changes since v4.3.1
✨ New Features
- (go/v4): Upgrade golangci-lint from
v1.61.0tov1.62.2(#4448) - (go/v4): Add support for go
1.23(#4446) - (go/v4): Upgraded
controller-genfromv0.16.4tov0.17.0. (#4254, #4457) - (go/v4): Upgrade controller-runtime
v0.19.1tov0.19.4(#4482) - (kustomize/v2): Kubebuilder scaffolds rules under
config/rbacto help cluster admins manage the permissions for their solutions. The comments and explanations added to these scaffolds have been improved. Furthermore, it now includes admin-specific rules to make it easier for cluster admins to work with features like aggregation (e.g.,rbac.authorization.k8s.io/aggregate-to-admin). More info. (#4299) - (go/v4): Added configurations for securing Metrics Server and Prometheus integration using TLS and certificates managed by CertManager, enabling users to align their solutions with best practices, enhance security, and achieve production readiness. (#4243, #4312, #4400)
- (go/v4): Added webhook CertWatcher and flags for custom certificate configuration #4429)
- (go/v4): Ensures that the manager container adheres to Restricted Pod Security Standards and can operate in namespaces labelled for restricted policies, following best practices. (#4251).
- (go/v4): Ensure that e2e test scaffolds will validate that the enforcement is prepared to ensure that all can run as restricted. See that the curl pod to use the metrics was updated and changed (#4435)
- (go/v4): Improved developer experience and maintainability by updating actions and the Makefile to utilize
go.modfor Go version management and automating ENVTEST versioning by retrieving the version directly fromgo.mod, based on thecontroller-runtimedependency in use. (#4385) (#4401) - (helm/v1-alpha): Introduced the new
helm.kubebuilder.io/v1-alphaplugin to enable users to distribute solutions using Helm Charts. Example scaffolds are available under testdata/project-v4-with-plugins/dist/chart. (#4227, #4315, #4350, #4351, #4356, #4357, #4371, #4377, #4383, #4380, #4373, #4386, #4375, #4388, #4406, #4399, #4419,#4451). IMPORTANT: Thehelm.kubebuilder.io/v1-alphais an experimental initial version. (More info) - (go/v4,kustomize/v2): Add
app.kubernetes.io/namelabel to allow more precise configurations (#4437) - (go/v4): Standardize the webhook and controller test suites (#4447)
- (go/v4): Add new makefile target to check and validate the linter config (#4462)
- (go/v4): Added Hub and Spoke support for conversion webhooks. Developers can now scaffold webhooks for resource conversion more easily. (#4254) Example:
# Create API to test conversion from v1 to v2 $ kubebuilder create api --group crew --version v1 --kind FirstMate --controller=true --resource=true --make=false $ kubebuilder create api --group crew --version v2 --kind FirstMate --controller=false --resource=true --make=false $ kubebuilder create webhook --group crew --version v1 --kind FirstMate --conversion --make=false --spoke v2
🐛 Bug Fixes
- (go/v4): Fixed an issue where GitHub Actions workflows were overwritten by commands, ensuring users can now customize workflows freely without their changes being overridden. (#4379)
- (go/v4): Resolved linting issues in generated scaffolds. (#4384)
- (kustomize/v2, go/v4): Fixed CA injection for conversion webhooks. Previously, the CA injection patch was not accurate; The injection should occur only for CRDs, which are conversion types and not for all CRDs when a webhook with
