diff --git a/Makefile b/Makefile
index f2d7f88fe..9ecf52df9 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ REPO_PATH="$(ORG_PATH)/$(PROJECT_NAME)"
REGISTRY_NAME ?= upstream
REPO_PREFIX ?= k8s/csi/secrets-store
REGISTRY ?= $(REGISTRY_NAME).azurecr.io/$(REPO_PREFIX)
-IMAGE_VERSION ?= v1.4.1
+IMAGE_VERSION ?= v1.5.0
IMAGE_NAME ?= provider-azure
CONFORMANCE_IMAGE_NAME ?= provider-azure-arc-conformance
IMAGE_TAG := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION)
diff --git a/charts/csi-secrets-store-provider-azure/Chart.lock b/charts/csi-secrets-store-provider-azure/Chart.lock
index a214b9e5e..b84954fe0 100644
--- a/charts/csi-secrets-store-provider-azure/Chart.lock
+++ b/charts/csi-secrets-store-provider-azure/Chart.lock
@@ -1,6 +1,6 @@
dependencies:
- name: secrets-store-csi-driver
repository: https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts
- version: 1.3.4
-digest: sha256:7df272f3ad149af2a2a52e0130778274448cd2418d26504213c37cd38d7eae14
-generated: "2023-07-31T17:32:41.008588145Z"
+ version: 1.4.0
+digest: sha256:a61620ef74155bd74e089b238246453c50120440ec59d58de5006a874fd46dfb
+generated: "2023-11-21T21:59:54.191903133Z"
diff --git a/charts/csi-secrets-store-provider-azure/Chart.yaml b/charts/csi-secrets-store-provider-azure/Chart.yaml
index a819790db..1a38d34d8 100644
--- a/charts/csi-secrets-store-provider-azure/Chart.yaml
+++ b/charts/csi-secrets-store-provider-azure/Chart.yaml
@@ -1,7 +1,7 @@
apiVersion: v2
name: csi-secrets-store-provider-azure
-version: 1.4.4
-appVersion: 1.4.1
+version: 1.5.0
+appVersion: 1.5.0
kubeVersion: ">=1.16.0-0"
description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster.
sources:
@@ -13,5 +13,5 @@ maintainers:
dependencies:
- name: secrets-store-csi-driver
repository: https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts
- version: 1.3.4
+ version: 1.4.0
condition: secrets-store-csi-driver.install
diff --git a/charts/csi-secrets-store-provider-azure/README.md b/charts/csi-secrets-store-provider-azure/README.md
index a828205a1..f567f491f 100644
--- a/charts/csi-secrets-store-provider-azure/README.md
+++ b/charts/csi-secrets-store-provider-azure/README.md
@@ -23,6 +23,7 @@ Azure Key Vault provider for Secrets Store CSI driver allows you to get secret c
| `1.4.2` | `1.3.2` | `1.4.1` |
| `1.4.3` | `1.3.3` | `1.4.1` |
| `1.4.4` | `1.3.4` | `1.4.1` |
+| `1.5.0` | `1.4.0` | `1.5.0` |
## Installation
@@ -70,7 +71,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.enabled` | Install azure keyvault provider on linux nodes | true |
| `linux.image.repository` | Linux image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` |
-| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.1` |
+| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.5.0` |
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
| `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` |
| `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` |
@@ -91,7 +92,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `windows.enabled` | Install azure keyvault provider on windows nodes | false |
| `windows.image.repository` | Windows image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
-| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.1` |
+| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.5.0` |
| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` |
| `windows.tolerations` | Tolerations for the daemonset on windows nodes | `{}` |
| `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` |
@@ -117,7 +118,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `secrets-store-csi-driver.linux.priorityClassName` | Indicates the importance of a Pod relative to other Pods | `""` |
| `secrets-store-csi-driver.linux.image.repository` | Driver Linux image repository | `mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver` |
