Skip to content

Releases: DopplerHQ/kubernetes-operator

v1.5.1

07 May 18:40
@watsonian watsonian
v1.5.1
e8745b9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.1 Latest
Latest
  • Remove kube-rbac-proxy dependency (#63). The proxy was only being used to provide authentication to the /metrics endpoint on the operator, which doesn't expose any sensitive information. This was requiring frequent updates to the operator just to keep the dependency up-to-date. We've opted to remove the dependency to avoid this. If you were previously hitting the /metrics operator endpoint over HTTPS with authentication on port 8443, you should switch this to unauthenticated HTTP on port 8080.
Assets 3
Loading

v1.5.0

21 Nov 18:44
@watsonian watsonian
v1.5.0
a147cf3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.0
  • Added support for syncing subsets of secrets from Doppler configs via a new secrets property (#52)
apiVersion: secrets.doppler.com/v1alpha1
kind: DopplerSecret
metadata:
  name: dopplersecret-test
  namespace: doppler-operator-system
spec:
  tokenSecret:
    name: doppler-token-secret
  secrets:
    - HOSTNAME
    - PORT
  managedSecret:
    name: doppler-test-secret
    namespace: default
Assets 3
Loading

v1.4.0

15 Aug 14:52
@nmanoogian nmanoogian
v1.4.0
a7bc30c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.0
Assets 3
Loading

v1.3.0

27 Jul 15:27
@nmanoogian nmanoogian
v1.3.0
1d18bce
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0
  • Allow reconciliation of dopplersecret resources with refs in same namespace

DopplerSecret Reconciliation

This release updates the reconciliation behavior introduced in v1.2.0 to accommodate multi-tenancy use cases.

Before v1.2.0, the operator could reconcile a DopplerSecret in any namespace with references to secrets in any other namespaces. This posed a security risk because a user with access to a single namespace in the cluster could use the operator to read secrets from Doppler using token secrets that they couldn't read themselves.

In v1.2.0, the behavior was changed so that a DopplerSecret couldn't be reconciled unless it was in the same namespace as the operator itself (i.e. doppler-operator-system). This worked to address the security issue but made things significantly harder for teams with multi-tenant use cases.

This release updates the behavior again. DopplerSecrets in the operator's namespace behave as they did in v1.2.0, in that they can reference secrets in their own or any other namespaces. Additionally, the operator will reconcile DopplerSecrets in other namespaces if all references are in the same namespace as the DopplerSecret itself. For example, a DopplerSecret in the app1 namespace can reference token secrets and managed secrets in app1 only.

Reminder: As a convenience, the namespace may be omitted from secret references in the DopplerSecret resource and the operator will use the DopplerSecret's namespace as the default. This behavior has been in place before v1.2.0 and has not changed.

Assets 3
Loading

v1.2.7

22 Jun 19:05
@watsonian watsonian
v1.2.7
343129a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.7
  • Bump kube-rbac-proxy image from v0.8.0 to v0.14.1
Assets 3
Loading

v1.2.6

15 Jun 12:37
@nmanoogian nmanoogian
v1.2.6
6bc96a8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.6
  • Adds support for kebab name transformer
  • Increases memory request for manager deployment
Assets 3
Loading

v1.2.5

13 Feb 17:53
@nmanoogian nmanoogian
v1.2.5
caeb2c2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.5
  • Adds support for downloading secrets as files for mounting inside containers

This release supersedes v1.2.1 through v1.2.4 which were all DOA.

Assets 3
Loading

v1.2.4

13 Feb 17:13
@nmanoogian nmanoogian
v1.2.4
4fa0664
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.4
  • Adds support for downloading secrets as files for mounting inside containers

This release supersedes v1.2.1 through v1.2.3 which were all DOA.

Assets 2
Loading

v1.2.3

13 Feb 16:33
@nmanoogian nmanoogian
v1.2.3
bd42a42
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.3
  • Adds support for downloading secrets as files for mounting inside containers

This release supersedes v1.2.1 and v1.2.2 which were both DOA.

Assets 2
Loading

v1.2.2

10 Feb 22:32
@nmanoogian nmanoogian
v1.2.2
1ccddaf
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.2
  • Adds support for downloading secrets as files for mounting inside containers

This release supersedes v1.2.1 which was DOA.

Assets 2
Loading