Skip to content

v0.4.0
Compare
Choose a tag to compare
@pinniped-ci-bot pinniped-ci-bot released this 15 Jan 04:03
v0.4.0
156e8d9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release v0.4.0

Release Images

Image Registry
ghcr.io/vmware-tanzu/pinniped/pinniped-server:v0.4.0 GitHub Container Registry
docker.io/getpinniped/pinniped-server:v0.4.0 DockerHub

Changes

Major Changes

  • The Pinniped supervisor now loads additional OIDC claims by calling the UserInfo endpoint during the authorization flow. This enables support for passing custom claims such as groups on a wider range of upstream identity providers.

Minor Changes

  • Improved documentation for both the concierge and supervisor.

  • Added filtering to supervisor controllers to improve performance and reduce CPU overhead and log noise.

  • More consistently set owner references on all Kubernetes resources created by Pinniped.

  • Stop setting blockOwnerDeletion: true on resources created by Pinniped.

  • Normalize the type of the groups claim in ID tokens issued by the supervisor.
    The claim will now always be a list of strings, which may be empty if the upstream identity provider did not provide a groups claim.

  • Fixed some intermittent integration test flakes.

  • Upgraded Kubernetes library components to v1.20.1.

Diffs

A complete list of changes (74 commits, 247 changed files with 14,880 additions and 1,410 deletions!) can be found here.

Updates

The attached yaml files were updated on May 6, 2024 to use ghcr.io/vmware-tanzu/pinniped/pinniped-server instead of projects.registry.vmware.com/pinniped/pinniped-server.

Assets 9
Loading