| `secrets-store-csi-driver.linux.image.pullPolicy` | Driver Linux image pull policy | `IfNotPresent` |
-| `secrets-store-csi-driver.linux.image.tag` | Driver Linux image tag | `v1.3.4` |
+| `secrets-store-csi-driver.linux.image.tag` | Driver Linux image tag | `v1.4.0` |
| `secrets-store-csi-driver.linux.registrarImage.repository` | Driver Linux node-driver-registrar image repository | `mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar` |
| `secrets-store-csi-driver.linux.registrarImage.pullPolicy` | Driver Linux node-driver-registrar image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.linux.registrarImage.tag` | Driver Linux node-driver-registrar image tag | `v2.8.0` |
@@ -125,7 +126,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `secrets-store-csi-driver.linux.livenessProbeImage.pullPolicy` | Driver Linux liveness-probe image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.linux.livenessProbeImage.tag` | Driver Linux liveness-probe image tag | `v2.10.0` |
| `secrets-store-csi-driver.linux.crds.image.repository` | Driver CRDs Linux image repository | `mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver-crds` |
-| `secrets-store-csi-driver.linux.crds.image.tag` | Driver CRDs Linux image tag | `v1.3.4` |
+| `secrets-store-csi-driver.linux.crds.image.tag` | Driver CRDs Linux image tag | `v1.4.0` |
| `secrets-store-csi-driver.linux.crds.image.pullPolicy` | Driver CRDs Linux image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.windows.enabled` | Install secrets-store-csi-driver on windows nodes | false |
| `secrets-store-csi-driver.windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |
@@ -134,7 +135,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `secrets-store-csi-driver.windows.priorityClassName` | Indicates the importance of a Pod relative to other Pods | `""` |
| `secrets-store-csi-driver.windows.image.repository` | Driver Windows image repository | `mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver` |
| `secrets-store-csi-driver.windows.image.pullPolicy` | Driver Windows image pull policy | `IfNotPresent` |
-| `secrets-store-csi-driver.windows.image.tag` | Driver Windows image tag | `v1.3.4` |
+| `secrets-store-csi-driver.windows.image.tag` | Driver Windows image tag | `v1.4.0` |
| `secrets-store-csi-driver.windows.registrarImage.repository` | Driver Windows node-driver-registrar image repository | `mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar` |
| `secrets-store-csi-driver.windows.registrarImage.pullPolicy` | Driver Windows node-driver-registrar image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.windows.registrarImage.tag` | Driver Windows node-driver-registrar image tag | `v2.8.0` |
diff --git a/charts/csi-secrets-store-provider-azure/arc-values.yaml b/charts/csi-secrets-store-provider-azure/arc-values.yaml
index 3212b7153..c51b4b0bf 100644
--- a/charts/csi-secrets-store-provider-azure/arc-values.yaml
+++ b/charts/csi-secrets-store-provider-azure/arc-values.yaml
@@ -15,7 +15,7 @@ logVerbosity: 0
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
@@ -58,7 +58,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
@@ -112,7 +112,7 @@ secrets-store-csi-driver:
metricsAddr: ":8080"
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
@@ -125,7 +125,7 @@ secrets-store-csi-driver:
crds:
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver-crds
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
podAnnotations:
prometheus.io/scrape: "true"
@@ -137,7 +137,7 @@ secrets-store-csi-driver:
metricsAddr: ":8080"
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
diff --git a/charts/csi-secrets-store-provider-azure/config/gcstenant-conf.json b/charts/csi-secrets-store-provider-azure/config/gcstenant-conf.json
index a6201918c..ed9e49849 100644
--- a/charts/csi-secrets-store-provider-azure/config/gcstenant-conf.json
+++ b/charts/csi-secrets-store-provider-azure/config/gcstenant-conf.json
@@ -8,7 +8,7 @@