--conversionoption is scaffolded. The issue goes back to release3.5.0(where to replace vars for replacements was done and thekustomize/v2-alphaplugin was introduced). It was not previously found, likely because conversion webhook features were incomplete, which is addressed in this release. Now, users can use the tool to generate the conversion webhooks properly (#4254). (#4282) - (go/v4): Ensure that schemas are added before starting EnvTest-based suite tests for webhooks and controllers (#4466)
- (go/v4): e2e-tests: cleanup by removing calls to call make generate and manifests (#4471)
What's Changed
- ✨ Adds a patch to configure ServiceMonitor to ensure TLS verification using cert-manager certificates by @camilamacedo86 in #4243
- ✨ Include admin ClusterRole and add it to the scaffold by @damsien in #4299
- ✨ (go/v4): Enable
seccompProfile.type: RuntimeDefaultby default in scaffolded projects by @camilamacedo86 in #4251 - ✨ Add helm plugin to distribute projects by @camilamacedo86 in #4227
- 📖 Proposal: New Plugin to allow project distribution via helm charts by @dashanji in #3632
- ✨ Follow-up to PR #4243: Limit permissions to access the metrics-server-cert secret by @camilamacedo86 in #4312
- 📖 doc: update roadmap for 2024 by @camilamacedo86 in #4313
- ✨ (helm/v1-alpha): add missed info to chart values by @camilamacedo86 in #4315
- 📖 Update README.md - Fix typo by @monteiro-renato in #4318
- 📖 Bump sigs.k8s.io/kubebuilder/v4 from 4.3.0 to 4.3.1 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @dependabot in #4322
- 📖: Fix typo in CONTRIBUTING-ROLES.md by @monteiro-renato in #4324
- 📖 Fix readme wrong url your-own-plugin by @damsien in #4325
- 📖 doc: add .github/SECURITY.md with further information by @camilamacedo86 in #4253
- 📖: update testdata reference by @emmanuel-ferdman in #4328
- 📖 : Fix typo in contributing roles by @damsien in #4329
- 🌱 : Fix
make remove-spacesfor GNU system by @damsien in #4330 - 🌱 : Revert Fix
make remove-spacesfor GNU system" by @camilamacedo86 in #4331 - ✨ Upgrade controller-gen from v0.16.4 to v0.16.5 by @camilamacedo86 in #4332
- 📖 Fix incorrect link address by @LJTian in #4333
- 📖 Docs: removed typeDegradedMemcached and comment by @vtrenton in #4335
- 📖 small fixes to extending_cli_features_and_plugins.md by @monteiro-renato in #4336
- 📖 Fix broken reference to project-file instead of project-file-config by @monteiro-renato in #4337
- 📖 small fixes to extending_cli_features_and_plugins.md by @monteiro-renato in #4343
- 📖 fix : typo in README.md by @monteiro-renato in #4349
- 📖 Fix: typo in external-plugins.md by @monteiro-renato in #4345
- 📖 small fixes to extending_cli_features_and_plugins.md by @monteiro-renato in #4338
- 📖 Fix: typo in external-plugins.md by @monteiro-renato in #4347
- 🐛 fix: (helm/v1-alpha): Remove extra space before the labels section by @monteiro-renato in #4350
- 🐛 fix: (helm/alpha-v1): Fix rendered value for app.kubernetes.io/name by @monteiro-renato in #4351
- 📖 Fix: missing url to plugin-utils in extending_cli_features_and_plug… by @monteiro-renato in #4340
- 📖 Fix: broken urls in testing-plugins.md by @monteiro-renato in #4348
- 📖 update metrics documentation to bring more clarity by @camilamacedo86 in #4358
- 🌱 fix: run make generate to fix ci by @monteiro-renato in #4353
- 📖 follow up of update metrics documentation to bring more clarity #4358 by @camilamacedo86 in #4359
- 📖 add notice to make bring awareness to the need to move away and no longer use old images provide via the registry by @camilamacedo86 in #4363
- 📖 Readme: Make more clear notice about kube-rbac-proxy by @camilamacedo86 in #4364
- 📖 Update README.md - Fix layout from notice by @camilamacedo86 in #4365
- 📖 nit - remove spaces by @camilamacedo86 in #4366
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 by @dependabot in #4367
- 🌱 fix file.Template to machinery.Template in the comments by @monteiro-renato in #4339
