Releases: operator-framework/operator-sdk
Releases · operator-framework/operator-sdk
v1.31.0
v1.31.0
Changes
- (ansible): Update the
quay.io/operator-framework/ansible-operator
base image to now use Ansible 2.15.0. Removes pre-installed Python modules that are not required to build and run thetestdata/ansible/memcached-operator
sample. Updates Python to 3.9 to work with Ansible 2.15.0. (#6483) - (ansible/v1): Updates the
ansible/v1
plugin scaffolding to: - Remove thecommunity.kubernetes
collection - Update theoperator_sdk.util
collection fromv0.4.0
-->v0.5.0
- Update themolecule.yaml
files to work withmolecule v5.1.0
. (#6483) - (helm): Use informer to list helm secrets to improve performance. (#6354)
- Updated Reference from "to_be_owned.namespace" to "to_be_owned.metadata.namespace " in the ansible reference documentation. (#6409)
Removals
- (ansible): Remove the
quay.io/operator-framework/ansible-operator-2.11-preview
image. This image will no longer be built after Operator-SDK v1.30.0. (#6483)
Bug Fixes
- Fix a bug where
olm install
command is failed for "no-match" error.
The output in this case is something like:
$ operator-sdk olm install --verbose ... FATA[0001] Failed to install OLM version "latest": failed to create CRDs and resources: no matches for kind "OLMConfig" in version "operators.coreos.com/v1"
. Now, in this case, operator-sdk tries to create the resource again, until it succeeds (or until the timeout exceeded). (#6490) - Fix a bug where
run bundle
command does not copy all FBC manifests into the new catalog image if custom index-image is passed. (#6512) markUnsafe
now correctly marks as unsafe the all variables passed inspec
. (#6376)
v1.30.0
v1.30.0
Additions
- Add a Parameter to the Makefile to allow modifying the 'operator-sdk' binary before running any commands. If necessary, a specific version of the SDK can be downloaded for cases when the project has yet to upgrade to a later or latest version. (#6443)
- Currently, the operator SDK for the Ansible operator lacks options to customize the leader election resource lock behavior. This limits the flexibility of the operator and prevents users from adjusting lease duration and renew deadline according to their specific needs.
Changes: Implemented enhancements to the operator SDK to include additional flags for configuring leader election resource lock options. These changes provide users with the ability to specify the type of resource object used for locking during leader election and customize the lease duration and renew deadline.
Introduced --leader-elect-lease-duration flag to allow users to define the duration that non-leader candidates will wait to force acquire leadership. The default duration is set to 15 seconds.
Introduced --leader-elect-renew-deadline flag, enabling users to set the renew deadline, which determines the duration that the acting control plane will retry refreshing leadership before giving up. The default duration is set to 10 seconds.
Introduced --leader-elect-resource-lock flag to allow users to define the type of resource object that is used for locking during leader election. Supported options are 'leases', 'endpointsleases', and 'configmapsleases'. The default option is 'leases'.
These changes provide more flexibility and control over leader election behavior, allowing operators to adapt to various deployment scenarios and specific requirements. (#6426)
Changes
- Currently, when setting
overrideValues
in yourwatches.yaml
, every entry is logged with its key and its value. When working with confidential information such as credentials, logging those information would not be optimal nor desirable. Therefore, there should be a way to silence/suppress these values.
This feature introduces the--suppress-override-values
boolean-flag for thehelm-operator
. When set to true, the value of the overrideValues entry is sanitized with this value "****".
This is a simple example ofoverrideValues
of thewatches.yaml
```yaml overrideValues:
x: y
The default-value of `--suppress-override-values` is `false` so therefore we would get this warning logged: `Chart value x overridden to y by operator's watches.yaml`
When setting `--suppress-override-values` `true` the warning will be logged in the following manner: `Chart value x overridden to **** by operator's watches.yaml`. ([#6469](https://github.com/operator-framework/operator-sdk/pull/6469))
- (images): Bumps all Operator SDK maintained images to now use ubi(-minimal) tag 8.8. ([#6466](https://github.com/operator-framework/operator-sdk/pull/6466))
### Bug Fixes
- In `run bundle-upgrade`, hash the cache directory name to avoid error of too long file name. ([#6477](https://github.com/operator-framework/operator-sdk/pull/6477))
v1.29.0
v1.29.0
Changes
- (scorecard): Update kuttl to v0.15.0 in the scorecard-test-kuttl image. (#6401)
- (ansible/v1): Bump the golang base image version in the ansible-operator Dockerfiles from 1.18 to 1.19. (#6398)
- (operator-sdk run bundle): Compress the bundle content, to avoid the configMap exceed max length error. The error will look like this:
... ConfigMap ... is invalid: []: Too long: must have at most 1048576 bytes
.
Fixes issue #6323. (#6408)
Bug Fixes
- (docs): Update the go version in the developer guide. The documentation wasn't updated when the go version was bumped to v1.19. (#6101)
v1.28.1
v1.28.1
No changes for this release!
