Skip to content

v1.1.0-alpha.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@maelvls maelvls released this 03 Oct 12:21
· 62 commits to master since this release
v1.1.0-alpha.0
ca9a620
This commit was signed with the committer’s verified signature.
inteon Tim Ramlot
GPG key ID: 47428728E0C2878D
Learn about vigilant mode.

What's Changed

  • The agent now reports the annotations and labels of namespaces and secrets. (#581, #582)
  • The agent now exposes readiness and liveness probes. (#580)
  • In Venafi Cloud Key Pair Service Account mode, you can now omit the server field in the configuration file. It defaults to the URL https://api.venafi.cloud. If you are in the european region, you still need to set server: https://api.venafi.eu field in the configuration file. (#575)
  • It is now possible to use the --period flag without also giving the period field. (#575)
  • Helm chart values are now validated to alert you if they contain errors to help you quickly identify typos in fields. (#556)
  • The "unauthenticated mode" has been removed as it made it hard to diagnose mismatched authentication flags. For example, using --venafi-cloud without --credentials-file/-k used to not show any error and the Agent would happily start. Now, if you don't provide the right set of authentication flags, the Agent will show a helpful message explaining how the authentication flags can be used. (#575)
  • The --help has been re-written to help understanding how authentication flags interact with each other. (#575)
  • You can no longer use --private-key-path along with --credentials-path. Previously, --private-key-path would be ignored if --credentials-path was provided. Now, the two options are mutually exclusive and a helpful message is shown when trying to use both. (#575)
  • The flag --private-key-path now defaults to the empty string. It previously defaulted to /etc/venafi/agent/key/privatekey.pem and the flag was omitted from the deployment manifest, which was confusing to users trying to understand how this private key was being configured. A helpful message is now shown when trying to run --client-id without --private-key-path. (#575)
  • The field uploader_id in the configuration file is deprecated. Setting this field will no longer do anything. A warning is now shown when using this field. The reason this field was deprecated is that it was never used by the Venafi Cloud API. Behind the scenes, the uploader_id is arbitrarily set to no so that the API doesn't complain. (#575)
  • The binary's size has been reduced from 72 MB down to 55 MB. (#556)
  • The Docker image is now built using cert-manager's base image based on apko's alpine image using ko. As a result, the binary's location in the image is now located at /ko-app/preflight instead of /bin/preflight. (#556)

Full Changelog: v1.0.0...v1.1.0-alpha.0

Assets 3
Loading