Skip to content

v0.9.1
Compare
Choose a tag to compare
@github-actions github-actions released this 19 Jul 07:41
· 18 commits to main since this release
v0.9.1
2d7c69f

We're happy to announce the release v0.9.1 of template-controller. This is quite a huge release with a lot of breaking changes. Please read the release notes carefully.

All these changes lead to a template-controller that is a lot easier to maintain, meaning that updates will come more often from now on.

Big thanks and a shoutout 📣 goes out to @erikgb for his very valuable input and feedback on the template-controller.

Breaking Changes

Always use impersonation

The template-controller will now always use impersonation to watch for updated template inputs. This means, that you might run into permission errors if your service accounts did not have the proper permissions to watch for changes. In the past, the controller's service account was used for watches, leading for some users to not notice missing privileges in their own RBAC.

Switching to OCI-only Helm Charts

The Chart Repository (found at https://github.com/kluctl/charts) is archived now and won't get any updates. Instead, the Chart is from now on only released as OCI Chart. For you as a consumer, this only means that you now don't have to add (helm repo add xxx) the old repo before being able to install the Chart. Instead, you'll use the OCI URL from now on:

$ helm install template-controller -n template-controller --create-namespace oci://ghcr.io/kluctl/charts/template-controller

Please follow the install instructions found here.

⚠️ These also contain important upgrade instructions in case you were using the old Helm Chart repository. ⚠️

Chart Version bump

The Chart version has been bumped from 0.2.5 to 0.9.1 to match the controller version. The version will from now on always match.

Removal of kubebuilder compatible kustomize overlays

The kustomize overlays found in config have been reduced to the absolute minimum. We now only have crds and rbac auto-generated by kubebuilder and thus only provide these manifests inside config.

Instead, the now included Helm Chart is used to autogenerate deploy/manifests/template-controller.yaml.

Removal of ObjectHandler

The ObjectHandler CRD and controllers have been removed. These were never documented as they were just an experiment.

Change of base image

The base image for the controller has been changed to use wolfi-base. This should reduce the amount of CVEs found by scanners a lot.

Changelog

v0.9.1 (2024-07-18)

Features

  • Remove all kustomize resources except CRDs (6e59fe3)
  • Switch to wolfi-base image (3b30e0f)
  • Remove ObjectHandler (#95) (52e6264)

Bug Fixes

  • Use Patch instead of Update to remove finalizers (d9e3ee5)
  • Use struct{} instead of bool and fix missing entries in newObjects (c79ac0c)
  • Remove permissions for CRDs (0ebe50e)
  • Use controller-runtime's defaulting mechanism for serviceAccountName (b83e3c4)
  • Perform watches on a per-object basis instead of globally on the kind (a686a38)
  • Stop using global permissions to access configmaps/secrets from template APIs (619a05b)
  • Ignore not-found errors (89ae88c)
  • Stop using pointers as list elements when not really necessary (cee3c2c)
  • Use provided rest config (f515dc9)
  • deps: upgraded dependencies (#94) (4725d14)

Contributors

erikgb
Assets 8
Loading