- 🐛 fix: (helm/v1alpha1): add missing replicas field to the Deployment generated by @monteiro-renato in #4356
- 🐛 fix: (helm/v1alpha1) add missing name prefix and namespace to leader-election-role and leader-election-rolebinding by @monteiro-renato in #4357
- 🐛 fix: (helm/v1alpha1): env config should not be dependent on DeployImages by @monteiro-renato in #4371
- 📖 Update discontinue_usage_of_kube_rbac_proxy.md - Typos/grammar fixes and use the right link for the new location of the images by @camilamacedo86 in #4374
- 🌱 Make
make remove-spacescompatible with GNU and MAC OS X system by @damsien in #4354 - 📖 Fix broken plugin URL in getting-started.md by @pengqun in #4372
- 🐛 (helm/v1alpha): fix the default value of the force flag by @camilamacedo86 in #4375
- 📖 Fix: broken url in extending_cli_features_and_plugins.md by @monteiro-renato in #4341
- 📖 Fix: broken url in go-v4-plugin.md by @monteiro-renato in #4352
- 📖 Fix: broken URL in external-plugins.md by @monteiro-renato in #4346
- ✨ (helm/v1alpha1): add GitHub action to make it easier to validate the chart generates by @camilamacedo86 in #4377
- 🐛 fix: ensure that GitHub actions are not overwritten by @camilamacedo86 in #4379
- 📖 Fix: broken url in extending_cli_features_and_plugins.md by @monteiro-renato in #4344
- 📖 remove duplicated entry [plugin-subc], [plugin-sub-command] is the one being used by @monteiro-renato in #4342
- 🐛 : (go/v4) fixes based on golangci-lint run -v by @monteiro-renato in #4384
- 📖 Update roadmap_2024.md - Latest Status - Nov 2024 by @camilamacedo86 in #4334
- 🐛 fix: (helm/v1alpha1): install the Prometheus-operator CRDs before installing a chart which configures a ServiceMonitor by @monteiro-renato in #4383
- ✨ feat: (helm/v1alpha1): Allow ServiceAccount annotations to be configurable by @monteiro-renato in #4380
- ✨ feat: (helm/v1alpha1): Allow extra pod labels to be configured by @monteiro-renato in #4373
- ✨ (helm/v1alpha1): Add a step to render the chart in the GitHub Action by @monteiro-renato in #4386
- ✨ (go/v4): Update actions to use go.mod for Go version management by @camilamacedo86 in #4385
- 🐛 fix: (helm/v1alpha1): Add missing prefixes in various k8s resources by @monteiro-renato in #4388
- 🌱 remove everettraven from reviewers by @everettraven in #4389
- 🌱 Bump github.com/onsi/gomega from 1.35.1 to 1.36.0 by @dependabot in #4392
- 🌱 fix: centralize plugin key declaration by @mateusoliveira43 in #4390
- ✨ (go/v4): Add Hub and Spoke for conversion webhooks by @camilamacedo86 in #4254
- 🐛 fix: (helm/v1alpha1): Use the ServiceAccount name defined in the values.yaml by @wjiec in #4406
- ✨ feat: Automate ENVTEST version from go.mod by @camilamacedo86 in #4401
- ✨ (deployimage/v1alpha1): Improve error handling and pointer usage for value setting in controller by @mateusoliveira43 in #4399
- 🌱 Bump golang.org/x/tools from 0.27.0 to 0.28.0 by @dependabot in #4409
- 📖 doc: validating and parsing CRD fields by @mateusoliveira43 in #4396
- 📖 Update getting-started.md by @dsolerh in #4413
- ✨ (go/v4): add support to inject conversion webhook for the marker +kubebuilder:scaffold:e2e-webhooks-checks by @mateusoliveira43 in #4407
- 📖 [ISSUE-4414] Fix typo in getting-started.md by @jameskim0987 in #4415
- 🐛 (kustomize/v2, go/v4): Fix ca injection for conversion webhooks by @camilamacedo86 in #4282
- 📖 [ISSUE-4417] Fix minor hyperlink formatting in
emptymain.goby @jameskim0987 in #4418 - 🐛 fix: (helm/v1alpha1): remove redundant condition in if clause by @monteiro-renato in #4419
- 🌱 Bump github.com/onsi/gomega from 1.36.0 to 1.36.1 by @dependabot in #4421
- 🌱Build the kubebuilder binary before and use it to regenerate the helm chart by @monteiro-renato in #4420
