AzurePipelinesCredential sets an additional OIDC request header so that it
receives a 401 instead of a 302 after presenting an invalid system access token
Allow logging of debugging headers for AzurePipelinesCredential and include
them in error messages
sdk/azidentity/v1.8.0-beta.3
1.8.0-beta.3 (2024-09-17)
Features Added
Added ObjectID type for ManagedIdentityCredentialOptions.ID
Other Changes
Removed redundant content from error messages
sdk/azidentity/v1.8.0-beta.2
1.8.0-beta.2 (2024-08-06)
Breaking Changes
NewManagedIdentityCredential now returns an error when a user-assigned identity
is specified on a platform whose managed identity API doesn't support that.
ManagedIdentityCredential.GetToken() formerly logged a warning in these cases.
Returning an error instead prevents the credential authenticating an unexpected
identity, causing a client to act with unexpected privileges. The affected
platforms are:
Azure Arc
Azure ML (when a resource ID is specified; client IDs are supported)
Cloud Shell
Service Fabric
Other Changes
If DefaultAzureCredential receives a non-JSON response when probing IMDS before
attempting to authenticate a managed identity, it continues to the next credential
in the chain instead of immediately returning an error.
sdk/azidentity/v1.8.0-beta.1
1.8.0-beta.1 (2024-07-17)
Features Added
Restored persistent token caching feature
Breaking Changes
These changes affect only code written against a beta version such as v1.7.0-beta.1
Redesigned the persistent caching API. Encryption is now required in all cases
and persistent cache construction is separate from credential construction.
The PersistentUserAuthentication example in the package docs has been updated
to demonstrate the new API.
... (truncated)
Commits
42def97 Add breaking changes to release notes (#21696)
⚙️ Generating VAP (Validating Admission Policy) in Gatekeeper has transitioned from using annotations to specifying fields in ConstraintTemplate and Constraint. Please find out more details using VAP through Gatekeeper.
🎬 Ability to enforce specific action for Gatekeeper webhook, audit, gator, or VAP in the same constraint through scopedEnforcementActions field under spec in Constraints.
Linux amd64 (checksum / 9318379b847e333460d33d291d4c088156299a26cd93d570a7f5d0c36e50b5bb)
Linux arm (checksum / f0f606d0806a518b749bd82e8dbfe6a803aa33340215590ef3977c60e366ba82)
Linux arm64 (checksum / 1888301aeb7d08a03b6d9f4d2b73dcd09b89c41577e80e3455c113629fc657a4)
Linux i386 (checksum / 4fb0cdf74a8a23622aac5980fbbc91cd95b08de5624ac0beba271d7b3b1a128d)
Linux ppc64le (checksum / 32a1b6073064a4a86d2a684180b6662ea202d1294b09ca52a6ba9d4cf071fec7)
Linux s390x (checksum / a2e80592b9e45487d8bb6b10721c759287cf18be4389b53d67c7cf1e91c84959)
Linux riscv64 (checksum / c9730c8e6a1b2b30e119270793772bcac835737a16e613aabc36b07b8e027009)
Windows amd64 (checksum / 57821dd47d5728912e14000ee62262680e9039e8d05e18342cc010d5ac7908d7)
Windows arm64 (checksum / d746889023a6df98f71d2785835e32cd6fbbf81e21a21d5e9d4542ed3cfe168d)
This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarinakeybase account. Please use the attached signatures for verifying this release using gpg.
The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.
What's Next
3.16.3 is the next patch release and will be on November 13, 2024
3.17.0 is the next feature release and will be on January 15, 2025
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the go-deps group with 6 updates in the / directory:
1.14.0
1.16.0
1.7.0
1.8.0
3.16.3
3.17.1
0.4.0
0.5.0
0.20.0
0.21.0
3.14.4
3.16.2
Updates
github.com/Azure/azure-sdk-for-go/sdk/azcore
from 1.14.0 to 1.16.0Release notes
Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.