"GcsEnvironment": "DiagnosticsPROD",
"GcsGenevaAccount": "akvsecretsprovider",
"GcsNamespace": "akvsecretsprovider",
- "GenevaConfigVersion": "1.0",
+ "GenevaConfigVersion": "2.2",
"GcsRegion": "westus2"
},
"EndpointConfigurations": [
diff --git a/charts/csi-secrets-store-provider-azure/templates/arc-monitoring.yaml b/charts/csi-secrets-store-provider-azure/templates/arc-monitoring.yaml
index d74139810..9e0fde3dd 100644
--- a/charts/csi-secrets-store-provider-azure/templates/arc-monitoring.yaml
+++ b/charts/csi-secrets-store-provider-azure/templates/arc-monitoring.yaml
@@ -40,7 +40,7 @@ spec:
memory: 100Mi
# MDM
- name: mdm
- image: "linuxgeneva-microsoft.azurecr.io/genevamdm:master_20220401.1"
+ image: "linuxgeneva-microsoft.azurecr.io/distroless/genevamdm:2.2023.1027.1417-08a588-20231027t1613"
imagePullPolicy: IfNotPresent
env:
- name: ROLEINSTANCE
@@ -113,7 +113,7 @@ spec:
subPath: telegraf.conf
# Pipeline agent for logging
- name: amacoreagent
- image: "pipelineagent.azurecr.io/amacoreagent:3.0"
+ image: "linuxgeneva-microsoft.azurecr.io/amacoreagentaot:1.2.47"
imagePullPolicy: IfNotPresent
resources:
requests:
@@ -123,6 +123,10 @@ spec:
cpu: 50m
memory: 100Mi
env:
+ - name: MONITORING_USE_GENEVA_CONFIG_SERVICE
+ value: "true"
+ - name: SKIP_IMDS_LOOKUP_FOR_LEGACY_AUTH
+ value: "1"
- name: MONITORING_GCS_AUTH_ID_TYPE
value: AuthMSIToken
- name: PA_TENANTS_DIR
@@ -164,7 +168,7 @@ spec:
- name: MONITORING_GCS_NAMESPACE
value: "akvsecretsprovider"
- name: MONITORING_CONFIG_VERSION
- value: "1.0"
+ value: "2.2"
- name: MDSD_CONFIG_DIR
value: /tmp
- name: DOCKER_LOGGING
@@ -178,7 +182,7 @@ spec:
mountPath: /var/run/mdsd
# FluentD
- name: fluentd
- image: "linuxgeneva-microsoft.azurecr.io/genevafluentd_td-agent:master_20220403.1"
+ image: "linuxgeneva-microsoft.azurecr.io/distroless/genevafluentd_td-agent:mariner_20230915.3"
imagePullPolicy: IfNotPresent
resources:
requests:
diff --git a/charts/csi-secrets-store-provider-azure/values.yaml b/charts/csi-secrets-store-provider-azure/values.yaml
index 6955a79db..d99a48b23 100644
--- a/charts/csi-secrets-store-provider-azure/values.yaml
+++ b/charts/csi-secrets-store-provider-azure/values.yaml
@@ -17,7 +17,7 @@ enableArcExtension: false
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -63,7 +63,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -120,7 +120,7 @@ secrets-store-csi-driver:
priorityClassName: ""
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
@@ -133,7 +133,7 @@ secrets-store-csi-driver:
crds:
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver-crds
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
providersDir: /var/run/secrets-store-csi-providers
@@ -144,7 +144,7 @@ secrets-store-csi-driver:
priorityClassName: ""
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
diff --git a/deployment/provider-azure-installer-windows.yaml b/deployment/provider-azure-installer-windows.yaml
index 0e3812be8..7292f9fbd 100644
--- a/deployment/provider-azure-installer-windows.yaml
+++ b/deployment/provider-azure-installer-windows.yaml
@@ -23,7 +23,7 @@ spec:
serviceAccountName: csi-secrets-store-provider-azure
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.5.0
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix://C:\\provider\\azure.sock
@@ -46,6 +46,10 @@ spec:
limits:
cpu: 100m
memory: 200Mi
+ ports:
+ - containerPort: 8898
+ name: metrics
+ protocol: TCP
volumeMounts:
- mountPath: "C:\\provider"
name: providervol
diff --git a/deployment/provider-azure-installer.yaml b/deployment/provider-azure-installer.yaml
index 5b0ddcceb..ae30fd05e 100644
--- a/deployment/provider-azure-installer.yaml
+++ b/deployment/provider-azure-installer.yaml
@@ -24,7 +24,7 @@ spec:
hostNetwork: true
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.5.0
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix:///provider/azure.sock
@@ -47,6 +47,10 @@ spec:
