diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 0cd4e439..cf42dc0d 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -59,7 +59,7 @@ jobs: strategy: fail-fast: false matrix: - kind-k8s-version: [1.21.14, 1.22.15, 1.23.13, 1.24.7, 1.25.3] + kind-k8s-version: [1.21.14, 1.22.15, 1.23.13, 1.24.7, 1.25.3, 1.26.0] runs-on: ubuntu-latest steps: # Setup test tools from https://github.com/hashicorp/vault-helm/blob/main/.github/workflows/setup-test-tools/action.yaml @@ -80,7 +80,7 @@ jobs: - uses: actions/checkout@v3 with: repository: "hashicorp/vault-helm" - ref: "v0.22.1" + ref: "v0.23.0" path: "vault-helm" - name: Create K8s Kind Cluster diff --git a/.go-version b/.go-version index 843f8635..83d5e73f 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.19.4 +1.19.5 diff --git a/CHANGELOG.md b/CHANGELOG.md index 2683983f..8b837178 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,18 @@ ## Unreleased +## 1.2.0 (February 6, 2023) + Changes: -* Building with Go 1.19.4 [GH-406](https://github.com/hashicorp/vault-k8s/pull/406) +* Building with Go 1.19.5 * Update golang.org/x/net to v0.4.0 [GH-409](https://github.com/hashicorp/vault-k8s/pull/409) -* Set Kubernetes user-agent to include vault-k8s version [GH-411](https://github.com/hashicorp/vault-k8s/pull/411) +* Default to Vault v1.12.3 -Improvements: +Features: * Add support for enabling `sharedProcessNamespace` on the Pod `spec` [GH-408](https://github.com/hashicorp/vault-k8s/pull/408) +* Add `agent-telemetry` annotation [GH-413](https://github.com/hashicorp/vault-k8s/pull/413) + +Improvements: +* Set Kubernetes user-agent to include vault-k8s version [GH-411](https://github.com/hashicorp/vault-k8s/pull/411) Bugs: * Preserve metadata when updating the cert secret [GH-401](https://github.com/hashicorp/vault-k8s/pull/401) diff --git a/Dockerfile b/Dockerfile index f5a03da5..03296795 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,7 +12,7 @@ # `default` is the production docker image which cannot be built locally. # For local dev and testing purposes, please build and use the `dev` docker image. -ARG ALPINE_VERSION=3.16.3 +ARG ALPINE_VERSION=3.17.1 FROM docker.mirror.hashicorp.services/alpine:${ALPINE_VERSION} as dev diff --git a/agent-inject/agent/agent.go b/agent-inject/agent/agent.go index 118c4df7..ca7f51d7 100644 --- a/agent-inject/agent/agent.go +++ b/agent-inject/agent/agent.go @@ -16,7 +16,7 @@ import ( ) const ( - DefaultVaultImage = "hashicorp/vault:1.12.1" + DefaultVaultImage = "hashicorp/vault:1.12.3" DefaultVaultAuthType = "kubernetes" DefaultVaultAuthPath = "auth/kubernetes" DefaultAgentRunAsUser = 100 diff --git a/deploy/injector-deployment.yaml b/deploy/injector-deployment.yaml index 6b429940..2c779bef 100644 --- a/deploy/injector-deployment.yaml +++ b/deploy/injector-deployment.yaml @@ -24,7 +24,7 @@ spec: serviceAccountName: "vault-injector" containers: - name: sidecar-injector - image: "hashicorp/vault-k8s:1.1.0" + image: "hashicorp/vault-k8s:1.2.0" imagePullPolicy: IfNotPresent env: - name: NAMESPACE @@ -44,7 +44,7 @@ spec: - name: AGENT_INJECT_VAULT_ADDR value: "https://vault.$(NAMESPACE).svc:8200" - name: AGENT_INJECT_VAULT_IMAGE - value: "hashicorp/vault:1.12.1" + value: "hashicorp/vault:1.12.3" - name: AGENT_INJECT_TLS_AUTO value: vault-agent-injector-cfg - name: AGENT_INJECT_TLS_AUTO_HOSTS diff --git a/subcommand/injector/flags_test.go b/subcommand/injector/flags_test.go index c44c7eff..a8d77a35 100644 --- a/subcommand/injector/flags_test.go +++ b/subcommand/injector/flags_test.go @@ -118,7 +118,7 @@ func TestCommandEnvs(t *testing.T) { {env: "AGENT_INJECT_VAULT_ADDR", value: "http://vault:8200", cmdPtr: &cmd.flagVaultService}, {env: "AGENT_INJECT_PROXY_ADDR", value: "http://proxy:3128", cmdPtr: &cmd.flagProxyAddress}, {env: "AGENT_INJECT_VAULT_AUTH_PATH", value: "auth-path-test", cmdPtr: &cmd.flagVaultAuthPath}, - {env: "AGENT_INJECT_VAULT_IMAGE", value: "hashicorp/vault:1.12.1", cmdPtr: &cmd.flagVaultImage}, + {env: "AGENT_INJECT_VAULT_IMAGE", value: "hashicorp/vault:1.12.3", cmdPtr: &cmd.flagVaultImage}, {env: "AGENT_INJECT_VAULT_NAMESPACE", value: "test-namespace", cmdPtr: &cmd.flagVaultNamespace}, {env: "AGENT_INJECT_TLS_KEY_FILE", value: "server.key", cmdPtr: &cmd.flagKeyFile}, {env: "AGENT_INJECT_TLS_CERT_FILE", value: "server.crt", cmdPtr: &cmd.flagCertFile},