1.20.0-rc1 (2021-02-22)
Application Connector
- #10687 Upgrade component images for compass-runtime-agent and application-connector (@rafalpotempa)
- #10651 Fix vulnerabilities in application-connectivity (@rafalpotempa)
- #10659 Upgrade k8s client in connector-service (@rafalpotempa)
- #10638 Bump images in application-operator and application-registry (@rafalpotempa)
- #10620 Upgrade k8s and docker in application-operator and -registry (@rafalpotempa)
- #10601 Bump Application Broker image tag version (@montaro)
- #10519 Application Broker new eventing feature flag (@montaro)
- #10551 Add 'privileges' security contexts to app-connector (@rafalpotempa)
- #9921 Adapt application-connector to 'allowPrivilegedContainers: false' policy (@rafalpotempa)
Serverless
- #10686 Bump Serverless runtimes images (@tgorgol)
- #10684 Use Python 3.8.8 in Serverless (@tgorgol)
- #10683 Bump Serverless Python runtime version (@tgorgol)
- #10682 Use temporary custom Python image in Serverless (@tgorgol)
- #10681 Bump serverless images (@aerfio)
- #10641 Bump crypto library in function-controller (@kfurgol)
- #10645 Bump tags for serverless runtimes (@pPrecel)
- #10629 Enable hot-deploy in serverless functions (@pPrecel)
- #10627 Bump serverless images (@m00g3n)
- #10574 Fix function-webhook (@m00g3n)
- #10585 Bump serverless images (@aerfio)
- #10550 Override global configuration on the namespace level - docs (@rJankowski93)
- #10545 Override global configuration on the namespace level (@rJankowski93)
- #10482 Do not create hpa when minReplicas==maxReplicas in function-controller (@aerfio)
- #10565 Function controller logging level (@kfurgol)
- #10517 Speed up serverless build process (@m00g3n)
- #10408 Create mechanism to automate docker config generation for external registries (@m00g3n)
- #10512 Document switching to external registries in the runtime (@kazydek)
- #10481 Update images of function-runtimes (@aerfio)
- #10434 Allow to switch container registry for serverless in the runtime (@tgorgol)
- #10436 Adapt serverless functions to be run in non-privileged mode (@aerfio)
- #10373 Fix UI function envs (@tgorgol)
Service Catalog
Eventing
- #10606 Fix CVE-2021-3121 for the event-sources (@marcobebway)
- #10601 Bump Application Broker image tag version (@montaro)
- #10519 Application Broker new eventing feature flag (@montaro)
- #10567 Add emsPublisherUrlSuffix as a config value (@radufa)
- #10549 Eventing chart fixes (@montaro)
- #10524 Update the images for the Event publishers and controllers (@marcobebway)
- #10546 Clean the Application name from none-alphanumeric characters for the event controller apps (@marcobebway)
- #10523 Clean the application name from none-alphanumeric characters for the publisher apps (@marcobebway)
- #10499 Use new switch
eventing.backend
in eventing Helm charts (@montaro) - #10375 Event Publisher NATS Helm Chart (@montaro)
- #10439 Update the event-publisher-proxy image (@marcobebway)
- #10432 Fix the event-publisher-proxy receiver test to be more resilient (@marcobebway)
- #10416 Added dashboard labels for event-service (@sayanh)
- #10418 Update the event-service image (@marcobebway)
- #10417 Update the apimachinery version for the event-service (@marcobebway)
Security
- #10687 Upgrade component images for compass-runtime-agent and application-connector (@rafalpotempa)
- #10651 Fix vulnerabilities in application-connectivity (@rafalpotempa)
- #10666 Upgrade golang.org/x/crypto in compass-runtime-agent (@rafalpotempa)
- #10683 Bump Serverless Python runtime version (@tgorgol)
- #10682 Use temporary custom Python image in Serverless (@tgorgol)
- #10659 Upgrade k8s client in connector-service (@rafalpotempa)
- #10617 non-priviliged securityContext for all observability containers (@a-thaler)
- #10620 Upgrade k8s and docker in application-operator and -registry (@rafalpotempa)
- #10611 Update k8s library in apiserver-proxy (@Demonsthere)
- #10606 Fix CVE-2021-3121 for the event-sources (@marcobebway)
- #10586 Update cluster-users SC (@Demonsthere)
- #10553 Patch PSP and SC in short-lived jobs (@Demonsthere)
- #10513 Update cluster-essentials to support SecurityContext (@Demonsthere)
- #9921 Adapt application-connector to 'allowPrivilegedContainers: false' policy (@rafalpotempa)
- #10421 Add PSP to Istio (@Demonsthere)
- #10443 Update permissions in istio-installer (@Demonsthere)
- #10438 Add PSP to kyma-operator component (@Demonsthere)
- #10437 Adapt kyma-installer to work as non-root user (@Demonsthere)
- #10379 Add PSP to Api-gateway (@Demonsthere)
- #10420 Add PSP to ORY components (@Demonsthere)
- #10385 Add PSP to apiserver-proxy component (@Demonsthere)