- ✨ feat: add webhook CertWatcher and flags for custom certificate configuration by @camilamacedo86 in #4429
- ✨ (go/v4): feat/fix: enhance cert-manager integration for metrics endpoints (follow-up to PR #4243) by @camilamacedo86 in #4400
- 🌱 : Ensure that golangci-lint CI version is passed for the templates by @mateusoliveira43 in #4432
- 📖 Fix: move v2vsv3.md to the legacy folder and update references by @monteiro-renato in #4431
- ✨ feat: enforce restricted Pod Security Context Compliance in testing by @lunarwhite in #4435
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.22.0 to 2.22.1 by @dependabot in #4436
- 🌱 add better description to MarshalYAML and UnmarshalYAML methods by @fengshunli in #4438
- ✨ (kustomize/v2) feat: add app.kubernetes.io/name label to allow more precise configurations by @wjiec in #4437
- 🌱 Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 by @dependabot in #4440
- 📖improve tutorial test docs by @mateusoliveira43 in #4443
- 🌱improve Ginkgo/Gomega test style by @Sijoma in #4426
- 🌱 (ci): Improve GitHub Action to linter samples under testdata by @camilamacedo86 in #4444
- ✨ (go/v4): Standardize the webhook and controller test suites by @mateusoliveira43 in #4447
- ✨ Upgrade golangci-lint from v1.61.0 to v1.62.2 by @camilamacedo86 in #4448
- 📖 (doc): Add "Kubebuilder Project Roadmap 2025" by @camilamacedo86 in #4316
- ✨ Upgrade scaffolds to use go 1.23 by @camilamacedo86 in #4446
- 🌱 e2e - ensure that error from command is checked by @camilamacedo86 in #4452
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 by @dependabot in #4455
- 🌱 fix: use Go version from go.mod file in CI by @mateusoliveira43 in #4454
- 🌱 e2e tests improve assertions by simplify style of checks by @camilamacedo86 in #4456
- ✨ Upgrade controller-gen from v0.16.5 to v0.17.0 by @camilamacedo86 in #4457
- 🌱 Add lint-config target to validate config and fix issues faced by @camilamacedo86 in #4458
- 🌱 Enable lint check empty-block and fix issues by @camilamacedo86 in #4459
- 🌱 Enable var-naming lint and fix issues for Kubebuilder CLI by @camilamacedo86 in #4460
- 🌱 Enable if-return linter check and fix issues for Kubebuilder CLI by @camilamacedo86 in #4461
- ✨ (go/v4): Add new makefile target to check and validate the linter config by @camilamacedo86 in #4462
- 🌱 Enable the lint to check exported methods and fix issues by @camilamacedo86 in #4463
- 🐛 (go/v4) Ensure that schemas are added before starting EnvTest-based suite tests for webhooks and controllers by @mateusoliveira43 in #4466
- 🌱 Enable govet settings and fix the issue found by @mateusoliveira43 in #4465
- 🌱 simplify E2E Book Samples job by @mateusoliveira43 in #4469
- 🌱 fix: remaining Go upgrades by @mateusoliveira43 in #4470
- 🌱 fix: remove unused nolint comments by @mateusoliveira43 in #4468
- 🌱 Bump golang.org/x/tools from 0.28.0 to 0.29.0 by @dependabot in #4473
- 🐛 e2e-tests: cleanup by removing calls to call make generate and manifests by @mateusoliveira43 in #4471
- 🌱 Bump github.com/spf13/afero from 1.11.0 to 1.12.0 by @dependabot in #4480
- ✨ Upgrade controller-runtime v0.19.1 to v0.19.4 by @camilamacedo86 in #4482
- 🐛 (helm/v1alpha1) - fix webhooks generation by removing data from helm chart values by @camilamacedo86 in #4451
New Contributors
- @emmanuel-ferdman made their first contribution in #4328
- @LJTian made their first contribution in #4333
- @pengqun made their first contribution in #4372
- @wjiec made their first contribution in #4406
- @dsolerh made their first contribution in #4413
- @jameskim0987 made their first contribution in #4415
Full Changelog: v4.3.1...v4.4.0