v1.13.3

Changes by Kind

New Features

• PingSource schedule supports optional seconds field (#7394, @SiBell)
• Trust-manager integration (#7532, @pierDipi)
• Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
• Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
• Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
• Introduce EventTypes v1beta3 version (#7304, @matzew)
• EventType V1Beta2 deprecation (#7454, @matzew)
• Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
• Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
• Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
• Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

• PingSource TLS & OIDC test (#7416, @Leo6Leo)
• Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
• EventType v1beta1 deprecation (#7453 and #7303, @matzew)
• Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
• Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
• Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
• InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
• Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
• Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
• When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.13.2

Changes by Kind

New Features

• PingSource schedule supports optional seconds field (#7394, @SiBell)
• Trust-manager integration (#7532, @pierDipi)
• Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
• Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
• Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
• Introduce EventTypes v1beta3 version (#7304, @matzew)
• EventType V1Beta2 deprecation (#7454, @matzew)
• Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
• Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
• Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
• Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

• PingSource TLS & OIDC test (#7416, @Leo6Leo)
• Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
• EventType v1beta1 deprecation (#7453 and #7303, @matzew)
• Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
• Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
• Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
• InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
• Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
• Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
• When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.12.5

Changes by Kind

New Features

• The filters field in Triggers is now beta and enabled by default
  • New Event Filters are now only created once, rather than on each event (#7213, @Cali0707)
  • The Any filter now dynamically optimizes the order of nested filters for optimal performance. (#7205, @Cali0707)
  • The all filter now dynamically optimizes its ordering to improve performance (#7300, @Cali0707)
  • The exact filter now uses less memory and is faster! (#7311, @Cali0707)
  • The prefix filter just got a whole lot faster! (#7309, @Cali0707)
  • The suffix filter is now faster! (#7312, @Cali0707)
• OIDC authentication feature
  • Add Audience field in CRDs (#7244, @xiangpingjiang)
  • Expose OIDC audience of a Broker in its status (#7237, @creydr)
  • Expose OIDC audience of an InMemoryChannel in its status (#7371, @creydr)
  • Expose the APIServerSource OIDC service account name in the APIServerSource .status.auth.serviceAccountName (#7330, @Leo6Leo)
  • Expose the PingSource OIDC service account name in the PingSource .status.auth.serviceAccountName (#7344, @Leo6Leo)
  • Expose the SinkBinding OIDC service account name in the SinkBinding .status.auth.serviceAccountName (#7327, @rahulii)
  • Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName (#7338, @xiangpingjiang)
  • Expose the Triggers OIDC service account name in the Triggers .status.auth.serviceAccountName (#7299, @creydr)
  • Mt-broker-ingress: verify the audience of the received JWT if OIDC authentication is enabled (#7336, @creydr)
  • OIDC tokens are now cached to improve performance. (#7335, @Cali0707)
• It is now possible to specify a subset of features in config-features without overriding default values (#7379, @pierDipi)
• PingSource schedule supports optional seconds field

Bug Fixes

• Fix unique name generator for auto-created EventType (#7160, @dsimansk)
• Correctly handle networking errors when ApiServerSource adapter can't retrieve resources when starts. (#7279, @pierDipi)
• Event Types are now only created once when using a MTChannelBasedBroker. (#7161, @Cali0707)
• Set cluster domain suffix in TLS records correctly. (#7145, @creydr)
• 🐛 Memory leak in the not filter was fixed. (#7310, @Cali0707)
• 🐛 The filters field now only overrides the filter field on a trigger if there are filters in the filters field. (#7286, @Cali0707)
• Fixed bug where eventtypes for builtin sources were created and deleted in a loop (#7245, @Cali0707)
• Fix of the rule aggregation of the knative-eventing-namespaced-edit role to only give view permissions on knative eventing resources. (#7124, @creydr)
• Update go x/net dependency to help mitigate CVE-2023-44487 (#7348, @Cali0707)

v1.13.1

Changes by Kind

New Features

• PingSource schedule supports optional seconds field (#7394, @SiBell)
• Trust-manager integration (#7532, @pierDipi)
• Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
• Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
• Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
• Introduce EventTypes v1beta3 version (#7304, @matzew)
• EventType V1Beta2 deprecation (#7454, @matzew)
• Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
• Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
• Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
• Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

