Skip to content

v0.24.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 27 Jun 14:35
v0.24.0
This tag was signed with the committer’s verified signature.
erikgb Erik Godding Boye
SSH Key Fingerprint: sUjQyDZX9TnkM603FgBhlRmh1qEmyxDqi9pB1bZnYjA
Verified
Learn about vigilant mode.
75590d0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

trust-manager is the easiest way to manage security-critical TLS trust bundles in Kubernetes and OpenShift clusters.

This release is a feature release, but as usual, it contains various patches/fixes and dependency bumps.

Notable changes include a fix by @yugstar avoiding reconciling loops by ensuring the calculated trust bundle hash is deterministic when adding labels/annotations to the target configmaps/secrets. 💯 And trust-manager can now source CA certificates from configmap binaryData. 🚀

Our Helm chart now supports configuration of securityContexts for pods and containers, which has been highly requested by the community. A big thanks goes out to @MarcAntoineRaymond! ❤️

⚠️ Possibly breaking change in Helm chart values: if you currently set app.securityContext.seccompProfileEnabled, this value has been removed and replaced with a more generic mechanism for setting securityContexts.

What's Changed

Features

  • feat(helm)!: configuration of securityContexts for pods and containers by @MarcAntoineRaymond in #836
  • feat(helm): aggregate Bundle read access into the cluster-reader ClusterRole by @yugstar in #1009
  • Make CertPool support pluggable filters by @erikgb in #1016
  • feat: read CA data from ConfigMap binaryData field in Bundle sources by @mvanhorn in #1025

Fixes

  • fix: scope metrics ServiceMonitor selector to the metrics service by @yugstar in #1008
  • fix: make TrustBundleHash deterministic across reconciles by @yugstar in #1014

Bumps / CI

  • fix(deps): update github.com/onsi deps to v2.30.0 by @renovate[bot] in #1001
  • fix(deps): update kubernetes go patches to v0.36.2 by @renovate[bot] in #1002
  • [CI] Merge self-upgrade-main into main by @octo-sts[bot] in #1003
  • fix(deps): update github.com/onsi deps by @renovate[bot] in #1004
  • [CI] Merge self-upgrade-main into main by @octo-sts[bot] in #1006
  • chore(deps): update makefile modules to 7835ffe by @renovate[bot] in #1007
  • chore(deps): update makefile modules to 92aeb18 by @renovate[bot] in #1010
  • chore(deps): update makefile modules to 5d90d75 by @renovate[bot] in #1011
  • chore(deps): update misc github actions to v7 by @renovate[bot] in #1012
  • chore(deps): update makefile modules to 3968a05 by @renovate[bot] in #1013
  • chore(deps): update makefile modules to 6c59e94 by @renovate[bot] in #1015
  • chore(deps): update makefile modules to e249911 by @renovate[bot] in #1017
  • chore(deps): update makefile modules to 2439727 by @renovate[bot] in #1018
  • fix(deps): update github.com/onsi deps by @renovate[bot] in #1019
  • fix(deps): update k8s.io/utils digest to a95e086 by @renovate[bot] in #1020
  • chore(deps): update makefile modules to 5a6dfa5 by @renovate[bot] in #1021
  • fix(deps): update module github.com/onsi/gomega to v1.42.1 by @renovate[bot] in #1022
  • chore(deps): update actions/setup-go action to v6.5.0 by @renovate[bot] in #1023
  • chore(deps): update makefile modules to 3475385 by @renovate[bot] in #1024

New Contributors

Full Changelog: v0.23.0...v0.24.0

Contributors

mvanhorn, erikgb, and 4 other contributors
Assets 2
Loading