Changelog
Breaking changes: Burrito internal logic with Git repositories + Git authentication rework
This release 0.9.0 of Burrito introduces one major change in Burrito's internal logic: how handles Git repositories and interact with Git providers.
Main changes:
-
The TerraformRepositoryController is now synchronizing regularly the content of TerraformRepositories to:
- annotate automatically TerraformLayers with the last commit available (webhook is not mandatory anymore for detecting push!)
- create Git bundles of the last available commit for each branch referenced in layers and store the bundles in Burrito Datastore
-
TerraformRuns run on specific commits: this opens the possibility to track which commits have been planned/applied in future releases of Burrito
-
The Burrito runners do not need to interact with Git repositories anymore: they just fetch the Git bundle for the commit hash they're running on, from the datastore
-
The Git provider credentials system of Burrito has been remade from the ground up:
- Credentials are defined in secrets with type
credentials.burrito.tf/repositoryorcredentials.burrito.tf/shared - One credential secret can be used by multiple TerraformRepositories in multiple tenants
- Credentials are defined in secrets with type
📖 Documentation:
- New Git Authentication system
- How to migrate to the new authentication system
- How the TerraformRepository Controller works
🛠️ Implementation: 75c98f0: feat(repository): use git bundles in runners + refactor credentials (#605) (@corrieriluca)
Other breaking changes
- e09ad76: chore(helm): allow metadata labels and annotations on all resources (#711) (@seboudry)
- Some values have changed in the Helm chart regarding annotations:
config.annotations=>metadata.config.annotationstenants[].serviceAccounts[].annotations=>tenants[].serviceAccounts[].metadata.annotationshermitcrab.service.annotations=>hermitcrab.service.metadata.annotationsserver.ingress.annotations=>server.ingress.metadata.annotations(important if you have ingress controller specific annotations)
- Some values have changed in the Helm chart regarding annotations:
Minor changes / dependency updates
- fix(chart): make tenant metadata optional by @LucasMrqes in #724
- fix(chart): annotations/labels on tenants service accounts by @corrieriluca in #726
- fix(repo-controller): handle forced push by deleting local repository by @corrieriluca in #745
- chore: remove goreleaser by @corrieriluca in #744
- fix(logging): do not log nil error in run controller (#781) by @corrieriluca