Releases: edgelesssys/constellation
Releases · edgelesssys/constellation
v2.20.0
What's Changed
🐛 Bug fixes
- terraform: fix security rule reconciliation on Azure by @elchead in #3454
- bootstrapper: only err if no control plane IPs available by @msanft in #3496
🔧 Other changes
New Contributors
Full Changelog: v2.19.3...v2.20.0
v2.19.3
What's Changed
🐛 Bug fixes
- deps: update google/go-sev-guest to v0.11.2-0.20241122022416-97a55186df28 to fix AMD SEV-SNP attestation report parsing on AWS by @daniel-weisse in #3490
Full Changelog: v2.19.2...v2.19.3
v2.19.2
v2.19.1
⚠️ Please use v2.19.2.
What's Changed
🐛 Bug fixes
🔧 Other changes
- docs: clarify for Azure TDX with Terraform provider by @elchead in #3449
- config: only allow confidential instances on stackit by @h3adex in #3463
- docs: how to reproduce released artifacts by @burgerdev in #3451
New Contributors
Full Changelog: v2.19.0...v2.19.1
v2.19.0
⚠️ Please use v2.19.2.
What's Changed
🐛 Bug fixes
- image: improve AWS performance by retiring idle=poll option by @burgerdev in #3387
🔧 Other changes
- helm: manage CoreDNS addon as Helm chart by @burgerdev in #3388
Full Changelog: v2.18.0...v2.19.0
v2.18.0
What's Changed
🛠 Breaking changes
🎁 New features
- Make SEV-SNP the default attestation variant on GCP by @thomasten in #3267
- terraform-provider-constellation: make kubeconfig output fine-grained by @msanft in #3334
🐛 Bug fixes
- helm: cilium: allow multiple default routes by @burgerdev in #3344
- openstack: Fix a crash in the bootstrapper during node join discovery by @3u13r in #3375
🔧 Other changes
- docs: fix broken links by @daniel-weisse in #3359
New Contributors
- @laralaske made their first contribution in #3255
- @Mearman made their first contribution in #3317
Full Changelog: v2.17.0...v2.18.0
v2.17.0
What's Changed
🛠 Breaking changes
- helm: upgrade cert-manager from v1.12.6 to v1.15.0 by @daniel-weisse in #3177
- See the cert-manager upgrade instructions
- Remove support for k8s v1.27 by @burgerdev in #3173
🎁 New features
- Add support for k8s v1.30 by @burgerdev in #3173
- terraform-provider-constellation: openstack support by @malt3 in #2974
- Support SEV-SNP on GCP by @msanft in #3011
- cli: allow tagging cloud resources with custom tags by @miampf in #3033
- cli: enable JSON output for
constellation verify
on Azure TDX by @daniel-weisse in #3164 - config: allow "latest" pseudo-version for Azure TDX config values by @daniel-weisse in #3166
🐛 Bug fixes
- cli: retry auth handshake deadline exceeded errors in CLI and Terraform by @daniel-weisse in #2976
- bootstrapper: wipe disk and reboot on non-recoverable error by @daniel-weisse in #2971
- bazel: patch Go SDK to increase TLS maxHandshake size by @malt3 in #3009
- kubecmd: retry any k8s errors in CLI and Terraform by @daniel-weisse in #3028
- helm: Restore the ability to start a cluster in conformance mode by disabling the cilium ipmasq agent when in conformance mode by @3u13r in #3062
- terraform: add missing policies for AWS ALB by @burgerdev in #3063
- operators: ignore node deletion errors on absence by @burgerdev in #3113
- cli: fix
constellation verify
depending on an initializedconstellation-state.yaml
file by @daniel-weisse in #3184
🔧 Other changes
- attestation: dont set a default for TDX MRSEAM by @daniel-weisse in #3038
- deps: upgrade terraform provider stackit to 0.16.0 by @malt3 in #3046
- image: update to Fedora 40 by @msanft in #3104
- bootstrapper: prioritize etcd disk I/O by @msanft in #3114
- helm: update AWS CSI driver by @msanft in #3121
- attestation: enable Azure TDX CRL checking by @daniel-weisse in #3160
- renovate: allow major version upgrades of GitHub action dependencies by @daniel-weisse in #3217
New Contributors
- @davidweisse made their first contribution in #3018
Full Changelog: v2.16.4...v2.17.0
v2.16.4
Whats changed
This patch release adds optional IAM permissions to support AWS Application Load Balancers.
Run constellation iam upgrade apply
to add these permissions to an existing Constellation.
🐛 Bug fixes
- helm: disable cilium ipmasq agent when in conformance mode by @3u13r
- terraform: add missing policies for AWS ALB by @burgerdev
- attestation: dont set a default for TDX MRSEAM by @daniel-weisse
- deps: upgrade terraform provider stackit to 0.17.0 by @malt3 and @burgerdev
- snp: ensure we never use ARK supplied by Issuer by @daniel-weisse
- kubecmd: retry any k8s errors in CLI and Terraform by @daniel-weisse
Full Changelog: v2.16.3...v2.16.4
v2.16.3
This release patches the following security vulnerability in Constellation:
Whats changed
🐛 Bug fixes
- helm: firewall pods by @burgerdev in 5507982
Full Changelog: v2.16.2...v2.16.3
v2.16.2
This release fixes an issue which could prevent Constellation cluster creation with Azure SEV-SNP.
Whats changed
🐛 Bug fixes
- increase TLS maxHandshake size to fix deployments on Azure SEV-SNP by @malt3 in #3009
- helm: manually retry uninstalling a failed release during
constellation apply
by @burgerdev in #2984
🔧 Other changes
- terraform: update terraform provider STACKIT to v0.15.1 by @burgerdev in #3007
Full Changelog: v2.16.1...v2.16.2