Skip to main content

spirlctl Releases

Latest Assets

AssetLatest Release VersionLocation
Linux amd64v0.21.0https://spirl-releases.s3.us-west-2.amazonaws.com/spirlctl/v0.21.0/spirlctl-v0.21.0-linux-amd64.tar.gz
Linux arm64v0.21.0https://spirl-releases.s3.us-west-2.amazonaws.com/spirlctl/v0.21.0/spirlctl-v0.21.0-linux-arm64.tar.gz
macOS amd64v0.21.0https://spirl-releases.s3.us-west-2.amazonaws.com/spirlctl/v0.21.0/spirlctl-v0.21.0-darwin-amd64.tar.gz
macOS arm64v0.21.0https://spirl-releases.s3.us-west-2.amazonaws.com/spirlctl/v0.21.0/spirlctl-v0.21.0-darwin-arm64.tar.gz
Windows amd64v0.21.0https://spirl-releases.s3.us-west-2.amazonaws.com/spirlctl/v0.21.0/spirlctl-v0.21.0-windows-amd64.tar.gz
Windows arm64v0.21.0https://spirl-releases.s3.us-west-2.amazonaws.com/spirlctl/v0.21.0/spirlctl-v0.21.0-windows-arm64.tar.gz
Homebrew Tapv0.21.0
brew tap spirl/tap
brew install spirlctl

Release Notes

spirlctl v0.21.0

Breaking Changes

  • spirlctl login with invitation code (spirlctl login --invitation) is no longer supported. Invited users now need to exclusively access the generated invitation URL for joining an organization (e.g. https://app.spirl.com/invitation/INVITATION_CODE)
  • Developer Identity commands now take --redirect-addr instead of --redirect-listener-port flag. It is also possible to store them alongside your developer identity config at $HOME/.spirl/dev-id/config.json at .dev_id.[].redirect_addr. The default is a random port at http://127.0.0.1/auth/callback

Enhancements

  • Support configuring provider attestation in cluster config and node-group config
  • Support managing provider attestation configs

spirlctl v0.20.0

Breaking Changes

  • Developer identity commands that were previously available at spirlctl exp unified-access or spirlctl exp trust-domain unified-access are now available at spirlctl exp dev-id and spirlctl exp trust-domain dev-id respectively.
  • Changed the default path the developer identity serve command uses to create the unix domain socket to /tmp/spirl/devid/workload.sock.

Bug Fixes

  • Allows you to ctrl+c when using experimental dev-id.
  • Fix clearing of X.509 customization template for a cluster when running spirlctl cluster config change-x509-template command with empty string template.
  • Fixes an issue where some binaries were not getting the correct version string at build time.

Enhancements

  • spirlctl login will now require the user to perform a code confirmation after authenticating with IDP. This extra step aims to improve the security posture by ensuring the login initiated in the CLI matches the flow completed in the browser.

spirlctl v0.19.0

Bug Fixes

  • Disables local DNS name resolution when connecting through a proxy.

Documentation

  • Fail with an explicit error if arguments are passed to "spirlctl trust-domain deployment list" by mistake, and suggest filtering using flags.

Enhancements

  • Add support for X.509 customization templates for clusters.
  • Adds --agent-endpoint-proxy flag to experimental unified access commands to route those through an HTTP CONNECT proxy.
  • Adds --endpoint-proxy to route requests to SPIRL through an HTTP CONNECT proxy.
  • You are now able to update unified access oidc configs via spirlctl.
  • You are now able to update unified access policies via spirlctl.

spirlctl v0.18.0

  • New command added for accessing audit logs.
  • Federated bundles synced on unified access.
  • Unified access serve command exists now once the SVID has expired.
  • Unified access supports Envoy SDS API.
  • Fixed some unified access management command examples.