Release v0.4.0
Release Images
| Image | Registry |
|---|---|
projects.registry.vmware.com/pinniped/pinniped-server:v0.4.0
| VMware Harbor |
docker.io/getpinniped/pinniped-server:v0.4.0
| DockerHub |
Changes
Major Changes
- The Pinniped supervisor now loads additional OIDC claims by calling the UserInfo endpoint during the authorization flow. This enables support for passing custom claims such as groups on a wider range of upstream identity providers.
Minor Changes
-
Improved documentation for both the concierge and supervisor.
-
Added filtering to supervisor controllers to improve performance and reduce CPU overhead and log noise.
-
More consistently set owner references on all Kubernetes resources created by Pinniped.
-
Stop setting
blockOwnerDeletion: trueon resources created by Pinniped. -
Normalize the type of the
groupsclaim in ID tokens issued by the supervisor.
The claim will now always be a list of strings, which may be empty if the upstream identity provider did not provide a groups claim. -
Fixed some intermittent integration test flakes.
-
Upgraded Kubernetes library components to v1.20.1.
A complete list of changes (74 commits, 247 changed files with 14,880 additions and 1,410 deletions!) can be found here.