8.0.0

⚠ BREAKING CHANGES

• Update crd to apiextensions.k8s.io/v1
• Drops support for kubernetes versions <1.16.
• This shouldn't be a breaking change if you have followed earlier deprecation's (like using spec instead of secretDescriptor. The updated CRD complies with the new structural validation and should validate all fields, any fields missing in the validation will be dropped from your ExternalSecret resource.

Bug Fixes

• update crd to apiextensions.k8s.io/v1 (#681) (73aeaef)

7.2.1

Bug Fixes

• correctly pass instanceId to daemon so scoping with controllerId works (#719) (82f54e2)
• update dependency jose (#713) (e47dee0)

7.2.0

Features

• chart: add envVarsFromConfigMap and envFrom support for more options to configure the Helm deployment (#706) (14900e5)

Bug Fixes

• crash on watcher events introduced with multi-tenancy (#708) (c7250cc)

7.1.0

Features

• multitenancy: scope KES access using ExternalSecret spec.controllerId and INSTANCE_ID env (#701) (af50ca6)

7.0.1

container images

Bug Fixes

• chart: add prerelease suffix ('>=1.17.0-0') to all semverCompare checks in rbac template (#699) (87d6037)
• chart: bump Helm chart API version (#698) (ce27e88)

7.0.0

container images

⚠ BREAKING CHANGES

• require .spec field in CRD validation (#682)
  secretDescriptor was deprecated a long time ago, while it will still work the CRD validation now requires spec to be used. This is a step in updating to CRD apiextensions.k8s.io/v1 which has stricter requirements.

• drop support for helm v2 and built-in CRD management (#663)
  CRDs must be installed by helm chart or manually, and will not be installed during runtime!

• rename time field to avoid duplicate time key in log output
  If using for example fluent-bit logs could end up with duplicate time keys

Features

• add arm v7 as docker multi arch target (#679) (7c7cca8)
• add container scan (#658) (82ff43e)
• add support for IBM Cloud Secrets Manager backend (#656) (8ff9490)
• automated docker image build with multi arch (amd64 + arm64) (#665) (4846313)
• drop helm v2 and builtin CRD management (#663) (87a3ecb)

Bug Fixes

• add a accurate log message when AWS region is not defined in the Systems manager manifest (#648) (448305a)
• remove instructions to push docker image when cutting release (472ad25)
• rename time field to avoid duplicate time key in log output (faf2093)
• require .spec field in CRD validation (#682) (e43a6b8)
• update transitive deps (#667) (7852dd6)
• update transitive netmask dependency to resolve CVE-2021-28918 (#693) (483fb90)
• use getObjectStream to address deprecation warning in kubernetes-client (#664) (3ee939a)
• watch without namespace path if watching all namespaces (#673) (fa070ef)
• deps: drop individual 'lodash.*' packages in favor of lodash package (#661) (cfe3366)
• helm: add patch version to semverCompare (#637) (9394316)
• secretsManager: remove 'undefined' log message when AWS region is not defined in the ExternalSecret manifest (#641) (3409c66)