Skip to content

Latest commit

 

History

History
875 lines (522 loc) · 24.4 KB

CHANGELOG.md

File metadata and controls

875 lines (522 loc) · 24.4 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project's packages adheres to Semantic Versioning.

Unreleased

7.0.0 - 2024-11-19

Removed

  • Removed PSP support and thus support for pre v1.25 Kubernetes clusters.
    • Removed .global.podSecurityStandards.enforced Helm value.
  • Removed .project.branch and project.commit Helm values.

Changed

  • Bump architect-orb to v5.11.1.
  • Updated build pipeline to use app-build-suite.
    • Changed value for application.giantswarm.io/branch label to point to .Chart.AppVersion instead as ABS does not support mangling the templates anymore.
    • Changed value for application.giantswarm.io/commit label to point to .Chart.AppVersion instead as ABS does not support mangling the templates anymore.
  • Defaulted .image.tag to be an empty string and default that to .Chart.AppVersion in the deployment.
  • Bumped chart-operator version to v3.3.0 in integration tests.
  • Bumped test-app version to v1.0.0 in integration tests.

Added

  • Added ignore-check.kube-linter.io/no-read-only-root-fs annotation to the deployment to inform kubelinter and describe why the write access to the root FS is needed.

6.11.2 - 2024-10-22

6.11.1 - 2024-10-08

Fixed

  • Retain a list of finalizers of Chart CR when updating it.

Changed

  • Update PolicyExceptions to v2 and failover to v2beta1.

6.11.0 - 2024-04-23

Added

  • Add support for App resources having a dependency on HelmReleases.

6.10.3 - 2024-01-29

Fixed

  • Move pss values under the global property

6.10.2 - 2023-12-06

Changed

  • Set gsoci.azurecr.io as the default container registry for this app's image(s).

6.10.1 - 2023-11-22

Fixed

  • Add policy exception so that controller can be deployed in bootstrap mode (uses host network)

6.10.0 - 2023-11-15

Added

  • Add option to disable k8s client cache.

6.9.0 - 2023-11-10

Changed

  • Add a switch for PSP CR installation.

6.8.1 - 2023-09-14

Fixed

  • Use the right name for Chart CR to be deleted.

6.8.0 - 2023-07-06

Added

  • Add Service Monitor by default to make it complain with the latest monitoring improvements

6.7.0 - 2023-05-10

Changed

  • Only include PodSecurityPolicy on clusters with policy/v1beta1 api available.
  • Only include PodMonitor on clusters with monitoring.coreos.com/v1 api available.

Removed

  • Stop pushing to openstack-app-collection.

6.6.4 - 2023-04-05

Changed

  • Improved feedback when searching for an app in catalog.

6.6.3 - 2023-03-21

Changed

  • Lowered resource requests and limits
  • Changed VPA to consider unique and workload cluster operators as well and added support for min allowed fields of CPU and memory

6.6.2 - 2023-03-10

Changed

  • Bump giantswarm/app package to v6.15.5

6.6.1 - 2023-03-09

Changed

  • Bump giantswarm/app package to v6.15.2 to fix cluster and namespace singletons checks for CAPI.

6.6.0 - 2023-02-02

Added

  • Add support for dependencies between apps using app-operator.giantswarm.io/depends-on annotation.

6.5.1 - 2023-02-01

Changed

  • Bump giantswarm/app package to v6.15.2 to weaken the condition on userConfig names for default apps.

6.5.0 - 2022-12-02

Fixed

  • Fix building URLs for OCI Repositories assigned to non-internal Catalogs.

6.4.4 - 2022-11-29

Fixed

  • Fix workload cluster request template.

6.4.3 - 2022-11-23

Changed

  • Use port instead of deprecated targetPort field for PodMonitor

Fixed

  • Provide synchronization between goroutines operating on indices maps.

6.4.2 - 2022-11-21

Changed

  • Bump github.com/giantswarm/app to v6.15.1

6.4.1 - 2022-09-26

Fixed

  • Fix a bug that skips adding the chart-values or chart-secrets entries to the Chart CR when they are only created via extra configs of the App CR

6.4.0 - 2022-09-22

Added

  • Support timeouts fields in the App CR.

Changed

  • Add support for new control-plane label in k8s 1.24.

6.3.0 - 2022-07-11

Added

  • If no userconfig configmap or secret reference is specified but one is found following the default naming convention (*-user-values / *-user-secrets) then the App resource is updated to reference the found configmap/secret.

