Skip to content

Releases: operator-framework/operator-sdk

v1.31.0

27 Jul 15:05
e67da35
Compare
Choose a tag to compare

v1.31.0

Changes

  • (ansible): Update the quay.io/operator-framework/ansible-operator base image to now use Ansible 2.15.0. Removes pre-installed Python modules that are not required to build and run the testdata/ansible/memcached-operator sample. Updates Python to 3.9 to work with Ansible 2.15.0. (#6483)
  • (ansible/v1): Updates the ansible/v1 plugin scaffolding to: - Remove the community.kubernetes collection - Update the operator_sdk.util collection from v0.4.0 --> v0.5.0 - Update the molecule.yaml files to work with molecule v5.1.0. (#6483)
  • (helm): Use informer to list helm secrets to improve performance. (#6354)
  • Updated Reference from "to_be_owned.namespace" to "to_be_owned.metadata.namespace " in the ansible reference documentation. (#6409)

Removals

  • (ansible): Remove the quay.io/operator-framework/ansible-operator-2.11-preview image. This image will no longer be built after Operator-SDK v1.30.0. (#6483)

Bug Fixes

  • Fix a bug where olm install command is failed for "no-match" error.
    The output in this case is something like:
    $ operator-sdk olm install --verbose ... FATA[0001] Failed to install OLM version "latest": failed to create CRDs and resources: no matches for kind "OLMConfig" in version "operators.coreos.com/v1". Now, in this case, operator-sdk tries to create the resource again, until it succeeds (or until the timeout exceeded). (#6490)
  • Fix a bug where run bundle command does not copy all FBC manifests into the new catalog image if custom index-image is passed. (#6512)
  • markUnsafe now correctly marks as unsafe the all variables passed in spec. (#6376)

v1.30.0

26 Jun 21:57
v1.30.0
b794fe9
Compare
Choose a tag to compare

v1.30.0

Additions

  • Add a Parameter to the Makefile to allow modifying the 'operator-sdk' binary before running any commands. If necessary, a specific version of the SDK can be downloaded for cases when the project has yet to upgrade to a later or latest version. (#6443)
  • Currently, the operator SDK for the Ansible operator lacks options to customize the leader election resource lock behavior. This limits the flexibility of the operator and prevents users from adjusting lease duration and renew deadline according to their specific needs.
    Changes: Implemented enhancements to the operator SDK to include additional flags for configuring leader election resource lock options. These changes provide users with the ability to specify the type of resource object used for locking during leader election and customize the lease duration and renew deadline.
    Introduced --leader-elect-lease-duration flag to allow users to define the duration that non-leader candidates will wait to force acquire leadership. The default duration is set to 15 seconds.
    Introduced --leader-elect-renew-deadline flag, enabling users to set the renew deadline, which determines the duration that the acting control plane will retry refreshing leadership before giving up. The default duration is set to 10 seconds.
    Introduced --leader-elect-resource-lock flag to allow users to define the type of resource object that is used for locking during leader election. Supported options are 'leases', 'endpointsleases', and 'configmapsleases'. The default option is 'leases'.
    These changes provide more flexibility and control over leader election behavior, allowing operators to adapt to various deployment scenarios and specific requirements. (#6426)

Changes

  • Currently, when setting overrideValues in your watches.yaml, every entry is logged with its key and its value. When working with confidential information such as credentials, logging those information would not be optimal nor desirable. Therefore, there should be a way to silence/suppress these values.
    This feature introduces the --suppress-override-values boolean-flag for the helm-operator. When set to true, the value of the overrideValues entry is sanitized with this value "****".
    This is a simple example of overrideValues of the watches.yaml ```yaml overrideValues:
    x: y
The default-value of `--suppress-override-values` is `false` so therefore we would get this warning logged: `Chart value x overridden to y by operator's watches.yaml`
When setting `--suppress-override-values` `true` the warning will be logged in the following manner: `Chart value x overridden to **** by operator's watches.yaml`. ([#6469](https://github.com/operator-framework/operator-sdk/pull/6469))
- (images): Bumps all Operator SDK maintained images to now use ubi(-minimal) tag 8.8. ([#6466](https://github.com/operator-framework/operator-sdk/pull/6466))

### Bug Fixes

- In `run bundle-upgrade`, hash the cache directory name to avoid error of too long file name. ([#6477](https://github.com/operator-framework/operator-sdk/pull/6477))

v1.29.0

31 May 20:38
v1.29.0
78c5643
Compare
Choose a tag to compare

v1.29.0

Changes

  • (scorecard): Update kuttl to v0.15.0 in the scorecard-test-kuttl image. (#6401)
  • (ansible/v1): Bump the golang base image version in the ansible-operator Dockerfiles from 1.18 to 1.19. (#6398)
  • (operator-sdk run bundle): Compress the bundle content, to avoid the configMap exceed max length error. The error will look like this:
    ... ConfigMap ... is invalid: []: Too long: must have at most 1048576 bytes.
    Fixes issue #6323. (#6408)

Bug Fixes

  • (docs): Update the go version in the developer guide. The documentation wasn't updated when the go version was bumped to v1.19. (#6101)

v1.28.1

28 Apr 18:42
v1.28.1
b05f6a5
Compare
Choose a tag to compare

v1.28.1

No changes for this release!

v1.28.0

15 Mar 00:46
v1.28.0
484013d
Compare
Choose a tag to compare

v1.28.0

Changes

  • (ansible): Revert the cryptography package unpinning and repin to v3.3.2. (#6348)

