SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ruby3.1-rubygem-kubeclient-4.12.0-1.6.x86_64.rpm :

* Fri Jun 21 2024 Dan Čermák - ## 4.12.0 - 2024-06-18 [#]## Added- Add test coverage for Ruby 3.2 (#615)- Allow a region when getting a signer for Aws::Sts (#507)- Update the AWS STS endpoint to be regional as the method is now regional (#528)- Assume role support for aws eks credentials (#630) [#]## Fixed- [v4.y] Regenerated expired test TLS certs by running `test/config/update_certs_k0s.rb`.- [v4.y] Regenerated expired test TLS certs (#611)- Regenerated expired test TLS certs (#632) [#]## Changed- Update actions/checkout (#590)- chore(deps): update actions/checkout action to v4 (#619)
* Fri Nov 03 2023 Dan Čermák - ## 4.11.0 — 2022-12-22 [#]## Removed- Dropped support for EOL Ruby versions 2.5, 2.6. (#589) [#]## Added- Relaxed dependency on `http` gem (used for watches) to allow 5.y.z versions. (#589) - Specifically, http 5.1.1 may fix issues watching with IPv6. (#585)
* Mon Oct 10 2022 Stephan Kulow updated to version 4.10.1 see installed CHANGELOG.md
* Thu Apr 28 2022 Stephan Kulow updated to version 4.9.3 see installed CHANGELOG.md [#]# 4.9.3 — 2021-03-23 [#]## Fixed - VULNERABILITY FIX: Previously, whenever kubeconfig did not define custom CA (normal situation for production clusters with public domain and certificate!), `Config` was returning ssl_options[:verify_ssl] hard-coded to `VERIFY_NONE` :-( Assuming you passed those ssl_options to Kubeclient::Client, this means that instead of checking server\'s certificate against your system CA store, it would accept ANY certificate, allowing easy man-in-the middle attacks. This is especially dangerous with user/password or token credentials because MITM attacker could simply steal those credentials to the cluster and do anything you could do on the cluster. This was broken IN ALL RELEASES MADE BEFORE 2022, ever since [`Kubeclient::Config` was created](https://github.com/ManageIQ/kubeclient/pull/127/files#diff-32e70f2f6781a9e9c7b83ae5e7eaf5ffd068a05649077fa38f6789e72f3de837R41-R48). - Bug fix: kubeconfig `insecure-skip-tls-verify` field was ignored. When kubeconfig did define custom CA, `Config` was returning hard-coded `VERIFY_PEER`. Now we honor it, return `VERIFY_NONE` iff kubeconfig has explicit `insecure-skip-tls-verify: true`, otherwise `VERIFY_PEER`. - `Config`: fixed parsing of `certificate-authority` file containing concatenation of several certificates. Previously, server\'s cert was checked against only first CA cert, resulting in possible \"certificate verify failed\" errors. An important use case is a chain of root & intermediate cert(s) - necessary when cluster\'s CA itself is signed by another custom CA. But also helps when you simply concatenate independent certs. (#461, #552) - Still broken (#460): inline `certificate-authority-data` is still parsed using `add_cert` method that handles only one cert. These don\'t affect code that supplies `Client` parameters directly, only code that uses `Config`.
* Thu Jun 24 2021 Stephan Kulow updated to version 4.9.2 see installed CHANGELOG.md [#]# 4.9.2 — 2021-05-30 [#]## Added - Ruby 3.0 compatibility (#500, #505). [#]## Removed - Reduce .gem size by dropping test/ directory, it\'s useless at run time (#502).
* Fri Sep 25 2020 Stephan Kulow updated to version 4.9.1 see installed CHANGELOG.md [#]# 4.9.1 — 2020-08-31 [#]## Fixed - Now should work with apiserver deployed not at root of domain but a sub-path, which is standard with Rancher. Notably, `create_...` methods were sending bad apiVersion and getting 400 error. (#457, hopefully fixes #318, #418 and https://gitlab.com/gitlab-org/gitlab/-/issues/22043) [#]# 4.9.0 - 2020-08-03 [#]## Added - Support for `user: exec` credential plugins using TLS client auth (#453) [#]# 4.8.0 — 2020-07-03 [#]## Added - Support for server-side apply (#448). [#]## Fixed - Declared forgotten dependency on jsonpath, needed for `gcp` provider with `cmd-path` (#450). [#]# 4.7.0 — 2020-06-14 [#]## Fixed - Ruby 2.7 compatibility: bumped minimum recursive-open-struct to one that works on 2.7 (#439). - Ruby 2.7 warnings (#433, #438). - Improved watch documentation, including behavior planned to change in 5.0.0 (#436). [#]## Added - Google Application Default Credentials: Added `userinfo.email` to requested scopes, which is necessary for RBAC policies (#441).
* Mon Feb 10 2020 Stephan Kulow - updated to version 4.6.0 see installed CHANGELOG.md
* Sun May 05 2019 Stephan Kulow - updated to version 4.4.0 see installed CHANGELOG.md [#]# Unreleased [#]# 4.4.0 — 2019-05-03 [#]## Added - GCP configs with `user[auth-provider][name] == \'gcp\'` will execute credential plugin (normally the `gcloud config config-helper` subcommand) when the config specifies it in `cmd-path`, `cmd-args` fields (similar to `exec` support). This code path works without `googleauth` gem. Otherwise, `GoogleApplicationDefaultCredentials` path will be tried as before. (#410) - `AmazonEksCredentials` helper for obtaining a token to authenticate against Amazon EKS. This is not currently integrated in `Config`, you will need to invoke it yourself. You\'ll need some aws gems that Kubeclient _does not_ include. (#404, #406) [#]## Changed - OpenID Connect tokens which cannot be validaded because we cannot identify the key they were signed with will be considered expired and refreshed as usual. (#407)
* Thu Mar 14 2019 Stephan Kulow - updated to version 4.3.0 see installed CHANGELOG.md [#]# 4.3.0 — 2019-03-03 [#]## Changed - `GoogleApplicationDefaultCredentials` will automatically be used in `fetch_user_auth_options` if the `user[auth-provider][name] == \'gcp\'` in the provided context. Note that `user[exec]` is checked first in anticipation of this functionality being added to GCP sometime in the future. Kubeclient _does not_ import the required `googleauth` gem, so you will need to import it in your calling application. (#394) [#]## Added - OpenID Connect credentials will automatically be used if the `user[auth-provider][name] == \'oidc\'` in the provided context. Note that `user[exec]` is checked first. Kubeclient _does not_ import the required `openid_connect` gem, so you will need to import it in your calling application. (#396) - Support for `json_patch_#{entity}` and `merge_patch_#{entity}`. `patch_#{entity}` will continue to use strategic merge patch. (#390)
* Mon Jan 14 2019 Stephan Kulow - updated to version 4.2.2 see installed CHANGELOG.md
  
ICM