• PingSource TLS & OIDC test (#7416, @Leo6Leo)
• Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
• EventType v1beta1 deprecation (#7453 and #7303, @matzew)
• Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
• Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
• Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
• InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
• Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
• Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
• When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.11.11

Changes

• Updated mtping TLS cert test to bind to free port (#7036, @Cali0707)
• Add TLS support for mt-broker-filter (#6940, @creydr)
• Adding v1beta2 version for EventType and type conversion (#6903, @matzew)
• ApiServerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6956, @pierDipi)
• ContainerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6957, @vishal-chdhry)
• Even Type auto-create feature:
  • Based on CloudEvents processed in an inmemorychannel corresponding EventType resources are created in the namespace (#7089, @Cali0707)
  • Feature flag to enable: eventtype-auto-create in configmap/config-features
  • Based on CloudEvents processed in a broker corresponding EventType resources are created in the namespace (#7034, @dsimansk)
• EventType v1b2 on sources duck controller/reconciler used (#6962, @matzew)
• EventType v1beta2 usage on the reconciler (#6949, @matzew)
• Do not parse flags in InitializeEventingFlags (#6966, @mgencur)
• PingSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6965, @pierDipi)
• Source duck compliant source now create EventTypes for KResources, not just brokers (#7032, @matzew)
• The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6897, @vishal-chdhry)
• The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6920, @vishal-chdhry)
• The BROKER field of the EventType is deprecated, and is replaced by a KRef reference, pointing to the broker. In the future Knative will be able to support other addressables with EventType, instead of just a broker (#6870, @matzew)
• The EventType CRD can now point to other resources, like channels or sinks (#7023, @matzew)
• imc-dispatcher supports an https endpoint for receiving events. The channel is deduced from the path. (#6954, @gab-satchi)

Full Changelog: knative-v1.10.0...knative-v1.11.0

v1.13.0

Changes by Kind

New Features

• PingSource schedule supports optional seconds field (#7394, @SiBell)
• Trust-manager integration (#7532, @pierDipi)
• Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
• Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
• Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
• Introduce EventTypes v1beta3 version (#7304, @matzew)
• EventType V1Beta2 deprecation (#7454, @matzew)
• Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
• Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
• Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
• Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

• PingSource TLS & OIDC test (#7416, @Leo6Leo)
• Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
• EventType v1beta1 deprecation (#7453 and #7303, @matzew)
• Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
• Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
• Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
• InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
• Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
• Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
• When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.12.4

Changes by Kind

New Features

• The filters field in Triggers is now beta and enabled by default
  • New Event Filters are now only created once, rather than on each event (#7213, @Cali0707)
  • The Any filter now dynamically optimizes the order of nested filters for optimal performance. (#7205, @Cali0707)
  • The all filter now dynamically optimizes its ordering to improve performance (#7300, @Cali0707)
  • The exact filter now uses less memory and is faster! (#7311, @Cali0707)
  • The prefix filter just got a whole lot faster! (#7309, @Cali0707)
  • The suffix filter is now faster! (#7312, @Cali0707)
• OIDC authentication feature
  • Add Audience field in CRDs (#7244, @xiangpingjiang)
  • Expose OIDC audience of a Broker in its status (#7237, @creydr)
  • Expose OIDC audience of an InMemoryChannel in its status (#7371, @creydr)
  • Expose the APIServerSource OIDC service account name in the APIServerSource .status.auth.serviceAccountName (#7330, @Leo6Leo)
  • Expose the PingSource OIDC service account name in the PingSource .status.auth.serviceAccountName (#7344, @Leo6Leo)
  • Expose the SinkBinding OIDC service account name in the SinkBinding .status.auth.serviceAccountName (#7327, @rahulii)
  • Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName (#7338, @xiangpingjiang)
  • Expose the Triggers OIDC service account name in the Triggers .status.auth.serviceAccountName (#7299, @creydr)
  • Mt-broker-ingress: verify the audience of the received JWT if OIDC authentication is enabled (#7336, @creydr)
  • OIDC tokens are now cached to improve performance. (#7335, @Cali0707)
• It is now possible to specify a subset of features in config-features without overriding default values (#7379, @pierDipi)
• PingSource schedule supports optional seconds field

