Releases: dell/karavi-authorization
Releases · dell/karavi-authorization
v1.5.0
New Features/Changes
- Include k3s-selinux package as part of CSM Authorization RPM install. (dell/csm#409)
- Qualify SELinux enablement. (dell/csm#394)
- CSM 1.5 release specific changes. (dell/csm#491)
Fixed Issues
- CSM Authorization karavictl role update can't find existing role in helm deployment. (dell/csm#530)
- RPM fails to install policies. (dell/csm#512)
- Impossible to install karavi-authorization rpm cause of invalid cross-device link. (dell/csm#164)
Documentation
General Documentation
Change Log
See the CHANGELOG for more details.
v1.4.0
New Features/Changes
- CSM 1.4 Release specific changes. (#350)
- CSM Authorization insecure related entities are renamed to skipCertificateValidation. (#368)
Fixed Issues
- PowerScale volumes unable to be created with Helm deployment of CSM Authorization. (#419)
- Authorization CLI documentation does not mention --array-insecure flag when creating or updating storage systems. (#416)
- Authorization: Add documentation for backing up and restoring redis data. (#410)
- CSM Authorization doesn't recognize storage with capital letters. (#398)
- Update Authorization documentation with supported versions of k3s-selinux and container-selinux packages. (#393)
- Using Authorization without dependency on jq. (#390)
- Authorization Documentation Improvement. (#384)
- Unit test failing for csm-authorization. (#382)
- Karavictl has incorrect permissions after download. (#360)
- Helm deployment of Authorization denies a valid request path from csi-powerflex. (#353)
Documentation
Change Log
- See the CHANGELOG for more details.
v1.3.0
New Features/Changes
CSM Authorization can deployed with Helm (dell/csm#261)
Fixed Issues
Authorization proxy server install fails due to missing container-selinux (dell/csm#313)
Permissions on karavictl and k3s binaries are incorrect (dell/csm#277)
Authorization OPA policies fail if there are hosts or DNS entries for "localhost" that don't resolve to 127.0.0.1 (dell/csm#321)
Documentation
Change Log
See the CHANGELOG for more details.
v1.2.0
New Features/Changes
- Remove CSM for Authorization Sidecar injection in favor of Helm chart deployment. (dell/csm#112)
- Update Go version to 1.17 for CSM (across all CSI drivers and modules). (dell/csm#149)
- Add support for Kubernetes 1.23. (dell/csm#136)
- CSM 1.2 Release Specific Changes. (dell/csm#128)
Fixed Issues
- CSM authorization / PowerMax / Misleading 401 error on quota violation. (dell/csm#205)
- CSM Authorization sidecar install fails if k8s worker nodes are not in ~/.ssh/known_hosts. (dell/csm#147)
Documentation
Change Log
See the CHANGELOG for more details.
v1.1.0
New Features/Changes
- CSM for Authorization Upgrade - Ability to upgrade the CSM for Authorization sidecar and proxy server
Fixed Issues
- Fixed unit test failures and gosec false alarms in CSM for Authorization
- Fixed RPM install error deploying the CSM for Authorization proxy server
Documentation
v1.0.0
Features:
- Ability to set storage quota limits to ensure Kubernetes tenants are not overconsuming storage
- Ability to create access control policies to ensure Kubernetes tenant clusters are not accessing storage that does not belong to them
- Ability to shield storage credentials from Kubernetes administrators ensuring credentials are only handled by storage admins
- Support for PowerFlex, PowerMax, and PowerScale
v0.2.1
v0.2.0
Features
- Support for Dell EMC PowerMax
- Human-readable quota size when creating/updating a role using karavictl
- Registering a Unisphere will optionally register all systems managed by the Unisphere
- Allow overprovisioning of quota on roles using karavictl
v0.1.0
Features
- Storage admins and Kubernetes tenants can easily deploy and use Karavi Authorization
- Storage admin can define roles that give tenant access to specific storage pools and quota limits for those pools
- Storage admins can hide storage system root credentials from Kubernetes tenant clusters
- Storage admins can grant/revoke designated tenants metered access to storage pools
- Assign Kubernetes tenant ownership to storage system resources
- Documentation and repository preparation for tech preview release
- Enable TLS with certificate validation from tenant clusters
- Karavi Authorization uses persistent storage
- Add policies to check if tenant owns a Storage Resource to perform operations
- Standardize Karavi Authorization CLI output formats