Skip to content

Release v0.5.3

Choose a tag to compare

View all tags
@github-actions github-actions released this 25 Nov 16:54
v0.5.3
This tag was signed with the committer’s verified signature.
tkircsi Tibor Kircsi
GPG key ID: 0DB80F10DC0FAB0D
Verified
Learn about vigilant mode.
c6ad55e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🚀 AGNTCY Dir v0.5.3 Release

We're excited to announce the release of AGNTCY Dir v0.5.3, a patch release that improves SPIFFE identity injection reliability and chart security for production deployments.

🌟 What's New

SPIFFE Identity & Authentication Improvements

  • SPIFFE CSI driver support for both dirctl and apiserver charts
  • Eliminates "certificate contains no URI SAN" authentication failures
  • Synchronous workload registration before pod starts
  • Configurable CSI driver vs hostPath for debugging scenarios

Security & Reliability

  • Automatic writable home directory when readOnlyRootFilesystem is enabled
  • Fixes MCP host config file write errors in security-hardened environments
  • Read-only SPIRE socket mounts for enhanced security
  • Consistent behavior across both dirctl and apiserver charts

Developer Experience

  • Production-ready defaults with opt-out capability
  • Backwards compatible with legacy hostPath mounting
  • Explicit spire.useCSIDriver: true configuration for clarity

What's Changed

  • feat(dir/dirctl): add SPIFFE CSI driver support and auto home-dir volume by @tkircsi in #724

Full Changelog: v0.5.2...v0.5.3

Contributors

tkircsi
Assets 7
Loading
0 Join discussion