Release v0.7.0
Release Images
Image | Registry |
---|---|
projects.registry.vmware.com/pinniped/pinniped-server:v0.7.0
| VMware Harbor |
docker.io/getpinniped/pinniped-server:v0.7.0
| DockerHub |
Changes
Major Changes
-
The Concierge now supports most managed Kubernetes clusters including EKS, AKS, and GKE. This works by using a new strategy that employs Kubernetes impersonation. For more information about this new feature, see our blog post.
-
The Pinniped command-line tool now supports a
whoami
subcommand, which returns the currently-authenticated user identity. This functionality is also available in a newWhoAmIRequest
API served by the Concierge. -
The
pinniped get kubeconfig
command now waits for the Concierge to become stable and validates that the final generated kubeconfig is valid. It also prints more verbose log output describing any parameters that are autodetected.
Minor Changes
-
Added several new optional flags to the
pinniped get kubeconfig
command, including--concierge-mode
,--concierge-skip-wait
,--skip-validation
,--timeout
, and--output
. For a full list of new options, see the CLI reference documentation. -
Added new API fields to the CredentialIssuer API to support the impersonation proxy strategy. The
status.kubeConfigInfo
field is now deprecated and will be removed in a future release. -
Fixed Homebrew installation of the
main
branch using--HEAD
. -
Upgraded Debian base images from 10.8 to 10.9.
-
Upgraded Go from 1.15.8 to 1.16.2.
-
Upgraded Kubernetes runtime library dependencies from v1.20.1 to v1.20.5 plus some additional unreleased commits to address CVE-2021-3121 (a potential denial-of-service vulnerability).
-
Improved the stability of several integration tests.
A complete list of changes (377 commits, 862 changed files with 33,098 additions and 4,917 deletions!) can be found here.