This repository was archived by the owner on Oct 12, 2023. It is now read-only.
Commit d212888 1 parent 11c0c11 commit d212888 Copy full SHA for d212888
File tree 15 files changed +81
-25
lines changed
15 files changed +81
-25
lines changed Original file line number Diff line number Diff line change 1+ # v1.5.4
2+
3+ ### Features
4+
5+ - Add block-instance-metadata flag ([ #396 ] ( https://github.com/Azure/aad-pod-identity/pull/396 ) )
6+ - Add metrics ([ #429 ] ( https://github.com/Azure/aad-pod-identity/pull/429 ) )
7+ - Adding support for whitelisting of user-defined managed identities ([ #431 ] ( https://github.com/Azure/aad-pod-identity/pull/431 ) )
8+
9+ ### Bug Fixes
10+
11+ - Fix glog flag parse error in nmi ([ #435 ] ( https://github.com/Azure/aad-pod-identity/pull/435 ) )
12+
13+ ### Other Improvements
14+
15+ - Add application/json header for all return paths ([ #424 ] ( https://github.com/Azure/aad-pod-identity/pull/424 ) )
16+ - Update golang used to build binaries ([ #426 ] ( https://github.com/Azure/aad-pod-identity/pull/426 ) )
17+ - Reduce log verbosity for debug log ([ #433 ] ( https://github.com/Azure/aad-pod-identity/pull/433 ) )
18+ - Move to latest Alpine 3.10.4 ([ #446 ] ( https://github.com/Azure/aad-pod-identity/pull/446 ) )
19+ - Validate resource param exists in request ([ #450 ] ( https://github.com/Azure/aad-pod-identity/pull/450 ) )
20+
121# v1.5.3
222
323### Bug Fixes
Original file line number Diff line number Diff line change 11apiVersion : v1
22description : Deploy components for aad-pod-identity
33name : aad-pod-identity
4- version : 1.5.3
5- appVersion : 1.5.3
4+ version : 1.5.4
5+ appVersion : 1.5.4
66home : https://github.com/Azure/aad-pod-identity
77sources :
88 - https://github.com/Azure/aad-pod-identity
Original file line number Diff line number Diff line change @@ -151,7 +151,7 @@ The following tables list the configurable parameters of the aad-pod-identity ch
151151| ` adminsecret.clientID ` | Azure service principal clientID | ` ` |
152152| ` adminsecret.clientSecret ` | Azure service principal clientSecret | ` ` |
153153| ` mic.image ` | MIC image name | ` mic ` |
154- | ` mic.tag ` | MIC image tag | ` 1.5.2 ` |
154+ | ` mic.tag ` | MIC image tag | ` 1.5.4 ` |
155155| ` mic.logVerbosity ` | Log level. Uses V logs (glog) | ` 0 ` |
156156| ` mic.resources ` | Resource limit for MIC | ` {} ` |
157157| ` mic.tolerations ` | Affinity settings | ` {} ` |
@@ -164,7 +164,7 @@ The following tables list the configurable parameters of the aad-pod-identity ch
164164| ` mic.syncRetryDuration ` | Override interval in seconds at which sync loop should periodically check for errors and reconcile | If not provided, default value is ` 3600s ` |
165165| ` mic.immutableUserMSIs ` | List of user-defined identities that shouldn't be deleted from VM/VMSS. | If not provided, default value is empty |
166166| ` nmi.image ` | NMI image name | ` nmi ` |
167- | ` nmi.tag ` | NMI image tag | ` 1.5.2 ` |
167+ | ` nmi.tag ` | NMI image tag | ` 1.5.4 ` |
168168| ` nmi.resources ` | Resource limit for NMI | ` {} ` |
169169| ` nmi.tolerations ` | Affinity settings | ` {} ` |
170170| ` nmi.affinity ` | List of node taints to tolerate | ` [] ` |
Original file line number Diff line number Diff line change 6565 {{- if .Values.mic.immutableUserMSIs }}
6666 - " --immutable-user-msis={{- join " ," .Values.mic.immutableUserMSIs}}"
6767 {{- end }}
68+ {{- if .Values.mic.prometheusPort }}
69+ - --prometheus-port={{ .Values.mic.prometheusPort }}
70+ {{- end }}
6871 env :
6972 - name : FORCENAMESPACED
7073 value : " {{ .Values.forceNameSpaced }}"
Original file line number Diff line number Diff line change 6565 {{- if .Values.nmi.enableScaleFeatures }}
6666 - --enableScaleFeatures={{ .Values.nmi.enableScaleFeatures }}
6767 {{- end }}
68+ {{- if .Values.nmi.prometheusPort }}
69+ - --prometheus-port={{ .Values.nmi.prometheusPort }}
70+ {{- end }}
71+ {{- if .Values.nmi.blockInstanceMetadata }}
72+ - --block-instance-metadata={{ .Values.nmi.blockInstanceMetadata }}
73+ {{- end }}
6874 env :
6975 - name : HOST_IP
7076 valueFrom :
Original file line number Diff line number Diff line change @@ -24,7 +24,7 @@ forceNameSpaced: "false"
2424
2525mic :
2626 image : mic
27- tag : 1.5.3
27+ tag : 1.5.4
2828
2929 # log level. Uses V logs (glog)
3030 # logVerbosity: 0
6464
6565 # Override the defult value of immutable identities.
6666 immutableUserMSIs : []
67- # Example of MSIs (should be replaced with the real ids)
67+ # Example of MSIs (should be replaced with the real client ids)
6868 # - "00000000-0000-0000-0000-000000000000"
6969 # - "11111111-1111-1111-1111-111111111111"
7070
7676 # default value is 5
7777 clientQps : " "
7878
79+ # default value is 8888
80+ # prometheus port for metrics
81+ prometheusPort : " "
82+
7983nmi :
8084 image : nmi
81- tag : 1.5.3
85+ tag : 1.5.4
8286
8387 resources :
8488 limits :
@@ -119,6 +123,14 @@ nmi:
119123 # Accepted values are true/false. Default is false.
120124 enableScaleFeatures : " "
121125
126+ # default value is 9090
127+ # prometheus port for metrics
128+ prometheusPort : " "
129+
130+ # https://github.com/Azure/aad-pod-identity/blob/master/docs/readmes/README.featureflags.md#block-instance-metadata-flag
131+ # default is false
132+ blockInstanceMetadata : " "
133+
122134rbac :
123135 enabled : true
124136 # NMI requires permissions to get secrets when service principal (type: 1) is used in AzureIdentity.
Original file line number Diff line number Diff line change 11apiVersion : v1
22entries :
33 aad-pod-identity :
4+ - apiVersion : v1
5+ appVersion : 1.5.4
6+ created : " 2019-12-10T10:22:28.779079-08:00"
7+ description : Deploy components for aad-pod-identity
8+ digest : b04a1510d3bb0f9afb5e3f7a9ba9af313027615cbb6d480050b992423819e13f
9+ home : https://github.com/Azure/aad-pod-identity
10+ maintainers :
11+ - email : anish.ramasekar@gmail.com
12+ name : aramase
13+ name : aad-pod-identity
14+ sources :
15+ - https://github.com/Azure/aad-pod-identity
16+ urls :
17+ - https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts/aad-pod-identity-1.5.4.tgz
18+ version : 1.5.4
419 - apiVersion : v1
520 appVersion : 1.5.3
6- created : " 2019-10-11T15:59:33.322904-07 :00"
21+ created : " 2019-12-10T10:22:28.778035-08 :00"
722 description : Deploy components for aad-pod-identity
823 digest : 3dab91c7f115d23123f863eeea1c93a34640a42ac1e7052600020600fbfa55ad
924 home : https://github.com/Azure/aad-pod-identity
@@ -18,7 +33,7 @@ entries:
1833 version : 1.5.3
1934 - apiVersion : v1
2035 appVersion : 1.5.2
21- created : " 2019-10-11T15:59:33.321838-07 :00"
36+ created : " 2019-12-10T10:22:28.77728-08 :00"
2237 description : Deploy components for aad-pod-identity
2338 digest : 58a8ea212a1461f72ce17be5b767dac920d0f56803c026320a16c22de3ed365a
2439 home : https://github.com/Azure/aad-pod-identity
@@ -31,4 +46,4 @@ entries:
3146 urls :
3247 - https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts/aad-pod-identity-1.5.2.tgz
3348 version : 1.5.2
34- generated : " 2019-10-11T15:59:33.31978-07 :00"
49+ generated : " 2019-12-10T10:22:28.775259-08 :00"
Original file line number Diff line number Diff line change @@ -122,7 +122,7 @@ spec:
122122 name : iptableslock
123123 containers :
124124 - name : nmi
125- image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.3 "
125+ image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.4 "
126126 imagePullPolicy : Always
127127 args :
128128 - " --host-ip=$(HOST_IP)"
@@ -228,7 +228,7 @@ spec:
228228 serviceAccountName : aad-pod-id-mic-service-account
229229 containers :
230230 - name : mic
231- image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.3 "
231+ image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.4 "
232232 imagePullPolicy : Always
233233 args :
234234 - " --cloudconfig=/etc/kubernetes/azure.json"
Original file line number Diff line number Diff line change 7878 name : iptableslock
7979 containers :
8080 - name : nmi
81- image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.3 "
81+ image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.4 "
8282 imagePullPolicy : Always
8383 args :
8484 - " --host-ip=$(HOST_IP)"
@@ -135,7 +135,7 @@ spec:
135135 spec :
136136 containers :
137137 - name : mic
138- image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.3 "
138+ image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.4 "
139139 imagePullPolicy : Always
140140 args :
141141 - " --kubeconfig=/etc/kubernetes/kubeconfig/kubeconfig"
Original file line number Diff line number Diff line change @@ -120,7 +120,7 @@ spec:
120120 name : iptableslock
121121 containers :
122122 - name : nmi
123- image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.3 "
123+ image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.4 "
124124 imagePullPolicy : Always
125125 args :
126126 - " --host-ip=$(HOST_IP)"
@@ -238,7 +238,7 @@ spec:
238238 serviceAccountName : aad-pod-id-mic-service-account
239239 containers :
240240 - name : mic
241- image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.3 "
241+ image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.4 "
242242 imagePullPolicy : Always
243243 args :
244244 - " --logtostderr"
Original file line number Diff line number Diff line change 7676 name : iptableslock
7777 containers :
7878 - name : nmi
79- image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.3 "
79+ image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.4 "
8080 imagePullPolicy : Always
8181 args :
8282 - " --host-ip=$(HOST_IP)"
@@ -147,7 +147,7 @@ spec:
147147 spec :
148148 containers :
149149 - name : mic
150- image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.3 "
150+ image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.4 "
151151 imagePullPolicy : Always
152152 args :
153153 - " --kubeconfig=/etc/kubernetes/kubeconfig/kubeconfig"
Original file line number Diff line number Diff line change @@ -118,7 +118,7 @@ spec:
118118 name : iptableslock
119119 containers :
120120 - name : nmi
121- image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.3-rc4 "
121+ image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.4-rc5 "
122122 imagePullPolicy : Always
123123 args :
124124 - " --host-ip=$(HOST_IP)"
@@ -220,7 +220,7 @@ spec:
220220 serviceAccountName : aad-pod-id-mic-service-account
221221 containers :
222222 - name : mic
223- image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.3-rc4 "
223+ image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.4-rc5 "
224224 imagePullPolicy : Always
225225 args :
226226 - " --cloudconfig=/etc/kubernetes/azure.json"
Original file line number Diff line number Diff line change 7474 name : iptableslock
7575 containers :
7676 - name : nmi
77- image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.3-rc4 "
77+ image : " mcr.microsoft.com/k8s/aad-pod-identity/nmi:1.5.4-rc5 "
7878 imagePullPolicy : Always
7979 args :
8080 - " --host-ip=$(HOST_IP)"
@@ -128,7 +128,7 @@ spec:
128128 spec :
129129 containers :
130130 - name : mic
131- image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.3-rc4 "
131+ image : " mcr.microsoft.com/k8s/aad-pod-identity/mic:1.5.4-rc5 "
132132 imagePullPolicy : Always
133133 args :
134134 - " --kubeconfig=/etc/kubernetes/kubeconfig/kubeconfig"
Original file line number Diff line number Diff line change @@ -10,10 +10,10 @@ type Config struct {
1010 KeyvaultName string `envconfig:"KEYVAULT_NAME"`
1111 KeyvaultSecretName string `envconfig:"KEYVAULT_SECRET_NAME"`
1212 KeyvaultSecretVersion string `envconfig:"KEYVAULT_SECRET_VERSION"`
13- MICVersion string `envconfig:"MIC_VERSION" default:"1.5.3 "`
14- NMIVersion string `envconfig:"NMI_VERSION" default:"1.5.3 "`
13+ MICVersion string `envconfig:"MIC_VERSION" default:"1.5.4 "`
14+ NMIVersion string `envconfig:"NMI_VERSION" default:"1.5.4 "`
1515 Registry string `envconfig:"REGISTRY" default:"mcr.microsoft.com/k8s/aad-pod-identity"`
16- IdentityValidatorVersion string `envconfig:"IDENTITY_VALIDATOR_VERSION" default:"1.5.3 "`
16+ IdentityValidatorVersion string `envconfig:"IDENTITY_VALIDATOR_VERSION" default:"1.5.4 "`
1717 SystemMSICluster bool `envconfig:"SYSTEM_MSI_CLUSTER" default:"false"`
1818 EnableScaleFeatures bool `envconfig:"ENABLE_SCALE_FEATURES" default:"false"`
1919 ImmutableUserMSIs string `envconfig:"IMMUTABLE_IDENTITY_CLIENT_ID"`
You can’t perform that action at this time.
0 commit comments