Skip to content

v2.14.0
Compare
Choose a tag to compare
@prestist prestist released this 19 May 20:15
· 962 commits to main since this release
v2.14.0
This tag was signed with the committer’s verified signature.
prestist Steven Presti
GPG key ID: 3F44D97695A62076
Learn about vigilant mode.
fef845a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Starting with this release, ignition-validate binaries are signed with the Fedora 36 key.

Features:

  • Support KubeVirt platform
  • Support AWS arn: URLs for S3 objects and access points (3.4.0-exp)
  • Support reading configs from Azure IMDS "user data"
  • Support S3 fetch via IPv6
  • Add ignition-apply entrypoint to apply an Ignition config in a container

Changes:

  • Delete userdata after provisioning on VirtualBox and VMware by default (see operator notes for details) (GHSA-hj57-j5cw-2mwp, CVE-2022-1706)
  • Support setting setuid/setgid/sticky mode bits (3.4.0-exp)
  • Warn if setuid/setgid/sticky mode bits specified (3.0.0 - 3.3.0)
  • Support UEFI Secure Boot on VMware
  • Add arm64 support to ignition-validate container
  • Document S3 fetch semantics in operator notes
  • Document considerations for handling secrets in operator notes

Bug Fixes:

  • Fix disabling systemd units with pre-existing enablement symlinks
  • Fix reuse of statically keyed LUKS volumes (2.12.0 regression)
  • Fix gs:// fetch in GCE instances configured without a service account
  • Fix error reading VirtualBox guest properties that have flags
  • Fix infinite loop if -root command-line argument is a relative path
Assets 14
Loading