector: 1.0.2 (app v: 1.0.2)
Installation / Upgrade
Release 1.0.1
Patch relates to fix issue where AzureGermanCloud was mixed with AzureUSGovernmentCloud. Thanks to @theogq ❗️ for letting us know.
Helm Chart versions
controller: 1.0.1 (app v: 1.0.1)
env-injector: 1.0.1 (app v: 1.0.1)
Installation / Upgrade
Version 1.0.0
Fixed all known critical issues and it was time to go to v1.0.0! 🎉
New features:
- [docs] New documentation portal at https://akv2k8s.io
- [env-injector] Improved logging
- [env-injector] Prometheus metrics
- [env-injector] Retry (up to 3 times) if fail to access AzureKeyVaultSecret on first try (ref: #34 )
- [env-injector] Support getting raw certificate (
?raw
) - [controller & env-injector] Support all Azure environments (public, china, german, us-gov) - thanks @mayong43111 ❗️
Fixed:
- [env-injector] Custom authentication
- [env-injector] Delete sensitive files
- [env-injector] Not map host volume for azure.json when using custom auth
- [env-injector] Canonical names for Docker images
- [controller] Use optional param for --cloudconfig (was hardcoded) - thanks @reiniertimmer ❗️
Helm Chart versions
controller: 1.0.0 (app v: 1.0.0)
env-injector: 1.0.0 (app v: 1.0.0)
Installation / Upgrade
Version 0.1.15
This release fixes a timeout issue in the env-injector. All Docker images are updated with new version number to keep versions in sync.
Fixed:
- [env-injector] Fixed timeout issue when downloading Docker images
Chart versions
controller: 0.1.22 (image versions: 0.1.15)
env-injector: 0.1.4 (image versions: 0.1.15)
Installation
Azure Key Vault Controller: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-controller
Azure Key Vault Env Injector: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-env-injector
Version 0.1.14
This release contains fixes and improvements for both the controller and env-injector.
Fixed:
- [controller] Fixed issue where cloudconfig parameter was not used to load azure cloud config file (contributed by @reiniertimmer)
Improvements:
- [controller & env-injector] Get all public keys (key chain)
- [controller] When referencing a Certificate in AKV and Kubernetes secret type is Opaque, add the base64 encoded raw cert to Kubernetes secret
- [controller] If private key is available for AKV certificate, export private key for both Kubernetes TLS and Opaque secret types
Documentation improvements:
- Documented known issue when CA certs are missing
- Corrected wrong reference to Kubernetes secret type for TLS (should be kubernetes.io/tls)
- Documented that the env-injector needs to be explicitly enabled per namespace
- Documented requirement for RBAC enabled cluster
Chart versions
controller: 0.1.20 (image versions: 0.1.14)
env-injector: 0.1.3 (image versions: 0.1.14)
Installation
Azure Key Vault Controller: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-controller
Azure Key Vault Env Injector: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-env-injector
Version 0.1.10
This release contains fixes and improvement for the env-injector. The controller is unchanged.
Fixed:
- [env-injector] Inspecting docker image sometimes failed when trying to find cmd/entrypoint
- [env-injector] Errors with non-canonical images (eg
busybox:0.1.31
and notdocker.io/library/busybox:0.1.31
) solved - [env-injector] In some special cases an unhandled error caused mutation to continue, when it should have stopped, resulting in containers starting without injecting env vars
Improvements:
- [env-injector] Better logging with timestamps
Chart versions
controller: 0.1.19 (image versions: 0.1.8)
env-injector: 0.1.2 (image versions: 0.1.10)
Installation
Azure Key Vault Controller: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-controller
Azure Key Vault Env Injector: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-env-injector
First public release
This is the first public release of Azure Key Vault Controller and Azure Key Vault Env Injector.
Install with Helm:
Azure Key Vault Controller: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-controller
Azure Key Vault Env Injector: https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/azure-key-vault-env-injector
Initial Alpha Release
This is the first release of the Kubernetes Azure Key Vault Controller.
Image: spvest/azure-keyvault-controller:0.1.0-alpha.1
Synchronize Azure Key Vault Secrets, Certificates and Keys as Kubernetes Secrets