Releases: cyberark/conjur-authn-k8s-client
Releases · cyberark/conjur-authn-k8s-client
v0.22.0
Added
- Introduces the
conjur-config-cluster-prep.yamlandconjur-config-namespace-prep.yamlraw Kubernetes manifests generated from their corresponding Helm charts. These manifests provide an alternative method of configuring a Kubernetes cluster for the deployment of Conjur-authenticated applications for users unable to use Helm in their environment.
cyberark/conjur-authn-k8s-client#338 - Added user-configurable Helm values for the names of resources created by the
conjur-config-namespace-prepHelm chart
cyberark/conjur-authn-k8s-client#383
Security
- Upgrades Openssl in Alpine to resolve CVE-2021-3711.
cyberark/conjur-authn-k8s-client#392 - Upgrades Alpine to v3.14 to resolve CVE-2021-36159.
cyberark/conjur-authn-k8s-client#374
v0.21.0
Added
- Introduces the
conjur-config-cluster-prepandconjur-config-namespace-prepHelm charts.
Together these charts simplify the deployment of Conjur-authenticated applications as part of
the Simplified Client Configuration feature.
cyberark/conjur-authn-k8s-client#232
cyberark/conjur-authn-k8s-client#249
v0.20.0
Fixed
- Fixes bug in error handling within the
VerifyFileExistsmethod that resulted in a
panic when the error fromos.Statwas notErrNotExist. The fix includes introducing
theCAKC058error and log message for a file permissions error and theCAKC059error
and log message for when the path to a file exists but is not a regular file.
cyberark/conjur-authn-k8s-client#252
Changed
- The
CAKC048log message now shows the release version for release builds
and no longer includes the git commit hash in the log output.
cyberark/conjur-authn-k8s-client#196 - RH base image is now
ubi8/ubiinstead ofrhel7/rhel.
cyberark/conjur-authn-k8s-client#324
v0.19.1
0.19.1 - 2021-02-08
Changed
- The
Authenticatemethod now parses the authentication response and writes it
to the token file, without the need to callParseAuthenticationResponse.
This change breaks the API.
cyberark/conjur-authn-k8s-client#180 - The project Golang version is updated from the end-of-life v1.12 to the latest
version v1.15.
cyberark/conjur-authn-k8s-client#206 - Improve the error message raised when the username doesn't include the
host/prefix
cyberark/conjur-authn-k8s-client#212
v0.19.0
Added
- Users can set the
DEBUGenvironment variable to run the client in debug mode and view more log messages.
cyberark/conjur-authn-k8s-client#134 - Errors in the certificate injection process on login are now printed to the client logs.
cyberark/conjur-authn-k8s-client#/170
Changed
- Detailed logs moved from Info to Debug log level to decrease verbosity of log messages.
cyberark/conjur-authn-k8s-client#134 - Log level suffix was removed from log identifiers (e.g.
CAKC001**E**->CAKC001). To
avoid conflicts, some log identifiers had to be changed. See log_messages.go
for updated log identifiers.
cyberark/conjur-authn-k8s-client#134 - Log messages now show microseconds, for clarity and easier troubleshooting.
cyberark/conjur-authn-k8s-client#164
v0.18.1
Fixed
- Logs now correctly print only the Conjur identity without the policy branch prefix.
(cyberark/conjur-authn-k8s-client#126) - When authentication fails, the exponential backoff retry is correctly reset so
that it will continue to attempt to authenticate until backoff is exhausted.
(cyberark/conjur-authn-k8s-client#158)
Changed
- Wait slightly for the client certificate file to exist after login before
raising an error.
cyberark/conjur-authn-k8s-client#119
v0.18.0
Change log
Added
- Design for making project FIPS compliant to support users that require it -
design, cyberark/conjur-authn-k8s-client#106
Changed
- The project now uses
goboring/golangas its base image to be FIPS compliant
cyberark/conjur-authn-k8s-client#113 - The authenticator-client now runs as a limited user in the Docker image
instead of as root, which is best practice and better follows the principle of
least privilege
(cyberark/conjur-authn-k8s-client#111)