Skip to content

Releases: kube-rs/kube

0.75.0

22 Sep 09:09
@github-actions github-actions
0.75.0
575b3f4
Compare
Choose a tag to compare
0.75.0

Highlights

Upgrade k8s-openapi to 0.16 for Kubernetes 1.25

The update to [email protected] makes this the first release with tentative Kubernetes 1.25 support.
While the new structs and apis now exist, we recommend holding off on using 1.25 until a deserialization bug in the apiserver is resolved upstream. See #997 / #1008 for details.

To upgrade, ensure you bump both kube and k8s-openapi:

cargo upgrade kube k8s-openapi

New/Old Config::incluster default to connect in cluster

Our previous default of connecting to the Kubernetes apiserver via kubernetes.default.svc has been reverted back to use the old environment variables after Kubernetes updated their position that the environment variables are not legacy. This does unfortunately regress on rustls support, so for those users we have included a Config::incluster_dns to work around the old rustls issue while it is open.

Controller error_policy extension

The error_policy fn now has access to the object that failed the reconciliation to ease metric creation / failure attribution. The following change is needed on the user side:

-fn error_policy(error: &Error, ctx: Arc<Data>) -> Action {
+fn error_policy(_obj: Arc<YourObject>, error: &Error, ctx: Arc<Data>) -> Action {

Polish / Subresources / Conversion

There are also a slew of ergonomics improvements, closing of gaps in subresources, adding initial support for ConversionReview, making Api::namespaced impossible to use for non-namepaced resources (a common pitfall), as well as many great fixes to the edge cases in portforwarding and finalizers. Many of these changes came from first time contributors. A huge thank you to everyone involved.

What's Changed

Added

Changed

  • Constrain Resource trait and Api::namespaced by Scope by @clux in #956
  • Add connect/read/write timeouts to Config by @goenning in #971
  • Controller: Include the object being reconciled in the error_policy by @felipesere in #995
  • Config: New incluster and incluster_dns constructors by @olix0r in #1001
  • Upgrade k8s-openapi to 0.16 by @clux in #1008

Fixed

New Contributors

Full Changelog: 0.74.0...0.75.0

Contributors

goenning, clux, and 9 other contributors
Assets 2

0.74.0

10 Jul 08:15
@github-actions github-actions
0.74.0
2baa3ae
Compare
Choose a tag to compare
0.74.0

Highlights

Polish, bug fixes, guidelines, ci improvements, and new contributors

This release features smaller improvements/additions/cleanups/fixes, many of which are from new first-time contributors! Thank you everyone!
The listed deadlock fix was backported to 0.73.1.

We have also been trying to clarify and prove a lot more of our external-facing guarantees, and as a result:

ResourceExt::name deprecation

A consequence of all the policy writing and the improved clarity we have decided to deprecate the common ResourceExt::name helper.

This method could panic and it is unexpected for the users and bad for our consistency. To get the old functionality, you can replace any .name() call on a Kubernetes resources with .name_unchecked(); but as the name implies, it can panic (in a local setting, or during admission). We recommend you replace it with the new ResourceExt::name_any for a general identifier:

-pod.name()
+pod.name_any()

What's Changed

Added

  • Add support for passing the fieldValidation query parameter on patch by @phroggyy in #929
  • Add conditions::is_job_completed by @clux in #935

Changed

  • Deprecate ResourceExt::name in favour of safe name_* alternatives by @clux in #945

Removed

  • Remove #[kube(apiextensions)] flag from kube-derive by @clux in #920

Fixed

  • Document every public derived fn from kube-derive by @clux in #919
  • fix applier hangs which can happen with many watched objects by @moustafab in #925
  • Applier: Improve reconciler reschedule context to avoid deadlocking on full channel by @teozkr in #932
  • Fix deserialization issue in AdmissionResponse by @clux in #939
  • Admission controller example fixes by @Alibirb in #950

New Contributors

Full Changelog: 0.73.0...0.74.0

Contributors

clux, nightkr, and 3 other contributors
Assets 2

0.73.1

03 Jun 12:45
@github-actions github-actions
0.73.1
0b2f7b8
Compare
Choose a tag to compare
0.73.1

Highlights

This patch release fixes a bug causing applier and Controller to deadlock when too many Kubernetes object change events were ingested at once. All users of applier and Controller are encouraged to upgrade as quickly as possible. Older versions are also affected, this bug is believed to have existed since the original release of kube_runtime.

What's Changed

Fixed

  • [0.73 backport] fix applier hangs which can happen with many watched objects (#925) by @moustafab (backported by @teozkr) in #927

Full Changelog: 0.73.0...0.73.1

Contributors

nightkr and moustafab
Assets 2
0 Join discussion

0.73.0

23 May 13:03
@github-actions github-actions
0.73.0
22bd877
Compare
Choose a tag to compare
0.73.0

Highlights

New k8s-openapi version and MSRV

Support added for Kubernetes v1_24 support via the new k8s-openapi version. Please also run cargo upgrade --workspace k8s-openapi when upgrading kube.

This also bumps our MSRV to 1.60.0.

