Skip to content

Releases: hashicorp/vault-helm

v0.28.1

11 Jul 22:36
2b8e492
Compare
Choose a tag to compare

0.28.1 (July 11, 2024)

Changes

  • Default vault version updated to 1.17.2
  • Default vault-k8s version updated to 1.4.2
  • Default vault-csi-provider version updated to 1.4.3
  • Tested with Kubernetes versions 1.26-1.30

Improvements

  • Configurable tlsConfig and authorization for Prometheus ServiceMonitor GH-1025
  • Remove UPDATE from injector-mutating-webhook GH-783
  • Add scope to mutating webhook GH-1037

v0.28.0

08 Apr 22:28
0c6fd50
Compare
Choose a tag to compare

0.28.0 (April 8, 2024)

Changes

  • Default vault version updated to 1.16.1
  • Default vault-k8s version updated to 1.4.1
  • Default vault-csi-provider version updated to 1.4.2
  • Tested with Kubernetes versions 1.25-1.29

Features

  • server: Add annotation on config change GH-1001

Bugs

  • injector: add missing get nodes permission to ClusterRole GH-1005

v0.27.0

16 Nov 22:05
50f7439
Compare
Choose a tag to compare

0.27.0 (November 16, 2023)

Changes

  • Default vault version updated to 1.15.2

Features

  • server: Support setting persistentVolumeClaimRetentionPolicy on the StatefulSet GH-965
  • server: Support setting labels on PVCs GH-969
  • server: Support setting ingress rules for networkPolicy GH-877

Improvements

  • Support exec in the server liveness probe GH-971

v0.26.1

30 Oct 19:57
36dafa0
Compare
Choose a tag to compare

0.26.1 (October 30, 2023)

Bugs:

  • Fix templating of server.ha.replicas when set via override file. The 0.26.0 chart would ignore server.ha.replicas and always deploy 3 server replicas when server.ha.enabled=true unless overridden by command line when issuing the helm command: --set server.ha.replicas=<some_number>. Fixed in GH-961

v0.26.0

27 Oct 20:46
f72df27
Compare
Choose a tag to compare

Changes:

Default vault version updated to 1.15.1
Default vault-k8s version updated to 1.3.1
Default vault-csi-provider version updated to 1.4.1
Tested with Kubernetes versions 1.24-1.28
server: OpenShift default readiness probe returns 204 when uninitialized #966
Features:

server: Add support for dual stack clusters #833
server: Support hostAliases for the StatefulSet pods #955
server: Add server.service.active.annotations and server.service.standby.annotations #896
server: Add long-lived service account token option #923
Bugs:

csi: Add namespace field to csi-role and csi-rolebindings. #909
Improvements:

global: Add global.namespace to override the helm installation namespace. #909
server: use vault.fullname in Helm test #912
server: Allow scaling HA replicas to zero #943

v0.25.0

26 Jun 15:31
e2711a2
Compare
Choose a tag to compare

0.25.0 (June 26, 2023)

Changes

  • Latest Kubernetes version tested is now 1.27
  • server: Headless service ignores server.service.publishNotReadyAddresses setting and always sets it as true GH-902
  • vault updated to 1.14.0 GH-916
  • vault-csi-provider updated to 1.4.0 GH-916

Improvements

  • CSI: Make nodeSelector and affinity configurable for CSI daemonset's pods GH-862
  • injector: Add ephemeralLimit and ephemeralRequest as options for configuring Agent's ephemeral storage resources GH-798
  • Minimum kubernetes version for chart reverted to 1.20.0 to allow installation on clusters older than the oldest tested version GH-916

Bugs

  • server: Set the default for prometheusRules.rules to an empty list GH-886

v0.24.1

17 Apr 17:49
a5d803a
Compare
Choose a tag to compare

0.24.1 (April 17, 2023)

Bugs:

  • csi: Add RBAC required by v1.3.0 to create secret for HMAC key used to generate secret versions GH-872

v0.24.0

06 Apr 22:55
d52c4a5
Compare
Choose a tag to compare

0.24.0 (April 6, 2023)

Changes:

  • Earliest Kubernetes version tested is now 1.22
  • vault updated to 1.13.1

Features:

  • server: New extraPorts option for adding ports to the Vault server statefulset GH-841
  • server: Add configurable Port Number in readinessProbe and livenessProbe for the server-statefulset GH-831
  • injector: Make livenessProbe and readinessProbe configurable and add configurable startupProbe GH-852
  • csi: Add an Agent sidecar to Vault CSI Provider pods to provide lease caching and renewals GH-749

v0.23.0

28 Nov 23:35
2d7fd5d
Compare
Choose a tag to compare

0.23.0 (November 28th, 2022)

Changes

  • vault updated to 1.12.1 GH-814
  • vault-k8s updated to 1.1.0 GH-814
  • vault-csi-provider updated to 1.2.1 GH-814

Features

  • server: Add extraLabels for Vault server serviceAccount GH-806
  • server: Add server.service.active.enabled and server.service.standby.enabled options to selectively disable additional services GH-811
  • server: Add server.serviceAccount.serviceDiscovery.enabled option to selectively disable a Vault service discovery role and role binding GH-811
  • server: Add server.service.instanceSelector.enabled option to allow selecting pods outside the helm chart deployment GH-813

Bugs

  • server: Quote .server.ha.clusterAddr value GH-810

v0.22.1

26 Oct 19:55
5d7014c
Compare
Choose a tag to compare

0.22.1 (October 26th, 2022)

Changes:

  • vault updated to 1.12.0 GH-803
  • vault-k8s updated to 1.0.1 GH-803