Skip to content

v0.11.0
Compare
Choose a tag to compare
@github-actions github-actions released this 22 Feb 17:41
· 530 commits to main since this release
v0.11.0
This tag was signed with the committer’s verified signature.
ncdc Andy Goldstein
GPG key ID: 409C2BE062A844A4
Learn about vigilant mode.
771cfc8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release contains breaking changes. You must wipe any preexisting etcd data before trying to use v0.11!

Changes since v0.10.0

⚠️ Breaking Changes

  • Move Workspace.Status.{Cluster, URL} to Spec (#2557)
  • replace kcp.dev by kcp.io (#2523)
  • ClusterWorkspace => LogicalCluster refactor (#2510)

✨ New Features

  • Provide access to physical cluster pod definitions from upstream KCP, relying on upsyncing (#2805)
  • cache: add a synthetic delay to the cache server (#2742)
  • Add Upsync controller (#2214)
  • Adding DNS network policies (#2423)
  • Partitionset reconciliation (#2513)
  • Add pods resource to the default Kubernetes APIExport (#2417)
  • Support for pod logs and other subresources (#2401)
  • enable shard scheduling and fix e2e tests (#2596)
  • Make apigen a standalone go module (#2669)
  • Add conversions + CEL transformations for APIResourceSchemas (#2105)
  • Admission for APIExportEndpointSlice (#2560)
  • Install Calico in kind for CI testing (#2431)
  • Partition reconciliation (#2469)
  • wire more controllers cross-shard and authz (#2562)
  • DRY committer factory functions (#2590)
  • Refactor Syncer based on the enhanced ddsif, with controller manager and endpoints controller (#2452)
  • Synctarget: Have URLs for both syncer and upsyncer (#2570)
  • server: wire cache informers instead of root informers (#2559)
  • Allow home workspaces to be accessed via user:<username> (#2547)
  • APIExportEndpointSlice reconciliation (#2432)
  • Use distroless/static:debug as base image (#2512)

🐛 Bug Fixes

  • Fix nil pointer error in the Upsyncer reconcile (#2822)
  • cli: honor expanded ~ in kcp ws (#2816)
  • Fix location cannot be found by placement during scheduling (#2784)
  • Only validate the path component of a fully-qualified APIExport ref (#2809)
  • Prevent gc/quota workqueue backlogs (#2764)
  • Fix multiple CRDs/workspaces/versions (#2751)
  • bind compute: handle placement already exists correctly (#2779)
  • Bump github.com/emicklei/go-restful from 2.9.5+incompatible to 2.16.0+incompatible in /cmd/apigen (#2777)
  • Enqueue location upon synctarget update (#2624)
  • tmc e2e: fix Syncer virtual workspace e2e test flakes (#2767)
  • pkg/tunneler: remove non-error verbose log (#2766)
  • Fix TMC flake in the Upsyncer VW e2e test (#2765)
  • Fix make install doesn't exit without required tools (#2760)
  • test/e2e/scheduling: don't require kind for upsynced test (#2761)
  • E2E failing on APIExportEndpointSlice creation (flake) (#2755)
  • workload/resource: handle upsynced resources (#2533)
  • Fix frontmatter on replicating new resource doc (#2752)
  • Drop non-existent workspace get command from help output (#2731)
  • cmd/sharded-test-server: Reuse Certificates instead of generating new ones (#2746)
  • Show workspace name in kubectl kcp ws tree (#2719)
  • Fix API binding privilege escalation (#2695)
  • Fix Makefile clean target and add .kcp cleanup (#2712)
  • Deflake quota e2e (#2688)
  • Fix typo breaking codegen: crds not stored at the right location (#2724)
  • Fix gap in APIExport virtual workspace queues (#2720)
  • Do not look up APIExports in the generic webhook (#2690)
  • test/e2e: remove a data race (#2694)
  • Deflake TestSpecSyncerProcess (#2684)
  • *: update listers to have correct NotFound messages (#2683)
  • Use status.phase as printer column on workspaces and logical clusters (#2680)
  • Add a kcp RequestInfoResolver (#2677)
  • server: revert non-standalone VW URL (#2667)
  • Use APIExport cluster names within webhooks (#2637)
  • controller: use the global informer to get Shards (#2660)
  • e2e: temporarily schedule all workspaces on the root shard for tmc-related tests (#2651)
  • server: relax ShardVirtualWorkspace flag validation (#2659)
  • add support for standalone virtualworkspace server (#2407)
  • e2e/conversion: wrap create in eventually (#2644)
  • reconciler/apiexport: use the gloabl informer to get Shards (#2641)
  • e2e/reconciler/workspace: use cluster client (#2639)
  • e2e/watchcache: use cluster client for creating content in a workspace (#2632)
  • pkg/reconciler/apis/apibinding: return error in case of conflicts (#2645)
  • pkg/server: ensure that home workspace handler gets authz with audit … (#2628)
  • Add bind permission for kubernetes apiexport (#2618)
  • Role and ClusterRole merger should not modify cache objects (#2604)
  • IndexByLogicalClusterPathAndName should return clusterpath and name (#2606)
  • cache: stop reporting an error from a CRD lister on incorrect cluster name (#2592)
  • e2e: PrivateKcpServer enable audit-policy (#2591)
  • committer: fix equality check in statusless committer (#2602)
  • reconciler/cache: remove reflection and fix replicate+NotFound logic (#2594)
  • WorkspaceType admission should respect LimitAllow{Parents, Children}.None (#2588)
  • Fix APIExport virtual workspace API bug (#2564)
  • workspace controller: use loopback client for local shard (#2554)
  • cel-go: update to pull in data race fix (#2549)
  • Docker build/push should not use a matrix (#2544)
  • Add missing CGO_ENABLED flag in the install makefile target (#2540)
  • Increase CRD cleanup requeue delay; remove e2e test (#2541)
  • kcp: fix waitForOptionalSync method to wait for a proper signal (#2536)
  • pkg/authorization: prevent double audit logs (#2511)
  • pkg/softimpersonation: deep copy rest config (#2509)
  • Fix and add test to capture a race w/ partial metadata in cache (#2505)
  • docs: mkdir before moving (#2503)
  • Fix parsing of requests to root path of a workload cluster (#2405)

