Skip to content

Releases: kubernetes-sigs/secrets-store-csi-driver

v1.3.1

21 Jan 00:57
@github-actions github-actions
v1.3.1
d3756ff
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.1

v1.3.1 - 2023-01-21

Changelog

Maintenance 🔧

  • cba4224 chore: pin buildx to v0.10.6
  • 766c42a chore: bump version to v1.3.1 in release-1.3
  • f3b0300 chore: update livenessprobe to v2.9.0
  • c0d3b61 chore: update node-driver-registrar to v2.7.0
Assets 13
Loading

v1.3.0

13 Dec 22:58
@github-actions github-actions
v1.3.0
d08eaa9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0

v1.3.0 - 2022-12-13

Changelog

Bug Fixes 🐞

  • cdf0b77 fix: put annotations in right position of daemonset
  • bb1815a fix: escape dot in target path regex
  • 97d3452 fix: fix CVE-2022-32149 and CVE-2022-27664 (#1059)
  • d98c93c fix: handles pfx certs in k8s secrets sync
  • 9fcdbb2 fix: update base image reference in script
  • ede4c70 fix: sanitize service account tokens in logs
  • 2ee77ca fix: use os.Lstat to resolve os.Stat issue in windows
  • 3ae12bd fix: remove files before cleanup mount point in unpublish
  • 0af2483 fix: panic when using --log-format-json
  • 830d184 fix: update err variable in defer to prevent err shadowing
  • c452ac4 fix: add unit test to validate error shadowed bug

Code Refactoring 💎

  • b0af2b9 refactor: use NewSharedInformerFactoryWithOptions for new shared informer
  • 14489c7 refactor: update mdbook install and serve

Continuous Integration 💜

  • 12cdcb4 ci: ignore slack badge in markdown link check
  • a3c0e4e ci: add codeql action
  • 9a120ea ci: bump kubernetes version to v1.25.0
  • f8e3435 ci: bump kind version to v0.14.0
  • d1181e3 ci: add kubernetes 1.24 in e2e matrix
  • ce47672 ci: fix aws eks cluster creation
  • 384db8b ci: fix markdown link check workflow failures
  • 12d1c99 ci: update kubernetes version matrix in staging e2e workflow
  • 0246e35 ci: update e2e_mock_provider_tests kubernetes versions
  • 2f16132 ci: add goreleaser workflow for release
  • d0e614f ci: fix shellcheck file paths
  • 00a1445 ci: add markdown-link-check workflow

Documentation 📘

  • b8c64cc docs: add security vuln scanning to release mgmt
  • e195c55 docs: update supported releases - v1.2.x and v1.1.x
  • 3787ca2 docs: include security explanations for root/privileged/and pod tokens
  • b55eaef docs: update instructions on generating release notes
  • c0e97a5 docs: add subPath volume mount limitation
  • 592ad7b docs: update supported versions and replace v1alpha1 with v1
  • 8c41c4a docs: remove helm repo url change note in install steps
  • 052429b docs: add slack badge
  • 95218a6 docs: fix dead links based on errors
  • 0391489 docs: update features and add toc
  • ba364e1 docs: Update helm README.md with linux crd image values (#797)
  • 856ad85 docs: update supported feature by current providers
  • a760c18 docs: fix typo in api version group name
  • ed9ecf3 docs: add design docs and roadmap to website
  • 99aafa5 docs: add project status to docs

Features 🌈

  • b4d2608 feat: add default toleration for all taints
  • 34cb436 feat: Support disabling Helm chart CRD hooks
  • 0723e1e feat: support provider paths under /var/run
  • 7ac887a feat: add token requests client (#805)
  • 4b8c442 feat: send NodePublishVolumeRequest.VolumeContext in MountRequest to provider