6.2.0 - 2022-07-11

Added

Changed

  • Bump github.com/giantswarm/app to v6.12.0

6.1.0 - 2022-07-05

Changed

  • Use downward API to set deployment env var KUBERNETES_SERVICE_HOST to status.hostIP.
  • Change initialBootstrapMode configuration value to bootstrapMode.
  • Tighten pod and container security contexts for PSS restricted policies.

Added

  • Allow to set api server pod port when enabling initialBootstrapMode.

6.0.1 - 2022-06-20

Added

  • Add support for Catalogs that define multiple repository mirrors to be used in case some of them are unreachable.

Changed

  • Only run PodMonitor outside of bootstrap mode.

6.0.0 - 2022-06-08

Added

  • Added PodMonitor to the Helm chart to collect metrics from the running operator pod (instead of via the Service)

Changed

  • This version requires prometheus-meta-operator of v3.6.0 or later to scrape the metrics from the PodMinitor
  • This version requires kyverno-policies-observability of v0.1.2 or later to have proper labels applied to metrics

Removed

  • Removed Service from the Helm chart

5.12.0 - 2022-06-06

Added

  • Add initialBootstrapMode flag to allow deploying CNI as managed apps.

5.11.0 - 2022-05-23

Changed

  • Only set resource limits on the deployment when the VPA is not available or disabled
  • Increase min / max resource limits on VPA

5.10.2 - 2022-05-18

Fixed

  • Add missing permissions for apps/deployments.

5.10.1 - 2022-05-18

Fixed

  • Limit *-chart ClusterRole and ClusterRoleBinding to giantswarm namespace deployment.

5.10.0 - 2022-05-16

Fixed

  • Fix app-operator RBAC to avoid granting excessive permissions to its ServiceAccount.

Removed

  • Remove authtokenmigration resource.

5.9.0 - 2022-04-07

Changed

  • Update helmclient to v4.10.0.
  • Update giantswarm/appcatalog to v0.7.0, adding support for internal OCI chart catalogs.

5.8.0 - 2022-03-11

Added

  • Add support for relative URLs in catalog indexes.

Fixed

  • Continue processing AppCatalogEntry CRs if an error occurs.
  • Only show AppCatalogEntry CRs that are compatible with the current provider.
  • For internal catalogs generate tarball URLs instead of checking index.yaml to prevent chicken egg problems in new clusters.

5.7.5 - 2022-03-01

Fixed

  • Fix label selector in app values watcher so it supports CAPI clusters.
  • Strip cluster name from App CR name to determine Chart CR name in chart/current.go resource to fix WC app updates.

5.7.4 - 2022-03-01

Fixed

  • Allow usage of chart-operator PSP so it can be bootstrapped.

5.7.3 - 2022-02-28

Fixed

  • Fixing patch to not reset fields.

5.7.2 - 2022-02-25

Fixed

  • Remove compatible providers validation for AppCatalogEntry as its overly strict.
  • Push image to Docker Hub to not rely on crsync.

5.7.1 - 2022-02-22

Fixed

  • Restrict PSP usage to only named resource.

5.7.0 - 2022-02-17

Added

  • Annotate App CRs after bootstrapping chart-operator to trigger reconciliation.

5.6.0 - 2022-02-02

Changed

  • Get tarball URL for chart CRs from index.yaml for better community app catalog support.

Fixed

  • Fix error handling in chart CR watcher when chart CRD not installed.

5.5.2 - 2022-01-28

Fixed

  • Fix getting kubeconfig in chart CR watcher.

5.5.1 - 2022-01-20

Fixed

  • When bootstrapping chart-operator the helm release should not include the cluster ID.

5.5.0 - 2022-01-19

Added

  • Support watching app CRs in organization namespace with cluster label selector.

5.4.1 - 2022-01-14

Fixed

  • Embed Chart CRD in app-operator to prevent hitting GitHub API rate limits.

5.4.0 - 2021-12-17

Changed

  • Update Helm to v3.6.3.
  • Use controller-runtime client to remove CAPI dependency.
  • Use apptestctl to install CRDs in integration tests to avoid hitting GitHub rate limits.

Removed

  • Remove releasemigration resource now migration to Helm 3 is complete.

