Releases: vmware/secrets-manager
Releases · vmware/secrets-manager
v02.0.0-rev5-DO-NOT-USE
v02.0.0-rev5-DO-NOT-USE
This tag was signed with the committer’s verified signature.
THIS IS AN EXPERIMENTAL PRERELEASE
None of the binaries work.
It is meant to test GHCR workflows.
DO NOT USE IT!
Full Changelog: v02.0.0-rev4-DO-NOT-USE...v02.0.0-rev5-DO-NOT-USE
v02.0.0-rev4-DO-NOT-USE
v02.0.0-rev4-DO-NOT-USE
This tag was signed with the committer’s verified signature.
THIS IS AN EXPERIMENTAL PRERELEASE
None of the binaries work.
It is meant to test GHCR workflows.
DO NOT USE IT!
Full Changelog: v02.0.0-rev3-DO-NOT-USE...v02.0.0-rev4-DO-NOT-USE
v02.0.0-rev3-DO-NOT-USE
v02.0.0-rev3-DO-NOT-USE
This tag was signed with the committer’s verified signature.
THIS IS AN EXPERIMENTAL PRERELEASE
None of the binaries work.
It is meant to test GHCR workflows.
DO NOT USE IT!
Full Changelog: v02.0.0-rev2-DO-NOT-USE...v02.0.0-rev3-DO-NOT-USE
v02.0.0-rev2-DO-NOT-USE
v02.0.0-rev2-DO-NOT-USE
This tag was signed with the committer’s verified signature.
THIS IS AN EXPERIMENTAL PRERELEASE
None of the binaries work.
It is meant to test GHCR workflows.
DO NOT USE IT!
Full Changelog: v02.0.0-rev1-DO-NOT-USE...v02.0.0-rev2-DO-NOT-USE
v02.0.0-rev1-DO-NOT-USE
v02.0.0-rev1-DO-NOT-USE
This tag was signed with the committer’s verified signature.
THIS IS AN EXPERIMENTAL PRERELEASE
None of the binaries work.
It is meant to test GHCR workflows.
DO NOT USE IT!
Full Changelog: v02.0.0-DO-NOT-USE...v02.0.0-rev1-DO-NOT-USE
v02.0.0-DO-NOT-USE
v02.0.0-DO-NOT-USE
This tag was signed with the committer’s verified signature.
THIS IS AN EXPERIMENTAL PRERELEASE
None of the binaries work.
It is meant to test GHCR workflows.
DO NOT USE IT!
v0.28.1
This was a security patch to address several CVEs.
Added
- Added PostgreSQL support as a backing store to VSecM Safe.
- Fixed a bug that affected the polling interval to be faster than normal
in VSecM Sidecar. - Added use case examples on SPIFFE federation and Web Crypto API.
- Initiated a PoC VSecM Relay Client and VSecM Relay Server to enable
cross-cluster secret sharing.
Security
- Fixed GHSA-xr7q-jx4m-x55m Private tokens could appear in logs if context
containing gRPC metadata is logged in
github.com/grpc/grpc-go
Below are the generated release notes of every commit since the last release cut:
What's Changed
- Introducing initial helm-chart for version 0.28.1 by @v0lkan in #1193
- v0.28.1 manifests by @v0lkan in #1194
- docs by @v0lkan in #1195
- Add
rawas a Secret Kind by @v0lkan in #1202 - External Secrest Operation Building Blocks by @v0lkan in #1204
- Unit test is added - Signed-off-by: Emincan Oguz <mailto:emincanoguz1… by @emincanoguz11 in #1209
- VSecM Clerk Initial Work by @v0lkan in #1212
- Using the new Go SDK by @v0lkan in #1213
- Minimally Working Version of VSecM Scout by @v0lkan in #1214
- Adding unit tests by @abhishek44sharma in #1217
- Remove Esteban from codeowners by @v0lkan in #1219
- Improving unit tests coverage by @abhishek44sharma in #1218
- Add project status notice by @v0lkan in #1220
- Add project status notice by @v0lkan in #1221
- Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #1225
- Bump filippo.io/age from 1.1.1 to 1.2.1 by @dependabot in #1224
- Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /examples/workshop_web_encryption/secret-server by @dependabot in #1223
- Bump golang.org/x/net from 0.30.0 to 0.33.0 in /examples/workshop_web_encryption/secret-server by @dependabot in #1222
- Bump golang.org/x/crypto from 0.26.0 to 0.31.0 in /examples/workshop_vsecm_eso/app by @dependabot in #1226
- Bump golang.org/x/crypto from 0.26.0 to 0.31.0 in /examples/workshop_spiffe_federation/apps/edge-store by @dependabot in #1227
- Bump golang.org/x/crypto from 0.26.0 to 0.31.0 by @dependabot in #1228
- Bump golang.org/x/crypto from 0.24.0 to 0.31.0 in /examples/workshop_spiffe_federation/apps/control-plane-server by @dependabot in #1229
- Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in /examples/workshop_vsecm_eso/hack by @dependabot in #1231
- Bump golang.org/x/net from 0.28.0 to 0.33.0 by @dependabot in #1230
- Bump golang.org/x/net from 0.28.0 to 0.33.0 in /examples/workshop_spiffe_federation/apps/edge-store by @dependabot in #1232
- Bump golang.org/x/net from 0.28.0 to 0.33.0 in /examples/workshop_vsecm_eso/app by @dependabot in #1233
- Bump golang.org/x/net from 0.26.0 to 0.33.0 in /examples/workshop_spiffe_federation/apps/control-plane-server by @dependabot in #1234
- Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in /examples/workshop_vsecm_eso/app by @dependabot in #1235
- v0.28.1 by @v0lkan in #1236
- build fix by @v0lkan in #1237
New Contributors
- @emincanoguz11 made their first contribution in #1209
Full Changelog: v0.28.0...v0.28.1
Contributors
v0lkan, abhishek44sharma, and 2 other contributors
Assets 2
v0.28.0
Added
- Added PostgreSQL support as a backing store to VSecM Safe.