Maintenance 🔧

  • d412c88 chore: bump version to v1.3.0 in release-1.3
  • 7513988 chore: reenable trivy scan for binary
  • 4c1a8f5 chore: use kubectl v1.26.0 in driver-crds
  • da5a280 chore: switch to registry.k8s.io
  • 215e5c2 chore: update node-driver-registrar to v2.6.2
  • 4e6cc57 chore: bump github/codeql-action from 2.1.32 to 2.1.35
  • c60d93f chore: bump stefanprodan/helm-gh-pages from 1.6.0 to 1.7.0
  • 6a64a91 chore: bump k8s.io/code-generator from 0.25.3 to 0.25.4 in /hack/tools
  • c9ec363 chore: bump github/codeql-action from 2.1.31 to 2.1.32
  • 1111a97 chore: use kubectl 1.25.4 in driver-crds
  • ca89feb chore: remove k8s.io/kubernetes dep
  • 59473a2 chore: bump github/codeql-action from 2.1.29 to 2.1.31
  • 8778a4c chore: update livenessprobe to v2.8.0
  • b12d68a chore: bump github/codeql-action from 2.1.28 to 2.1.29
  • 2beee6f chore: bump sigs.k8s.io/controller-tools in /hack/tools
  • 4776c62 chore: bump k8s.io/code-generator from 0.25.0 to 0.25.3 in /hack/tools
  • 603bb66 chore: bump github.com/golangci/golangci-lint in /hack/tools
  • 358b8a3 chore: bump google.golang.org/protobuf in /hack/tools
  • 75b1134 chore: bump actions/checkout from 2 to 3
  • 6841c6d chore: bump sigs.k8s.io/kustomize/kustomize/v4 in /hack/tools
  • f6021d8 chore: bump goreleaser/goreleaser-action from 2.8.1 to 3.2.0
  • d3e4260 chore: adds ok-to-test label on dependabot prs
  • 8a52d33 chore: bump github.com/golangci/golangci-lint in /hack/tools
  • c8fc68f chore: bump stefanprodan/helm-gh-pages from 1.4.1 to 1.6.0
  • 57a5cb9 chore: bump gaurav-nelson/github-action-markdown-link-check
  • 762f81f chore: add dependabot.yml
  • e3ed2f2 chore: use kubectl 1.25.x in driver-crds
  • f938672 chore: update golangci-lint to v1.49.0
  • 6fda350 chore: run apt update && apt upgrade -y in dockerfile
  • 0dc8c0f chore: support kubernetes v1.25.0
  • 980a539 chore: remove psp
  • f020bdf chore: update debian-base to bullseye-v1.4.2
  • 5680241 chore: update k8s deps to v0.24.4
  • 4be2208 chore: update to go 1.19
  • e272dc9 chore: update debian-base to bullseye-v1.4.1
  • efb3274 chore: update debian-base to bullseye-v1.4.0
  • 27032f6 chore: update boilerplate for the generated proto files
  • fe049c3 chore: use google.golang.org/protobuf and regenerate proto
  • a95f0e5 chore: update kustomize to v4
  • 1d264d2 chore: update tools dependencies and generate manifests
  • e0f1850 chore: update kubernetes deps to v1.24.1
  • 5ddc969 chore: add crds.podLabels for helm hook jobs (#962)
  • d70d198 chore: update debian-base to bullseye-v1.3.0
  • a48fdde chore: bump node-driver-registrar:v2.5.1 and livenessprobe:v2.7.0
  • 68ef471 chore: bump kind version to v0.13.0 to support kubernetes v1.24
  • 75d28a4 chore: update pull request template
  • 1faac89 chore: change default to /var/run for providers path
  • e6cc3d5 chore: upgrade makefile test binary versions
  • 4b09e85 chore: upgrade to go 1.18
  • 1ec0f8b chore: remove deprecated minimumProviderVersions in helm chart
  • b46dfcb chore: make token requests conditional for v1.20+
  • 37f55b2 chore: bump node-driver-registrar:v2.5.0 and livenessprobe:v2.6.0
  • ca257a8 chore: mark v1alpha1 api version as deprecated
  • ae87243 chore: remove old helm packages and index
  • ccb9fa4 chore: updates trivy command
  • a596624 chore: log invalid key in error
  • dac5381 chore: update debian-base to bullseye-v1.1.0
  • f694be2 chore: bump node-driver-reegistrar image to v2.4.0
  • 9750771 chore: remove deprecated --filtered-watch-secret flag
  • c78559e chore: bump livenessprobe image to v2.5.0
  • 2b27e0c chore: upgrade kubernetes deps
  • 6069215 chore: use TARGETARCH for image build and makefile update
  • e1f143c chore: use corev1 as import alias instead of v1

Security Fix 🛡️

Testing 💚

  • df67b53 test: cleanup provider tests (part 1)
  • 725b77d test: use helm upgrade --install for azure e2e
  • 86d368e test: use helm charts for azure provider
  • 0ec6250 test: conditionally check token requests role and binding
  • 899d3ed test: add test for view and admin cluster role (#845)
Assets 13
Loading

v1.2.4

07 Sep 23:47
@github-actions github-actions
v1.2.4
7f4aef9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.4

v1.2.4 - 2022-09-07

Changelog

Bug Fixes 🐞

  • 3fb0170 fix: update base image reference in script
  • 7bb3a61 fix: (fileutil) WritePayloads atomically for nested paths

Maintenance 🔧

  • e0c09c8 chore: bump version to v1.2.4 in release-1.2
  • 64f96c2 chore: update debian-base to bullseye-v1.4.2
  • ce14ea1 chore: update k8s deps to v0.24.4
  • 0fc707b chore: support common labels in helm chart

