Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Marvin1973:pcs
rubygem-kubeclient
rubygem-kubeclient.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File rubygem-kubeclient.changes of Package rubygem-kubeclient
------------------------------------------------------------------- Fri Nov 3 07:40:52 UTC 2023 - Dan Čermák <dan.cermak@posteo.net> - ## 4.11.0 — 2022-12-22 ### Removed - Dropped support for EOL Ruby versions 2.5, 2.6. (#589) ### Added - Relaxed dependency on `http` gem (used for watches) to allow 5.y.z versions. (#589) - Specifically, http 5.1.1 may fix issues watching with IPv6. (#585) ------------------------------------------------------------------- Mon Oct 10 13:09:35 UTC 2022 - Stephan Kulow <coolo@suse.com> updated to version 4.10.1 see installed CHANGELOG.md ------------------------------------------------------------------- Thu Apr 28 05:34:33 UTC 2022 - Stephan Kulow <coolo@suse.com> updated to version 4.9.3 see installed CHANGELOG.md ## 4.9.3 — 2021-03-23 ### Fixed - VULNERABILITY FIX: Previously, whenever kubeconfig did not define custom CA (normal situation for production clusters with public domain and certificate!), `Config` was returning ssl_options[:verify_ssl] hard-coded to `VERIFY_NONE` :-( Assuming you passed those ssl_options to Kubeclient::Client, this means that instead of checking server's certificate against your system CA store, it would accept ANY certificate, allowing easy man-in-the middle attacks. This is especially dangerous with user/password or token credentials because MITM attacker could simply steal those credentials to the cluster and do anything you could do on the cluster. This was broken IN ALL RELEASES MADE BEFORE 2022, ever since [`Kubeclient::Config` was created](https://github.com/ManageIQ/kubeclient/pull/127/files#diff-32e70f2f6781a9e9c7b83ae5e7eaf5ffd068a05649077fa38f6789e72f3de837R41-R48). - Bug fix: kubeconfig `insecure-skip-tls-verify` field was ignored. When kubeconfig did define custom CA, `Config` was returning hard-coded `VERIFY_PEER`. Now we honor it, return `VERIFY_NONE` iff kubeconfig has explicit `insecure-skip-tls-verify: true`, otherwise `VERIFY_PEER`. - `Config`: fixed parsing of `certificate-authority` file containing concatenation of several certificates. Previously, server's cert was checked against only first CA cert, resulting in possible "certificate verify failed" errors. An important use case is a chain of root & intermediate cert(s) - necessary when cluster's CA itself is signed by another custom CA. But also helps when you simply concatenate independent certs. (#461, #552) - Still broken (#460): inline `certificate-authority-data` is still parsed using `add_cert` method that handles only one cert. These don't affect code that supplies `Client` parameters directly, only code that uses `Config`. ------------------------------------------------------------------- Thu Jun 24 17:33:47 UTC 2021 - Stephan Kulow <coolo@suse.com> updated to version 4.9.2 see installed CHANGELOG.md ## 4.9.2 — 2021-05-30 ### Added - Ruby 3.0 compatibility (#500, #505). ### Removed - Reduce .gem size by dropping test/ directory, it's useless at run time (#502). ------------------------------------------------------------------- Fri Sep 25 14:14:48 UTC 2020 - Stephan Kulow <coolo@suse.com> updated to version 4.9.1 see installed CHANGELOG.md ## 4.9.1 — 2020-08-31 ### Fixed - Now should work with apiserver deployed not at root of domain but a sub-path, which is standard with Rancher. Notably, `create_...` methods were sending bad apiVersion and getting 400 error. (#457, hopefully fixes #318, #418 and https://gitlab.com/gitlab-org/gitlab/-/issues/22043) ## 4.9.0 - 2020-08-03 ### Added - Support for `user: exec` credential plugins using TLS client auth (#453) ## 4.8.0 — 2020-07-03 ### Added - Support for server-side apply (#448). ### Fixed - Declared forgotten dependency on jsonpath, needed for `gcp` provider with `cmd-path` (#450). ## 4.7.0 — 2020-06-14 ### Fixed - Ruby 2.7 compatibility: bumped minimum recursive-open-struct to one that works on 2.7 (#439). - Ruby 2.7 warnings (#433, #438). - Improved watch documentation, including behavior planned to change in 5.0.0 (#436). ### Added - Google Application Default Credentials: Added `userinfo.email` to requested scopes, which is necessary for RBAC policies (#441). ------------------------------------------------------------------- Mon Feb 10 15:03:01 UTC 2020 - Stephan Kulow <coolo@suse.com> - updated to version 4.6.0 see installed CHANGELOG.md ------------------------------------------------------------------- Sun May 5 09:32:41 UTC 2019 - Stephan Kulow <coolo@suse.com> - updated to version 4.4.0 see installed CHANGELOG.md ## Unreleased ## 4.4.0 — 2019-05-03 ### Added - GCP configs with `user[auth-provider][name] == 'gcp'` will execute credential