Release v0.8.1-rc.1

Notable Changes

• Fixed bug in Secret Discovery Service (SDS) where the SDS secret corresponding to the root certificate used for client certificate validation was not being pushed to Envoy.
• Fixed bug in Secret Discovery Service (SDS) where the SDS secret corresponding to the workload certificates used during mTLS handshake was not being pushed to Envoy when the associated service and service account names are different for a given proxy instance.

CRD Updates

No CRD changes between tags v0.8.0-rc.2 and v0.8.1-rc.1

Changelog

• chore(release): update charts and tags for v0.8.1-rc.1 a9788f9 (Sanya Kochhar)
• fix(ci): fix missing paren 970d61e (Jon Huhn)
• feat(ci): push images for each push to release branches e4a9777 (Jon Huhn)
• envoy: correctly set downstream root cert names 78146e7 (Shashank Ram)
• envoy/ads: program upsteam's service cert when making all secrets 129f8b6 (Shashank Ram)
• Revert "envoy: wait indefinitely on TLS secrets" dae746c (Shashank Ram)
• chore(release): update versions for v0.8.0 2eee04a (Sanya Kochhar)
• fix(e2e): fix HTTP ingress e2e on non-kind 1ce8291 (Jon Huhn)
• charts/osm: remove osm-config ConfigMap validation for CREATE 37817b3 (Shashank Ram)

Release v0.8.0

Notable Changes

• OSM documentation site is now live at: https://docs.openservicemesh.io/
• osm mesh list command now displays controller pods and joined namespaces
• tracing.md added to document how to use Jaeger or BYO-tracing
• The route building mechanism for RDS has been updated
• New osm mesh upgrade command to update and modify installed control planes. See the upgrade guide for more details.
• New OpenServiceMesh.enableWASMStatsExperimental chart value which, when enabled, extends Envoy with WASM to generate extra statistics needed to implement SMI metrics. See the metrics documentation for more details.
• Go version >=1.15.7 now required
• New OpenServiceMesh.enablePrivilegedInitContainer chart value which, when enabled, allows init containers to run as privileged. This enables OSM to work on OpenShift. See the installation guide for more details.
• Envoy images version is updated to 1.17.1
• Issue with certificates not being rotated has been fixed
• Client pods no longer need to be associated with a service to initiate outbound requests to other services
• Ingress API version has been updated from extensions/v1beta1 to networking.k8s.io/v1beta1
• Support for applying RBAC policies per HTTP route using SMI policies
• Sidecar injection application has been split out from OSM controller

CRD Updates

charts/osm/crds/access.yaml
charts/osm/crds/experimental/backpressure.yaml
charts/osm/crds/specs.yaml
charts/osm/crds/split.yaml

Changelog

• chore(release): update versions for v0.8.0 2eee04a (Sanya Kochhar)
• fix(e2e): fix HTTP ingress e2e on non-kind 1ce8291 (Jon Huhn)
• charts/osm: remove osm-config ConfigMap validation for CREATE 37817b3 (Shashank Ram)
• chore(release): cut v0.8.0-rc.2 772a838 (Jon Huhn)
• docs(demo): clarify installing optional components 71368de (Jon Huhn)
• fix(demo): update relative link in manual demo 76d103c (Jon Huhn)
• fix(*): rm filterTrafficSplit logic as it is no longer needed a530984 (Michelle Noorali)
• fix(e2e): fix HTTP ingress test when OSM is installed outside osm-system 90095ea (Jon Huhn)
• Fix skip statement in upgrade e2e test b20a5ae (nshankar13)
• ref(docs): update manual demo for routes v2 84c9bc2 (Michelle Noorali)
• catalog/ingress: make tests comprehensive and correct check c7855ce (Shashank Ram)
• tests(pkg/cli): add test for RESTClientGetter() 1f4ccb1 (Jon Huhn)
• docs(install): Document how to install on OpenShift (#2784) 1a9633a (Kalya Subramanian)
• tests(e2e): add AppProtocol to SimpleDeploymentAppDef 64077c0 (Jon Huhn)
• fix(install): disable atomic by default 1072d90 (Jon Huhn)
• tests(pkg/cli): add test for EnvVars() 608e3f3 (Jon Huhn)
• test(pkg/service): Add tests for service package 7df043e (Sneha Chhabria)
• fix(pkg/catalog): resolve root service hostnames 76222d6 (Michelle Noorali)
• certificate/rotation: correctly rotate certs (#2789) 9fa4425 (Shashank Ram)
• test(pkg/kubernetes): Add test for GetAppProtocolFromPortName() a4a0746 (Sneha Chhabria)
• chore(pkg/kubetnetes) : Convert tests to use Go std testing library 6fe6550 (Sneha Chhabria)
• tests(pkg/configurator): add tracing tests c70c5bc (Jon Huhn)
• Template jaeger namespace value 6dadd62 (Sanya Kochhar)
• tests(pkg/cli): verify Namespace() error path 68c0bf5 (Jon Huhn)
• refactor kubectl patch to osm mesh upgrade + small fix for markdown format fix script format, make changes in comments bb799d4 (Shalier Xia)
• test(pkg/envoy/route) : Test clusterWeightByName.Less() 244c652 (Sneha Chhabria)
• envoy: wait indefinitely on TLS secrets 34d0046 (Shashank Ram)
• charts/osm: update envoy to 1.17.1 f1ab537 (Shashank Ram)
• envoy/sds: bump log level to info d0dcd66 (Shashank Ram)
• injector: restrict envoy admin access to localhost b956469 (Shashank Ram)
• cli/proxy: extend proxy cmd to other admin queries 2d13cfe (Shashank Ram)
• tests(pkg/kube): Add portforward tests d9b14da (Jon Huhn)
• feat(demo): Update automated demo to work on OpenShift 1032cf8 (Kalya Subramanian)
• envoy/lds: add unit test for outbound TCP filter 4facc0d (Shashank Ram)
• ref(docs): mv image to docs/content 080a1b1 (Michelle Noorali)
• tests/e2e: add test for secure gRPC origination addf6f1 (Shashank Ram)
• tests(metricsstore): Refactor to improve coverage b5efb54 (Jon Huhn)
• fix(cli): Add missing flags for upgrade 59f0c59 (Jon Huhn)
• ref(docs): update manual demo b9c4887 (Michelle Noorali)
• charts/crds: attribute orginal authors for SMI CRDs 74f978e (Shashank Ram)
• tests(pkg/envoy/lds): improve unit test coverage 1dab83f (Jon Huhn)
• logs(*): remove unnecessary fluent bit filters cdea8fd (Sanya Kochhar)
• fix(e2e): reduce CPU needed for upgrade test b8d533a (Jon Huhn)
• tests(e2e): disable upgrade test 2883465 (Jon Huhn)
• tests(fluentbit): differentiate names and contexts for fluentbit e2es b7ce924 (Sanya Kochhar)
• Update charts and tags for v0.8.0-rc.1 b03d995 (Sanya Kochhar)
• fix(e2e): Update upgrade test with new CRD versions 22f7925 (Jon Huhn)
• fix(e2e): wait for automatic vault installation fd4149d (Jon Huhn)
• tests/e2e: add more buckets and reorganize test bucketing 5d5ab54 (Shashank Ram)
• fix(cli): Handle new required values in upgrade 94b3ffa (Jon Huhn)
• Add output e2e test for fluentbit 7a7799f (Sanya Kochhar)
• pkg/*: deprecate older API to list traffic splits afd63c9 (Shashank Ram)
• e2e: Add pod restart checks and Fail tests if seen by default b4f2e14 (Eduard Serra)
• Typo correction 34a93ec (Bridget Kromhout)
• Correcting broken link 264cd22 (Bridget Kromhout)
• Fix race on webhook certificate creation fed7a91 (Eduard Serra)
• chore(*): Remove unused variables 286313e (Sneha Chhabria)
• chore(*): Remove duplicate imports e519cdb (Sneha Chhabria)
• chore(routesv2): Remove unused struct from package bc831b7 (Sneha Chhabria)
• Clarifications for links 8485d69 (Bridget Kromhout)
• Link fixes for github and website 4a65d1a (Bridget Kromhout)
• chore(routesv2): Remove unused code 6d28128 (Sneha Chhabria)
• tests(pkg/envoy/route): add unit tests for clusterWeightByName 82f09b0 (Michelle Noorali)
• ref(pkg/catalog): clean up some unused funcs 3148052 (Michelle Noorali)
• pkg/envoy: Remove announcement channel from Proxy{} 65bf586 (Delyan Raychev)
• envoy: Test Proxy{} methods 4761694 (Delyan Raychev)
• service: Simplify stringer method for K8sServiceAccount 8c8f777 (Delyan Raychev)
• Add generic SynchronizeCertificate helper API f93ea93 (Eduard Serra)
• README clarification f20d2a5 (Bridget Kromhout)
• Correct links 2706246 (Bridget Kromhout)
• Additional alias 432a024 (Bridget Kromhout)
• Adding alias to tracing page 61c7362 (Bridget Kromhout)
• Aliases needed for working links on github & web b7d15ec (Bridget Kromhout)
• sds: Adding more unit tests 4a584c6 (Delyan Raychev)
• sds: Remove unused proxyService struct field 1d3c76a (Delyan Raychev)
• sds: Remove unused services list from SDS struct 6b7d1aa (Delyan Raychev)
• tests/e2e: add test for multiple services matching same pod 10245ea (Shashank Ram)
• sds: Carve out new testCase struct type 33225d3...

Release v0.8.0-rc.2

Notable Changes

• osm mesh list command now displays controller pods and joined namespaces
• tracing.md added to document how to use Jaeger or BYO-tracing
• Updated the route building mechanism for RDS
• New osm mesh upgrade command to update and modify installed control planes. See the upgrade guide for more details.
• New OpenServiceMesh.enableWASMStatsExperimental chart value which, when enabled, extends Envoy with WASM to generate extra statistics needed to implement SMI metrics. See the metrics documentation for more details.
• Go version >=1.15.7 now required
• Init container is now optionally enabled

CRD Updates

charts/osm/crds/access.yaml
charts/osm/crds/specs.yaml
charts/osm/crds/split.yaml

Changelog

• chore(release): cut v0.8.0-rc.2 772a838 (Jon Huhn)
• docs(demo): clarify installing optional components 71368de (Jon Huhn)
• fix(demo): update relative link in manual demo 76d103c (Jon Huhn)
• fix(*): rm filterTrafficSplit logic as it is no longer needed a530984 (Michelle Noorali)
• fix(e2e): fix HTTP ingress test when OSM is installed outside osm-system 90095ea (Jon Huhn)
• Fix skip statement in upgrade e2e test b20a5ae (nshankar13)
• ref(docs): update manual demo for routes v2 84c9bc2 (Michelle Noorali)
• catalog/ingress: make tests comprehensive and correct check c7855ce (Shashank Ram)
• tests(pkg/cli): add test for RESTClientGetter() 1f4ccb1 (Jon Huhn)
• docs(install): Document how to install on OpenShift (#2784) 1a9633a (Kalya Subramanian)
• tests(e2e): add AppProtocol to SimpleDeploymentAppDef 64077c0 (Jon Huhn)
• fix(install): disable atomic by default 1072d90 (Jon Huhn)
• tests(pkg/cli): add test for EnvVars() 608e3f3 (Jon Huhn)
• test(pkg/service): Add tests for service package 7df043e (Sneha Chhabria)
• fix(pkg/catalog): resolve root service hostnames 76222d6 (Michelle Noorali)
• certificate/rotation: correctly rotate certs (#2789) 9fa4425 (Shashank Ram)
• test(pkg/kubernetes): Add test for GetAppProtocolFromPortName() a4a0746 (Sneha Chhabria)
• chore(pkg/kubetnetes) : Convert tests to use Go std testing library 6fe6550 (Sneha Chhabria)
• tests(pkg/configurator): add tracing tests c70c5bc (Jon Huhn)
• Template jaeger namespace value 6dadd62 (Sanya Kochhar)
• tests(pkg/cli): verify Namespace() error path 68c0bf5 (Jon Huhn)
• refactor kubectl patch to osm mesh upgrade + small fix for markdown format fix script format, make changes in comments bb799d4 (Shalier Xia)
• test(pkg/envoy/route) : Test clusterWeightByName.Less() 244c652 (Sneha Chhabria)
• envoy: wait indefinitely on TLS secrets 34d0046 (Shashank Ram)
• charts/osm: update envoy to 1.17.1 f1ab537 (Shashank Ram)
• envoy/sds: bump log level to info d0dcd66 (Shashank Ram)
• injector: restrict envoy admin access to localhost b956469 (Shashank Ram)
• cli/proxy: extend proxy cmd to other admin queries 2d13cfe (Shashank Ram)
• tests(pkg/kube): Add portforward tests d9b14da (Jon Huhn)
• feat(demo): Update automated demo to work on OpenShift 1032cf8 (Kalya Subramanian)
• envoy/lds: add unit test for outbound TCP filter 4facc0d (Shashank Ram)
• ref(docs): mv image to docs/content 080a1b1 (Michelle Noorali)
• tests/e2e: add test for secure gRPC origination addf6f1 (Shashank Ram)
• tests(metricsstore): Refactor to improve coverage b5efb54 (Jon Huhn)
• fix(cli): Add missing flags for upgrade 59f0c59 (Jon Huhn)
• ref(docs): update manual demo b9c4887 (Michelle Noorali)
• charts/crds: attribute orginal authors for SMI CRDs 74f978e (Shashank Ram)
• tests(pkg/envoy/lds): improve unit test coverage 1dab83f (Jon Huhn)
• logs(*): remove unnecessary fluent bit filters cdea8fd (Sanya Kochhar)
• fix(e2e): reduce CPU needed for upgrade test b8d533a (Jon Huhn)
• tests(e2e): disable upgrade test 2883465 (Jon Huhn)
• tests(fluentbit): differentiate names and contexts for fluentbit e2es b7ce924 (Sanya Kochhar)

Release v0.8.0-rc.1

Notable Changes

• osm mesh list command now displays controller pods and joined namespaces
• tracing.md added to document how to use Jaeger or BYO-tracing
• Updated the route building mechanism for RDS
• New osm mesh upgrade command to update and modify installed control planes. See the upgrade guide for more details.
• New OpenServiceMesh.enableWASMStatsExperimental chart value which, when enabled, extends Envoy with WASM to generate extra statistics needed to implement SMI metrics. See the metrics documentation for more details.
• Go version >=1.15.7 now required
• Init container is now optionally enabled

CRD Updates

charts/osm/crds/experimental/backpressure.yaml

Changelog

• Update charts and tags for v0.8.0-rc.1 b03d995 (Sanya Kochhar)
• fix(e2e): Update upgrade test with new CRD versions 22f7925 (Jon Huhn)
• fix(e2e): wait for automatic vault installation fd4149d (Jon Huhn)
• tests/e2e: add more buckets and reorganize test bucketing 5d5ab54 (Shashank Ram)
• fix(cli): Handle new required values in upgrade 94b3ffa (Jon Huhn)
• Add output e2e test for fluentbit 7a7799f (Sanya Kochhar)
• pkg/*: deprecate older API to list traffic splits afd63c9 (Shashank Ram)
• e2e: Add pod restart checks and Fail tests if seen by default b4f2e14 (Eduard Serra)
• Typo correction 34a93ec (Bridget Kromhout)
• Correcting broken link 264cd22 (Bridget Kromhout)
• Fix race on webhook certificate creation fed7a91 (Eduard Serra)
• chore(*): Remove unused variables 286313e (Sneha Chhabria)
• chore(*): Remove duplicate imports e519cdb (Sneha Chhabria)
• chore(routesv2): Remove unused struct from package bc831b7 (Sneha Chhabria)
• Clarifications for links 8485d69 (Bridget Kromhout)
• Link fixes for github and website 4a65d1a (Bridget Kromhout)
• chore(routesv2): Remove unused code 6d28128 (Sneha Chhabria)
• tests(pkg/envoy/route): add unit tests for clusterWeightByName 82f09b0 (Michelle Noorali)
• ref(pkg/catalog): clean up some unused funcs 3148052 (Michelle Noorali)
• pkg/envoy: Remove announcement channel from Proxy{} 65bf586 (Delyan Raychev)
• envoy: Test Proxy{} methods 4761694 (Delyan Raychev)
• service: Simplify stringer method for K8sServiceAccount 8c8f777 (Delyan Raychev)
• Add generic SynchronizeCertificate helper API f93ea93 (Eduard Serra)
• README clarification f20d2a5 (Bridget Kromhout)
• Correct links 2706246 (Bridget Kromhout)
• Additional alias 432a024 (Bridget Kromhout)
• Adding alias to tracing page 61c7362 (Bridget Kromhout)
• Aliases needed for working links on github & web b7d15ec (Bridget Kromhout)
• sds: Adding more unit tests 4a584c6 (Delyan Raychev)
• sds: Remove unused proxyService struct field 1d3c76a (Delyan Raychev)
• sds: Remove unused services list from SDS struct 6b7d1aa (Delyan Raychev)
• tests/e2e: add test for multiple services matching same pod 10245ea (Shashank Ram)
• sds: Carve out new testCase struct type 33225d3 (Delyan Raychev)
• catalog: Exporting errors so these are available outside pkg/catalog as well e9ce23c (Delyan Raychev)
• ref(pkg/catalog): clean up some unused funcs 69545b2 (Michelle Noorali)
• pkg/configurator: Demote Error to a Warning; Clarification 77001f1 (Delyan Raychev)
• test(pkg/envoy/rds/response_test.go): Update RDS response test to validate inbound and outbound policies 7a937ea (Sneha Chhabria)
• test(trafficSplit): Add a test for service with zero weight in traffic split 5271e26 (Sneha Chhabria)
• grafana-dashboard update 4176a19 (Eduard Serra)
• docs/manual_demo: fix merge conflicts 657f1e1 (Shashank Ram)
• pkg/*: add support for client pods without services ff5f421 (Shashank Ram)
• Makefile: fix go version check 45c346d (Shashank Ram)
• ref(pkg/catalog) : Use the same catalog APIs to build inbound and outbound traffic policies for SMI and permissive mode a6090f0 (Sneha Chhabria)
• go-mocks: generate mocks based on rules 5dd16f5 (Shashank Ram)
• tests(e2e): add WASM metrics test dfedc2c (Jon Huhn)
• feat(metrics): add flag to enable WASM metrics 237aee4 (Jon Huhn)
• Fix typo 84e6764 (Eduard Serra)
• Adjusting links for new site structure ae5b056 (Bridget Kromhout)
• Adding HA docs b3705df (Eduard Serra)
• chore(pkg/envoy/rds) : Rename RDS response file 68bf8b1 (Sneha Chhabria)
• Update Makefile 8ae04b4 (Delyan Raychev)
• Update cmd/osm-controller/osm-controller.go 79792a3 (Delyan Raychev)
• feat(routesv2): Cut over OSM to build routes using routes v2 bcf2f90 (Sneha Chhabria)
• Began structure of site navigation 1a73bba (Phillip Gibson)
• Update Makefile 8f93518 (Delyan Raychev)
• Add make command to build changes eff4378 (Sanya Kochhar)
• Require Go version 1.15.7 848d3d8 (Delyan Raychev)
• ingress/rbac: allow any downstream principal to access the service 17b6493 (Shashank Ram)
• feat(metrics): clean up WASM metrics in Prometheus config be29b9b (Jon Huhn)
• metrics: set dynamic metric registration e517164 (Eduard Serra)
• feat(routesv2) : Build inbound routes for traffic split apex services 5d5a88f (Sneha Chhabria)
• docs/ingress: update examples and add note for HTTPS 6512fc5 (Shashank Ram)
• e2e: Add comments to no-service pod test c125697 (Delyan Raychev)
• pkg/envoy: Test GetLocalClusterNameForServiceCluster() 02e126a (Delyan Raychev)
• ref(routesv2): Build inbound routes in routes v2 using proxy service ffcf323 (Sneha Chhabria)
• cmd/cli: update mesh list command 0d8eb25 (mudit-01)
• docs: update version menu to show the correct release number 783565e (flynnduism)
• ingress: update api group to networking.k8s.io 27613e4 (Shashank Ram)
• docs(observability): update docs to reflect prometheus, grafana, jaeger changes ffb3ae7 (Sanya Kochhar)
• pkg/identity: Increase test coverage 3690d29 (Delyan Raychev)
• feat(metrics): Add "unknown" for dest labels on local replies f9c7dd0 (Jon Huhn)
• feat(install): Enable optional privileged containers 4c1cc44 (Kalya Subramanian)
• docs/development_guide: add a note regarding autogen mocks 6e531a4 (Shashank Ram)
• code coverage: ignore generated code from unit test coverage metrics 559ddc0 (Delyan Raychev)
• Removing automerge feature 19210ba (Shalier Xia)
• to use env variables in JSON must wrap them in double quotes to interpolate 4c23fc9 (Shalier Xia)
• fix(pkg/*): Fix service selector match logic 3b2dad0 (Sneha Chhabria)
• Grab the first access token URL 0a9f9d1 (Shalier Xia)
• fix(demo): fix optional args 02cc4d0 (Jon Huhn)
• fix(install): Increase memory for controller and injector 299cb8a (Kalya Subramanian)
• feat(metrics): Add dest labels to WASM metrics ee77a8b (Jon Huhn)
• specify shell and pem extensin d9e691c (Shalier Xia)
• feat(routesv2/trafficsplit): Traffic split for routes v2 29fa703 (Sneha Chhabria)
• envoy/eds: move EDS related functionality into its pkg cdfe77c (Shashank Ram)
• feat(metrics): Add source labels to WASM metrics 3f8ac4e (Jon Huhn)
• pkg/endpoint: Increase unit test coverage bf04a84 (De...

Release v0.7.0

Notable Changes

• TCP traffic filtering and routing support with SMI policies and in permissive mode
• Ability to program outbound IP range exclusion list to bypass sidecar interception
• Tracing with Jaeger is now disabled by default
• CPU and memory resources for the OSM control plane can now be configured via chart values.
• Add experimental routes v2 functionality which modifies how RDS is programmed in Envoy proxies
• Documentation is now rendered on the Web at https://docs.openservicemesh.io
• CONTRIBUTING.md has been updated to describe OSM's new pull request workflow
• Documentation now includes how to upgrade an OSM control plane with Helm
• Support for gRPC as an application protocol (#2354)
• Updated SMI Traffic Access Control to v1alpha3 and Traffic Specs to v1alpha4
• Logging has been audited for security
• Fixed bug where setting the weight in a Traffic Split to 0 had no effect
• OSM control planes now emit their own Prometheus metrics like number of pods and namespaces in the mesh, XDS statistics, and more
• Updated Envoy used in injected sidecar containers to v1.17
• A validating webhook has been added to verify changes to the osm-config ConfigMap

CRD Updates

charts/osm/crds/access.yaml
charts/osm/crds/specs.yaml

Changelog

• Update versions to v0.7.0 a2166cf (Jon Huhn)
• fix(release): remove merge commit lines from generated changelog 3ef9857 (Jon Huhn)
• ref(docs): rm unnecessary label from bookstore manifest 1311af3 (Michelle Noorali)
• chore(docs): update manual demo manifest images acbb34a (Michelle Noorali)
• docs(release): add patch release instructions ee48ed4 (Jon Huhn)
• docs/examples: document traffic policy modes and update example workflow 4c91215 (Shashank Ram)
• tests/e2e: fix default expectations in Helm install test a6f634d (Shashank Ram)
• tests/e2e: Add a test to verify IP range exclusion ba2cb53 (Shashank Ram)
• configurator: remove tracing config keys from required list dcfe26e (Shashank Ram)
• Fixed e2e output 9a687f3 (nshankar13)
• fix(docs/example/README.md): fix apply and move permissivemode c88160e (Rita Zhang)
• Update readme and tags for 0.7.0-rc.1 2afceb7 (Sanya Kochhar)
• Turn of tracing by default ea1d39a (Eduard Serra)
• Update mesh-details dashboard a5412ef (Eduard Serra)
• codecov: enable on pull action and ignore demo/test code 84a1e72 (Shashank Ram)
• fix(ci): skip codecov update on PRs 085a684 (Jon Huhn)
• feat(charts/): parameterize resource configuration 5e1b4d3 (Michelle Noorali)
• metricstore: remove high cardinality labels from metrics osm metrics e206a09 (Eduard Serra)
• charts/osm: make IP range exclusion configurable c635b6b (Shashank Ram)
• charts/osm: update README and remove trailing whitespace d029103 (Shashank Ram)
• test: verify service port's appProtocol precedence over name 7f09a7a (Shashank Ram)
• configurator: validate outbound IP exclusion field 5f2445d (Shashank Ram)
• Allow named service ports to specify application protocol b9667c7 (Shashank Ram)
• injector: allow outbound IP range exclusions f2b8764 (Shashank Ram)
• docs(upgrade): Include steps to recreate CRDs 1ea7d27 (Kalya Subramanian)
• configurator/test: fix test pollution issue 5b38112 (Shashank Ram)
• docs(upgrade): Document mapping of ConfigMap and values file 0a1081a (Kalya Subramanian)
• docs: redirect for landing page aaca016 (flynnduism)
• feat(*): add routes v2 functionality 94f27be (Michelle Noorali)
• docs: organize markdown content to serve as a website 31f83d6 (flynnduism)
• tests(*): fixing labels and fixtures while creating pods 1d88175 (Sneha Chhabria)
• docs(upgrade): Add upgrade troubleshooting guide (#2377) 853b995 (Kalya Subramanian)
• Make image tag immutable for releases d06015c (Shalier Xia)
• fix(make): update e2e kind cluster flag bfdfc0f (Jon Huhn)
• injector: Correct error log message (#2382) 2316bdc (Delyan Raychev)
• tresor: Change log level for a statement from Info to Debug (#2383) ab76653 (Delyan Raychev)
• configurator: Convert Info log messages to Debug (#2381) 4776cad (Delyan Raychev)
• envoy/ads: Augment log messages with context (#2380) 262fd86 (Delyan Raychev)
• rds: Augment error log message with Pod UID (#2379) f88ca6e (Delyan Raychev)
• injector: Augmenting log line with missing variable (#2378) 377a47f (Delyan Raychev)
• ads: Add more context with Envoy Pod UID to some log messages (#2376) bc6d52f (Delyan Raychev)
• ads: Adding a comment to a log line to remind us of the importance of logging ADS request/responses carefully (#2375) 3c6353d (Delyan Raychev)
• envoy/route: Delete log line providing little info (#2374) 6b699b9 (Delyan Raychev)
• catalog: Small tweak verbiage of log line; Delete unused function (#2373) 68bcfab (Delyan Raychev)
• catalog: Tweak verbiage of log line (#2372) d8b7249 (Delyan Raychev)
• lds/ingress: Tweak error log message for clarity (#2371) 5d7df9f (Delyan Raychev)
• catalog: Augment log messages with Pod UID (#2360) 98a6c05 (Delyan Raychev)
• contributing: update guide to reflect new pull request workflow 3723c37 (Shashank Ram)
• docs(upgrade): Add docs for helm upgrade (#2340) 90c3259 (Kalya Subramanian)
• Fix typo on Prometheus enablement flag 3b96400 (Chad Kittel)
• [tests] : Adding unit test for the entire envoy listener configuration (#2358) 1c00c37 (Sneha Chhabria)
• injector: Small correction to a log message (#2355) e109d6a (Delyan Raychev)
• reconciler: Tiny adjustment to a log message (#2357) 4e11b98 (Delyan Raychev)
• gRPC: allow specifying gRPC as appProtocol for service ports (#2354) b7b4c8d (Shashank Ram)
• logs: Use Certificate SerialNumber instead of Subject CN (#2351) e59da65 (Delyan Raychev)
• logging: remove SAN from logs (#2346) 1e6b29a (Sanya Kochhar)
• docs(release): document release candidate process (#2341) 98d4675 (Jon Huhn)
• ci: Run Envoy + SMI scenario tests as part of CI (#2303) a0fd215 (Delyan Raychev)
• injector: Idiomatic logging of error messages with log.Error().Err(err) (#2349) 100375b (Delyan Raychev)
• ads: Curate log messages when Envoys connect to xDS control plane (#2350) b21a151 (Delyan Raychev)
• ads: Do not log Envoy's XDS Certificate CN; log cert's SerialNumber instead (#2345) d6b003b (Delyan Raychev)
• injector: Idiomatic logging of error messages with log.Error().Err(err) (#2348) bc1d7de (Delyan Raychev)
• injector/init: generate init-container commands within osm-controller (#2343) 05677b0 (Shashank Ram)
• Proxy fields xDSCertificateCommonName and xDSCertificateSerialNumber can be private 2d72897 (Delyan Raychev)
• Rename CommonName and SerialNumber fields on the Proxy struct 08b5bdc (Delyan Raychev)
• proxy: Add certificate SerialNumber UID to NewProxy() and Proxy{} 1c0637f (Delyan Raychev)
• Change ValidateClient to return certificate SerialNumber for newly connected Envoy proxy da679d7 (Delyan Raychev)
• smi/traffic-access: update to v1alpha3 (#2336) edd9902 (Shashank Ram)
• Auditing the log levels in OSM (#2335) a0f936f (Sneha Chhabria)
• Disable test temporarily e64c6b0 (Delyan Raychev)
• proxy: Rename GetCommonName() to GetCertificateCommonName(); Add GetCertificateSerialNumber() e2edc78 (Delyan Raychev)
• doc(chart): Updated chart readme (#2322) 85b5217 (Alessandro Vozza)
• smi: update to smi-sdk-go v0.5.0 and traffic-specs v1alpha4 (#2331) db184fc (Shashank Ram)
• Update pkg/certificate/providers/vault/certificate_manager.go 2ca81ad (Delyan Raychev)
• Update pkg/certificate/providers/certmanager/types.go 42d0aea (Del...

Release v0.7.0-rc.1

Notable Changes

• TCP traffic filtering and routing support with SMI policies and in permissive mode
• Ability to program outbound IP range exclusion list to bypass sidecar interception
• Tracing with Jaeger is now disabled by default
• CPU and memory resources for the OSM control plane can now be configured via chart values.
• Add experimental routes v2 functionality which modifies how RDS is programmed in Envoy proxies
• Documentation is now rendered on the Web at https://docs.openservicemesh.io
• CONTRIBUTING.md has been updated to describe OSM's new pull request workflow
• Documentation now includes how to upgrade an OSM control plane with Helm
• Support for gRPC as an application protocol (#2354)
• Updated SMI Traffic Access Control to v1alpha3 and Traffic Specs to v1alpha4
• Logging has been audited for security
• Fixed bug where setting the weight in a Traffic Split to 0 had no effect
• OSM control planes now emit their own Prometheus metrics like number of pods and namespaces in the mesh, XDS statistics, and more
• Updated Envoy used in injected sidecar containers to v1.17
• A validating webhook has been added to verify changes to the osm-config ConfigMap

CRD Updates

charts/osm/crds/access.yaml
charts/osm/crds/specs.yaml

Changelog

• tests/e2e: fix default expectations in Helm install test a6f634d (Shashank Ram)
• tests/e2e: Add a test to verify IP range exclusion ba2cb53 (Shashank Ram)
• configurator: remove tracing config keys from required list dcfe26e (Shashank Ram)
• Fixed e2e output 9a687f3 (nshankar13)
• fix(docs/example/README.md): fix apply and move permissivemode c88160e (Rita Zhang)
• Update readme and tags for 0.7.0-rc.1 2afceb7 (Sanya Kochhar)
• Turn of tracing by default ea1d39a (Eduard Serra)
• Update mesh-details dashboard a5412ef (Eduard Serra)
• codecov: enable on pull action and ignore demo/test code 84a1e72 (Shashank Ram)
• fix(ci): skip codecov update on PRs 085a684 (Jon Huhn)
• feat(charts/): parameterize resource configuration 5e1b4d3 (Michelle Noorali)
• metricstore: remove high cardinality labels from metrics osm metrics e206a09 (Eduard Serra)
• charts/osm: make IP range exclusion configurable c635b6b (Shashank Ram)
• charts/osm: update README and remove trailing whitespace d029103 (Shashank Ram)
• test: verify service port's appProtocol precedence over name 7f09a7a (Shashank Ram)
• configurator: validate outbound IP exclusion field 5f2445d (Shashank Ram)
• Allow named service ports to specify application protocol b9667c7 (Shashank Ram)
• injector: allow outbound IP range exclusions f2b8764 (Shashank Ram)
• docs(upgrade): Include steps to recreate CRDs 1ea7d27 (Kalya Subramanian)
• configurator/test: fix test pollution issue 5b38112 (Shashank Ram)
• docs(upgrade): Document mapping of ConfigMap and values file 0a1081a (Kalya Subramanian)
• docs: redirect for landing page aaca016 (flynnduism)
• feat(*): add routes v2 functionality 94f27be (Michelle Noorali)
• docs: organize markdown content to serve as a website 31f83d6 (flynnduism)
• tests(*): fixing labels and fixtures while creating pods 1d88175 (Sneha Chhabria)
• docs(upgrade): Add upgrade troubleshooting guide (#2377) 853b995 (Kalya Subramanian)
• Make image tag immutable for releases d06015c (Shalier Xia)
• fix(make): update e2e kind cluster flag bfdfc0f (Jon Huhn)
• injector: Correct error log message (#2382) 2316bdc (Delyan Raychev)
• tresor: Change log level for a statement from Info to Debug (#2383) ab76653 (Delyan Raychev)
• configurator: Convert Info log messages to Debug (#2381) 4776cad (Delyan Raychev)
• envoy/ads: Augment log messages with context (#2380) 262fd86 (Delyan Raychev)
• rds: Augment error log message with Pod UID (#2379) f88ca6e (Delyan Raychev)
• injector: Augmenting log line with missing variable (#2378) 377a47f (Delyan Raychev)
• ads: Add more context with Envoy Pod UID to some log messages (#2376) bc6d52f (Delyan Raychev)
• ads: Adding a comment to a log line to remind us of the importance of logging ADS request/responses carefully (#2375) 3c6353d (Delyan Raychev)
• envoy/route: Delete log line providing little info (#2374) 6b699b9 (Delyan Raychev)
• catalog: Small tweak verbiage of log line; Delete unused function (#2373) 68bcfab (Delyan Raychev)
• catalog: Tweak verbiage of log line (#2372) d8b7249 (Delyan Raychev)
• lds/ingress: Tweak error log message for clarity (#2371) 5d7df9f (Delyan Raychev)
• catalog: Augment log messages with Pod UID (#2360) 98a6c05 (Delyan Raychev)
• contributing: update guide to reflect new pull request workflow 3723c37 (Shashank Ram)
• docs(upgrade): Add docs for helm upgrade (#2340) 90c3259 (Kalya Subramanian)
• Fix typo on Prometheus enablement flag 3b96400 (Chad Kittel)
• [tests] : Adding unit test for the entire envoy listener configuration (#2358) 1c00c37 (Sneha Chhabria)
• injector: Small correction to a log message (#2355) e109d6a (Delyan Raychev)
• reconciler: Tiny adjustment to a log message (#2357) 4e11b98 (Delyan Raychev)
• gRPC: allow specifying gRPC as appProtocol for service ports (#2354) b7b4c8d (Shashank Ram)
• logs: Use Certificate SerialNumber instead of Subject CN (#2351) e59da65 (Delyan Raychev)
• logging: remove SAN from logs (#2346) 1e6b29a (Sanya Kochhar)
• docs(release): document release candidate process (#2341) 98d4675 (Jon Huhn)
• ci: Run Envoy + SMI scenario tests as part of CI (#2303) a0fd215 (Delyan Raychev)
• injector: Idiomatic logging of error messages with log.Error().Err(err) (#2349) 100375b (Delyan Raychev)
• ads: Curate log messages when Envoys connect to xDS control plane (#2350) b21a151 (Delyan Raychev)
• ads: Do not log Envoy's XDS Certificate CN; log cert's SerialNumber instead (#2345) d6b003b (Delyan Raychev)
• injector: Idiomatic logging of error messages with log.Error().Err(err) (#2348) bc1d7de (Delyan Raychev)
• injector/init: generate init-container commands within osm-controller (#2343) 05677b0 (Shashank Ram)
• Proxy fields xDSCertificateCommonName and xDSCertificateSerialNumber can be private 2d72897 (Delyan Raychev)
• Rename CommonName and SerialNumber fields on the Proxy struct 08b5bdc (Delyan Raychev)
• proxy: Add certificate SerialNumber UID to NewProxy() and Proxy{} 1c0637f (Delyan Raychev)
• Change ValidateClient to return certificate SerialNumber for newly connected Envoy proxy da679d7 (Delyan Raychev)
• smi/traffic-access: update to v1alpha3 (#2336) edd9902 (Shashank Ram)
• Auditing the log levels in OSM (#2335) a0f936f (Sneha Chhabria)
• Disable test temporarily e64c6b0 (Delyan Raychev)
• proxy: Rename GetCommonName() to GetCertificateCommonName(); Add GetCertificateSerialNumber() e2edc78 (Delyan Raychev)
• doc(chart): Updated chart readme (#2322) 85b5217 (Alessandro Vozza)
• smi: update to smi-sdk-go v0.5.0 and traffic-specs v1alpha4 (#2331) db184fc (Shashank Ram)
• Update pkg/certificate/providers/vault/certificate_manager.go 2ca81ad (Delyan Raychev)
• Update pkg/certificate/providers/certmanager/types.go 42d0aea (Delyan Raychev)
• Update pkg/envoy/ads/response.go 8c99a84 (Delyan Raychev)
• Fixing typos in comments, variable names etc. 08f7152 (Delyan Raychev)
• ref(release): Include CRD upgrade info in Release Notes (#2323) 50a62d3 (Kalya Subramanian)
• Fix log messages 1c8e111 (Delyan Raychev)
• certificate: Delete unused functions (#2305) e75dddb (Delyan Raychev)
• logging: remove request response from log (#2321) c11e267 (Sanya Kochhar)
• logging: remove raw objec...

Release v0.6.1

Notable Changes

• Fluent Bit log level filtering now works on Moby and Containerd
• Fluent Bit output now includes OSM controller pod name as identifier for querying logs
• Fluent Bit bug for empty http or https proxy value has been fixed

Changelog

• Update readme for 0.6.1 release e3356c5 (Sanya Kochhar)
• Update version for chart release c79e623 (Sanya Kochhar)
• fix(fluent bit): allow httpProxy or httpsProxy value to be empty (#2231) f41171b (Sanya Kochhar)
• fluent bit: add identifier to help query logs in output (#2195) 78e26d0 (Sanya Kochhar)
• fix(fluent bit): update filters to work for various k8s distros (#2170) df88f4a (Sanya Kochhar)
• fix(ci): workaround DCO requirement for gh-pages branch (#2203) d8b189c (Jon Huhn)

Release v0.6.0

Notable Changes

• Prometheus is now disabled by default and can be enabled using the --deploy-prometheus flag in osm install
• Log forwarding via Fluent Bit now has outbound proxy support for egress traffic to be able to go through a proxy server
• Service identities are now based on Kubernetes service accounts rather than Kubernetes services
• OSM now uses distroless base & static images
• Several changes made in preparation of supporting SMI's TCP route
• Pods in the mesh no longer need to back a service
• Updated Microsoft CLA to DCO
• Added dynamic start and stop to debug server
• Added a new CLI command osm trafficpolicy check-pods that validates whether the given source and destination pods are allowed to communicate

Changelog

• Update charts for v0.6.0 (#2199) 8d2099a (Sanya Kochhar)
• Update chart tags and readme for 0.6.0 (#2162) 8515c09 (Sanya Kochhar)
• fix(fluent bit): make input plugin read from head of logs file (#2158) ee39c0a (Sanya Kochhar)
• envoy/lds: add support for inbound TCP proxying (#2154) c0410a8 (Shashank Ram)
• envoy/rbac: support destination port permission in rules (#2157) 2831822 (Shashank Ram)
• fix(maestro): cleanup helm releases in deleted namespaces (#2155) 224ef8f (Jon Huhn)
• feat(*): add rules on inbound traffic policy (#2143) a04fe9a (Michelle Noorali)
• endpoint/k8s: Fix unit test sync (#2153) 6eb6974 (Edu Serra)
• envoy: use an api to retrieve the local cluster name (#2144) e66668d (Shashank Ram)
• tests/framework: additions to framework to query from Prometheus/Grafana (#2138) e2b5254 (Edu Serra)
• envoy/lds: create inbound filter chains per service port (#2140) 8a6ed0f (Shashank Ram)
• tests/framework: Add GetTestFile (#2136) 16be519 (Edu Serra)
• catalog: add api to fetch service's port:protocol mapping across providers (#2137) 54719f8 (Shashank Ram)
• endpoint/providers: add api to retrieve port:protocol mapping for ser… (#2135) 27379ac (Shashank Ram)
• fluent bit: clean up variables and docs for clarity (#2116) 4ee242b (Sanya Kochhar)
• ref(*): add types for inbound/outbound trafficpolicy (#2132) a2cc566 (Michelle Noorali)
• fluent bit: Add support for outbound http proxy (#2114) 4c73bd9 (Sanya Kochhar)
• cli: move portForwarder to a more generic location (#2129) fc87610 (Edu Serra)
• docs/design: proposal to determine application protocol (#2127) ff54bd7 (Shashank Ram)
• e2e: EnableNsMetrics and EnableDebugServer enabled by default (#2130) 13652b8 (Edu Serra)
• chore(*): add manifests for routes refactor (#2124) f26af90 (Michelle Noorali)
• filter out split service from weighted cluster in route config (#2110) d12f43b (Addo.Zhang)
• pkg/kubernetes: reduce log to trace (#2123) 388f828 (Edu Serra)
• prometheus: drop time-bucket series, increase ram limit to 2G (#2117) dc51517 (Edu Serra)
• grafana: QoL updates and fixes (#2119) 6699a34 (Edu Serra)
• fix(chart): allow empty OpenServiceMesh.image.pullPolicy (#2120) bc35de7 (Jon Huhn)
• envoy/lds: refactor inbound filter chain building (#2118) b5cb078 (Shashank Ram)
• envoy/lds: consolidate HTTP filter chain building (#2113) fb072dc (Shashank Ram)
• pubsub: introduce pubsub chan Unsub(), fix few sync tests (#2109) 14be75a (Edu Serra)
• envoy/lds: update error handling while building HTTP filter chain (#2112) 306dac8 (Shashank Ram)
• Fluent Bit: update charts and schema for fluent bit variables (#2107) 5238514 (Sanya Kochhar)
• envoy/lds: use listenerBuilder type to build listener and filters (#2105) e412f39 (Shashank Ram)
• osm: disable ticker, space k8s resyncs to 5m (#2095) 120b1cf (Edu Serra)
• envoy/lds: change HTTP filter's function signature (#2104) ed46be8 (Shashank Ram)
• envoy: use ptypes.MarshalAny directly instead of unnecessary wrapper (#2102) 681cde1 (Shashank Ram)
• envoy/lds: Make outbound HTTP filter chain specific to HTTP traffic (#2101) 68ab84d (Shashank Ram)
• Fixing Hashi Vault integration test (#2098) b58a44f (Delyan Raychev)
• vault: Carve out fetching of Issuing CA into a function (#2069) 374d418 (Delyan Raychev)
• tests/e2e: isolate framework from tests, restructure files (#2090) d2d9d42 (Edu Serra)
• envoy/lds: move mesh related filter chain code to its file (#2094) e2ed301 (Shashank Ram)
• envoy/lds: use rbac policy builder (#2093) d9bbd3e (Shashank Ram)
• envoy/rbac: add generic RBAC policy builder (#2089) f20c7b5 (Shashank Ram)
• certificate/tresor: Change cache from a map to sync.Map (#2075) 1e0ba08 (Delyan Raychev)
• catalog: repeater to be event-based, dispatcher (#2086) c807095 (Edu Serra)
• Merge pull request #2087 from phillipgibson/main 48e613f (Phill Gibson)
• Updated CONTRIBUTING.md from CLA to DCO 7d7dc0f (phillipgibson)
• certificate/vault: Change cache from a map to sync.Map (#2074) 4907ddf (Delyan Raychev)
• certificate: Adding GetSerialNumber() to Certificater interface (#2072) 5220beb (Delyan Raychev)
• ref(xds): use PodMetadata struct in place of individual fields (#2079) e9bb558 (Jon Huhn)
• Merge pull request #2080 from bridgetkromhout/add-phillip aa9409e (Bridget Kromhout)
• feat(metrics): Disable Prometheus by default (#1868) 83a0320 (Kalya Subramanian)
• Adding Phillip Gibson as OWNER for public record 85cf689 (Bridget Kromhout)
• certificates/vault: Use new types vaultRole and vaultPath (#2073) e0be376 (Delyan Raychev)
• events: Add pubsub global interface for OSM events (#2076) d93b01b (Edu Serra)
• make pretty logging working (#2077) 4693031 (Addo.Zhang)
• Remove unused constant AzureProviderName (#2066) 1caa924 (Delyan Raychev)
• Delete Certificate for an Envoy for a Pod that was Terminated (#1956) bf58d62 (Delyan Raychev)
• Use distroless images for osm & demo (#2011) 2e81275 (Jonas-Taha El Sesiy)
• envoy/lds: add comments for specific filter chain match criteria (#2071) 48fac6d (Shashank Ram)
• Merge pull request #2067 from bridgetkromhout/correct-license d52ed3f (Bridget Kromhout)
• catalog: Convert expectedProxies to sync.Map (#2063) db57488 (Delyan Raychev)
• Correct license ed21368 (Bridget Kromhout)
• test(*): Add e2e test for enableDebugServer (#2049) e0513d3 (Shalier Xia)
• pkg/configurator: introducing pubsub for config updates (#2050) 9ea8a6f (Edu Serra)
• catalog: Convert disconnectedProxies to sync.Map (#2062) f362b18 (Delyan Raychev)
• catalog: Convert connectedProxies to sync.Map (#2061) 8ad74fb (Delyan Raychev)
• Exclude test/scenarios from test coverage tool (#2060) 1659b28 (Delyan Raychev)
• ref(pkg/catalog): add convenience functions (#2051) 4d13d24 (Michelle Noorali)
• Fix debug server and OSM Controller (#2059) e533370 (Delyan Raychev)
• envoy/rbac: add support for server side RBAC fitler (#2054) 495110c (Shashank Ram)
• feat(build): add chart-readme Makefile target (#2053) 3e374f0 (Jon Huhn)
• Corrected Spelling (#2057) ab6bf87 (Niranjan Shankar)
• fix(ci): fix go mod tidy check (#2055) 497740d (Jon Huhn)
• Chart changes with additional configurations (#2005) 1512f36 (Niranjan Shankar)
• osm-deployment: parametrize osm log level in values.yaml (#2046) 2a09728 (Edu Serra)
• feat(*): add TrafficPolicy struct and helpers (#2047) 9f7c8ce (Michelle Noorali)
• update tags to 0.5.0 (#2044) 1c19cbc (Jon Huhn)
• feat(pkg/catalog): Add GetServicesForServiceAccounts func (#2037) d4dc340 (Michelle Noorali)
• fix(*): fix Mac build error (#2043) d4d0a63 (Jon Huhn)
• Linter: Enabling errCheck L...

Release v0.6.0-rc.1

Notable Changes

• Prometheus is now disabled by default and can be enabled using the --deploy-prometheus flag in osm install
• Log forwarding via Fluent Bit now has outbound proxy support for egress traffic to be able to go through a proxy server
• Service identities are now based on Kubernetes service accounts rather than Kubernetes services
• OSM now uses distroless base & static images
• Several changes made in preparation of supporting SMI's TCP route
• Pods in the mesh no longer need to back a service
• Updated Microsoft CLA to DCO
• Added dynamic start and stop to debug server
• Added a new CLI command osm trafficpolicy check-pods that validates whether the given source and destination pods are allowed to communicate

Changelog

• Update chart tags and readme for 0.6.0 (#2162) 8515c09 (Sanya Kochhar)
• fix(fluent bit): make input plugin read from head of logs file (#2158) ee39c0a (Sanya Kochhar)
• envoy/lds: add support for inbound TCP proxying (#2154) c0410a8 (Shashank Ram)
• envoy/rbac: support destination port permission in rules (#2157) 2831822 (Shashank Ram)
• fix(maestro): cleanup helm releases in deleted namespaces (#2155) 224ef8f (Jon Huhn)
• feat(*): add rules on inbound traffic policy (#2143) a04fe9a (Michelle Noorali)
• endpoint/k8s: Fix unit test sync (#2153) 6eb6974 (Edu Serra)
• envoy: use an api to retrieve the local cluster name (#2144) e66668d (Shashank Ram)
• tests/framework: additions to framework to query from Prometheus/Grafana (#2138) e2b5254 (Edu Serra)
• envoy/lds: create inbound filter chains per service port (#2140) 8a6ed0f (Shashank Ram)
• tests/framework: Add GetTestFile (#2136) 16be519 (Edu Serra)
• catalog: add api to fetch service's port:protocol mapping across providers (#2137) 54719f8 (Shashank Ram)
• endpoint/providers: add api to retrieve port:protocol mapping for ser… (#2135) 27379ac (Shashank Ram)
• fluent bit: clean up variables and docs for clarity (#2116) 4ee242b (Sanya Kochhar)
• ref(*): add types for inbound/outbound trafficpolicy (#2132) a2cc566 (Michelle Noorali)
• fluent bit: Add support for outbound http proxy (#2114) 4c73bd9 (Sanya Kochhar)
• cli: move portForwarder to a more generic location (#2129) fc87610 (Edu Serra)
• docs/design: proposal to determine application protocol (#2127) ff54bd7 (Shashank Ram)
• e2e: EnableNsMetrics and EnableDebugServer enabled by default (#2130) 13652b8 (Edu Serra)
• chore(*): add manifests for routes refactor (#2124) f26af90 (Michelle Noorali)
• filter out split service from weighted cluster in route config (#2110) d12f43b (Addo.Zhang)
• pkg/kubernetes: reduce log to trace (#2123) 388f828 (Edu Serra)
• prometheus: drop time-bucket series, increase ram limit to 2G (#2117) dc51517 (Edu Serra)
• grafana: QoL updates and fixes (#2119) 6699a34 (Edu Serra)
• fix(chart): allow empty OpenServiceMesh.image.pullPolicy (#2120) bc35de7 (Jon Huhn)
• envoy/lds: refactor inbound filter chain building (#2118) b5cb078 (Shashank Ram)
• envoy/lds: consolidate HTTP filter chain building (#2113) fb072dc (Shashank Ram)
• pubsub: introduce pubsub chan Unsub(), fix few sync tests (#2109) 14be75a (Edu Serra)
• envoy/lds: update error handling while building HTTP filter chain (#2112) 306dac8 (Shashank Ram)
• Fluent Bit: update charts and schema for fluent bit variables (#2107) 5238514 (Sanya Kochhar)
• envoy/lds: use listenerBuilder type to build listener and filters (#2105) e412f39 (Shashank Ram)
• osm: disable ticker, space k8s resyncs to 5m (#2095) 120b1cf (Edu Serra)
• envoy/lds: change HTTP filter's function signature (#2104) ed46be8 (Shashank Ram)
• envoy: use ptypes.MarshalAny directly instead of unnecessary wrapper (#2102) 681cde1 (Shashank Ram)
• envoy/lds: Make outbound HTTP filter chain specific to HTTP traffic (#2101) 68ab84d (Shashank Ram)
• Fixing Hashi Vault integration test (#2098) b58a44f (Delyan Raychev)
• vault: Carve out fetching of Issuing CA into a function (#2069) 374d418 (Delyan Raychev)
• tests/e2e: isolate framework from tests, restructure files (#2090) d2d9d42 (Edu Serra)
• envoy/lds: move mesh related filter chain code to its file (#2094) e2ed301 (Shashank Ram)
• envoy/lds: use rbac policy builder (#2093) d9bbd3e (Shashank Ram)
• envoy/rbac: add generic RBAC policy builder (#2089) f20c7b5 (Shashank Ram)
• certificate/tresor: Change cache from a map to sync.Map (#2075) 1e0ba08 (Delyan Raychev)
• catalog: repeater to be event-based, dispatcher (#2086) c807095 (Edu Serra)
• Merge pull request #2087 from phillipgibson/main 48e613f (Phill Gibson)
• Updated CONTRIBUTING.md from CLA to DCO 7d7dc0f (phillipgibson)
• certificate/vault: Change cache from a map to sync.Map (#2074) 4907ddf (Delyan Raychev)
• certificate: Adding GetSerialNumber() to Certificater interface (#2072) 5220beb (Delyan Raychev)
• ref(xds): use PodMetadata struct in place of individual fields (#2079) e9bb558 (Jon Huhn)
• Merge pull request #2080 from bridgetkromhout/add-phillip aa9409e (Bridget Kromhout)
• feat(metrics): Disable Prometheus by default (#1868) 83a0320 (Kalya Subramanian)
• Adding Phillip Gibson as OWNER for public record 85cf689 (Bridget Kromhout)
• certificates/vault: Use new types vaultRole and vaultPath (#2073) e0be376 (Delyan Raychev)
• events: Add pubsub global interface for OSM events (#2076) d93b01b (Edu Serra)
• make pretty logging working (#2077) 4693031 (Addo.Zhang)
• Remove unused constant AzureProviderName (#2066) 1caa924 (Delyan Raychev)
• Delete Certificate for an Envoy for a Pod that was Terminated (#1956) bf58d62 (Delyan Raychev)
• Use distroless images for osm & demo (#2011) 2e81275 (Jonas-Taha El Sesiy)
• envoy/lds: add comments for specific filter chain match criteria (#2071) 48fac6d (Shashank Ram)
• Merge pull request #2067 from bridgetkromhout/correct-license d52ed3f (Bridget Kromhout)
• catalog: Convert expectedProxies to sync.Map (#2063) db57488 (Delyan Raychev)
• Correct license ed21368 (Bridget Kromhout)
• test(*): Add e2e test for enableDebugServer (#2049) e0513d3 (Shalier Xia)
• pkg/configurator: introducing pubsub for config updates (#2050) 9ea8a6f (Edu Serra)
• catalog: Convert disconnectedProxies to sync.Map (#2062) f362b18 (Delyan Raychev)
• catalog: Convert connectedProxies to sync.Map (#2061) 8ad74fb (Delyan Raychev)
• Exclude test/scenarios from test coverage tool (#2060) 1659b28 (Delyan Raychev)
• ref(pkg/catalog): add convenience functions (#2051) 4d13d24 (Michelle Noorali)
• Fix debug server and OSM Controller (#2059) e533370 (Delyan Raychev)
• envoy/rbac: add support for server side RBAC fitler (#2054) 495110c (Shashank Ram)
• feat(build): add chart-readme Makefile target (#2053) 3e374f0 (Jon Huhn)
• Corrected Spelling (#2057) ab6bf87 (Niranjan Shankar)
• fix(ci): fix go mod tidy check (#2055) 497740d (Jon Huhn)
• Chart changes with additional configurations (#2005) 1512f36 (Niranjan Shankar)
• osm-deployment: parametrize osm log level in values.yaml (#2046) 2a09728 (Edu Serra)
• feat(*): add TrafficPolicy struct and helpers (#2047) 9f7c8ce (Michelle Noorali)
• update tags to 0.5.0 (#2044) 1c19cbc (Jon Huhn)
• feat(pkg/catalog): Add GetServicesForServiceAccounts func (#2037) d4dc340 (Michelle Noorali)
• fix(*): fix Mac build error (#2043) d4d0a63 (Jon Huhn)
• Linter: Enabling errCheck Linter (#2042) ee49247 (Sneha Chhabria)
• announcements: Inc...

Release v0.5.0

OSM v0.5.0 adds several new features, bug fixes, performance, and stability improvements. Thanks to everyone for trying out OSM, giving feedback, asking questions, and contributing.

Notable Changes

• You can now enforce a single control plane instance exists in a cluster with osm install --enforce-single-mesh.
• There is a new osm proxy dump-config command that will output the current proxy configuration for a pod.
• Logs from the osm-controller pod can now optionally be forwarded via Fluent Bit with osm install --enable-fluentbit.
• The --namespace flag on all CLI commands that identifies a control plane namespace has been renamed to --osm-namespace.
• Sidecar injection is now enabled by default for the osm namespace add command.
• A new /debug/feature-flags endpoint has been added to the debug server that displays the state of each flag.

Changelog

• Cut v0.5.0 (#2031) c614ca2 (Jon Huhn)
• Updates tags in charts (#1928) 7823ddd (SanyaKochhar)
• Merge pull request #1947 from nojnhuh/update-release-v0.5 e9b495d (Jon Huhn)
• ref(build): consolidate version Makefile variables (#1936) b45ab46 (Jon Huhn)
• bug(pkg/*) : Fixing access to backend services (#1944) de55d86 (Sneha Chhabria)
• charts/osm: Increase max memory limit (#1943) ca384e5 (Edu Serra)
• Reduce default number of bits used per RSA certificate key to 2048 (#1940) cc8d85c (Edu Serra)
• catalog: correctly program shorthand service FQDN (#1935) 97a0720 (Shashank Ram)
• injector: Augment log messages with admission request details (#1888) 85a6597 (Delyan Raychev)
• fix(build): ensure controller version is not a chart version (#1927) fa0445c (Jon Huhn)
• debugger: Expose all feature flags via /debug/feature-flags endpoint (#1926) 7df16e9 (Delyan Raychev)
• catalog/routes: Change log level for ListTrafficPolicies from Info to Trace (#1923) 92b5699 (Delyan Raychev)
• main: Print the feature flags in use on OSM Controller start-up (#1924) 9033e05 (Delyan Raychev)
• maestro: Always print human readable logs in lieu of JSON (#1925) de80c42 (Delyan Raychev)
• Update fluentbit filter regex (#1920) 2856723 (SanyaKochhar)
• templates: MutatingWebhookConfig filter to CREATE POD events only (#1904) 0be40ed (Delyan Raychev)
• tests/e2e: add NoInstall option (#1894) 517501c (Edu Serra)
• pkg/injector: Add webhook time tracking facility (#1852) d3ade1e (Edu Serra)
• tests(e2e): add helm install e2e test (#1889) e8ac7d1 (Michelle Noorali)
• docs(observability): create observability dir and add log forwarding example (#1906) 198d1e7 (SanyaKochhar)
• cli: encode error along with message for additional context (#1905) 76e1ba4 (Shashank Ram)
• catalog/injector: Use uuid.UUID type for proxyUUID variable; converge on naming (#1899) 0f5bbc2 (Delyan Raychev)
• fix(e2e): cleanup helm releases in e2e (#1886) 202121c (Jon Huhn)
• ref(e2e): organize e2e tests into tiers (#1902) e0141c1 (Jon Huhn)
• cli: enable sidecar injection by default with namespace add command (#1901) c5147ae (Shashank Ram)
• removing references for CIDR (#1900) d59ca65 (Sneha Chhabria)
• cli: rename global namespace flag (#1887) a91ccad (Shashank Ram)
• feat(charts): validate chart values w/ json schema (#1890) dbb3ec7 (Michelle Noorali)
• feat(charts): add log forwarding via Fluent Bit sidecar (#1875) f212e82 (SanyaKochhar)
• cli: add proxy command to dump config (#1883) 397f0ed (Shashank Ram)
• cli: remove deprecated code and fix namespace usage with portforwarding (#1885) 4970903 (Shashank Ram)
• tests(e2e): add permissive traffic policy mode test (#1872) 2cd45c4 (Jon Huhn)
• tests/e2e: rework NS cleanup (#1869) 7503e02 (Edu Serra)
• (e2e, CI) Skip cert-manager (#1881) b32bc61 (Edu Serra)
• cli: expose portforwarding capability and refactor dashboard cmd (#1878) e51ba0e (Shashank Ram)
• Update install_test to default grafana installation to disabled (#1876) 541e305 (SanyaKochhar)
• tests(e2e): add cert-manager test (#1866) 4476da9 (Jon Huhn)
• doc(doc/config.md) : Documentation for OSM ConfigMap (#1870) 59876f8 (Sneha Chhabria)
• cli/dashboard: remove unnecessary select on channel (#1873) 7fce8d6 (Shashank Ram)
• tests(e2e): add traffic split test using shared service account (#1867) 58dc0a0 (Jon Huhn)
• cli: Add enforce single mesh functionality to osm install (#1854) 8e22bef (Kalya Subramanian)
• ref(test): Use distinct weights for weighted clusters (#1863) fde0ef6 (Kalya Subramanian)
• ref(routes): ListTrafficTargetPermutation using TrafficTarget fields directly (#1865) 1f25d11 (Kalya Subramanian)
• tests/e2e: Increasing clenaup time (#1864) b0cb745 (Edu Serra)
• injector: ignore osm-controller namespace (#1862) 1646fb5 (Shashank Ram)
• tests(e2e): add egress test (#1832) 122cb13 (Jon Huhn)
• ref(make): add variables for e2e test flags (#1857) 84c0b6b (Jon Huhn)
• cli/dashboard: Amending use of fatals and log (#1861) 50cd719 (Edu Serra)
• tests/e2e: Generalize GetEnv (#1844) 321febf (Edu Serra)
• tools: Use golangci-lint config in make go-lint (#1856) e3faa73 (Kalya Subramanian)
• Fix go tidy (#1853) 30efa0f (Edu Serra)
• test(fixtures): Fix typo (#1843) 87d9fb9 (Kalya Subramanian)
• tests/e2e: force always pull in non kind-based deployment (#1849) 622a23e (Edu Serra)
• Merge pull request #1850 from shashankram/security 8ad438f (Shashank Ram)
• golangci: add gosec linter for security checking 426f982 (Shashank Ram)
• tests/e2e: annotate gosec warning related to subprocess 225b1ee (Shashank Ram)
• Annotate gosec warning regarding file inclusion via variable 504e101 (Shashank Ram)
• catalog: fix gosec memory aliasing warning in for loop ee9aa0b (Shashank Ram)
• health: annotate false positive gosec warning 7aab047 (Shashank Ram)
• utils/mtls: annotate false positive gosec warning 5d71da6 (Shashank Ram)
• injector: annotate gosec warning for TlS min version 58aa840 (Shashank Ram)
• Annotate gosec rand generator warning for false positive f925052 (Shashank Ram)
• ref(e2e): consolidate HTTP request host, port, and path into one field (#1838) c9393ef (Jon Huhn)
• CI: Add e2e to CI pipeline (#1828) 814c2c7 (Edu Serra)
• Update to v0.4.2 (#1837) e5c0a79 (Edu Serra)
• Add helm-docs reference updates for chart's README (#1836) 893cf96 (Edu Serra)
• demo: move mesh delete command into the cleanup script (#1831) b91c46b (Shashank Ram)
• test(split): Refactor tests to use two traffic split backends (#1821) c1265f5 (Kalya Subramanian)
• tests(e2e): add vault test (#1824) ecc5dc6 (Jon Huhn)
• tests/e2e: client-server deployment test (#1822) d58d434 (Edu Serra)
• tests/e2e: client-server deployment traffic split test (#1823) 5e9d532 (Edu Serra)
• fix(issue template): update label name (#1826) c0004d1 (Jon Huhn)
• tests/e2e: introduce e2e framework basics, first test (#1801) 8faf189 (Edu Serra)
• cmd/osm-controller: write private key to CA bundle secret (#1816) c9ac771 (Shashank Ram)
• ref(ROADMAP): update ROADMAP with latest info (#1813) 9a51c5b (Michelle Noorali)
• Fix spacing issues on values.yaml file (#1812) d3e9906 (EStork09)
• kubernetes/events: remove unnecessary logging (#1809) 1291e4b (Shashank Ram)
• demo: Fixes (#1627) 10a8cc3 (Delyan Raychev)
• tests(catalog): fix flake in TestListTrafficPolicies (#1808) 5975f2a (Jon Huhn)
• injector: Adding unit tests (#1772) 4352d3f (Delyan Raychev)
• fix(release)...