🌱 Others

  • Remove direct klog usage (#2842)
  • Add --labels to kubectl kcp workload sync (#2815)
  • docs: actually add main.py module to git (#2825)
  • Make DirectOrGoRunCommand aware of the deployment-coordinator being moved to tmc/cmd (#2814)
  • server: split apart first tmc pieces (#2795)
  • workspace_reconcile_scheduling: allow for skipping a shard with a special annotation during scheduling (#2782)
  • test/e2e,cmd/test: scrape metrics for test servers and e2e tests (#2774)
  • docs: document the process (#2808)
  • fix broken documentation links (#2806)
  • More mkdocs updates (#2798)
  • docs: fix mike config file path (#2793)
  • docs: fix pip install (#2792)
  • docs: fix Makefile, pip install (#2791)
  • more docs CI changes (#2790)
  • Make syncer vw global (#2744)
  • syncer vw: add API definition logging (#2780)
  • build(deps): bump docker/build-push-action from 3 to 4 (#2715)
  • build(deps): bump actions/cache from 3.2.4 to 3.2.5 (#2778)
  • manifest: remove outdated manifests (#2716)
  • Fix git in Prow (#2769)
  • /pkg/proxy/server: handle /readyz and /livez outside of the auth chain (#2747)
  • tmc e2e : Split SyncerFixture (#2730)
  • Small improvements to dev workflow (#2753)
  • Use a private kcp per disruptive replication test (#2745)
  • Add make target to download e2e logs from Prow (#2734)
  • Dockerfile: remove SHELL for OCI compliance (#2728)
  • Enable virtual workspace server audit logging (#2733)
  • Fix ready-to-test location (#2736)
  • More APIExport VW e2e deflaking (#2735)
  • test/e2e: DRY up waiting on conditions (#2703)
  • remove deprecated home workspaces fields, add waiting for unmanaged servers in e2e (#2707)
  • Trying to fix doc generation (#2717)
  • tests: gather metrics (#2705)
  • build(deps): bump actions/cache from 3.2.3 to 3.2.4 (#2704)
  • End-to-end tests for APIExportEndpointSlice (#2608)
  • correctly log unstructured group/resource with k8s reflector (#2701)
  • reconcilers/workspace: add logging to outgoing client calls (#2698)
  • pkg/authorization: enable audit logging for SAR requests (#2678)
  • logicalcluster_deletion_controller uses committer (#2661)
  • test/e2e: add support for dynamic users using client certs (#2640)
  • clusterworkspacetype_controller uses committer. (#2674)
  • Remove trailing parentheses in ASCII diagram link (#2670)
  • bootstrap_controller uses committer (#2653)
  • Bump actions/cache from 3.0.11 to 3.2.3 (#2567)
  • build(deps): bump uraimo/run-on-arch-action from 2.3.0 to 2.5.0 (#2531)
  • placement_controller uses committer (#2648)
  • extraannotationsync: use function pointers (#2646)
  • location_controller uses committer (#2638)
  • permissionclaimlabel_controller uses committer (#2636)
  • Admission cleanup (#2629)
  • run replication tests on a shared kcp instance (#2620)
