From c115cfa38150d1fa560332709a884897d7beb917 Mon Sep 17 00:00:00 2001 From: Joe Julian Date: Tue, 20 Apr 2021 16:59:31 -0700 Subject: [PATCH] v4.0.0-rc.2 release notes --- ADDONS.md | 14 ++--- RELEASE_NOTES.md | 129 +++++++++++++++++++---------------------------- 2 files changed, 59 insertions(+), 84 deletions(-) diff --git a/ADDONS.md b/ADDONS.md index 05e8bdf7..1cdb2c7e 100644 --- a/ADDONS.md +++ b/ADDONS.md @@ -11,16 +11,16 @@ | |external-dns|0.7.0-4|0.7.0|ClusterAddon| | |gcpdisk-csi-driver|0.7.1-2|0.7.1|ClusterAddon| | |gcpdiskprovisioner|1.0.0-2|1.0|ClusterAddon| -| |istio|1.8.2-2|1.8.2|ClusterAddon| -| |jaeger|2.18.3-6|1.21.0|ClusterAddon| -| |kiali|v1.29.1-1|1.29.0|ClusterAddon| +| |istio|1.9.1-1|1.9.1|ClusterAddon| +| |jaeger|2.18.3-7|1.21.0|ClusterAddon| +| |kiali|v1.29.1-2|1.29.0|ClusterAddon| | |localvolumeprovisioner|1.0.0-1|1.0|ClusterAddon| | |metallb|0.9.3-5|0.9.3|ClusterAddon| | |traefik|1.7.24-25|1.7.24|ClusterAddon| | |velero|1.5.2-2|null|ClusterAddon| | |vsphere-csi-driver|1.2.1-1|2.0.1|ClusterAddon| |kubeaddons|dex|2.27.0-2|2.27.0|Addon| -|kubeaddons|dex-k8s-authenticator|1.2.2-5|v1.2.2|Addon| +|kubeaddons|dex-k8s-authenticator|1.2.2-6|v1.2.2|Addon| |kubeaddons|elasticsearch|7.10.1-1|7.10.1|Addon| |kubeaddons|elasticsearch-curator|5.8.1-4|5.8.1|Addon| |kubeaddons|elasticsearchexporter|1.1.0-5|1.1.0|Addon| @@ -30,9 +30,9 @@ |kubeaddons|konvoyconfig|0.0.4-4|0.0.4|Addon| |kubeaddons|kube-oidc-proxy|0.2.0-2|v0.2.0|Addon| |kubeaddons|nvidia|0.2.0-8|0.2.0|ClusterAddon| -|kubeaddons|opsportal|1.5.0-12|1.5.0|Addon| -|kubeaddons|prometheus|0.44.0-8|2.22.1|Addon| +|kubeaddons|opsportal|1.5.0-15|1.5.0|Addon| +|kubeaddons|prometheus|0.44.0-9|2.22.1|Addon| |kubeaddons|prometheusadapter|v0.8.3-2|v0.8.3|Addon| |kubeaddons|reloader|v0.0.85-1|v0.0.85|Addon| -|kubeaddons|traefik-forward-auth|1.0.5-1|null|Addon| +|kubeaddons|traefik-forward-auth|2.0.0-1|null|Addon| |kubeaddons-flagger|flagger|0.19.0-4|0.19.0|ClusterAddon| diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index b96075ab..3b8cbdb0 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,6 +1,6 @@ # Release Notes -## v4.0.0-rc.1 +## v4.0.0-rc.2 ### ambassador - bump ambassador-6.6.0 @@ -9,69 +9,62 @@ - bump ambasador to 1.12 #969 (@d2iq-dispatch) -### gatekeeper - - NONE, since these changes aren't user facing yet. - #995 (@d2iq-dispatch) +### dashboard + - Starting from version 4.0.0 of this chart, it will only support Helm 3 and remove the support for Helm 2 + #1058 (@mesosphere-mergebot) -### opsportal - - Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved - - Updated UI to only ship with needed dependencies - #976 (@d2iq-dispatch) - - - Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved - - Updated UI to only ship with needed dependencies - #964 (@d2iq-dispatch) - - - Fixes bug in OpsPortal where Identity Providers would not show up (COPS-6843) - #953 (@d2iq-dispatch) - - - fix(kommander-ui): disable addons on foundation disabled - - feat(kommander-ui): add license delete mutation - - feat(kommander-ui): replace license table with single license detail view - - feat(kommander-ui): allow workspace namespace to be configurable - #930 (@d2iq-dispatch) - -### prometheus - - fix(prometheus): In upgrades, use existing PVC from previous installation. - #1015 (@gracedo) +### dex-k8s-authenticator + - security: use a service account rather than adding extra permissions to the default namespace account + #1040 (@mesosphere-mergebot) - - prometheus(fix): Re-enable etcd prometheus rules - #938 (@gracedo) - -### reloader - - When upgrading from a release that used helm 2 to install, reloader cannot be cleanly upgraded due to selector changes. This adds a flag that causes reloader to be uninstalled before being upgraded. This should have no effect on running applications. - #956 (@armandgrillet) - -### defaultstorageclass-protection - - Fix CVE-2019-14697. - #877 (@faiq) - - - update client-go to 0.19.2 to support k8s 1.16-1.21 - - use the distroless image and run as nonroot user to address image CVEs - #863 (@d2iq-dispatch) - -### dex - - Bump kube-rbac-proxy to tackle vulnerabilities from CVE-14697 - - fix: ignore metrics auth https://github.com/mesosphere/dex-controller/compare/v0.6.5...v0.6.6#diff-5437c8653258a2e2a070c91d87e2f7581d12f6c7f103b0d8c324a37307287b65R30 - - chore: bump kube-rbac-proxy version https://github.com/mesosphere/dex-controller/compare/v0.6.5...v0.6.6#diff-4d1856f3f2123c349e94607208c95a821f2485405db0b97ce41e87336a0ea3a7R21 - #869 (@d2iq-dispatch) +### fluentbit + - Update to the latest minor version just to keep up with upstream. The bugfixes listed should have no effect on our default configurations. + - https://fluentbit.io/announcements/v1.6.9/ + - https://fluentbit.io/announcements/v1.6.10/ + - https://fluentbit.io/announcements/v1.7.0/ + - https://fluentbit.io/announcements/v1.7.1/ + - https://fluentbit.io/announcements/v1.7.2/ + - https://fluentbit.io/announcements/v1.7.3/ + #1053 (@mesosphere-mergebot) ### gatekeeper - - Gatekeeper upgraded to 3.3.0 - #928 (@alejandroEsc) + - NONE, since these changes aren't user facing yet. + #995 (@d2iq-dispatch) + +### istio + - istio version upgraded to 1.9.1 + #1021 (@mesosphere-mergebot) ### jaeger - - bump jaeger-operator-2.19.0 - #867 (@d2iq-dispatch) + - kiali and jaeger are now deployable with the "none" provisioner, i.e. in on-premise environments. + #1022 (@mesosphere-mergebot) ### kiali - - bump kiali-operator-1.29.1 - #892 (@d2iq-dispatch) - - - kiali: configure to use the same version for `kiali/kialii` that matches the operator. - #887 (@dkoshkin) + - kiali and jaeger are now deployable with the "none" provisioner, i.e. in on-premise environments. + #1022 (@mesosphere-mergebot) ### opsportal + - fix: update UI dependencies to mitigate CVE-2021-23337 + #1075 (@mesosphere-mergebot) + + - fix: updating GitOps Source in Kommander. + - fest: Show certification badges in Kommander project catalog. + - feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander. + - feat: give list of loadbalncers when attaching a firewalled cluster in Kommander. + #1072 (@mesosphere-mergebot) + + - fix: updating GitOps Source in Kommander. + - fest: Show certification badges in Kommander project catalog. + - feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander. + - feat: give list of loadbalncers when attaching a firewalled cluster in Kommander. + #1068 (@mesosphere-mergebot) + + - fix: updating GitOps Source in Kommander. + - fest: Show certification badges in Kommander project catalog. + - feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander. + - feat: give list of loadbalncers when attaching a firewalled cluster in Kommander. + #1055 (@d2iq-dispatch) + - Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved - Updated UI to only ship with needed dependencies #976 (@d2iq-dispatch) @@ -80,31 +73,13 @@ - Updated UI to only ship with needed dependencies #964 (@d2iq-dispatch) - - fix(kommander-ui): disable addons on foundation disabled - - feat(kommander-ui): add license delete mutation - - feat(kommander-ui): replace license table with single license detail view - - feat(kommander-ui): allow workspace namespace to be configurable - #930 (@d2iq-dispatch) - - - fix(kommander): Fix empty non-Konvoy cluster Platform Services tab - #902 (@d2iq-dispatch) - ### prometheus - - prometheus(fix): Re-enable etcd prometheus rules - #938 (@gracedo) - -### prometheusadapter - - prometheusadapter: fix an error were resources in reported by the Kubernetes dashboard and `kubectl top` reported double of the actual resources. - #884 (@dkoshkin) - -### reloader - - When upgrading from a release that used helm 2 to install, reloader cannot be cleanly upgraded due to selector changes. This adds a flag that causes reloader to be uninstalled before being upgraded. This should have no effect on running applications. - #956 (@armandgrillet) - - - Bump from v0.0.79 to v0.0.80 - - Add custom annotation support in service account - #893 (@d2iq-dispatch) + - prometheus: Added new Thanos sidecar metrics + - prometheus: Significantly improved Thanos sidecar latency (reduced ~2x) + #1018 (@mesosphere-mergebot) + - fix(prometheus): In upgrades, use existing PVC from previous installation. + #1015 (@gracedo) ## stable-1.18-3.0.0