v0.26.0

[v0lkan]

Added

• Added the ability to have regex-based SPIFFE ID matchers.
• Enabled stricter validation on SPIFFE IDs to reduce configuration errors.
• Added ability to optionally use multiple worker nodes for the development
  clusters.
• Introduced helm-docs to automatically augment the documentation with the
  Helm chart's values.yaml.
• Added the ability to deploy VSecM without SPIRE Controller Manager. In this
  mode, the operator will need to manually create SPIRE Server registration
  entries.
• Added the ability to not create ClusterSPIFFEIDs for the VSecM components
  automatically. In this mode, the operator will need to manually create those
  required ClusterSPIFFEIDs.
• Ability to use regexes for SPIFFEID prefix matching.
• Ability to use a custom trust domain.
• Ability to Use Regex-Based Validation for Sentinel, Safe, and Workload
  SPIFFE IDs.
• Code cleanup and refactoring.
• Random secret generator can now generate symbols too, along with numbers and
  letters.
• Created a ./lib folder to hold common code that can be shared across
  different components, or even be imported by external applications.
• Stability: Enhancements in liveness and readiness probes for VSecM components.
  This change ensures that the components are more resilient and reliable.
• Enable Istio-style SPIFFE IDs; custom namespaces, and custom trust domains.

Changed

• Lots of documentation updates to reflect the recent changes in the project.
• Replaced github.com/pkg/errors with the native errors package
  to reduce the number of dependencies and the codebase more
  secure and maintainable.
• Updates to the exponential backoff algorithm.
• Enhancements to speed up build time.
• Rephrased the "Problem reading secret" error message to be more informative.
  The message ought to have been a notification, not an error because it
  regularly happens during cache misses. Fixed the wording to indicate
  there is no need to panic.
• We started using zola for the documentation
  website. This change makes the documentation website faster, more accessible,
  and easier to navigate and follow.

Security

• Stricter workload validation: Workload validation now panics if the SPIFFE ID
  does not have the proper trust domain or is badly formatted.

Below are the generated release notes of every commit since the last release cut:

What's Changed

• Initializing helm chart/0.25.4 by @v0lkan in Initializing helm chart/0.25.4 #964
• release 0.25.3 by @v0lkan in release 0.25.3 #967
• documentation patch by @v0lkan in documentation patch #969
• ✨ test(VSecM): increase test coverage from core/env by @muratmirgun in ✨ test(VSecM): increase test coverage from core/env #970
• 🚨 test(VSecM): add missed unit tests by @muratmirgun in 🚨 test(VSecM): add missed unit tests #972
• minor refactoring by @v0lkan in minor refactoring #973
• Ability to Use Regex-Based Validation for Sentinel, Safe, and Workload SPIFFE IDs by @v0lkan in Ability to Use Regex-Based Validation for Sentinel, Safe, and Workload SPIFFE IDs #974
• documentation update by @v0lkan in documentation update #978
• Remove side effects from certain functions. by @v0lkan in Remove side effects from certain functions. #979
• Add symbols support for secret gen function by @BulldromeQ in Add symbols support for secret gen function #971
• Documentation update and multi-node minikube by @v0lkan in Documentation update and multi-node minikube #981
• Introduce helm-docs by @v0lkan in Introduce helm-docs #984
• Remove FIPS from build-local by @v0lkan in Remove FIPS from build-local #990
• [security] Move SPIRE Server Into its Own Namespace by @v0lkan in [security] Move SPIRE Server Into its Own Namespace #992
• Increase Unite Tests to %19 by @muratmirgun in Increase Unite Tests to %19 #991
• Backoff Algorithm Updates by @v0lkan in Backoff Algorithm Updates #993
• Environment Variable Updates by @v0lkan in Environment Variable Updates #994
• Minor fixes in makefiles by @v0lkan in Minor fixes in makefiles #1000
• Instructions to publish the new documentation by @v0lkan in Instructions to publish the new documentation #1001
• Various Refactorings by @v0lkan in Various Refactorings #1002
• Documentation update. by @v0lkan in Documentation update. #1003
• rename "internal" to "lib" by @v0lkan in rename "internal" to "lib" #1004
• Use Go’s Native “errors” Package by @v0lkan in Use Go’s Native “errors” Package #1005
• Minor Refactorings by @v0lkan in Minor Refactorings #1007
• Created a ./lib folder for reusable modules. by @v0lkan in Created a ./lib folder for reusable modules. #1008
• Consolidate Constants by @v0lkan in Consolidate Constants #1009
• minor refactoring by @v0lkan in minor refactoring #1010
• Enable Istio-style SPIFFE IDs; custom namespaces, and trust domains by @v0lkan in Enable Istio-style SPIFFE IDs; custom namespaces, and trust domains #1011
• Minor by @v0lkan in Minor #1012
• Mainly documentation updates by @v0lkan in Mainly documentation updates #1015
• Add unit test for core/crypto and a little change in the empty []byte return value. by @yigithankarabulut in Add unit test for core/crypto and a little change in the empty []byte return value. #1014
• 🌟 enhancement(VSecM Helm Charts): add operated-by label to secrets by @v0lkan in 🌟 enhancement(VSecM Helm Charts): add operated-by label to secrets #1016
• Release v0.26.0 by @v0lkan in Release v0.26.0 #1021
• helm docs update by @v0lkan in helm docs update #1022

Full Changelog: v0.25.3...v0.26.0

---

This discussion was created from the release v0.26.0.