Skip to content

v0.13.0

Compare
Choose a tag to compare
@gardener-robot-ci-2 gardener-robot-ci-2 released this 31 Jul 14:12
· 23 commits to main since this release

[gardener/gardener-extension-shoot-lakom-service]

⚠️ Breaking Changes

  • [OPERATOR] The specification of the image in gardener-extension-shoot-lakom-service Helm chart has been changed. by @oliver-goetz [#98]
  • [OPERATOR] ⚠️ Lakom admission controller has removed the flag --cosign-public-key-path.
    The trusted public keys are now configurable via the flag --lakom-config-path as the file is no longer bundle of public keys, but a structured configuration in YAML or JSON format.
    Now each key must be named and optionally a signature verification algorithm can be specified. For more details, check the lakom usage page. by @vpnachev [#99]
  • [OPERATOR] ⚠️ Lakom extension controller helm chart values "controllers.cosignPublicKeys" changed its semantic, it is no longer list of keys, but list of tuple of name, key and optionally algorithm. The same change is applied to the extension configuration file field cosignPublicKeys. by @vpnachev [#99]
  • [OPERATOR] ⚠️ The lakom helm chart value cosign.publicKeys changed its semantic, it is no longer list of keys, but list of tuple of name, key and optionally algorithm. by @vpnachev [#99]

✨ New Features

  • [OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#98]
  • [OPERATOR] All pods in Managed Seed clusters will now be validated for trusted image signatures. by @rrhubenov [#91]
  • [OPERATOR] Lakom adds support for RSASSA-PSS scheme for signature verification next to RSASSA-PKCS1-v1_5, it can be configured via the algorithm field associated with each public key. The algorithm field also provides control over the hash func to be used. by @vpnachev [#99]
  • [DEVELOPER] Easy local development using skaffold deployments. by @rrhubenov [#93]

🏃 Others

  • [OPERATOR] Lakom application and lakom extension controller are now build with Go version 1.22.5 by @vpnachev [#101]
  • [OPERATOR] This extension is now using the new way of providing monitoring configuration (ref GEP-19) in case a shoot cluster's Prometheus has been migrated to management via prometheus-operator. by @rfranzke [#87]

Helm Charts

  • lakom: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/lakom:v0.13.0
  • shoot-lakom-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-lakom-service:v0.13.0

Docker Images

  • gardener-extension-shoot-lakom-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-lakom-service:v0.13.0
  • lakom: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/lakom:v0.13.0