rancher/fleet v0.15.0-rc.3 on GitHub

Breaking Changes

Migrate Fleet to Helm v4 (#4351) by @thardeck in #4326
Imagescan, which has had a long life as an experimental feature, is now disabled by default. It can still be explicitly enabled; more information here on what this change means and how to keep the feature enabled. (#4671) by @weyfonk in #4692

Add dump command to CLI (docs) (#4030) by @weyfonk in #4374
Add monitor (docs) and analyze (docs) commands for troubleshooting Fleet deployments (#4030) by @weyfonk in #4474
Add CLI command to display bundle diffs from status (docs) (#4534) by @thardeck in #4566

The automated partitioning limit is now configurable, through autoPartitionThreshold (docs) (#3827) by @p-se in #4536
When specifying dependencies between bundles, custom states of dependencies are now supported in the dependsOn field through acceptedStates (docs) (#2552) by @ncuralli in #4558
GitRepoRestrictions now support restricting allowed target namespaces, with AllowedTargetNamespaceSelector (docs) (#4300) by @thardeck in #4562
Ignoring drift on deployed resources is now more flexible, as resources can be ignored by namespace only or by regex (docs) (#748) by @weyfonk in #4563
Fleet is now smarter about updates to replica counts of Deployments and StatefulSets (docs) (#4029) by @weyfonk in #4593
Proxy config is now available in the fleet-agent deployment (#4267) by @ftechmax in #4268
Any label can now be added to a local cluster when using Fleet standalone, using Helm value bootstrap.clusterLabels by @k0da in #4096

Fleet now supports Helm templates with lookup (#1851) by @0xavi0 in #4302
Fetching a Helm chart referenced by the helm.chart field of fleet.yaml now supports custom CA bundles (#3646) by @p-se in #4185
Github Apps support is extended to Github Enterprise instances, and more generally to hosts other than github.com (#4554) by @weyfonk in #4603
The known-hosts config map can now receive additional known_hosts entries at Fleet installation time, through Helm value additionalKnownHosts (#4680) by @SebPlv in #4569
When fetching multiple charts for building bundles, when Helm auth cannot or should not be added for fetching one chart, it is no longer disabled for subsequent charts by @aruiz14 in #4336
Helm URL resolution has received improvements (#4343) by @weyfonk in #4400
The Fleet agent properly reports installed resources with forced drift correction using Helm v4 (#4452) by @thardeck in #4624
Fix GitRepo URL matching in webhook server (#4648) by @weyfonk in #4777

Track UID of existing bundle deployment to prevent orphaning on failure (#4144) by @thardeck in #4273
Fleet creates options secrets before bundle deployments by @weyfonk in #4284
At bundle creation time, Fleet now detects overlaps between deleted and created bundles, and is able to mitigate accidental resource deletion (#3770) by @weyfonk in #4157
When fetching Helm charts, concurrent fetches of the same index.yaml file are now optimised (#4343) by @aruiz14 in #4285
Use the defaultNs for valuesFrom contained in downstream resources (#4274) by @0xavi0 in #4373
Make valuesFrom kind check case-insensitive (#4274) by @0xavi0 in #4408
The controller deletes finalizers in content resources after upgrade (#4472) by @0xavi0 in #4457
Take respective timestamps into account when comparing snapshots by @weyfonk in #4546
Prevent nil pointer dereference on cluster import (#4491) by @p-se in #4494
Prevent race when bundles are created concurrently (#4487) by @p-se in #4489

Resources referenced as downstreamResources can now be copied to the local cluster (#4559) by @0xavi0 in #4560
Fleet now monitors downstreamResources for changes, and is able to trigger new deployments when they change (docs) (#2085) by @0xavi0 in #4530
This monitoring includes GitRepo secrets (#2085) by @0xavi0 in #4574
Secrets referenced through downstreamResources have their types preserved when copied downstream (#3617) by @weyfonk in #4490

Add configurable concurrent bundle creation routines to fleet apply (#4233) by @thardeck in #4292
Support cluster display name in clusterName selector (rancher/rancher#51239) by @thardeck in #4495
Adds a sharding filter when calculating Bundles from Cluster (#4275) by @0xavi0 in #4282
GitRepos and HelmOps don't Requeue when adding finalizers by @0xavi0 in #4264
Clear Reason when Ready condition transitions from non-ready to ready (#4561) by @0xavi0 in #4578
Use controlled Requeue for non-ready dependencies during deploy (#4469) by @aruiz14 in #4453
Prevent false drift from Helm v4 null field rendering (#4655) by @thardeck in #4664
Set Recreate deployment strategy when hostNetwork is enabled (#4432) by @webD97 in #4467
Fix race when creating secrets and Kubernetes jobs by @p-se in #4319
Individual resources requests/limits for fleet-controllers (#4516) by @p-se in #4568
Fixes race condition when BD secrets are transiently unavailable (#4599) by @0xavi0 in #4707
Mark agentSchedulingCustomization nullable in CRD (rancher/rancher#53781) by @thardeck in #4731
Normalize empty agentSchedulingCustomization to nil (rancher/rancher#53781) by @thardeck in #4751
Fix BundleDeployment creation race condition (#4756) by @0xavi0 in #4757
Avoid uninstalling releases in PendingInstall status (#4572) by @0xavi0 in #4600

Replace gorilla/mux with net/http ServeMux (#4682) by @thardeck in #4717
Update dependency go to v1.25.8 by @renovate-rancher[bot] in #4778
Update module github.com/go-git/go-git/v5 to v5.16.5 [security] by @renovate-rancher[bot] in #4614
Update Kubernetes dependencies to v0.35.2 by @renovate-rancher[bot] in #4721
Update module helm.sh/helm/v4 to v4.1.1 by @renovate-rancher[bot] in #4622
Update module github.com/rancher/wrangler/v3 to v3.4.0 by @renovate-rancher[bot] in #4650
Update module golang.org/x/crypto to v0.48.0 [security] by @renovate-rancher[bot] in #4653
Update module golang.org/x/net to v0.51.0 [security] by @renovate-rancher[bot] in #4772

Full Changelog: v0.14.0...v0.15.0-rc.3