Releases: hashicorp/vault-secrets-operator
Releases · hashicorp/vault-secrets-operator
v0.4.3
0.4.3 (January 10th, 2024)
Fix:
- Helm: rename and truncate the pre-delete cleanup job to 63 characters: GH-506
- VDS: remediate deleted destination secret: GH-532
- Update paused deployment error message: GH-528
- VC: provide default value for spec.skipTLSVerify: GH-527
- CCS: ensure invalid storage objects are deleted: GH-525
- VDS: Log and record Vault request failures: GH-508
- VPS: Sync on any update: GH-479
Dependency Updates:
- update go version to fix CVE-2023-45284,CVE-2023-39326,CVE-2023-48795: GH-541
- Bump google.golang.org/api from 0.154.0 to 0.155.0: GH-542
- Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0: GH-540
- Bump github.com/go-openapi/strfmt from 0.21.9 to 0.22.0: GH-539
- Bump github.com/go-logr/logr from 1.3.0 to 1.4.1: GH-536
- Bump golang.org/x/crypto from 0.16.0 to 0.17.0: GH-524
- Bump k8s.io/client-go from 0.28.4 to 0.29.0: GH-523
- Bump google.golang.org/api from 0.153.0 to 0.154.0: GH-522
- Bump github.com/hashicorp/go-hclog from 1.6.1 to 1.6.2: GH-521
- Bump github.com/google/uuid from 1.4.0 to 1.5.0: GH-520
- Bump ubi9/ubi-minimal from 9.3-1361.1699548032 to 9.3-1475: GH-516
- Bump ubi9/ubi-micro from 9.3-6 to 9.3-9: GH-515
- Bump github.com/go-openapi/strfmt from 0.21.8 to 0.21.9: GH-514
- Bump github.com/hashicorp/go-hclog from 1.5.0 to 1.6.1: GH-513
- Bump github.com/go-openapi/runtime from 0.26.0 to 0.26.2: GH-512
- Bump github.com/gruntwork-io/terratest from 0.46.6 to 0.46.8: GH-497
- Bump google.golang.org/api from 0.152.0 to 0.153.0: GH-496
v0.4.2
0.4.2 (December 7th, 2023)
Important:
- This release corrects a failed release of v0.4.1 to OpenShift's OperatorHub. It should be used in place of v0.4.1.
- When upgrading directly from 0.4.0 or below using Helm, please follow updating-crds.
Fix:
- Include viewer and editor RBAC roles in the chart: GH-501
- Build: image/ubi: add separate target and build job for RedHat: GH-503
Dependency Updates:
v0.4.1
0.4.1 (December 4th, 2023)
Important: this release contains CRD schema changes that must be applied manually when deploying VSO with Helm. Please see updating-crds for more details.
Improvements:
- Manager: setting
controller.manager.maxConcurrentReconcilesnow applies to all Syncable Secret controllers. The previous flag for the manager--max-concurrent-reconciles-vdsis now deprecated and replaced by--max-concurrent-reconcileswhich applies to all controllers. GH-483
Fix:
- Helm: prefix all helper functions with
vsoto avoid subchart name collisions: GH-487 - VSS: Ensure all resource updates are synced: GH-492
- VDS: Fix compute static-creds rotation horizon: GH-488
Dependency Updates:
v0.4.0
0.4.0 (November 16th, 2023)
Features:
- VaultAuth: Support for the GCP authentication method when using GKE workload identity: GH-411
- VDS: Support rotation for non-renewable secrets: GH-397
Fix:
- Remove unneeded instantiation of the VSO ConfigMap watcher: GH-446
- VDS: Correctly compute the lease renewal horizon after a new VSO leader has been elected and the lease is still within its renewal window: GH-397
Dependency Updates:
- Upgrade kube-rbac-proxy to v0.15.0: GH-458
- Bump github.com/onsi/gomega from 1.29.0 to 1.30.0: GH-456
- Bump github.com/gruntwork-io/terratest from 0.46.5 to 0.46.6: GH-455
- Bump google.golang.org/api from 0.149.0 to 0.150.0: GH-454
- Bump ubi9/ubi-minimal from 9.2-750.1697625013 to 9.3-1361.1699548032: GH-444 GH-460
- Bump ubi9/ubi-micro from 9.2-15.1696515526 to 9.3-6: GH-443
- Bump github.com/gruntwork-io/terratest from 0.46.1 to 0.46.5: GH-440
- Bump google.golang.org/api from 0.148.0 to 0.149.0: GH-439
- Bump github.com/go-logr/logr from 1.2.4 to 1.3.0: GH-435
- Bump github.com/google/uuid from 1.3.1 to 1.4.0: GH-434
- Bump github.com/onsi/gomega from 1.28.1 to 1.29.0: GH-433
- Bump google.golang.org/grpc from 1.57.0 to 1.57.1: GH-428
- Bump k8s.io/apimachinery from 0.28.2 to 0.28.3: GH-421
- Bump github.com/onsi/gomega from 1.28.0 to 1.28.1: GH-420
- Bump k8s.io/api from 0.28.2 to 0.28.3: GH-419
- Bump github.com/gruntwork-io/terratest from 0.46.0 to 0.46.1: GH-418
- Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3: GH-417
v0.3.4
v0.3.3
0.3.3 (October 17th, 2023)
Fix:
- Important security update to address some Golang vulnerabilities GH-414
Dependency Updates:
- Upgrade kube-rbac-proxy to v0.14.4 for CVE-2023-39325 GH-414
- Bump to Go 1.21.3 for CVE-2023-39325: GH-408
- Bump github.com/hashicorp/vault/sdk from 0.10.0 to 0.10.2: GH-410
- Bump github.com/gruntwork-io/terratest from 0.45.0 to 0.46.0: GH-409
- Bump golang.org/x/net from 0.14.0 to 0.17.0: GH-407
v0.3.2
0.3.2 (October 10th, 2023)
Fix:
- Handle invalid Client race after restoration: GH-400
Dependency Updates:
- Bump ubi9/ubi-micro from 9.2-15 to 9.2-15.1696515526: GH-404
- Bump github.com/hashicorp/hcp-sdk-go from 0.64.0 to 0.65.0: GH-403
- Bump github.com/gruntwork-io/terratest from 0.44.0 to 0.45.0: GH-402
- Bump github.com/prometheus/client_model from 0.4.1-0.20230718164431-9a2bf3000d16 to 0.5.0: GH-401
- Bump github.com/go-openapi/runtime from 0.25.0 to 0.26.0: GH-394
- Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0: GH-393
- Bump github.com/hashicorp/golang-lru/v2 from 2.0.6 to 2.0.7: GH-392
- Bump github.com/onsi/gomega from 1.27.10 to 1.28.0: GH-391
- Bump github.com/hashicorp/hcp-sdk-go from 0.63.0 to 0.64.0: GH-390
v0.3.1
v0.3.0
0.3.0 (September 27th, 2023)
Improvements:
- VDS: Support for DB schedule-based static role rotations: GH-369
- HVS: Rename servicePrinciple data key clientKey to clientSecret: GH-368
- HVS: Include User-Agent and requester HTTP request headers.: GH-382
- HVS: Add validation for spec.refreshAfter and min constraints: GH-376
- Helm: Add support for affinity and hostAliases: GH-343
- Helm: Add the ability to specify a security context to the deployment: GH-289
Features:
- Add support for syncing HCP Vault Secrets: GH-315
Revert: