Release v1.7.0 · jetstack/jetstack-secure

OCI_PREFLIGHT_IMAGE: quay.io/jetstack/venafi-agent
OCI_PREFLIGHT_TAG: v1.7.0
HELM_CHART_IMAGE: quay.io/jetstack/charts/venafi-kubernetes-agent
HELM_CHART_VERSION: v1.7.0
ARK_IMAGE: quay.io/jetstack/disco-agent
ARK_IMAGE_TAG: v1.7.0
ARK_IMAGE_DIGEST: sha256:d752c23399c41fc21c42b08451fed264934bbf4175d69f54d66ab91440faa0fa
ARK_CHART: quay.io/jetstack/charts/disco-agent
ARK_CHART_TAG: v1.7.0
ARK_CHART_DIGEST: sha256:4db0e34c80fc3d690f5b2d2bc7c242c11b4f01bf65117b81d20667672b3efa92

What's Changed

This release introduces a new Helm chart for the CyberArk Disco Agent, enhances data collection with additional cluster and secret metadata, and adds new output modes for easier debugging and integration.

Notable Changes

Add CyberArk Disco Agent Helm chart by @wallrj-cyberark in #678
Add cluster UID derived from kube-system namespace by @SgtCoDFish in #670
Add cluster name and description to CyberArk Discovery and Context snapshot by @wallrj-cyberark in #730
Collect creationTimestamp, deletionTimestamp and resourceVersion metadata for Secret and Route resources by @wallrj-cyberark in #688
Report Kubernetes Secret immutable attribute to DisCo by @FelixPhipps in #735
Add Local File output path mode by @wallrj-cyberark in #692
Add support for MachineHub output mode to the CyberArk agent by @wallrj-cyberark in #696
Change default agent config period to 12h in values.yaml by @wallrj-cyberark in #720
Minimize snapshot by filtering non-clientauth TLS secrets by @wallrj-cyberark in #714
Add debug roundtripper to discovery and identity clients for easier debugging by @wallrj-cyberark in #683
Fix the version subcommand panic by @mladen-rusev-cyberark in #736
Fix agent version reporting to handle go module/repo mismatch by @wallrj-cyberark in #733
Improve DataReading JSON parsing and error handling by @wallrj-cyberark in #710

Non user-facing changes

Remove jetstack-agent chart and docs by @SgtCoDFish in #672
Rename cyberark-disco-agent to disco-agent across repo by @wallrj-cyberark in #727
Deprecate service/discovery API and implement the new one by @mladen-rusev-cyberark in #706
Refactor various clients (identity, servicediscovery, dataupload) to take an HTTP client by @wallrj-cyberark in #698, #699, #700
Relocate internal packages and update imports by @wallrj-cyberark in #704
Automate the e2e script to run in CI by @mladen-rusev-cyberark in #716
Automate the release process for cyberark-disco-agent by @wallrj-cyberark in #725
Add telemetry header to all API requests by @wallrj-cyberark in #719

Full Changelog: v1.6.0...v1.7.0

Helm chart changes

--- a/templates/configmap.yaml
+++ b/templates/configmap.yaml
@@ -10,7 +10,7 @@
 data:
   config.yaml: |-
-    cluster_id: ""
+    cluster_name: ""
     cluster_description: ""
     server: "https://api.venafi.cloud/"
     period: "0h1m0s"

--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -40,7 +40,7 @@
             runAsNonRoot: true
             seccompProfile:
               type: RuntimeDefault
-          image: "quay.io/jetstack/venafi-agent:v1.6.0"
+          image: "quay.io/jetstack/venafi-agent:v1.7.0"
           imagePullPolicy: IfNotPresent
           env:
           - name: POD_NAMESPACE```

Docker image comparison

$ diffoci diff quay.io/jetstack/venafi-agent:v1.6.0 quay.io/jetstack/venafi-agent:v1.7.0 --semantic
TYPE    NAME                                 INPUT-0                                                             INPUT-1
Cfg     ctx:/manifests-0/config/config       ?                                                                   ?
File    etc/apk/world                        b005d32b3c6437c7acc3dc372fd377180f028df42e35b8edaece5625828a3934    ccab516202f5c1747c0060362aa9652ccbf52236effcf0663c114e29154fe3fa
File    usr/lib/apk/db/installed             066f1509b4133f5021e121da18eda3fc2a37cde6a0260167685d5b3b20efe9c4    1428b7aaf0d79c238df410b03badbd234e2762ec08c80a77dcf95d29e44f992a
File    etc/apko.json                        19d45daafeeb64b0943af80bca018ad41e0f4d6c389a08dba2d1c8a7a24e41f0    72d190d81d2ab81032d8899690429f1f21ffa1bc78644af134062cee263f8112
File    etc/ssl/certs/ca-certificates.crt    756cdfe4c3affc2e460278cc65ab01f67c3f4fc05d43fc683d7ebbdeb644e5f4    657ca6ba4bc43138f89de75fb63794cbfaa897e0e110b069fd1367bd66a5bb6c
File    ko-app/preflight                     144c10c27ae5fb3dc5974dd4a648d48bd00bf8e29f83fdd3cd95b8093d975b74    b2453fed97b6041799436821ae56d88e12b272ad373cde0c87af8261dc5f27f5
File    licenses/LICENSES                    a808d2a8c423671bc8be51030969d3fd89915e6097e09c0ffc2896a4c3741dc3    eba3b9d98369e17c83a1ee29798b663e14dd9b54bcf720b936127a06f104fed3
Mani    ctx:/manifests-0/annotations         field "Annotations"                                                 
Idx     ctx:/annotations                     field "Annotations"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v1.7.0

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

What's Changed

Notable Changes

Non user-facing changes

Helm chart changes

Docker image comparison

Contributors

Uh oh!