v1.0.0-rc.0 - 2023-03-22
Breaking Changes ⚠️
As of v1.0.0-alpha.0
release, the azure-workload-identity mutating admission webhook is defaulting to using failurePolicy: Fail
instead of Ignore
. With this change, we have added an object selector in the configuration to only intercept and mutate pods that have the azure.workload.identity/use: "true"
label. This change reduces the latency impact of the webhook and prevents workload pods that require the injected environment variables and projected service account token volume from starting in an unexpected state. Refer to issue for more details.
Changelog
Bug Fixes 🐞
Continuous Integration 💜
Documentation 📘
- becf24c docs: Update AKS OIDC Issuer link (#799)
- 3aa580e docs: fix incorrect default proxy port (#785)
- 278a6b5 docs: remove kubernetes version 1.23 (EOL) (#775)
Features 🌈
- a2c807b feat: set
reinvocationPolicy: IfNeeded
for webhook (#794) - 245f593 feat: make pod annotations configurable in helm charts (#795)
- e5e3b2a feat: add graceful shutdown for proxy server (#776)
Maintenance 🔧
- 251b2b9 chore: bump github.com/Azure/go-autorest/autorest/adal from 0.9.22 to 0.9.23 (#806)
- e1c98b9 chore: bump actions/setup-go from 3 to 4 (#800)
- 12ee893 chore: bump k8s.io/client-go from 0.25.7 to 0.25.8 (#805)
- 916000f chore: bump github/codeql-action from 2.2.6 to 2.2.7 (#801)
- 1c2fa32 chore: update debian-iptables to bullseye-v1.5.3 (#796)
- ff5ba60 chore: bump controller-gen to v0.10.0 (#793)
- 9711a20 chore: bump github/codeql-action from 2.2.5 to 2.2.6 (#792)
- f08b7e2 chore: bump k8s.io/client-go from 0.25.6 to 0.25.7 (#780)