Release 1.1 #32
Merged
Release 1.1 #32
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* feat(storetypes): Adding new storetypes `K8SNamespace` and `K8SCluster` * feat(storetype): Added `K8SPFX` and `K8SPKCS12` storetypes feat(inventory): Inventory supports K8S opaque secrets w/ keys `p12`, `pfx`, `pkcs12` sourcing password from `password` field on same secret. * feat(storetype): K8SCluster store type is now available for inventory feat(storetype): K8SNS store type is now available for inventory * feat(management): Management add and remove now work for store types K8SCluster and K8SNS * feat: K8SPKCS12 storetypes now support companion K8S secrets feat(discovery): K8SPKCS12 store types support discovery. feat(management): K8SPKCS12 store types now support add and remove. * feat(inventory): `K8SPKCS12` now supports field name extensions. ex: `myhost.pkcs12` fix(inventory): `K8SPKCS12` now uses correct store password hierarchy. fix(management): `K8SPKCS12` add/remove now add and remove into existing pkcs12 stores. * fix(discovery): `K8SPKCS12` now support use of extensions field chore(docs): Updated docs for `K8SPKCS12`. Field name changes required!. * Update generated README * fix: Adding tests back so build passes * feat(discovery): `K8SJKS` discovery support. * feat(inventory): `K8SJKS` inventory initial support * fix(discovery): JKS and PKCS12 discovery added additional logging for allowed keys check. fix(management): PKCS12 logs actually indicate PKCS12. * fix(storetypes): `K8SJKS` now inventories legacy JKS file types properly. chore(deps): Upgraded to `net6.0` * chore(scripts): Adding scripts relevant to creating JKS files. * fix(inventory): `K8SJKS` inventory now works properly with attached and remote K8S passwords, and now supports implied namespace when specifying `StorePasswordPath` * fix(inventory): KubeSecretType parameters are now case insensitive. * feat(management): `K8SJKS` now support add and remove, but require custom alias `k8s_field_name/alias`. * fix(discovery): `K8SJKS` case issue. chore(docs): Update `K8SJKS` docs with storepath and alias patterns. * Update generated README * fix(inventory): `K8SPKCS12` storetype now uses custom alias to support multiple PKCS12 on a single K8S secret. * fix(inventory): `K8SJKS` & `K8SPKCS12` storetypes now fail when the secret isn't found. fix(management): `K8SPKCS12` storetypes now preserve additional secret fields if they exist. * fix(inventory): K8SPKCS12 stores don't use CN as alias. fix(management): K8SPKCS12 add/remove operations now don't fail when the K8S secret doesn't exist. * fix(management): K8SJKS stores now preserve existing secret data if it exists. * fix(management): K8SJKS stores handle secrets w/o existing fields. fix(management): K8SJKS & K8SPKCS12 stores pass chain properly back to Command. * fix(inventory): `K8STLCSECR`, `K8SSECRET`, `K8SCLUSTER` stores now read and pass full chain back to Command. chore: linting * Update generated README * fix(inventory): `K8SSECRET` and `K8STLSSECR` now return cert chains back to Command. fix(management): `K8SSECRET` and `K8STLSSECR` now deploy cert chains back to the K8S secrets. chore(docs): Update docs with notes on managing `K8SSECRET` and `K8STLSSECR` stores. * Update generated README * fix(discovery): `K8SJKS` and `K8SPKCS12` no longer try to check if data is valid pkcs12 or jks file. * chore(docs): Adding screenshots around cluster secrets * Update generated README * chore(logging): Added some verbose logging around handling `K8SJKS` stores. * fix(management): `K8SCLUSTER`, `K8STLSSECR`, `K8SSECRET` stores now have option to use a separate field for chain: `ca.crt`. This defaults to `false`. * chore(docs): Store type definitions now allow for `SeparateChain` which defaults to `false`. This means the field `ca.crt` will not be used for `opaque` and `tls` secrets. * Update generated README * fix(inventory): `K8SJKS` stores that are actually `PKCS12` format inventory chain properly. * fix(management): `K8SJKS` management for jks of type `PKCS12` * fix(inventory): `K8SPKCS12` stores inventory properly after allowing `allowedKeys` to be passed. fix(inventory): `K8STLSSECR` & `K8SSECRET` stores now return empty inventory and a warning if secret is not found in k8s. * fix(manifest): Revert manifest changes to storetypes. * chore(docs): Adding some general info around K8SPKCS12 stores. chore(docs): Updated manifest to reflect production ready. * Update generated README * chore(docs): JKS and PKCS12 secret key verbiage clarification. * Update generated README * chore: [skip ci] Comment out autochangelog workflow. * [skip ci] chore(lint): Remove irrelevant TODOs and add license header. * [skip ci] chore(docs): Fix `CHANGELOG` formatting. * chore(docs): Added missing descriptions for `IncludeCertChain` and `SeparateChain`. chore(docs): Removed `required` status from `KubeSecretName` and `KubeNamespace` to allow implication via storepath. chore(manifest): Updated storetype definitions with latest configurations. chore(docs): Updated stale screenshots w/o `Needs Server` checked. * Update generated README * fix(ci): Adding missing workflow for storetype merge. * chore: Fix CHANGELOG.md version [skip ci] * update changelog version --------- Co-authored-by: Keyfactor <[email protected]> Co-authored-by: Michael Henderson <[email protected]>
* update manifest for catalog rebuild
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.