Security Fix 🛡️

Assets 13
Loading

v1.2.3

11 Aug 20:51
@github-actions github-actions
v1.2.3
6ca3c41
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.3

v1.2.3 - 2022-08-11

Changelog

Bug Fixes 🐞

  • 8775b33 fix: sanitize service account tokens in logs

Maintenance 🔧

  • a8a646e chore: bump version to v1.2.3 in release-1.2
  • f8d0e25 chore: update debian-base to bullseye-v1.4.1

Security Fix 🛡️

Assets 13
Loading

v1.2.2

14 Jul 19:36
@github-actions github-actions
v1.2.2
a21c0e7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.2

v1.2.2 - 2022-07-14

Changelog

Bug Fixes 🐞

  • e558fc0 fix: use os.Lstat to resolve os.Stat issue in windows

Maintenance 🔧

  • e76d980 chore: bump version to v1.2.2 in release-1.2
Assets 13
Loading

v1.2.1

12 Jul 20:04
@github-actions github-actions
v1.2.1
c7abc27
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.1

v1.2.1 - 2022-07-12

Changelog

Maintenance 🔧

  • 42fd02c chore: bump version to v1.2.1 in release-1.2
  • b6f0933 chore: update debian-base to bullseye-v1.4.0

Security Fix 🛡️

Assets 13
Loading

v1.2.0

22 Jun 20:47
@github-actions github-actions
v1.2.0
b37cadc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.0

v1.2.0 - 2022-06-22

Changelog

Bug Fixes 🐞

  • 3ae12bd fix: remove files before cleanup mount point in unpublish
  • 0af2483 fix: panic when using --log-format-json
  • 830d184 fix: update err variable in defer to prevent err shadowing
  • c452ac4 fix: add unit test to validate error shadowed bug

Code Refactoring 💎

  • b0af2b9 refactor: use NewSharedInformerFactoryWithOptions for new shared informer
  • 14489c7 refactor: update mdbook install and serve

Continuous Integration 💜

  • d1181e3 ci: add kubernetes 1.24 in e2e matrix
  • ce47672 ci: fix aws eks cluster creation
  • 384db8b ci: fix markdown link check workflow failures
  • 12d1c99 ci: update kubernetes version matrix in staging e2e workflow
  • 0246e35 ci: update e2e_mock_provider_tests kubernetes versions
  • 2f16132 ci: add goreleaser workflow for release
  • d0e614f ci: fix shellcheck file paths
  • 00a1445 ci: add markdown-link-check workflow

Documentation 📘

  • 3787ca2 docs: include security explanations for root/privileged/and pod tokens
  • b55eaef docs: update instructions on generating release notes
  • c0e97a5 docs: add subPath volume mount limitation
  • 592ad7b docs: update supported versions and replace v1alpha1 with v1
  • 8c41c4a docs: remove helm repo url change note in install steps
  • 052429b docs: add slack badge
  • 95218a6 docs: fix dead links based on errors
  • 0391489 docs: update features and add toc
  • ba364e1 docs: Update helm README.md with linux crd image values (#797)
  • 856ad85 docs: update supported feature by current providers
  • a760c18 docs: fix typo in api version group name
  • ed9ecf3 docs: add design docs and roadmap to website
  • 99aafa5 docs: add project status to docs

Features 🌈

  • 0723e1e feat: support provider paths under /var/run
  • 7ac887a feat: add token requests client (#805)
  • 4b8c442 feat: send NodePublishVolumeRequest.VolumeContext in MountRequest to provider

Maintenance 🔧

  • 23ae1fb chore: bump version to v1.2.0 in release-1.2
  • a95f0e5 chore: update kustomize to v4
  • 1d264d2 chore: update tools dependencies and generate manifests
  • e0f1850 chore: update kubernetes deps to v1.24.1
  • 5ddc969 chore: add crds.podLabels for helm hook jobs (#962)
  • d70d198 chore: update debian-base to bullseye-v1.3.0
  • a48fdde chore: bump node-driver-registrar:v2.5.1 and livenessprobe:v2.7.0
  • 68ef471 chore: bump kind version to v0.13.0 to support kubernetes v1.24
  • 75d28a4 chore: update pull request template
  • 1faac89 chore: change default to /var/run for providers path
  • e6cc3d5 chore: upgrade makefile test binary versions
  • 4b09e85 chore: upgrade to go 1.18
  • 1ec0f8b chore: remove deprecated minimumProviderVersions in helm chart
  • b46dfcb chore: make token requests conditional for v1.20+
  • 37f55b2 chore: bump node-driver-registrar:v2.5.0 and livenessprobe:v2.6.0
  • ca257a8 chore: mark v1alpha1 api version as deprecated
  • ae87243 chore: remove old helm packages and index
  • ccb9fa4 chore: updates trivy command
  • a596624 chore: log invalid key in error
  • dac5381 chore: update debian-base to bullseye-v1.1.0
  • f694be2 chore: bump node-driver-reegistrar image to v2.4.0
  • 9750771 chore: remove deprecated --filtered-watch-secret flag
  • c78559e chore: bump livenessprobe image to v2.5.0
  • 2b27e0c chore: upgrade kubernetes deps
  • 6069215 chore: use TARGETARCH for image build and makefile update
  • e1f143c chore: use corev1 as import alias instead of v1

