Skip to content

Latest commit

 

History

History
1614 lines (1331 loc) · 116 KB

CHANGELOG.md

File metadata and controls

1614 lines (1331 loc) · 116 KB

UNRELEASED

0.91.0 / 2024-05-06

Kubernetes v1_30 support via k8s-openapi 0.22

Please upgrade k8s-openapi along with kube to avoid conflicts.

Unstable Stream Sharing

A more complete implementation that allows sharing watcher streams between multiple Controllers (for #1080) has been added under the unstable-runtime feature-flag in #1449 and #1483 by @mateiidavid. This represents the first usable implementation of shared streams (and replaces the older prototype part in #1470). While some changes are expected, you can check the shared_stream_controller example for a high-level overview.

What's Changed

Added

  • Add shared stream interfaces by @mateiidavid in #1449
  • Allow to create non-controller owner reference for resource by @Danil-Grigorev in #1475
  • feat(runtime): support for owned shared streams by @mateiidavid in #1483

Changed

  • Upgrade k8s-openapi to 0.22 and bump MK8SV to 1.25 by @clux in #1485

Removed

  • Remove abandoned StreamSubscribe implementation by @clux in #1470

Fixed

  • Include inner error message in Display for SerdeError by @XAMPPRocky in #1481
  • Remove invalid uniqueItems property from CRDs when Sets are used by @sbernauer in #1484

0.90.0 / 2024-04-03

Highlights

kube::client::Body Improvements

  • Unit testing helpers #1444 + #1445,
  • Accuracy; size_hint and is_end_stream implemented in #1452 + internal cleanups #1453 and #1455

Dependency Cleanups

  • rustls to 0.23 in #1457
  • once_cell removed in #1447 (no longer needed)
  • futures feature prune in #1442
  • chrono features prune in #1448, and bump its min version pin in #1458

What's Changed

Added

  • Add proxy Body::collect_bytes for easier unit tests by @clux in #1445

Changed

  • update to rustls 0.23 by @tottoto in #1457

Fixed

  • disable unused futures feature by @tottoto in #1442
  • Expose Body::empty for easier tests by @clux in #1444
  • replace once_cell Lazy with ordinary static by @tottoto in #1447
  • replace chrono feature clock with now by @tottoto in #1448
  • implement http_body trait method by @tottoto in #1452
  • Fix examples for custom clients not authenticating by @clux in #1450
  • Set a compatible minimum chrono version by @clux in #1458

Upgrading hyper and http to 1.0 and MSRV to 1.75.0

This release completes the hyper & http ecosystem upgrade #1351 via #1438. In particular, this change includes upgrades to http, http-body, tower-http, hyper, hyper-openssl, hyper-rustls, hyper-socks2, hyper-timeout, tame-oauth, tokio-tungstenite, tower-http, rustls, rustls-pemfile, as well as adopting the new hyper_util and http_body_util to make the change.

While this change constitutes significant internal churn (and a new kube::client::Body), our external api remains largely unchanged. Some minor changes are necessary for custom clients, and for integration testing using tower_mock. See the controller-rs upgrade pr or the examples folder in this commit for details.

What's Changed

Added

  • client_ext for Client::get and Client::list by @clux in #1375
  • direct node access logs/portforward/exec/attach via kubelet debug interface by @XciD in #1428

Changed

  • Bump MSRV to 1.75.0 by @clux in #1408
  • Ease the bound for reflector to only request identifying metadata by @SOF3 in #1393
  • Update base64 requirement from 0.21.4 to 0.22.0 by @dependabot in #1422
  • upgrade jsonpath-rust to 0.5.0 by @clux in #1429
  • update to hyper 1 by @tottoto in #1438

Fixed

  • Serialize TerminalSize fields as PascalCase by @nightkr in #1407
  • Kubeconfig allow certificate_authority_data not present in ExecAuthCluster by @ljun20160606 in #1432
  • fix: check err on Client::request_stream by @XciD in #1433

0.88.1 / 2024-01-26

What's Changed

This is a bug fix release for a deserialization issue introduced in 0.88.0.

Fixed

  • Minor fixes to ObjectList by @flavio in #1398

0.88.0 / 2024-01-21

Kubernetes v1_29 support via k8s-openapi 0.21

Please upgrade k8s-openapi along with kube to avoid conflicts.

What's Changed

Added

  • Add type meta data for list types by @Danil-Grigorev in #1380

Changed

  • Bump MSRV to 1.70 by @clux in #1384
  • Upgrade k8s-openapi for Kubernetes v1_29 support by @clux in #1394

0.87.2 / 2023-12-22

What's Changed

Added

  • Add support for LogParams::since_time by @clux in #1342
  • Provide cluster info to exec plugins by @aviramha in #1331
  • Allow setting a description on a derived CRD by @sbernauer in #1359

Changed

  • Bump MSRV from 1.64 to 1.65 by @clux in #1353
  • Switch from jsonpath_lib to jsonpath-rust by @ilya-bobyr in #1345

0.87.1 / 2023-11-01

Headlines

  • fixed a Controller issue with reconciliation requests disappearing when using concurrency #1324
  • improved Client with better exec auth behaviour #1320, timeout control #1314, and socks5 proxy handling #1311
  • small changes to an unstable streams feature #1304, and a a derive property that is now illegal with syn 2 #1307

Big thanks to everyone involved 🎃

What's Changed

Added

  • Feature-flagged support for socks5 proxy in Client by @Razz4780 in #1311
  • Add example for raw API Server requests by @mateiidavid in #1330

Changed

  • Document Controller::reconcile_on and remove Err input requirement by @clux in #1304
  • Bump base64 to 0.21 by @clux in #1308
  • Upgrade darling and syn and rename #[kube(struct)] by @clux in #1307

Fixed

  • Fixed KUBERNETES_EXEC_INFO environment variable passed to auth plugins by @Razz4780 in #1320
  • Fix Controller: pending messages are stuck in the scheduled map by @co42 in #1324
  • Set a default write timeout by @alex-hunt-materialize in #1314

Headlines

k8s-openapi 0.20 for Kubernetes v1_28

Please note upstream api removals. As usual, upgrade k8s-openapi along with kube to avoid issues.

Default TLS stack changed to rustls

With last year's upstream changes from rustls (closing all our existing rustls issues - see #1192), this is now the better choice for security, features, and ease of building. The previous default openssl stack can still be used with default-features = false plus the openssl-tls feature.

Controller Configuration

A controller Config has been added to allow tweaking two behaviour parameters (debouncing in #1265 and concurrency limits in #1277) of the Controller. Huge thanks to @aryan9600 for his work.

Streaming Lists

The sendInitialEvents alpha feature is now supported, and is quickly testable in the pod_watcher example when using the feature gate. This will help optimise the memory profile of controllers when the feature becomes generally available. Amazing work by first time contributor @casualjim.

What's Changed

Added

  • add controller::Config and debounce period to scheduler by @aryan9600 in #1265
  • adds watch-list implementation without breaking changes by @casualjim in #1255
  • allow configuring controller's concurrency by @aryan9600 in #1277

Changed

  • Change default TLS stack to rustls-tls by @clux in #1261
  • Bump k8s-openapi to 0.20.0 by @clux in #1291

Fixed

  • core: omit invalid resource version parameters when doing paged requests by @goenning in #1281

0.85.0 / 2023-08-06

What's Changed

Added

  • Add WatchStreamExt::reflect to allow chaining on a reflector by @clux in #1252
  • Implement ephemeral containers subresource by @jmintb in #1153

Changed

  • Swap dirs-next dependency to cargo-team maintained home crate by @utkarshgupta137 in #1207
  • Upgrade k8s-openapi to 0.19.0 for v1_27 support by @clux in #1271

Fixed

  • watcher: return NoResourceVersion error if resource version is empty by @aryan9600 in #1259
  • Update the scheduler message when preponing by @nightkr in #1260

0.84.0 / 2023-07-14

Highlights

Stream Improvements

On the runtime side, the Controller now delays reconciles until the main Store is ready (via a new Store helper from #1243). The stream selection for owned resources is more efficient (#1240), and the underlying watcher streams now all paginate (#1249). There are also many new WatchStreamExt helpers ( #1246 + #1228 + #1232) as a continued work towards the more customisable streams-api (#1080).

On the client-side; streaming logs are now easier to deal with as an AsyncBufRead #1235.

OIDC Refresh

Optional OIDC refreshable token support was introduced in #1229 under kube/oidc for out-of-cluster Client configuration. Previously, refresh support was limited to non-OIDC tokens from the GcpOuth provider (kube/oauth) or through arbitrary exec calls / TokenFile loading.

