Releases: philips-labs/helm-charts
spire-0.10.1
A Helm chart for deploying spire-server and spire-agent. > v1.0.2. To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM. bash docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh Then add the following to /etc/kubernetes/manifests/kube-apiserver.yaml yaml spec: containers: - command: - kube-apiserver - --api-audiences=api,spire-server - --service-account-issuer=api,spire-agent - --service-account-key-file=/run/config/pki/sa.pub - --service-account-signing-key-file=/run/config/pki/sa.key
spire-0.10.0
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- Make dynamic tests matrix by finding all test folders by @marcofranssen in #106
- Move the different components into subcharts by @marcofranssen in #91
- Move oidc-discovery-provider into subchart by @marcofranssen in #90
- Move spire-agent into subchart by @marcofranssen in #93
- Move spire-server into subcharts by @marcofranssen in #94
- Cleanup after moving components to subcharts by @marcofranssen in #95
Full Changelog: spire-0.9.0...spire-0.10.0
Contributors
Assets 3
spire-0.9.0
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- Use setup-chartmuseum in workflow to install chartmuseum by @marcofranssen in #99
- Fix signing helm releases by @developer-guy in #100
- Utilize setup-chartmuseum to bootup chartmuseum instance by @marcofranssen in #101
- Bump actions/checkout from 3.2.0 to 3.3.0 by @dependabot in #103
- Bump helm/chart-releaser-action from 1.4.1 to 1.5.0 by @dependabot in #104
- Improve upstream CA by @marcofranssen in #97
Full Changelog: spire-0.8.1...spire-0.9.0
Contributors
Assets 3
spire-0.8.1
A Helm chart for deploying spire-server and spire-agent. > v1.0.2. To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM. bash docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh Then add the following to /etc/kubernetes/manifests/kube-apiserver.yaml yaml spec: containers: - command: - kube-apiserver - --api-audiences=api,spire-server - --service-account-issuer=api,spire-agent - --service-account-key-file=/run/config/pki/sa.pub - --service-account-signing-key-file=/run/config/pki/sa.key
spire-0.8.0
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- Bump helm/kind-action from 1.4.0 to 1.5.0 by @dependabot in #96
- Add optional UpstreamAuthority by @KenHuffmanAtNice in #79
Full Changelog: spire-0.7.6...spire-0.8.0
Contributors
Assets 3
spire-0.7.6
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- OIDC + CSI image update + server podAnnotations bugfix by @marcofranssen in #88
Full Changelog: spire-0.7.5...spire-0.7.6
Contributors
Assets 3
spire-0.7.5
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- Bump spire to 1.5.3 to fix oidc healthchecks by @marcofranssen in #87
Full Changelog: spire-0.7.4...spire-0.7.5
Contributors
Assets 3
spire-0.7.4
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- upload helm chart to oci registry by @developer-guy in #77
- Bump workflows to use ubuntu-22.04 by @marcofranssen in #84
- Bump actions/checkout from 3.1.0 to 3.2.0 by @dependabot in #86
- Bump azure/setup-helm from 3.4 to 3.5 by @dependabot in #85
- Replace wait-for-it image to get rid of vulnerabilities by @marcofranssen in #80
Full Changelog: spire-0.7.3...spire-0.7.4
Contributors
Assets 3
spire-0.7.3
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- adding annotations and resources by @KenHuffmanAtNice in #81
New Contributors
- @KenHuffmanAtNice made their first contribution in #81
Full Changelog: spire-0.7.2...spire-0.7.3
Contributors
Assets 3
spire-0.7.2
A Helm chart for deploying spire-server and spire-agent.
⚠️ Please note this chart requires Projected Service Account Tokens which has to be enabled on your k8s api server.
⚠️ Minimum Spire version isv1.0.2.
To enable Projected Service Account Tokens on Docker for Mac/Windows run the following command to SSH into the Docker Desktop K8s VM.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i shThen add the following to /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
containers:
- command:
- kube-apiserver
- --api-audiences=api,spire-server
- --service-account-issuer=api,spire-agent
- --service-account-key-file=/run/config/pki/sa.pub
- --service-account-signing-key-file=/run/config/pki/sa.keyWhat's Changed
- Bump node driver registrar + spire by @marcofranssen in #82
Full Changelog: spire-0.7.1...spire-0.7.2