5.3.1 - 2021-12-08

Added

  • Support for App CRs with a v prefixed version. This enables Flux to automatically update the version based on its image tag.

5.3.0 - 2021-11-11

Changed

  • Use dynamic client instead of generated client for watching chart CRs.
  • Validate .spec.kubeConfig.secret.name in validation resource.

5.2.0 - 2021-08-19

Changed

  • Reject App CRs with version labels with the legacy 1.0.0 value.
  • Validate .spec.catalog using Catalog CRs instead of AppCatalog CRs.

5.1.1 - 2021-08-05

Fixed

  • Fix creating AppCatalog CRs in appcatalogsync resource.

5.1.0 - 2021-07-29

Changed

  • Create AppCatalogEntry CRs into the same namespace of Catalog CR.
  • Include chart.keywords, chart.description and chart.upstreamChartVersion in AppCatalogEntry CRs.

5.0.0 - 2021-07-16

Changed

  • Create AppCatalog CRs from Catalog CRs for compatibility with existing app-operator releases.
  • Prepare helm values to configuration management.
  • Use Catalog CRs in App controller.
  • Reconcile to Catalog CRs instead of AppCatalog.
  • Get Chart CRD from the GitHub resources.
  • Get metadata constants from k8smetadata library not apiextensions.

Fixed

  • For the chart CR watcher get the kubeconfig secret from the chart-operator app CR to avoid hardcoding it.
  • Quote namespace in helm templates to handle numeric workload cluster IDs.

4.4.0 - 2021-05-03

Added

  • Add support for skip CRD flag when installing Helm releases.
  • Emit events when config maps and secrets referenced in App CRs are updated.

4.3.2 - 2021-04-06

Fixed

  • Updated OperatorKit to v4.3.1 for Kubernetes 1.20 support.

4.3.1 - 2021-03-30

Fixed

  • Restore chart-operator when it had been deleted.

4.3.0 - 2021-03-26

Added

  • Cache k8sclient, helmclient for later use.

Changed

  • Updated Helm to v3.5.3.

4.2.0 - 2021-03-19

Added

  • Apply the namespaceConfig to the desired chart.

4.1.0 - 2021-03-17

Added

  • Install apps in CAPI Workload Clusters.

4.0.2 - 2021-03-09

Added

  • Apply compatibleProvider,namespace metadata validation based on the relevant AppCatalogEntry CR.

4.0.1 - 2021-03-05

Fixed

  • Use backoff in chart CR watcher to wait until kubeconfig secret exists.

4.0.0 - 2021-02-23

Added

  • Add annotations from Helm charts to AppCatalogEntry CRs.
  • Enable Vertical Pod Autoscaler.

Changed

  • Replace status webhook with chart CR status watcher.
  • Sort AppCatalogEntry CRs by version and created timestamp.
  • Watch cluster namespace for per workload cluster instances of app-operator.

3.2.0 - 2021-02-08

Added

  • Include apiVersion, restrictions.compatibleProviders in appcatalogentry CRs.

Changed

  • Limit the number of AppCatalogEntry per app.
  • Delete legacy finalizers on app CRs.
  • Reconciling appCatalog CRs only if pod is unique.

Fixed

  • Updating status as cordoned if app CR has cordoned annotation.

3.1.0 - 2021-01-13

3.0.0 - 2021-01-05

Changed

  • Enable mutating and validating webhooks in app-admission-controller for tenant app CRs.

Added

  • Make resync period configurable for use in integration tests.
  • Pause App CR reconciliation when it has app-operator.giantswarm.io/paused=true annotation.
  • Print difference between the current chart and desired chart.

2.8.0 - 2020-12-15

Changed

  • Using values service from the app library.
  • Updated Helm to v3.4.2.

Added

  • Add printer columns for Version, Last Deployed and Status to chart CRD in tenant clusters.
  • Use validation logic from the app library.
  • Include restrictions data from app metadata files in appcatalogentry CRs.

Fixed

  • Reuse clients in clients resource when app CR uses inCluster.

2.7.0 - 2020-11-09

Added

  • Secure the webhook with token value from control plane catalog.

2.6.0 - 2020-10-29

Added

  • Adding webhook URL as annotation into chart CRs.
  • Added Status update endpoint.

Changed

  • Update apiextensions to v3 and replace CAPI with Giant Swarm fork.

2.5.0 - 2020-10-27

Added

  • Watch secrets referenced in app CRs to reduce latency when applying config changes.

