What's Changed
!!! Warning, this release contains breaking changes !!!
Breaking changes
- Improve snapshot distribution management by @helderjs in #1168
To enable anAtlasBackupSchedule
custom resource to be reused by multiple deployments managed by the operator, we have removedreplicationSpecId
from theAtlasBackupSchedule
custom resource. It will now be automatically set for every deployment that references it. As a result of this change,replicationSpecId
is no longer configurable in anAtlasBackupSchedule
and should be removed. - Add deletion protection feature by @helderjs in #1173 See: https://www.mongodb.com/docs/atlas/atlas-operator/#new-default--deletion-protection-in-ak8so-2.0
With Atlas Kubernetes Operator 2.0, custom resources you delete in Kubernetes are no longer deleted in Atlas by default. Instead, Atlas Kubernetes Operator simply stops managing those resources - avoiding destructive change. The old behavior can be reverted. More info https://www.mongodb.com/docs/atlas/atlas-operator/#new-default--deletion-protection-in-ak8so-2.0 - Remove legacy deployment by @igor-karpukhin in #1182
In order to standardize on one deployment type (for non-serverless deployments), we have removed the notion ofadvancedDeploymentSpec
. All deployment options are now supported as part of thedeploymentSpec
. For the AtlasDeployment resource, the following things were changed:
spec.deploymentSpec
- now contains all fields from the spec.advancedDeploymentSpec.
spec.advancedDeploymentSpec
- is gone. If you usedadvancedDeploymentSpec
before, the only change you need to make is to rename theadvancedDeploymentSpec
todeploymentSpec
in theAtlasDeployment
resource. If you useddeploymentSpec
, you will need to rewrite it toadvancedDeploymentSpec
format. - Force
secretRef
fields for EncryptionAtREST and AlertConfiguration features by @roothorp in #1203 . This forces use of secrets for all credentials to promote security best practices.
The following API secrets and credentials were moved from theAtlasProject
custom resource to Secrets. Credentials and API secrets should now be stored inSecrets
and referenced from theAtlasProject
custom resource. The following fields were replaced:
For the.spec.alertConfiguration.notifications
:
APIToken
->APITokenRef
DatadogAPIKey
->DatadogAPIKeyRef
FlowdockTokenAPI
->FlowdockTokenAPIRef
OpsGenieAPIKey
->OpsGenieAPIKeyRef
VictorOpsAPIKey
->VictorOpsSecretRef
VictorOpsRoutingKey
->VictorOpsSecretRef
(expected to have both VictorOps values)
For the.spec.encryptionAtRest
:- For AWS:
AccessKeyID
,SecretAccessKey
,CustomerMasterKeyID
andRoleID
->secretRef
(expected to contain all those fields with values). Note: although there are fieldsAccessKeyID
,SecretAccessKey
they can only be provided forAtlasProject
resources that had them before. New projects required to configureCloudProviderAccessRoles
feature to enable the Encryption at REST for AWS. - For Azure:
SubscriptionID
,KeyVaultName
,KeyIdentifier
,Secret
->secretRef
(expected to contain all those fields with values) - For GCP:
ServiceAccountKey
,KeyVersionResourceID
->secretRef
(expected to contain all those fields with values)
- For AWS:
Fixes
- Fixed resource version label by @igor-karpukhin in #1209
- Put go context within workflow.Context by @josvazg in #1152
- Replace github.com/pborman/uuid with github.com/google/uuid by @gssbzn in #1187
- Bump google.golang.org/api from 0.143.0 to 0.146.0 by @dependabot in #1159
- Bump github.com/aws/aws-sdk-go from 1.45.20 to 1.45.24 by @dependabot in #1160
- Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.2 to 1.8.0 by @dependabot in #1163
- Bump golang.org/x/sync from 0.3.0 to 0.4.0 by @dependabot in #1162
- Bump github.com/onsi/ginkgo/v2 from 2.12.1 to 2.13.0 by @dependabot in #1161
- Bump go.mongodb.org/atlas from 0.33.0 to 0.34.0 by @dependabot in #1174
- Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.3.1 to 1.4.0 by @dependabot in #1175
- Bump github.com/aws/aws-sdk-go from 1.45.24 to 1.45.26 by @dependabot in #1176
- Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot in #1177
- Bump cloud.google.com/go/compute from 1.23.0 to 1.23.1 by @dependabot in #1178
- Bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in #1169
- Bump github.com/onsi/gomega from 1.28.0 to 1.28.1 by @dependabot in #1189
- Bump google.golang.org/api from 0.146.0 to 0.148.0 by @dependabot in #1192
- Bump docker/login-action from 2 to 3 by @dependabot in #1194
- Bump cloud.google.com/go/kms from 1.15.2 to 1.15.3 by @dependabot in #1193
- Bump google.golang.org/grpc from 1.58.2 to 1.58.3 in /tools/clean by @dependabot in #1200
- Bump cloud.google.com/go/compute from 1.23.1 to 1.23.2 by @dependabot in #1204
- Bump cloud.google.com/go/kms from 1.15.3 to 1.15.4 by @dependabot in #1205
- Bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #1206
- Bump github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/keyvault/armkeyvault from 1.2.0 to 1.3.0 by @dependabot in #1207
- Bump github.com/aws/aws-sdk-go from 1.45.26 to 1.46.7 by @dependabot in #1208
- Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.8.0 to 1.9.0 by @dependabot in #1214
- Bump cloud.google.com/go/kms from 1.15.4 to 1.15.5 by @dependabot in #1215
- Bump github.com/aws/aws-sdk-go from 1.46.7 to 1.47.4 by @dependabot in #1216
- Bump go.mongodb.org/atlas from 0.34.0 to 0.35.0 by @dependabot in #1217
- Bump google.golang.org/api from 0.148.0 to 0.150.0 by @dependabot in #1218
New Contributors
Full Changelog: v1.9.0...v2.0.0