Bug Fixes

• Fix unique name generator for auto-created EventType (#7160, @dsimansk)
• Correctly handle networking errors when ApiServerSource adapter can't retrieve resources when starts. (#7279, @pierDipi)
• Event Types are now only created once when using a MTChannelBasedBroker. (#7161, @Cali0707)
• Set cluster domain suffix in TLS records correctly. (#7145, @creydr)
• 🐛 Memory leak in the not filter was fixed. (#7310, @Cali0707)
• 🐛 The filters field now only overrides the filter field on a trigger if there are filters in the filters field. (#7286, @Cali0707)
• Fixed bug where eventtypes for builtin sources were created and deleted in a loop (#7245, @Cali0707)
• Fix of the rule aggregation of the knative-eventing-namespaced-edit role to only give view permissions on knative eventing resources. (#7124, @creydr)
• Update go x/net dependency to help mitigate CVE-2023-44487 (#7348, @Cali0707)

v1.11.10

Changes

• Updated mtping TLS cert test to bind to free port (#7036, @Cali0707)
• Add TLS support for mt-broker-filter (#6940, @creydr)
• Adding v1beta2 version for EventType and type conversion (#6903, @matzew)
• ApiServerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6956, @pierDipi)
• ContainerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6957, @vishal-chdhry)
• Even Type auto-create feature:
  • Based on CloudEvents processed in an inmemorychannel corresponding EventType resources are created in the namespace (#7089, @Cali0707)
  • Feature flag to enable: eventtype-auto-create in configmap/config-features
  • Based on CloudEvents processed in a broker corresponding EventType resources are created in the namespace (#7034, @dsimansk)
• EventType v1b2 on sources duck controller/reconciler used (#6962, @matzew)
• EventType v1beta2 usage on the reconciler (#6949, @matzew)
• Do not parse flags in InitializeEventingFlags (#6966, @mgencur)
• PingSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6965, @pierDipi)
• Source duck compliant source now create EventTypes for KResources, not just brokers (#7032, @matzew)
• The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6897, @vishal-chdhry)
• The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6920, @vishal-chdhry)
• The BROKER field of the EventType is deprecated, and is replaced by a KRef reference, pointing to the broker. In the future Knative will be able to support other addressables with EventType, instead of just a broker (#6870, @matzew)
• The EventType CRD can now point to other resources, like channels or sinks (#7023, @matzew)
• imc-dispatcher supports an https endpoint for receiving events. The channel is deduced from the path. (#6954, @gab-satchi)

Full Changelog: knative-v1.10.0...knative-v1.11.0

v1.12.3

Changes by Kind

New Features

• The filters field in Triggers is now beta and enabled by default
  • New Event Filters are now only created once, rather than on each event (#7213, @Cali0707)
  • The Any filter now dynamically optimizes the order of nested filters for optimal performance. (#7205, @Cali0707)
  • The all filter now dynamically optimizes its ordering to improve performance (#7300, @Cali0707)
  • The exact filter now uses less memory and is faster! (#7311, @Cali0707)
  • The prefix filter just got a whole lot faster! (#7309, @Cali0707)
  • The suffix filter is now faster! (#7312, @Cali0707)
• OIDC authentication feature
  • Add Audience field in CRDs (#7244, @xiangpingjiang)
  • Expose OIDC audience of a Broker in its status (#7237, @creydr)
  • Expose OIDC audience of an InMemoryChannel in its status (#7371, @creydr)
  • Expose the APIServerSource OIDC service account name in the APIServerSource .status.auth.serviceAccountName (#7330, @Leo6Leo)
  • Expose the PingSource OIDC service account name in the PingSource .status.auth.serviceAccountName (#7344, @Leo6Leo)
  • Expose the SinkBinding OIDC service account name in the SinkBinding .status.auth.serviceAccountName (#7327, @rahulii)
  • Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName (#7338, @xiangpingjiang)
  • Expose the Triggers OIDC service account name in the Triggers .status.auth.serviceAccountName (#7299, @creydr)
  • Mt-broker-ingress: verify the audience of the received JWT if OIDC authentication is enabled (#7336, @creydr)
  • OIDC tokens are now cached to improve performance. (#7335, @Cali0707)
• It is now possible to specify a subset of features in config-features without overriding default values (#7379, @pierDipi)
• PingSource schedule supports optional seconds field