plugin (normally the `gcloud config config-helper` subcommand) when the config specifies it in `cmd-path`, `cmd-args` fields (similar to `exec` support). This code path works without `googleauth` gem. Otherwise, `GoogleApplicationDefaultCredentials` path will be tried as before. (#410) - `AmazonEksCredentials` helper for obtaining a token to authenticate against Amazon EKS. This is not currently integrated in `Config`, you will need to invoke it yourself. You'll need some aws gems that Kubeclient _does not_ include. (#404, #406) ### Changed - OpenID Connect tokens which cannot be validaded because we cannot identify the key they were signed with will be considered expired and refreshed as usual. (#407) ------------------------------------------------------------------- Thu Mar 14 10:58:18 UTC 2019 - Stephan Kulow <coolo@suse.com> - updated to version 4.3.0 see installed CHANGELOG.md ## 4.3.0 — 2019-03-03 ### Changed - `GoogleApplicationDefaultCredentials` will automatically be used in `fetch_user_auth_options` if the `user[auth-provider][name] == 'gcp'` in the provided context. Note that `user[exec]` is checked first in anticipation of this functionality being added to GCP sometime in the future. Kubeclient _does not_ import the required `googleauth` gem, so you will need to import it in your calling application. (#394) ### Added - OpenID Connect credentials will automatically be used if the `user[auth-provider][name] == 'oidc'` in the provided context. Note that `user[exec]` is checked first. Kubeclient _does not_ import the required `openid_connect` gem, so you will need to import it in your calling application. (#396) - Support for `json_patch_#{entity}` and `merge_patch_#{entity}`. `patch_#{entity}` will continue to use strategic merge patch. (#390) ------------------------------------------------------------------- Mon Jan 14 13:44:50 UTC 2019 - Stephan Kulow <coolo@suse.com> - updated to version 4.2.2 see installed CHANGELOG.md ------------------------------------------------------------------- Wed Dec 19 07:09:42 UTC 2018 - Stephan Kulow <coolo@suse.com> - updated to version 4.1.1 see installed CHANGELOG.md ------------------------------------------------------------------- Sat Dec 8 16:24:23 UTC 2018 - Stephan Kulow <coolo@suse.com> - updated to version 4.1.0 see installed CHANGELOG.md ## 4.1.0 — 2018-11-28 ### Fixed - Support custom resources with lowercase `kind` (#361). - `create_security_context_constraint` now works (#366). - `get_security_context_constraints.kind`, `get_endpoints.kind` are now plural as in kubernetes (#366). ### Added - Add support for retrieving large lists of objects in chunks (#356). ------------------------------------------------------------------- Wed Sep 5 10:25:10 UTC 2018 - coolo@suse.com - updated to version 4.0.0 see installed CHANGELOG.md ## 4.0.0 — 2018-07-23 ### Removed - Bumped officially supported kubernetes versions to >= 1.3. - Specifically `proxy_url` no longer works for <= 1.2 (#323). ### Fixed - `proxy_url` now works for kubernetes 1.10 and later (#323). ### Changed - Switched `http` gem dependency from 2.y to 3.y (#321). ------------------------------------------------------------------- Mon Jun 11 07:08:42 UTC 2018 - factory-auto@kulow.org - updated to version 3.1.2 see installed CHANGELOG.md ------------------------------------------------------------------- Fri Jun 1 16:15:07 UTC 2018 - factory-auto@kulow.org - updated to version 3.1.1 see installed CHANGELOG.md ## 3.1.1 - 2018-06-01 ### Security - Fixed `Kubeclient::Config.read` to use `YAML.safe_load` (#334). Previously, could deserialize arbitrary ruby classes. The risk depends on ruby classes available in the application; sometimes a class may have side effects - up to arbitrary code execution - when instantiated and/or built up with `x[key] = value` during YAML parsing. Despite this fix, using config from untrusted sources is not recommended. ------------------------------------------------------------------- Sun May 27 14:05:08 UTC 2018 - factory-auto@kulow.org - updated to version 3.1.0 see installed CHANGELOG.md Kubeclient release versioning follows [SemVer](https://semver.org/). ------------------------------------------------------------------- Thu Feb 8 06:11:00 UTC 2018 - coolo@suse.com - updated to version 3.0.0 no changelog found ------------------------------------------------------------------- Thu Oct 26 10:04:52 UTC 2017 - coolo@suse.com - updated to version 2.5.1 no changelog found ------------------------------------------------------------------- Tue May 23 10:01:54 UTC 2017 - coolo@suse.com - updated to version 2.4.0 no changelog found ------------------------------------------------------------------- Tue Feb 14 12:23:22 UTC 2017 - mmeister@suse.com - Initial packaging
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor