v0.13.0
gardener-robot-ci-2
released this
31 Jul 14:12
·
23 commits
to main
since this release
[gardener/gardener-extension-shoot-lakom-service]
⚠️ Breaking Changes
[OPERATOR]
The specification of theimage
ingardener-extension-shoot-lakom-service
Helm chart has been changed. by @oliver-goetz [#98][OPERATOR]
⚠️ Lakom admission controller has removed the flag--cosign-public-key-path
.
The trusted public keys are now configurable via the flag--lakom-config-path
as the file is no longer bundle of public keys, but a structured configuration in YAML or JSON format.
Now each key must be named and optionally a signature verification algorithm can be specified. For more details, check the lakom usage page. by @vpnachev [#99][OPERATOR]
⚠️ Lakom extension controller helm chart values "controllers.cosignPublicKeys" changed its semantic, it is no longer list of keys, but list of tuple ofname
,key
and optionallyalgorithm
. The same change is applied to the extension configuration file fieldcosignPublicKeys
. by @vpnachev [#99][OPERATOR]
⚠️ Thelakom
helm chart valuecosign.publicKeys
changed its semantic, it is no longer list of keys, but list of tuple ofname
,key
and optionallyalgorithm
. by @vpnachev [#99]
✨ New Features
[OPERATOR]
Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#98][OPERATOR]
All pods in Managed Seed clusters will now be validated for trusted image signatures. by @rrhubenov [#91][OPERATOR]
Lakom adds support forRSASSA-PSS
scheme for signature verification next toRSASSA-PKCS1-v1_5
, it can be configured via thealgorithm
field associated with each public key. The algorithm field also provides control over the hash func to be used. by @vpnachev [#99][DEVELOPER]
Easy local development using skaffold deployments. by @rrhubenov [#93]
🏃 Others
[OPERATOR]
Lakom application and lakom extension controller are now build with Go version 1.22.5 by @vpnachev [#101][OPERATOR]
This extension is now using the new way of providing monitoring configuration (ref GEP-19) in case a shoot cluster's Prometheus has been migrated to management viaprometheus-operator
. by @rfranzke [#87]
Helm Charts
- lakom:
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/lakom:v0.13.0
- shoot-lakom-service:
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-lakom-service:v0.13.0
Docker Images
- gardener-extension-shoot-lakom-service:
europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-lakom-service:v0.13.0
- lakom:
europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/lakom:v0.13.0