vmware-tanzu/kubeapps v2.7.0

on GitHub

Kubeapps v2.7.0 (chart version 12.2.10) is a minor release that replaces the no-longer supported Improbable gRPC-Web library with the newer and supported connect-web library's gRPC-Web implementation. For the most part, there should be no visible difference to users other than those who use our v1alpha1 API, though it does enable us to provide a better HTTP API in a future release.

Of course, there's the normal goodness of many security updates - see below for more details.

Installation

To install this release, ensure you add the Bitnami charts repository to your local Helm cache:

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update

Install the Kubeapps Helm chart:

kubectl create namespace kubeapps
helm install kubeapps --namespace kubeapps bitnami/kubeapps

To get started with Kubeapps, check out this walkthrough.

What's Changed

Main changes in this release

• Sync chart with bitnami/kubeapps chart (version 12.2.7) by @github-actions in #6045
• Adds generation for buf connect gRPCWeb ts clients. by @absoludity in #6031
• Add 2.6.2 licenses file. by @absoludity in #6070
• Add 2.6.3 OSL file. by @absoludity in #6071
• Switch Dashboard to use new gRPC client throughout. by @absoludity in #6044
• Remove the old tsproto generated files. by @absoludity in #6083
• Remove dependency on old time 0.1 library. by @absoludity in #6098
• Update swagger-ui-react. by @absoludity in #6107
• Add the connect-go backend generated code and tooling. by @absoludity in #6088
• Ensure bearer token formatted correctly for token auth. by @absoludity in #6114
• Update secret names for the postgresql secret. by @absoludity in #6115
• Remove service account token data from logs. by @absoludity in #6127
• Sync chart with bitnami/kubeapps chart (version 12.2.8) by @github-actions in #6129
• Ensure discovery cache can be written by client-go in the kubeappsapis service by @absoludity in #6128
• Switch the core plugin gRPC service to connect gRPC. by @absoludity in #6148
• Verify that gateway ReST-ish API can still be used! by @absoludity in #6150
• Update to pass http Header as well as context for authz. by @absoludity in #6151
• Switch resources plugin and update auth. by @absoludity in #6157
• Sync chart with bitnami/kubeapps chart (version 12.2.9) by @github-actions in #6161
• Add 2.6.4 OSS file. by @absoludity in #6170
• Remove 2.6.2 osl file. by @absoludity in #6172
• Switch core packages to use connect. by @absoludity in #6159
• Transition packaging plugins to Connect gRPC-Web by @absoludity in #6183
• Remove improbable grpcWeb and cmux. by @absoludity in #6190
• Remove unnecessary context for authz by @absoludity in #6193
• Switch resources plugin to use connect core packages client and other clean-ups. by @absoludity in #6204
• Release updates up to 0.4 ugrading code dependencies. by @absoludity in #6209
• Rust and Javascript deps. by @absoludity in #6210
• Fix version for Github CLI by @absoludity in #6214
• At some point between the 0.2 release and the 0.7 the linux binary by @absoludity in #6215