limits:
cpu: 50m
memory: 100Mi
+ ports:
+ - containerPort: 8898
+ name: metrics
+ protocol: TCP
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.lock b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.lock
index a214b9e5e..b84954fe0 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.lock
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.lock
@@ -1,6 +1,6 @@
dependencies:
- name: secrets-store-csi-driver
repository: https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts
- version: 1.3.4
-digest: sha256:7df272f3ad149af2a2a52e0130778274448cd2418d26504213c37cd38d7eae14
-generated: "2023-07-31T17:32:41.008588145Z"
+ version: 1.4.0
+digest: sha256:a61620ef74155bd74e089b238246453c50120440ec59d58de5006a874fd46dfb
+generated: "2023-11-21T21:59:54.191903133Z"
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml
index a819790db..1a38d34d8 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml
@@ -1,7 +1,7 @@
apiVersion: v2
name: csi-secrets-store-provider-azure
-version: 1.4.4
-appVersion: 1.4.1
+version: 1.5.0
+appVersion: 1.5.0
kubeVersion: ">=1.16.0-0"
description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster.
sources:
@@ -13,5 +13,5 @@ maintainers:
dependencies:
- name: secrets-store-csi-driver
repository: https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts
- version: 1.3.4
+ version: 1.4.0
condition: secrets-store-csi-driver.install
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
index a828205a1..f567f491f 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
@@ -23,6 +23,7 @@ Azure Key Vault provider for Secrets Store CSI driver allows you to get secret c
| `1.4.2` | `1.3.2` | `1.4.1` |
| `1.4.3` | `1.3.3` | `1.4.1` |
| `1.4.4` | `1.3.4` | `1.4.1` |
+| `1.5.0` | `1.4.0` | `1.5.0` |
## Installation
@@ -70,7 +71,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.enabled` | Install azure keyvault provider on linux nodes | true |
| `linux.image.repository` | Linux image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` |
-| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.1` |
+| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.5.0` |
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
| `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` |
| `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` |
@@ -91,7 +92,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `windows.enabled` | Install azure keyvault provider on windows nodes | false |
| `windows.image.repository` | Windows image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` |
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
-| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.1` |
+| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.5.0` |
| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` |
| `windows.tolerations` | Tolerations for the daemonset on windows nodes | `{}` |
| `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` |
@@ -117,7 +118,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `secrets-store-csi-driver.linux.priorityClassName` | Indicates the importance of a Pod relative to other Pods | `""` |
| `secrets-store-csi-driver.linux.image.repository` | Driver Linux image repository | `mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver` |
| `secrets-store-csi-driver.linux.image.pullPolicy` | Driver Linux image pull policy | `IfNotPresent` |
-| `secrets-store-csi-driver.linux.image.tag` | Driver Linux image tag | `v1.3.4` |
+| `secrets-store-csi-driver.linux.image.tag` | Driver Linux image tag | `v1.4.0` |
| `secrets-store-csi-driver.linux.registrarImage.repository` | Driver Linux node-driver-registrar image repository | `mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar` |
| `secrets-store-csi-driver.linux.registrarImage.pullPolicy` | Driver Linux node-driver-registrar image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.linux.registrarImage.tag` | Driver Linux node-driver-registrar image tag | `v2.8.0` |