  • test/e2e/virtual/apiexport: make authorizer test self-contained (#2611)
  • Enable KUBE_CACHE_MUTATION_DETECTOR in e2e tests (#2605)
  • e2e: TestAuditLogs remove duplicate audit-log-path (#2610)
  • reconciler/cache/reconciler: simplify and generalize (#2609)
  • remove tenancy v1beta1 (#2595)
  • resource controller: log each gvr by itself instead of accumulating (#2600)
  • Use caching authorizers per-workspace in initializingworkspaces/builder (#2477)
  • Stop checking PR descriptions in CI (#2599)
  • clean up workspace e2e fixtures (#2586)
  • Update logcheck to 0.4.0 (#2587)
  • *: update to some structured, contextual logging (#2576)
  • cache: add replication tests for WorkspaceType resource (#2578)
  • verify-contextual-logging should diff from old to new (#2577)
  • Rename ClusterWorkspace (#2569)
  • apiexport: strongly type enqueue params (#2575)
  • Add e2e DNS tests (#2542)
  • vw/apiexport: strongly type enqueue params (#2574)
  • crdcleanup: strongly type enqueue params (#2573)
  • *: remove tenancy.kcp.dev/v1alpha1.ClusterWorkspace (#2543)
  • index controller rename (#2561)
  • add missing unit tests for the index (#2565)
  • cluster workspace rename (#2558)
  • Switch cel-go to upstream v0.12.6 (#2556)
  • Debug deployment coordinator e2e (#2555)
  • Update golangci-lint 1.50.1, add more linters (#2480)
  • Cross-compile container image binaries from host platform (#2551)
  • add missing unit tests for the pathannotation admission plugin (#2535)
  • follow-ups of workspace refactor (#2553)
  • Add authorizer test for static endpoints (#2487)
  • Skip upsynced resources in resource scheduling (#2545)
  • Scope APIBinding logger (#2546)
  • DDSIF: Make it more generally useful (#2440)
  • Update .goreleaser.yaml to build binaries with CGO_ENABLED=0 (#2508)
  • :*: use 'logicalCluster' instead of 'this' (#2524)
  • Use buildx to build KCP images (#2528)
  • test/e2e: remove MultiClusterRoundTripper (#2522)
  • *: s/SystemBoundCRDSClusterName/SystemBoundCRDsClusterName/g (#2521)
  • Add indexers.ByPathAndName helper (#2516)
  • Use deletion handling keyfunc where needed (#2519)
  • logicalcluster deletion: switch to .Cluster() (#2520)
  • Deflake apibinding immutability test (#2515)
  • sharded-test-server: add quiet support to front-proxy (#2514)
  • Correct the typo in an error message (#2506)
  • Add test for shallow copy and make partial metadata CRD (#2497)
  • build(deps): bump goreleaser/goreleaser-action from 3 to 4 (#2483)
  • goreleaser: distinguish tags and PRs (#2495)
  • Test goreleaser changes in CI (#2492)
  • Add github action concurrency based on workflow-ref (#2488)

📖 Additionally, there have been 15 contributions to our documentation and book. (#2799, #2828, #2823, #2801, #2796, #2788, #2768, #2702, #2722, #2749, #2725, #2673, #2708, #2580, #2499)

Thanks to all our contributors! 😊

Assets 15