Dependency upgrades

• Bump eslint-plugin-redos from 4.4.3 to 4.4.5 in /dashboard by @dependabot in #5996
• Bump sigs.k8s.io/controller-runtime from 0.14.4 to 0.14.5 by @dependabot in #6039
• Bump trycmd from 0.14.12 to 0.14.13 in /cmd/pinniped-proxy by @dependabot in #6040
• Bump tokio from 1.25.0 to 1.26.0 in /cmd/pinniped-proxy by @dependabot in #6041
• Bump google.golang.org/grpc/cmd/protoc-gen-go-grpc from 1.2.0 to 1.3.0 by @dependabot in #6042
• Bump @playwright/test from 1.31.1 to 1.31.2 in /integration by @dependabot in #6043
• Bump @clr/ui from 13.14.0 to 15.0.1 in /dashboard by @dependabot in #6047
• Bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 by @dependabot in #6048
• Bump github.com/fluxcd/pkg/apis/meta from 0.19.0 to 0.19.1 by @dependabot in #6049
• Bump kube from 0.79.0 to 0.80.0 in /cmd/pinniped-proxy by @dependabot in #6050
• Bump kube-derive from 0.79.0 to 0.80.0 in /cmd/pinniped-proxy by @dependabot in #6051
• Bump sass from 1.58.1 to 1.58.3 in /dashboard by @dependabot in #6053
• Bump golang.org/x/net from 0.7.0 to 0.8.0 by @dependabot in #6055
• Bump github.com/fluxcd/pkg/oci from 0.20.0 to 0.21.0 by @dependabot in #6056
• Bump kube-runtime from 0.79.0 to 0.80.0 in /cmd/pinniped-proxy by @dependabot in #6057
• Bump @formatjs/cli from 6.0.1 to 6.0.4 in /dashboard by @dependabot in #6058
• Bump github.com/vmware-tanzu/carvel-kapp from 0.54.3 to 0.55.0 by @dependabot in #6059
• Bump github.com/vmware-tanzu/carvel-vendir from 0.32.5 to 0.33.1 by @dependabot in #6060
• Bump serde from 1.0.152 to 1.0.154 in /cmd/pinniped-proxy by @dependabot in #6063
• Bump qs from 6.11.0 to 6.11.1 in /dashboard by @dependabot in #6065
• Bump google.golang.org/protobuf from 1.28.1 to 1.29.0 by @dependabot in #6066
• Bump github.com/fluxcd/helm-controller/api from 0.30.0 to 0.31.0 by @dependabot in #6067
• Bump thiserror from 1.0.38 to 1.0.39 in /cmd/pinniped-proxy by @dependabot in #6068
• Bump serde_json from 1.0.93 to 1.0.94 in /cmd/pinniped-proxy by @dependabot in #6069
• Bump helm.sh/helm/v3 from 3.11.1 to 3.11.2 by @dependabot in #6073
• Bump github.com/fluxcd/source-controller/api from 0.35.2 to 0.36.0 by @dependabot in #6074
• Bump chrono from 0.4.23 to 0.4.24 in /cmd/pinniped-proxy by @dependabot in #6075
• Bump hyper from 0.14.24 to 0.14.25 in /cmd/pinniped-proxy by @dependabot in #6076
• Bump github.com/containerd/containerd from 1.6.19 to 1.7.0 by @dependabot in #6078
• Bump @bufbuild/connect-web from 0.8.1 to 0.8.3 in /dashboard by @dependabot in #6072
• Bump k8s.io/kubernetes from 1.26.1 to 1.26.2 by @dependabot in #6079
• Bump webpack from 5.75.0 to 5.76.1 in /dashboard by @dependabot in #6081
• Bump serde from 1.0.154 to 1.0.156 in /cmd/pinniped-proxy by @dependabot in #6082
• Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 by @dependabot in #6084
• Bump eslint-config-prettier from 8.6.0 to 8.7.0 in /dashboard by @dependabot in #6085
• Bump github.com/fluxcd/pkg/oci from 0.21.0 to 0.21.1 by @dependabot in #6086
• Bump openssl from 0.10.45 to 0.10.46 in /cmd/pinniped-proxy by @dependabot in #6087
