Releases: projectcapsule/capsule-proxy
v0.3.1-rc0
v0.3.0
Features
- Support for user impersonation (#215)
- Upgrade to Go 1.18 (#205)
- Support for single Namespace get and apply (#203)
- Providing proxy capabilities to other users or groups using the resource
ProxySettings(#196) cert-managersupport for TLS certificates creation (#214)- Custom metrics exposed (#220)
Hotfixes
- Bearer token regex breaking ability to authenticate (#194)
- Websocket connection fix (#191)
- Various Helm template minor fixes
Thanks
Hard work by the people that contributed to this release: @jessecorson, @viveksyngh, @maxgio92, @ptx96, @arriqaaq, and @bsctl!
Contributors
Assets 2
v0.3.0-rc2
- 8ed733e feat: expose HTTP requests metrics
- 7e71174 ci(charts): bump the chart version
- d40e841 docs(charts): update references to the certgen job
- 83efce3 deploy(charts): move certgen job to chart resources
- fb72da1 fix(e2e): pinning bitnami/metrics-server required for tests
- f66b9ee feat: support for owned namespace retrieval
- 50ec33c feat(ci): added docker.io repository
- 4494111 chore(ci): dumping logs in case of error
- 7d17987 chore(ci): upgrading golangci-lint
- 8e09092 chore(tests): add tests for proxysettings custom resource
- 408db92 chore(dockerfile): importing crds types
- be1ec10 reorg: providing samples for proxysetting
- a4c089d feat: proxy operations for proxysetting customresourcedefinitions
- 4fc25ac feat: proxysetting customresourcedefinition scaffolding
- 6bdad19 build(dockerfile): support for go 1.18
- 45817f0 chore(ci): upgrading golangci-lint for go 1.18
- 0f06dbc chore(gomod): upgrading to go 1.18
- ebd10e1 build(helm): generating certs upon installation
- bc6b69b build(helm): change default for ServiceMonitor
v0.3.0-rc1
v0.2.1
⚠️ Warning: this release contains a major patch for a CVE tracked in GHSA-9cwv-cppx-mqjm: if you're using Capsule Proxy in production, please, upgrade it.
Hotfixes
- Privilege escalation vulnerability via malicious "Connection" header (#188)
Thanks
A special thanks for the hard work on fixing the CVE by @MaxFedotov, @bsctl, and the reporters, @enj, and @carpenterm.
Contributors
Assets 2
v0.2.0
You merely adopted the dark, I was born on it!
⚠️ Warning: this release has some deprecations!
Features
Enhancements
- Migrating to
golang-jwtlibrary (#154) - Limiting forward of certain URLs (#157)
⚠️ TLS mode is set to true (#168)- Deprecating Helm Chart Ingress API version (#172)
- Documentation refactoring
Hotfixes
- Escaping authentication when using HTTP plain mode (#156)
- Addressing vulnerability issues when using plain HTTP mode (#162)
Thanks
We're proudly backed by the community, so many kudos to: @MaxFedotov, @mendrugory, @brightzheng100, @bsctl and @maxgio92!
Contributors
Assets 2
v0.1.1
It's beautiful, I've looked at this capsule-proxy for five hours now
⚠️ Warning: this release has some deprecations!
Features
- Retrieving node metrics (#114)
- Ignoring certain user groups from filtering (#119)
- Support for PriorityClass filtering (#123)
⚠️ Supporting multiple capsule user groups (#133) deprecated, use CRD CapsuleConfiguration- Retrieving Capsule user groups from CapsuleConfiguration CR rather than CLI flags (#144)
Enhancements
- Switching from command to args in deployment examples (#115)
Bugfixes
- Tenant owner cannot describe nodes (#113)
- Impersonation group information must be set in multiple headers (#118)
- Capsule label should be validated not only for user, but also for user groups (#124)
- e2e tests are not really run in Github Actions (#138)
With this, we're aligning capsule-proxy to the latest release offered by Capsule, that's a terrific success and we have to say thank you to all the contributors, older and newer, as @ThatsMrTalbot, @mendrugory, @nodefourtytwo, @MaxFedotov, @ptx96, @alegrey91, @bsctl, @prometherion!
Capsule to the moon! 🚀
Contributors
Assets 2
v0.1.0
Wild capsule-proxy release has appeared! (cit.)
⚠️ Warning: this release contains breaking changes!
- Node listing should rely on the Tenant's nodeSelector spec [#52]
Features
- Run in out-of-cluster mode (#67)
- Access the node details (#40)
- Listing of the Tenants StorageClass resources (#55)
- Listing of the Tenants IngressClass resources (#56)
- Add support for k8s webhook token authentication strategy (#99)
Enhancements
- Migrate to a better HTTP router (#54)
- Update to Go 1.16 (#75)
- Provide option to debug in-cluster-mode with delve (#77)
- Switch over HTTP middlewares (#65)
- Setting up CI linting checks (#63)
- Implement the recovery middleware (#85)
- Setting up e2e tests (#64)
- Each API route should be considered as a module (#81)
Bugfixes
- SSL self-signed certificate is not created when enabled in Helm chart (#60)
- Typo in default image tag (#50)
Many kudos to all the contributors that helped to shape this astonishing release with an impressive features list:
@ludusrusso, @davideimola, @MaxFedotov, @bsctl, @ptx96, @gautam2187, @d-m, @GlassOfWhiskey
Together we stand! 👏🏻
v0.0.5
v0.0.5 (2021-01-01)
Happy new year with a brand new name!
Features
- Node listing is supported through the Tenant annotation
capsule.clastix.io/enable-node-listing[#38]
Enhancements
- Documentation has been improved [#43]
Breaking Changes
- Quay.io image has been changed, please refer to
quay.io/clastix/capsule-proxy:v0.0.5
Many thanks to @bsctl for his endless effort for the documentation, and many many kudos to @MaxFedotov for pushing this project beyond any boundary!