What's Changed
- VW: Fix permission checking in
rootby @davidfestal in #1686 - Add more logging by @ncdc in #1692
- make internal apis available for apiexport permission claims by @robinbobbitt in #1676
- reconciler/{apis,scheduling,tenancy}: use structured, contextual logging by @stevekuznetsov in #1695
- Syncer: refuse to work on sync target UID discrepancy. by @jmprusi in #1687
- Completely cleanup support of personal workspaces in top-level organizations by @davidfestal in #1685
- Makefile: set UNSAFE_E2E_HACK_DISABLE_ETCD_FSYNC=true in all e2e tests by @sttts in #1704
- *: remove member verb by @s-urbaniak in #1711
- Replace clusterworkspaces/{content,workspace} subresources in RBAC with workspaces{/content,} by @sttts in #1712
- virtual/workspace: use real authorizer by @sttts in #1710
- server: hardens the remote shard registration by @p0lyn0mial in #1700
- pkg/virtual/syncer/builder: fix incorrect comment by @jmprusi in #1713
- Add --batteries-included by @sttts in #1688
- updates the tests building a list of VirtualWorkspaceURLs assigned to ClusterWorkspaceShards by @p0lyn0mial in #1699
- exclude authn/authz apis from claimable list by @robinbobbitt in #1716
- logging: use kind-prefixed fields instead of string-formatting by @stevekuznetsov in #1705
- Fixes log line formatting by @m1kola in #1718
- Part 14: scope clients in tests/e2e/framework by @varshaprasad96 in #1709
- Remove the redirect from shard to virtual workspaces by @davidfestal in #1706
- Add goreleaser by @sttts in #1721
- pkg/reconciler/workload: move to structured, contextual logging by @stevekuznetsov in #1719
- goreleaser: increase timeout and reduce archs by @sttts in #1731
- goreleaser: add write permissions to GITHUB_TOKEN by @sttts in #1735
- Dockerfile: add kubectl by @sttts in #1737
- logging: stop using formatted strings for object identifiers by @stevekuznetsov in #1730
- Part 13: Scope clients in test/e2e/virtual by @varshaprasad96 in #1707
- Refactor permission claim labels reconciler by @shawn-hurley in #1617
- hack: verify-go-version.sh in all the repo by @sttts in #1738
- cli/workspace: don't get Workspace in parent on absolute use, but check inside the workspace by @sttts in #1726
- Update Slack channel name by @ncdc in #1744
- virtual: stutter less in constructors by @stevekuznetsov in #1747
- syncer: handle only the k8s export by @stevekuznetsov in #1748
- Permission claim fixes / cleanups by @sttts in #1745
- Part 15: Scope clients in test/e2e/fixtures by @varshaprasad96 in #1732
- the identity provider gets data from a local cm too by @p0lyn0mial in #1727
- Add ppc64le support by @snehakpersistent in #1757
- adds ApiExportIdentityProviderController by @p0lyn0mial in #1725
- docs/syncer.md: add missing instructions by @s-urbaniak in #1746
- .github: fix community meeting link by @sttts in #1766
- Generate CRD defaults for known types by @lionelvillard in #1769
- Start centralizing APIExport indexers by @ncdc in #1762
- Fix image build by @ncdc in #1771
- Add content, toplevel audit annotations by @ncdc in #1767
- Generic helper for consistent post-reconcile spec and status updates by @csams in #1754
- Set service protocol defaults by @lionelvillard in #1783
- Add missing autoscaling single-word group name by @lionelvillard in #1785
- bootstrap: create the default ns in the system:shard ws by @p0lyn0mial in #1782
- Ignore .goreleaser.yaml in GH CI by @ncdc in #1789
- cache-server scaffolding by @p0lyn0mial in #1790
- wires the APIIdentityCacheController by @p0lyn0mial in #1781
- Introduce staticcheck linter for deprecations by @varshaprasad96 in #1798
- Fix schemacompat npe by @ncdc in #1802
- ddsif: exclude v1beta1 Workspaces by @ncdc in #1805