What's Changed

Added

  • Add Predicate trait to allow combination + fallbacks by @clux in #1228
  • Added refreshing OIDC ID token as an optional feature by @Razz4780 in #1229
  • Add WatchStreamExt::default_backoff shorthand by @clux in #1232
  • Derive PartialEq on core params structs by @danrspencer in #1237
  • Track store readiness by @nightkr in #1243
  • Add WatchStreamExt::modify() to modify events by @aryan9600 in #1246
  • Add default pagination to watcher by @clux in #1249

Changed

  • Bump MSRV from 1.63 to 1.64 by @clux in #1233
  • Change Api::log_stream to return AsyncBufRead by @aryan9600 in #1235

Fixed

  • Make Controller::owns use metadata_watcher internally by @clux in #1240

0.83.0 / 2023-06-05

What's Changed

Added

  • Add Controller::reconcile_on by @co42 in #1163
  • Add predicates::resource_version by @clux in #1221
  • add Duration to kube-core by @hawkw in #1224

Changed

  • Introduce GetParams support by @mateiidavid in #1214

Fixed

  • Swap validator for garde by @mateiidavid in #1212
  • fix: #[kube(crates(serde = "some_crate::serde"))] was not working by @chubei in #1215

0.82.2 / 2023-04-19

Watcher Fixes

Two fixes to allow watcher::Config to function as intended.

What's Changed

Fixed

  • runtime::watcher: only set rv if semantic is any by @goenning in #1204
  • watcher::Config: Derive Clone + Debug + PartialEq by @clux in #1206

Bugfix Release

nullable is re-instated on Option types from CustomResource generated schemas, due to unintended errors removing it caused on Api::patch calls on None members that were not setting #[serde(skip_serializing_if = "Option::is_none")]. This only affected 0.81 and 0.82 from last week, and does not require user action regardless of where you are upgrading from.

This release also fixes a metadata_watcher triggering deserialization error from doing Api::list_metadata on an empty set.

What's Changed

Fixed

  • Fix WatchParams bookmarks for watch_metadata by @clux in #1193
  • Fix ObjectList not deserializing items: null by @suryapandian in #1199
  • Revert "kube-derive: Disable option_nullable for CRD generation" by @Dav1dde in #1201

0.82.0 / 2023-04-08

Dependency Updates

This release brings in the new k8s-openapi release. Be sure to upgrade k8s-openapi and kube simultaneously to avoid multiple version errors:

cargo upgrade -p k8s-openapi -p kube -i

What's Changed

Changed

  • Bump serde_yaml to 0.9 by @clux in #1188
  • Bump k8s-openapi to 0.18.0 by @clux in #1190

Highlights

List/Watch Changes

One big change is the splitting of ListParams into ListParams and WatchParams in #1162 and #1171. If you were using api.list directly, this should not affect you, but api.watch calls will need a replace of ListParams to WatchParams. Apart from the resulting field splitting, the two structs still have a mostly compatible api.

If you were passing ListParams to watcher, you can change this for a new watcher::Config with a mostly compatible interface:

-    let stream = watcher(api, ListParams::default());
+    let stream = watcher(api, watcher::Config::default());

The reason for this change has been to add support for specific version match strategies and has new builders on both ListParams and watcher::Config to control the strategy. Using the new VersionMatch::NotOlderThan can reduce strain on the apiserver for individual api.list calls. Watchers will benefit the most from this, and should consider using the semantic Any strategy (= NotOlderThan with version "0") on all relists by setting watcher::Config::any_semantic().

rustls

This release closes all our rustls issues as a consequence of the long standing IP address incompatibility (#153) having been resolved upstream. All rustls specific overrides (such as using the deprecated incluster_dns strategy for configuration #1184) have been removed as a result.

Controller streams

Multiple new runtime features have been added to be able to more precisely control the input streams used by Controller a starting step towards stream sharing (#1080) and as a way to reduce excess input events. Because these interfaces are likely to remain in flux for some time, these are only available under unstable feature flags.

What's Changed

Added

  • Add predicates to allow filtering watcher streams by @clux in #911
  • Add Controller::owns_stream by @Dav1dde in #1173
  • Add Controller::for_stream + Controller::watches_stream by @clux in #1187

Changed

  • Split ListParams and WatchParams by @nabokihms in #1162
  • Make VersionMatch follow upstream + configure list semantics in watcher::Config by @clux in #1171
  • kube-derive: Disable option_nullable for CRD generation by @Dav1dde in #1079

Fixed

  • Run rustls CI against IP cluster address by @clux in #1183
  • Fix: tower buffer's worker closed unexpectedly by @divinerapier in #1185
  • Avoid special Config::incluster behavior for rustls by @clux in #1184

0.80.0 / 2023-03-02

Notes

The PartialObjectMeta struct has been changed to allow static dispatch through a new generic parameter. It comes with a new PartialObjectMetaExt trait to help construct it.

Early release for the above change to the new metadata api, plus a trigger for our currently broken docs.rs.

What's Changed

Changed

  • Genericize PartialObjectMeta over the underlying Resource by @clux in #1152

Fixed

  • Bypass nightly ICE in docs build by @clux in #1155

Watch Improvements

A big feature this time around is the added support for the metadata api via #1137. This is a variant api that only returns the ObjectMeta and TypeMeta to reduce network load, and has a low-level watch analogue available at Api::watch_metadata. Most users will generally want an infinite watch stream rather than the low-level method, so kube::runtime::metadata_watcher has been added as a direct analogue of watcher via #1145. The dynamic_watcher example shows how to switch between the two to get up and running.

The watcher also emits warnings now when HTTP 403s are encountered from Kubernetes, as this usually indicates a non-transient misconfiguration that must be fixed on the administrator side with RBAC.

Finally, there is work in progress on shared streams via WatchStreamExt from #1131 under an unstable feature.

What's Changed

Added

  • Client: expose default_namespace() by @jpmcb in #1123
  • Add support for metadata API by @mateiidavid in #1137
  • Runtime: Add WatchStreamExt::subscribe by @danrspencer in #1131
  • Introduce support for persistent metadata watches by @mateiidavid in #1145

Changed

  • Bump Rust MSRV to 1.63.0 by @mateiidavid in #1146

Fixed

  • Config: make cluster/users/clusters optional by @goenning in #1120
  • Add better logging for watcher errors by @clux in #1134
  • kubeconfig: deserialize null vectors as default by @goenning in #1142

0.78.0 / 2023-01-06

Kubernetes Bump

This release brings in the new k8s-openapi release for 1.26 structs, and sets our MK8SV to 1.21. Be sure to upgrade k8s-openapi and kube simultaneously to avoid multiple version errors:

cargo upgrade -p k8s-openapi -p kube -i

What's Changed

Added

  • reflector: add helper function to the Store by @eliad-wiz in #1111

Changed

Removed

  • Remove deprecated Config::timeout by @clux in #1113

Fixed

  • fix shell exec exiting message loop when terminalSizeReceiver is dropped by @erebe in #1112

0.77.0 / 2022-12-15

Highlights

This release saw numerous improvements across various parts of the codebase with lots of help from external contributors. Look for improvements in error handling, client exec behaviour, dynamic object conversion, certificate handling, and last, but not least; lots of enhancements in the config module. Huge thanks to everyone who contributed!

Config Enhancements

Kubeconfigs relying on ExecConfig for auth should now work with a lot more cases (with improvements to script interactivity, cert passing, env-drop, and windows behaviour). We further aligned our Kubeconfig parsing with client-go's behaviour, and also exposed Kubeconfig::merge. Finally, we now pass Config::tls_server_name through to the Client, which has let us include a better rustls workaround for the long-standing ip issue (enabled by default).

What's Changed

Added

  • Add DynamicObjects::try_parse for typed object conversion by @jmintb in #1061
  • Add ExecConfig::drop_env to filter host evars for auth providers by @aviramha in #1062
  • Add support for terminal size when executing command inside a container by @armandpicard in #983
  • add cmd-drop-env to AuthProviderConfig by @aviramha in #1074
  • Check for client cert with exec by @rcanderson23 in #1089
  • Change Kubeconfig::merge fn to public. by @goenning in #1100
  • Fix interactivity in auth exec by @armandpicard in #1083

Changed

  • [windows] skip window creation on auth exec by @goenning in #1095
  • Add Config::tls_server_name and validate when using rustls by @clux in #1104

Removed

  • Remove deprecated ResourceExt::name by @clux in #1105

Fixed

  • Bump tracing dependency to 0.1.36 by @teozkr in #1070
  • Improve error message on azure auth not being supported by @goenning in #1082
  • exec: ensure certs always end with a new line by @goenning in #1096
  • fix: align kube-rs with client-go config parsing by @goenning in #1077
  • Return error from watcher when kinds do not support watch by @clux in #1101

0.76.0 / 2022-10-28

Highlights

Expanding on our existing support for storing Rust's struct enums in CRDs, Kube will now try to convert #[serde(untagged)] enums as well. Note that if the same field is present in multiple untagged variants then they must all have the same shape.

These have been deprecated since 0.72, and are replaced by the equivalent WatchStreamExt methods.

What's Changed

Added

  • Adds example to Controller::watches by @Dav1dde in #1026
  • Discovery: Add ApiGroup::resources_by_stability by @imuxin in #1022
  • Add support for untagged enums in CRDs by @sbernauer in #1028
  • Derive PartialEq for DynamicObject by @pbzweihander in #1048

Removed

  • Runtime: Remove deprecated util try_flatten_ helpers by @clux in #1019
  • Remove native-tls feature by @kazk in #1044

Fixed

  • add fieldManager querystring to all operations by @goenning in #1031
  • Add verify_tls1x_signature for NoCertVerification by @rvql in #1034
  • Fix compatibility with schemars' preserve_order feature by @teozkr in #1050
  • Hoist enum values from subschemas by @teozkr in #1051

0.75.0 / 2022-09-21

Highlights

The update to [email protected] makes this the first release with tentative Kubernetes 1.25 support. While the new structs and apis now exist, we recommend holding off on using 1.25 until a deserialization bug in the apiserver is resolved upstream. See #997 / #1008 for details.

