- Add seanzatzdev-amazon OWNERS. (#1200, @seanzatzdev-amazon)
- CVE-2024-24786: bump google.golang.org/protobuf to v1.33.0. (#1286, @dobsonj)
- Update EFS Utils Restoration to Overwrite Certificates. (#1289, @mskanth972)
- Add static & dynamic provisioning options for using efs-utils crossacount mount option for cross-account AZ mapping between client instance and mount target (#1292, @seanzatzdev-amazon)
- Add unit tests for cross account dns feature (#1293, @seanzatzdev-amazon)
- Add feature to disable efs-utils version check. (#1272, @RyanStan)
- Fix checker in controller to use gid instead of uid. (#1269, @ashrayjain)
- Update efs-csi-driver to use efs-utils latest release v1.35.2 (https://github.com/aws/efs-utils/releases/tag/v1.35.2)
- Allow controller SA to describe Secrets - fixes cross account dynamic provisioning. (#1256, @RyanStan)
- Added Fargate support for EFS CSI Controller. (#1195, @Rio Maulana)
- Bump the side-cars to the latest to mitigate the CVEs. (#1246, @mskanth972)
- Update efs-csi-driver to use efs-utils latest release v1.35.1 which include adding 'fsap' to the ignored mount option list, compatibility with OpenSSL 3.0 in the RPM spec file, a new watchdog log message for outdated efs-utils versions, and regeneration of empty private key files.
- Edit file paths in provisioning.go to fix failing e2e test. (#1223 @seanzatzdev-amazon)
- CVE-2023-48795: bump golang.org/x/crypto to v0.17.0. (#1222, @dobsonj)
- set results count for listing access points. (#1217, @RomanBednar)
- Reduce calls to EFS API. (#1226, @otorreno)
- Fixed the GID allocator work with the cross account feature. (#1199, @RomanBednar)
- Added Startup Taint Removal Feature to alleviate potential race conditions. (#1197, @mskanth972)
- Updated the apiversion in StaticProvisioning storageclass.yaml example file. (#1193, @Rajit11)
- README Update: Update Static Provisioning README.md on mounttargetip option. (#1192, @seanzatzdev-amazon)
- Updated the GID allocator to allocate GIDs in increasing order. (#1182, @RomanBednar)
- Updated the sidecar tags to the latest. (#1161, @mskanth972)
- Fixed Posixuser nil pointer dereference issue. (#1180, @mskanth972)
- Fixed CVE-2023-45142: bump k8s and opentelemetry. (#1176, @jsafrane)
- README Update: Fix typo in installation with public manifest. (#1168, @ysam12345)
- README Update: Updating README for 'noresvport' mount option. (#1158, @mskanth972)
- Added Storage Class features to allow more control of the directory structure of Access Points under Dynamic Provisioning. (#640, @jonathanrainer)
- Added Storage Class feature to allow access points to be replicated across different clusters. (#1026, @mskanth972)
- Fixed GID allocator. (#850, @RomanBednar)
- Added unit test for subpath patterns with repeated elements. (#1117, @seanzatzdev-amazon)
- Updated manifest paths in aws-efs-csi-driver/vendor/k8s.io/kubernetes/test/e2e/storage/testsuites/provisioning.go. (#1118, @seanzatzdev-amazon)
- Added e2e test for dynamic provisioning. (#1120, @seanzatzdev-amazon)
- Added CSI_NODE_NAME to node Daemonset. (#1124, @RyanStan)
- Removed old TravisCI config file. (#1129, @jacobwolfaws)
- Added hostnetwork back to Node Daemonset. (#1130, @RyanStan)
- Fixed ensureUniqueDirectory parameter in docs. (#1133, @wilkerlucio)
- Increased the AccessPoint MAX limit from 120 to 1000. (#1135, @seanzatzdev-amazon)
- Moved to new s3 bucket. (#1137, @dims)
- Bump golang.org/x/net/html to fix CVE-2023-3978. (#1089, @jsafrane)
- Set efs-plugin container security context to
truewhich can solve the deleteAccessPointRootDir issues. (#1096, @seanzatzdev-amazon) - Updated all the necessary components to enable running kOps / EKS e2e CI jobs in the latest version of K8s without
hostNetwork: true. (#1088, @torredil)
- Addressed CVEs (CVE-2023-2602, CVE-2019-15167, CVE-2-23-2431, CVE-2023-2727).