@@ -125,7 +126,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `secrets-store-csi-driver.linux.livenessProbeImage.pullPolicy` | Driver Linux liveness-probe image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.linux.livenessProbeImage.tag` | Driver Linux liveness-probe image tag | `v2.10.0` |
| `secrets-store-csi-driver.linux.crds.image.repository` | Driver CRDs Linux image repository | `mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver-crds` |
-| `secrets-store-csi-driver.linux.crds.image.tag` | Driver CRDs Linux image tag | `v1.3.4` |
+| `secrets-store-csi-driver.linux.crds.image.tag` | Driver CRDs Linux image tag | `v1.4.0` |
| `secrets-store-csi-driver.linux.crds.image.pullPolicy` | Driver CRDs Linux image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.windows.enabled` | Install secrets-store-csi-driver on windows nodes | false |
| `secrets-store-csi-driver.windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |
@@ -134,7 +135,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `secrets-store-csi-driver.windows.priorityClassName` | Indicates the importance of a Pod relative to other Pods | `""` |
| `secrets-store-csi-driver.windows.image.repository` | Driver Windows image repository | `mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver` |
| `secrets-store-csi-driver.windows.image.pullPolicy` | Driver Windows image pull policy | `IfNotPresent` |
-| `secrets-store-csi-driver.windows.image.tag` | Driver Windows image tag | `v1.3.4` |
+| `secrets-store-csi-driver.windows.image.tag` | Driver Windows image tag | `v1.4.0` |
| `secrets-store-csi-driver.windows.registrarImage.repository` | Driver Windows node-driver-registrar image repository | `mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar` |
| `secrets-store-csi-driver.windows.registrarImage.pullPolicy` | Driver Windows node-driver-registrar image pull policy | `IfNotPresent` |
| `secrets-store-csi-driver.windows.registrarImage.tag` | Driver Windows node-driver-registrar image tag | `v2.8.0` |
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml
index 3212b7153..c51b4b0bf 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml
@@ -15,7 +15,7 @@ logVerbosity: 0
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
@@ -58,7 +58,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
tolerations: []
@@ -112,7 +112,7 @@ secrets-store-csi-driver:
metricsAddr: ":8080"
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
@@ -125,7 +125,7 @@ secrets-store-csi-driver:
crds:
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver-crds
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
podAnnotations:
prometheus.io/scrape: "true"
@@ -137,7 +137,7 @@ secrets-store-csi-driver:
metricsAddr: ":8080"
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
index 6955a79db..d99a48b23 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
@@ -17,7 +17,7 @@ enableArcExtension: false
linux:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -63,7 +63,7 @@ linux:
windows:
image:
repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure
- tag: v1.4.1
+ tag: v1.5.0
pullPolicy: IfNotPresent
nodeSelector: {}
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -120,7 +120,7 @@ secrets-store-csi-driver:
priorityClassName: ""
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
@@ -133,7 +133,7 @@ secrets-store-csi-driver:
crds:
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver-crds
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
providersDir: /var/run/secrets-store-csi-providers
@@ -144,7 +144,7 @@ secrets-store-csi-driver:
priorityClassName: ""
image:
repository: mcr.microsoft.com/oss/kubernetes-csi/secrets-store/driver
- tag: v1.3.4
+ tag: v1.4.0
pullPolicy: IfNotPresent
registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
