IBM Cloud Object Storage plug-in

View information for updates to the IBM Cloud Object Storage plug-in in your Red Hat® OpenShift® on IBM Cloud® clusters.

IBM Cloud Object Storage plug-in versions
IBM Cloud Object Storage plug-in version	Supported?
2.2.37	Yes
2.2.36	Yes
2.2.35	Yes

Versions are deprecated at n-2 or roughly 3 months after their release date. Plan to keep your add-on updated. For update steps, see Updating the IBM Cloud Object Storage plug-in.

Change log for version 2.2.37, released 07 April 2025

Updates golang to 1.23.8.
Resolves CVE-2025-30204 and CVE-2025-24528.

Change log for version 2.2.36, released 10 March 2025

Updates golang to 1.23.6.
Resolves the following CVEs: CVE-2020-11023, CVE-2024-45341, CVE-2025-22866, and CVE-2024-45336.

Change log for version 2.2.35, released 27 January 2025

Updates golang to 1.22.11.
Resolves the following CVEs: CVE-2024-51744, CVE-2024-45337.
Adds support for version 4.18 clusters.

Change log for version 2.2.33, released 21 November 2024

Updates golang to 1.22.9.
Resolves CVE-2024-3596.
Adds support for version 4.17 clusters.

Change log for version 2.2.32, released 26 September 2024

Fixes a mounting issue in clusters with RHCOS worker nodes.

Change log for version 2.2.31, released 24 September 2024

Updates s3fs-fuse to v1.94.
Updates golang to 1.22.7.
Resolves CVE-2024-34158, CVE-2024-34155, and CVE-2024-34156.

Change log for version 2.2.30, released 29 August 2024

Updates golang to 1.21.13.
Resolves the following CVEs: CVE-2024-6104, CVE-2024-24791, CVE-2023-45288, CVE-2024-2398, CVE-2024-37370, and CVE-2024-37371.

Change log for version 2.2.29, released 31 July 2024

Adds support for Ubuntu 24 worker nodes.

Change log for version 2.2.28, released 17 July 2024

Resolves CVE-2023-2953 and CVE-2024-28182

Change log for version 2.2.27, released 17 July 2024

Resolves CVE-2024-24789 and CVE-2024-24790

Change log for version 2.2.26, released 5 June 2024

Adds HPCS support.
Updates golang base image to fix vulnerabilities CVE-2023-7008, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602.

Change log for version 2.2.25, released 24 April 2024

Resolves CVE-2023-45288, CVE-2024-24785, CVE-2023-44487, and CVE-2023-45288

Change log for version 2.2.24, released 22 February 2024

Fixes an installation issue on Satellite clusters with CoreOS worker nodes.

Change log for version 2.2.23, released 29 January 2024

Replaces UBI image with scratch image.
Resolves CVE-2023-3446, CVE-2023-3817, and CVE-2023-5678.

Change log for version 2.2.22, released 20 November 2023

Updates Golang to 1.21.4
Updates UBI image to 8.9-1029
Resolves the following CVEs: CVE-2023-22745, CVE-2007-4559, CVE-2023-40217, CVE-2023-4641, CVE-2023-45283, and CVE-2023-45284.

Change log for version 2.2.21, released 13 November 2023

Updates Golang to 1.21.3
Updates the ibmc plug-in to create the deployment namespace with privileged labels to enforce Pod Security Standards.
Updates s3fs fuse to v1.93

Change log for version 2.2.20, released 30 October 2023

Updates UBI to 8.8-1072.1697626218 to fix CVE-2023-44487.
Updates to fix CVE-2023-39325.

Change log for version 2.2.19, released 12 October 2023

Updates UBI image to 8.8-1072
Resolves the following CVEs: CVE-2023-29491, CVE-2023-4911, CVE-2023-4527, CVE-2023-4806, and CVE-2023-4813.

Change log for version 2.2.18, released 7 September 2023

Adds support for RHCOS 4.13.
Updates Golang to 1.19.12.
Updates UBI image to 8.8-1037.
Resolves the following CVEs: CVE-2023-29409, CVE-2023-27536, CVE-2023-2602, CVE-2023-2603, CVE-2023-34969, CVE-2023-28321, CVE-2023-28484, and CVE-2023-29469.

Change log for version 2.2.17, released 3 July 2023

Updates Golang to 1.19.11.
Updates UBI image to 8.8-1014.
Resolves the following CVEs: CVE-2023-29406, CVE-2020-24736, [CVE-2023-1667], CVE-2023-2283, and CVE-2023-26604.

Change log for version 2.2.16, released 3 July 2023

Adds support for auto creation and deletion of user defined bucket names.

Change log for version 2.2.15, released 19 June 2023

Updates UBI image to 8.8-860.
Updates Golang to 1.19.10.
Resolves the following CVEs: CVE-2023-29401, CVE-2023-26125, CVE-2022-3172,CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29402, CVE-2023-29400, CVE-2023-24540, CVE-2023-24539, CVE-2022-43552, CVE-2022-3204, CVE-2023-27535, CVE-2022-36227, and CVE-2022-35252.

Change log for version 2.2.14, released 02 May 2023

Updates the UBI image to 8.7-1107.
Updates Golang to 1.19.8.
Resolves the following CVEs: CVE-2023-0361, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538.

Change log for version 2.2.13, released 03 April 2023

Updates the UBI image to 8.7-1085.1679482090.
Resolves the following CVEs: CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286.

Because this update affects regional storage classes, you must uninstall and reinstall the 2.2.13 chart so the new storage classes are created in your cluster. This change primarily impacts single site clusters because the regional storage classes, such as ibmc-s3fs-standard-regional, now point to the single site COS endpoint instead of the regional endpoints. This change is not applied automatically to existing PVCs and pods. You must create new PVCs with the new storage classes for the changes to take effect. For more information on how to update your PVCs, refer to the Adding object storage to apps documentation.

