From 9aaac5299332f6fec61e64d6b1fa7db17a50fdda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Agust=C3=ADn=20Mart=C3=ADnez=20Fay=C3=B3?= Date: Thu, 22 Feb 2024 19:04:14 -0300 Subject: [PATCH] Update Changelog with 1.9.0 release (#4904) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Agustín Martínez Fayó --- CHANGELOG.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7ed9df8806..21346ecb12 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,41 @@ # Changelog +## [1.9.0] - 2024-02-22 + +### Added + +- `uniqueid` CredentialComposer plugin that adds the x509UniqueIdentifier attribute to workload X509-SVIDs (#4862) +- Agent's Admin API has now a default location defined (#4856) +- Partial selectors from workload attestation are now logged when attestation is interrupted (#4846) +- X509-SVIDs minted by SPIRE can now include wildcards in the DNS names (#4814) + +### Changed + +- CA journal data is now stored in the datastore, removing the on-disk dependency of the server (#4690) +- `aws_kms`, `azure_key_vault`, and `gcp_kms` KeyManager plugins no longer require storing metadata files on disk (#4700) +- Bundle endpoint refresh hint now defaults to 5 minutes (#4847, #4888) +- Graceful shutdown is now blocked while built-in plugin RPCs drain (#4820) +- Entry cache hydration is now done with paginated requests to the datastore (#4721, #4826) +- Agents renew SVIDs through re-attestation by default when using a supporting Node Attestor (#4791) +- The SPIRE Agent LRU SVID cache is no longer experimental and is enabled by default (#4773) +- Small documentation improvements (#4764, #4787) +- Read-replicas are no longer used when hydrating the experimental events-based entry cache (#4868) +- Workload gRPC connections are now terminated when the peertracker liveness check fails instead of just failing the RPC calls (#4611) + +### Fixed + +- Missing creation of events in the experimental events-based cache entry when an entry was pruned (#4860) +- Bug in SPIRE Agent LRU SVID cache that caused health checks to fail (#4852) +- Refreshing of selectors of attested agents when using the experimental events-based entry cache (#4803) + +### Deprecated + +- `k8s_sat` NodeAttestor plugin (#4841) + +### Removed + +- X509-SVIDs issued by the server no longer have the x509UniqueIdentifier attribute as part of the subject (#4862) + ## [1.8.7] - 2023-12-21 ### Added