- updated go and k8s packages and removed SSH from CI as it is unnecessary and introduces a potential flake point. (#1007, @mskanth972)
- Remove usage of 'echo' from log collector script. (#1071, @RyanStan)
- Addressed CVEs (CVE-2023-29491, CVE-2023-32731).
- Updated the security context parameter of the efs-plugin container. (#1055, @mskanth972)
- Addressed CVEs (CVE-2023-0464, CVE-2023-0466, CVE-2023-2650, CVE-2023-0465, CVE-2015-8390, CVE-2015-8394)
- Added a e2e test to make sure that side-car images are located in Private ECR repository. (#1018, @mskanth972)
- Upgraded golang to v1.20. (#992, @kalpanathanneeru21)
- Validate fstype on CreateVolume rather than NodePublishVolume. (#1027, @jingxu97)
- Added the SecurityContext for Driver (#1001, @mskanth972)
- Updated Side-cars to address pull back error in private manifest (#1009, @mskanth972)
- Add reminder to always update weaveworks when updating policy (#1002, @Ashley-wenyizha)
- Updating README on how to delete access point when deleting PVC (#1004, @mskanth972)
- Updated the README with information on mountOptions that can be provided while mounting (#1006, @mskanth972)
- Updated the K8s packages to 1.22.16 to mitigate the CVE-2022-3294 (#984, @mskanth972)
- Upgrade k8s and eksctl version for Test cluster failure fix (#987, @Ashley-wenyizha)
- Bumped the side-cars version to the latest (#993, @mskanth972)
- Mitigated golang CVE-2022-41723 (#961, @RyanStan)
- Updated the example IAM policy by adding
elasticfilesystem:TagResourcepermission for tagging EFS resources. (#964, @mskanth972)
- Golang.org/x/net version update (#897, @RomanBednar)
- New image based on minimal EKS Distro images (#903, @RyanStan)
- feat(node/controller): allow to set updateStrategy (#740, @lefterisALEX)
- Revised and passed volume related arguments in the daemonset instead of controller (#942, @mskanth972)
- README update on
delete-access-point-root-dirargument - README update on DNS name resolving issue
- Upgrade AL2 version and address CVEs ( CVE-2022-4304, CVE-2023-0215, CVE-2023-0286 )
- Upgrade to latest sidecars versions
- Upgrade AL2 version and address CVEs (CVE-2021-4217, CVE-2022-0529, CVE-2022-0530, CVE-2022-4141, CVE-2023-0049, CVE-2022-45061, CVE-2022-27781, CVE-2022-23521, CVE-2021-46848, CVE-2022-4292, CVE-2022-43551, CVE-2022-35737, CVE-2022-42898, CVE-2022-41903)
- Bumped up the sidecars version
- Fixed-AWS EFS CSI Driver crashes if Access Point creation fails and static GID set
- Update efs-csi-driver to use efs-utils latest release v1.34.5 which Handle invalid mount point name, Avoid redundant get_target_region call, Update man page and Watchdog detect empty private key and regenerate
- Update efs-csi-driver to use efs-utils latest release v1.34.4 and include stunnel fix (#125)
- Update the efs-utils to v1.34.3 to reduce possibility of multiple mounts starting from same port range
- Update efs-utils to stunnel5.
- upgrade to k8s.io/kubernetes v1.22.3 to mitigate the CVE-2021-25740.
