diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c42df65..fc574be6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,13 +1,15 @@ ## Unreleased +## 0.16.1 (May 25, 2022) + Improvements: * ConfigMap with missing vault section should default to env vars [GH-353](https://github.com/hashicorp/vault-k8s/pull/353) - -Changes: -* Certificate watcher timer deadlock fix [GH-350]([https://github.com/hashicorp/vault-k8s/pull/350) * Wait for certificate before starting HTTP listener [GH-354](https://github.com/hashicorp/vault-k8s/pull/354) * Update example injector mutating webhook config to exclude agent pod [GH-351](https://github.com/hashicorp/vault-k8s/pull/351) +Bugs: +* Certificate watcher timer deadlock fix [GH-350]([https://github.com/hashicorp/vault-k8s/pull/350) + ## 0.16.0 (May 11, 2022) Features: diff --git a/agent-inject/agent/agent.go b/agent-inject/agent/agent.go index abbc3ab6..f0018948 100644 --- a/agent-inject/agent/agent.go +++ b/agent-inject/agent/agent.go @@ -15,7 +15,7 @@ import ( // TODO swap out 'github.com/mattbaird/jsonpatch' for 'github.com/evanphx/json-patch' const ( - DefaultVaultImage = "hashicorp/vault:1.10.2" + DefaultVaultImage = "hashicorp/vault:1.10.3" DefaultVaultAuthType = "kubernetes" DefaultVaultAuthPath = "auth/kubernetes" DefaultAgentRunAsUser = 100 diff --git a/build/docker/Release.ubi.dockerfile b/build/docker/Release.ubi.dockerfile index 9a40b2bb..0b034bb7 100644 --- a/build/docker/Release.ubi.dockerfile +++ b/build/docker/Release.ubi.dockerfile @@ -5,7 +5,7 @@ # We don't rebuild the software because we want the exact checksums and # binary signatures to match the software and our builds aren't fully # reproducible currently. -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 # NAME and VERSION are the name of the software in releases.hashicorp.com # and the version to download. diff --git a/deploy/injector-deployment.yaml b/deploy/injector-deployment.yaml index 51fa4934..5d1dc67d 100644 --- a/deploy/injector-deployment.yaml +++ b/deploy/injector-deployment.yaml @@ -21,7 +21,7 @@ spec: serviceAccountName: "vault-injector" containers: - name: sidecar-injector - image: "hashicorp/vault-k8s:0.16.0" + image: "hashicorp/vault-k8s:0.16.1" imagePullPolicy: IfNotPresent env: - name: NAMESPACE @@ -41,7 +41,7 @@ spec: - name: AGENT_INJECT_VAULT_ADDR value: "https://vault.$(NAMESPACE).svc:8200" - name: AGENT_INJECT_VAULT_IMAGE - value: "hashicorp/vault:1.10.2" + value: "hashicorp/vault:1.10.3" - name: AGENT_INJECT_TLS_AUTO value: vault-agent-injector-cfg - name: AGENT_INJECT_TLS_AUTO_HOSTS diff --git a/subcommand/injector/flags_test.go b/subcommand/injector/flags_test.go index ef112804..080f7a6b 100644 --- a/subcommand/injector/flags_test.go +++ b/subcommand/injector/flags_test.go @@ -115,7 +115,7 @@ func TestCommandEnvs(t *testing.T) { {env: "AGENT_INJECT_VAULT_ADDR", value: "http://vault:8200", cmdPtr: &cmd.flagVaultService}, {env: "AGENT_INJECT_PROXY_ADDR", value: "http://proxy:3128", cmdPtr: &cmd.flagProxyAddress}, {env: "AGENT_INJECT_VAULT_AUTH_PATH", value: "auth-path-test", cmdPtr: &cmd.flagVaultAuthPath}, - {env: "AGENT_INJECT_VAULT_IMAGE", value: "hashicorp/vault:1.10.2", cmdPtr: &cmd.flagVaultImage}, + {env: "AGENT_INJECT_VAULT_IMAGE", value: "hashicorp/vault:1.10.3", cmdPtr: &cmd.flagVaultImage}, {env: "AGENT_INJECT_TLS_KEY_FILE", value: "server.key", cmdPtr: &cmd.flagKeyFile}, {env: "AGENT_INJECT_TLS_CERT_FILE", value: "server.crt", cmdPtr: &cmd.flagCertFile}, {env: "AGENT_INJECT_TLS_AUTO_HOSTS", value: "foobar.com", cmdPtr: &cmd.flagAutoHosts},