This release adds support for the spec.initProvider
API and for the granular management policies alpha feature detailed here.
The generated example manifests from Terraform registry no longer contain the trailing YAML document separator (---
).
The external client for Terraformed
resources now explicitly requeue, up to 20 retries, a reconciliation request if a shared provider has expired. And only after 20 retries it propagates the error down to the managed reconciler. The ttl-expired error message has also been improved to hint at the --provider-ttl
command-line option.
Also status updates and updates to certain annotations (crossplane.io/external-create-failed
& crossplane.io/external-create-pending
) no longer queue reconciliation requests, which decreases the resource utilization of upjet-based providers. This is especially important when errors happen during the external connecter's Create
call, or in general, when an MR is failing to sync successfully.
Breaking API Changes
The API for the management policies alpha feature has a breaking change:
The old API of
spec:
managmentPolicy: FullControl/ObserveOnly/OrphanOnDelete
is replaced by:
spec:
managementPolicies: ["*", "Observe", "Create", "Update", "LateInitialize", "Delete"]
After applying the updated provider, the spec.managementPolicy
field will be removed automatically, and the spec.managementPolicies: ["*"]
will be defaulted. This is equivalent to FullControl
but for resources using ObserveOnly
and OrphanOnDelete
the it means that the behavior changes.
The suggested migration steps from spec.managementPolicy
to spec.managementPolicies
(if the alpha feature is being used) are:
- Pause your resources using non-default management policies before upgrading the provider version
- Noting down which ones those are (could be by adding labels
managementPolicy: x
) - Upgrading the provider version
- Setting the desired management policies on the marked ones (those with label
managementPolicy
)
What's Changed
- Handle build environment variables for proxy access by @bobh66 in #755
- Update docker/setup-qemu-action action to v2 by @renovate in #633
- Update actions/checkout action to v3 by @renovate in #631
- Update actions/setup-go action to v4 by @renovate in #632
- Update docker/setup-buildx-action digest to 16c0bc4 by @renovate in #758
- Update alpine Docker tag to v3.18.2 by @renovate in #630
- CognitoIDP[UserPoolClient]: Avoid underlying provider validation failure by @ytsarev in #762
- feat(auth): disable configuring auth with Secrets by @miloszsobczak in #766
- Fix marketplace link in README.md by @jeanduplessis in #772
- Added queue url to the connection details. Added writeConnectionSecre… by @ItielOlenick in #769
- Update CODEOWNERS file by @turkenf in #777
- Issue 753: Fix examples/sfn/statemachine.yaml to work with Uptest by @svscheg in #764
- Fix issue 726: Missing selector in Broker resource for selecting security groups by @svscheg in #779
- Bugfix/Change not working link by @dverveiko in #788
- Adding backstage configuration file by @Piotr1215 in #781
- fix(efs): fixed kmsKeyId to use ARN instead of ID by @gadiener in #793
- fix(aws_cloudwatch_log_group): skip name_prefix lateinit by @haarchri in #797
- Fix issue716: AWS Cognito User Pool - Verification Message Template configuration conflicts by @svscheg in #790
- Add an event filter with the resource.DesiredStateChanged predicate to filter status updates out by @ulucinar in #789
- Support Granular management policies by @lsviben in #785
- Explicitly queue a reconcile request if a shared provider has expired by @ulucinar in #805
- Fix panic when using custom endpoints by @carpenterm in #804
New Contributors
- @bobh66 made their first contribution in #755
- @miloszsobczak made their first contribution in #766
- @ItielOlenick made their first contribution in #769
- @Piotr1215 made their first contribution in #781
- @gadiener made their first contribution in #793
- @lsviben made their first contribution in #785
- @carpenterm made their first contribution in #804
Full Changelog: v0.37.0...v0.38.0