Bug Fixes

  • For ansible operators: fix a JSON parsing bug by updating the kubernetes.core collection to v2.4.0. (#6334)
  • (scorecard): update default storage and untar images to images that run as non-root users by default. This ensures full compliance with restricted PSA guidelines when using --pod-security=restricted. (#6335)

v1.26.1

08 Feb 16:53
v1.26.1
4582a84
Compare
Choose a tag to compare

v1.26.1

Changes

  • operator-sdk run bundle(-upgrade): Change default of the --security-context-config flag to be legacy instead of restricted. (#6226)
  • operator-sdk run bundle: When creating the CatalogSource, we now set the grpcPodConfig.SecurityContextConfig to the value of the --security-context-config flag. (#6226)

Bug Fixes

  • operator-sdk bundle validate: Fix a bug in the Kubernetes 1.25 validation logic that would warn that a Kubernetes resource was deprecated without checking the group that contains the resource. (i.e if apps/deployments was deprecated and you used other/deployments you would recieve a warning)". The validation logic will now verify the group and resource before issuing a warning. (#6231)
  • operator-sdk run bundle(-upgrade): Fix a bug where SQLite bundle images were failing to be run properly due to a change in the default channel that is used by run bundle(-upgrade) when creating a subscription. (#6226)
  • operator-sdk run bundle(-upgrade): Update the logic used to set a Registry Pod's PSA configuration to fix a bug where a Pod's containers still had a restrictive SecurityContext even when setting --security-context-config=legacy. (#6226)

v1.27.0

03 Feb 00:50
v1.27.0
5cbdad9
Compare
Choose a tag to compare

v1.27.0

Changes

  • operator-sdk run bundle(-upgrade): Change default of the --security-context-config flag to be legacy instead of restricted. (#6210)
  • operator-sdk run bundle: When creating the CatalogSource, we now set the grpcPodConfig.SecurityContextConfig to the value of the --security-context-config flag. (#6210)
  • The scorecard-test-kuttl image always prints the kuttl logs in case there is an error processing the kuttl report. (#6225)

Bug Fixes

  • operator-sdk bundle validate: Fix a bug in the Kubernetes 1.25 validation logic that would warn that a Kubernetes resource was deprecated without checking the group that contains the resource. (i.e if apps/deployments was deprecated and you used other/deployments you would recieve a warning)". The validation logic will now verify the group and resource before issuing a warning. (#6227)
  • operator-sdk run bundle(-upgrade): Fix a bug where SQLite bundle images were failing to be run properly due to a change in the default channel that is used by run bundle(-upgrade) when creating a subscription. (#6210)
  • operator-sdk run bundle(-upgrade): Update the logic used to set a Registry Pod's PSA configuration to fix a bug where a Pod's containers still had a restrictive SecurityContext even when setting --security-context-config=legacy. (#6210)
  • For operator-sdk bundle validate: Fix a bug that would make the command exit with a 0 exit code even if there were validation failures. (#6274)
  • (scorecard): Fixes a bug where an error would be thrown if a Custom Resource did not have a .spec field, which is a perfectly valid scenario. Instead of throwing an error scorecard will now issue a suggestion. (#6245)

v1.25.4

26 Jan 19:27
f0a975c
Compare
Choose a tag to compare

v1.25.4

Changes

  • operator-sdk run bundle(-upgrade): Change default of the --security-context-config flag to be legacy instead of restricted. (#6261)
  • operator-sdk run bundle: When creating the CatalogSource, we now set the grpcPodConfig.SecurityContextConfig to the value of the --security-context-config flag. (#6261)

Bug Fixes

  • operator-sdk bundle validate: Fix a bug in the Kubernetes 1.25 validation logic that would warn that a Kubernetes resource was deprecated without checking the group that contains the resource. (i.e if apps/deployments was deprecated and you used other/deployments you would recieve a warning)". The validation logic will now verify the group and resource before issuing a warning. (#6263)
  • For operator-sdk run bundle(-upgrade): fix a bug in the logic that would attempt to create a ConfigMap that contained the entire contents of an FBC. Now if the FBC contents are to large to fit into a single ConfigMap, the FBC contents will be partitioned and split amongst multiple ConfigMap resources. (#6262)
  • operator-sdk run bundle(-upgrade): Fix a bug where SQLite bundle images were failing to be run properly due to a change in the default channel that is used by run bundle(-upgrade) when creating a subscription. (#6261)
  • operator-sdk run bundle(-upgrade): Update the logic used to set a Registry Pod's PSA configuration to fix a bug where a Pod's containers still had a restrictive SecurityContext even when setting --security-context-config=legacy. (#6261)
  • (scorecard): Fixes a bug where an error would be thrown if a Custom Resource did not have a .spec field, which is a perfectly valid scenario. Instead of throwing an error scorecard will now issue a suggestion. (#6266)

v1.26.0

09 Dec 23:53
cbeec47
Compare
Choose a tag to compare

v1.26.0

Additions

  • For operator-sdk bundle validate: When checking for Kubernetes APIs deprecated in Kubernetes v1.25.0 the ClusterServiceVersion's CustomResourceDefinitions, ClusterPermissions, and Permissions are now validated to ensure no references to deprecated APIs are being made. (#6119)

Changes

  • (images): Bumps all Operator SDK maintained images to now use ubi(-minimal) tag 8.7. (#6175)

Bug Fixes

  • ansible: fixed "make run" so it finds local roles. (#6110)
  • For operator-sdk run bundle(-upgrade): fix a bug in the logic that would attempt to create a ConfigMap that contained the entire contents of an FBC. Now if the FBC contents are to large to fit into a single ConfigMap, the FBC contents will be partitioned and split amongst multiple ConfigMap resources. (#6182)

v1.25.3

02 Dec 14:58
v1.25.3
5779ad7
Compare
Choose a tag to compare

v1.25.3

Bug Fixes

  • For the ansible operator container images, update them to properly pull in the base image that uses UBI 8.7. (#6206)