BUG FIXES:
- Revert "Filter well known labels and annotations" (#1298)
IMPROVEMENTS:
- docs/stateful_set: add import section (#1287)
BUG FIXES:
cluster_ip
forkubernetes_service
should support valueNone
(#1291)- Remove
self_link
from metadata (#1294) - Add missing labels to fix "
kubernetes.io/metadata.name
always in plan" (#1293)
BUG FIXES:
- Add missing annotations (#1289)
IMPROVEMENTS:
- Datasource:
kubernetes_secret
: addbinary_data
attribute (#1285) - Add validations to
validating_webhook_configuration
(#1279) - Add validations to
mutating_webhook_configuration
(#1278) - Add validations to
storage_class
(#1276) - Add validations to container PodSpec (#1275)
- Add validations to
service
(#1273) - Update EKS example to use two applies (#1260)
- Resource
kubernetes_deployment
: allow changing strategy fromrolling
torecreate
(#1255) - Filter well known labels and annotations (#1253)
- Resource
kubernetes_resource_quota
: suppress diff for no-op changes (#1251) - Resource
kubernetes_deployment
: allow removing volume mount (#1246)
IMPROVEMENTS:
- Match specific tolerations to prevent diffs (#978)
- Update all go modules (#1240)
- Docs: fix broken links (#1041)
- Docs: fix typo in getting started guide (#1262)
BUG FIXES:
- Fix
kubernetes_cron_job
ForceNew when modifyingjob_template
(#1212) - Fix error returned by Create CSR (#1206)
- Fix
kubernetes_pod_disruption_budget
:100%
now is a valid value (#1107) - Fix perpetual diff in persistent volume claimRef (#1227)
IMPROVEMENTS:
- Add
binary_data
field tokubernetes_secret
(#1228) - Add support for setting the persistent volume claimRef (#1020)
- Add
secret_namespace
tovolume_source
azure_file
(#1204) - Docs: fix grammar in Network Policy (#1210)
- Docs:
kubernetes_cron_job
add link to Kubernetes reference (#1200)
BUG FIXES:
- Fix resource_field_ref schema for projected_volume (#1189)
- Add diff suppression to persistent_volume and persistent_volume_claim (#1145)
- Remove error for missing kubeconfig, to allow generating it at apply time (#1142)
IMPROVEMENTS:
- Support topologySpreadConstraint in pod spec schema (#1022)
- Wait for kubernetes_ingress to be deleted (#1143)
- Improve docs for configuring the provider (#1132)
- Update docs to reflect Kubernetes service status attribute (#1148)
BUG FIXES:
- Read operation should set resource id to null if not found (#1136)
IMPROVEMENTS:
- Add service timeouts docs (#963)
BUG FIXES:
- Resources state migration should migrate empty array (#1124)
IMPROVEMENTS:
- Update docs to reflect new schema for
load_balancer_ingress
(#1123)
BREAKING CHANGES:
- Replace support for
KUBECONFIG
environment variable withKUBE_CONFIG_PATH
(#1052) - Remove
load_config_file
attribute from provider block (#1052) - Remove default of
~/.kube/config
forconfig_path
(#1052) - Update Terraform SDK to v2 (#1027)
- Restructure service and ingress to match K8s API (#1071)
- Normalize
automount_service_account_token
to be in line with the K8s API (#1054) - Normalize
enable_service_links
to be in line with the K8s API (#1074) - Normalize wait defaults across Deployment, DaemonSet, StatefulSet, Service, Ingress, and Job (#1053)
- Change resources requests and limits to TypeMap (#1065)
FEATURES:
- Add timeout argument to kubernetes_stateful_set (#1047)
- Add divisor to resource_field_ref (#1063)
- Add ingressClassName as field in Ingress manifest (#1057)
BUG FIXES:
- Fix typo in Job error message (#1048)
- Fix assertion in TestAccKubernetesPersistentVolume_hostPath_nodeAffinty (#1067)
- Fix service load balancer crash (#1070)
- Fix
cronJob.ttl_seconds_after_finished
