Skip to content

v0.6.0-alpha.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@sttts sttts released this 14 Jul 20:07
· 2921 commits to main since this release
v0.6.0-alpha.0
8793732
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Milestone Blocker Epics

  • #1225 Multi-Release-Epic: Sharding
  • #1219 API Export Permissions on Binding
  • #1149 ClusterWorkspaceType Take 2
  • #1069 User home workspaces
  • #981 Multi-workspace controller development
  • #912 Consume Compute via Transparent Multi Cluster set up in a different workspace

What's Changed

  • virtual: Avoid error logs for /readz requests by @davidfestal in #1185
  • Add authorizers in virtual workspaces by @davidfestal in #1186
  • kubectl/crd snapshot: support multidoc by @ncdc in #1182
  • adds crdNoOverlappingGVRAdmission admission by @p0lyn0mial in #1170
  • pkg/authorization/apibinding_authorizer: don't ignore indexer errors. by @s-urbaniak in #1197
  • Unify workloads.kcp.dev => workload.kcp.dev by @sttts in #1200
  • Syncer/mutators: Resolve fieldRef "metadata.namespace" Envs before pushing to pcluster by @jmprusi in #1199
  • Add technical docs of locations and state machine by @sttts in #1174
  • Implement the Syncer virtual workspace authorizer by @davidfestal in #1176
  • makefile: manage boilerplate verification locally by @stevekuznetsov in #1173
  • Change gitops folder commit hash update is applied to by @kylape in #1204
  • Change gitops folder commit hash update is applied to (take 2) by @kylape in #1205
  • adding authorizer for the api export virtual workspace by @shawn-hurley in #1177
  • CONTRIBUTING.md: add Go Proverbs by @sttts in #1208
  • Replace --use with --enter by @MikeSpreitzer in #1212
  • APIExport virtual workspace: add core/v1 by @ncdc in #1220
  • e2e: extract APIExport/APIBinding helpers by @ncdc in #1218
  • contrib: rename demo to demos-unmaintained by @sttts in #1215
  • Added ppc64le support to KCP image by @mayurwaghmode in #1216
  • Add E2E tests for cordon/uncordon/drain CLI by @chrisahl in #1098
  • Add virtual workspace readiness checks to the KCP server in the embedded case by @davidfestal in #1226
  • build(deps): bump docker/setup-qemu-action from 1 to 2 by @dependabot in #1229
  • e2e/apibinding: require.Eventually for discovery by @sttts in #1231
  • e2e/virtual/initializers: fix flake in TestInitializingWorkspacesVirtualWorkspaceDiscovery by @sttts in #1232
  • clusterworkspacetype: stop special-casing Universal by @stevekuznetsov in #1237
  • Enable syncer finalizers (k8s & virtual) by default. by @jmprusi in #1228
  • APIBinding reconciler checks for overlapping CRDs in a logical cluster by @p0lyn0mial in #1217
  • Fix Ingress cluster assignment based on namespace placement by @astefanutti in #1241
  • CONTRIBUTING.md: document nested require statements by @sttts in #1251
  • e2e/virtual/syncer: fixing race with resource controller in TestSyncerVirtualWorkspace by @sttts in #1247
  • ci: turn off GitHub CI for jobs we run in Prow by @stevekuznetsov in #1207
  • pkg/etcd,server: add --embedded-etcd-force-new-cluster by @s-urbaniak in #1250
  • ci: delete demos.yaml by @ncdc in #1252
  • Added ppc64le and arm64 support to the Syncer image by @mayurwaghmode in #1235
  • tenancy: qualify cluster workspace types by @stevekuznetsov in #1230
  • Update video on readme to v0.4 by @robszumski in #1260
  • ClusterWorkspace+Types: allow name "org" by @sttts in #1263
  • pkg/authorization: don't check for cluster workspace lister. by @s-urbaniak in #1265
  • apibinding: make reference.workspace.path optional and defaulted by @sttts in #1262
  • clusterworkspaces: make initializers implicit by @stevekuznetsov in #1264
  • kubectl kcp ws: fix type printing by @stevekuznetsov in #1268
  • reconciler/workload/resource: use RF3339 timestamp format by @jmprusi in #1269
  • Placement API by @qiujian16 in #1258
  • README.md: add hypercube logo and sources by @sttts in #1210
  • clusterworkspacetype: expose virtual workspace URLs by @stevekuznetsov in #1270
  • initializingworkspaces: enforce permissions by @stevekuznetsov in #1267
  • virtual: Remove unsupported verbs from virtual API server discovery by @astefanutti in #1272
  • Remove logo icon file with invalid name by @astefanutti in #1276
  • virtual workspaces: skips registartion of default health checks by @p0lyn0mial in #1273
  • authorization: clarify/fix service accounts and workspace initialization by @s-urbaniak in #1261
  • Added prerequisites on the README by @ppatierno in #1284
  • cmd/test-server: pass flags to kcp by @sttts in #1286
  • fix typo: indexByWorks{ap->pa}ce by @sttts in #1290
  • reconciler/apiexport: don't klog.Fatal by @sttts in #1291
  • cli: fix ClusterWorkspace columns output by @sttts in #1296
  • cmd/kcp: non-zero return code on error by @sttts in #1287
  • server: centrally create and start ddsif by @sttts in #1295
  • Reduce log noise by @sttts in #1297
  • reconciler/placement: fix patch typo by @sttts in #1298
  • e2e: switch NewWorkspaceFixture to options by @sttts in #1289
  • Clean up unused e2e helpers by @sttts in #1300
  • admission/clusterworkspace: check errors in unit test by @sttts in #1302
  • pkg/reconciler/apis/apiexport: clarify patching strategy in case of programming errors by @s-urbaniak in #1304
  • Makefile: add test-e2e-shared by @sttts in #1310
  • tenancy: show Deleting in phase column during ClusterWorkspace deletion by @sttts in #1303
  • APIBinding/Workspace deletion improvement by @sttts in #1299
  • github/ci.yaml: use test-e2e-shared make target by @sttts in #1311
  • e2e/syncer: less noise with framework.Eventually by @sttts in #1317
  • reconciler/clusterworkspace: split into independent reconcilers by @sttts in #1288
  • admin.kubeconfig: remove cross-cluster context by @sttts in #1312
  • e2e/framework: wait some time until printing message in Eventually by @sttts in #1292
  • authorizer: unify workspace access reason by @sttts in #1314
  • admission: record the user creating a workspace by @stevekuznetsov in #1321
  • Fix partial meta request determination logic by @ncdc in #1322
  • ClusterWorkspaces: add optional spec.shard scheduling constraints by @sttts in #1318
  • admission/apibinding: fail closed when OpenAPI does not validate by @sttts in #1301
  • Update replace directive to last k/k commit by @davidfestal in #1306
  • server/apiextensions: use indexes and fixes by @sttts in #1294
  • front-proxy: add --authentication-{pass-on,drop}-groups by @sttts in #1305
  • virtualworkspace: add a proxy for workspace content by @stevekuznetsov in #1323
  • turn the watch cache on by @p0lyn0mial in #1240
  • pkg/virtual: externalize VW name and remove extra informers by @sttts in #1328
  • virtualworkspaces: propagate clarifying changes by @stevekuznetsov in #1329
  • virtualworkspaces: allow access to remove iniitalizers by @stevekuznetsov in #1330
  • pkg/admission: add reserved metadata admission plugin by @s-urbaniak in #1343
  • e2e/syncer: switch to multi-arch image by @sttts in #1347
  • Use logicalcluster.ClusterHeader constant for X-Kubernetes-Cluster by @sttts in #1348
  • Do not stomp other APIExports in a workspace with NegotatedAPIResources by @sttts in #1346
  • reconciler/workload/namespace: stop hotloop by @sttts in #1345
  • Fix hotloop in placement due to bad patch by @ncdc in #1352
  • e2e: print artifact paths by @sttts in #1356
  • reconciler/apibinding: clean up logs by @sttts in #1358
  • e2e: cope with asynchronously served (bound) CRDs by @sttts in #1357
  • virtual: clean up post-start errors and var names by @sttts in #1360
  • Add shard proxying and add (1-shard) sharded CI job with front-proxy by @sttts in #1203
  • e2e/syncer: make the test app sleep, not restart with AlreadyExists by @sttts in #1355
  • e2e: reduce redundant syncer test logs by @sttts in #1342
  • CONTRIBUTING.md: document testing by @sttts in #1363
  • e2e/framework: doc Eventually by @sttts in #1362
  • turn off the watch cache temporarily until we resolve the issue with DDSIF (not syncing after restart) by @p0lyn0mial in #1368
  • reconciler/apibinding: V(2) mapping schemas by @sttts in #1359
  • pkg/admission/reservedmetadata: optimize allocations by @s-urbaniak in #1367
  • kcp CLI: error out for an non existent workspace while changing ws by @sm43 in #1278
  • server/apiextensions: stop serving non-wildcard identity requests by @sttts in #1365
  • server: only make default paths absolute, not user-provided ones by @sttts in #1349
  • cmd/kcp-front-proxy/authentication/groups.go: fix groups filtering by @s-urbaniak in #1371
  • Makefile: be tolerant if local directory is not a git checkout by @s-urbaniak in #1379
  • Makefile: wait for test server admin.kubeconfig before starting tests by @sttts in #1381
  • informer: do not klog.Fatalf by @sttts in #1383
  • admission: only reserve our exact groups by @stevekuznetsov in #1386
  • Use authorization.WorkspaceAcccessNotPermittedReason by @sttts in #1378
  • apibinding/conflictchecker: use APIBinding.status.boundResources, not APIExport by @sttts in #1382
  • VSCode: cleanup KCP launch configurations and use tokens by @davidfestal in #1390
  • virtual: generalize label selector wrapper and get rid of panic by @sttts in #1393
  • virtual: Support create, delete and deletecollection requests by @astefanutti in #1283
  • virtual/fixedgvs: import cleanup by @sttts in #1394
  • Revert "apibinding/conflictchecker: use APIBinding.status.boundResources, not APIExport" by @sttts in #1400
  • Update OWNERS to fix my name by @davidfestal in #1403
  • pkg/server/virtual.go: fix redirection of url request parameters by @s-urbaniak in #1401
  • kcp workspaces: improve wording for workspace creation by @stevekuznetsov in #1402
  • Workspaces VW: Fix obsolete permission management... by @davidfestal in #1374
  • Fix image build by @ncdc in #1407
  • authz: protect status subresource from non-system:masters by @sttts in #1396
  • System CRDs -> APIBindings by @sttts in #1316
  • Various dynamic discovery shared informer factory updates by @ncdc in #1372
  • Fix: Add version for kcp and syncer by @varshaprasad96 in #1409
  • workspaces VW: Fix CWT management by @davidfestal in #1414
  • cmd,pkg: use constant for system:master by @s-urbaniak in #1410
  • tenancy: add cluster workspace type extensions by @stevekuznetsov in #1375
  • Noticed typo on the log by @matzew in #1391
  • brings back the watch cache by @p0lyn0mial in #1377
  • Exit build process if Kubernetes version is missing by @doru1004 in #1418
  • e2e: stop spamming entire objects by @stevekuznetsov in #1424
  • config: generate APIResourceSchemas and APIExports robustly by @stevekuznetsov in #1422
  • e2e/virtual/apiexport: fix authz flake by @sttts in #1436
  • e2e/framework: fix root dir for in-process server by @sttts in #1437
  • syncer: avoid fatal WorkloadCluster get by @sttts in #1439
  • syncer/apiimporter: log what it does by @sttts in #1443
  • Hunting APIBinding flake by @sttts in #1438
  • config/universal: mark default ns create-only by @sttts in #1444
  • e2e/watchcache: fix missing identity logic by @sttts in #1442
  • Add kcp start options for embedded etcd server Prometheus scrape URLs by @MikeSpreitzer in #1435
  • placement controller by @qiujian16 in #1277
  • Bump kube: to pickup multi-value indexer fix #79 by @sttts in #1447
  • apis: add omitempty to optional fields by @stevekuznetsov in #1423
  • Add kcp start option --embedded-etcd-quota-backend-bytes by @MikeSpreitzer in #1430
  • README: update docs for starting by @stevekuznetsov in #1451
  • server: bootstrap root phase-1 after controllers are starting by @sttts in #1453
  • Add --version flag for kubectl-kcp plugin by @apoorvajagtap in #1432
  • reconciler/apibinding: flake: resources should only be bound when established by @sttts in #1440
  • Bootstrap new ClusterWorkspaceTypes for the Home workspaces feature. by @davidfestal in #1455
  • server/apiextensions: disable non-system-CRD non-identity wildcard requests by @sttts in #1395
  • tenancy: fully qualify type references by @stevekuznetsov in #1429
  • config/root: fix CWTs by @stevekuznetsov in #1464
  • Rename: WorkloadCluster->SyncTarget by @ncdc in #1461
  • Add e2e-sharded docs only job by @ncdc in #1466
  • Add flake hunting docs by @ncdc in #1463
  • docs: link to virtual workspaces demo by @markmc in #1460
  • Fix trailing new lines by @davidfestal in #1469
  • authorizer/apibinding: prefix users and groups in MaximalPermissionPolicy by @sttts in #1411
  • Add soft impersonation utils for client-go clients by @davidfestal in #1468
  • apis/apis/APIExport: fix typos in maximalPermissionPolicy by @sttts in #1470
  • Implement the Home workspaces http handler by @davidfestal in #1373
  • Impersonation in workspaces virtual workspace SubjectAccessReview requests by @davidfestal in #1456
  • CLI: Support home workspace through ~ by @davidfestal in #1392
  • Reworking namespaces by @jmprusi in #1309
  • e2e: add user-agents to hand-crafted rest configs by @stevekuznetsov in #1459
  • Add shard-base-url flag to default clusterworkspaceshards by @csams in #1478
  • cli/workload/sync: improve usability by @sttts in #1475
  • reconciler/apis/apibinding: make phase=Bound permanent by @sttts in #1420
  • Update placement doc by @qiujian16 in #1472
  • API: Rename and make ClusterResourceStateLabelPrefix public by @jmprusi in #1485
  • Testing wrapping of cluster client calls by @varshaprasad96 in #1376
  • Syncer: add support for qps and burst by @ncdc in #1486
  • adds a shard-name flag for assigning a name to a shard instance by @p0lyn0mial in #1479
  • *: remove the vestigial attempt at cross-shard resourceversions by @stevekuznetsov in #1487
  • config/root: avoid race of bootstrapping with controller by @sttts in #1491
  • admission/clusterworkspace: move owner annotation code here by @sttts in #1492
  • server/home: check owner on 'GET ~' and fix flake by @sttts in #1480
  • Wipe owner info as soon as possible by @sttts in #1494
  • sharded-test-server: allows for specifying the number of shards to create by @p0lyn0mial in #1484
  • apis/workload: move workload.kcp.dev/skip-default-object-creation here from apis.kcp.dev/v1alpha1 by @sttts in #1481
  • e2e: require two failed pings to fail the test by @stevekuznetsov in #1489
  • Adding permissions claims API for granting more resource for VirtualWorkspace by @shawn-hurley in #1244
  • Allows syncer feature gate annotation in reserved-metadata admission by @jmprusi in #1496
  • apibinding: name checker should take into account the group name by @p0lyn0mial in #1505
  • admission/clusteworkspacetypeexists: in-place validation, fixes by @sttts in #1503
  • Waiting for the binding to have observed the permission claims in test by @shawn-hurley in #1511
  • pkg/apis: fix go mod by @ncdc in #1513
  • use a more minimal k8s fork by @stevekuznetsov in #1498
  • Add stub livez handler in the proxy by @csams in #1508
  • admission/clusterworkspaceexists: use builder pattern in tests by @sttts in #1516
  • admission/clusteworkspacetypeexists: lower-case types, dashes, cli type search by @sttts in #1474
  • cli: deprecate list command by @sttts in #1519
  • test-servers: enable audit logs by @sttts in #1441
  • Fix a typo s/matchins/matching by @kasturinarra in #1525
  • Don't unschedule a resource if blocked by a cluster or syncer finalizer by @jmprusi in #1515
  • Remove non-existing scheduling-disabled label from ReservedMetadata allow list by @jmprusi in #1522
  • cli: switch meaning of 'kubectl ws' to go to home workspace, add 'kubectl ws .' by @sttts in #1521
  • cli: promote '--short' option to be usable also in 'kubectl ws --short' syntax by @sttts in #1520
  • cli/workload/sync: MaxSyncTargetNameLength decreased by SyncerIDPrefix length by @robinbobbitt in #1527
  • server/home: avoid returning an uninitialized ~ workspace by @sttts in #1523

New Contributors

Full Changelog: v0.5.0-alpha.0...v0.6.0-alpha.0

Contributors

ncdc, markmc, and 24 other contributors
Assets 2
Loading