From 4099611cf3fab7174b64951acbaca3b1277f7a03 Mon Sep 17 00:00:00 2001 From: andreasgerstmayr Date: Mon, 20 Nov 2023 13:45:38 +0000 Subject: [PATCH 1/2] Prepare Release 0.6.0 --- .chloggen/enable_tls_support_receivers.yaml | 16 --------------- .chloggen/gateway_traceql.yaml | 16 --------------- .chloggen/images_env_var.yaml | 16 --------------- .chloggen/reduce_certrotation_loglevel.yaml | 16 --------------- .chloggen/unset_images_in_cr.yaml | 18 ----------------- .chloggen/upgrade_tempo_to_v2.3.0.yaml | 16 --------------- CHANGELOG.md | 20 +++++++++++++++++++ Makefile | 2 +- .../tempo-operator.clusterserviceversion.yaml | 8 ++++---- .../tempo-operator.clusterserviceversion.yaml | 8 ++++---- config/manager/kustomization.yaml | 2 +- 11 files changed, 30 insertions(+), 108 deletions(-) delete mode 100755 .chloggen/enable_tls_support_receivers.yaml delete mode 100755 .chloggen/gateway_traceql.yaml delete mode 100644 .chloggen/images_env_var.yaml delete mode 100755 .chloggen/reduce_certrotation_loglevel.yaml delete mode 100644 .chloggen/unset_images_in_cr.yaml delete mode 100755 .chloggen/upgrade_tempo_to_v2.3.0.yaml diff --git a/.chloggen/enable_tls_support_receivers.yaml b/.chloggen/enable_tls_support_receivers.yaml deleted file mode 100755 index 4afad69de..000000000 --- a/.chloggen/enable_tls_support_receivers.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Support configuration of TLS in receiver settings - -# One or more tracking issues related to the change -issues: [527] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/gateway_traceql.yaml b/.chloggen/gateway_traceql.yaml deleted file mode 100755 index 95aeaedd3..000000000 --- a/.chloggen/gateway_traceql.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Exposing the Tempo API through the gateway - -# One or more tracking issues related to the change -issues: [672] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/images_env_var.yaml b/.chloggen/images_env_var.yaml deleted file mode 100644 index aa5d5293e..000000000 --- a/.chloggen/images_env_var.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: breaking - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Move default images from operator configuration to environment variable - -# One or more tracking issues related to the change -issues: [591] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | diff --git a/.chloggen/reduce_certrotation_loglevel.yaml b/.chloggen/reduce_certrotation_loglevel.yaml deleted file mode 100755 index b56442bf2..000000000 --- a/.chloggen/reduce_certrotation_loglevel.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Reduce log level of certrotation messages - -# One or more tracking issues related to the change -issues: [623] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/unset_images_in_cr.yaml b/.chloggen/unset_images_in_cr.yaml deleted file mode 100644 index 76361b2bd..000000000 --- a/.chloggen/unset_images_in_cr.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: breaking - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Unset (default) images in TempoStack CR - -# One or more tracking issues related to the change -issues: [674] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - This upgrade reverts any change to the `spec.images` fields of any TempoStack instance. - Beginning with version 0.6.0, the image location is not stored in the TempoStack instance unless it is changed manually. diff --git a/.chloggen/upgrade_tempo_to_v2.3.0.yaml b/.chloggen/upgrade_tempo_to_v2.3.0.yaml deleted file mode 100755 index 9758df194..000000000 --- a/.chloggen/upgrade_tempo_to_v2.3.0.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Upgrade tempo to v2.3.0 - -# One or more tracking issues related to the change -issues: [688] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/CHANGELOG.md b/CHANGELOG.md index 8ad846eaa..b9e8d8e77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,26 @@ Changes by Version +## 0.6.0 + +### 🛑 Breaking changes 🛑 + +- `operator`: Move default images from operator configuration to environment variable (#591) +- `operator`: Unset (default) images in TempoStack CR (#674) + This upgrade reverts any change to the `spec.images` fields of any TempoStack instance. + Beginning with version 0.6.0, the image location is not stored in the TempoStack instance unless it is changed manually. + + +### 💡 Enhancements 💡 + +- `operator`: Support configuration of TLS in receiver settings (#527) +- `operator`: Exposing the Tempo API through the gateway (#672) +- `operator`: Reduce log level of certrotation messages (#623) +- `operator`: Upgrade tempo to v2.3.0 (#688) + +### Components +- Tempo: [v2.3.0](https://github.com/grafana/tempo/releases/tag/v2.3.0) + ## 0.5.0 ### 🛑 Breaking changes 🛑 diff --git a/Makefile b/Makefile index 97b84429b..d91fb91d9 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ # Current Operator version VERSION_DATE ?= $(shell date -u +'%Y-%m-%dT%H:%M:%SZ') VERSION_PKG ?= github.com/grafana/tempo-operator/internal/version -OPERATOR_VERSION ?= 0.5.0 +OPERATOR_VERSION ?