Azure/secrets-store-csi-driver-provider-azure v1.5.0 on GitHub

v1.5.0 - 2023-11-22

Changelog

Bug Fixes 🐞

ba81735 fix: updates template condition for Arc (#973)
0d0675f fix: increase fluentd resource limits (#946)
2b29471 fix: #948 arc missing system identity (#949)
2eee8b7 fix: runs msi-adapter as privileged on openshift (#920)
858b765 fix: use tenantID instead of tenantId in parameters (#898)
98a796f fix: updates arc ext check (#893)
21f8715 fix: Fixing chart version number in chart docs (#845)
6cff99c fix: update versions installed in devcontainer (#835)

Code Refactoring 💎

8a9e262 refactor: update msal-go-sdk and use NewCredFromAssertionCallback (#961)
56289fa refactor: define provider interface and add mock provider for test (#947)
92fa62e refactor: update validation and make it fail-fast (#917)
82385a5 refactor: add functions to get parameters and add constants (#896)

Continuous Integration 💜

85b6219 ci: fix az aks get-versions command failure (#1278)
30f4760 ci: fix kubectl download url (#1178)
96aa5fb ci: fix dependabot config (#1137)
fe509a9 ci: [StepSecurity] Apply security best practices (#1134)
af3d4bb ci: make semantic check title only
43632c8 ci: enable tests with kubernetes v1.27 (#1126)
b62729a ci: switch to using mariner pool (#1127)
d9402ab ci: pin k8s-extension version to 1.3.5 (#1077)
1da23ac ci: enable tests with kubernetes v1.26 (#1038)
51a8347 ci: remove arc/e2e-test-aks tests from nightly run (#1023)
477ef4a ci: remove kubernetes version 1.22 (EOL) (#1019)
29b52ae ci: add codeql action (#971)
7772b90 ci: pin aks-preview version to 0.5.87 (#954)
3caf2dd ci: remove kubernetes version 1.21 (EOL) (#940)
1e5b425 ci: add CODEOWNERS file (#911)
a61c21a ci: remove kubernetes version 1.20 (EOL) (#847)
9a4f5c1 ci: add exempt-pr-labels for stalebot (#840)
35cc84f ci: use chore prefix for dependabot updates and update pr exclude paths (#827)

Documentation 📘

a637df3 docs: add openssf badge (#1136)
d3bc4c3 docs: fix logging command (#1107)
4e49d86 docs: adds links for manages offerings (#1094)
351ef0c docs: remove kubernetes version 1.23 (EOL) (#1089)
a9fd76f docs: add video demo for workload identity + AKV (#1074)
32fdd9e docs: update supported releases - v1.3.x and v1.4.x (#1069)
c88f03f docs: Update documentation to reflect change from 'tenantId' to 'tenantID' (#1057)
ac516b4 docs: fix workload identity link (#1031)
b31eece docs: add note about pod identity deprecation (#1018)
ed68f18 docs: add ADFS identity provider system to custom environments (#1010)
7d06606 docs: add workload identity steps for managed identity (#995)
d6a6fa5 docs: use azure cli for setting up federated identities (#981)
4bdeb1a docs: add release cadence to readme
211da99 docs: Add jobs tolerations attribute in helm chart docs (#926)
7e22604 docs: update supported releases - v1.2.x and v1.1.x (#927)
654b5c5 docs: use id instead of objectId for app object id (#914)
327bf30 docs: fix uninstall commands in openshift (#913)

Features 🌈

9f974df feat: use the azsecrets, azkeys, azcertificates keyvault sdk (#1109)
ea8b658 feat: expose metrics port (#1119)
6becac0 feat: adds outbound proxy variable support for windows pod (#1106)
ceac760 feat: migrate from autorest/adal to azidentity (#1028)
3c156ec feat: add default toleration for all taints (#1036)
4d061d3 feat: support splitting certs and private key (#1006)
5c39064 feat: add functionality for syncing version history (#834)
1ba0d55 feat: override priorityClassName from secrets-store-csi-driver subchart (#943)
ab6b43d feat: Geneva monitoring integration (#833)

