SPIRL System Releases
Latest Assets
| Asset | Type | Latest Release Version | Location |
|---|---|---|---|
| SPIRL System Helm Chart | Helm Chart | 0.17.1 | oci://ghcr.io/spirl/charts/spirl-system:0.17.1 |
| SPIRL Agent | Container Image | 0.17.1 | ghcr.io/spirl/spirl-agent:v0.17.1 |
| SPIRL Controller | Container Image | 0.17.1 | ghcr.io/spirl/spirl-controller:v0.17.1 |
| SPIRL Agent | AMD64 Debian Package | 0.17.1 | https |
| SPIRL Agent | ARM64 Debian Package | 0.17.1 | https |
| Reflector | Container Image | 0.17.1 | ghcr.io/spirl/reflector:v0.17.1 |
Additionally, the SPIRL Agent uses the SPIFFE CSI Driver and CSI Node Driver Registrar at the following pinned versions:
| Asset | Type | Latest Release Version | Location |
|---|---|---|---|
| SPIFFE CSI Driver | Container Image | v0.2.3 | ghcr.io/spiffe/spiffe-csi-driver:0.2.3 |
| CSI Node Driver Registrar | Container Image | v2.6.0 | registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.6.0 |
Release Notes
spirl-system 0.17.1
All changes in this release are internal only
spirl-system 0.17.0
Enhancements
- Attribute allow lists can now be configured through the chart.
- Use the RSA-2048 instance verification method to attest AWS EC2 instances.
- Reflector supports managing a self-signed CA
- Make it possible to set additional labels for the agent pod in the spirl-system chart.
spirl-controller 0.6.1
All changes in this release are internal only
spirl-system-helm-chart 0.9.0
Enhancements
- SPIRL server now emits latency gRPC metrics by default if telemetry is enabled.
- Prometheus scraping annotations are added as pod annotations if telemetry is enabled
- Upgrades SPIFFE CSI driver to version 0.2.7.
- Improves the spirl-agent daemonset update strategy to replace agent pods with less impact to the workload API
spirl-agent 0.16.0
- SPIRL agents will now generate app info prometheus metrics including trust domain and trust domain deployment as labels.
- SPIRL server and agent now include three labels in the generated Prometheus metrics that can be used for filtering and dashboard building. gRPC metrics include spirl_component (agent | server), spirl_trust_domain (trust domain name), and spirl_trust_domain_deployment (trust domain deployment name) as labels. Besides that, a new metric (spirl_application_info) is generated during initialization, it also includes the aforementioned labels and the binary version as well.
- Add a flag to have the agent test and wait for the kubelet pod list API to become available during startup
spirl-system-helm-chart 0.8.0
Enhancements
- You can specify imagePullSecrets now for all pods in the helm chart.
- Introduces a useGRPCFastRedial endpoint configuration option to spirl-agent that will trigger faster redialing of the endpoint when using DNS based load balancers.
- Improves the spirl-agent daemonset update strategy to replace agent pods with less impact to the workload API
- Annotation collection on Kubernetes collections is now supported using the
includeAnnotationsoption
spirl-agent v0.15.1
Enhancements
- Introduces a useGRPCFastRedial endpoint configuration option to spirl-agent that will trigger faster redialing of the endpoint when using DNS based load balancers.
- Improves the spirl-agent daemonset update strategy to replace agent pods with less impact to the workload API
- Annotation collection on Kubernetes collections is now supported using the
includeAnnotationsoption