= 0.6.0 TEMPO_VERSION ?= $(shell cat config/manager/manager.yaml | grep -oP "docker.io/grafana/tempo:\K.*") TEMPO_QUERY_VERSION ?= $(shell cat config/manager/manager.yaml | grep -oP "docker.io/grafana/tempo-query:\K.*") COMMIT_SHA = $(shell git rev-parse HEAD) diff --git a/bundle/community/manifests/tempo-operator.clusterserviceversion.yaml b/bundle/community/manifests/tempo-operator.clusterserviceversion.yaml index b513f10ab..bfcdbe058 100644 --- a/bundle/community/manifests/tempo-operator.clusterserviceversion.yaml +++ b/bundle/community/manifests/tempo-operator.clusterserviceversion.yaml @@ -42,7 +42,7 @@ metadata: capabilities: Deep Insights categories: Logging & Tracing,Monitoring containerImage: ghcr.io/grafana/tempo-operator/tempo-operator - createdAt: "2023-11-09T09:33:10Z" + createdAt: "2023-11-20T13:45:36Z" description: Create and manage deployments of Tempo, a high-scale distributed tracing backend. operatorframework.io/cluster-monitoring: "true" @@ -51,7 +51,7 @@ metadata: operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/grafana/tempo-operator support: Grafana Tempo Operator SIG - name: tempo-operator.v0.5.0 + name: tempo-operator.v0.6.0 namespace: placeholder spec: apiservicedefinitions: {} @@ -781,7 +781,7 @@ spec: value: quay.io/observatorium/api:main-2023-11-20-81f8fdf - name: RELATED_IMAGE_TEMPO_GATEWAY_OPA value: quay.io/observatorium/opa-openshift:main-2023-10-13-13d8960 - image: ghcr.io/grafana/tempo-operator/tempo-operator:v0.5.0 + image: ghcr.io/grafana/tempo-operator/tempo-operator:v0.6.0 livenessProbe: httpGet: path: /healthz @@ -926,7 +926,7 @@ spec: name: tempo-gateway - image: quay.io/observatorium/opa-openshift:main-2023-10-13-13d8960 name: tempo-gateway-opa - version: 0.5.0 + version: 0.6.0 webhookdefinitions: - admissionReviewVersions: - v1 diff --git a/bundle/openshift/manifests/tempo-operator.clusterserviceversion.yaml b/bundle/openshift/manifests/tempo-operator.clusterserviceversion.yaml index 433246c07..591ac6ec7 100644 --- a/bundle/openshift/manifests/tempo-operator.clusterserviceversion.yaml +++ b/bundle/openshift/manifests/tempo-operator.clusterserviceversion.yaml @@ -42,7 +42,7 @@ metadata: capabilities: Deep Insights categories: Logging & Tracing,Monitoring containerImage: ghcr.io/grafana/tempo-operator/tempo-operator - createdAt: "2023-11-09T09:33:09Z" + createdAt: "2023-11-20T13:45:34Z" description: Create and manage deployments of Tempo, a high-scale distributed tracing backend. operatorframework.io/cluster-monitoring: "true" @@ -51,7 +51,7 @@ metadata: operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/grafana/tempo-operator support: Grafana Tempo Operator SIG - name: tempo-operator.v0.5.0 + name: tempo-operator.v0.6.0 namespace: placeholder spec: apiservicedefinitions: {} @@ -781,7 +781,7 @@ spec: value: quay.io/observatorium/api:main-2023-11-20-81f8fdf - name: RELATED_IMAGE_TEMPO_GATEWAY_OPA value: quay.io/observatorium/opa-openshift:main-2023-10-13-13d8960 - image: ghcr.io/grafana/tempo-operator/tempo-operator:v0.5.0 + image: ghcr.io/grafana/tempo-operator/tempo-operator:v0.6.0 livenessProbe: httpGet: path: /healthz @@ -937,7 +937,7 @@ spec: name: tempo-gateway - image: quay.io/observatorium/opa-openshift:main-2023-10-13-13d8960 name: tempo-gateway-opa - version: 0.5.0 + version: 0.6.0 webhookdefinitions: - admissionReviewVersions: - v1 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index fc1d26865..350e4f1f4 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -9,4 +9,4 @@ kind: Kustomization images: - name: controller newName: ghcr.io/grafana/tempo-operator/tempo-operator - newTag: v0.5.0 + newTag: v0.6.0 From c163d5b1b64218631d643d3ef66be398957b5ab3 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Tue, 21 Nov 2023 14:09:31 +0100 Subject: [PATCH 2/2] extend changelog Signed-off-by: Andreas Gerstmayr --- .chloggen/fix-CVE-2023-45142.yaml | 16 ---------------- CHANGELOG.md | 4 ++++ 2 files changed, 4 insertions(+), 16 deletions(-) delete mode 100755 .chloggen/fix-CVE-2023-45142.yaml diff --git a/.chloggen/fix-CVE-2023-45142.yaml b/.chloggen/fix-CVE-2023-45142.yaml deleted file mode 100755 index 57e183ca7..000000000 --- a/.chloggen/fix-CVE-2023-45142.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. operator, github action) -component: gateway - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: "fix CVE-2023-45142 tempo-gateway-container: opentelemetry: DoS vulnerability in otelhttp" - -# One or more tracking issues related to the change -issues: [691] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/CHANGELOG.md b/CHANGELOG.md index b9e8d8e77..6922969ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,6 +20,10 @@ Changes by Version - `operator`: Reduce log level of certrotation messages (#623) - `operator`: Upgrade tempo to v2.3.0 (#688) +### 🧰 Bug fixes 🧰 + +- `gateway`: fix CVE-2023-45142 tempo-gateway-container: opentelemetry: DoS vulnerability in otelhttp (#691) + ### Components - Tempo: [v2.3.0](https://github.com/grafana/tempo/releases/tag/v2.3.0)