To upgrade, ensure you bump both kube and k8s-openapi:

cargo upgrade kube k8s-openapi

Our previous default of connecting to the Kubernetes apiserver via kubernetes.default.svc has been reverted back to use the old environment variables after Kubernetes updated their position that the environment variables are not legacy. This does unfortunately regress on rustls support, so for those users we have included a Config::incluster_dns to work around the old rustls issue while it is open.

The error_policy fn now has access to the object that failed the reconciliation to ease metric creation / failure attribution. The following change is needed on the user side:

-fn error_policy(error: &Error, ctx: Arc<Data>) -> Action {
+fn error_policy(_obj: Arc<YourObject>, error: &Error, ctx: Arc<Data>) -> Action {

Polish / Subresources / Conversion

There are also a slew of ergonomics improvements, closing of gaps in subresources, adding initial support for ConversionReview, making Api::namespaced impossible to use for non-namepaced resources (a common pitfall), as well as many great fixes to the edge cases in portforwarding and finalizers. Many of these changes came from first time contributors. A huge thank you to everyone involved.

What's Changed

Added

  • Make Config::auth_info public by @danrspencer in #959
  • Make raw Client::send method public by @tiagolobocastro in #972
  • Make types on AdmissionRequest and AdmissionResponse public by @clux in #977
  • Add #[serde(default)] to metadata field of DynamicObject by @pbzweihander in #987
  • Add create_subresource method to Api and create_token_request method to Api<ServiceAccount> by @pbzweihander in #989
  • Controller: impl Eq and PartialEq for Action by @Sherlock-Holo in #993
  • Add support for CRD ConversionReview types by @MikailBag in #999

Changed

  • Constrain Resource trait and Api::namespaced by Scope by @clux in #956
  • Add connect/read/write timeouts to Config by @goenning in #971
  • Controller: Include the object being reconciled in the error_policy by @felipesere in #995
  • Config: New incluster and incluster_dns constructors by @olix0r in #1001
  • Upgrade k8s-openapi to 0.16 by @clux in #1008

Fixed

  • Remove tracing::instrument from apply_debug_overrides by @kazk in #958
  • fix duplicate finalizers race condition by @alex-hunt-materialize in #965
  • fix: portforward connection cleanup by @tiagolobocastro in #973

0.74.0 / 2022-07-09

Highlights

Polish, bug fixes, guidelines, ci improvements, and new contributors

This release features smaller improvements/additions/cleanups/fixes, many of which are from new first-time contributors! Thank you everyone! The listed deadlock fix was backported to 0.73.1.

We have also been trying to clarify and prove a lot more of our external-facing guarantees, and as a result:

A consequence of all the policy writing and the improved clarity we have decided to deprecate the common ResourceExt::name helper.

This method could panic and it is unexpected for the users and bad for our consistency. To get the old functionality, you can replace any .name() call on a Kubernetes resources with .name_unchecked(); but as the name implies, it can panic (in a local setting, or during admission). We recommend you replace it with the new ResourceExt::name_any for a general identifier:

-pod.name()
+pod.name_any()

What's Changed

Added

  • Add support for passing the fieldValidation query parameter on patch by @phroggyy in #929
  • Add conditions::is_job_completed by @clux in #935

Changed

  • Deprecate ResourceExt::name in favour of safe name_* alternatives by @clux in #945

Removed

  • Remove #[kube(apiextensions)] flag from kube-derive by @clux in #920

Fixed

  • Document every public derived fn from kube-derive by @clux in #919
  • fix applier hangs which can happen with many watched objects by @moustafab in #925
  • Applier: Improve reconciler reschedule context to avoid deadlocking on full channel by @teozkr in #932
  • Fix deserialization issue in AdmissionResponse by @clux in #939
  • Admission controller example fixes by @Alibirb in #950

0.73.1 / 2022-06-03

Highlights

This patch release fixes a bug causing applier and Controller to deadlock when too many Kubernetes object change events were ingested at once. All users of applier and Controller are encouraged to upgrade as quickly as possible. Older versions are also affected, this bug is believed to have existed since the original release of kube_runtime.

What's Changed

Fixed

  • [0.73 backport] fix applier hangs which can happen with many watched objects (#925) by @moustafab (backported by @teozkr) in #927

Highlights

Support added for Kubernetes v1_24 support via the new k8s-openapi version. Please also run cargo upgrade --workspace k8s-openapi when upgrading kube.

This also bumps our MSRV to 1.60.0.

A small ergonomic change in the reconcile signature has removed the need for the Context object. This has been replaced by an Arc. The following change is needed in your controller:

-async fn reconcile(doc: Arc<MyObject>, context: Context<Data>) -> Result<Action, Error>
+async fn reconcile(doc: Arc<MyObject>, context: Arc<Data>) -> Result<Action, Error>

This will simplify the usage of the context argument. You should no longer need to pass .get_ref() on its every use. See the controller-rs upgrade change for details.

What's Changed

Added

  • Add Discovery::groups_alphabetical following kubectl sort order by @clux in #887

Changed

  • Replace runtime::controller::Context with Arc by @teozkr in #910
  • runtime: Return the object from await_condition by @olix0r in #877
  • Bump k8s-openapi to 0.15 for kubernetes v1_24 and bump MSRV to 1.60 by @clux in #916

0.72.0 / 2022-05-13

Highlights

Ergonomics improvements

A new runtime::WatchSteamExt (#899 + #906) allows for simpler setups for streams from watcher or reflector.

- let stream = utils::try_flatten_applied(StreamBackoff::new(watcher(api, lp), b));
+ let stream = watcher(api, lp).backoff(b).applied_objects();

The util::try_flatten_* helpers have been marked as deprecated since they are not used by the stream impls.

A new reflector:store() fn allows simpler reflector setups #907:

- let store = reflector::store::Writer::<Node>::default();
- let reader = store.as_reader();
+ let (reader, writer) = reflector::store();

Additional conveniences getters/settes to ResourceExt for manged_fields and creation_timestamp #888 + #898, plus a GroupVersion::with_kind path to a GVK, and a TryFrom<TypeMeta> for GroupVersionKind in #896.

CRD Version Selection

Managing multiple version in CustomResourceDefinitions can be pretty complicated, but we now have helpers and docs on how to tackle it.

A new function kube::core::crd::merge_crds have been added (in #889) to help push crd schemas generated by kube-derived crds with different #[kube(version)] properties. See the kube-derive#version documentation for details.

A new example showcases how one can manage two or more versions of a crd and what the expected truncation outcomes are when moving between versions.

Examples

Examples now have moved to tracing for its logging, respects RUST_LOG, and namespace selection via the kubeconfig context. There is also a larger kubectl example showcasing kubectl apply -f yaml as well as kubectl {edit,delete,get,watch} via #885 + #897.

What's Changed

Added

  • Allow merging multi-version CRDs into a single schema by @clux in #889
  • Add GroupVersion::with_kind and TypeMeta -> GroupVersionKind converters by @clux in #896
  • Add managed_fields accessors to ResourceExt by @clux in #898
  • Add ResourceExt::creation_timestamp by @clux in #888
  • Support lowercase http_proxy & https_proxy evars by @DevineLiu in #892
  • Add a WatchStreamExt trait for stream chaining by @clux in #899
  • Add Event::modify + reflector::store helpers by @clux in #907

Changed

  • Switch to kubernetes cluster dns for incluster url everywhere by @clux in #876
  • Update tower-http requirement from 0.2.0 to 0.3.2 by @dependabot in #893

Removed

  • Remove deprecated legacy crd v1beta1 by @clux in #890

0.71.0 / 2022-04-12

Highlights

Several quality of life changes and improvement this release for port-forwarding, a new ClientBuilder, better handling of kube-derive edge-cases.

We highlight some changes here that you should be especially aware of.

Publishing events via Recorder for cluster scoped resources (supported since 0.70.0) now publish to kube-system rather than default, as all but the newest clusters struggle with publishing events in the default namespace.

The previous native-tls default was there because we used to depend on reqwest, but because we depended on openssl anyway the feature does not make much sense. Changing to openssl-tls also improves the situation on macOS where the Security Framework struggles with PKCS#12 certs from OpenSSL v3. The native-tls feature will still be available in this release in case of issues, but the plan is to decommission it shortly. Of course, we all ideally want to move to rustls, but we are still blocked by #153.

What's Changed

Added

  • Add ClientBuilder that lets users add custom middleware without full stack replacement by @teozkr in #855
  • Support top-level enums in CRDs by @sbernauer in #856

Changed

  • portforward: Improve API and support background task cancelation by @olix0r in #854
  • Make remote commands cancellable and remove panics by @kazk in #861
  • Change the default TLS to OpenSSL by @kazk in #863
  • change event recorder cluster namespace to kube-system by @clux in #871

Fixed

  • Fix schemas containing both properties and additionalProperties by @jcaesar in #845
  • Make dependency pins between sibling crates stricter by @clux in #864
  • Fix in-cluster kube_host_port generation for IPv6 by @somnusfish in #875

0.70.0 / 2022-03-20

Highlights

This was one of the big blockers for using rustls against clusters like k3d or k3s While not sufficient to fix using those clusters out of the box, it is now possible to use them with a workarodund

The signature and end the Ok action in reconcile fns has been simplified slightly, and requires the following user updates:

-async fn reconcile(obj: Arc<MyObject>, ctx: Context<Data>) -> Result<ReconcilerAction, Error> {
-    ...
-    Ok(ReconcilerAction {
-        requeue_after: Some(Duration::from_secs(300)),
-    })
+async fn reconcile(obj: Arc<MyObject>, ctx: Context<Data>) -> Result<Action, Error> {
+    ...
+    Ok(Action::requeue(Duration::from_secs(300)))

The Action import lives in the same place as the old ReconcilerAction.