- #10404 Add PSP to Dex component (@Demonsthere)
- #10405 Add PSP to Permission-controller (@Demonsthere)
- #10413 Add PSP to Iam-kubeconfig-service (@Demonsthere)
Service Mesh
- #10421 Add PSP to Istio (@Demonsthere)
- #10443 Update permissions in istio-installer (@Demonsthere)
- #10384 Upgrade Kiali image (@suleymanakbas91)
Installation
- #10664 modifying components for new kyma (@strekm)
- #10513 Update cluster-essentials to support SecurityContext (@Demonsthere)
- #10527 Delete not needed anymore job to resync SKR after Kyma upgrade (@koala7659)
- #10514 xip-patch bump (@strekm)
- #10504 patching coredns cm for local.kyma.dev domain case (@strekm)
- #10438 Add PSP to kyma-operator component (@Demonsthere)
- #10437 Adapt kyma-installer to work as non-root user (@Demonsthere)
- #10410 cluster essentials adding set -e to CRDs installation (@strekm)
Monitoring
- #10617 non-priviliged securityContext for all observability containers (@a-thaler)
- #10570 Use custom Grafana image (@suleymanakbas91)
- #10457 fixed metric expression in minio grafana dashboard (@a-thaler)
Logging
- #10617 non-priviliged securityContext for all observability containers (@a-thaler)
- #10605 Have default memory as its same for both eval and prod profiles (@rakesh-garimella)
- #10623 Multiline parser configuration (@hisarbalik)
- #10500 Add group claim check for Loki (@suleymanakbas91)
- #10557 Do not mount machine ID file by default (@suleymanakbas91)
- #10450 Set log level to warn for Loki (@a-thaler)
- #10462 Add support for secrets in Fluent Bit config (@suleymanakbas91)
- #10463 Add alert and improve the dashboard for Fluent Bit (@suleymanakbas91)
- #10476 Update fluent-bit image tag (@shorim)
- #10284 Refactor Fluent Bit Chart (@suleymanakbas91)
- #10400 Authorization test for logging (@shorim)
Tracing
Console
- #10510 Bump final permission fixes (@Wawrzyn321)
- #10475 Bump console image - show valueFrom serverless envs (@kfurgol)
- #10422 Disable privilege escalations for UI containers (@akucharska)
- #10381 Set default CBS values (@dariadomagala)
- #10373 Fix UI function envs (@tgorgol)
Documentation
- #10672 Remove the old migration guide (@kazydek)
- #10662 Move the supported Kubernetes versions to the prerequisites sections in installation docs (@klaudiagrz)
- #10578 Clean-up the docs after providing general documentation about profiles (@klaudiagrz)
- #10562 Add migration guide for 1.20 (@suleymanakbas91)
- #10415 Document Kyma profiles (@klaudiagrz)
- #10512 Document switching to external registries in the runtime (@kazydek)
- #10479 Add docs about security measures in Functions (@aerfio)
- #10472 Rename API Packages to API Bundles and fix the link to their documentation (@majakurcius)
- #10383 Update TLS certificates document (@superojla)
CI
- #10649 Serverless increase mem limit (@dekiel)
- #10648 Istio increase mem limits (@dekiel)
- #10642 Fluent bit increase mem limits (@dekiel)
- #10547 Junit reports in fast-integration tests (@aerfio)
- #10584 Add GHAction Kyma release (@Ressetkk)
- #10468 Add VERSION file to Kyma repo (@Ressetkk)
- #10388 Fast-integration tests with installation via nodejs (@aerfio)
- #10323 Introduce nodejs kyma installer library for fast-integration tests (@aerfio)
Committers: 48
- Adam Wałach (@adamwalach)
- Agata Kucharska (@akucharska)
- Ahmed ElRefaey (@montaro)
- Andreas Thaler (@a-thaler)
- Damian Badura (@dbadura)
- Daria Domagała (@dariadomagala)
- Filip Strózik (@pPrecel)
- Franciszek Pogodziński (@franpog859)
- Hisar Balik (@hisarbalik)
- Jakub Błaszczyk (@Demonsthere)
- Jakub Dziechciewicz (@kubadz)
- Julia Iskierka (@colunira)
- Justyna Sztyper (@superojla)
- Kamil Kasperski (@Ressetkk)
- Kamil Sputo (@ksputo)
- Karol Furgoł (@kfurgol)
- Karol Jaksik (@kjaksik)
- Karolina Zydek (@kazydek)
- Klaudia Grzondziel (@klaudiagrz)
- Krystian Cieślik (@crabtree)
- Maja Kurcius (@majakurcius)
- Marco Bebway (@marcobebway)
- Mateusz Puczyński (@aerfio)
- Michal Kempski (@polskikiel)
- Michał Jakóbczyk (@mjakobczyk)
- Mostafa Shorim (@shorim)
- Piotr (@pbochynski)
- Piotr Halama (@Halamix2)
- Piotr Jasiak (@jasiu001)
- Piotr Miśkiewicz (@piotrmiskiewicz)
- Piotr Wawrzyńczyk (@Wawrzyn321)
- Przemek Pokrywka (@dekiel)
- Przemyslaw Golicz (@koala7659)
- Radu Fantaziu (@radufa)
- Rafał Jankowski (@rJankowski93)
- Rafał Potempa (@rafalpotempa)
- Rakesh Garimella (@rakesh-garimella)
- Sayan Hazra (@sayanh)
- Stanislav Khalash (@skhalash)
- Suleyman Akbas (@suleymanakbas91)
- Tobias Schuhmacher (@tobiscr)
- Tomasz Gorgol (@tgorgol)
- Tomasz Smelcerz (@Tomasz-Smelcerz-SAP)
- Wojciech Sołtys (@Sawthis)
- @NHingerl
- @ralikio
- @strekm
- marcin witalis (@m00g3n)