causing requests to fail even without value specified (#929) - Fix perpetual diff when using Pod resource with
automount_service_account_token=true
(#1085) - Fix perpetual diff in StatefulSet when
update_strategy
is not specified (#1088) - Fix delete/recreate when updating
init_containers
(#951) - Fix delete/recreate of Jobs when updating mutable fields (#1074)
IMPROVEMENTS:
- Add upgrade test for daemonset (#1064)
- Add
kube_config_paths
to provider block (#1052)
FEATURES:
- Add support for readiness_gate on Pod spec (#811)
- Add Azure Managed disk to PV resource (#202)
- Add support for enable_service_links to the pod specification (#975)
BUG FIXES:
- Fix annotation diffs on affinity tests (#993)
- Fix api_group requirement in cluster_role_binding and role_binding (#1024)
- Fix service test leaking ELBs (#947)
- Fix annotation diffs on affinity tests (#993)
- Fix job documentation
- Fix build on macOS (#1045) and windows/386
IMPROVEMENTS:
- Update Go dependencies (#968)
- Update acceptance tests for tfproviderlint (#887)
- Refactor Typhoon test configuration to allow selection of Kubernetes version (#992)
- Update Pull Request Lifecycle docs (#1032)
- CI checks for docs website (registry migration) (#953)
BUG FIXES:
- Fix spurious forced replacement in empty_dir volume (#985)
- Fix reported replica count when waiting for Deployment rollout (#998)
- health_check_port_node should force replacement (#986)
- Don't force replacement StatefulSet / Deployment when affinity rule selectors change (#755)
IMPROVEMENTS:
- Wait for
kubernetes_service
to be deleted - Updates to CONTRIBUTING.md and PULL_REQUESTS.md
BUG FIXES:
- Fix crash when size_limit is not present on empty_dir volume (#983)
FEATURES:
- Add resource
CertificateSigningRequest
(#922) - Add resource
default_service_account
(#876)
IMPROVEMENTS:
- Allow in-place update of PVC's storage request (#957)
- Add sysctl support to pod spec (#938)
- Add ability to wait for deployment to delete (#937)
- Add support for
aggregation_rule
tocluster_role
resource (#911) - Add
health_check_node_port
to Service resource (#908) - Add support for
size_limit
forempty_dir
block (#912) - Add support for volume mode (#939)
- Add projected volumes in pod_spec (#907)
- Add termination_message_policy to container schema (#847)
BUG FIXES:
- Recreate Storage Class on VolumeBindingMode update (#757)
- Fix url attribute in admissionregistration client_config.service block (#959)
- Fix crash when deferencing nil pointer in v1beta1.IngressRule (#967)
BUG FIXES:
- Fix crash in
resource_kubernetes_pod_security_policy
attributehost_ports
(#931)
IMPROVEMENTS:
- Add
wait_for_rollout
tokubernetes_deployment
resource (#863) - Add
wait_for_rollout
tokubernetes_stateful_set
resource (#605)
IMPROVEMENTS:
- Add resource for CSIDriver (#825)
- Add resource for Pod Security Policies (#861)
- Add data source for Pod and PVC (#786)
- Add support for CSI volume type in persistent_volume resource (#817)
- Add Kubernetes Job
wait_for_completion
functionality (#625) - Support
optional
flag for ConfigMap mounted as volume (#823) - Add specific error message when failing to load provider config (#780)
- Support
optional
on env valueFrom for secret key/configmap key (#824) - Skip tests for CSIDriver if cluster version is less than 1.16
- Allow
ttl_seconds_after_finished = 0
inkubernetes_job
resource (#849) - Set service block to
optional
for webhook configurations (#902)
IMPROVEMENTS:
- Add data source for ingress (#514)
- Add data sources for namespaces (#613)
IMPROVEMENTS:
- Add data source for config map (#76)
- Add data source for service account (#523)
- Add resource for ValidatingWebHookConfiguration and MutatingWebhookConfiguration (#791)