What's Changed

Added

  • Add support for EC private keys by @farcaller in #804
  • Add helper for creating a controller owner_ref on Resource by @clux in #850

Changed

  • Remove scheduler::Error by @teozkr in #827
  • Bump parking_lot to 0.12, but allow dep duplicates by @clux in #836
  • Update tokio-tungstenite requirement from 0.16.1 to 0.17.1 by @dependabot in #841
  • Let OccupiedEntry::commit take PostParams by @teozkr in #842
  • Change ReconcileAction to Action and add associated ctors by @clux in #851

Fixed

  • Token reloading with RwLock by @kazk in #835
  • Fix event publishing for cluster scoped crds by @zhrebicek in #847
  • Fix invalid CRD when Enum variants have descriptions by @sbernauer in #852

0.69.1 / 2022-02-16

Highlights

This is an emergency patch release fixing a bug in 0.69.0 where a kube::Client would deadlock after running inside a cluster for about a minute (#829).

All users of 0.69.0 are encouraged to upgrade immediately. 0.68.x and below are not affected.

What's Changed

Fixed

  • [0.69.x] Fix deadlock in token reloading by @clux (backported by @teozkr) in #831

0.69.0 / 2022-02-14

Highlights

Ergonomic Additions to Api

Two new methods have been added to the client Api this release to reduce the amount of boiler-plate needed for common patterns.

Following a requirement for Kubernetes clients against versions >= 1.22.0, our bundled AuthLayer will reload tokens every minute when deployed in-cluster.

What's Changed

Added

  • Add conversion for ObjectRef<K> to ObjectReference by @teozkr in #815
  • Add Api::get_opt for better existence handling by @teozkr in #809
  • Entry API by @teozkr in #811

Changed

  • Reload token file at least once a minute by @kazk in #768
  • Prefer kubeconfig over in-cluster config by @teozkr in #823

Fixed

  • Disable CSR utilities on K8s <1.19 by @teozkr in #817

0.68.0 / 2022-02-01

Interface Changes

To reduce the amount of allocation done inside the runtime by reflectors and controllers, the following change via #786 is needed on the signature of your reconcile functions:

-async fn reconcile(myobj: MyK, ctx: Context<Data>) -> Result<ReconcilerAction>
+async fn reconcile(myobj: Arc<MyK>, ctx: Context<Data>) -> Result<ReconcilerAction>

This also affects the finalizer helper.

As one of the last steps toward gold level client requirements, port-forwarding landed in #446. There are 3 new examples (port_forward*.rs) that showcases how to use this websocket based functionality.

Added

  • Add a VS Code devcontainer configuration by @olix0r in #788
  • Add support for user impersonation by @teozkr in #797
  • Add port forward by @kazk in #446

Changed

  • runtime: Store resources in an Arc by @olix0r in #786
  • Propagate Arc through the finalizer reconciler helper by @teozkr in #792
  • Disable unused default features of chrono crate by @dreamer in #801

Fixed

  • Use absolute path to Result in derives by @teozkr in #795
  • core: add missing reason to Display on Error::Validation in Request by @clux in #798

0.67.0 / 2022-01-25

Changed

  • runtime: Replace DashMap with a locked AHashMap by @olix0r in #785
  • update k8s-openapi for kubernetes 1.23 support by @clux in #789

0.66.0 / 2022-01-15

Tons of ergonomics improvements, and 3 new contributors. Highlighted first is the 3 most discussed changes:

It is now possible to embed complex enums inside structs that use #[derive(CustomResource)].

This has been a highly requested feature since the inception of auto-generated schemas. It does not work for all cases, and has certain ergonomics caveats, but represents a huge step forwards.

Note that if you depend on kube-derive directly rather than via kube then you must now add the schema feature to kube-core

To avoid spamming the apiserver when on certain watch errors cases, it's now possible to stream wrap the watcher to set backoffs. The new default_backoff follows existing client-go conventions of being kind to the apiserver.

Initially, this is default-enabled in Controller watches (configurable via Controller::trigger_backoff) and avoids spam errors when crds are not installed.

To aid users picking the most appropriate version of a kind from api discovery or through a CRD, two new sort orders have been exposed on the new kube_core::Version

Changes

Merged PRs from github release.

Added

  • Add DeleteParams constructors for easily setting PropagationPolicy by @kate-goldenring in #757
  • Add Serialize to ObjecList and add field-selector and jsonpath example by @ChinYing-Li in #760
  • Implement cordon/uncordon for Node by @ChinYing-Li in #762
  • Export Version priority parser with Ord impls in kube_core by @clux in #764
  • Add Api fns for arbitrary subresources and approval subresource for CertificateSigningRequest by @ChinYing-Li in #773

Changed

  • Add backoff handling for watcher and Controller by @clux in #703
  • Remove crate private identity_pem field from Config by @kazk in #771
  • Use SecretString in AuthInfo to avoid credential leaking by @ChinYing-Li in #766

0.65.0 / 2021-12-10

  • BREAKING: Removed kube::Error::OpenSslError - #716
  • BREAKING: Removed kube::Error::SslError - #704 and #716
  • BREAKING: Added kube::Error::NativeTls(kube::client::NativeTlsError) for errors from Native TLS - #716
  • BREAKING: Added kube::Error::RustlsTls(kube::client::RustlsTlsError) for errors from Rustls TLS - #704
  • Modified Kubeconfig parsing - allow empty kubeconfigs as per kubectl - #721
  • Added Kubeconfig::from_yaml - #718 via #719
  • Updated rustls to 0.20.1 - #704
  • BREAKING: Added ObjectRef to the object that failed to be reconciled to kube::runtime::controller::Error::ReconcileFailed - #733
  • BREAKING: Removed api_version and kind fields from kind structs generated by kube::CustomResource - #739
  • Updated tokio-tungstenite to 0.16 - #750
  • Updated tower-http to 0.2.0 - #748
  • BREAKING: kube-client: replace RefreshTokenLayer with AsyncFilterLayer in AuthLayer - #752

0.64.0 / 2021-11-16

  • BREAKING: Replaced feature kube-derive/schema with attribute #[kube(schema)] - #690
    • If you currently disable default kube-derive default features to avoid automatic schema generation, add #[kube(schema = "disabled")] to your spec struct instead
  • BREAKING: Moved CustomResource derive crate overrides into subattribute #[kube(crates(...))] - #690
    • Replace #[kube(kube_core = .., k8s_openapi = .., schema = .., serde = .., serde_json = ..)] with #[kube(crates(kube_core = .., k8s_openapi = .., schema = .., serde = .., serde_json = ..))]
  • Added openssl-tls feature to use openssl for TLS on all platforms. Note that, even though native-tls uses a platform specific TLS, kube requires openssl on all platforms because native-tls only allows PKCS12 input to load certificates and private key at the moment, and creating PKCS12 requires openssl. - #700
  • BREAKING: Changed to fail loading configurations with PEM-encoded certificates containing invalid sections instead of ignoring them. Updated pem to 1.0.1. - #702
  • oauth: Updated tame-oauth to 0.6.0 which supports the same default credentials flow as the Go oauth2 for Google OAuth. In addition to reading the service account information from JSON file specified with GOOGLE_APPLICATION_CREDENTIALS environment variable, Application Default Credentials from gcloud, and obtaining OAuth tokens from local metadata server when running inside GCP are now supported. - #701

Refining Errors

We started working on improving error ergonomics. See the tracking issue #688 for more details.

