v1.5.6

v1.5.6 - 2026-03-02

Changelog

Maintenance 🔧

• 605661f chore: bump version to v1.5.6 in release-1.5
• 0dedb0e chore: update to kubectl 1.34.2 in helm-crds image
• 965c958 chore: update to go 1.24.12

Security Fix 🛡️

• ccc4c20 security: bump to go 1.24.13 to resolve CVE-2025-68121

v1.5.5

v1.5.5 - 2025-12-22

Changelog

Maintenance 🔧

• 4b3d15f chore: bump version to v1.5.5 in release-1.5
• 3d55662 chore: update to go 1.24.11 and bump golang.org/x/crypto to v0.46.0
• 4a374c5 chore: update to go 1.24.9

v1.5.4

v1.5.4 - 2025-10-06

Changelog

Continuous Integration 💜

• 96dbbdc ci: resolve azure e2e test flakes with rbac, windows vm size
• 0071011 ci: update azure scripts to use rbac for keyvault permissions

Maintenance 🔧

• 8d33239 chore: bump version to v1.5.4 in release-1.5
• 6665902 chore: bump kubectl to v1.34.1 in driver-crds
• 321f0f4 chore: update debian-base to bookworm-v1.0.6
• 893cf34 chore: update to go 1.24.7

v1.5.3

v1.5.3 - 2025-07-28

Changelog

Continuous Integration 💜

• 7cbb6eb ci: use ubuntu-latest for gh workflows

Maintenance 🔧

• f61041c chore: bump version to v1.5.3 in release-1.5
• a884676 chore: bump golang.org/x/oauth2 from 0.7.0 to 0.27.0

v1.5.0

v1.5.0 - 2025-04-14

Changelog

Bug Fixes 🐞

• b0fdeb5 fix: update sha generation logic
• f0e9dcc fix: add unit test to show failures in current sha logic
• d84a7a1 fix: support more than one linux.crds.annotations
• 604019c fix: make manifest diff
• a1380ba fix: update nodeserver publish logs
• cdf0b77 fix: put annotations in right position of daemonset
• bb1815a fix: escape dot in target path regex
• 97d3452 fix: fix CVE-2022-32149 and CVE-2022-27664 (kubernetes-sigs#1059)
• d98c93c fix: handles pfx certs in k8s secrets sync
• 9fcdbb2 fix: update base image reference in script
• ede4c70 fix: sanitize service account tokens in logs
• 2ee77ca fix: use os.Lstat to resolve os.Stat issue in windows
• 3ae12bd fix: remove files before cleanup mount point in unpublish
• 0af2483 fix: panic when using --log-format-json
• 830d184 fix: update err variable in defer to prevent err shadowing
• c452ac4 fix: add unit test to validate error shadowed bug

Code Refactoring 💎

• 9548c23 refactor: cleanup unused err check
• b0af2b9 refactor: use NewSharedInformerFactoryWithOptions for new shared informer
• 14489c7 refactor: update mdbook install and serve

Continuous Integration 💜

• 6c0cdde ci: skip builds goreleaser config
• c683164 ci: update goreleaser config for v2
• 1bfd728 ci: migrate azure job to eks prow cluster
• 08ceeb9 ci: use v2 for goreleaser
• 9c89ae1 ci: use --verbose instead of --debug in goreleaser
• 31bbe92 ci: use --clean instead of --rm-dist
• 347030e ci: add govulncheck
• e378b67 ci: remove low quota regions for aks windows job
• a54afd0 ci: remove aks-engine job templates
• 212b58d ci: add script for aks windows cluster
• 35d88b7 ci: [StepSecurity] Apply security best practices
• 76b329d ci: add codecov.yml
• 0d4d5a3 ci: update kubernetes versions for staging image tests
• 47bd321 ci: enable tests with kubernetes v1.26
• 12cdcb4 ci: ignore slack badge in markdown link check
• a3c0e4e ci: add codeql action
• 9a120ea ci: bump kubernetes version to v1.25.0
• f8e3435 ci: bump kind version to v0.14.0
• d1181e3 ci: add kubernetes 1.24 in e2e matrix
• ce47672 ci: fix aws eks cluster creation
• 384db8b ci: fix markdown link check workflow failures
• 12d1c99 ci: update kubernetes version matrix in staging e2e workflow
• 0246e35 ci: update e2e_mock_provider_tests kubernetes versions
• 2f16132 ci: add goreleaser workflow for release
• d0e614f ci: fix shellcheck file paths
• 00a1445 ci: add markdown-link-check workflow