- Fix bug allowing metadata edits to e.g. creationTimestamp for built-in types as CRDs by @ncdc in #1809
- Fix leftover resource when deleting a namespace by @jmprusi in #1743
- synctarget export controller by @qiujian16 in #1624
- Change issue template to newer issue forms by @avinal in #1196
- cache-server: starts empty apiextentions-server by @p0lyn0mial in #1811
- controllers: avoid double copy of the rest config by @p0lyn0mial in #1780
- pkg/server: use structured, contextual logging by @stevekuznetsov in #1797
- Part 18: Scope ingress controller by @varshaprasad96 in #1817
- authorization: add system:masters-only deep SAR via X-Kcp-Internal-Deep-SubjectAccessReview header by @s-urbaniak in #1739
- Part 19: Scoped cmd/front-proxy by @varshaprasad96 in #1819
- e2e/watchcache: remove ddsif testing by @ncdc in #1761
- cache-server: expose apiresourceschemas and apiexports by @p0lyn0mial in #1815
- bump to the latest kube level by @p0lyn0mial in #1832
- various: logging cleanups by @ncdc in #1837
- Fix GH issue template labels by @ncdc in #1825
- Watch cache: use resource.group for object type in log messages and metrics by @ncdc in #1834
- etcd3: include GroupResource in logs/metrics by @ncdc in #1839
- Fix NewNamespaceLocator param name by @ncdc in #1844
- Add exported claims by @shawn-hurley in #1831
- Lint for contextual logging by @nrb in #1835
- Cluster scoped quota by @ncdc in #1846
- Adds E2E test to verify Audit logs contain workspace annotation by @bipuladh in #1830
- sharded-test-server: support standalone vw server by @ncdc in #1800
- cache-server: set the storage prefix to /cache by @p0lyn0mial in #1850
- deletors: skip projected resources by @ncdc in #1860
- e2e: save data in some temporary directory by @stevekuznetsov in #1861
- Add more e2e test cases for permission claims by @ncdc in #1864
- pkg/authorization: add audit logging by @s-urbaniak in #1833
- sharded-test-server: log the full command line with parameters by @pkprzekwas in #1869
- Syncer: Adds validation to make --sync-target-uid flag required by @jmprusi in #1867
- home-ws: wait for tenancy binding readiness by @ncdc in #1872
- cache-server: provides client-related functionality for dealing with a shard on the HTTP level by @p0lyn0mial in #1853
- modified cmd.Use for kubectl-workspaces by @apoorvajagtap in #1756
- bump to the latest kube level by @p0lyn0mial in #1851
- Makefile: add update-contextual-logging by @sttts in #1876
- resource controller: fix NPE by @ncdc in #1880
- *: make import aliases consistent by @stevekuznetsov in #1881
- KCP: stop messing with the RawPath by @p0lyn0mial in #1883
- cache-server: adds WithShardScope HTTP filter by @p0lyn0mial in #1841
- virtual: Support SSA patch requests for non-existent objects by @astefanutti in #1854
- virtual/apiexport: serve wildcard apibindings by @sttts in #1563
- Only serve compatible APIs for syncTarget by @qiujian16 in #1828
- Syncer docs: adds a guide on running the syncer locally and updates slightly outdated doc by @m1kola in #1775
- bump strategic-merge-diff to 4.2.3 by @aojea in #1799
- Delete downstream namespace on upstream deletion by @jmprusi in #1827
- Update usage text for virtual-workspaces to be accurate by @hasheddan in #1884
- virtual/workspaces: do not filter if able to get all by @sttts in #1776
New Contributors
- @m1kola made their first contribution in #1718
- @snehakpersistent made their first contribution in #1757
- @lionelvillard made their first contribution in #1769
- @nrb made their first contribution in #1835
- @bipuladh made their first contribution in #1830
- @hasheddan made their first contribution in #1884
Full Changelog: v0.7.0...v0.8.0