Added:
- Entry API responses now include the
created_atfield (#3975) spire-server agentCLI commands and Agent APIs now show if agents can be re-attested and supportsby_can_reattestfiltering (#3880)- Entry API along with
spire-server entry create,spire-server entry showandspire-server entry updateCLI commands now support hint information, allowing hinting to workloads the intended use of the SVID (#3926, #3787)
Fixed:
- The
vaultUpstreamAuthority plugin to properly set the URI SAN (#3971) - Node selector data related to nodes is now cleaned when deleting a node (#3873)
- Clean stale node selector data from previously deleted nodes (#3941)
- Regression causing a failure to parse JSON formatted and verbose HCL configuration for plugins (#3939, #3999)
- Regression where some workloads with active FetchX509SVID streams were not notified when an entry is removed (#3923)
- The federated bundle updater now properly logs the trust domain name (#3927)
- Regression causing X509 CAs minted by an UpstreamAuthority plugin to be rejected if they did not have a URI SAN (#3997)