• Bump github.com/fluxcd/helm-controller/api from 0.31.0 to 0.31.1 by @dependabot in #6089
• Bump github.com/vmware-tanzu/carvel-kapp-controller from 0.44.6 to 0.45.0 by @dependabot in #6090
• Bump sass from 1.58.3 to 1.59.3 in /dashboard by @dependabot in #6091
• Bump axios from 1.3.3 to 1.3.4 in /dashboard by @dependabot in #6092
• Bump oras.land/oras-go/v2 from 2.0.0 to 2.0.1 by @dependabot in #6094
• Bump trycmd from 0.14.13 to 0.14.14 in /cmd/pinniped-proxy by @dependabot in #6095
• Bump actions/setup-go from 3 to 4 by @dependabot in #6096
• Bump ts-proto from 1.139.0 to 1.141.1 in /dashboard by @dependabot in #6100
• Bump github.com/grpc-ecosystem/go-grpc-middleware from 1.3.0 to 1.4.0 by @dependabot in #6101
• Bump clap from 4.1.8 to 4.1.9 in /cmd/pinniped-proxy by @dependabot in #6102
• Bump trycmd from 0.14.14 to 0.14.15 in /cmd/pinniped-proxy by @dependabot in #6103
• Bump @bufbuild/protoc-gen-es from 1.0.0 to 1.1.1 in /dashboard by @dependabot in #6108
• Bump k8s.io/kubernetes from 1.26.2 to 1.26.3 by @dependabot in #6109
• Bump clap from 4.1.9 to 4.1.11 in /cmd/pinniped-proxy by @dependabot in #6110
• Bump thiserror from 1.0.39 to 1.0.40 in /cmd/pinniped-proxy by @dependabot in #6111
• Bump prettier from 2.8.4 to 2.8.5 in /dashboard by @dependabot in #6116
• Bump github.com/fluxcd/source-controller/api from 0.36.0 to 0.36.1 by @dependabot in #6117
• Bump serde from 1.0.156 to 1.0.157 in /cmd/pinniped-proxy by @dependabot in #6118
• Bump openssl from 0.10.46 to 0.10.47 in /cmd/pinniped-proxy by @dependabot in #6119
• Bump prettier from 2.8.4 to 2.8.5 in /integration by @dependabot in #6120
• Bump @clr/ui from 15.0.1 to 15.0.3 in /dashboard by @dependabot in #6121
• Bump oras.land/oras-go/v2 from 2.0.1 to 2.0.2 by @dependabot in #6122
• Bump reqwest from 0.11.14 to 0.11.15 in /cmd/pinniped-proxy by @dependabot in #6123
• Bump anyhow from 1.0.69 to 1.0.70 in /cmd/pinniped-proxy by @dependabot in #6124
• Bump prettier from 2.8.5 to 2.8.6 in /integration by @dependabot in #6125
• Bump @types/jest from 29.4.0 to 29.5.0 in /dashboard by @dependabot in #6130
• Bump github.com/fluxcd/helm-controller/api from 0.31.1 to 0.31.2 by @dependabot in #6131
• Bump temp-env from 0.3.2 to 0.3.3 in /cmd/pinniped-proxy by @dependabot in #6132
• Bump serde from 1.0.157 to 1.0.158 in /cmd/pinniped-proxy by @dependabot in #6133
• Bump @playwright/test from 1.31.2 to 1.32.0 in /integration by @dependabot in #6134
• Bump prettier from 2.8.6 to 2.8.7 in /integration by @dependabot in #6143
• Bump @playwright/test from 1.32.0 to 1.32.1 in /integration by @dependabot in #6142
• Bump openssl from 0.10.47 to 0.10.48 in /cmd/pinniped-proxy by @dependabot in #6139
• Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 by @dependabot in #6138
• Bump github.com/fluxcd/pkg/apis/meta from 0.19.1 to 1.0.0 by @dependabot in #6144
• Bump tokio from 1.26.0 to 1.27.0 in /cmd/pinniped-proxy by @dependabot in #6145
• Bump serde_json from 1.0.94 to 1.0.95 in /cmd/pinniped-proxy by @dependabot in #6146
• Bump github.com/docker/cli from 23.0.1+incompatible to 23.0.2+incompatible by @dependabot in #6154
