Releases: pulumi/pulumi-kubernetes
v4.19.0
Upgrade Kubernetes schema and client libraries to v1.32 (#3343) <!--Thanks for your contribution. See [CONTRIBUTING](CONTRIBUTING.md) for Pulumi's contribution guidelines. Help us merge your changes more quickly by adding more details such as labels, milestones, and reviewers.--> ### Proposed changes Upgrade Kubernetes schema and client libraries to v1.32. Go is also updated to v1.23 as an upstream library requires this. ### Related issues (optional) Closes: https://github.com/pulumi/pulumi-kubernetes/issues/3295
v4.18.4
Changed
- [nodejs] Resolves
punycode
deprecation warnings by using nativefetch
instead ofnode-fetch
.
(#3301)
Fixed
-
pulumi.com/waitFor
and other await annotations now correctly take precedence over default await logic.
(#3329) -
JSONPath expressions used with the
pulumi.com/waitFor
annotation will no longer hang indefinitely if they match non-primitive fields.
(#3345) -
[java] CRDs that contain any
x-kubernetes-*
fields can now be succesfully created and managed by Pulumi.
(#3325)
v4.18.3
v4.18.2
Fixed
- The provider's Pulumi dependency was updated to version v3.136.1 to
address potential "pulumi.runtime.invokeOutput is not a function"
errors. (pulumi/pulumi#17518)
v4.18.1
v4.18.0
Important
The enableSecretMutable
and enableConfigMapMutable
options may become the default behavior in a future v5 release of the provider.
Programs that depend on the replacement of Secrets
and ConfigMaps
(e.g. to trigger updates for downstream dependencies like Deployments
) are recommended to explicitly specify immutable: true
.
Added
-
The new
enableSecretMutable
provider configuration option treats changes toSecrets
as updates instead of replacements (similar to theenableConfigMapMutable
option).The default replacement behavior can be preserved for a particular
Secret
by setting itsimmutable
field totrue
. (#2291) -
A warning is now emitted if an object has finalizers which might be blocking deletion. (#1418)
-
EXPERIMENTAL: Generic await logic is now available as an opt-in feature. Running a program with
PULUMI_K8S_AWAIT_ALL=true
will now cause Pulumi to await readiness for all resources, including custom resources.Generic readiness is determined according to some well-known conventions (like the "Ready" condition) as determined by cli-utils.
Pulumi's current behavior, without this feature enabled, is to assume some resources are immediately available, which can cause downstream resources to fail.
Existing readiness logic is unaffected by this setting. (#2996)
-
EXPERIMENTAL: The
pulumi.com/waitFor
annotation was introduced to allow for custom readiness checks. This override Pulumi's own await logic for the resource (however thepulumi.com/skipAwait
annotation still takes precedence).The value of this annotation can take 3 forms:
-
A string prefixed with
jsonpath=
followed by a JSONPath expression and an optional value.The JSONPath expression accepts the same syntax as
kubectl get -o jsonpath={...}
.If a value is provided, the resource is considered ready when the JSONPath expression evaluates to the same value. For example this resource expects its "phase" field to have a value of "Running":
`pulumi.com/waitFor: "jsonpath={.status.phase}=Running"`
If a value is not provided, the resource will be considered ready when any value exists at the given path, similar to
kubectl wait --for jsonpath=...
. This resource will wait until it has a webhook configured with a CA bundle:`pulumi.com/waitFor: "jsonpath={.webhooks[*].clientConfig.caBundle}"`
-
A string prefixed with
condition=
followed by the type of the condition and an optional status. This matches the behavior of
kubectl wait --for=condition=...
and will wait until the resource has a matching condition. The expected status defaults to "True" if not specified.`pulumi.com/waitFor: "condition=Synced"` `pulumi.com/waitFor: "condition=Reconciling=False"`
-
A string containing a JSON array of multiple
jsonpath=
andcondition=
expressions.`pulumi.com/waitFor: '["jsonpath={.foo}", "condition=Bar"]'`
-
-
Pulumi will now emit logs for any Kubernetes "Warning" Events associated with resources being created, updated or deleted. (https://github.com/pulumi/pulumi-kubernetes/pull/3135/files)
Fixed
v4.17.1
v4.17.0
v4.16.0
Added
-
clusterIdentifier
configuration can now be used to manually control the replacement behavior of a provider resource. (#3068) -
Pod errors now include the pod's last termination state, as well as the pod's termination message if available. (#3091)
The pod's termination message can be helpful in
CrashLoopBackOff
situations but will only be reported if it was correctly configured.By default, the pod's termination message is read from
/dev/termination-log
. This location can be configured withterminationMessagePath
.Use
terminationMessagePolicy: FallbackToLogsOnError
to use the pod's logs as its termination message. -
Documentation is now generated for all languages supported by overlay types. (#3107)
Fixed
- Updated logic to accurately detect if a resource is a Patch variant. (#3102)
- Added Java as a supported language for
CustomResource
overlays. (#3120) - Status messages reported during updates are now more accurately scoped to the affected resource. (#3128)
PersistentVolumeClaims
with a bind mode ofWaitForFirstConsumer
will no longer hang indefinitely. (#3130)- [java] Fixed an issue where child resources could not be registered by Chart v4. (#3119)