Notable new features:
Operator
- add transit unseal example with operator and webhook
- enable
preFlightChecks
by default - RBAC - allow Operator to list replicasets
Webhook
- add
VAULT_TOKEN=vault:login
special value for passing the Vault token from vault-env to the application - lazy connection to Vault in case of ConfigMaps and Secrets
- Docker CMD should be appended only if Kubernetes args is empty
- Allow enabling debug logs
- Configurable Webhook listen address
Library
- wildcard TLS certificates should support multiple wildcard SANs
Misc
- various documentation and diagram fixes
- use Vault SDK instead of pulling in the whole Vault project 🎉
All commits since 0.4.18:
banzaicloud/bank-vaults@0.4.18...0.5.0
Thanks to all the contributors! 🍺 ❤️
@ahma
@leominov
@mgruener
@tommy-dk
@sosoriov
@bonifaido
@pbalogh-sa
@matyix
Artifacts:
With tag 0.5.0:
https://cloud.docker.com/u/banzaicloud/repository/docker/banzaicloud/vault-secrets-webhook/tags
https://cloud.docker.com/u/banzaicloud/repository/docker/banzaicloud/bank-vaults/tags
https://cloud.docker.com/u/banzaicloud/repository/docker/banzaicloud/vault-env/tags
https://cloud.docker.com/u/banzaicloud/repository/docker/banzaicloud/vault-operator/tags