Reconciler change

A small ergonomic change in the reconcile signature has removed the need for the Context object. This has been replaced by an Arc. The following change is needed in your controller:

-async fn reconcile(doc: Arc<MyObject>, context: Context<Data>) -> Result<Action, Error>
+async fn reconcile(doc: Arc<MyObject>, context: Arc<Data>) -> Result<Action, Error>

This will simplify the usage of the context argument. You should no longer need to pass .get_ref() on its every use.
See the controller-rs upgrade change for details.

What's Changed

Added

  • Add Discovery::groups_alphabetical following kubectl sort order by @clux in #887

Changed

  • Replace runtime::controller::Context with Arc by @teozkr in #910
  • runtime: Return the object from await_condition by @olix0r in #877
  • Bump k8s-openapi to 0.15 for kubernetes v1_24 and bump MSRV to 1.60 by @clux in #916

Full Changelog: 0.72.0...0.73.0

Contributors

clux, olix0r, and nightkr
Assets 2

0.72.0

13 May 10:54
@github-actions github-actions
0.72.0
da156cd
Compare
Choose a tag to compare
0.72.0

Highlights

Ergonomics improvements

A new runtime::WatchSteamExt (#899 + #906) allows for simpler setups for streams from watcher or reflector.

- let stream = utils::try_flatten_applied(StreamBackoff::new(watcher(api, lp), b));
+ let stream = watcher(api, lp).backoff(b).applied_objects();

The util::try_flatten_* helpers have been marked as deprecated since they are not used by the stream impls.

A new reflector:store() fn allows simpler reflector setups #907:

- let store = reflector::store::Writer::<Node>::default();
- let reader = store.as_reader();
+ let (reader, writer) = reflector::store();

Additional conveniences getters/settes to ResourceExt for manged_fields and creation_timestamp #888 + #898, plus a GroupVersion::with_kind path to a GVK, and a TryFrom<TypeMeta> for GroupVersionKind in #896.

CRD Version Selection

Managing multiple version in CustomResourceDefinitions can be pretty complicated, but we now have helpers and docs on how to tackle it.

A new function kube::core::crd::merge_crds have been added (in #889) to help push crd schemas generated by kube-derived crds with different #[kube(version)] properties. See the kube-derive#version documentation for details.

A new example showcases how one can manage two or more versions of a crd and what the expected truncation outcomes are when moving between versions.

Examples

Examples now have moved to tracing for its logging, respects RUST_LOG, and namespace selection via the kubeconfig context. There is also a larger kubectl example showcasing kubectl apply -f yaml as well as kubectl {edit,delete,get,watch} via #885 + #897.

What's Changed

Added

  • Allow merging multi-version CRDs into a single schema by @clux in #889
  • Add GroupVersion::with_kind and TypeMeta -> GroupVersionKind converters by @clux in #896
  • Add managed_fields accessors to ResourceExt by @clux in #898
  • Add ResourceExt::creation_timestamp by @clux in #888
  • Support lowercase http_proxy & https_proxy evars by @DevineLiu in #892
  • Add a WatchStreamExt trait for stream chaining by @clux in #899
  • Add Event::modify + reflector::store helpers by @clux in #907

Changed

  • Switch to kubernetes cluster dns for incluster url everywhere by @clux in #876
  • Update tower-http requirement from 0.2.0 to 0.3.2 by @dependabot in #893

Removed

  • Remove deprecated legacy crd v1beta1 by @clux in #890

New Contributors

Full Changelog: 0.71.0...0.72.0

Contributors

clux, DevineLiu, and dependabot
Assets 2

0.71.0

12 Apr 22:11
@github-actions github-actions
0.71.0
31f6f8b
Compare
Choose a tag to compare
0.71.0

Highlights

Several quality of life changes and improvements this release such as for port-forwarding, a new ClientBuilder, better handling of kube-derive edge-cases.

We highlight some changes here that you should be especially aware of:

events::Recorder publishing to kube-system for cluster scoped resources

Publishing events via Recorder for cluster scoped resources (supported since 0.70.0) now publish to kube-system rather than default, as all but the newest clusters struggle with publishing events in the default namespace.

Default TLS stack set to OpenSSL

The previous native-tls default was there because we used to depend on reqwest, but because we depended on openssl anyway the feature does not make much sense. Changing to openssl-tls also improves the situation on macOS where the Security Framework struggles with PKCS#12 certs from OpenSSL v3. The native-tls feature will still be available in this release in case of issues, but the plan is to decommission it shortly. Of course, we all ideally want to move to rustls, but we are still blocked by #153.