- Reverting back the efs-utils version from v1.34.1 (latest version) to v1.33.4 (previous version) as in the the new version v1.34.1 stunnel bin is removed in csi-driver.
- Release-1.4 : post-release files updated (#782, @mskanth972)
- Mitigated AL2 related CVEs including : CVE-2022-27664, CVE-2018-25032, CVE-2021-4189, CVE-2022-0391, CVE-2021-3999, CVE-2022-30630, CVE-2022-3099, CVE-2022-30631, CVE-2022-2982, CVE-2022-29526, CVE-2022-2287, CVE-2021-3737, CVE-2021-3733, CVE-2019-12900
- Update deprecated NodeSelector (#743, @dschunack)
- Update golang.org/x/text/language for CVE-2021-38561 (#738, @RomanBednar)
- Update uid/gid Readme (#752, @Ashley-wenyizha)
- Should not pass in mount option of awscredsuri (#755, @Ashley-wenyizha)
- Added support for FIPS (#760, @dima618)
- Revise awscredsuri validation to prefix check (#762, @Ashley-wenyizha)
- Latest AL2 base image update
- Conditionally added AWS_STS_REGIONAL_ENDPOINTS flag (#585, @holmesb)
- Removing Dependency on IMDS, allowing
hostNetwork: trueto be removed (#681, @jonathanrainer) - Support e2e test EFS create on EKS clusters by finding EKS node subnets (#707, @wongma7)
- Upgrade gopkg.in yaml.v3 (#717, @Ashley-wenyizha)
- From V1.3.8 and forward, efs-csi-driver will stop updating docker Hub for new releases
- Revise utils tag number (#666, @Ashley-wenyizha)
- Upgrade to k8s.io/kubernetes v1.22.1 (#671, @Ashley-wenyizha)
- Upgrade to k8s.io/kubernetes v1.22.2 (#680, @Ashley-wenyizha)
- Disable getting all secrets from ns by default (#674, @Ashley-wenyizha)
- go.mod: fix non-existing k8s.io/kubernetes version (#645, @bertinatto)
- New efs-utils version of v1.32.1 (https://github.com/aws/efs-utils/releases/tag/v1.32.1)
- [release-1.3] Release v1.3.5: release helm chart v2.2.1 and update kustomize (#600, @wongma7) @wongma7)
- Security patch & upgrade of k8s.io/kubernetes, linux and golang (#619, @Ashley-wenyizha)
- Add uid and gid parameters (#621, @Ashley-wenyizha)
- Release helm-chart v2.1.6 (#546, @chrishenzie)
- [release-1.3] Update ecr kustomize overlay to pull sidecars from private ecr, not public (#550, @wongma7)
- Release helm chart v2.1.6 (#557, @wongma7)
- [release-1.3] Feature/allow health ports to be configured (#558, @wongma7)
- Fast-forward to latest ebs hack/e2e scripts with eksctl support, k8s 1.20, etc. (#510, @wongma7)
- Add node/daemonset service account to helm chart (#512, @wongma7)
- Fix (and format) log collector script (#525, @wongma7)
- Fix node-serviceaccount.yaml missing from kustomize (#527, @wongma7)
- Bump release version for multi-arch support.
