Skip to content

Releases: pulumi/pulumi-kubernetes

v4.19.0

12 Dec 04:02
e5d0c61
Compare
Choose a tag to compare
Upgrade Kubernetes schema and client libraries to v1.32 (#3343)

<!--Thanks for your contribution. See [CONTRIBUTING](CONTRIBUTING.md)
    for Pulumi's contribution guidelines.

    Help us merge your changes more quickly by adding more details such
    as labels, milestones, and reviewers.-->

### Proposed changes
Upgrade Kubernetes schema and client libraries to v1.32. Go is also
updated to v1.23 as an upstream library requires this.

### Related issues (optional)
Closes: https://github.com/pulumi/pulumi-kubernetes/issues/3295

v4.18.4

05 Dec 23:54
3601484
Compare
Choose a tag to compare

Changed

  • [nodejs] Resolves punycode deprecation warnings by using native fetch instead of node-fetch.
    (#3301)

Fixed

  • pulumi.com/waitFor and other await annotations now correctly take precedence over default await logic.
    (#3329)

  • JSONPath expressions used with the pulumi.com/waitFor annotation will no longer hang indefinitely if they match non-primitive fields.
    (#3345)

  • [java] CRDs that contain any x-kubernetes-* fields can now be succesfully created and managed by Pulumi.
    (#3325)

v4.18.3

31 Oct 21:11
8b45405
Compare
Choose a tag to compare

Fixed

  • Objects created on clusters older than 1.18 will no longer see a before-first-apply conflict when Pulumi performs a server-side apply for the first time. (#3275)

  • The provider's user agent is now set correctly when communicating with the Kubernetes API server. (#3267)

v4.18.2

16 Oct 21:46
605307c
Compare
Choose a tag to compare

Fixed

  • The provider's Pulumi dependency was updated to version v3.136.1 to
    address potential "pulumi.runtime.invokeOutput is not a function"
    errors. (pulumi/pulumi#17518)

v4.18.1

13 Sep 23:00
7155e2e
Compare
Choose a tag to compare

Added

  • Schemagen is now a library that can be consumed by other packages. (#3187)

Changed

  • Updated beta Kubernetes client libraries to stable v1.31 release. (#3196)

v4.18.0

11 Sep 23:34
730d9d8
Compare
Choose a tag to compare

Important

The enableSecretMutable and enableConfigMapMutable options may become the default behavior in a future v5 release of the provider.

Programs that depend on the replacement of Secrets and ConfigMaps (e.g. to trigger updates for downstream dependencies like Deployments) are recommended to explicitly specify immutable: true.

Added

  • The new enableSecretMutable provider configuration option treats changes to Secrets as updates instead of replacements (similar to the enableConfigMapMutable option).

    The default replacement behavior can be preserved for a particular Secret by setting its immutable field to true. (#2291)

  • A warning is now emitted if an object has finalizers which might be blocking deletion. (#1418)

  • EXPERIMENTAL: Generic await logic is now available as an opt-in feature. Running a program with PULUMI_K8S_AWAIT_ALL=true will now cause Pulumi to await readiness for all resources, including custom resources.

    Generic readiness is determined according to some well-known conventions (like the "Ready" condition) as determined by cli-utils.

    Pulumi's current behavior, without this feature enabled, is to assume some resources are immediately available, which can cause downstream resources to fail.

    Existing readiness logic is unaffected by this setting. (#2996)

  • EXPERIMENTAL: The pulumi.com/waitFor annotation was introduced to allow for custom readiness checks. This override Pulumi's own await logic for the resource (however the pulumi.com/skipAwait annotation still takes precedence).

    The value of this annotation can take 3 forms:

    1. A string prefixed with jsonpath= followed by a JSONPath expression and an optional value.

      The JSONPath expression accepts the same syntax as kubectl get -o jsonpath={...}.

      If a value is provided, the resource is considered ready when the JSONPath expression evaluates to the same value. For example this resource expects its "phase" field to have a value of "Running":

      `pulumi.com/waitFor: "jsonpath={.status.phase}=Running"`
      

      If a value is not provided, the resource will be considered ready when any value exists at the given path, similar to kubectl wait --for jsonpath=.... This resource will wait until it has a webhook configured with a CA bundle:

      `pulumi.com/waitFor: "jsonpath={.webhooks[*].clientConfig.caBundle}"`
      
    2. A string prefixed with condition= followed by the type of the condition and an optional status. This matches the behavior of
      kubectl wait --for=condition=... and will wait until the resource has a matching condition. The expected status defaults to "True" if not specified.

      `pulumi.com/waitFor: "condition=Synced"`
      
      `pulumi.com/waitFor: "condition=Reconciling=False"`
      
    3. A string containing a JSON array of multiple jsonpath= and condition= expressions.

      `pulumi.com/waitFor: '["jsonpath={.foo}", "condition=Bar"]'`
      
  • Pulumi will now emit logs for any Kubernetes "Warning" Events associated with resources being created, updated or deleted. (https://github.com/pulumi/pulumi-kubernetes/pull/3135/files)

Fixed

  • The immutable field is now respected for ConfigMaps when the provider is configured with enableConfigMapMutable.
    (#3181)

  • Fixed a panic that could occur during deletion. (#3157)

v4.17.1

16 Aug 20:47
2cc176d
Compare
Choose a tag to compare

Fixed

  • Fixed a panic that would occur when updating ServiceAccounts. (#3166)
  • Fixed a panic that could occur when using clusterIdentifier provider configuration. (#3168)

v4.17.0

13 Aug 21:35
3c2367c
Compare
Choose a tag to compare

Changed

  • Updated Kubernetes schemas and libraries to v1.31.0. (#3144)

Fixed

  • Services with selectors targeting 0 Pods will no longer hang indefinitely. (#605)
  • Services without selectors will no longer hang indefinitely. (#799)

v4.16.0

08 Aug 00:55
b06e1f9
Compare
Choose a tag to compare

Added

  • clusterIdentifier configuration can now be used to manually control the replacement behavior of a provider resource. (#3068)

  • Pod errors now include the pod's last termination state, as well as the pod's termination message if available. (#3091)

    The pod's termination message can be helpful in CrashLoopBackOff situations but will only be reported if it was correctly configured.

    By default, the pod's termination message is read from /dev/termination-log. This location can be configured with terminationMessagePath.

    Use terminationMessagePolicy: FallbackToLogsOnError to use the pod's logs as its termination message.

  • Documentation is now generated for all languages supported by overlay types. (#3107)

Fixed

  • Updated logic to accurately detect if a resource is a Patch variant. (#3102)
  • Added Java as a supported language for CustomResource overlays. (#3120)
  • Status messages reported during updates are now more accurately scoped to the affected resource. (#3128)
  • PersistentVolumeClaims with a bind mode of WaitForFirstConsumer will no longer hang indefinitely. (#3130)
  • [java] Fixed an issue where child resources could not be registered by Chart v4. (#3119)

v4.15.0

10 Jul 19:00
1dca605
Compare
Choose a tag to compare

Changed

  • CustomResource should have plain apiVersion and kind properties (#3079)

Fixed

  • Prevent CustomResourceDefinitions from always being applied to the cluster during preview operations (#3096)