Skip to content
This repository has been archived by the owner on Nov 28, 2022. It is now read-only.

v7.0.0
Compare
Choose a tag to compare
@asaintsever asaintsever released this 21 Jun 17:04
· 37 commits to master since this release
v7.0.0
9dd07a0

New with this release: Vault secrets can now be injected right into environment variables. Only static secrets are supported at the moment. Along with this feature, the secrets volumeMount is now automatically injected in your containers if not already defined (as it was the case with the secrets volume).

Default Vault image is now set to 1.4.2 to fix several CVEs (CVE-2020-13223, CVE-2020-12757: see HashiCorp's CHANGELOG).

Finally, the webhook certificates are no more generated using the Kubernetes Certificates API. The certificates and associated private key are now either generated by code or read from a Kubernetes Secret you provide. Refer to the updated documentation for details.

Changed

  • VSI #29 - Update HashiCorp Vault image to 1.4.2
  • VSI #30 - Webhook certificates generated by code or provided
  • VSI #31 - Migrate to Golang 1.14

Added

  • VSI #32 - Inject secrets in env vars. Feature announcement here.
Assets 7