0.1.0-rc.1 (June 7th, 2023)
Features:
- Helm: Support optionally deploying the Prometheus ServiceMonitor: GH-227
- Helm: Breaking Change: Adds support for additional Auth Methods in the Transit auth method template: GH-226
To migrate, set Kubernetes specific auth method configuration undercontroller.manager.clientCache.storageEncryption
using the new stanzacontroller.manager.clientCache.storageEncryption.kubernetes. - VaultAuth: Adds support for the AWS authentication method, which can use an IRSA service account, static credentials in a
Kubernetes secret, or the underlying node role/instance profile for authentication: GH-235 - Helm: Add AWS to defaultAuth and storageEncryption auth: GH-247
Improvements:
- Core: Extend vault Client validation checks to handle failed renewals: GH-171
- VaultDynamicSecrets: Add support for synchronizing static-creds: GH-239
- VDS: add support for drift detection for static-creds: GH-244
- Helm: Make defaultVaultConnection.headers a map: GH-249
Build:
- Update to go 1.20.5: GH-248
- CI: Testing VSO in Azure K8s Service (AKS): GH-218
- CI: Updating tests for VSO in EKS: GH-219
Changes:
- API: Bump version from v1alpha1 to v1beta1 Breaking Change: GH-251
- VaultStaticSecrets (VSS): Breaking Change: Replace
Spec.NamewithSpec.Path: GH-240 - VaultPKISecrets (VPS): Breaking Change: Replace
Spec.NamewithSpec.Role: GH-233 - Helm chart: the Transit auth method kubernetes specific configuration in
controller.manager.clientCache.storageEncryption
has been moved tocontroller.manager.clientCache.storageEncryption.kubernetes.