Releases: kubernetes-sigs/kubebuilder
v4.4.0
changes since v4.3.1
✨ New Features
- (go/v4): Upgrade golangci-lint from
v1.61.0
tov1.62.2
(#4448) - (go/v4): Add support for go
1.23
(#4446) - (go/v4): Upgraded
controller-gen
fromv0.16.4
tov0.17.0
. (#4254, #4457) - (go/v4): Upgrade controller-runtime
v0.19.1
tov0.19.4
(#4482) - (kustomize/v2): Kubebuilder scaffolds rules under
config/rbac
to help cluster admins manage the permissions for their solutions. The comments and explanations added to these scaffolds have been improved. Furthermore, it now includes admin-specific rules to make it easier for cluster admins to work with features like aggregation (e.g.,rbac.authorization.k8s.io/aggregate-to-admin
). More info. (#4299) - (go/v4): Added configurations for securing Metrics Server and Prometheus integration using TLS and certificates managed by CertManager, enabling users to align their solutions with best practices, enhance security, and achieve production readiness. (#4243, #4312, #4400)
- (go/v4): Added webhook CertWatcher and flags for custom certificate configuration #4429)
- (go/v4): Ensures that the manager container adheres to Restricted Pod Security Standards and can operate in namespaces labelled for restricted policies, following best practices. (#4251).
- (go/v4): Ensure that e2e test scaffolds will validate that the enforcement is prepared to ensure that all can run as restricted. See that the curl pod to use the metrics was updated and changed (#4435)
- (go/v4): Improved developer experience and maintainability by updating actions and the Makefile to utilize
go.mod
for Go version management and automating ENVTEST versioning by retrieving the version directly fromgo.mod
, based on thecontroller-runtime
dependency in use. (#4385) (#4401) - (helm/v1-alpha): Introduced the new
helm.kubebuilder.io/v1-alpha
plugin to enable users to distribute solutions using Helm Charts. Example scaffolds are available under testdata/project-v4-with-plugins/dist/chart. (#4227, #4315, #4350, #4351, #4356, #4357, #4371, #4377, #4383, #4380, #4373, #4386, #4375, #4388, #4406, #4399, #4419,#4451). IMPORTANT: Thehelm.kubebuilder.io/v1-alpha
is an experimental initial version. (More info) - (go/v4,kustomize/v2): Add
app.kubernetes.io/name
label to allow more precise configurations (#4437) - (go/v4): Standardize the webhook and controller test suites (#4447)
- (go/v4): Add new makefile target to check and validate the linter config (#4462)
- (go/v4): Added Hub and Spoke support for conversion webhooks. Developers can now scaffold webhooks for resource conversion more easily. (#4254) Example:
# Create API to test conversion from v1 to v2 $ kubebuilder create api --group crew --version v1 --kind FirstMate --controller=true --resource=true --make=false $ kubebuilder create api --group crew --version v2 --kind FirstMate --controller=false --resource=true --make=false $ kubebuilder create webhook --group crew --version v1 --kind FirstMate --conversion --make=false --spoke v2
🐛 Bug Fixes
- (go/v4): Fixed an issue where GitHub Actions workflows were overwritten by commands, ensuring users can now customize workflows freely without their changes being overridden. (#4379)
- (go/v4): Resolved linting issues in generated scaffolds. (#4384)
- (kustomize/v2, go/v4): Fixed CA injection for conversion webhooks. Previously, the CA injection patch was not accurate; The injection should occur only for CRDs, which are conversion types and not for all CRDs when a webhook with
--conversion
option is scaffolded. The issue goes back to release3.5.0
(where to replace vars for replacements was done and thekustomize/v2-alpha
