Release v0.40.0
Release Image
| Image | Registry |
|---|---|
ghcr.io/vmware/pinniped/pinniped-server:v0.40.0
| GitHub Container Registry |
docker.io/getpinniped/pinniped-server:v0.40.0
| DockerHub |
These images can also be referenced by their digest: sha256:fb3c48175998700ecaaa629e05aacc79c7f1ac47f457655668ca8fb984ae5557.
Changes
This release adds new features to JWTAuthenticator upgrades dependencies.
Major Changes
- Starting with this release, container images for the release will no longer be pushed to
ghcr.io/vmware-tanzu/pinniped/pinniped-server. For this release and for future releases, container images will be pushed toghcr.io/vmware/pinniped/pinniped-serverinstead. This is because the Pinniped GitHub repository was recently moved from thevmware-tanzuGitHub organization to thevmwareorganization. GitHub automatically redirects most things from the old location to the new location, but not the container image repository. (#2526) - The Pinniped
JWTAuthenticatorhas several new features which are meant to be similar to features found in KubernetesAuthenticationConfiguration. (#2491) These are all expert user features and should be used with caution. See the Pinniped API docs for full documentation. The new features are:spec.claimValidationRules: works likejwt[].claimValidationRulesspec.userValidationRules: works likejwt[].userValidationRulesspec.claims.usernameExpression: works likejwt[].claimMappings.username.expressionspec.claims.groupsExpression: works likejwt[].claimMappings.groups.expressionspec.claims.extra: works likejwt[].claimMappings.extra- Note that while these extras will be added to the client certificate issued by the Pinniped Concierge during end user login, Kubernetes will not respect these extras because Kubernetes has no mechanism for userInfo extras from a client cert. This will probably only be useful if you are using a custom auth proxy in front of Kubernetes.
- Also note that unlike in Kubernetes structured auth, the keys for these extras in Pinniped are not allowed to contain the
=character.
Minor Changes
- Updates the Kubernetes libraries to v0.33.3, Golang to v1.24.4, and updates all other project dependencies. (#2482, #2475, #2473, #2471, #2393, #2525, #2528)
- Makes some minor changes to accommodate Pinniped's CI system moving. (#2514, #2506, #2485, #2461)
Diffs
A complete list of changes (45 commits, 199 changed files with 9,549 additions and 1,229 deletions) can be found here.