Releases: hashicorp/vault-helm
v0.29.0
0.29.0 (November 7, 2024)
Changes
- Default
vault
version updated to 1.18.1 - Default
vault-k8s
version updated to 1.5.0 - Default
vault-csi-provider
version updated to 1.5.0 - Tested with Kubernetes versions 1.28-1.31
Features
- csi: Allow modification of the hostNetwork parameter on the DaemonSet GH-1046
Bugs
- Properly handle JSON formatted server config GH-1049
v0.28.1
0.28.1 (July 11, 2024)
Changes
- Default
vault
version updated to 1.17.2 - Default
vault-k8s
version updated to 1.4.2 - Default
vault-csi-provider
version updated to 1.4.3 - Tested with Kubernetes versions 1.26-1.30
Improvements
v0.28.0
0.28.0 (April 8, 2024)
Changes
- Default
vault
version updated to 1.16.1 - Default
vault-k8s
version updated to 1.4.1 - Default
vault-csi-provider
version updated to 1.4.2 - Tested with Kubernetes versions 1.25-1.29
Features
- server: Add annotation on config change GH-1001
Bugs
- injector: add missing
get
nodes
permission to ClusterRole GH-1005
v0.27.0
0.27.0 (November 16, 2023)
Changes
- Default
vault
version updated to 1.15.2
Features
- server: Support setting
persistentVolumeClaimRetentionPolicy
on the StatefulSet GH-965 - server: Support setting labels on PVCs GH-969
- server: Support setting ingress rules for networkPolicy GH-877
Improvements
- Support exec in the server liveness probe GH-971
v0.26.1
0.26.1 (October 30, 2023)
Bugs:
- Fix templating of
server.ha.replicas
when set via override file. The0.26.0
chart would ignoreserver.ha.replicas
and always deploy 3 server replicas whenserver.ha.enabled=true
unless overridden by command line when issuing the helm command:--set server.ha.replicas=<some_number>
. Fixed in GH-961
v0.26.0
Changes:
Default vault version updated to 1.15.1
Default vault-k8s version updated to 1.3.1
Default vault-csi-provider version updated to 1.4.1
Tested with Kubernetes versions 1.24-1.28
server: OpenShift default readiness probe returns 204 when uninitialized #966
Features:
server: Add support for dual stack clusters #833
server: Support hostAliases for the StatefulSet pods #955
server: Add server.service.active.annotations and server.service.standby.annotations #896
server: Add long-lived service account token option #923
Bugs:
csi: Add namespace field to csi-role and csi-rolebindings. #909
Improvements:
global: Add global.namespace to override the helm installation namespace. #909
server: use vault.fullname in Helm test #912
server: Allow scaling HA replicas to zero #943
v0.25.0
0.25.0 (June 26, 2023)
Changes
- Latest Kubernetes version tested is now 1.27
- server: Headless service ignores
server.service.publishNotReadyAddresses
setting and always sets it astrue
GH-902 vault
updated to 1.14.0 GH-916vault-csi-provider
updated to 1.4.0 GH-916
Improvements
- CSI: Make
nodeSelector
andaffinity
configurable for CSI daemonset's pods GH-862 - injector: Add
ephemeralLimit
andephemeralRequest
as options for configuring Agent's ephemeral storage resources GH-798 - Minimum kubernetes version for chart reverted to 1.20.0 to allow installation on clusters older than the oldest tested version GH-916
Bugs
- server: Set the default for
prometheusRules.rules
to an empty list GH-886
v0.24.1
v0.24.0
0.24.0 (April 6, 2023)
Changes:
- Earliest Kubernetes version tested is now 1.22
vault
updated to 1.13.1
Features:
- server: New
extraPorts
option for adding ports to the Vault server statefulset GH-841 - server: Add configurable Port Number in readinessProbe and livenessProbe for the server-statefulset GH-831
- injector: Make livenessProbe and readinessProbe configurable and add configurable startupProbe GH-852
- csi: Add an Agent sidecar to Vault CSI Provider pods to provide lease caching and renewals GH-749
v0.23.0
0.23.0 (November 28th, 2022)
Changes
vault
updated to 1.12.1 GH-814vault-k8s
updated to 1.1.0 GH-814vault-csi-provider
updated to 1.2.1 GH-814
Features
- server: Add
extraLabels
for Vault server serviceAccount GH-806 - server: Add
server.service.active.enabled
andserver.service.standby.enabled
options to selectively disable additional services GH-811 - server: Add
server.serviceAccount.serviceDiscovery.enabled
option to selectively disable a Vault service discovery role and role binding GH-811 - server: Add
server.service.instanceSelector.enabled
option to allow selecting pods outside the helm chart deployment GH-813
Bugs
- server: Quote
.server.ha.clusterAddr
value GH-810