What's Changed
Added
- added
nuc-strimzi-kafka-operator,nuc-keycloak-operator,nuc-fluxcd,nuc-external-secrets,nuc-mongodb-percona-operator,nuc-envoy-gateway,nuc-cloudnativepg,nuc-mysql-percona-operator,nuc-elk,nuc-rabbitmq, andnuc-clickhousesubcharts to the dependency list. - added shared
genericdefaults for workloads:nodeSelector,resources,podSecurityContext,containerSecurityContext, andautomountServiceAccountToken. - added
servicesGeneralfor common labels and annotations on renderedServiceresources, including auto-generated governing Services. - added typed
projectedvolumes viavolumes[].type: projected. - added
ServiceAccount.imagePullSecretssupport viaserviceAccountDefaultImagePullSecretName,serviceAccountGeneral.imagePullSecrets, and per-ServiceAccount overrides. - added new Istio templates:
AuthorizationPolicy,DestinationRule,EnvoyFilter,Gateway,PeerAuthentication,ProxyConfig,RequestAuthentication,ServiceEntry,Sidecar,Telemetry,VirtualService,WasmPlugin,WorkloadEntry,WorkloadGroup. - added new Vault Secret Operator templates:
HCPAuth,HCPVaultSecretsApp,SecretTransformation,VaultAuthGlobal,VaultConnection,VaultDynamicSecret,VaultPKISecret. - added
stdinandttysupport for containers and initContainers. - added GitHub chart-testing and CI configuration under
.github/, including lint, security, smoke, unit, and e2e workflows. - added contributor templates:
docs/PULL_REQUEST_TEMPLATE.md,docs/ISSUE_TEMPLATE/bug_report.yml,docs/ISSUE_TEMPLATE/feature_request.yml. - added samples catalog:
nuc-fluxcd,nuc-external-secrets,nuc-mongodb-percona-operator,nuc-envoy-gateway,nuc-valkey,wordpress, andwordpress-vault(WordPress + Vault Secret Operator) deployment examples.
Fixed
- fixed
nuc-native-gateway(1.0.6):specof HTTPRoute (and all other Gateway API resources) was rendered as-is viatoYaml, so Helm template expressions in string values — e.g.'{{ printf "%s-%s" .Release.Name "frontend" }}'or'{{ include "helpers.app.fullname" … }}'— were not evaluated.specandstatusare now rendered throughtpl, making release-name-awarebackendRefswork out of the box. - fixed YAML doc separator rendering between consecutive
jobs,hooks, andcronJobsso each resource is emitted as a separate YAML document. - fixed deprecated
imagePullSecretswarnings inNOTES.txtsonullentries insidedeployments,cronJobs,jobs, andhooksdo not fail template rendering. - fixed FluxCD dependency condition to use
nuc-fluxcd.enabled. - fixed Envoy Gateway dependency condition to use
global.nuc-envoy-gateway.enabled, avoiding anenabledkey rejected by the subchart schema. - fixed
cronJobsGeneral.suspendandcronJobsGeneral.singleOnlyso CronJobs inherit the general defaults while still allowing per-CronJobfalseornulloverrides. - fixed
envConfigmapsandenvSecretsrendering to preserve multiple entries and skipnullor empty items without rendering an emptyenvFromblock. - fixed automatic checksum reference collection for
*General.envConfigmapsand*General.envSecrets. - fixed ConfigMaps and Secrets annotated by default hooks preventing uninstall.
- fixed multi-env rendering error.
- fixed CronJob general settings (
cronJobsGeneral) inheritance.
Changed
autoRolloutChecksumsnow generates checksum annotations only for ConfigMaps, Secrets, and SealedSecrets actually referenced by a given workload, instead of checksumming every resource in the release.- updated
nuc-commondependency from1.0.4to1.0.5. - updated
nuc-keycloak-operatordependency from1.0.0to1.0.1. - updated
nuc-external-secretsdependency from1.0.1to1.1.0. - completed Dependency Subcharts documentation for all dependencies declared in
Chart.yaml. - documented
deploymentsGeneralandcronJobsGeneralenvironment source defaults, including empty-value handling and override behavior.
Testing
- added unit and smoke coverage for all new features and bug fixes introduced across the 3.0.x series.
New Contributors
- @apberdnikov made their first contribution in #99
- @Gekter made their first contribution in #104
- @edvegas made their first contribution in #112
Full Changelog: v3.0.21...v3.1.0