2.4.1 - 2020-10-26

Fixed

  • Use resourceVersion of configmap for comparison instead of listing option.

2.4.0 - 2020-10-23

Added

  • Create appcatalogentry CRs for public app catalogs.
  • Watch configmaps referenced in app CRs to reduce latency when applying config changes.

2.3.5 - 2020-10-20

Fixed

  • Skip removing finalizer for chart-operator chart CR if its not present.

2.3.4 - 2020-10-16

Fixed

  • Skip deleting chart-operator in case of cluster deletion.

2.3.3 - 2020-10-15

Added

  • Delete chart-operator helm release and chart CR so it can be re-installed.

2.3.2 - 2020-09-29

Fixed

  • Updated Helm to v3.3.4.
  • Updated Kubernetes dependencies to v1.18.9.
  • Update deployment annotation to use checksum instead of helm revision to reduce how often pods are rolled.

2.3.1 - 2020-09-22

Added

  • Added event count metrics for delete, install, rollback and update of Helm releases.

Fixed

  • Fix YAML comparison for chart configmaps and secrets.
  • Fix structs merging error in helmclient.

Security

  • Updated Helm to v3.3.3.

2.3.0 - 2020-09-17

Added

  • Add resource version for chart configmaps and secrets to the chart CR to reduce latency of update events.

2.2.0 - 2020-09-07

Added

  • Add monitoring label
  • Add validation resource that checks if references to other resources exist in app CRs. A message is added to the app CR status for the user.

Fixed

  • Update the status when failing to merge configMaps or secrets on the initial reconciliation.
  • Remove CPU and memory limits from deployment.

2.1.1 - 2020-08-26

Changed

  • Delete chart-operator release if it stuck in pending-install status.

Removed

  • Removed a collector from the operator.

2.1.0 - 2020-08-18

Added

  • Added chartcrd resource for creating chart CRD in tenant clusters.

Changed

  • Removed hardcoded version in app CR version label.
  • Updated Helm to v3.3.0.

Removed

  • Don't wait for chart-operator pod since chart CRD is created by the chartcrd resource.

2.0.0 - 2020-08-13

Changed

  • Updated backward incompatible Kubernetes dependencies to v1.18.5.
  • Updated Helm to v3.2.4.

1.1.11 - 2020-08-10

Changed

  • Updated app to team mappings for app alerts.

1.1.10 - 2020-08-04

Added

  • Add metrics for ready app-operator instances per app CR version.

1.1.9 - 2020-07-24

Changed

  • Graduate application group CRDs to v1.
  • Upgrade to operatorkit 1.2.0.

Fixed

  • Fix API group for PSPs

v1.1.8 2020-07-01

  • Extend to 20 minutes for waiting helm 3 migration completed.
  • RBAC added to deletion migration resources.

v1.1.7 2020-06-30

Changed

  • Delete migration app after checking the release.

v1.1.6 2020-06-29

Changed

  • Delete helm-2to3-migration job after migration is finished.
  • Sending metrics with app CR's version in the spec.
  • Only emit metrics for app CRs reconciled by this instance of the operator.
  • Expose App's .spec.catalog field as a collected metric

v1.1.5 2020-06-16

Changed

  • Cancel the reconciliation when failed to merge configMaps/secrets.
  • Fix problems with openapi valdidation rules for app and appcatalog CRDs.
  • Make optional fields nullable for app and appcatalog CRDs.

v1.1.4 2020-06-04

Changed

  • Check chart-operator deployment status before initiating helm 3 migration.

v1.1.3 2020-05-26

Changed

  • Log app name in collector when cordon-until annotation cannot be parsed.
  • Update to helmclient v1.0.1 for security patch.

v1.1.2 2020-05-21

Changed

  • Fix problem setting image registry for migration job.
  • Update dependencies including error handling for unavailable tenant clusters.

v1.1.1 2020-05-21

Changed

  • Set HTTP client timeout for helmclient when pulling charts in China.

v1.1.0 2020-05-18

Changed

  • Updated to use Helm 3 and add releasemigration resource for migrating releases from Helm 2 to Helm 3.

v1.0.3 2020-05-18

Changed

  • Cancel resources when app CRs are cordoned.

v1.0.2 2020-05-08

Added

  • Add team label to app info metrics for routing alerts.

v1.0.1 2020-04-23

Added

  • Flattening operator release structure.