Documentation 📘

• df34f89 docs: adds troubleshooting guide for kubeletRootDir
• 87f51ec docs: Add Conjur provider
• 4400ec5 docs: add Akeyless to supported providers (kubernetes-sigs#1306)
• 3c190c5 docs: Make link to Reloader a link (kubernetes-sigs#1413)
• c219f51 docs: updates security section
• b201663 docs: update supported releases - v1.3.x and v1.4.x
• d29d835 docs: mention sig-auth subproject in readme
• e0e5c06 docs: add openssf badge
• 905d82b docs: update reference to registry.k8s.io in release
• 3864b78 docs: update supported releases - v1.3.x and v1.2.x
• b8c64cc docs: add security vuln scanning to release mgmt
• e195c55 docs: update supported releases - v1.2.x and v1.1.x
• 3787ca2 docs: include security explanations for root/privileged/and pod tokens
• b55eaef docs: update instructions on generating release notes
• c0e97a5 docs: add subPath volume mount limitation
• 592ad7b docs: update supported versions and replace v1alpha1 with v1
• 8c41c4a docs: remove helm repo url change note in install steps
• 052429b docs: add slack badge
• 95218a6 docs: fix dead links based on errors
• 0391489 docs: update features and add toc
• ba364e1 docs: Update helm README.md with linux crd image values (kubernetes-sigs#797)
• 856ad85 docs: update supported feature by current providers
• a760c18 docs: fix typo in api version group name
• ed9ecf3 docs: add design docs and roadmap to website
• 99aafa5 docs: add project status to docs

Features 🌈

• bf7e77e feat: add build for windows ltsc2025
• 18619d1 feat: handles sha string in tag
• 21694f0 feat: add --version flag to print the driver version
• b4d2608 feat: add default toleration for all taints
• 34cb436 feat: Support disabling Helm chart CRD hooks
• 0723e1e feat: support provider paths under /var/run
• 7ac887a feat: add token requests client (kubernetes-sigs#805)
• 4b8c442 feat: send NodePublishVolumeRequest.VolumeContext in MountRequest to provider

Maintenance 🔧

• 6b41ff9 chore: bump version to v1.5.0 in release-1.5
• a488327 chore: bump kind to v0.27.0
• 515358e chore: disable trivy package testing for driver-crds
• 924b3b8 chore: bump docker golang base images to 1.23
• 572e439 chore: move tam7t to emeritus_approvers
• 0b00da8 chore: bump github/codeql-action from 3.28.0 to 3.28.8
• b8a1e5b chore: bump actions/setup-go from 5.2.0 to 5.3.0
• 4aad87b chore: bump golang.org/x/net from 0.28.0 to 0.33.0 in /hack/tools
• 25d7756 chore: bump gaurav-nelson/github-action-markdown-link-check
• c3cb4ff chore: bump step-security/harden-runner from 2.10.2 to 2.10.3
• 911b494 chore: bump codecov/codecov-action from 5.1.1 to 5.1.2
• aaa4a3c chore: bump github/codeql-action from 3.26.13 to 3.28.0
• 5a8d6b5 chore: bump actions/upload-artifact from 4.4.1 to 4.5.0
• 7c04af1 chore: bump actions/setup-go from 5.0.2 to 5.2.0
• a24d2fd chore: bump golang.org/x/crypto from 0.22.0 to 0.31.0
• 5fe63f7 chore: bump codecov/codecov-action from 4.5.0 to 5.1.1
• 658a778 chore: bump golang/govulncheck-action from 1.0.3 to 1.0.4
• 041d142 chore: bump to golang 1.22 builder image in dockerfile
• c5d2bd3 chore: bump trivy to v0.57.1 to mitigate rate limit issues
• f6bd4d8 chore: bump step-security/harden-runner from 2.9.1 to 2.10.2
• 88d1253 chore: bump actions/checkout from 4.1.7 to 4.2.1
• 44e7653 chore: bump github/codeql-action from 3.26.6 to 3.26.13
• cb6fd1e chore: bumps base images
• ef8f5eb chore: bump actions/upload-artifact from 4.4.0 to 4.4.1
• 2f6e7d0 chore: bump actions/upload-artifact from 4.3.6 to 4.4.0
• 92c73a0 chore: bump github/codeql-action from 3.26.5 to 3.26.6
• 7710922 chore: bump actions/dependency-review-action from 4.3.2 to 4.3.4
• 5e1d34f chore: bump golang/govulncheck-action from 1.0.2 to 1.0.3
• 6fe8bd5 chore: bump actions/checkout from 4.1.5 to 4.1.7
• f09e97c chore: bump github/codeql-action from 3.25.8 to 3.26.5
• dae0961 chore: bump actions/upload-artifact from 4.3.1 to 4.3.6
• 5e3935b chore: bump step-security/harden-runner fro...