Bug Fixes

• Fix unique name generator for auto-created EventType (#7160, @dsimansk)
• Correctly handle networking errors when ApiServerSource adapter can't retrieve resources when starts. (#7279, @pierDipi)
• Event Types are now only created once when using a MTChannelBasedBroker. (#7161, @Cali0707)
• Set cluster domain suffix in TLS records correctly. (#7145, @creydr)
• 🐛 Memory leak in the not filter was fixed. (#7310, @Cali0707)
• 🐛 The filters field now only overrides the filter field on a trigger if there are filters in the filters field. (#7286, @Cali0707)
• Fixed bug where eventtypes for builtin sources were created and deleted in a loop (#7245, @Cali0707)
• Fix of the rule aggregation of the knative-eventing-namespaced-edit role to only give view permissions on knative eventing resources. (#7124, @creydr)
• Update go x/net dependency to help mitigate CVE-2023-44487 (#7348, @Cali0707)

v1.12.2

Changes by Kind

New Features

• The filters field in Triggers is now beta and enabled by default
  • New Event Filters are now only created once, rather than on each event (#7213, @Cali0707)
  • The Any filter now dynamically optimizes the order of nested filters for optimal performance. (#7205, @Cali0707)
  • The all filter now dynamically optimizes its ordering to improve performance (#7300, @Cali0707)
  • The exact filter now uses less memory and is faster! (#7311, @Cali0707)
  • The prefix filter just got a whole lot faster! (#7309, @Cali0707)
  • The suffix filter is now faster! (#7312, @Cali0707)
• OIDC authentication feature
  • Add Audience field in CRDs (#7244, @xiangpingjiang)
  • Expose OIDC audience of a Broker in its status (#7237, @creydr)
  • Expose OIDC audience of an InMemoryChannel in its status (#7371, @creydr)
  • Expose the APIServerSource OIDC service account name in the APIServerSource .status.auth.serviceAccountName (#7330, @Leo6Leo)
  • Expose the PingSource OIDC service account name in the PingSource .status.auth.serviceAccountName (#7344, @Leo6Leo)
  • Expose the SinkBinding OIDC service account name in the SinkBinding .status.auth.serviceAccountName (#7327, @rahulii)
  • Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName (#7338, @xiangpingjiang)
  • Expose the Triggers OIDC service account name in the Triggers .status.auth.serviceAccountName (#7299, @creydr)
  • Mt-broker-ingress: verify the audience of the received JWT if OIDC authentication is enabled (#7336, @creydr)
  • OIDC tokens are now cached to improve performance. (#7335, @Cali0707)
• It is now possible to specify a subset of features in config-features without overriding default values (#7379, @pierDipi)

Bug Fixes

• Fix unique name generator for auto-created EventType (#7160, @dsimansk)
• Correctly handle networking errors when ApiServerSource adapter can't retrieve resources when starts. (#7279, @pierDipi)
• Event Types are now only created once when using a MTChannelBasedBroker. (#7161, @Cali0707)
• Set cluster domain suffix in TLS records correctly. (#7145, @creydr)
• 🐛 Memory leak in the not filter was fixed. (#7310, @Cali0707)
• 🐛 The filters field now only overrides the filter field on a trigger if there are filters in the filters field. (#7286, @Cali0707)
• Fixed bug where eventtypes for builtin sources were created and deleted in a loop (#7245, @Cali0707)
• Fix of the rule aggregation of the knative-eventing-namespaced-edit role to only give view permissions on knative eventing resources. (#7124, @creydr)
• Update go x/net dependency to help mitigate CVE-2023-44487 (#7348, @Cali0707)