diff --git a/manifest_staging/deployment/provider-azure-installer-windows.yaml b/manifest_staging/deployment/provider-azure-installer-windows.yaml
index 3a172ff7d..7292f9fbd 100644
--- a/manifest_staging/deployment/provider-azure-installer-windows.yaml
+++ b/manifest_staging/deployment/provider-azure-installer-windows.yaml
@@ -23,7 +23,7 @@ spec:
serviceAccountName: csi-secrets-store-provider-azure
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.5.0
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix://C:\\provider\\azure.sock
@@ -49,7 +49,7 @@ spec:
ports:
- containerPort: 8898
name: metrics
- protocol: TCP
+ protocol: TCP
volumeMounts:
- mountPath: "C:\\provider"
name: providervol
diff --git a/manifest_staging/deployment/provider-azure-installer.yaml b/manifest_staging/deployment/provider-azure-installer.yaml
index 1a95222b0..ae30fd05e 100644
--- a/manifest_staging/deployment/provider-azure-installer.yaml
+++ b/manifest_staging/deployment/provider-azure-installer.yaml
@@ -24,7 +24,7 @@ spec:
hostNetwork: true
containers:
- name: provider-azure-installer
- image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1
+ image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.5.0
imagePullPolicy: IfNotPresent
args:
- --endpoint=unix:///provider/azure.sock
@@ -50,7 +50,7 @@ spec:
ports:
- containerPort: 8898
name: metrics
- protocol: TCP
+ protocol: TCP
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
diff --git a/test/e2e/framework/config.go b/test/e2e/framework/config.go
index 45075f10c..597d12bbe 100644
--- a/test/e2e/framework/config.go
+++ b/test/e2e/framework/config.go
@@ -18,7 +18,7 @@ type Config struct {
KeyvaultName string `envconfig:"KEYVAULT_NAME"`
Registry string `envconfig:"REGISTRY" default:"mcr.microsoft.com/oss/azure/secrets-store"`
ImageName string `envconfig:"IMAGE_NAME" default:"provider-azure"`
- ImageVersion string `envconfig:"IMAGE_VERSION" default:"v1.4.1"`
+ ImageVersion string `envconfig:"IMAGE_VERSION" default:"v1.5.0"`
IsSoakTest bool `envconfig:"IS_SOAK_TEST" default:"false"`
IsWindowsTest bool `envconfig:"TEST_WINDOWS" default:"false"`
IsGPUTest bool `envconfig:"TEST_GPU" default:"false"`
diff --git a/test/e2e/framework/deploy/deploy.go b/test/e2e/framework/deploy/deploy.go
index db75633d5..fbb6b803d 100644
--- a/test/e2e/framework/deploy/deploy.go
+++ b/test/e2e/framework/deploy/deploy.go
@@ -23,7 +23,7 @@ import (
)
var (
- driverResourcePath = "https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/v1.3.4/deploy"
+ driverResourcePath = "https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/v1.4.0/deploy"
providerResourceDirectory = "manifest_staging/deployment"
driverResources = []string{
diff --git a/website/content/en/_index.md b/website/content/en/_index.md
index ca26ec82e..5d2059f32 100644
--- a/website/content/en/_index.md
+++ b/website/content/en/_index.md
@@ -15,8 +15,8 @@ Azure Key Vault provider for [Secrets Store CSI Driver](https://github.com/kuber
| Azure Key Vault Provider | Compatible Kubernetes | `secrets-store.csi.x-k8s.io` Versions |
| ---------------------------------------------------------------------------------------------- | --------------------- | ------------------------------------- |
-| [v1.4.0](https://github.com/Azure/secrets-store-csi-driver-provider-azure/releases/tag/v1.4.0) | 1.21+ | `v1`, `v1alpha1 [DEPRECATED]` |
-| [v1.3.0](https://github.com/Azure/secrets-store-csi-driver-provider-azure/releases/tag/v1.3.0) | 1.21+ | `v1`, `v1alpha1 [DEPRECATED]` |
+| [v1.5.0](https://github.com/Azure/secrets-store-csi-driver-provider-azure/releases/tag/v1.5.0) | 1.21+ | `v1`, `v1alpha1 [DEPRECATED]` |
+| [v1.4.1](https://github.com/Azure/secrets-store-csi-driver-provider-azure/releases/tag/v1.4.1) | 1.21+ | `v1`, `v1alpha1 [DEPRECATED]` |
For Secrets Store CSI Driver project status and supported versions, check the doc [here](https://secrets-store-csi-driver.sigs.k8s.io/#project-status)