BUG FIXES:
- Update Go module versions to work with Go 1.13
IMPROVEMENTS:
- Bump provider SDK to v1.7.0
BUG FIXES:
- Defer client initialization to improve resilience (#759)
IMPROVEMENTS:
- Add
mount_options
attribute tokubernetes_persistent_volume
andkubernetes_storage_class
- Refactor client config initialization and fix in-cluster config (#679) (#497)
BUG FIXES:
- Do not force base64 encoding for the
ca_bundle
onkubernetes_api_service
(#679) - Allow 3s age gap between
service account
andsecret
(issue) - Add
load_config_file = false
to documented provider configurations - Add support for
startup_probe
on container spec - Fix (cluster-)role bindings and rules updates (#713)
- Fix namespacing issues on kubernetes_priority_class (#680) See comment on backward compatibility
- Documentation fixes
FEATURES:
- New resource:
kubernetes_pod_disruption_budget
(#644 / PR #338) - New resource:
kubernetes_priority_class
(PR #495)
IMPROVEMENTS:
- Add
mount_propagation
attribute to container volume mount - Add support for
.spec.service.port
tokubernetes_api_service
(#665) - Update
k8s.io/client-go
to v12 - Set option to cascade delete job resources (#534 / PR #635)
- Support in-cluster configuration with service accounts (PR #497)
- Parametrize all existing timeout values (PR #607)
- Enable HTTP requests/responses tracing in debug mode (PR #630)
BUG FIXES:
- Do not set default namespace for replication controller and deployment pod templates (#275)
- Updated host_alias property name to host_aliases (PR #670)
- Docs - updated all broken and commit-specific Kubernetes links to point to master branch (PR #626)
- Allow 0 for
backoff_limit
onkubernetes_job
(PR #632)
FEATURES:
- New resource:
kubernetes_api_service
(PR #487)
IMPROVEMENTS:
- Add
type
attribute to volume hostPath (#358) - Configurable delete timeout for
kubernetes_namespace
resource
BUG FIXES:
- Allow all values for deployment rolling update config (PR #587)
- Align validation of
role_binding
andcluster_role_binding
names to Kubernetes rules (PR #583)
FEATURES:
- Add support for tolerations to Pod and Pod template (PR #448).
IMPROVEMENTS:
- Update getting started guide to Terraform 0.12 syntax (PR #544).
BUG FIXES:
- Align validation rules for names of Role and ClusterRole to Kubernetes (PR #551).
- Allow non-negative replicas in kubernetes_stateful_set (PR #527).
- Fix 'working_dir' attribute on Pod containers (PR #539).
FEATURES:
- New resources:
kubernetes_job
andkubernetes_cron_job
IMPROVEMENTS:
- Add
automount_service_account_token
attribute to the Pod spec (PR #261) - Add
share_process_namespace
attribute to the Pod spec (PR #516) - Update Terraform SDK to v0.12.3
- Enable Renovate to keep package dependencies up to date.
BUG FIXES:
- Fix waiting for Deployments to finish (PR #502)
- Adapt examples to Terraform 0.12 syntax
- Documentation updates and fixes
FEATURES:
- Add support of client-go credential plugins in auth (#396)
- Add kubernetes_ingress resource (closes #14) (#417)
IMPROVEMENTS:
- Add
affinity
(Pod affinity rules) attribute to Pod and PodTemplate spec - Add support for
binary_data
to kubernetes_config_map (#400) - Add
run_as_group
to container security context attribute (#414) - Add
local
attributepersistent_volume_source
docs - Add
external_traffic_policy
tokubernetes_service
- Allow
max_unavailable
andmax_surge
to be 0 onkubernetes_deployment
BUG FIXES:
- Fix docs typo:
kubernetes_service
takestarget_port
nottargetPort
(#409) - Fix links to timeouts documentation for terraform 0.12+ (#406)
- Link Endpoints resource into sidebar (#431)
- Add doc examples for container health probes.