Maintenance 🔧

ff3241a chore: updates amacoreagent for Arc (#1362)
b502857 chore: bump golang.org/x/net from 0.10.0 to 0.17.0 (#1332)
b2cf91c chore: bump github/codeql-action from 2.21.2 to 2.21.4 (#1282)
f797835 chore: helm chart release for driver v1.3.4 (#1255)
18827b3 chore: bump github/codeql-action from 2.20.4 to 2.21.2 (#1253)
88a387f chore: bump github/codeql-action from 2.3.5 to 2.20.4 (#1235)
dad67ff chore: bump github/codeql-action from 2.3.3 to 2.3.5 (#1187)
4ded330 chore: helm chart release for driver v1.3.3 (#1188)
9cc6476 chore: bump actions/setup-go from 4.0.0 to 4.0.1 (#1182)
ebbc88d chore: bump codecov/codecov-action from 3.1.3 to 3.1.4 (#1183)
c4d70d7 chore: use dl.k8s.io instead of hardcoded url (#1175)
d63564f chore: bump golang from 6dd5c5f to 6876eff in /.devcontainer (#1159)
158fd8c chore: bump golang.org/x/crypto from 0.7.0 to 0.9.0 (#1168)
9885ea2 chore: use sdk/security/keyvault dep (#1166)
28a3f4a chore: bump step-security/harden-runner from 2.3.1 to 2.4.0 (#1162)
532f102 chore: bump github/codeql-action from 2.3.2 to 2.3.3 (#1161)
f63c56e chore: bump golang.org/x/net from 0.7.0 to 0.10.0 (#1164)
99968cc chore: bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.2.1 to 1.3.0 (#1165)
8a49858 chore: bump golang from 403f486 to 6dd5c5f in /.devcontainer (#1156)
c4e452f chore: bump ossf/scorecard-action from 2.0.6 to 2.1.3 (#1141)
5d4cb5a chore: bump actions/dependency-review-action from 2.5.1 to 3.0.4 (#1140)
ddb4746 chore: bump github/codeql-action from 2.3.0 to 2.3.2 (#1139)
93e52c5 chore: bump codecov/codecov-action from 3.1.2 to 3.1.3 (#1130)
b3ce086 chore: bump github/codeql-action from 2.2.12 to 2.3.0 (#1129)
0c02894 chore: update node-driver-registrar:v2.7.0, livenessprobe:v2.9.0 (#1125)
5f5049e chore: update to go 1.20 (#1124)
d40addb chore: update golangci-lint to v1.52.2 (#1115)
e229221 chore: bump codecov/codecov-action from 3.1.1 to 3.1.2 (#1123)
afa3bde chore: bump github/codeql-action from 2.2.11 to 2.2.12 (#1122)
0d32670 chore: bump actions/checkout from 3.5.0 to 3.5.2 (#1121)
0614248 chore: bump github/codeql-action from 2.2.9 to 2.2.11 (#1116)
e11dd11 chore: bump actions/checkout from 3.4.0 to 3.5.0 (#1100)
932639f chore: updates msi-adapter image (#1103)
e36fd57 chore: bump github/codeql-action from 2.2.7 to 2.2.9 (#1102)
f2bea42 chore: bump actions/stale from 7 to 8 (#1101)
76f724a chore: bump actions/checkout from 3.3.0 to 3.4.0 (#1097)
a8ab309 chore: bump actions/setup-go from 3.5.0 to 4.0.0 (#1098)
90f0561 chore: bump github/codeql-action from 2.2.6 to 2.2.7 (#1096)
3c68b0e chore: bump github/codeql-action from 2.2.5 to 2.2.6 (#1091)
0b34cbe chore: updates Arc monitoring resources (#1090)
129931f chore: bump github/codeql-action from 2.2.4 to 2.2.5 (#1086)
fea0b26 chore: bump golang.org/x/net from 0.5.0 to 0.7.0 (#1084)