- efs-csi-driver now supports arm and image is multi-arch
- Fixed the error message (#487, @pierluigilenoci)
- Clean up unnecessary resources after installation in docker file (#483, @kbasv)
- Remove platform hardcode for golang in Dockerfile (#485, @kbasv)
- Update cross account mount example with specs and add missing setup step (#488, @kbasv)
- efs-csi-driver now supports cross account and cross
azmount - Helm chart clean up
- Add support for cross account mount (#470, @kbasv)
- Helm chart: make more fields configurable for the deployment, daemonset and storage class (#406, @Misteur-Z)
- Add x-AZ mount support for efs-csi-driver (#425, @kbasv)
- Fix helm chart external-provisioner RBAC not being created if serviceaccount.controller.create false (#386, @wongma7)
- Fix creation of multiple storage classes in Helm chart (#388, @NilsGriebner)
- Fix verify command (#424, @buptliuwei)
- Helm chart: fix reclaimPolicy and volumeBindingMode (#464, @devinsmith911)
- Put comments back in place inside the values file (#475, @pierluigilenoci)
- feat: add helm config to enable deleteAccessPointRootDir (#412, @KarstenSiemer)
- feat: add controller access point tags to helm chart (#413, @KarstenSiemer)
- feat: helm add storageclass annotations (#414, @KarstenSiemer)
- Add fargate support in the EFS CSI driver (#418, @anonymint)
- Install efs-utils from github (#442, @kbasv)
- Update access point root directory name to use PV name (#448, @kbasv)
- Add documentation and examples for cross-account mount (#477, @kbasv)
- Add
hostNetwork: trueon efs-csi-controller deployement. (#380, @jihed) - Bump sidecar images to latest available in ecr (#382, @wongma7)
- Add
iammount option while deleting Access Point root directory (#422, @kbasv) - Add empty StorageClasses from static example (#423, @Yu-HaoYu)
- Reduce default log level to 2 (#426, @wongma7)
- Create a new AWS session with the region (#435, @bodgit)
- Change controller port 9808->9909 to avoid node/ebs conflict (#437, @wongma7)
- Add kbasv as approver (#447, @kbasv)
- efs-csi-driver now supports dynamic provisioning
- Implement dynamic provisioning (#274, #297, @kbasv)
- Add tags to efs resources provisioned by driver (#309, @kbasv)
- Bump efs-utils version to 1.29.1-1 (#366, @kbasv)
- Daemonset Affinity for fargate nodes (#329, @benmccown-amz)
- The hostPath directory where the driver DaemonSet Pods write state files to their respective Node hosts has changed to fix the driver not working on Bottlerocket OS Nodes. No matter what OS your Nodes are running, you must use a supported method like helm or kustomize to update the driver. If not, i.e. if you only change the image tag of your DaemonSet, the migration from old to new directory won't succeed. See "change config dir location" below for details.
| filename | sha512 hash |
|---|---|
| v1.0.0.zip | ecce6558e9a5ea3a94578eefc6cbe4fedc452fefeb60ff1b7f07257143c7a03b2410ad1ffc2b2bbc2065b255cc4b35ec56a09bb3f1561ebe90f8a763da12b19d |
| v1.0.0.tar.gz | e31defba0d0975a8a3ba4661881638b4cfb45e0b76d1c0d714b7a556eecdab77562b7dda461b6b86350a11946548a42057f1453bd5934d0299f54923e335294b v1.0.0 |
- Support access points on the same file system (#185, @2uasimojo)
- Add encryptInTransit volume attribute (#205, @wongma7)
- Adding amd64 as nodeSelector to avoid arm64 archtectures (#143) (#144, @hugoprudente)
- Update efs-utils to 1.26-3.amzn2 and amazonlinux to 2.0.20200602.0 (#216, @wongma7)
- Add example for Access Points (#153, @2uasimojo)
- Pin dependency library versions (#154, @2uasimojo)
- Bump livenessprobe and node-driver-registrar versions (#155, @wongma7)
- Updated node.yaml to update deprecated node selectors (#158, @nithu0115)
- Only publish if access type is 'mount', not 'block' (#164, @wongma7)
- Upgraded CSI spec to v1.2.0 (#169, @jqmichael)
- Bump k8s dependencies to 1.17.6 (#174, @wongma7)
- added helm repo yaml in docs folder (#194, @kferrone)
- Push image to 7 digit git sha tag instead of latest tag for master branch changes (#202, @wongma7)
- Started treating the efs-utils config dir stateful and also handles the static files installed at image build time (#212, @jqmichael)
- Build and push every master commit to master tag (#215, @wongma7)