kubernetes-kms
🔐 Azure Key Vault KMS plugin for Kubernetes
MIT License
Bot releases are hidden (Show)
v0.7.0 - 2024-04-18
Changelog
Maintenance 🔧
- 042a175 chore: bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#349)
Security Fix 🛡️
- 17e660e security: bump golang.org/x/net to v0.23.0+ to fix CVE-2023-45288 (#364)
Published by aramase 8 months ago
v0.6.0 - 2024-02-22
Changelog
Documentation 📘
- f1c6590 docs: use control plane instead of master (#270)
Features 🌈
- 3d46bb8 feat: Integration tests for KMS v2 (#238)
- c0e39e7 feat: implements mlog (#241)
Maintenance 🔧
- 34e0c1c chore: switch to using mcr image (#321)
- 014af7e chore: update to go1.21 (#319)
Security Fix 🛡️
- 8130ca0 security: bump golang.org/x/crypto to v0.17.0 to fix CVE-2023-48795 (#341)
Published by aramase over 2 years ago
Features 🌈
- https://github.com/Azure/kubernetes-kms/commit/14bc5c4533f2fac0133a6d81e80ac647cee29adf Support proxy in case kms-plugin can not access key vault (#119)
KMS Plugin for Key Vault image is now in mcr.microsoft.com/oss/azure/kms/keyvault:v0.2.0
Published by aramase almost 3 years ago
Features 🌈
- add arm64 support for images (#116)
Documentation 📘
- add securityContext to pod manifest (#109)
Maintenance 🔧
- use
:=for IMAGE_TAG to not override (#108) - update to go 1.17 (#115)
Testing 💚
- fixes flake and enables metrics test (#112)
KMS Plugin for Key Vault image is now in mcr.microsoft.com/oss/azure/kms/keyvault:v0.1.0
Published by nilekhc over 3 years ago
Warning ⚠️
--configFilePath flag has been deprecated with #103. Use --config-file-path instead to configure path for Azure Cloud Provider config file.
Features 🌈
- Adds Open Telemetry metrics (#104)
Bug Fixes 🐞
- Fixes keyvault token request when using user msi (#100)
Documentation 📘
- add rotation guide (#89)
- Adds metrics document (#104)
Testing 💚
- add nightly pipeline and fix CVE-2021-24032 (#81)
- Adds upgrade tests (#97)
- Adds soak tests (#97)
Maintenance 🔧
- Sanitizes (removes double quotes and white spaces) vault name, key name and key version (#102)
- Upgrades golang version to
1.16(#82) - change base image to distroless/static (#86)
KMS Plugin for Key Vault image is now in mcr.microsoft.com/oss/azure/kms/keyvault:v0.0.12
Published by aramase over 3 years ago
Features 🌈
- switch to distroless base image (#70)
- add byok support and refactor (#66)
- add healthz check for kms plugin (#77)
Documentation 📘
- update manual install docs for v0.0.11 release (#80)
Testing 💚
- add e2e tests with kind cluster (#75)
- enable golangci-lint (#76)
Maintenance 🔧
- update debian-base image to buster-v1.3.0 (#74)
- update debian-base image to buster-v1.4.0 (#78)
KMS Plugin for Key Vault image is now in mcr.microsoft.com/oss/azure/kms/keyvault:v0.0.11
Published by aramase almost 4 years ago
Bug Fixes 🐞
- Skip key existence check after first time (resolves api limits and failing secrets) (#65)
Documentation 📘
- Removing AKS section as AKS doesn't use KMS today. (#54)
- add standalone Code of Conduct doc where GH can see it (#51)
- Add GitHub pull request template (#50)
- Add GitHub issue templates for bug and feature request (#49)
- add build badges (#64)
Testing 💚
- setup azure pipeline and add e2e (#60)
- update pipeline for unit tests (#67)
Image is in mcr.microsoft.com/k8s/kms/keyvault:v0.0.10