Commits
32f5e82
BearerTokenPolicy rewinds bodies before retrying (#23597)546e099
Sync eng/common directory with azure-sdk-tools for PR 9177 (#23591)068ef3d
Handle missing artifacts without exception (#23592)c6c9acc
Fix missing CloseAddressedIssues in gh event processor (#23593)07c1fcb
Set resource group env variable early so remove always works (#23594)1e3b3f1
Sync eng/common directory with azure-sdk-tools for PR 9147 (#23595)7a626d2
Allow the span kind to be set via StartSpanOptions (#23590)40dcd1b
fixing the compareHeaders sorting algorithm (#23545)7e59111
Sync .github/workflows directory with azure-sdk-tools for PR 9134 (#23589)b9db671
[Release] sdk/resourcemanager/hybridcompute/armhybridcompute/2.0.0 (#23566)Updates
github.com/Azure/azure-sdk-for-go/sdk/azidentity
from 1.7.0 to 1.8.0Release notes
Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.
... (truncated)
Commits
42def97
Add breaking changes to release notes (#21696)112db83
Azcore v1.8.0 (#21694)204a3c4
Prep azcore v1.7.2 for release (#21506)89497f5
Add changelog entry for WASM fix (#21493)0414a4b
Transport dialer: setting nil for wasm build (#21451)b1db0be
Enable TLS renegotiation (#21182)Updates
github.com/open-policy-agent/gatekeeper/v3
from 3.16.3 to 3.17.1Release notes
Sourced from github.com/open-policy-agent/gatekeeper/v3's releases.
... (truncated)
Commits
e8d5d49
chore: Prepare v3.17.1 release (#3539)766b53b
fix: liniting error in gatekeeper-controller-manager-poddisruptionbudget.yaml...0cb7ef2
fix: vap error logging for rego only templates, cherry-pick (#3520) (#3525)d01aa68
chore: Prepare v3.17.0 release (#3509)a5e097d
chore: Prepare v3.17.0-rc.1 release (#3496)916f838
fix: fixing error reporting for templates without CEL, cherry-pick (#3493) (#...3f9ba17
chore: Prepare v3.17.0-rc.0 release (#3490)e23e53e
chore: bump golang fromaf9b40f
to39b7e6e
in /build/tooling (#3488)b222d13
chore: Removing setting alpha flags for vap/vapb generation unless explicitly...5ef6d32
chore: bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incom...Updates
go.uber.org/mock
from 0.4.0 to 0.5.0Release notes
Sourced from go.uber.org/mock's releases.
Changelog
Sourced from go.uber.org/mock's changelog.
Commits
a9c44d9
Release v0.5.0 (#213)d164a16
Add gob mode to support custom package loading techniques in place of `--exec...d01ed30
deprecated reflect mode has been replaced with package mode (#207)6d5eb71
Regenerate generated mocks (#206)8adc9de
feat:mockgen
flag--build_constraint
to add//go:build
directives (#191)c50d83c
Support Go 1.22 and Go 1.23 (#203)33ccc99
Avoid stringer-related deadlocks without adding ISGOMOCK (#204)60372e3
chore: gofumpt -w . (#202)70a5e8c
Clarify documentation on Finish (#194)ec32d99
Bump goreleaser/goreleaser-action from 4 to 6 (#182)Updates
golang.org/x/exp
from 0.0.0-20240416160154-fe59bbe5cc7f to 0.0.0-20240719175910-8a7402abbf56Commits
Updates
golang.org/x/mod
from 0.20.0 to 0.21.0Commits
46a3137
zip: set GIT_DIR in test when using bare repositories3afcd4e
go.mod: set go version to 1.22.0b1d336c
go.mod: update required go version to go1.22Updates
helm.sh/helm/v3
from 3.14.4 to 3.16.2Release notes
Sourced from helm.sh/helm/v3's releases.
... (truncated)
Commits
13654a5
Revering change unrelated to issue #131769fc8f1b
adds tests for handling of Helm index with broken chart versions #13176961194d
improves handling of Helm index with broken helm chart versions #13176f6be62b
Bump the k8s-io group with 7 updates27d44cf
adding check-latest:true46e0a0f
Grammar fixesa1bd541
Fix typos5a5449d
bumping version to 1.22.72cbf7fc
Merge pull request #13327 from mattfarina/revert-117260d439e1
bump version to v3.16.0Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show