Change log for version 2.2.12, released 20 March 2023

Updates Golang to 1.19.7.
Resolves the following CVEs: CVE-2023-24532, CVE-2022-41722, CVE-2022-41725, CVE-2023-23916.

Change log for version 2.2.11, released 03 March 2023

Updates Golang to 1.19.6.
Updates the UBI Image to 8.7-1085.
Updates s3fs fuse to d1388ff.
Resolves the following CVEs: CVE-2022-41723, CVE-2022-41724, CVE-2022-4415, CVE-2020-10735, CVE-2021-28861, CVE-2022-45061, CVE-2022-40897.

Change log for version 2.2.10, released 21 February 2023

Updates the UBI Image to 8.7-1049.1675784874.
Updates the default values for CPU request and CPU limit to 100m and 500m respectively.
Updates the default values for Memory request and Memory limit1 to 128Mi and 500Mi respectively.
Resolves CVE-2022-47629.

Change log for version 2.2.9, released 13 February 2023

Adds support for the --set allowCrossNsSecret=true/false option when you install the IBM Cloud Object Storage plug-in. For more information, see Installing the IBM Cloud Object Storage plug-in.
Adds support for Wasabi and AWS s3 providers on Satellite clusters.
On Satellite clusters, the object store endpoint is now auto populated based on the cos.storageClass and s3provider options.

Change log for version 2.2.8, released 23 January 2023

Updates the UBI Image to 8:8.7-1049
Adds PriorityClasses for driver and plug-in pods
Updates tolerations for plug-in pod
Adds support for encrypting buckets with IBM Key Protect by using your root key CRN when creating buckets.
Resolves the following CVEs: CVE-2022-43680, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-3821, CVE-2022-35737, CVE-2021-46848.

Change log for version 2.2.7, released 5 January 2023

Renames flex StorageClasses to Smart StorageClasses
Updates GoLang to 1.18.9
Resolves CVE-2022-41717 and CVE-2022-41720

Because this change affects storage classes, you must uninstall and reinstall the 2.2.7 chart so the new storage classes are created in your cluster. This change is not automatically applied to existing PVCs and pods. You must create new PVCs with the new storage classes for the changes to take effect.

Change log for version 2.2.6, released 15 December 2022

Updates the tls-cipher-suite value to default in all the s3fs storage classes for all Red Hat OpenShift clusters.
Updates the tls-cipher-suite value to AESGCM for all Kubernetes clusters.
If you want to overwrite the value from default to any other specific tls-cipher-suite, annotate your PVC with ibm.io/tls-cipher-suite: "<cipher-suite-value>".

Because this change affects storage classes, you must uninstall and reinstall the 2.2.6 chart so the new storage classes are created in your cluster. This change is not automatically applied to existing PVCs and pods. You must create new PVCs with the new storage classes for the changes to take effect.

Change log for version 2.2.5, released 9 December 2022

Updates the UBI image to 8.7-923.1669829893

Change log for version 2.2.4, released 5 December 2022

Updates Golang to 1.18.8
Resolves CVE-2022-41715, CVE-2022-2879, CVE-2022-2880

Change log for version 2.2.3, released 15 November 2022

Updates the UBI image to 8.7-923
Resolves CVE-2016-3709, CVE-2022-30698, CVE-2022-30699, CVE-2022-1304.

Change log for version 2.2.2, released 8 November 2022

Updates the UBI image to 8.6-994.
Resolves CVE-2022-37434, CVE-2020-35525, CVE-2020-35527, CVE-2022-3515, CVE-2022-2509, CVE-2022-40674.

Change log for version 2.2.1, released 20 September 2022

Updates the UBI image to 8.6-941
Updates Golang 1.18.6
Resolves CVE-2022-27664

Change log for version 2.2.0, released 12 September 2022

Updates the UBI image to 8.6-902.1661794353
Resolves CVE-2022-32206, CVE-2022-32208, CVE-2022-2526.
Cloud Pak certification renewed for the plug-in

Change log for version 2.1.21, released 24 August 2022

Updates Golang to 1.18.5
Updates the UBI image to 8.6-902
Resolves CVE-2022-1962, CVE-2022-1586, CVE-2022-2068, CVE-2022-1292, CVE-2022-2097.

Change log for version 2.1.20, released 17 August 2022

Adds support for RHEL 8.

Change log for version 2.1.19, released 27 July 2022

Updates the following mount paths for the driver pods. - Mounts /etc/os-release or /etc/lsb-release as read only. - Mounts /etc/kubernetes instead of /etc or /usr/libexec/kubernetes to install the FlexVolume binary. - Mounts /usr/local/bin instead of /usr/local to install the s3fs binary.

Change log for version 2.1.18, released 14 July 2022

Updates the UBI Image to 8.6-854
Resolves CVE-2022-29824, CVE-2021-40528, CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-25313, [CVE-2022-25314] (https://nvd.nist.gov/vuln/detail/CVE-2022-25314)
Updates Golang to 1.18.3

Change log for version 2.1.17, released 28 June 2022

Updates the UBI to 8.6-751.1655117800
Updates s3fs-fuse fix a segfault issue.
Adds support to configure ephemeral storage of plug-in and driver pods.

Change log for version 2.1.16, released 25 May 2022

Updates the UBI to 8.6-751
Added support for adding ips by using PVC annotation for configBucketAccess
Added support for crftoken to be fetched from storage-secret-store

Change log for version 2.1.15, released 6 May 2022

Updates the UBI to 8.5-243.1651231653
Resolves CVE-2022-1271
Updates GoLang to 1.17.9