github vmware-tanzu/pinniped v0.29.0
on GitHub

one month ago

Release v0.29.0

Release Image

Image Registry
ghcr.io/vmware-tanzu/pinniped/pinniped-server:v0.29.0 GitHub Container Registry
docker.io/getpinniped/pinniped-server:v0.29.0 DockerHub

These images can also be referenced by their digest: sha256:c78eb3828a6fe87e449e3e666ec933fa6f770967edc195cb6c92e01daf1f2ade.

Changes

This release includes new features and bug fixes. Starting in this release, and going forward, the container image will be published to ghcr.io instead of projects.registry.vmware.com. This release also upgrades all project dependencies.

Minor Changes

  • Get the container image from ghcr.io by default during deployment of the Concierge or Supervisor. (#1883)
  • All JWTAuthenticator resources will have detailed status written to them automatically, to aid in debugging. (#1851)
  • OIDCClients will now always request user groups from the external identity provider, and provide these groups to the configured FederationDomain identity transformations and policies. See Identity transformations and policies for more details. As before, the final groups list will only be included in the Supervisor-issued ID tokens when that OIDCClient is configured with groups in the list of allowedScopes and that client requests the groups scope at the authorization endpoint. (#1871, #1867)
  • Update the CLI's callback listener to prepare for additional CORS preflight checks that may be included in future releases of Chrome. (#1887, #1882)
  • For those compiling Pinniped in FIPS compatibility mode, please note that the Go patch release v1.21.6 is not supported. Earlier and later versions are supported. This is because the Go team upgraded the version of goboring included in 1.21.6, and then reverted that change in v1.21.7. Go 1.22 was released at the same time as Go v1.21.7, and Go 1.22 also does not update goboring, so Go 1.22.x also works for compiling Pinniped in FIPS compatibility mode. (#1841, #1863)
  • Updates Go to v1.22.1, updates the Kubernetes libraries to v0.29.2, and updates all other project dependencies. (#1892, #1890, #1885, #1881, #1878, #1876, #1875, #1872, #1870, #1869, #1862, #1858, #1856, #1855, #1854, #1853, #1852, #1850, #1836, #1835, #1830, #1829, #1880, #1861, #1879, #1825, #1877, #1891, #1866, #1884)

Bug Fixes

  • The pinniped login oidc CLI command checks the lifetime of the access token before performing the RFC8693 token exchange. If needed, it will perform a refresh to get a new access token before the RFC8693 token exchange. (#1864, #1873)

A complete list of changes (121 commits, 1,553 changed files with 54,860 additions and 15,218 deletions) can be found here.

Check out latest releases or
releases around vmware-tanzu/pinniped v0.29.0

Don't miss a new pinniped release

NewReleases is sending notifications on new releases.

Get notifications