Releases · nebari-dev/nebari-operator · GitHub

10 Apr 11:51

viniciusdc

v0.1.0-alpha.17

v0.1.0-alpha.17 Pre-release

Pre-release

What's Changed

fix: always populate issuer-url in OIDC secret by @dcmcand in #103

Full Changelog: v0.1.0-alpha.16...v0.1.0-alpha.17

Contributors

dcmcand

Assets 4

07 Apr 10:21

dcmcand

v0.1.0-alpha.16

v0.1.0-alpha.16 Pre-release

Pre-release

What's Changed

fix: add runAsUser to pod securityContext to prevent startup failure by @dcmcand in #98

Full Changelog: v0.1.0-alpha.15...v0.1.0-alpha.16

Contributors

dcmcand

Assets 4

30 Mar 19:47

viniciusdc

v0.1.0-alpha.15

v0.1.0-alpha.15 Pre-release

Pre-release

What's Changed

Update configuration reference with missing CRD fields by @dcmcand in #75
feat: support OAuth 2.0 token exchange between NebariApp clients by @aktech in #89
perf: skip OIDC client provisioning when auth config is unchanged by @viniciusdc in #76
fix: set post-logout redirect URIs on Keycloak clients by @aktech in #92

Full Changelog: v0.1.0-alpha.14...v0.1.0-alpha.15

Contributors

aktech, dcmcand, and viniciusdc

Assets 4

25 Mar 14:47

viniciusdc

v0.1.0-alpha.14

v0.1.0-alpha.14 Pre-release

Pre-release

What's Changed

Parallelize e2e tests with shared operator deployment by @dcmcand in #73
feat: sync Helm chart to helm-repository on release by @viniciusdc in #60
fix(docs): fix README logo, CI badge names, and apply editorial improvements by @viniciusdc in #74
ci: remove redundant generated-files workflow by @viniciusdc in #81
chore: remove deprecated helm/v1-alpha from PROJECT file by @viniciusdc in #82
Fix stale SecurityPolicy when auth is disabled by @tylerpotts in #77
Add device flow client provisioning, Secret RBAC, and ServiceAccount field by @dcmcand in #85

Full Changelog: v0.1.0-alpha.13...v0.1.0-alpha.14

Contributors

dcmcand, tylerpotts, and viniciusdc

Assets 4

12 Mar 17:15

viniciusdc

v0.1.0-alpha.13

v0.1.0-alpha.13 Pre-release

Pre-release

What's Changed

feat: improve release workflow and consolidate CI checks by @viniciusdc in #62
feat: add SPA client support for browser-based PKCE authentication by @viniciusdc in #64
feat: Implement SPA client Keycloak provisioning by @viniciusdc in #65
feat: Support cross-namespace services and optional routing management by @viniciusdc in #66
feat: add custom port option for health checks by @viniciusdc in #68
Change default Keycloak context path from /auth to root by @dcmcand in #71
feat: add Gateway listener conflict detection by @viniciusdc in #63

Full Changelog: v0.1.0-alpha.6...v0.1.0-alpha.13

Contributors

dcmcand and viniciusdc

Assets 4

12 Mar 00:20

viniciusdc

v0.1.0-alpha.12

v0.1.0-alpha.12 Pre-release

Pre-release

What's Changed

New Features

Custom health check port: Added an optional port field to HealthCheckConfig, allowing users to specify a different port for health checks than the main service port. This is useful when applications expose health endpoints on a separate port (e.g., admin/metrics port on 9090 while main service runs on 8080).

Example

spec:
  service:
    name: my-app
    port: 8080
  healthCheck:
    enabled: true
    path: /healthz
    port: 9090  # Health check on different port

If the port field is not specified, it defaults to the service port for backward compatibility.

Full Changelog: v0.1.0-alpha.11...v0.1.0-alpha.12

Assets 4

11 Mar 09:39

viniciusdc

v0.1.0-alpha.8 Pre-release

Pre-release

What's Changed

feat: improve release workflow and consolidate CI checks by @viniciusdc in #62
feat: add SPA client support for browser-based PKCE authentication by @viniciusdc in #64

Full Changelog: v0.1.0-alpha.6...v0.1.0-alpha.8

Contributors

viniciusdc

Assets 4

11 Mar 06:20

viniciusdc

v0.1.0-alpha.7 Pre-release

Pre-release

What's Changed

feat: improve release workflow and consolidate CI checks by @viniciusdc in #62

Full Changelog: v0.1.0-alpha.6...v0.1.0-alpha.7

Contributors

viniciusdc

Assets 4

11 Mar 02:10

viniciusdc

v0.1.0-alpha.6 Pre-release

Pre-release

What's Changed

fix: add timeout to Keycloak API calls to prevent indefinite hangs by @dcmcand in #40
fix: always read Keycloak admin credentials fresh from secret by @dcmcand in #39
Move publicPaths to routing.publicRoutes with Exact/PathPrefix matching by @Adam-D-Lewis in #56
feat: add landing page service discovery configuration and status by @viniciusdc in #53

New Contributors

@Adam-D-Lewis made their first contribution in #56

Full Changelog: v0.1.0-alpha.5...v0.1.0-alpha.6

Contributors

dcmcand, Adam-D-Lewis, and viniciusdc

Assets 4

11 Mar 12:36

viniciusdc

v0.1.0-alpha.11

v0.1.0-alpha.11 Pre-release

Pre-release

What's Changed

New Features

Cross-namespace service references: NebariApp can now reference services in other namespaces using the new field in . This enables centralized services to be shared across multiple NebariApp instances in different namespaces.
Optional routing management: Added the ability to disable operator-managed routing by setting in the NebariApp spec. This allows users to manage routing externally while still using the operator for authentication and Keycloak provisioning. When routing is disabled, TLS management is also automatically disabled.

Examples

Cross-namespace service:

spec:
  service:
    name: shared-app
    namespace: shared-services  # Reference service in different namespace
    port: 8000

External routing:

spec:
  routing: null  # Disable operator-managed routing and TLS
  authentication:
    enabled: true  # Still provisions Keycloak client

Full Changelog: v0.1.0-alpha.10...v0.1.0-alpha.11

Assets 4