Skip to content

v0.38.0
Compare
Choose a tag to compare
@github-actions github-actions released this 20 Jun 19:14
· 187 commits to main since this release
v0.38.0
This tag was signed with the committer’s verified signature.
Unix4ever Artem Chernyshev
GPG key ID: E084A2DF1143C14D
Learn about vigilant mode.
67eb768
This commit was signed with the committer’s verified signature.
Unix4ever Artem Chernyshev
GPG key ID: E084A2DF1143C14D
Learn about vigilant mode.

Omni 0.38.0 (2024-06-20)

Welcome to the v0.38.0 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Break-Glass Configs

Omni now allows getting raw Talos and Kubernetes configs that can allow bypassing Omni when
accessing the cluster.

It has a couple of limitations:

  • It is available only if is enabled for the account.
  • Only os:operator role Talosconfig level is available.
  • The cluster will be marked as tainted for the time being, which doesn't affect anything, but is
    the signal that Omni no longer fully controls secrets rotation.

Exposed Services DNS Name

Exposed services now use new naming schema, so it shouldn't be affected by slow DNS updates.

The domain name patter is now: <hash>-<account>.proxy-us.siderolabs.io.

Kubeconfig Authcode-Keyboard

It is now possible to generate kubeconfig with --grant-type=authcode-keyboard and Omni
supports that mode.
This mode will print a URL and ask for a one time code instead of starting a local HTTP server on port 8000.
Clicking the URL will open the same Omni page as usual, but will present you the one time code instead of doing redirect.

This mode is useful for remote machine kubectl execution and removes the need to set up ssh port-forwarding.

Machine Logs

Machine logs are now stored using new persitent circular buffer library, which has better write efficiency.

Pending Updates

Omni UI now shows pending config changes which are not applied due to locked machines in the cluster.

Contributors

  • Artem Chernyshev
  • Utku Ozdemir
  • Andrey Smirnov
  • Dmitriy Matrenichev
  • Andrey Smirnov
  • Grzegorz Rozniecki

Changes

35 commits

  • 67eb768 release(v0.38.0): prepare release
  • 11f7edb fix: do not use created time of the ClusterMachineTalosVersion in sort
  • 61b0e4c fix: use proper index for the Tooltip
  • d8df8af fix: do not use time namespace to parseDuration
  • 1d92ae5 release(v0.38.0-beta.0): prepare release
  • 4109996 fix: make MachineSetNode controller select only connected machines
  • 2457897 fix: use un-cached list in the MachineSetNodeController
  • 73529c2 fix: display descriptions when show description checkbox is clicked
  • 6a59d63 fix: generate schematics with the extensions, meta and kernel args
  • 87a7750 chore: add Akamai installation media
  • fa64b46 fix: skip invalid machines in TalosUpgradeStatusController
  • 22bb2cc fix: use proper types in the machine status and snapshot controllers
  • a2b7b53 feat: use the new domain scheme for exposed services
  • 4ecb175 fix: handle panics in Omni and Talos UI watches
  • 6286340 fix: properly delete the item from the cached items slice
  • 63ad5bd feat: provide a way to getadmin talosconfig and kubeconfig
  • fa21349 fix: properly generate maintenance config patches
  • 2e64c31 fix: ignore not found ClusterMachine in the migrations
  • a2c3802 fix: validate user email on creation
  • 73d0d3b fix: properly detect authcode-keyboard oidc mode
  • b7a0620 feat: use circular buffer's new persistence option for machine logs
  • 7eec6b9 chore: bump COSI runtime to 0.4.5
  • 4d23186 feat: show pending config updates due to locked machine
  • f98cf51 fix: ignore not found in the MachineStatus and MachineStatusSnapshot
  • ce6e15a fix: proper time adjustment to fix flaky TestEtcdManualBackup
  • 27491ea chore: upgrade github.com/containers/image to v5
  • 3f75f91 fix: change Transport.Address field to Transport.Address method
  • e12cfa8 feat: support authcode login in kubectl oidc-login
  • 2fcd0fd fix: properly update the pulled images count if some images are skipped
  • 5a4251c test: fix a data race in MachineStatusSnapshotController unit tests
  • 0965091 test: fix flaky test in ClusterMachineConfigStatus unit tests
  • b7d48aa chore: small fixes
  • a6c8b47 fix: pass through the talosctl -n args if they cannot be resolved
  • 3bab8bf chore: migrate to Vite and Bun to build the frontend
  • 37c1a97 fix: use proper routing on the config patch view and edit pages

Changes since v0.38.0-beta.0

4 commits

  • 67eb768 release(v0.38.0): prepare release
  • 11f7edb fix: do not use created time of the ClusterMachineTalosVersion in sort
  • 61b0e4c fix: use proper index for the Tooltip
  • d8df8af fix: do not use time namespace to parseDuration

Changes from siderolabs/discovery-client

13 commits

  • ca662d2 feat: export default GRPC dial options for the client
  • 7a767fa chore: bump Go, deps and rekres
  • f4095a1 chore: bump discovery API to v0.1.4
  • fbb1cea fix: keepalive interval calculation
  • ff8f4be fix: enable gRPC keepalives
  • 9ba5f03 chore: app optional ControlPlane data
  • 269a832 chore: rekres, update discovery api
  • a5c19c6 feat: provide public IP discovered from the server
  • 230f317 fix: reconnect the client on update failure
  • ac5ab32 feat: support deleting an affiliate
  • 27a5bee chore: rekres
  • a9a5e9b feat: initial client code
  • 98eb999 chore: initial commit

Dependency Changes

  • github.com/containers/image/v5 v5.31.0 new
  • github.com/cosi-project/runtime 15e9d678159d -> v0.4.6
  • github.com/siderolabs/discovery-client v0.1.9 new

Previous release can be found at v0.37.0

Assets 13
Loading