Skip to content

v1.0.10
Compare
Choose a tag to compare
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering released this 21 Sep 14:13
v1.0.10
7101a2f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

1.0.10 (September 21, 2023)

SECURITY:

IMPROVEMENTS:

  • Add NET_BIND_SERVICE capability to restricted security context used for consul-dataplane [GH-2787]
  • Add new value global.argocd.enabled. Set this to true when using ArgoCD to deploy this chart. [GH-2785]
  • control-plane: Improve performance for pod deletions by reducing the number of fetched tokens. [GH-2910]
  • control-plane: prevent updation of anonymous-token-policy and anonymous-token if anonymous-token-policy is already attached to the anonymous-token [GH-2790]
  • vault: Adds namespace to secretsBackend.vault.connectCA in Helm chart and annotation: "vault.hashicorp.com/namespace: namespace" to
    secretsBackend.vault.agentAnnotations, if "vault.hashicorp.com/namespace" annotation is not present.
    This provides a more convenient way to specify the Vault namespace than nested JSON in connectCA.additionalConfig. [GH-2841]

BUG FIXES:

  • audit-log: fix parsing error for some audit log configuration fields fail with uncovertible string to integer errors. [GH-2905]
  • control-plane: Fix issue where ACL tokens would have an empty pod name that prevented proper token cleanup. [GH-2808]
  • control-plane: When using transparent proxy or CNI, reduced required permissions by setting privileged to false. Privileged must be true when using OpenShift without CNI. [GH-2755]
  • helm: Update prometheus port and scheme annotations if tls is enabled [GH-2782]
Assets 2
Loading