• Bump reqwest from 0.11.15 to 0.11.16 in /cmd/pinniped-proxy by @dependabot in #6155
• Bump serde from 1.0.158 to 1.0.159 in /cmd/pinniped-proxy by @dependabot in #6156
• Bump oras.land/oras-go from 1.2.2 to 1.2.3 by @dependabot in #6158
• Bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #6162
• Bump tls-listener from 0.6.0 to 0.7.0 in /cmd/pinniped-proxy by @dependabot in #6163
• Bump openssl from 0.10.48 to 0.10.49 in /cmd/pinniped-proxy by @dependabot in #6164
• Bump github.com/fluxcd/pkg/oci from 0.21.1 to 0.22.0 by @dependabot in #6166
• Bump @playwright/test from 1.32.1 to 1.32.2 in /integration by @dependabot in #6167
• Bump github.com/docker/cli from 23.0.2+incompatible to 23.0.3+incompatible by @dependabot in #6168
• Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #6169
• Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible by @dependabot in #6171
• Bump axios from 1.3.4 to 1.3.5 in /integration by @dependabot in #6174
• Bump github.com/adhocore/gronx from 1.1.2 to 1.5.0 by @dependabot in #6176
• Bump golang.org/x/net from 0.8.0 to 0.9.0 by @dependabot in #6181
• Bump @playwright/test from 1.32.2 to 1.32.3 in /integration by @dependabot in #6182
• Bump github.com/bufbuild/connect-go from 1.5.2 to 1.6.0 by @dependabot in #6173
• Bump github.com/fluxcd/helm-controller/api from 0.31.2 to 0.32.1 by @dependabot in #6184
• Bump h2 from 0.3.15 to 0.3.17 in /cmd/pinniped-proxy by @dependabot in #6186
• Bump kube-runtime from 0.80.0 to 0.82.0 in /cmd/pinniped-proxy by @dependabot in #6177
• Bump github.com/fluxcd/pkg/oci from 0.22.0 to 0.23.0 by @dependabot in #6188
• Bump helm.sh/helm/v3 from 3.11.2 to 3.11.3 by @dependabot in #6189
• Bump openssl from 0.10.49 to 0.10.50 in /cmd/pinniped-proxy by @dependabot in #6191
• Bump serde from 1.0.159 to 1.0.160 in /cmd/pinniped-proxy by @dependabot in #6192
• Bump hyper from 0.14.25 to 0.14.26 in /cmd/pinniped-proxy by @dependabot in #6194
• Bump serde_json from 1.0.95 to 1.0.96 in /cmd/pinniped-proxy by @dependabot in #6195
• Bump github.com/fluxcd/helm-controller/api from 0.32.1 to 0.32.2 by @dependabot in #6196
• Bump github.com/Masterminds/semver/v3 from 3.2.0 to 3.2.1 by @dependabot in #6197
• Bump @tanstack/react-table from 8.7.9 to 8.8.5 in /dashboard by @dependabot in #6198
• Bump axios from 1.3.4 to 1.3.5 in /dashboard by @dependabot in #6199
• Bump github.com/lib/pq from 1.10.7 to 1.10.8 by @dependabot in #6201
• Bump kube-derive from 0.82.0 to 0.82.1 in /cmd/pinniped-proxy by @dependabot in #6202
• Bump trycmd from 0.14.15 to 0.14.16 in /cmd/pinniped-proxy by @dependabot in #6203
• Bump @types/lodash from 4.14.191 to 4.14.194 in /dashboard by @dependabot in #6205
• Bump github.com/docker/cli from 23.0.3+incompatible to 23.0.4+incompatible by @dependabot in #6206
• Bump sass from 1.59.3 to 1.62.0 in /dashboard by @dependabot in #6207
• Bump react-intl from 6.2.8 to 6.4.1 in /dashboard by @dependabot in #6208
• Bump temp-env from 0.3.3 to 0.3.4 in /cmd/pinniped-proxy by @dependabot in #6211
• Bump kube-derive from 0.82.1 to 0.82.2 in /cmd/pinniped-proxy by @dependabot in #6212

Full Changelog: v2.6.4...v2.7.0