Skip to content

Latest commit

 

History

History
132 lines (84 loc) · 4.6 KB

CHANGELOG.md

File metadata and controls

132 lines (84 loc) · 4.6 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

[Unreleased]

[23.7.0] - 2023-07-14

Added

  • Generate OLM bundle for Release 23.4.0 ([#271]).
  • Added support for converting secrets (including generating PKCS#12 bundles) (#286).

Changed

  • operator-rs 0.27.1 -> 0.44.0 (#275, #294).
  • Removed dummy key from generated Kerberos keytab (#285).
  • [BREAKING] Daemonset for SecretOperator now assign resource requests and limits to all containers and init containers. Users who have configured resource limits previously in the 'values.yaml' file will need to move the configured limits from .resources to .node.driver.resources for them to be honored going forward (#289).

[23.4.0] - 2023-04-17

Added

  • Added kerberosKeytab provisioner backend using MIT Kerberos (#99, #257).
  • Added experimental unprivileged mode (#252).

Changed

  • Shortened the registration socket path for Microk8s compatibility (#231).
    • The old CSI registration path will be automatically migrated during upgrade (#258, #260).
    • You might need to manually remove /var/lib/kubelet/plugins_registry/secrets.stackable.tech-reg.sock when downgrading
  • Made kubeletDir configurable (#232).
    • Microk8s users will need to --set kubeletDir=/var/snap/microk8s/common/var/lib/kubelet.

[23.1.0] - 2023-01-23

Changed

  • operator-rs: 0.25.0 -> 0.27.1 (#212).

[0.6.0] - 2022-11-07

Changed

  • Include chart name when installing with a custom release name (#153).
  • operator-rs: 0.10.0 -> 0.25.0 (#180).

[0.5.0] - 2022-06-30

Added

  • "privileged" security context constraints for OpenShift clusters (#144)

[0.4.0] - 2022-05-18

Added

  • Pods that consume Node-scoped k8sSearch secrets will now only be scheduled to Nodes that have the secret provisioned (#125).
    • This is only supported for pods that use the new-style ephemeral volume definitions rather than csi.

Changed

  • Pods that consume secrets should now use the ephemeral volume type rather than csi (#125).
    • csi volumes will keep working for now, but should be considered deprecated, and will not be compatible with all new features.

[0.3.0] - 2022-05-05

Added

  • Pods that use autoTls volumes are now evicted when their certificates are about to expire (#114, commons-#20).

Changed

  • autoTls CA generation now requires opt-in (#77).
    • The default tls SecretClass now has this opt-in by default.

Removed

  • k8sSearch backend's option secretLabels has been removed (#123).

[0.2.0] - 2022-02-14

This release will cause any Pods that already used it get stuck Terminating when they are next deleted. The easiest way to fix this is to perform a rolling reboot of all nodes after the upgrade.

This is a one-time migration.

Changed

  • Store secrets on tmpfs (#37).
  • Locked down secret permissions by default (#37).
  • Operator-rs: 0.8.0 -> 0.10.0 (#49).

Bugfixes

  • Fixed thread starvation and slow shutdowns (#47).

[0.1.0] - 2022-02-03

Added

  • Initial release