- Users can now opt-out of workload executable hashing when enabling the workload path as a selector (#1078)
- Added M3 support to telemetry and other telemetry and logging improvements (#1059, #1085, #1086, #1094, #1102, #1122,#1138,#1160,#1186,#1208)
- SQL auto-migration can be disabled (#1089)
- SQL schema compatability checks are aligned with upgrade compatability guarantees (#1089)
- Agent CLI can provide information on attested nodes (#1098)
- SPIRE can tolerate small SVID expiration periods (#1115)
- Reduced Docker image sizes by roughly 25% (#1140)
- The
upstream_bundle
configurable is deprecated (#1147)
- Agents can be configured to bootstrap insecurely with SPIRE Servers for ease of evaluation (#1148)
- The issuer claim in JWT-SVIDs can be customized (#1164)
- SPIRE Server supports a wider variety of signing key types (#1169)
- New OIDC discovery provider that serves a compatible JWKS document with signing keys from the trust domain (#1170,#1175)
- New Upstream CA plugin that signs SPIRE Server CA CSRs using a Private Ceriticate Authority in AWS Certificate Manager (#1172)
- Agents respond more predictably when making requests to an overloaded SPIRE Server (#1182)
- Docker Workload Attestor supports a wider variety of cgroup drivers (#1188)
- Docker Workload Attestor supports selection based on container environment variables (#1205)
- Fixed an issue in which Kubernetes workload attestation occasionally fails to identify the caller (#1216)
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.