eed9ac1 chore: bump golang.org/x/net from 0.5.0 to 0.7.0 in /test/e2e (#1083)
f059f9d chore: use base and test image from registry.k8s.io (#1082)
3a7938f chore: bump github/codeql-action from 2.2.1 to 2.2.4 (#1081)
1ceb617 chore: bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 (#1078)
621209c chore: bump github/codeql-action from 2.1.39 to 2.2.1 (#1071)
3aa78cf chore: bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 (#1070)
07c1cd2 chore: pin buildx to v0.10.6 (#1066)
4870093 chore: bump github/codeql-action from 2.1.38 to 2.1.39 (#1067)
2ea9af6 chore: bump github/codeql-action from 2.1.37 to 2.1.38 (#1061)
f471a10 chore: bump actions/checkout from 3.2.0 to 3.3.0 (#1055)
de2bb77 chore: bump actions/stale from 6 to 7 (#1052)
f265460 chore: remove windows version 1903, 1909 and 2004 (EOL) (#1050)
a826993 chore: bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0 (#1046)
eeaddd7 chore: bump github/codeql-action from 2.1.36 to 2.1.37 (#1049)
fc799cf chore: bump actions/setup-go from 3.4.0 to 3.5.0 (#1048)
8f108d9 chore: bump actions/checkout from 3.1.0 to 3.2.0 (#1047)
12ab1a3 chore: update to driver v1.2.4 in staging charts (#1029)
4ae6949 chore: bump github/codeql-action from 2.1.35 to 2.1.36 (#1037)
d2f8e9b chore: bump github/codeql-action from 2.1.31 to 2.1.35 (#1033)
a1e8ca3 chore: bump actions/setup-go from 3.3.1 to 3.4.0 (#1032)
5c92142 chore: bump stefanprodan/helm-gh-pages from 1.6.0 to 1.7.0 (#1024)
f04f74a chore: enables docker ecosystem for dependabot (#1014)
384c8e7 chore: bump github/codeql-action from 2.1.29 to 2.1.31 (#1015)
174cf12 chore: bump github/codeql-action from 2.1.28 to 2.1.29 (#1008)
543dc72 chore: update deps (#1005)
1dcf87e chore: bump actions/setup-go from 3.3.0 to 3.3.1 (#1004)
f0d142d chore: bump goreleaser/goreleaser-action from 3.1.0 to 3.2.0 (#1003)
8cfa52d chore: bump github/codeql-action from 2.1.27 to 2.1.28 (#1002)
a182e75 chore: bump stefanprodan/helm-gh-pages from 1.5.0 to 1.6.0 (#993)
9c4ff28 chore: bump github/codeql-action from 2.1.26 to 2.1.27 (#992)
86e8c76 chore: bump actions/checkout from 3.0.2 to 3.1.0 (#994)
953bf9b chore: bump k8s versions for kind tests (#989)
d8b535b chore: bump kind version to v0.16.0 (#987)
379fa98 chore: bump github/codeql-action from 2.1.25 to 2.1.26 (#986)
eb4d31b chore: bump actions/stale from 5 to 6 (#985)
b75e648 chore: bump github/codeql-action from 2.1.24 to 2.1.25 (#984)
870ab26 chore: bump codecov/codecov-action from 3.1.0 to 3.1.1 (#983)
de2a52a chore: update golangci-lint to v1.49.0 (#977)
e9c34ea chore: bump github/codeql-action from 2.1.22 to 2.1.24 (#978)
815ad88 chore: support kubernetes v1.25.0 (#968)
aaffbe5 chore: remove psp (#966)
8e839e5 chore: bump goreleaser/goreleaser-action from 3.0.0 to 3.1.0 (#965)
0aeb800 chore: bump actions/setup-go from 3.2.1 to 3.3.0 (#964)
f619ba3 chore: update to go 1.19 (#960)