v1.28.0
v1.28.0
Changes
- (ansible): Revert the cryptography package unpinning and repin to v3.3.2. (#6348)
-
- Upgrade Kubernetes dependencies from
1.25
to1.26
. - Upgradesigs.k8s.io/controller-tools
fromv0.10.0
tov0.11.3
. More info: https://github.com/kubernetes-sigs/controller-tools/releases - Upgradesigs.k8s.io/controller-runtime
dependency fromv0.13.0
tov0.14.5
. More info: https://github.com/kubernetes-sigs/controller-runtime/releases - Upgradek8s.io/client-go
dependency fromv0.25.3
tov0.26.2
. - Upgradecontroller-gen
dependency fromv0.10.0
tov0.11.1
. - Upgradekube-rbac-proxy
fromv0.13.0
tov0.13.1
- Modify gov4alpha plugin to usego/v4-alpha
from Kubebuilder. (#6352)
- Upgrade Kubernetes dependencies from
Bug Fixes
- For ansible operators: fix a JSON parsing bug by updating the kubernetes.core collection to v2.4.0. (#6334)
- (scorecard): update default storage and untar images to images that run as non-root users by default. This ensures full compliance with restricted PSA guidelines when using
--pod-security=restricted
. (#6335)
v1.26.1
v1.26.1
Changes
operator-sdk run bundle(-upgrade)
: Change default of the--security-context-config
flag to belegacy
instead ofrestricted
. (#6226)operator-sdk run bundle
: When creating the CatalogSource, we now set thegrpcPodConfig.SecurityContextConfig
to the value of the--security-context-config
flag. (#6226)
Bug Fixes
operator-sdk bundle validate
: Fix a bug in the Kubernetes 1.25 validation logic that would warn that a Kubernetes resource was deprecated without checking the group that contains the resource. (i.e if apps/deployments was deprecated and you used other/deployments you would recieve a warning)". The validation logic will now verify the group and resource before issuing a warning. (#6231)operator-sdk run bundle(-upgrade)
: Fix a bug where SQLite bundle images were failing to be run properly due to a change in the default channel that is used byrun bundle(-upgrade)
when creating a subscription. (#6226)operator-sdk run bundle(-upgrade)
: Update the logic used to set a Registry Pod's PSA configuration to fix a bug where a Pod's containers still had a restrictive SecurityContext even when setting--security-context-config=legacy
. (#6226)
v1.27.0
v1.27.0
Changes
operator-sdk run bundle(-upgrade)
: Change default of the--security-context-config
flag to belegacy
instead ofrestricted
. (#6210)operator-sdk run bundle
: When creating the CatalogSource, we now set thegrpcPodConfig.SecurityContextConfig
to the value of the--security-context-config
flag. (#6210)- The
scorecard-test-kuttl
image always prints the kuttl logs in case there is an error processing the kuttl report. (#6225)
Bug Fixes
operator-sdk bundle validate
: Fix a bug in the Kubernetes 1.25 validation logic that would warn that a Kubernetes resource was deprecated without checking the group that contains the resource. (i.e if apps/deployments was deprecated and you used other/deployments you would recieve a warning)". The validation logic will now verify the group and resource before issuing a warning. (#6227)operator-sdk run bundle(-upgrade)
: Fix a bug where SQLite bundle images were failing to be run properly due to a change in the default channel that is used byrun bundle(-upgrade)
when creating a subscription. (#6210)operator-sdk run bundle(-upgrade)
: Update the logic used to set a Registry Pod's PSA configuration to fix a bug where a Pod's containers still had a restrictive SecurityContext even when setting--security-context-config=legacy
. (#6210)- For
operator-sdk bundle validate
: Fix a bug that would make the command exit with a 0 exit code even if there were validation failures. (#6274) - (scorecard): Fixes a bug where an error would be thrown if a Custom Resource did not have a
.spec
field, which is a perfectly valid scenario. Instead of throwing an error scorecard will now issue a suggestion. (#6245)
v1.25.4
v1.25.4
Changes
operator-sdk run bundle(-upgrade)
: Change default of the--security-context-config
flag to belegacy
instead ofrestricted
. (#6261)operator-sdk run bundle
: When creating the CatalogSource, we now set thegrpcPodConfig.SecurityContextConfig
to the value of the--security-context-config
flag. (#6261)
Bug Fixes
operator-sdk bundle validate
: Fix a bug in the Kubernetes 1.25 validation logic that would warn that a Kubernetes resource was deprecated without checking the group that contains the resource. (i.e if apps/deployments was deprecated and you used other/deployments you would recieve a warning)". The validation logic will now verify the group and resource before issuing a warning. (#6263)- For
operator-sdk run bundle(-upgrade)
: fix a bug in the logic that would attempt to create aConfigMap
that contained the entire contents of an FBC. Now if the FBC contents are to large to fit into a singleConfigMap
, the FBC contents will be partitioned and split amongst multipleConfigMap
resources. (#6262) operator-sdk run bundle(-upgrade)
: Fix a bug where SQLite bundle images were failing to be run properly due to a change in the default channel that is used byrun bundle(-upgrade)
when creating a subscription. (#6261)operator-sdk run bundle(-upgrade)
: Update the logic used to set a Registry Pod's PSA configuration to fix a bug where a Pod's containers still had a restrictive SecurityContext even when setting--security-context-config=legacy
. (#6261)- (scorecard): Fixes a bug where an error would be thrown if a Custom Resource did not have a
.spec
field, which is a perfectly valid scenario. Instead of throwing an error scorecard will now issue a suggestion. (#6266)
v1.26.0
v1.26.0
Additions
- For
operator-sdk bundle validate
: When checking for Kubernetes APIs deprecated in Kubernetes v1.25.0 the ClusterServiceVersion's CustomResourceDefinitions, ClusterPermissions, and Permissions are now validated to ensure no references to deprecated APIs are being made. (#6119)
Changes
- (images): Bumps all Operator SDK maintained images to now use ubi(-minimal) tag 8.7. (#6175)
Bug Fixes
- ansible: fixed "make run" so it finds local roles. (#6110)
- For
operator-sdk run bundle(-upgrade)
: fix a bug in the logic that would attempt to create aConfigMap
that contained the entire contents of an FBC. Now if the FBC contents are to large to fit into a singleConfigMap
, the FBC contents will be partitioned and split amongst multipleConfigMap
resources. (#6182)