kyma-project/kyma 1.20.0-rc3

on GitHub

1.20.0-rc1 (2021-02-22)

Application Connector

• #10687 Upgrade component images for compass-runtime-agent and application-connector (@rafalpotempa)
• #10651 Fix vulnerabilities in application-connectivity (@rafalpotempa)
• #10659 Upgrade k8s client in connector-service (@rafalpotempa)
• #10638 Bump images in application-operator and application-registry (@rafalpotempa)
• #10620 Upgrade k8s and docker in application-operator and -registry (@rafalpotempa)
• #10601 Bump Application Broker image tag version (@montaro)
• #10519 Application Broker new eventing feature flag (@montaro)
• #10551 Add 'privileges' security contexts to app-connector (@rafalpotempa)
• #9921 Adapt application-connector to 'allowPrivilegedContainers: false' policy (@rafalpotempa)

Serverless

• #10686 Bump Serverless runtimes images (@tgorgol)
• #10684 Use Python 3.8.8 in Serverless (@tgorgol)
• #10683 Bump Serverless Python runtime version (@tgorgol)
• #10682 Use temporary custom Python image in Serverless (@tgorgol)
• #10681 Bump serverless images (@aerfio)
• #10641 Bump crypto library in function-controller (@kfurgol)
• #10645 Bump tags for serverless runtimes (@pPrecel)
• #10629 Enable hot-deploy in serverless functions (@pPrecel)
• #10627 Bump serverless images (@m00g3n)
• #10574 Fix function-webhook (@m00g3n)
• #10585 Bump serverless images (@aerfio)
• #10550 Override global configuration on the namespace level - docs (@rJankowski93)
• #10545 Override global configuration on the namespace level (@rJankowski93)
• #10482 Do not create hpa when minReplicas==maxReplicas in function-controller (@aerfio)
• #10565 Function controller logging level (@kfurgol)
• #10517 Speed up serverless build process (@m00g3n)
• #10408 Create mechanism to automate docker config generation for external registries (@m00g3n)
• #10512 Document switching to external registries at runtime (@kazydek)
• #10481 Update images of function-runtimes (@aerfio)
• #10434 Allow to switch container registry for serverless in the runtime (@tgorgol)
• #10436 Adapt serverless functions to be run in non-privileged mode (@aerfio)
• #10373 Fix UI function envs (@tgorgol)

Service Catalog

• #10519 Application Broker new eventing feature flag (@montaro)

Eventing

• #10606 Fix CVE-2021-3121 for the event-sources (@marcobebway)
• #10601 Bump Application Broker image tag version (@montaro)
• #10519 Application Broker new eventing feature flag (@montaro)
• #10567 Add emsPublisherUrlSuffix as a config value (@radufa)
• #10549 Eventing chart fixes (@montaro)
• #10524 Update the images for the Event publishers and controllers (@marcobebway)
• #10546 Clean the Application name from none-alphanumeric characters for the event controller apps (@marcobebway)
• #10523 Clean the application name from none-alphanumeric characters for the publisher apps (@marcobebway)
• #10499 Use new switch eventing.backend in eventing Helm charts (@montaro)
• #10375 Event Publisher NATS Helm Chart (@montaro)
• #10439 Update the event-publisher-proxy image (@marcobebway)
• #10432 Fix the event-publisher-proxy receiver test to be more resilient (@marcobebway)
• #10416 Added dashboard labels for event-service (@sayanh)
• #10418 Update the event-service image (@marcobebway)
• #10417 Update the apimachinery version for the event-service (@marcobebway)

Security

• #10687 Upgrade component images for compass-runtime-agent and application-connector (@rafalpotempa)
• #10651 Fix vulnerabilities in application-connectivity (@rafalpotempa)
• #10666 Upgrade golang.org/x/crypto in compass-runtime-agent (@rafalpotempa)
• #10683 Bump Serverless Python runtime version (@tgorgol)
• #10682 Use temporary custom Python image in Serverless (@tgorgol)
• #10659 Upgrade k8s client in connector-service (@rafalpotempa)
• #10617 non-priviliged securityContext for all observability containers (@a-thaler)
• #10620 Upgrade k8s and docker in application-operator and -registry (@rafalpotempa)
• #10611 Update k8s library in apiserver-proxy (@Demonsthere)
• #10606 Fix CVE-2021-3121 for the event-sources (@marcobebway)
• #10586 Update cluster-users SC (@Demonsthere)
• #10553 Patch PSP and SC in short-lived jobs (@Demonsthere)
• #10513 Update cluster-essentials to support SecurityContext (@Demonsthere)
• #9921 Adapt application-connector to 'allowPrivilegedContainers: false' policy (@rafalpotempa)
• #10421 Add PSP to Istio (@Demonsthere)
• #10443 Update permissions in istio-installer (@Demonsthere)
• #10438 Add PSP to kyma-operator component (@Demonsthere)
• #10437 Adapt kyma-installer to work as non-root user (@Demonsthere)
• #10379 Add PSP to Api-gateway (@Demonsthere)
• #10420 Add PSP to ORY components (@Demonsthere)
• #10385 Add PSP to apiserver-proxy component (@Demonsthere)
• #10404 Add PSP to Dex component (@Demonsthere)
• #10405 Add PSP to Permission-controller (@Demonsthere)
• #10413 Add PSP to Iam-kubeconfig-service (@Demonsthere)

Service Mesh

• #10421 Add PSP to Istio (@Demonsthere)
• #10443 Update permissions in istio-installer (@Demonsthere)
• #10384 Upgrade Kiali image (@suleymanakbas91)