- Don’t prevent use of kubernetes.io annotation keys
BUG FIXES:
- Fix to release metadata to register the provider as compatible with Terraform 0.12.
IMPROVEMENTS:
- Updated the Terraform SDK to support the upcoming Terraform version 0.12.
UPGRADE NOTES:
- On volume source blocks, the
mode
anddefault_mode
attributes are now of type string and will produce a diff on the first run with state coming from Terraform 0.11.x and lower. Also,default_mode
now defaults to 0644 when not set, in accordance with Kubernetes API docs. This will also produce a diff when applied against state from Terraform 0.11.x and lower (where it was implicitly 0). Subsequent applies should behave as expected.
FEATURES:
- New resource:
kubernetes_endpoints
(#167)
IMPROVEMENTS:
- Add support for importing
kubernetes_service_account
resources. - Add validation for
strategy
attribute onkubernetes_daemonset
andkubernetes_deployment
- Add
allow_volume_expansion
attribute tokubernetes_storage_class
resource. - Add
host_aliases
attribute to Pod spec and Pod templates. - Add support for
dns_config
attribute on Pods and Pod templates. - Mark
node_affinity
attribute on PV as Computed to support server populated values. - Wait for PVs to finish deleting.
- Documentation now mentions acceptance of beta Kubernetes resources.
BUG FIXES:
- Fix detection of default token secret (#349)
- Fix unexpected diffs on
kubernetes_network_policy
whennamespace_selector
is empty (#310) - Fix crashes on empty node_affinity / node_selector_term / match_expressions (#394)
- Make entire Pod template updatable (#384)
BUG FIXES:
- Fix
api_group
attribute attribute of RBAC subjects. (#331)
FEATURES:
- New resources: DaemonSet and ClusterRole (#229)
IMPROVEMENTS:
- Add test infrastructure for AKS and EKS (#291)
- Add
publish_not_ready_addresses
tokubernetes_service
(#306) - Populate
default_secret
for Service Account when multiple secrets are present (#281)
BUG FIXES:
- Declare
env
argument type correctly in Pod config (#304) - Fix service datasource after #306 broke it (#313)
- Fix docs correcting
automount_service_account_token
location for Service Acount (#278) - Fix docs typo (#279)
FEATURES:
- New Resource:
kubernetes_network_policy
(#118) - New Resource:
kubernetes_role
- New Resource:
kubernetes_role_binding
- New Datasource:
kubernetes_secret datasource
(#241)
IMPROVEMENTS:
resource/kubernetes_deployment
,resource/kubernetes_pod
,resource/kubernetes_replication_controller
,resource/kubernetes_stateful_set
: Addallow_privilege_escalation
to container security contexts attributes (#249)- Add pod metadata to replication controller spec template (#193)
- Add support for
volume_binding_mode
attribute inkubernetes_storage_class
- Add
node_affinity
attribute to persistent volumes. - Add support for
local
type persistent volumes. - Upgrade to Go 1.11 + Go modules
BUG FIXES:
resource/kubernetes_stateful_set
: Fix updates of stateful set images (#252)
FEATURES:
- New Resource:
kubernetes_stateful_set
(#100)
IMPROVEMENTS:
resource/kubernetes_storage_class
: Add ReclaimPolicy attributeresource/kubernetes_service_account
: Allow automount service account token
BUG FIXES:
- Fix waiting for Deployment rollout status (#210)
FEATURES:
IMPROVEMENTS:
- Update Kubernetes client library to 1.10 (#162)
- Add support for
env_from
on container definitions (#82)
IMPROVEMENTS:
- resource/kubernetes_pod: Add timeout to pod resource create and delete (#151)
- resource/kubernetes_pod: Add support for init containers (#156)
BUG FIXES:
- name label: All name labels will now allow DNS1123 subdomain format ex:
my.label123
(#152) - resource/kubernetes_service: Switch targetPort to string (#154)
- data/kubernetes_service: Switch targetPort to string (#159)
- resource/kubernetes_pod: env var value change forces new pod (#155)
- Fix example in docs for an image pull secret (#165)
NOTES:
- provider: Client library updated to support Kubernetes
1.7
IMPROVEMENTS:
- resource/kubernetes_persistent_volume_claim: Improve event log polling for warnings (#125)
- resource/kubernetes_persistent_volume: Add support for
storage_class_name
(#111)
BUG FIXES:
- resource/kubernetes_secret: Prevent binary data corruption (#103)
- resource/kubernetes_persistent_volume: Update
persistent_volume_reclaim_policy
correctly (#111) - resource/kubernetes_service: Update external_ips correctly on K8S 1.8+ (#127)
- resource/kubernetes_*: Fix adding labels/annotations to resources when those were empty (#116)
- resource/kubernetes_*: Treat non-string label values as invalid (#135)
- resource/kubernetes_config_map: Fix adding
data
when it was empty (#116) - resource/kubernetes_secret: Fix adding
data
when it was empty (#116) - resource/kubernetes_limit_range: Avoid spurious diff when spec is empty (#132)
- resource/kubernetes_persistent_volume: Use correct operation when updating
persistent_volume_source
(1.8
) (#133) - resource/kubernetes_persistent_volume: Mark persistent_volume_source as ForceNew on
1.9+
(#139) - resource/kubernetes_pod: Bump deletion timeout to 5 mins (#136)
BUG FIXES:
- resource/pod: Avoid crash in reading
spec.container.security_context
capability
(#53) - resource/replication_controller: Avoid crash in reading
template.container.security_context
capability
(#53) - resource/service: Make spec.port.target_port optional (#69)
- resource/pod: Fix
mode
conversion inconfig_map
volume items (#83) - resource/replication_controller: Fix
mode
conversion inconfig_map
volume items (#83)
IMPROVEMENTS:
- resource/kubernetes_pod: Add support for
default_mode
,items
andoptional
in Secret Volume (#44) - resource/kubernetes_replication_controller: Add support for
default_mode
,items
andoptional
in Secret Volume (#44)
BUG FIXES:
- resource/kubernetes_pod: Respect previously ignored
node_selectors
field (#42) - resource/kubernetes_pod: Represent update-ability of spec correctly (#49)
- resource/kubernetes_replication_controller: Respect previously ignored
node_selectors
field (#42) - all namespaced resources: Avoid crash when importing invalid ID (#46)
- meta: Treat internal k8s annotations as invalid #50
FEATURES:
- New Resource:
kubernetes_storage_class
(#22) - New Data Source:
kubernetes_service
(#23) - New Data Source:
kubernetes_storage_class
(#33)
IMPROVEMENTS:
- provider: Add support of token in auth (#35)
- provider: Add switch to disable loading file config (
load_config_file
) (#36)
BUG FIXES:
- resource/kubernetes_service: Make port field optional (#27)
- all resources: Escape '/' in JSON Patch path correctly (#40)
FEATURES:
IMPROVEMENTS:
- resource/kubernetes_service: Wait for LoadBalancer ingress (#12)
- resource/persistent_volume_claim: Expose last warnings from the eventlog (#16)
- resource/pod: Expose last warnings from the eventlog (#16)
- resource/service: Expose last warnings from the eventlog (#16)
BUG FIXES:
- Register auth plugins (gcp, oidc) automatically (#6)
- resource/pod: Fix a crash caused by wrong field name (config map volume source) (#19)
- resource/pod: Add validation for
default_mode
(mode bits) (#19)
FEATURES:
- New Resource:
kubernetes_pod
[#13571](hashicorp/terraform#13571)