Release v0.36.0

Release Image

These images can also be referenced by their digest: sha256:e5a1a9e75e41b6f8c978f7466216c6119757305c824a15a346bae19da5f5ada6.

Changes

This release introduces new audit logging capabilities. It also includes other enhancements and upgrades all project dependencies.

Major Changes

• Authentication-related events are now audit-logged into the Supervisor and Concierge pod logs, allowing an administrator to trace a user's authentication journey across multiple clusters. They are marked with the JSON key-value pair "auditEvent":true. For more information, see the audit logging documentation. (#2009, #2154)

Minor Changes

• The Concierge's controller which creates the "cert agent" Deployment now pays attention to which nodes are marked as unschedulable. When there are multiple running controller-manager pods to choose from, the controller will prefer to co-locate the cert agent pod with one that is running on a node which allows scheduling pods (where spec.unschedulable is equal to false), if possible. This has the effect of moving the pod away from nodes that are cordoned or are being drained, when another node is available. (#2143)
• Updates the Kubernetes libraries to v0.31.3, Golang to v1.23.4, and updates all other project dependencies. (#2153, #2152, #2150, #2147, #2145, #2142, #2139, #2123, #2121, #2119, #2109, #2107, #2100)
• Some small refactors and test improvements. (#2101, #2095, #2094)

Diffs

A complete list of changes (120 commits, 136 changed files with 7,853 additions and 1,258 deletions) can be found here.

Acknowledgements

Thanks to @trouphaz for reporting the issue that led to the improvement made by #2143.