The following is the summary of changes to kube::Error included in this release:

  • Added Error::Auth(kube::client::AuthError) (errors related to client auth, some of them were previously in Error::Kubeconfig)
  • Added Error::BuildRequest(kube::core::request::Error) (errors building request from kube::core)
  • Added Error::InferConfig(kube::config::InferConfigError) (for Client::try_default)
  • Added Error::OpensslTls(kube::client::OpensslTlsError) (new openssl-tls feature) - #700
  • Added Error::UpgradeConnection(kube::client::UpgradeConnectinError) (ws feature, errors from upgrading a connection)
  • Removed Error::Connection (was unused)
  • Removed Error::RequestBuild (was unused)
  • Removed Error::RequestSend (was unused)
  • Removed Error::RequestParse (was unused)
  • Removed Error::InvalidUri (replaced by variants of errors in kube::config errors)
  • Removed Error::RequestValidation (replaced by a variant of Error::BuildRequest)
  • Removed Error::Kubeconfig (replaced by Error::InferConfig, and Error::Auth)
  • Removed Error::ProtocolSwitch (ws only, replaced by Error::UpgradeConnection)
  • Removed Error::MissingUpgradeWebSocketHeader (ws only, replaced by Error::UpgradeConnection)
  • Removed Error::MissingConnectionUpgradeHeader (ws only, replaced by Error::UpgradeConnection)
  • Removed Error::SecWebSocketAcceptKeyMismatch (ws only, replaced by Error::UpgradeConnection)
  • Removed Error::SecWebSocketProtocolMismatch (ws only, replaced by Error::UpgradeConnection)
  • Removed impl From<T> for Error
Expand for more details

The following breaking changes were made as a part of an effort to refine errors (the list is large, but most of them are lower level, and shouldn't require much change in most cases):

  • Removed impl From<E> for kube::Error - #686
  • Removed unused error variants in kube::Error: Connection, RequestBuild, RequestSend, RequestParse - #689
  • Removed unused error variant kube::error::ConfigError::LoadConfigFile - #689
  • Changed kube::Error::RequestValidation(String) to kube::Error::BuildRequest(kube::core::request::Error). Includes possible errors from building an HTTP request, and contains some errors from kube::core that was previously grouped under kube::Error::SerdeError and kube::Error::HttpError. kube::core::request::Error is described below. - #686
  • Removed kube::core::Error and kube::core::Result. kube::core::Error was replaced by more specific errors. - #686
    • Replaced kube::core::Error::InvalidGroupVersion with kube::core::gvk::ParseGroupVersionError
    • Changed the error returned from kube::core::admission::AdmissionRequest::with_patch to kube::core::admission::SerializePatchError (was kube::core::Error::SerdeError)
    • Changed the error associated with TryInto<AdmissionRequest<T>> to kube::core::admission::ConvertAdmissionReviewError (was kube::core::Error::RequestValidation)
    • Changed the error returned from methods of kube::core::Request to kube::core::request::Error (was kube::core::Error). kube::core::request::Error represents possible errors when building an HTTP request. The removed kube::core::Error had RequestValidation(String), SerdeError(serde_json::Error), and HttpError(http::Error) variants. They are now Validation(String), SerializeBody(serde_json::Error), and BuildRequest(http::Error) respectively in kube::core::request::Error.
  • Changed variants of error enums in kube::runtime to tuples. Replaced snafu with thiserror. - #686
  • Removed kube::error::ConfigError and kube::Error::Kubeconfig(ConfigError) - #696
    • Error variants related to client auth were moved to a new error kube::client::AuthError as described below
    • Remaining variants were split into kube::config::{InferConfigError, InClusterError, KubeconfigError} as described below
  • Added kube::client::AuthError by extracting error variants related to client auth from kube::ConfigError and adding more variants to preserve context - #696
  • Moved kube::error::OAuthError to kube::client::OAuthError - #696
  • Changed all errors in kube::client::auth to kube::client::AuthError - #696
  • Added kube::Error::Auth(kube::client::AuthError) - #696
  • Added kube::config::InferConfigError which is an error from Config::infer() and kube::Error::InferConfig(kube::config::InferConfigError) - #696
  • Added kube::config::InClusterError for errors related to loading in-cluster configuration by splitting kube::ConfigError and adding more variants to preserve context. - #696
  • Added kube::config::KubeconfigError for errors related to loading kubeconfig by splitting kube::ConfigError and adding more variants to preserve context. - #696
  • Changed methods of kube::Config to return these erorrs instead of kube::Error - #696
  • Removed kube::Error::InvalidUri which was replaced by error variants preserving context, such as KubeconfigError::ParseProxyUrl - #696
  • Moved all errors from upgrading to a WebSocket connection into kube::Error::UpgradeConnection(kube::client::UpgradeConnectionError) - #696

0.63.2 / 2021-10-28

  • kube::runtime::events: fix build and hide module on kubernetes < 1.19 (events/v1 missing there) - #685

0.63.1 / 2021-10-26

  • kube::runtime::wait::Condition added boolean combinators (not/and/or) - #678
  • kube: fix docs.rs build - #681 via #682

0.63.0 / 2021-10-26

  • rust edition bumped to 2021 - #664, #666, #667
  • kube::CustomResource derive can now take arbitrary #[kube(k8s_openapi)] style-paths for k8s_openapi, schemars, serde, and serde_json - #675
  • kube: fix native-tls included when only rustls-tls feature is selected - #673 via #674

0.62.0 / 2021-10-22

  • kube now re-exports kube-runtime under runtime feature - #651 via #652
  • no need to keep both kube and kube_runtime in Cargo.toml anymore
  • fixes issues with dependabot / lock-step upgrading
  • change kube_runtime::X import paths to kube::runtime::X when moving to the feature
  • kube::runtime added events module with an event Recorder - #249 via #653 + #662 + #663
  • kube::runtime::wait::conditions added is_crd_established helper - #659
  • kube::CustomResource derive can now take an arbitrary #[kube(kube_core)] path for kube::core - #658
  • kube::core consistently re-exported across crates
  • docs: major overhaul + architecture.md - #416 via #652

0.61.0 / 2021-10-09

  • kube-core: BREAKING: extend CustomResourceExt trait with ::shortnames method (impl in kube-derive) - #641
  • kube-runtime: add wait module to await_condition, and added watch_object to watcher - #632 via #633
  • kube: add Restart marker trait to allow Api::restart on core workloads - #630 via #635
  • bump dependencies: tokio-tungstenite, k8s-openapi, schemars, tokio in particular - #643 + #645

0.60.0 / 2021-09-02

  • kube: support k8s-openapi with v1_22 features - #621 via #622
  • kube: BREAKING: support for CustomResourceDefinition at v1beta1 now requires an opt-in deprecated-crd-v1beta1 feature - #622
  • kube-core: add content-type header to requests with body - #626 via #627

0.59.0 / 2021-08-09

  • BREAKING: bumped k8s-openapi to 0.13.0 - #581 via #616
  • kube connects to kubernetes via cluster dns when using rustls - #587 via #597
    • client now works with rustls feature in-cluster - #153 via #597
  • kube nicer serialization of Kubeconfig - #613
  • kube-core added serde traits for ApiResource - #590
  • kube-core added CrdExtensions::crd_name method (implemented by kube-derive) - #583
  • kube-core added the HasSpec and HasStatus traits - #605
  • kube-derive added support to automatically implement the HasSpec and HasStatus traits - #605
  • kube-runtime fix tracing span hierarchy from applier - #600

0.58.1 / 2021-07-06

  • kube-runtime: fix non-unix builds - #582

0.58.0 / 2021-07-05

  • kube: BREAKING: subresource marker traits renamed conjugation: Log, Execute, Attach, Evict (previously Logging, Executable, Attachable, Evictable) - #536 via #560
  • kube-derive added #[kube(category)] attr to set CRD categories - #559
  • kube-runtime added finalizer helper #291 via #475
  • kube-runtime added tracing for why reconciliations happened #457 via #571
  • kube-runtime added Controller::reconcile_all_on to allow scheduling all objects for reconciliation #551 via #555
  • kube-runtime added Controller::graceful_shutdown_on for shutting down the Controller while waiting for running reconciliations to finish - #552 via #573
  • BREAKING: controller::applier now starts a graceful shutdown when the queue terminates
  • BREAKING: scheduler now shuts down immediately when requests terminates, rather than waiting for the pending reconciliations to drain
  • kube-runtime added tracking for reconciliation reason
  • Added: Controller::owns_with and Controller::watches_with to pass a dyntype argument for dynamic Apis - #575
  • BREAKING: Controller::owns signature changed to not allow DynamicTypes
  • BREAKING: controller::trigger_* now returns a ReconcileRequest rather than ObjectRef. The ObjectRef can be accessed via the obj_ref field

Known Issues

  • Api::replace can fail to unset list values with k8s-openapi 0.12 #581

0.57.0 / 2021-06-16

  • kube: custom clients now respect default namespaces - fixes #534 via #544
  • BREAKING: custom clients via Client::new must pass config.default_namespace as 2nd arg
  • kube: Added CustomResourceExt trait for kube-derive - #497 via #545
  • BREAKING: kube-derive users must import kube::CustomResourceExt (or kube::core::crd::v1beta1::CustomResourceExt if using legacy #[kube(apiextensions = "v1beta1")]) to use generated methods Foo::crd or Foo::api_resource
  • BREAKING: k8s_openapi bumped to 0.12.0 - #531
    • Generated structs simplified + Resource trait expanded
    • Adds support for kubernetes v1_21
    • Contains bugfix for kubernetes#102159
  • kube resource plurals is no longer inferred from k8s-openapi structs - #284 via #556
  • BREAKING: kube::Resource trait now requires a plural implementation

Known Issues

  • Api::replace can fail to unset list values with k8s-openapi 0.12 #581

0.56.0 / 2021-06-05

  • kube: added Api::default_namespaced - #209 via #534
  • kube: added config feature - #533 via #535
  • kube: BREAKING: moved client::discovery module to kube::discovery and rewritten module #538
  • discovery: added oneshot helpers for quick selection of recommended resources / kinds #538
  • discovery: moved ApiResource and ApiCapabilities (result of discovery) to kube_core::discovery
  • BREAKING: removed internal ApiResource::from_apiresource
  • kube::Client is now configurable with layers using tower-http #539 via #540
  • three new examples added: custom_client, custom_client_tls and custom_client_trace
  • Big feature streamlining, big service and layer restructuring, dependency restructurings
  • Changes can hit advanced users, but unlikely to hit base use cases with Api and Client.
  • In depth changes broken down below:

TLS Enhancements

  • Add kube::client::ConfigExt extending Config for custom Client. This includes methods to configure TLS connection when building a custom client #539
    • native-tls: Config::native_tls_https_connector and Config::native_tls_connector
    • rustls-tls: Config::rustls_https_connector and Config::rustls_client_config
  • Remove the requirement of having native-tls or rustls-tls enabled when client is enabled. Allow one, both or none.
    • When both, the default Service will use native-tls because of #153. rustls can be still used with a custom client. Users will have an option to configure TLS at runtime.
    • When none, HTTP connector is used.
  • Remove TLS features from kube-runtime
    • BREAKING: Features must be removed if specified
  • Remove client feature from native-tls and rust-tls features
    • config + native-tls/rustls-tls can be used independently, e.g., to create a simple HTTP client
    • BREAKING: client feature must be added if default-features = false

Layers

  • ConfigExt::base_uri_layer (BaseUriLayer) to set cluster URL (#539)
  • ConfigExt::auth_layer that returns optional layer to manage Authorization header (#539)
  • gzip: Replaced custom decompression module with DecompressionLayer from tower-http (#539)
  • Replaced custom LogRequest with TraceLayer from tower-http (#539)
    • Request body is no longer shown
  • Basic and Bearer authentication using AddAuthorizationLayer (borrowing from tower-rs/tower-http#95 until released)
  • BREAKING: Remove headers from Config. Injecting arbitrary headers is now done with a layer on a custom client.

Dependency Changes

  • Remove static_assertions since it's no longer used
  • Replace tokio_rustls with rustls and webpki since we're not using tokio_rustls directly
  • Replace uses of rustls::internal::pemfile with rustls-pemfile
  • Remove url and always use http::Uri
    • BREAKING: Config::cluster_url is now http::Uri
    • BREAKING: Error::InternalUrlError(url::ParseError) and Error::MalformedUrl(url::ParseError) replaced by Error::InvalidUri(http::uri::InvalidUri)

0.55.0 / 2021-05-21

  • kube: client feature added (default-enabled) - #528
  • kube: PatchParams force now only works with Patch::Apply #528
  • kube: api discovery module now uses a new ApiResource struct #495 + #482
  • kube: api BREAKING: DynamicObject + Object now takes an ApiResource rather than a GroupVersionKind
  • kube: api BREAKING: discovery module's Group renamed to ApiGroup
  • kube: client BREAKING: kube::client::Status moved to kube::core::Status (accidental, re-adding in 0.56)
  • kube-core crate factored out of kube to reduce dependencies - #516 via #517 + #519 + #522 + #528 + #530
  • kube: kube::Service removed to allow kube::Client to take an abritrary Service<http::Request<hyper::Body>> - #532

0.54.0 / 2021-05-19

  • yanked 30 minutes after release due to #525
  • changes lifted to 0.55.0

0.53.0 / 2021-05-15

  • kube: admission controller module added under feature - #477 via #484 + fixes in #488 #498 #499 + #507 + #509
  • kube: config parsing of pem blobs now resilient against missing newlines - #504 via #505
  • kube: discovery module added to simplify dynamic api usage - #491
  • kube: api BREAKING: DynamicObject::namespace renamed to ::within - #502
  • kube: api BREAKING: added ResourceExt trait moving the getters from Resource trait - #486
  • kube: api added a generic interface for subresources via Request - #487
  • kube: api fix bug in PatchParams::dry_run not being serialized correctly - #511

0.53.0 Migration Guide

The most likely issue you'll run into is from kube when using Resource trait which has been split:

+use kube::api::ResouceExt;
-    let name = Resource::name(&foo);
-    let ns = Resource::namespace(&foo).expect("foo is namespaced");
+    let name = ResourceExt::name(&foo);
+    let ns = ResourceExt::namespace(&foo).expect("foo is namespaced");

0.52.0 / 2021-03-31

  • kube-derive: allow overriding #[kube(plural)] and #[kube(singular)] - #458 via #463
  • kube: added tracing instrumentation for io operations in kube::Api - #455
  • kube: DeleteParams's Preconditions is now public - #459 via #460
  • kube: remove dependency on duplicate derive_accept_key for ws - #452
  • kube: Properly verify websocket keys in ws handshake - #447
  • kube: BREAKING: removed optional, and deprecated runtime module - #454
  • kube: BREAKING: ListParams bookmarks default enabled - #226 via #445
    • renames member ::allow_bookmarks to ::bookmarks
    • ::default() sets bookmark to true to avoid bad bad defaults #219
    • method ::allow_bookmarks() replaced by ::disable_bookmarks()
  • kube: DynamicObject and GroupVersionKind introduced for full dynamic object support
  • kube-runtime: watchers/reflectors/controllers can be used with dynamic objects from api discovery
  • kube: Pluralisation now only happens for k8s_openapi objects by default #481
    • inflector dependency removed #471
    • added internal pluralisation helper for k8s_openapi objects
  • kube: BREAKING: Restructuring of low level Resource request builder #474
    • Resource renamed to Request and requires only a path_url to construct
  • kube: BREAKING: Mostly internal Meta trait revamped to support dynamic types
    • Meta renamed to kube::Resource to mimic k8s_openapi::Resource #478
    • The trait now takes an optional associated type for runtime type info: DynamicType #385
    • Api::all_with + Api::namespaced_with added for querying with dynamic families
    • see dynamic_watcher + dynamic_api for example usage
  • kube-runtime: BREAKING: lower level interface changes as a result of kube::api::Meta trait:
  • THESE SHOULD NOT AFFECT YOU UNLESS YOU ARE IMPLEMENTING / CUSTOMISING LOW LEVEL TYPES DIRECTLY
  • ObjectRef now generic over kube::Resource rather than RuntimeResource
  • reflector::{Writer, Store} takes a kube::Resource rather than a k8s_openapi::Resource
  • kube-derive: BREAKING: Generated type no longer generates k8s-openapi traits
  • This allows correct pluralisation via #[kube(plural = "mycustomplurals")] #467 via #481

0.52.0 Migration Guide

While we had a few breaking changes. Most are to low level internal interfaces and should not change much, but some changes you might need to make:

kube

  • if using the old, low-level kube::api::Resource, please consider the easier kube::Api, or look at tests in request.rs or typed.rs if you need the low level interface
  • search replace kube::api::Meta with kube::Resource if used - trait was renamed
  • if implementing the trait, add type DynamicType = (); to the impl
  • remove calls to ListParams::allow_bookmarks (allow default)
  • handle WatchEvent::Bookmark or set ListParams::disable_bookmarks()
  • look at examples if replacing the long deprecated legacy runtime

kube-derive

The following constants from k8s_openapi::Resource no longer exist. Please use kube::Resource and:

  • replace Foo::KIND with Foo::kind(&())
  • replace Foo::GROUP with Foo::group(&())
  • replace Foo::VERSION with Foo::version(&())
  • replace Foo::API_VERSION with Foo::api_version(&())

0.51.0 / 2021-02-28

  • kube Config now allows arbirary extension objects - #425
  • kube Config now allows multiple yaml documents per kubeconfig - #440 via #441
  • kube-derive now more robust and is using darling - #435
  • docs improvements to patch + runtime

0.50.1 / 2021-02-17

  • bug: fix oidc auth provider - #424 via #419

0.50.0 / 2021-02-10

  • feat: added support for stacked kubeconfigs - #132 via #411
  • refactor: authentication logic moved out of kube::config and into into kube::service - #409
  • BREAKING: Config::get_auth_header removed
  • refactor: remove hyper dependency from kube::api - #410
  • refactor: kube::Service simpler auth and gzip handling - #405 + #408

0.49.0 / 2021-02-08

  • dependency on reqwest + removed in favour of hyper + tower #394
    • refactor: kube::Client now uses kube::Service (a tower::Service<http::Request<hyper::Body>>) instead of reqwest::Client to handle all requests
    • refactor: kube::Client now uses a tokio_util::codec for internal buffering
    • refactor: async-tungstenite ws feature dependency replaced with tokio-tungstenite. WebSocketStream is now created from a connection upgraded with hyper
    • refactor: oauth2 module for GCP OAuth replaced with optional tame-oauth dependency
    • BREAKING: GCP OAuth is now opt-in (oauth feature). Note that GCP provider with command based token source is supported by default.
    • BREAKING: Gzip decompression is now opt-in (gzip feature) because Kubernetes does not have compression enabled by default yet and this feature requires extra dependencies. #399
    • BREAKING: Client::new now takes a Service instead of Config #400. Allows custom service for features not supported out of the box and testing. To create a Client from Config, use Client::try_from instead.
    • BREAKING: Removed Config::proxy. Proxy is no longer supported out of the box, but it should be possible by using a custom Service.
    • fix: Refreshable token from auth provider not refreshing
    • fix: Panic when loading config with non-GCP provider #238
  • feat: subresource support added for Evictable types (marked for Pod) - #393
  • kube: subresource marker traits renamed to Loggable, Executable, Attachable (previously LoggingObject, ExecutingObject, AttachableObject) - #395
  • examples showcasing kubectl cp like behaviour #381 via #392

