Skip to content

v0.25.0
Compare
Choose a tag to compare
@v0lkan v0lkan released this 25 Apr 18:18
· 160 commits to main since this release
v0.25.0
This tag was signed with the committer’s verified signature.
v0lkan Volkan Özçelik
GPG key ID: 9A59F3D946BFD021
Learn about vigilant mode.
a001255
This commit was signed with the committer’s verified signature.
v0lkan Volkan Özçelik
GPG key ID: 9A59F3D946BFD021
Learn about vigilant mode.

VSecM Logo

Added

  • Documentation updates.
  • Added liveness and readiness probes to SPIRE Server and SPIRE Agent.
  • Added pod priority classes to SPIRE Server, SPIRE Agent, and VSecM pods
    to ensure that VSecM components are prioritized and maintained in the
    event of resource constraints.
  • VSecM Sentinel Init Commands can now wait a configurable amount of time
    before running. This feature is useful when you want to delay the execution
    of the init commands to ensure that other components are ready.
  • VSecM Sentinel can now wait before marking Init Commands as successful.
    This feature is useful when you want to delay the readiness of VSecM Sentinel
    until other components are ready.
  • VSecM Sentinel Init Command can now parse and understand all VSecM Sentinel
    commands.
  • Added Generated protobuffer files into the source code for ease of maintenance.

Changed

  • Removed the tombstone feature, we use VSecM Keystone instead of tombstone,
    which is more reliable, secure, and under our control.
  • Reliability improvements in VSecM Sentinel. For example, VSecM Sentinel does
    not wait forever in a loop for VSecM Safe to be ready. Instead, it crashes
    after a grace period, and the orchestrator can restart it in a more cloud-native way.
  • SPIRE Server is now a StatefulSet by default instead of a Deployment.
    This change ensures that SPIRE Server has a stable identity across restarts.
  • VSecM Keystone, and VSecM Keystone secrets are being used instead of tombstone.
  • Various other stabilization improvements.

Fixed

  • Minor bug fixes and feature enhancements.

Security

Check out the changelog for a human-readable summary of what has happened so far.

Below are the generated release notes of every commit since the last release cut:

What's Changed

  • next helm charts by @v0lkan in #796
  • next by @v0lkan in #798
  • 💄 cosmetic(VSecM): rename busywait to background by @v0lkan in #811
  • add wait time to init commands by @v0lkan in #813
  • 🌟 enhancement(VSecM Sentinel): option to terminate early by @v0lkan in #814
  • wait before marking init command as successful by @v0lkan in #816
  • SDK signature change by @v0lkan in #818
  • Refactoring Init Command code by @v0lkan in #819
  • Closes #644, Add statefulset support in spire-server fix by @BulldromeQ in #812
  • Address some of the TODO’s in the source code by @v0lkan in #820
  • statefulset by @v0lkan in #823
  • Remove Tombstone and Use Keystone Instead by @v0lkan in #824
  • 🌟 enhancement(VSecM Sentinel): processInitCommands improvement by @v0lkan in #825
  • documentation update by @v0lkan in #826
  • documentation updates by @v0lkan in #911
  • Update spire-server.yaml statefulset missing serviceName by @BulldromeQ in #926
  • enhancement: protofiles generated, dev-env md and workflow edited by @marikann in #930
  • Stabilization Improvement for the Helm Charts (for Resource-Limited Environments) by @v0lkan in #933
  • Add events-based cache by @v0lkan in #934
  • Bump golang.org/x/net from 0.19.0 to 0.23.0 by @dependabot in #936
  • Introducing initial helm-chart for version 0.25.0 by @v0lkan in #937

Full Changelog: v0.24.4...v0.25.0

Contributors

v0lkan, dependabot, and 2 other contributors
Assets 2
Loading