Pinniped (k8s)
Pinniped provides identity services to Kubernetes.
- Easily plug in external identity providers into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl command-line.
- Give users a consistent, unified login experience across all your clusters, including on-premises and managed cloud environments.
- Securely integrate with an enterprise IDP using standard protocols or use secure, externally managed identities instead of relying on simple, shared credentials.
site : https://pinniped.dev/
Release v0.19.0
Release Image
| Image | Registry |
|---|---|
ghcr.io/vmware-tanzu/pinniped/pinniped-server:v0.19.0 |
GitHub Container Registry |
docker.io/getpinniped/pinniped-server:v0.19.0 |
DockerHub |
These images can also be referenced by their digest: sha256:f71d3b973ba111a7b4499a279bf8cdf716e675ab0510645df25969fb2366b209.
Changes
This is a bugfix release for a Pinniped Supervisor bug which could potentially allow a legitimate user to maliciously use their access token to continue their session beyond what proper use of their refresh token might allow.
See GHSA-rp4v-hhm6-rcv9 for more information.
Bug Fixes
- Improve token exchange error messages and error test cases (#1264)
Minor Changes
- Several dependency bumps (#1192, #1193, and #1272). Most notably, the Kubernetes libraries were bumped to v1.25.0 and Golang was bumped to v1.19.0.
Diffs
A complete list of changes (54 commits, 362 changed files with 16,656 additions and 1,110 deletions) can be found here.
Updates
The attached yaml files were updated on May 6, 2024 to use ghcr.io/vmware-tanzu/pinniped/pinniped-server instead of projects.registry.vmware.com/pinniped/pinniped-server.