Security Fix 🛡️

Testing 💚

  • df67b53 test: cleanup provider tests (part 1)
  • 725b77d test: use helm upgrade --install for azure e2e
  • 86d368e test: use helm charts for azure provider
  • 0ec6250 test: conditionally check token requests role and binding
  • 899d3ed test: add test for view and admin cluster role (#845)
Assets 13
Loading

v1.1.2

31 Mar 21:10
@github-actions github-actions
v1.1.2
26ab9c2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.2

v1.1.2 - 2022-03-31

Changelog

Bug Fixes 🐞

  • 9e39ed6 Automated cherry pick of #898: fix: validate additionalProviderPaths does not contain providers dir (#902)

Maintenance 🔧

  • cf55d98 chore: bump version to 1.1.2 in release-1.1
  • 2c0743e chore: update golangci-lint to v1.45.2 and pin to go 1.17

Security Fix 🛡️

Assets 13
Loading

v1.1.1

07 Mar 22:16
@github-actions github-actions
v1.1.1
6160ee1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.1

v1.1.1 - 2022-03-07

Changelog

Bug Fixes 🐞

  • 8b6a1e6 fix: panic when using --log-format-json

Maintenance 🔧

  • f2c8ae2 chore: bump version to 1.1.1 in release-1.1
Assets 13
Loading

v1.1.0

23 Feb 19:37
@github-actions github-actions
v1.1.0
c266fdc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.0

v1.1.0 - 2022-02-23

Announcement 📢

  • The helm charts were moved to https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts as part of v0.3.0 release. As part of this release, the old charts from the main branch have been removed. Update to https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts to use the helm charts for all releases.
  • secrets-store.csi.x-k8s.io/v1alpha1 is deprecated. Use secrets-store.csi.x-k8s.io/v1 instead for SecretProviderClass API version.
  • Note to Providers: The provider volume default will move from /etc/kubernetes/secrets-store-csi-providers to /var/run/secrets-store-csi-providers in a future version of the driver. For more info see #823 and #870.

Changelog

Bug Fixes 🐞

  • c8c4533 fix: update err variable in defer to prevent err shadowing
  • 91440b7 fix: add unit test to validate error shadowed bug

Code Refactoring 💎

  • b0af2b9 refactor: use NewSharedInformerFactoryWithOptions for new shared informer
  • 14489c7 refactor: update mdbook install and serve

Continuous Integration 💜

  • 2f16132 ci: add goreleaser workflow for release
  • d0e614f ci: fix shellcheck file paths
  • 00a1445 ci: add markdown-link-check workflow

Documentation 📘

  • 8c41c4a docs: remove helm repo url change note in install steps
  • 052429b docs: add slack badge
  • 95218a6 docs: fix dead links based on errors
  • 0391489 docs: update features and add toc
  • ba364e1 docs: Update helm README.md with linux crd image values (#797)
  • 856ad85 docs: update supported feature by current providers
  • a760c18 docs: fix typo in api version group name
  • ed9ecf3 docs: add design docs and roadmap to website
  • 99aafa5 docs: add project status to docs

Features 🌈

  • 7ac887a feat: add token requests client (#805)
  • 4b8c442 feat: send NodePublishVolumeRequest.VolumeContext in MountRequest to provider
  • d7809a7 feat: support provider paths under /var/run

Maintenance 🔧

  • 06931d3 chore: bump version to v1.1.0-rc.0 in release-1.1
  • ca257a8 chore: mark v1alpha1 api version as deprecated
  • ccb9fa4 chore: updates trivy command
  • a596624 chore: log invalid key in error
  • dac5381 chore: update debian-base to bullseye-v1.1.0
  • f694be2 chore: bump node-driver-reegistrar image to v2.4.0
  • 9750771 chore: remove deprecated --filtered-watch-secret flag
  • c78559e chore: bump livenessprobe image to v2.5.0
  • 2b27e0c chore: upgrade kubernetes deps
  • 6069215 chore: use TARGETARCH for image build and makefile update
  • e1f143c chore: use corev1 as import alias instead of v1
  • 331cf9f chore: bump version to v1.1.0 in release-1.1
  • 1ecec55 chore: make token requests conditional for v1.20+
  • a036d14 chore: bump node-driver-registrar:v2.5.0 and livenessprobe:v2.6.0

Security Fix 🛡️

Testing 💚

  • 899d3ed test: add test for view and admin cluster role (#845)
Assets 13
Loading