diff --git a/CHANGELOG-0.x.md b/CHANGELOG-0.x.md index 6ba36e6076..229a604dfe 100644 --- a/CHANGELOG-0.x.md +++ b/CHANGELOG-0.x.md @@ -1,3 +1,7 @@ +# v1.6.2 +## Notable changes +* Address CVE ALAS-2022-1792 + # v1.6.1 ## Notable changes * Address CVE ALAS2-2022-1782, ALAS2-2022-1788, ALAS2-2022-1784 diff --git a/Makefile b/Makefile index 4e990a39cc..385d3a8dd2 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -VERSION=v1.6.1 +VERSION=v1.6.2 PKG=github.com/kubernetes-sigs/aws-ebs-csi-driver GIT_COMMIT?=$(shell git rev-parse HEAD) diff --git a/charts/aws-ebs-csi-driver/CHANGELOG.md b/charts/aws-ebs-csi-driver/CHANGELOG.md index 3f8559a68b..a7372cdccf 100644 --- a/charts/aws-ebs-csi-driver/CHANGELOG.md +++ b/charts/aws-ebs-csi-driver/CHANGELOG.md @@ -1,5 +1,10 @@ # Helm chart +## v2.6.8 + +* Bump app/driver to version `v1.6.2` +* Bump sidecar version for nodeDriverRegistrar, provisioner to be consistent with EKS CSI Driver Add-on + ## v2.6.7 * Bump app/driver to version `v1.6.1` diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index 67c20099ea..41a62924d9 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 1.6.1 +appVersion: 1.6.2 name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 2.6.7 +version: 2.6.8 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index 2a9d6344ed..2273d9fe3f 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -19,7 +19,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: k8s.gcr.io/sig-storage/csi-provisioner - tag: "v2.1.1" + tag: "v2.2.2" logLevel: 2 resources: {} attacher: @@ -57,7 +57,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: k8s.gcr.io/sig-storage/csi-node-driver-registrar - tag: "v2.1.0" + tag: "v2.3.0" logLevel: 2 resources: {} diff --git a/deploy/kubernetes/base/clusterrole-snapshotter.yaml b/deploy/kubernetes/base/clusterrole-snapshotter.yaml index 633b9cb3a4..b14a3f839c 100644 --- a/deploy/kubernetes/base/clusterrole-snapshotter.yaml +++ b/deploy/kubernetes/base/clusterrole-snapshotter.yaml @@ -14,9 +14,9 @@ rules: # Enable it if your driver needs secret. # For example, `csi.storage.k8s.io/snapshotter-secret-name` is set in VolumeSnapshotClass. # See https://kubernetes-csi.github.io/docs/secrets-and-credentials.html for more details. - # - apiGroups: [""] - # resources: ["secrets"] - # verbs: ["get", "list"] + # - apiGroups: [ "" ] + # resources: [ "secrets" ] + # verbs: [ "get", "list" ] - apiGroups: [ "snapshot.storage.k8s.io" ] resources: [ "volumesnapshotclasses" ] verbs: [ "get", "list", "watch" ] diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml index 03616b8320..bc2ae250e0 100644 --- a/deploy/kubernetes/base/controller.yaml +++ b/deploy/kubernetes/base/controller.yaml @@ -31,7 +31,7 @@ spec: tolerationSeconds: 300 containers: - name: ebs-plugin - image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.1 + image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.2 imagePullPolicy: IfNotPresent args: # - {all,controller,node} # specify the driver mode @@ -81,7 +81,7 @@ spec: periodSeconds: 10 failureThreshold: 5 - name: csi-provisioner - image: k8s.gcr.io/sig-storage/csi-provisioner:v2.1.1 + image: k8s.gcr.io/sig-storage/csi-provisioner:v2.2.2 imagePullPolicy: IfNotPresent args: - --csi-address=$(ADDRESS) diff --git a/deploy/kubernetes/base/node.yaml b/deploy/kubernetes/base/node.yaml index ba366bfad8..c92cc8540b 100644 --- a/deploy/kubernetes/base/node.yaml +++ b/deploy/kubernetes/base/node.yaml @@ -45,7 +45,7 @@ spec: - name: ebs-plugin securityContext: privileged: true - image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.1 + image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.2 imagePullPolicy: IfNotPresent args: - node @@ -80,7 +80,7 @@ spec: periodSeconds: 10 failureThreshold: 5 - name: node-driver-registrar - image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.1.0 + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.3.0 imagePullPolicy: IfNotPresent args: - --csi-address=$(ADDRESS) diff --git a/docs/README.md b/docs/README.md index 4517160564..9add31db3e 100644 --- a/docs/README.md +++ b/docs/README.md @@ -72,7 +72,7 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll | AWS EBS CSI Driver \ Kubernetes Version| v1.12 | v1.13 | v1.14 | v1.15 | v1.16 | v1.17 | v1.18+| |----------------------------------------|-------|-------|-------|-------|-------|-------|-------| | master branch | no | no | no | no | no | yes | yes | -| v0.9.x-v1.5.x | no | no | no | no | no | yes | yes | +| v0.9.x-v1.6.x | no | no | no | no | no | yes | yes | | v0.5.0-v0.8.x | no | no | yes | yes | yes | yes | yes | | v0.4.0 | no | no | yes | yes | no | no | no | | v0.3.0 | no | no | yes | no | no | no | no | @@ -84,14 +84,21 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll ## Container Images: |AWS EBS CSI Driver Version | GCR Image | ECR Image | |---------------------------|--------------------------------------------------|-----------------------------------------------------------------------------| +|v1.6.2 | | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.2 | |v1.6.1 | | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.1 | |v1.6.0 | | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.0 | |v1.5.3 | | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.5.3 | |v1.5.2 | | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.5.2 | |v1.5.