- Fixed a bug that affected the polling interval to be faster than normal
in VSecM Sidecar. - Added use case examples on SPIFFE federation and Web Crypto API.
- Initiated a PoC VSecM Relay Client and VSecM Relay Server to enable
cross-cluster secret sharing.
Security
- Fixed GHSA-xr7q-jx4m-x55m Private tokens could appear in logs if context
containing gRPC metadata is logged in
github.com/grpc/grpc-go
Below are the generated release notes of every commit since the last release cut:
What's Changed
- Introducing initial helm-chart for version 0.27.4 by @v0lkan in #1155
- manifest update by @v0lkan in #1156
- release by @v0lkan in #1158
- v0.27.4 (future) by @v0lkan in #1161
- Add SPIFFE Federation Examples by @v0lkan in #1162
- initial work for the relay server and client by @v0lkan in #1164
- Bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /examples/workshop_spiffe_federation/apps/control-plane-server by @dependabot in #1166
- Ability to Use Postgres as a Backing Store for VSecM Safe by @v0lkan in #1165
- add sleep in for loop by @v0lkan in #1167
- Postgres updates by @v0lkan in #1168
- code of the recent workshop by @v0lkan in #1170
- VSecM v0.28.0 by @v0lkan in #1191
- v0.28.0 by @v0lkan in #1192
Full Changelog: v0.27.3...v0.28.0
Contributors
v0lkan and dependabot
Assets 2
v0.27.3
This is a quick patch release to add Helm chart options.
Added
- Added helm charts the ability to optionally disable custom namespace generation.
Below are the generated release notes of every commit since the last release cut:
What's Changed
- v0.27.2 -- changelog update by @v0lkan in #1145
- Introducing initial helm-chart for version 0.27.3 by @v0lkan in #1146
- next helm charts (0.27.3) by @v0lkan in #1147
- cleanup by @v0lkan in #1150
- 🌟 enhancement(VSecM Helm Charts): Add kapp annotations and pull secrets by @v0lkan in #1152
- Helm Charts: Ability to opt out from namespace creation by @v0lkan in #1153
- v0.27.3 by @v0lkan in #1154
Full Changelog: v0.27.2...v0.27.3
Contributors
v0lkan
Assets 2
v0.27.2
Added
- Documented all undocumented public methods in the source code.
- Other documentation updates.
- Updated some of the Asciinema screen recordings of the use cases.
- Minor code fixes and enhancements.
- Added missing imagePullSecrets to SPIFFE CSI Driver helm template of the
VSecM Helm charts.
Below are the generated release notes of every commit since the last release cut:
What's Changed
- minor typo by @v0lkan in #1082
- Introducing initial helm-chart for version 0.27.1 by @v0lkan in #1084
- doc changes by @v0lkan in #1085
- 🧹 chore(vsecm): Release next version's manifests by @v0lkan in #1087
- 📚 docs(vsecm): add version snapshot by @v0lkan in #1088
- 🐛 fix(VSecM Keygen): regression: keygen was not decrypting secrets by @v0lkan in #1092
- 🌟 enhancement(VSecM): pointed example images to upstream by @v0lkan in #1093
- Added a new use case by @v0lkan in #1094
- Use case: Using Init container with k8s secrets by @v0lkan in #1095
- 🐛 fix(VSecM): fix logic error in example workload by @v0lkan in #1096
- Create scorecard.yml by @v0lkan in #1098
- 🌟 enhancement(VSecM Web): Add a new landing page by @v0lkan in #1112
- 📚 docs(VSecM Web): add screen recordings to some use cases by @v0lkan in #1114
- Test/app sentinel coverage by @gurkanguray in #1117
- 💄 cosmetic(VSecM Web): landing page mobile fixes by @v0lkan in #1118
- 🌟 enhancement(VSecM): Isolate VSecM SDK by @v0lkan in #1120
- (chore) Version Update for the New SDK Approach to work by @v0lkan in #1121
- 🐛 fix(VSecM Helm Charts): SPIRE Server was crashing if not persistent by @v0lkan in #1122
- Refactor: fix potential panic & refactor some code by @canack in #1123
- 🚨 test(VSecM): unit tests added for core/audit and core/constants by @gurkanguray in #1099
- 📚 docs(VSecM Web): added new contributor hours video recording by @v0lkan in #1125
- update roadmap by @v0lkan in #1126
- Finalized pending ADRs + security enhancements by @v0lkan in #1127
- Bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /sdk by @dependabot in #1128
- 🚨 test(VSecM Sentinel): 1100 add unit test and refactor app/sentinel by @gurkanguray in #1129
- Release v0.27.1 by @v0lkan in #1130
- Introducing initial helm-chart for version 0.27.2 by @v0lkan in #1132
- 🌟 enhancement(VSecM): next helm charts and docs by @v0lkan in #1133
- 0.27.2 (future version) by @v0lkan in #1136
- documentation update and minor code fixes by @v0lkan in #1137
- doc update by @v0lkan in #1138
- 🐛 increased go version in test-coverage.yml by @marikann in #1139
- documentation update + spiffe workshop files by @v0lkan in #1140
- add helper scripts to workshop by @v0lkan in #1141
- Update CODEOWNERS by @v0lkan in #1142
- v0.27.2 by @v0lkan in #1143
New Contributors
Full Changelog: v0.27.0...v0.27.2
Contributors
v0lkan, canack, and 3 other contributors