github minio/kes 2025-05-20T20-27-58Z
Release 2025-05-20T20-27-58Z

3 months ago

Changelog

  • e0ecd11 Add info for maintainers (#406)
  • bc66190 Add linux amd64 image for quay (#411)
  • 9c7a5dc Add workflow to add issues to tracker (#429)
  • a9f7817 Added KES grafana dashboard (#447)
  • 3516828 Bugfix: clear namespace for healthcheck request in CheckStatus (#511)
  • 36bcd04 Bump golang.org/x/net to silence a wrong vuln checker (#500)
  • 8bfdb43 Correct condition check (#516)
  • 14408fb Edit sample YAML config for easier importing to web docs (#442)
  • f111da8 Fix identity new --ip example (#467)
  • a960e3c Fix go.sum for release (#449)
  • c1fa6dc Fix name of application (#475)
  • 906347d2bbb5506dd9e5760e0cd39a2b5d34d7e1 Merge pull request #5 from donatello/update-goreleaser
  • 07c57a2 Parse address from config if not provided with '--addr' (#419)
  • 2e4e7be Re-read JWT file for every authentication (#491)
  • 37cc7c0 Remove 'rm' from list (#457)
  • 6763c4a Update README.md
  • 343cfc6 Update README.md
  • 310cf33 Update README.md
  • 332ae57 Update client.go (#454)
  • 812c81f Update goreleaser for new image location
  • 4b6f9dc Upgrade to non-legacy Azure SDK (#459)
  • 480ab49 add HMAC API and use KMS secret key crypto (#433)
  • 06d53c9 add HMAC API test (#434)
  • 2450744 add version field to crypto requests/responses (#520)
  • 8ecd396 azure: Close http response body (#450)
  • f926c5b build(deps): bump golang.org/x/crypto from 0.25.0 to 0.31.0 (#494)
  • 16a6929 ci: fix linter warnings (#440)
  • 32f0842 close keystore when reloading config (#395)
  • e9f73b9 cmd/kes: add support for migrating keys to minkms (#465)
  • fe54489 cmd: add kes ls command (#464)
  • b2443e0 cmd: fix regression on server address handling (#405)
  • fb612d9 cmd: fix resource leak when reloading TLS config (#408)
  • 53b74e3 cmd: server should use default addr if none is specified (#420)
  • 802ce81 cmd: support private keys in kes identity (#461)
  • 4f59ca5 docker: bump base image to ubi-micro:9.5 (#508)
  • 57b2dc0 docs: Clarify KES (Key Encryption Service) definition in README (#521)
  • ce11734 drop platform requirment on build stage (#410)
  • 1da59a0 entrust: Close body to avoid some conn leaks (#485)
  • 0d1464e entrust: use reasonable defaults for HTTP transport (#477)
  • 12195cc fix goroutine leak when reloading server config (#469)
  • 2e9975b fix: Avoid crash when approle is not used (#421)
  • bc4783a fix: remove tab character from example yaml config as it is invalid (#479)
  • 6091de4 fix: return updating http metrics (#444)
  • a275f23 fix: set client CAs for mTLS auth (#437)
  • 0086c34 fix: typos, upgrade linter and CI go-version (#456)
  • 3ee893d honor offline caching in /v1/status API (#412)
  • acc2ce4 kes: flush audit log events to clients (#417)
  • 2b39c33 kesconf: expose public API (#414)
  • ca2ed00 keystore: fix conn leak in {AWS,GCP,Fortanx,Gemalto} backend (#451)
  • f7a894a keystore: use pre-configured client for {Gemalto,Fortanix} status check (#455)
  • 0e49f95 refactor KES API and internals (#403)
  • bd277c4 remove unused code (#432)
  • ce9a9b1 remove unused code for single-node stateful server (#396)
  • 95f381b5ee51c5a860575b2c58a93dc7d43b26d7 replace AGPLv3 with commerical license (#6)
  • 2f5a124 require a TLS client certificate by default (#453)
  • a02d5cf seperating zsh and bash autocomplete (#441)
  • f7b150f set cache default values as documented (#460)
  • 246de8a simplify and optimize release process (#407)
  • 0d11e46 update Go from 1.21.1 to 1.21.3 and go mod dep (#402)
  • 4541fe7 update SDK dependency (#448)
  • ca6a5b9 update go.mod dependencies (#473)
  • 9d1b5ad update kes-go dependency to v0.2.0 (#399)
  • e06e710 update dependencies (#462)
  • 60e5ae2 update goreleaser check complaints
  • 73fa12c update kes-go to v0.2.1 (#415)
  • 3d958e1 update module and workflows to Go 1.24 (#512)
  • f5bed15 upgrade all deps (#506)
  • a9b155d upgrade deps and fix ci (#426)
  • 4945c09 use GetClientCertificate instead of Certificates to prevent client issue from not being sent (#498)
  • 0244caf vault: add support for transit-encrypted K/V (#404)
  • ef3f85c vault: clone client TLS config and headers for status checks (#476)
  • d3b6494 vault: delay the usage of renewed auth tokens (#488)
  • db17a10 vault: do not reuse TCP connections (#486)
  • 877a8ae vault: implement authentication token renewal (#428)
  • 22fc31a vault: improve Vault API interaction (#458)
  • 376928c vault: limit token delay to not exceed token TTL (#504)
  • c07d23a vault: renew token earlier (#481)
  • be730c6 vault: reset token TTL to 0 when renewing token (#501)
  • 13cee22 vault: simplify token renewal process (#409)
  • eb1faa7 vault: support authentication in different namespaces (#431)

Don't miss a new kes release

NewReleases is sending notifications on new releases.