0.48.0 / 2021-01-23

  • bump k8s-openapi to 0.11.0 - #388
  • breaking: kube: no longer necessary to serialize patches yourself - #386
    • PatchParams removes PatchStrategy
    • Api::patch* methods now take an enum Patch type
    • optional jsonpatch feature added for Patch::Json

0.47.0 / 2021-01-06

  • chore: upgrade tokio to 1.0 - #363
    • BREAKING: This requires the whole application to upgrade to tokio 1.0 and reqwest to 0.11.0
  • docs: fix broken documentation in kube 0.46.0 #367
  • bug: kube: removed panics from ws features, fix rustls support + improve docs #369 via #370 + #373
  • bug: AttachParams now fixes owned method chaining (slightly breaks from 0.46 if using &mut ref before) - #364
  • feat: AttachParams::interactive_tty convenience method added - #364
  • bug: fix Runner (and thus Controller and applier) not waking correctly when starting new tasks - #375

0.46.1 / 2021-01-06

  • maintenance release for 0.46 (last supported tokio 0.2 release) from tokio02 branch
  • bug backport: fix Runner (and thus Controller and applier) not waking correctly when starting new tasks - #375

0.46.0 / 2021-01-02

  • feat: kube now has optional websocket support with async_tungstenite under ws and ws-*-tls features #360
  • feat: AttachableObject marker trait added and implemented for k8s_openapi::api::core::v1::Pod #360
  • feat: AttachParams added for Api::exec and Api::attach for AttachableObjects #360
  • examples: pod_shell, pod_attach, pod_exec demonstrating the new features #360

0.45.0 / 2020-12-26

  • feat: kube-derive now has a default enabled schema feature
    • allows opting out of schemars dependency for handwriting crds - #355
  • breaking: kube-derive attr struct_name renamed to struct - #359
  • docs: improvements on kube, kube-runtime, kube-derive

0.44.0 / 2020-12-23

  • feat: kube-derive now generates openapi v3 schemas and is thus usable with v1 CustomResourceDefinition - #129 and #264 via #348
    • BREAKING: kube-derive types now require JsonSchema derived via schemars libray (not breaking if going to 0.45.0)
  • feat: kube_runtime::controller: now reconciles objects in parallel - #346
    • BREAKING: kube_runtime::controller::applier now requires that the reconciler's Future is Unpin, Box::pin it or submit it to a runtime if this is not acceptable
    • BREAKING: kube_runtime::controller::Controller now requires that the reconciler's Future is Send + 'static, use the low-level applier interface instead if this is not acceptable
  • bug: kube-runtime: removed accidentally included k8s-openapi default features (you have to opt in to them yourself)
  • feat: kube: TypeMeta now derives additionally Debug, Eq, PartialEq, Hash
  • bump: k8s-openapi to 0.10.0 - #330
  • bump: serde_yaml - #349
  • bump: dirs to dirs-next - #340

0.43.0 / 2020-10-08

  • bug: kube-derive attr #[kube(shortname)] now working correctly
  • bug: kube-derive now working with badly cased existing types - #313
  • missing: kube now correctly exports config::NamedAuthInfo - #323
  • feat: kube: expose Config::get_auth_header for istio use cases - #322
  • feat: kube: local config now tackles gcloud auth exec params - #328 and #84
  • kube-derive now actually requires GVK (in particular #[kube(kind = "Foo")] which we sometimes inferred earlier, despite documenting the contrary)

0.42.0 / 2020-09-10

  • bug: kube-derive's Default derive now sets typemeta correctly - #315
  • feat: ListParams now supports continue_token and limit - #320

0.41.0 / 2020-09-10

  • yanked release. failed publish.

0.40.0 / 2020-08-17

  • DynamicResource::from_api_resource added to allow apiserver returned resources - #305 via #301
  • Client::list_api_groups added
  • Client::list_ap_group_resources added
  • Client::list_core_api_versions added
  • Client::list_core_api_resources added
  • kube::DynamicResource exposed at top level
  • Bug: PatchParams::default_apply() now requires a manager and renamed to PatchParams::apply(manager: &str) for #300
  • Bug: DeleteParams no longer missing for Api::delete_collection - #53
  • Removed paramter ListParams::include_uninitialized deprecated since 1.14
  • Added optional PostParams::field_manager was missing for Api::create case

0.39.0 / 2020-08-05

  • Bug: ObjectRef tweak in kube-runtime to allow controllers triggering across cluster and namespace scopes - #293 via #294
  • Feature: kube now has a derive feature which will re-export kube::CustomResource from kube-derive::CustomResource.
  • Examples: revamp examples for kube-runtime - #201

0.38.0 / 2020-07-23

  • Marked kube::runtime module as deprecated - #281
  • Config::timeout can now be overridden to None (with caveats) #280
  • Bug: reflector stores could have multiple copies inside datastore - #286
    • dashmap backend Store driver downgraded - #286
    • Store::iter temporarily removed
  • Bug: Specialize WatchEvent::Bookmark so they can be deserialized - #285
  • Docs: Tons of docs for kube-runtime

0.37.0 / 2020-07-20

  • Bump k8s-openapi to 0.9.0
  • All runtime components now require Sync objects
  • reflector/watcher/Controller streams can be shared in threaded environments

0.36.0 / 2020-07-19

  • https://gitlab.com/teozkr/kube-rt/ merged in for a new kube-runtime crate #258
  • Controller<K> added (#148 via #258)
  • Reflector api redesigned (#102 via #258)
  • Migration release for Informer -> watcher + Reflector -> reflector
  • kube::api::CustomResource removed in favour of kube::api::Resource::dynamic
  • CrBuilder removed in favour of DynamicResource (with new error handling)
  • support level bumped to beta

0.35.1 / 2020-06-18

  • Fix in-cluster Client when using having multiple certs in the chain - #251

0.35.0 / 2020-06-15

  • Config::proxy support added - #246
  • PartialEq can be derived with kube-derive - #242
  • Windows builds no longer clashes with runtime - #240
  • Rancher hosts (with path specifiers) now works - #244

0.34.0 / 2020-05-08

  • Bump k8s-openapi to 0.8.0
  • Config::from_cluster_env <- renamed from Config::new_from_cluster_env
  • Config::from_kubeconfig <- renamed from Config::new_from_kubeconfig
  • Config::from_custom_kubeconfig added - #236
  • Majorly overhauled error handlind in config module - #237

0.33.0 / 2020-04-27

  • documentation fixes for Api::patch
  • Config: add automatic token refresh - #72 / #224 / #234

0.32.1 / 2020-04-15

  • add missing tokio signal feature as a dependency
  • upgrade all dependencies, including minor bumps to rustls and base64

0.32.0 / 2020-04-10

  • Major config + client module refactor
  • Config is the new Configuration struct
  • Client is now just a configured reqwest::Client plus a reqwest::Url
  • implement From<Config> for reqwest::ClientBuilder
  • implement TryFrom<Config> for Client
  • Client::try_default or Client::new now recommended constructors
  • People parsing ~/.kube/config must use the KubeConfig struct instead
  • Reflector<K> now only takes an Api<K> to construct (.params method)
  • Informer<K> now only takes an Api<K> to construct (.params method)
  • Informer::init_from -> Informer::set_version
  • Reflector now self-polls #151 + handles signals #152
  • Reflector::poll made private in favour of Reflector::run
  • Api::watch no longer filters out error events (next -> try_next)
  • Api::watch returns Result<WatchEvent> rather than WatchEvent
  • WatchEvent::Bookmark added to enum
  • ListParams::allow_bookmarks added
  • PatchParams::default_apply ctor added
  • PatchParams builder mutators: ::force and ::dry_run added

0.31.0 / 2020-03-27

  • Expose config::Configuration at root level
  • Add Configuration::infer as a recommended constructor
  • Rename client::APIClient to client::Client
  • Expose client::Client at root level
  • Client now implements From<Configuration>
  • Added comprehensive documentation on Api
  • Rename config::KubeConfigLoader -> config::ConfigLoader
  • removed futures-timer dependency for tokio (feature=timer)

0.30.0 / 2020-03-17

  • Fix #[kube(printcolumn)] when #[kube(apiextensions = "v1beta1")]
  • Fix #[kube(status)] causing serializes of empty optional statuses

0.29.0 / 2020-03-12

  • Api::log -> Api::logs (now matches Resource::logs)
  • Object<FooSpec, FooStatus> back for ad-hoc ser/de
  • kube-derive now derives Debug (requires Debug on spec struct)
  • kube-derive now allows multiple derives per file
  • Api::create now takes data K rather than bytes
  • Api::replace now takes data K rather than bytes
    • (note that Resource::create and Resource::replace still takes bytes)

0.28.1 / 2020-03-07

  • #[derive(CustomResource)] now implements ::new on the generated Kind
  • derived Kind now properly contains TypeMeta - #170

0.28.0 / 2020-03-05

  • RawApi removed -> Resource added
  • Resource implements k8s_openapi::Resource
  • ALL OBJECTS REMOVED -> Depening on light version of k8s-openapi now
    • NB: should generally just mean a few import changes (+casings / unwraps)
  • openapi feature removed (light dependency mandatory now)
  • LIBRARY WORKS WITH ALL k8s_openapi KUBERNETES OBJECTS
  • KubeObject trait removed in favour of Meta trait
  • Object<FooSpec, FooStatus> removed -> types implementing k8s_openapi::Resource required instead
  • kube-derive crate added to derive this trait + other kubebuilder like codegen