Installation

• #10664 modifying components for new kyma (@strekm)
• #10513 Update cluster-essentials to support SecurityContext (@Demonsthere)
• #10527 Delete not needed anymore job to resync SKR after Kyma upgrade (@koala7659)
• #10514 xip-patch bump (@strekm)
• #10504 patching coredns cm for local.kyma.dev domain case (@strekm)
• #10438 Add PSP to kyma-operator component (@Demonsthere)
• #10437 Adapt kyma-installer to work as non-root user (@Demonsthere)
• #10410 cluster essentials adding set -e to CRDs installation (@strekm)

Monitoring

• #10617 non-priviliged securityContext for all observability containers (@a-thaler)
• #10570 Use custom Grafana image (@suleymanakbas91)
• #10457 fixed metric expression in minio grafana dashboard (@a-thaler)

Logging

• #10617 non-priviliged securityContext for all observability containers (@a-thaler)
• #10605 Have default memory as its same for both eval and prod profiles (@rakesh-garimella)
• #10623 Multiline parser configuration (@hisarbalik)
• #10500 Add group claim check for Loki (@suleymanakbas91)
• #10557 Do not mount machine ID file by default (@suleymanakbas91)
• #10450 Set log level to warn for Loki (@a-thaler)
• #10462 Add support for secrets in Fluent Bit config (@suleymanakbas91)
• #10463 Add alert and improve the dashboard for Fluent Bit (@suleymanakbas91)
• #10476 Update fluent-bit image tag (@shorim)
• #10284 Refactor Fluent Bit Chart (@suleymanakbas91)
• #10400 Authorization test for logging (@shorim)

Tracing

• #10617 non-priviliged securityContext for all observability containers (@a-thaler)

Console

• #10510 Bump final permission fixes (@Wawrzyn321)
• #10475 Bump console image - show valueFrom serverless envs (@kfurgol)
• #10422 Disable privilege escalations for UI containers (@akucharska)
• #10381 Set default CBS values (@dariadomagala)
• #10373 Fix UI function envs (@tgorgol)

Documentation

• #10672 Remove the old migration guide (@kazydek)
• #10662 Move the supported Kubernetes versions to the prerequisites sections in installation docs (@klaudiagrz)
• #10578 Clean-up the docs after providing general documentation about profiles (@klaudiagrz)
• #10562 Add migration guide for 1.20 (@suleymanakbas91)
• #10415 Document Kyma profiles (@klaudiagrz)
• #10512 Document switching to external registries at runtime (@kazydek)
• #10479 Add docs about security measures in Functions (@aerfio)
• #10472 Rename API Packages to API Bundles and fix the link to their documentation (@majakurcius)
• #10383 Update TLS certificates document (@superojla)

CI

• #10649 Serverless increase mem limit (@dekiel)
• #10648 Istio increase mem limits (@dekiel)
• #10642 Fluent bit increase mem limits (@dekiel)
• #10547 Junit reports in fast-integration tests (@aerfio)
• #10584 Add GHAction Kyma release (@Ressetkk)
• #10468 Add VERSION file to Kyma repo (@Ressetkk)
• #10388 Fast-integration tests with installation via nodejs (@aerfio)
• #10323 Introduce nodejs kyma installer library for fast-integration tests (@aerfio)

Committers: 48

• Adam Wałach (@adamwalach)
• Agata Kucharska (@akucharska)
• Ahmed ElRefaey (@montaro)
• Andreas Thaler (@a-thaler)
• Damian Badura (@dbadura)
• Daria Domagała (@dariadomagala)
• Filip Strózik (@pPrecel)
• Franciszek Pogodziński (@franpog859)
• Hisar Balik (@hisarbalik)
• Jakub Błaszczyk (@Demonsthere)
• Jakub Dziechciewicz (@kubadz)
• Julia Iskierka (@colunira)
• Justyna Sztyper (@superojla)
• Kamil Kasperski (@Ressetkk)
• Kamil Sputo (@ksputo)
• Karol Furgoł (@kfurgol)
• Karol Jaksik (@kjaksik)
• Karolina Zydek (@kazydek)
• Klaudia Grzondziel (@klaudiagrz)
• Krystian Cieślik (@crabtree)
• Maja Kurcius (@majakurcius)
• Marco Bebway (@marcobebway)
• Mateusz Puczyński (@aerfio)
• Michal Kempski (@polskikiel)
• Michał Jakóbczyk (@mjakobczyk)
• Mostafa Shorim (@shorim)
• Piotr (@pbochynski)
• Piotr Halama (@Halamix2)
• Piotr Jasiak (@jasiu001)
• Piotr Miśkiewicz (@piotrmiskiewicz)
• Piotr Wawrzyńczyk (@Wawrzyn321)
• Przemek Pokrywka (@dekiel)
• Przemyslaw Golicz (@koala7659)
• Radu Fantaziu (@radufa)
• Rafał Jankowski (@rJankowski93)
• Rafał Potempa (@rafalpotempa)
• Rakesh Garimella (@rakesh-garimella)
• Sayan Hazra (@sayanh)
• Stanislav Khalash (@skhalash)
• Suleyman Akbas (@suleymanakbas91)
• Tobias Schuhmacher (@tobiscr)
• Tomasz Gorgol (@tgorgol)
• Tomasz Smelcerz (@Tomasz-Smelcerz-SAP)
• Wojciech Sołtys (@Sawthis)
• @NHingerl
• @ralikio
• @strekm
• marcin witalis (@m00g3n)