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.5.1 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.5.1 | |v1.5.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.5.0 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.5.0 | -|v1.4.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.4.0 | 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:v1.4.0 | -|v1.3.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.3.1 | 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:v1.3.1 | +|v1.4.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.4.0 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.4.0 | +|v1.3.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.3.1 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.3.1 | + +
+Deprecated Container Images + +|AWS EBS CSI Driver Version | GCR Image | ECR Image | +|---------------------------|--------------------------------------------------|-----------------------------------------------------------------------------| |v1.3.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.3.0 | 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:v1.3.0 | |v1.2.1 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.2.1 | 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:v1.2.1 | |v1.2.0 |k8s.gcr.io/provider-aws/aws-ebs-csi-driver:v1.2.0 | 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:v1.2.0 | @@ -115,6 +122,7 @@ Following sections are Kubernetes specific. If you are Kubernetes user, use foll |v0.1.0 | | amazon/aws-ebs-csi-driver:0.1.0-alpha | **Note**: If your cluster isn't in the `us-west-2` Region, please change `602401143452.dkr.ecr.us-west-2.amazonaws.com` to the [address](https://github.com/awsdocs/amazon-eks-user-guide/blob/master/doc_source/add-ons-images.md) that corresponds to your Region. +
## Features * **Static Provisioning** - create a new or migrating existing EBS volumes, then create persistence volume (PV) from the EBS volume and consume the PV from container using persistence volume claim (PVC). diff --git a/docs/RELEASE.md b/docs/RELEASE.md index 980445d8d0..cd63620c9f 100644 --- a/docs/RELEASE.md +++ b/docs/RELEASE.md @@ -69,11 +69,11 @@ Follow the AWS-internal process. ## Verify the images are available In ECR Public: - - `docker pull public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.1` + - `docker pull public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:{release version}` In ECR: - `aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 602401143452.dkr.ecr.us-west-2.amazonaws.com` - - `docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:v1.6.1` + - `docker pull 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-ebs-csi-driver:{release version}` ## Create the post-release commit in the release branch diff --git a/examples/kubernetes/windows/README.md b/examples/kubernetes/windows/README.md index 13d35efaa0..ae743ad4b8 100644 --- a/examples/kubernetes/windows/README.md +++ b/examples/kubernetes/windows/README.md @@ -6,7 +6,7 @@ This example shows how to create a EBS volume and consume it from a Windows cont 1. A 1.18+ Windows node. Windows support has only been tested on 1.18 EKS Windows nodes. https://docs.aws.amazon.com/eks/latest/userguide/windows-support.html 2. [csi-proxy](https://github.com/kubernetes-csi/csi-proxy) v1.0.0+ installed on the Windows node. -3. Driver v1.6.1 from ECR: `public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.6.1`. It can be built and pushed to another image registry with the command `TAG=$MY_TAG REGISTRY=$MY_REGISTRY make all-push` where `MY_TAG` refers to the image tag to push and `MY_REGISTRY` to the destination image registry like "XXXXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com" +3. Driver v1.6.0+ from ECR: `public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:{driver version}`. It can be built and pushed to another image registry with the command `TAG=$MY_TAG REGISTRY=$MY_REGISTRY make all-push` where `MY_TAG` refers to the image tag to push and `MY_REGISTRY` to the destination image registry like "XXXXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com" 4. The driver installed with the Node plugin on the Windows node and the Controller plugin on a Linux node: `helm upgrade --install aws-ebs-csi-driver --namespace kube-system ./charts/aws-ebs-csi-driver --set node.enableWindows=true --set image.repository=$MY_REGISTRY/aws-ebs-csi-driver --set image.tag=$MY_TAG` ## Usage