0.27.0 / 2020-02-26

  • Reflector + Informer moved from kube::api to kube::runtime
  • Informer now resets the version to 0 rather than dropping events - #134
    • Removed Informer::init, since it is now a no-op when building the Informer
  • Downgrade spurious log message when using service account auth

0.26.0 / 2020-02-25

  • Fix a large percentage of EOFs from watches #146
  • => default timeout down to 290s from 300s
  • => Reflector now re-lists a lot less #146
  • Fix decoder panic with async-compression (probably) #144
  • Informer::poll can now be used with TryStream
  • Exposed Config::read and Config::read_from - #124
  • Fix typo on Api::StatefulSet
  • Fix typo on Api::Endpoints
  • Add Api::v1CustomResourceDefinition when on k8s >= 1.17
  • Renamed Void to NotUsed

0.25.0 / 2020-02-09

  • initial rustls support #114 (some local kube config issues know #120)
  • crate does better version checking against openapi features - #106
  • initial log_stream support - #109

0.24.0 / 2020-01-26

0.23.0 / 2019-12-31

  • Bump tokio and reqwest to 0.2 and 0.10
  • Fix bug in log fetcher - #107
  • Temporarily allow invalid certs when testing on macosx - #105

0.22.2 / 2019-12-04

  • Allow sharing Reflectors between threads - #97
  • Fix Reflector pararall lock issue (poll no longer blocks state)

0.22.1 / 2019-11-30

  • Improve Reflector reset algorithm (clear history less)

0.22.0 / 2019-11-29

  • Default watch timeouts changed to 300s everywhere
  • This increases efficiency of Informers and Reflectors by keeping the connection open longer.
  • However, if your Reflector relies on frequent polling you can set timeout or hide the poll() in a different context so it doesn't block your main work
  • Internal RwLock changed to a futures::Mutex for soundness / proper non-blocking - #94
  • blocking Reflector::read() renamed to async Reflector::state()
  • Expose metadata.creation_timestamp and .deletion_timestamp (behind openapi flag) - #93

0.21.0 / 2019-11-29

  • All watch calls returns a stream of WatchEvent - #92
  • Informer::poll now returns a stream - #92

0.20.1 / 2019-11-21

  • ObjectList now implements Iterator - #91
  • openapi feature no longer accidentally hardcoded to v1.15 feature - #90

0.19.0 / 2019-11-15

  • kube::Error is now a proper error enum and not a Fail impl (thiserror)
  • soft-tokio dependency removed for futures-timer
  • gzip re-introduced

0.18.1 / 2019-11-11

  • Fix unpinned gzip dependency breakage - #87

0.18.0 / 2019-11-07

  • api converted to use async/await with 1.39.0 (primitively)
  • hyper upgraded to 0.10-alpha
  • synchronous sleep replaced with tokio timer
  • Log trait removed in favour of internal marker trait

0.17.0 / 2019-10-22

  • Add support for oidc providerss with auth-provider w/o access-token - #70
  • Bump most dependencies to more recent versions
  • Expose custom client creation
  • Added support for v1beta1Ingress
  • Expose incluster_config::load_default_ns - #74

0.16.1 / 2019-08-09

  • Add missing uid field on ObjectMeta::ownerReferences

0.16.0 / 2019-08-09

  • Add Reflector::get and Reflector::get_within as cheaper getters
  • Add support for OpenShift kube configs with multiple CAs - via #64
  • Add missing ObjectMeta::ownerReferences
  • Reduced memory consumption during compile with [email protected] - #62

0.15.1 / 2019-08-18

  • Fix compile issue on 1.37.0 with Utc serialization
  • Fix Void not having Serialize derive

0.15.0 / 2019-08-11

  • Added support for v1Job resources - via #58
  • Added support for v1Namespace, v1DaemonSet, v1ReplicaSet, v1PersistentVolumeClaim, v1PersistentVolume, v1ResourceQuota, v1HorizontalPodAutoscaler - via #59
  • Added support for v1beta1CronJob, v1ReplicationController, v1VolumeAttachment, v1NetworkPolicy - via #60
  • k8s-openapi optional dependency bumped to 0.5.0 (for kube 1.14 structs)

0.14.0 / 2019-08-03

  • Reflector::read now returns a Vec<K>`` rather than a Vec<(name, K)>`: This fixes an unsoundness bug internally - #56 via @gnieto

0.13.0 / 2019-07-22

  • Experimental oauth2 support for some providers - via #44 :
    • a big cherry-pick from various prs upstream originally for GCP
    • EKS works with setup in #20 (comment)

0.12.0 / 2019-07-18

  • Added support for Log subresource - via #50
  • Added support for v1ConfigMap with example - via #49
  • Demoted some spammy info messages from Reflector

0.11.0 / 2019-07-10

  • Added PatchParams with PatchStrategy to allow arbitrary patch types - #24 via @ragne
  • Event renamed to v1Event to match non-slowflake type names
  • v1Service support added
  • Added v1Secret snowflake type and a secret_reflector example

0.10.0 / 2019-06-03

  • Api<P, U> is now Api<K> for some KubeObject K:

    • Big change to allow snowflake objects (#35) - but also slightly nicer
    • You want aliases type Pod = Object<PodSpec, PodStatus>
    • This gives you the required KubeObject trait impl for free
  • Added Event native type to prove snowflakes can be handled - #35

  • ApiStatus renamed to Status to match kube api conventions #36

  • Rename Metadata to ObjectMeta #36

  • Added ListMeta for ObjectList and Status #36

  • Added TypeMeta object which is flattened onto Object, so:

    • o.types.kind rather than o.kind
    • o.types.version rather than o.version

0.9.0 / 2019-06-02

  • Status subresource api commands added to Api:
    • patch_status
    • get_status
    • replace_status ^ See crd_openapi or crd_api examples
  • Scale subresource commands added to Api:
    • patch_scale
    • get_scale
    • replace_scale ^ See crd_openapi example

0.8.0 / 2019-05-31

  • Typed Api variant called OpenApi introduced (see crd_openapi example)
  • Revert client.request return type change (back to response only from pre-0.7.0 #28)
  • delete now returns `Either<Object<P, U>, ApiStatus> - for bug#32
  • delete_collection now returns `Either<ObjectList<Object<P, U>>, ApiStatus> - for bug#32
  • Informer::new renamed to Informer::raw
  • Reflector::new renamed to Reflector::raw
  • Reflector::new + Informer::new added for "openapi" compile time feature (does not require specifying the generic types)

0.7.0 / 2019-05-27

  • Expose list/watch parameters #11
  • Many API struct renames:
    • ResourceMap -> Cache
    • Resource -> Object
    • ResourceList -> ObjectList
    • ApiResource -> Api
  • ResourceType has been removed in favour of Api::v1Pod() say
  • Object::status now wrapped in an Option (not present everywhere)
  • ObjectList exposed
  • Major API overhaul to support generic operations on Object
  • Api can be used to perform generic actions on resources:
    • create
    • get
    • delete
    • watch
    • list
    • patch
    • replace
    • get_scale (when scale subresource exists)
    • patch_scale (ditto)
    • replace_scale (ditto)
    • get_status (when status subresource exists)
    • patch_status (ditto)
    • replace_status (ditto)
  • crd_api example added to track the action api
  • Bunch of generic parameter structs exposed for common operations:
    • ListParams exposed
    • DeleteParams exposed
    • PostParams exposed
  • Errors from Api exposed in kube::Error:
    • Error::api_error -> Option<ApiError> exposed
    • Various other error types also in there (but awkward setup atm)
  • client.request now returns a tuple (T, StatusCode) (before only T)

0.6.0 / 2019-05-12

  • Expose getter Informer::version
  • Exose ctor Informer::from_version
  • Expose more attributes in Metadata
  • Informer::reset convenience method added
  • Informer::poll no longer returns events straight
  • an Informer now caches WatchEvent elements into an internal queue
  • Informer::pop pops a single element from its internal queue
  • Reflector::refresh renamed to Reflector::reset (matches Informer)
  • Void type added so we can use Reflector<ActualSpec, Void>
    • removes need for Spec/Status structs:
    • ReflectorSpec, ReflectorStatus removed
    • InformerSpec, InformerStatus removed
    • ResourceSpecMap, ResourceStatusMap removed
  • WatchEvents removed
  • WatchEvent exposed, and now wraps `Resource<T, U>``

0.5.0 / 2019-05-09

  • added Informer struct dedicated to handling events
  • Reflectors no longer cache events - see #6

0.4.0 / 2019-05-09

  • ResourceMap now contains the full Resource<T,U> struct rather than a tuple as the value. => value.metadata is available in the cache.
  • Reflectors now also cache events to allow apps to handle them

0.3.0 / 2019-05-09

  • Named trait removed (inferring from metadata.name now)
  • Reflectors now take two type parameters (unless you use ReflectorSpec or ReflectorStatus) - see examples for usage
  • Native kube types supported via ApiResource
  • Some native kube resources have easy converters to ApiResource