What's Changed

Added

  • Add ClientBuilder that lets users add custom middleware without full stack replacement by @teozkr in #855
  • Support top-level enums in CRDs by @sbernauer in #856

Changed

  • portforward: Improve API and support background task cancelation by @olix0r in #854
  • Make remote commands cancellable and remove panics by @kazk in #861
  • Change the default TLS to OpenSSL by @kazk in #863
  • change event recorder cluster namespace to kube-system by @clux in #871

Fixed

  • Fix schemas containing both properties and additionalProperties by @jcaesar in #845
  • Make dependency pins between sibling crates stricter by @clux in #864
  • Fix in-cluster kube_host_port generation for IPv6 by @somnusfish in #875

New Contributors

Full Changelog: 0.70.0...0.71.0

Contributors

clux, olix0r, and 5 other contributors
Assets 2

0.70.0

20 Mar 08:48
@github-actions github-actions
0.70.0
4e542a6
Compare
Choose a tag to compare
0.70.0

Highlights

Support for EC keys with rustls

This was one of the big blockers for using rustls against clusters like k3d or k3s
While not sufficient to fix using those clusters out of the box, it is now possible to use them with a workarodund

More ergonomic reconciler

The signature and end the Ok action in reconcile fns has been simplified slightly, and requires the following user updates:

-async fn reconcile(obj: Arc<MyObject>, ctx: Context<Data>) -> Result<ReconcilerAction, Error> {
-    ...
-    Ok(ReconcilerAction {
-        requeue_after: Some(Duration::from_secs(300)),
-    })
+async fn reconcile(obj: Arc<MyObject>, ctx: Context<Data>) -> Result<Action, Error> {
+    ...
+    Ok(Action::requeue(Duration::from_secs(300)))

The Action import lives in the same place as the old ReconcilerAction.

What's Changed

Added

  • Add support for EC private keys by @farcaller in #804
  • Add helper for creating a controller owner_ref on Resource by @clux in #850

Changed

  • Remove scheduler::Error by @teozkr in #827
  • Bump parking_lot to 0.12, but allow dep duplicates by @clux in #836
  • Update tokio-tungstenite requirement from 0.16.1 to 0.17.1 by @dependabot in #841
  • Let OccupiedEntry::commit take PostParams by @teozkr in #842
  • Change ReconcileAction to Action and add associated ctors by @clux in #851

Fixed

  • Fix deadlock in token reloading by @clux in #830 - also in 0.69.1
  • Token reloading with RwLock by @kazk in #835
  • Fix event publishing for cluster scoped crds by @zhrebicek in #847
  • Fix invalid CRD when Enum variants have descriptions by @sbernauer in #852

New Contributors

Full Changelog: 0.69.0...0.70.0

Contributors

farcaller, clux, and 6 other contributors
Assets 2

0.69.1

16 Feb 18:09
@github-actions github-actions
0.69.1
1b4d4d1
Compare
Choose a tag to compare
0.69.1

Highlights

This is an emergency patch release fixing a bug in 0.69.0 where a kube::Client would deadlock after running inside a cluster for about a minute (#829).

All users of 0.69.0 are encouraged to upgrade immediately. 0.68.x and below are not affected.

What's Changed

Fixed

  • [0.69.x] Fix deadlock in token reloading by @clux (backported by @teozkr) in #831

Full Changelog: 0.69.0...0.69.1

Contributors

clux and nightkr
Assets 2

0.69.0

14 Feb 14:40
@github-actions github-actions
0.69.0
64e9ba3
Compare
Choose a tag to compare
0.69.0

Highlights

Ergonomic Additions to Api

Two new methods have been added to the client Api this release to reduce the amount of boiler-plate needed for common patterns.

In-cluster Token reloading

Following a requirement for Kubernetes clients against versions >= 1.22.0, our bundled AuthLayer will reload tokens every minute when deployed in-cluster.

What's Changed

Added

  • Add conversion for ObjectRef<K> to ObjectReference by @teozkr in #815
  • Add Api::get_opt for better existence handling by @teozkr in #809
  • Entry API by @teozkr in #811

Changed

  • Reload token file at least once a minute by @kazk in #768
  • Prefer kubeconfig over in-cluster config by @teozkr in #823

Fixed

  • Disable CSR utilities on K8s <1.19 by @teozkr in #817

New Contributors

Full Changelog: 0.68.0...0.69.0

Contributors

kazk, nightkr, and hasheddan
Assets 2

0.68.0

01 Feb 07:33
@github-actions github-actions
0.68.0
6cab0c5
Compare
Choose a tag to compare
0.68.0

Interface Changes

To reduce the amount of allocation done inside the runtime by reflectors and controllers, the following change via #786 is needed on the signature of your reconcile functions:

-async fn reconcile(myobj: MyK, ctx: Context<Data>) -> Result<ReconcilerAction>
+async fn reconcile(myobj: Arc<MyK>, ctx: Context<Data>) -> Result<ReconcilerAction>

This also affects the finalizer helper.

Port-forwarding

As one of the last steps toward gold level client requirements, port-forwarding landed in #446. There are 3 new examples (port_forward*.rs) that showcases how to use this websocket based functionality.

What's Changed

Added

Changed

  • runtime: Store resources in an Arc by @olix0r in #786
  • Propagate Arc through the finalizer reconciler helper by @teozkr in #792
  • Disable unused default features of chrono crate by @dreamer in #801

Fixed

  • Use absolute path to Result in derives by @teozkr in #795
  • core: add missing reason to Display on Error::Validation in Request by @clux in #798

New Contributors

Full Changelog: 0.67.0...0.68.0

Contributors

dreamer, clux, and 3 other contributors
Assets 2