Changelog
- e0ecd11 Add info for maintainers (#406)
- bc66190 Add linux amd64 image for quay (#411)
- 9c7a5dc Add workflow to add issues to tracker (#429)
- a9f7817 Added KES grafana dashboard (#447)
- 3516828 Bugfix: clear namespace for healthcheck request in CheckStatus (#511)
- 36bcd04 Bump golang.org/x/net to silence a wrong vuln checker (#500)
- 8bfdb43 Correct condition check (#516)
- 14408fb Edit sample YAML config for easier importing to web docs (#442)
- f111da8 Fix
identity new --ip
example (#467) - a960e3c Fix go.sum for release (#449)
- c1fa6dc Fix name of application (#475)
- 906347d2bbb5506dd9e5760e0cd39a2b5d34d7e1 Merge pull request #5 from donatello/update-goreleaser
- 07c57a2 Parse address from config if not provided with '--addr' (#419)
- 2e4e7be Re-read JWT file for every authentication (#491)
- 37cc7c0 Remove 'rm' from list (#457)
- 6763c4a Update README.md
- 343cfc6 Update README.md
- 310cf33 Update README.md
- 332ae57 Update client.go (#454)
- 812c81f Update goreleaser for new image location
- 4b6f9dc Upgrade to non-legacy Azure SDK (#459)
- 480ab49 add HMAC API and use KMS secret key crypto (#433)
- 06d53c9 add HMAC API test (#434)
- 2450744 add
version
field to crypto requests/responses (#520) - 8ecd396 azure: Close http response body (#450)
- f926c5b build(deps): bump golang.org/x/crypto from 0.25.0 to 0.31.0 (#494)
- 16a6929 ci: fix linter warnings (#440)
- 32f0842 close keystore when reloading config (#395)
- e9f73b9 cmd/kes: add support for migrating keys to minkms (#465)
- fe54489 cmd: add
kes ls
command (#464) - b2443e0 cmd: fix regression on server address handling (#405)
- fb612d9 cmd: fix resource leak when reloading TLS config (#408)
- 53b74e3 cmd: server should use default addr if none is specified (#420)
- 802ce81 cmd: support private keys in
kes identity
(#461) - 4f59ca5 docker: bump base image to ubi-micro:9.5 (#508)
- 57b2dc0 docs: Clarify KES (Key Encryption Service) definition in README (#521)
- ce11734 drop platform requirment on build stage (#410)
- 1da59a0 entrust: Close body to avoid some conn leaks (#485)
- 0d1464e entrust: use reasonable defaults for HTTP transport (#477)
- 12195cc fix goroutine leak when reloading server config (#469)
- 2e9975b fix: Avoid crash when approle is not used (#421)
- bc4783a fix: remove tab character from example yaml config as it is invalid (#479)
- 6091de4 fix: return updating http metrics (#444)
- a275f23 fix: set client CAs for mTLS auth (#437)
- 0086c34 fix: typos, upgrade linter and CI go-version (#456)
- 3ee893d honor offline caching in
/v1/status
API (#412) - acc2ce4 kes: flush audit log events to clients (#417)
- 2b39c33 kesconf: expose public API (#414)
- ca2ed00 keystore: fix conn leak in {AWS,GCP,Fortanx,Gemalto} backend (#451)
- f7a894a keystore: use pre-configured client for {Gemalto,Fortanix} status check (#455)
- 0e49f95 refactor KES API and internals (#403)
- bd277c4 remove unused code (#432)
- ce9a9b1 remove unused code for single-node stateful server (#396)
- 95f381b5ee51c5a860575b2c58a93dc7d43b26d7 replace AGPLv3 with commerical license (#6)
- 2f5a124 require a TLS client certificate by default (#453)
- a02d5cf seperating zsh and bash autocomplete (#441)
- f7b150f set cache default values as documented (#460)
- 246de8a simplify and optimize release process (#407)
- 0d11e46 update Go from
1.21.1
to1.21.3
and go mod dep (#402) - 4541fe7 update SDK dependency (#448)
- ca6a5b9 update
go.mod
dependencies (#473) - 9d1b5ad update
kes-go
dependency to v0.2.0 (#399) - e06e710 update dependencies (#462)
- 60e5ae2 update goreleaser check complaints
- 73fa12c update kes-go to
v0.2.1
(#415) - 3d958e1 update module and workflows to Go 1.24 (#512)
- f5bed15 upgrade all deps (#506)
- a9b155d upgrade deps and fix ci (#426)
- 4945c09 use
GetClientCertificate
instead ofCertificates
to prevent client issue from not being sent (#498) - 0244caf vault: add support for transit-encrypted K/V (#404)
- ef3f85c vault: clone client TLS config and headers for status checks (#476)
- d3b6494 vault: delay the usage of renewed auth tokens (#488)
- db17a10 vault: do not reuse TCP connections (#486)
- 877a8ae vault: implement authentication token renewal (#428)
- 22fc31a vault: improve Vault API interaction (#458)
- 376928c vault: limit token delay to not exceed token TTL (#504)
- c07d23a vault: renew token earlier (#481)
- be730c6 vault: reset token TTL to 0 when renewing token (#501)
- 13cee22 vault: simplify token renewal process (#409)
- eb1faa7 vault: support authentication in different namespaces (#431)