diff --git a/Makefile b/Makefile
index 23eed5e02..410c09629 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ REPO_PATH="$(ORG_PATH)/$(PROJECT_NAME)"
REGISTRY_NAME ?= upstream
REPO_PREFIX ?= k8s/csi/secrets-store
REGISTRY ?= $(REGISTRY_NAME).azurecr.io/$(REPO_PREFIX)
-IMAGE_VERSION ?= v1.4.0
+IMAGE_VERSION ?= v1.4.1
IMAGE_NAME ?= provider-azure
CONFORMANCE_IMAGE_NAME ?= provider-azure-arc-conformance
IMAGE_TAG := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION)
diff --git a/charts/csi-secrets-store-provider-azure/Chart.yaml b/charts/csi-secrets-store-provider-azure/Chart.yaml
index ab6369906..b4a82fc67 100644
--- a/charts/csi-secrets-store-provider-azure/Chart.yaml
+++ b/charts/csi-secrets-store-provider-azure/Chart.yaml
@@ -1,7 +1,7 @@
apiVersion: v2
name: csi-secrets-store-provider-azure
-version: 1.4.1
-appVersion: 1.4.0
+version: 1.4.2
+appVersion: 1.4.1
kubeVersion: ">=1.16.0-0"
description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster.
sources:
diff --git a/charts/csi-secrets-store-provider-azure/README.md b/charts/csi-secrets-store-provider-azure/README.md
index e3933bc9e..4689f0b15 100644
--- a/charts/csi-secrets-store-provider-azure/README.md
+++ b/charts/csi-secrets-store-provider-azure/README.md
@@ -20,6 +20,7 @@ Azure Key Vault provider for Secrets Store CSI driver allows you to get secret c
| `1.3.0` | `1.2.3` | `1.3.0` |
| `1.4.0` | `1.3.0` | `1.4.0` |
| `1.4.1` | `1.3.2` | `1.4.0` |
+| `1.4.2` | `1.3.2` | `1.4.1` |
## Installation
@@ -67,7 +68,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.enabled` | Install azure keyvault provider on linux nodes | true |
| `linux.image.repository` | Linux image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` |
-| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.0` |
+| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.1` |
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
| `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` |
| `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` |
@@ -88,7 +89,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `windows.enabled` | Install azure keyvault provider on windows nodes | false |
| `windows.image.repository` | Windows image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
-| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.0` |
+| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.1` |
| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` |
| `windows.tolerations` | Tolerations for the daemonset on windows nodes | `{}` |
| `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` |
diff --git a/charts/csi-secrets-store-provider-azure/arc-values.yaml b/charts/csi-secrets-store-provider-azure/arc-values.yaml
index d3510cb40..0f8c85bb3 100644
--- a/charts/csi-secrets-store-provider-azure/arc-values.yaml
+++ b/charts/csi-secrets-store-provider-azure/arc-values.yaml
@@ -15,7 +15,7 @@ logVerbosity: 0
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
@@ -58,11 +58,11 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
- enabled: false
+ enabled: true
resources:
requests:
cpu: 100m
@@ -132,7 +132,7 @@ secrets-store-csi-driver:
prometheus.io/port: "8080"
windows:
- enabled: false
+ enabled: true
kubeletRootDir: C:\var\lib\kubelet
metricsAddr: ":8080"
image:
diff --git a/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml
index 39ac6fdad..83a1aabc0 100644
--- a/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml
+++ b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml
@@ -17,9 +17,17 @@ spec:
{{- if .Values.windows.podLabels }}
{{- toYaml .Values.windows.podLabels | nindent 8 }}
{{- end }}
-{{- if .Values.windows.podAnnotations }}
+{{- if or .Values.windows.podAnnotations .Values.enableArcExtension }}
annotations:
+{{- if .Values.windows.podAnnotations}}
{{- toYaml .Values.windows.podAnnotations | nindent 8 }}
+{{- end }}
+{{- if .Values.enableArcExtension }}
+{{- if .Values.arc.enableMonitoring }}
+ prometheus.io/scrape: "true"
+ prometheus.io/port: "8898"
+{{- end }}
+{{- end }}
{{- end }}
spec:
{{- if .Values.imagePullSecrets }}
@@ -61,6 +69,13 @@ spec:
periodSeconds: 30
resources:
{{ toYaml .Values.windows.resources | indent 12 }}
+ {{- if .Values.enableArcExtension }}
+ {{- if .Values.Azure.proxySettings.isProxyEnabled }}
+ envFrom:
+ - secretRef:
+ name: arc-proxy-config
+ {{- end }}
+ {{- end }}
volumeMounts:
- name: provider-vol
mountPath: "C:\\provider"
diff --git a/charts/csi-secrets-store-provider-azure/values.yaml b/charts/csi-secrets-store-provider-azure/values.yaml
index 55ecaba85..5b570b8b2 100644
--- a/charts/csi-secrets-store-provider-azure/values.yaml
+++ b/charts/csi-secrets-store-provider-azure/values.yaml
@@ -17,7 +17,7 @@ enableArcExtension: false
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -63,7 +63,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
diff --git a/deployment/provider-azure-installer-windows.yaml b/deployment/provider-azure-installer-windows.yaml
index 1e4c28cd1..0e3812be8 100644
--- a/deployment/provider-azure-installer-windows.yaml
+++ b/deployment/provider-azure-installer-windows.yaml
@@ -23,7 +23,7 @@ spec:
serviceAccountName: csi-secrets-store-provider-azure
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix://C:\\provider\\azure.sock
diff --git a/deployment/provider-azure-installer.yaml b/deployment/provider-azure-installer.yaml
index fb059ba0c..5b0ddcceb 100644
--- a/deployment/provider-azure-installer.yaml
+++ b/deployment/provider-azure-installer.yaml
@@ -24,7 +24,7 @@ spec:
hostNetwork: true
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix:///provider/azure.sock
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml
index ab6369906..b4a82fc67 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml
@@ -1,7 +1,7 @@
apiVersion: v2
name: csi-secrets-store-provider-azure
-version: 1.4.1
-appVersion: 1.4.0
+version: 1.4.2
+appVersion: 1.4.1
kubeVersion: ">=1.16.0-0"
description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster.
