SPIRL Server Releases
Latest Assets
| Asset | Type | Latest Release Version | Location |
|---|---|---|---|
| SPIRL Server Helm Chart | Helm Chart | 0.15.0 | oci://ghcr.io/spirl/charts/spirl-server:0.15.0 |
| SPIRL Server | Container Image | v0.19.1 | ghcr.io/spirl/spirl-server:v0.19.1 |
Release Notes
spirl-server-helm-chart 0.15.0
Enhancements
- SPIRL server now emits latency gRPC metrics by default if telemetry is enabled.
- Prometheus scraping annotations are added as pod annotations if telemetry is enabled
- SPIRL server and agent now include three labels in the generated Prometheus metrics that can be used for filtering and dashboard building. gRPC metrics include
spirl_component(agent | server),spirl_trust_domain(trust domain name), andspirl_trust_domain_deployment(trust domain deployment name) as labels. Besides that, a new metric (spirl_application_info) is generated during initialization, it also includes the aforementioned labels and the binary version as well. - Add the ability to configure horizontal pod autoscaler in the server chart
spirl-server v0.19.1
Enhancements
- SPIRL server now emits latency gRPC metrics by default if telemetry is enabled.
- Prometheus scraping annotations are added as pod annotations if telemetry is enabled
- SPIRL agents will now generate app info prometheus metrics including trust domain and trust domain deployment as labels.
- td-server: add a self-refreshing cache that bundles the aws requests to save aws API quota
spirl-server-helm-chart 0.14.0
Bug Fixes
- Fix issue where imagePullSecrets resulted in invalid Kubernetes objects.
Enhancements
- Add Pod Disruption Budget to the server deployment.
- You can now specify resources for the venafi firefly integration sidecar.
spirl-server v0.18.0
Bug Fixes
- Fixed a bug loading data CR encryption keys generated before the 0.17.1 release.
- Improved data CR garbage collection accuracy
- Improved data CR resiliency under CPU throttled conditions
Enhancements
- Improved reporting and recovery when data CRs are missing
spirl-server-helm-chart 0.13.0
Enhancements
- Add GCP KMS integration into spirl-server allowing it to use GCP KMS encryption for locally stored, sensitive data.
- Trust domain server metrics collection and telemetry server can now be toggled and configured with new helm chart values. Refer to https://d.spirl.com/configuration/spirl-system-telemetry for more information.
- Add Azure KeyVault integration into spirl-server allowing it to use Azure KeyVault encryption for locally stored, sensitive data.
- Use the latest spirl-server image release, version 0.17.1, by default when installing via Helm chart.
spirl-server 0.17.1
Bug Fixes
- Add a dedicated timeout during startup for how long to wait for initial x509source to initialize
- Avoids use of cached attestation if we're missing required attributes
- Fix a bug which can in some conditions lead to high CPU usage when an unrecoverable error occurs.
Enhancements
- Update to go 1.24
- Add Azure KeyVault integration into spirl-server allowing it to use Azure KeyVault encryption for locally stored, sensitive data.
- Add GCP KMS integration into spirl-server allowing it to use GCP KMS encryption for locally stored, sensitive data.
- Trust domain server metrics collection and telemetry server can now be toggled and configured with new helm chart values. Refer to https://d.spirl.com/configuration/spirl-system-telemetry for more information.
- spirl-agent and td-server: the td-server will challenge the agent with the type of provider attestation and the agent will respond to that (overrides the agent flag)
- td-server: support attesting agents running in aws ec2 instances in multi regions
spirl-server-helm-chart 0.12.0
- Adds support for Kubernetes topologySpreadConstraints.
- Improves graceful shutdown behavior.
- Adds ‘createRoles’ property to allow giving an existing service account the necessary roles.
spirl-server v0.16.0
- Added a back-off mechanism to the cache of the SPIRL server improving resiliency.
- Federated bundles are now synced during unified-access operations.
- Improved the way we build multi-arch production images.
- Improved graceful shutdown behavior.