plugin was introduced). It was not previously found, likely because conversion webhook features were incomplete, which is addressed in this release. Now, users can use the tool to generate the conversion webhooks properly (#4254). (#4282) - (go/v4): Ensure that schemas are added before starting EnvTest-based suite tests for webhooks and controllers (#4466)
- (go/v4): e2e-tests: cleanup by removing calls to call make generate and manifests (#4471)
What's Changed
- ✨ Adds a patch to configure ServiceMonitor to ensure TLS verification using cert-manager certificates by @camilamacedo86 in #4243
- ✨ Include admin ClusterRole and add it to the scaffold by @damsien in #4299
- ✨ (go/v4): Enable
seccompProfile.type: RuntimeDefault
by default in scaffolded projects by @camilamacedo86 in #4251 - ✨ Add helm plugin to distribute projects by @camilamacedo86 in #4227
- 📖 Proposal: New Plugin to allow project distribution via helm charts by @dashanji in #3632
- ✨ Follow-up to PR #4243: Limit permissions to access the metrics-server-cert secret by @camilamacedo86 in #4312
- 📖 doc: update roadmap for 2024 by @camilamacedo86 in #4313
- ✨ (helm/v1-alpha): add missed info to chart values by @camilamacedo86 in #4315
- 📖 Update README.md - Fix typo by @monteiro-renato in #4318
- 📖 Bump sigs.k8s.io/kubebuilder/v4 from 4.3.0 to 4.3.1 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @dependabot in #4322
- 📖: Fix typo in CONTRIBUTING-ROLES.md by @monteiro-renato in #4324
- 📖 Fix readme wrong url your-own-plugin by @damsien in #4325
- 📖 doc: add .github/SECURITY.md with further information by @camilamacedo86 in #4253
- 📖: update testdata reference by @emmanuel-ferdman in #4328
- 📖 : Fix typo in contributing roles by @damsien in #4329
- 🌱 : Fix
make remove-spaces
for GNU system by @damsien in #4330 - 🌱 : Revert Fix
make remove-spaces
for GNU system" by @camilamacedo86 in #4331 - ✨ Upgrade controller-gen from v0.16.4 to v0.16.5 by @camilamacedo86 in #4332
- 📖 Fix incorrect link address by @LJTian in #4333
- 📖 Docs: removed typeDegradedMemcached and comment by @vtrenton in #4335
*...
v4.3.1
changes since v4.3.0
✨ New Features
Note: Only minor version updates were applied in this release.
- (go/v4): Upgraded
controller-runtime
fromv0.19.0
tov0.19.1
. (#4234) - (go/v4): Updated
kustomize
fromv5.4.3
tov5.5.0
(#4235) - (go/v4): Upgraded
golangci-lint
fromv1.59
tov1.61
with minor adjustments for lint rules. (#4236)
🐛 Bug Fixes
- (kustomize/v2, go/v4): Corrected the generation of manifests under
config/crd/patches
to ensure the/convert
service patch is only created for webhooks configured with--conversion
. (#4280) - (go/v4): Fixed path configuration for webhook markers generated for core types with non-"core" group values, ensuring accurate path handling in core-type webhooks. (#4301)
- (go/v4): Resolved misleading comments regarding metrics configuration for certs in
cmd/main.go
, providing clarity on secure metrics setup. (#4245) - (go/v4): Enabled the
--make=false
option for webhook creation, ensuring consistency with other command options and improved flexibility. (#4275) - (kustomize/v2, go/v4): Moved the
cert-manager
uncomment block to the top ofkustomization.yaml
to enhance visibility (#4283) - (Impact only for library users):
⚠️ Restructured internal layout to movemain.go
boilerplate into thecmd/
directory. This change is relevant for users consuming the framework as a library and Kubebuilder maintainers only, providing a cleaner separation of code. (#4246)
What's Changed
- 🌱 Fix incorrect image reference for DeployImage plugin in test data by @camilamacedo86 in #4230
- 🌱 e2e tests: increase coverage by validating webhooks with installer-based installation by @camilamacedo86 in #4231
- 🌱 Fix simplify external plugin tests by @camilamacedo86 in #4233
- ✨ Upgrade controller-runtime from v0.19.0 to v0.19.1 by @camilamacedo86 in #4234
- ✨ Upgrade kustomize version from v5.4.3 to v5.5.0 by @camilamacedo86 in #4235
- ✨ Upgrade golangci-lint from v1.59 to v1.61 and resolve new lint issues by @camilamacedo86 in #4236
- 🌱 Upgrade GoReleaser version from v2.1.0 to v2.3.2 used in the GitHub action by @camilamacedo86 in #4237
- 📖 Upgrade controller-gen version used to generate documentation by @camilamacedo86 in #4238
- 🐛 fix internal layout: move main.go boilerplate to cmd/ directory by @camilamacedo86 in #4246
- 📖 Resolve navigation bar CSS issue and sidebar toggle functionality. by @thiha-min-thant in #4242
- 🌱 Update Dependabot configuration by @camilamacedo86 in #4249
- 🌱 : Update dependabot.yml to just raise PRs against project-v4 sample by @camilamacedo86 in #4273
- 🌱 Bump github.com/onsi/gomega from 1.34.2 to 1.35.0 by @dependabot in #4256
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.20.2 to 2.21.0 by @dependabot in #4257
- 📖 move Versions Compatibility and Supportability info to a dedicated page by @camilamacedo86 in #4250
- 📖 Correct misleading information in production note for metrics config by @camilamacedo86 in #4244
- 🐛 (go/v4): Fix misleading metrics configuration comments in cmd/main.go for metrics certs by @camilamacedo86 in #4245
- 🐛 clarify usage of alpha generate command as internal-only by @camilamacedo86 in #4247
- 🌱 Add SBOM generation for Cyber Resilience Act compliance by @camilamacedo86 in #4248
- 🌱 Add GitHub workflow to scan project with CodeQL by @camilamacedo86 in #4252
- 🐛 fix: (go/v4): ensure --make=false option is available for webhook creation for consistency by @camilamacedo86 in #4275
- 🌱 Update codeql.yml to run the workflow once per week only by @camilamacedo86 in #4277
- 🌱 fix: optimize and improve testdata scaffolding for webhook conversion by @camilamacedo86 in #4276
- 📖 fix(docs): update Quick Start guide with information on using the master branch by @camilamacedo86 in #4228
- 🌱 Bump github.com/onsi/gomega from 1.35.0 to 1.35.1 by @dependabot in #4279
- 🌱 Bump actions/setup-go from 4 to 5 by @dependabot in #4278
- 🌱 Add bundle installer for sample projects in docs by @camilamacedo86 in #4281
- 🐛 (kustomize/v2,go/v4): Move cert-manager uncomment block to top of kustomization.yaml for better visibility in new projects by @camilamacedo86 in #4283
- 🐛 (kustomize/v2, go/v4): Fix incorrect generation of manifests under config/crd/patches. Previously, the /convert service patch was being generated for all webhooks instead of only for those with --conversion enabled. by @camilamacedo86 in #4280
- 🐛 (go/v4) Fix issue with scaffolding multiple webhooks for the same resource by @camilamacedo86 in #4286
- 📖 (doc) - Fix broken URL by @monteiro-renato in #4298
- 🌱 Bump golang.org/x/text from 0.19.0 to 0.20.0 by @dependabot in #4303
- 📖 (doc) - Fix Add missing Reference-style Link by @monteiro-renato in #4304
- 🐛 (go/v4): Fix path configuration for webhook markers generated for core types with non-"core" group values by @damsien in #4301
- 🌱 Bump golang.org/x/tools from 0.26.0 to 0.27.0 by @dependabot in #4307
- 📖 (doc): getting started: fix information about make command for generating manifests by @vtrenton in #4306
- 🐛 revert the changes done in the PR #4286 by @camilamacedo86 in #4308
New Contributors
- @thiha-min-thant made their first contribution in #4242
- @damsien made their first contribution in #4301
- @vtrenton made their first contribution in #4306
Full Changelog: v4.3.0...v4.3.1
v4.3.0
changes since v4.2.0
⚠️ Important Notice:
(Only projects using webhooks are impacted by)
Controller runtime has deprecated the webhook.Validator
and webhook.Defaulter
interfaces, and they will no longer be provided in future versions. Therefore, projects must adopt the new CustomValidator
and CustomDefaulter
interfaces to remain compatible with controller-runtime v0.20.0
and upper versions. For more details, refer to controller-runtime/issues/2641.
Furthermore, webhooks should no longer reside under the api
directory. Instead, they should be relocated to internal/webhook
. For now, you can scaffold webhooks in the legacy path (under api
) by using the command kubebuilder create webhook [OPTIONS] --legacy=true
, which scaffolds using the CustomValidator
and CustomDefaulter
interfaces. However, please note that this flag is deprecated and will be removed in upcoming releases.
Steps to Migrate:
-
Move Webhook Files to the Internal Directory:
Depending on your project structure, move the webhook files:
-
Single Group Layout: Move from
api/<version>
tointernal/webhook/<version>
.Before:
api/ ├── <version>/ │ ├── <kind>_webhook.go │ ├── <kind>_webhook_test.go │ └── webhook_suite_test.go
After:
internal/ ├── webhook/ │ └── <version>/ │ ├── <kind>_webhook.go │ ├── <kind>_webhook_test.go │ └── webhook_suite_test.go
-
Multigroup Layout: Move from
api/<group>/<version>
tointernal/webhook/<group>/<version>
.Before:
api/ ├── <group>/ │ └── <version>/ │ ├── <kind>_webhook.go │ ├── <kind>_webhook_test.go │ └── webhook_suite_test.go
After:
internal/ ├── webhook/ │ └── <group>/ │ └── <version>/ │ ├── <kind>_webhook.go │ ├── <kind>_webhook_test.go │ └── webhook_suite_test.go
-
-
Update Imports:
After moving the files, ensure that all references to webhooks are updated in your
main.go
and other files. For example, update the import:-
Before:
import "your_project/api/v1"
-
After:
import "your_project/internal/webhook/v1"
-
-
Replace Deprecated Interfaces with Custom Ones:
Replace
webhook.Validator
andwebhook.Defaulter
with the newCustomValidator
andCustomDefaulter
interfaces:-
Before:
var _ webhook.Validator = &MyResource{} func (r *MyResource) ValidateCreate() error { ... } func (r *MyResource) ValidateUpdate() error { ... } func (r *MyResource) ValidateDelete() error { ... } var _ webhook.Defaulter = &MyResource{} func (r *MyResource) Default() { ... }
-
After:
var _ webhook.CustomValidator = &MyResource{} func (v *MyResource) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) { myResource, ok := obj.(*MyResource) if !ok { return nil, fmt.Errorf("expected MyResource, got %T", obj) } return nil, validateMyResource(myResource) } func (v *MyResource) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) { myResource, ok := newObj.(*MyResource) if !ok { return nil, fmt.Errorf("expected MyResource, got %T", newObj) } return nil, validateMyResource(myResource) } func (v *MyResource) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) { myResource, ok := obj.(*MyResource) if !ok { return nil, fmt.Errorf("expected MyResource, got %T", obj) } return nil, nil } var _ webhook.CustomDefaulter = &MyResource{} func (d *MyResource) Default(ctx context.Context, obj runtime.Object) error { myResource, ok := obj.(*MyResource) if !ok { return fmt.Errorf("expected MyResource, got %T", obj) } // Defaulting logic return nil }
-
Example: See the tutorial: CronJob Webhook Example.