sources:
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
index e3933bc9e..4689f0b15 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
@@ -20,6 +20,7 @@ Azure Key Vault provider for Secrets Store CSI driver allows you to get secret c
| `1.3.0` | `1.2.3` | `1.3.0` |
| `1.4.0` | `1.3.0` | `1.4.0` |
| `1.4.1` | `1.3.2` | `1.4.0` |
+| `1.4.2` | `1.3.2` | `1.4.1` |
## Installation
@@ -67,7 +68,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.enabled` | Install azure keyvault provider on linux nodes | true |
| `linux.image.repository` | Linux image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` |
-| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.0` |
+| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.1` |
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
| `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` |
| `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` |
@@ -88,7 +89,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `windows.enabled` | Install azure keyvault provider on windows nodes | false |
| `windows.image.repository` | Windows image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
-| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.0` |
+| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.1` |
| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` |
| `windows.tolerations` | Tolerations for the daemonset on windows nodes | `{}` |
| `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` |
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml
index b431767b7..0f8c85bb3 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml
@@ -15,7 +15,7 @@ logVerbosity: 0
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
@@ -58,7 +58,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
index 55ecaba85..5b570b8b2 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
@@ -17,7 +17,7 @@ enableArcExtension: false
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -63,7 +63,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.0
+ tag: v1.4.1
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
diff --git a/manifest_staging/deployment/provider-azure-installer-windows.yaml b/manifest_staging/deployment/provider-azure-installer-windows.yaml
index 1e4c28cd1..0e3812be8 100644
--- a/manifest_staging/deployment/provider-azure-installer-windows.yaml
+++ b/manifest_staging/deployment/provider-azure-installer-windows.yaml
@@ -23,7 +23,7 @@ spec:
serviceAccountName: csi-secrets-store-provider-azure
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix://C:\\provider\\azure.sock
diff --git a/manifest_staging/deployment/provider-azure-installer.yaml b/manifest_staging/deployment/provider-azure-installer.yaml
index fb059ba0c..5b0ddcceb 100644
--- a/manifest_staging/deployment/provider-azure-installer.yaml
+++ b/manifest_staging/deployment/provider-azure-installer.yaml
@@ -24,7 +24,7 @@ spec:
hostNetwork: true
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix:///provider/azure.sock
diff --git a/test/e2e/framework/config.go b/test/e2e/framework/config.go
index 6ecefc6c7..45075f10c 100644
--- a/test/e2e/framework/config.go
+++ b/test/e2e/framework/config.go
@@ -18,7 +18,7 @@ type Config struct {
KeyvaultName string `envconfig:"KEYVAULT_NAME"`
Registry string `envconfig:"REGISTRY" default:"mcr.microsoft.com/oss/azure/secrets-store"`
ImageName string `envconfig:"IMAGE_NAME" default:"provider-azure"`
- ImageVersion string `envconfig:"IMAGE_VERSION" default:"v1.4.0"`
+ ImageVersion string `envconfig:"IMAGE_VERSION" default:"v1.4.1"`
IsSoakTest bool `envconfig:"IS_SOAK_TEST" default:"false"`
IsWindowsTest bool `envconfig:"TEST_WINDOWS" default:"false"`
IsGPUTest bool `envconfig:"TEST_GPU" default:"false"`
diff --git a/website/content/en/_index.md b/website/content/en/_index.md
index b48a5da98..ca26ec82e 100644
--- a/website/content/en/_index.md
+++ b/website/content/en/_index.md
@@ -33,4 +33,4 @@ For Secrets Store CSI Driver project status and supported versions, check the do
## Managed Add-ons
Azure Key Vault provider for Secrets Store CSI Driver is available as a managed add-on in:
- Azure Kubernetes Service (AKS). For more information, see [Use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster](https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-driver).
-- Azure Arc enabled Kubernetes. For more information, see [Use the Azure Key Vault Secrets Provider extension to fetch secrets into Azure Arc-enabled Kubernetes clusters](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider).
\ No newline at end of file
+- Azure Arc enabled Kubernetes. For more information, see [Use the Azure Key Vault Secrets Provider extension to fetch secrets into Azure Arc-enabled Kubernetes clusters](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider).