github Azure/azure-service-operator v2.10.0
on GitHub

latest release: experimental
10 hours ago

Release notes

Breaking changes

MachineLearningServices/WorkspacesCompute properties marked as a SecretReference

The below properties on WorkspacesCompute has been changed from a string to a SecretReference
We always try to avoid breaking changes, but in this case, allowing raw passwords in the spec is a security problem and as such we've
decided to make a break to correct this issue.

Affected Properties:

  • SslConfiguration.Key
  • SslConfiguration.Cert
  • VirtualMachineSshCredentials.PrivateKeyData
  • VirtualMachineSshCredentials.PublicKeyData
  • DatabricksProperties.DatabricksAccessToken

For more details see the breaking changes document.

Upcoming Breaking changes

We've made a number of breaking changes to properties to ensure they correctly use Secrets to store secret values.
To reduce the likelihood of future breaking changes of this type, we are working to improve our automated detection of properties that should be treated as secrets, see PR #4289.

New resources

  • Add support for new machinelearningservices API version v1api20240401 (#4237)
  • Add support for new machinelearningservices Registry resource (#4339)
  • Add support for new kubernetesconfiguration FluxConfiguration resource (#4275)
  • Add support for new cache API version v1api20230801 (#4287)
  • Add support for new network DnsForwardingRuleSetsVirtualNetworkLink resource (#4345)
  • Add support for new network ApplicationSecurityGroup group resource (#4342)
  • Add support for new network ApplicationGatewayWebApplicationFirewallPolicies resource (#4238)

Features

  • Allow the data encryption keys for PostgreSQL Flexible server to be configured via ConfigMap (#4311)

Improvements

  • Allow significantly more Helm chart configuration (#4211, #4207)
  • Remove pre-upgrade check (#4217)
  • Updated numerous dependencies
  • Improve controller pod security context restrictions (#4242)
  • Release lease when the pod is terminated for faster pod shutdown (#4250)
  • Improve the spec and status names for some resources (breaking for Go pkg consumers) (#4341)
  • asoctl: Add some validation of crd-pattern to export template command (#4245)
  • asoctl: Allow reuse of import command via Go code (#4243)
  • asoctl: Allow number of simultaneous workers to be configured (#4257)
  • asoctl: Reduce noise when importing PostgreSQL Flexible Server Configurations (#4279)
  • asoctl: Reduce noise when importing MySQL Flexible Server Configurations (#4282)
  • asoctl: Built-in role definitions should be skiped by import command (#4263)

Bug fixes

  • Fix bug where a log could cause a panic (#4249)
  • Fix bug where ASO's NetworkPolicy didn't allow egress to SqlServer's default port (#4283)
  • Fix bug where ScheduledQueryRules could get stuck reconciling when encountering a BadRequest (#4312)
  • Fix bug where storage account bypass parameter did not accept all allowed values (#4328)
  • Fix bug where some ConfigMap and Secret references could fail to be exported (#4330)
  • asoctl: Fix bug where resource names could be generated which where not valid in Kubernetes (#4244)
  • asoctl: Fix bug where FrontDoor resources couldn't be imported (#4262)
  • asoctl: Fix deadlock and ux bugs (#4270)

Documentation

  • Add missing SQL User documentation (#4230)
  • Add docs for non-podidentity managed identity (#4227)
  • Add some additional documentation about the controller metrics endpoint (#4273)
  • Update redis migration docs with correct redis key (#4297)
  • Add ArgoCD FAQ item (#4309)

Full Changelog: v2.9.0...v2.10.0

Check out latest releases or
releases around Azure/azure-service-operator v2.10.0

Don't miss a new azure-service-operator release

NewReleases is sending notifications on new releases.

Get notifications