github stakater/application v7.0.0
on GitHub

latest release: v8.0.0
3 hours ago

Caution

This is a major release with four breaking changes. Review each section carefully before upgrading. If you are also upgrading to v8, apply this release first.

This release contains four breaking changes that align CronJob and Job templates with existing Deployment conventions, tighten security defaults, and remove deprecated features.

Breaking Changes

1. Service account binding harmonized (#363)

  • rbac.serviceAccount.enabled renamed to rbac.serviceAccount.create

  • automountServiceAccountToken now defaults to false for Deployments, CronJobs, and Jobs. If your workloads call the Kubernetes API, explicitly set automountServiceAccountToken: true on the relevant resource.

  • ServiceAccount name resolution is now consistent across all resource types via a new application.serviceAccountName helper:

    create name Result
    true "" <release-name>
    true "foo" "foo"
    false "" "default"
    false "bar" "bar"

2. Default part-of label removed (#455)

app.kubernetes.io/part-of is no longer added by default. If you rely on this label, set partOfOverride explicitly: 

partOfOverride: my-application

3. List-based envFrom removed for Jobs and CronJobs (#518)

The deprecated list-based envFrom format (raw Kubernetes list) is removed. Use the dict-based format: 

cronJob:
  jobs:
    example:
      envFrom:
        my-secret:
          type: secret
          name: my-secret

4. Pod security context support for CronJob and Job (#498)

cronJob.jobs.<name>.securityContext now maps to the pod-level security context. The previous container-level key is renamed to containerSecurityContext: 

cronJob:
  jobs:
    example:
      containerSecurityContext:  # was securityContext
        runAsNonRoot: true
      securityContext:           # new, pod-level
        fsGroup: 20000

Job templates gain containerSecurityContext support (additive, no migration needed).

What's Changed

  • chore(deps): update dependency helm to v4 by @renovate[bot] in #520
  • chore(deps): update ad-m/github-push-action action to v1 by @renovate[bot] in #519
  • feat!: harmonize service account binding by @aslafy-z in #363
  • feat!: drop default part-of label, require explicit override by @aslafy-z in #455
  • feat!: remove deprecated list-based envFrom for Jobs and CronJobs by @aslafy-z in #518
  • feat!: add pod security context support to CronJob and Job by @alex1989hu in #498

Full Changelog: v6.18.0...v7.0.0

Check out latest releases or
releases around stakater/application v7.0.0

Don't miss a new application release

NewReleases is sending notifications on new releases.

Get notifications