👋 Hey Everyone! Zarf v0.69.0 has been released. :zarf:
Notably we have a few SDK breaking changes as we charge towards v1.0.0 (expect more on this soon):
- Support for the injector being architecture aware (and thus only scheduling on a matching architecture node) has required updates to the cluster.StartInjection() function. This only impacts those who are using the SDK for injection.
SkipSignatureValidationhas been removed from the packager.LoadOptions and layout.PackageLayoutOptions structs with the addition of a Verify field. This change impacts SDK users who explicitly set the SkipSignatureValidation field on the mentioned options.
Regarding package verification and item 2 above - Zarf is now attempting verification when possible on all deployments but only enforcing verification when --verify is set (or package.verify: true in your config file). See issue #4048 for more context on decision. --skip-signature-validation flag has been deprecated but retained so as to not break any users with automation.
Note!: If you are explicitly relying on Zarf to fail deployments based on verification - you will need to set --verify to have parity with previous behaviors.
Other improvements or fixes:
- k3s upstream bugs and init package updates - #4435
- fixes for flux objects with the registry proxy feature - #4486
- arbitrary manifest naming support - #4493
As well as other dependency updates and bug fixes for user and development experience.
Thanks to all of those who contributed to this release!
What's Changed
🚀 Updates
- feat!: update injector to respect arch of package by @a1994sc in #4405
- test: use arch of local machine in external tests by @robinlieb in #4488
- chore(dependencies): update k3s version to 1.34.3 by @AustinAbro321 in #4435
- feat: log git repo clone by @AustinAbro321 in #4498
- fix: properly mutate flux ocirepo and helmrepo objects when using the registry proxy by @AustinAbro321 in #4486
- chore: remove re-declared vars in test loops by @AustinAbro321 in #4500
- fix: remove values log by @AustinAbro321 in #4503
- CI: image archive test flake by @AustinAbro321 in #4506
- feat(create): allow creation with specified and arbitrary manifest file by @brandtkeller in #4493
- feat!(verify): deprecate --skip-signature-validation in favor of --verify by @brandtkeller in #4457
📦 Dependencies
- chore(deps): bump github/codeql-action from 4.31.8 to 4.31.9 by @dependabot[bot] in #4494
- chore(deps): bump the cosign-providers group across 1 directory with 4 updates by @dependabot[bot] in #4478
- chore(deps): bump helm.sh/helm/v3 from 3.19.3 to 3.19.4 by @dependabot[bot] in #4483
- chore(deps): bump github.com/BurntSushi/toml from 1.5.0 to 1.6.0 by @dependabot[bot] in #4496
- chore(deps): bump github.com/goccy/go-yaml from 1.19.0 to 1.19.1 by @dependabot[bot] in #4497
- chore(deps): bump github.com/fluxcd/pkg/apis/meta from 1.23.0 to 1.24.0 by @dependabot[bot] in #4502
- chore(deps): bump github.com/goccy/go-yaml from 1.19.1 to 1.19.2 by @dependabot[bot] in #4504
Full Changelog: v0.68.1...v0.69.0