96ff80f chore: remove old helm packages and index (#924)
9cfbe6e chore: update dependencies (#956)
90a2353 chore: updates prom mdm converter image (#951)
55ec81e chore: updates gallery pkg version (#950)
400c32f chore: bump actions/setup-go from 3.2.0 to 3.2.1 (#936)
24b3ae3 chore: helm chart release for driver v1.2.2 (#935)
c3a5ea1 chore: update debian-base to bullseye-v1.4.0 (#928)
c34cd85 chore: helm chart release for driver v1.2.0 (#923)
cc6bb04 chore: add additional logs in fetch cert chain (#912)
db2dadb chore: update kubernetes deps to v1.24.1 (#908)
477b23e chore: adds installation method to template (#907)
20dbb05 chore: update to yaml.v3 (#905)
619225d chore: bump actions/setup-go from 3.1.0 to 3.2.0 (#902)
6f16013 chore: update debian-base to bullseye-v1.3.0 (#901)
e0ff59e chore: bump goreleaser/goreleaser-action from 2.9.1 to 3 (#895)
9e590f0 chore: fix troubleshooting link in issue template (#894)
105deab chore: bump actions/setup-go from 3.0.0 to 3.1.0 (#888)
b643e58 chore: support v1.24.0 kind cluster version (#886)
5fbdbc7 chore: helm chart release v1.1.3 for arc monitoring (#874)
ee7fd7b chore: update go-autorest to v0.11.27 (#868)
7e8157a chore: bump codecov/codecov-action from 3.0.0 to 3.1.0 (#869)
32ccaa4 chore: bump actions/checkout from 3.0.1 to 3.0.2 (#870)
ffb6e2c chore: bump actions/checkout from 3.0.0 to 3.0.1 (#862)
248d561 chore: change default to /var/run for provider path (#859)
4e49d62 chore: bump actions/stale from 4 to 5 (#855)
ed12204 chore: bump codecov/codecov-action from 2.1.0 to 3 (#856)
ff80a0f chore: update to debian-base:bullseye-v1.2.0 for arc conformance (#849)
b1cd97a chore: helm chart release for driver v1.1.2 (#848)
1026a58 chore: upgrade kubernetes and driver deps (#843)
8057df1 chore: upgrade to go 1.18 (#842)
c0bf191 chore: switch to upstream acr (#841)
9f90d95 chore: helm chart release for driver v1.1.1 (#830)
a51ffa4 chore: upgrade to driver v1.1.1 (#825)

Security Fix 🛡️

d5c8c90 security: fix CVE-2022-41717 (#1039)
f2de8d7 security: fix CVE-2022-32149 (#999)
5d91778 security: fix CVE-2022-27664 (#976)
cdc1c0e security: fix CVE-2022-1996 (#957)
19f1969 security: fix CVE-2022-29526 (#939)
77caeea security: fix CVE-2022-27191 (#932)
6ac7595 security: fixes CVE-2022-28948 in gopkg.in/yaml.v3 (#922)
2540d1c security: fix CVE-2022-29162 (#899)
2b35c17 security: fix CVE-2022-27191 (#876)
f5d5661 security: bump actions/checkout from 2.4.0 to 3 (#823)

Testing 💚

7b6caa6 test: use registry.k8s.io/e2e-test-images/busybox:1.29-4 for e2e (#1079)
de6c0c5 test: update helm install logic for upgrade tests (#1041)
3c60da7 test: skip WriteCertAndKeyInSeparateFiles tests in arc (#1034)
44a1c40 test: migrate ginkgo from v1 to v2 (#969)
d90847c test: fix junit reporter filename (#918)
b893a25 test: skip pod identity tests for arc (#900)
b5d9d3a test: set -v=5 to get debug logs in e2e (#846)