Note: You might want to use the Upgrade Assistance to re-scaffold your project and then apply your code changes on top, ensuring that all necessary updates are addressed. Also,
⚠️ Breaking Changes
- (Only projects using webhooks are impacted by) (go/v4): Replaced the deprecated
webhook.Validator
andwebhook.Defaulter
interfaces withCustomValidator
andCustomDefaulter
. Projects using the old interfaces must migrate to ensure compatibility with future versions. (#4060) - (Only projects using webhooks are impacted by) (go/v4): Webhooks are now decoupled from the API directory. Webhook files should be moved from
api/<version>
orapi/<group>/<version>
tointernal/webhook/<version>
orinternal/webhook/<group>/<version>
. This restructuring improves project organization. (#4150) - (Impact only for library users): Removed the
APIPackagePathLegacy
method, which has been obsolete since release 4.0.0. This change cleans up unused code. (#4182) - (Impact only for library users): cleanup/refactor: Alpha Generate command. Move code source implementation to internal since this alpha feature is not designed to be imported by other tools (#4180)
- (Impact only for library users): Removed the redundant
HasFragment
method, favoringHasFileContentWith
to reduce duplication and simplify the codebase. (#4191)
✨ New Features
- (go/v4): Added DevContainer support, making development in environments like GitHub Workspaces easier by removing the need for local setup. (#4078)
- (go/v4): The e2e test scaffolding has been improved with a comprehensive set of tests under
e2e/tests
, covering the manager and webhooks. These tests are designed to fail when not run against clusters using Kind, and they avoid re-installing Prometheus and Cert-Manager if already present. See the final scaffolded tests in the samples under testdata here. Key improvements include:- Added checks to detect existing Prometheus and Cert-Manager installations to prevent re-installation. (#4117)
- Enhanced e2e tests to ensure proper execution with Kind and clarified usage. (#4106)
- Ensured
make manifests
andmake generate
are run as part of the e2e tests. (#4122) - Aligned
make test-e2e
withmake test
for consistent behavior. (#4125) - Improved tests to validate metrics endpoints and ensure proper metric exposure, including guidance for using metrics in reconciliation validation. (#4131)
- Added support for scaffolded e2e webhook tests with the
+kubebuilder:scaffold:e2e-webhooks-checks
marker. (#4121) - Simplified Gomega assertions for better readability and improved error handling and logging in
e2e/test.go
. (#4141, #4158, #4166, #4175)
- (go/v4): Improved the webhook tests by adding examples. Also, enhanced the CronJob tutorial to clarify usage and validate changes. (#4130)
- (deploy-image/v1alpha): Improved the tests scaffolded for controllers to ensure better coverage. (#4197)
- (go/v4): Added support for scaffolding controllers and webhooks for External Types, making it easier to work with external resources in projects. (#4171, #4203, #4217)
- (go/v4): Add Support for Scaffolding Webhooks for Core Types (#4210)
- (go/v4): Upgraded the cert-manager version used in tests from
v1.14.4
tov1.16.0
for better compatibility and features. (#4209) - (deploy-image/v1-alpha1): Added comments to clarify how resource watching and reconciliation logic works in the scaffolded code. (#4102)
- (go/v4): Upgrade controller-tools version from v0.16.1 to v0.16.4 (#4215)
- (go/v4): Upgrade Prometheus Operator version used on the tests from v0.72.0 to 0.77.1 (#4212)
🐛 Bug Fixes
- (deploy-image/v1-alpha1): Corrected a typo, replacing
typeNamespaceName
withtypeNamespacedName
to ensure accurate variable naming. (#4100) - (deploy-image/v1-alpha1): Fixed sample code to apply correct labels to resources, improving consistency in the scaffolded examples. (#4101)
- (go/v4): Resolved linter issues in the scaffold, adding
nolint
where necessary to prevent failures for specific cases that should not fail during checks. (#4111) - (deploy-image/v1-alpha1): Addressed additional linter issues to enhance code quality. (#4112)
- (go/v4): Fixed linter issues to pass stricter checks like
godot
,gofumpt
, andnlreturn
, ensuring better code formatting and style. (#4133) - (go/v4): Removed duplicate webhook names in multi-version APIs, resolving conflicts when using the same webhook names across different API versions. (#4145)
- (go/v4): Improved webhook test templates by adding examples, providing clearer guidance for testing webhooks. (#4151)
- (go/v4): Ensured unique controller names to fix naming conflicts in multigroup layouts, improving support for projects with multiple groups. (#4162)
- (go/v4): Fixed the
HasResource
package method to stop once a match is found, improving performance and accuracy in resource handling. (#4190) - (go/v4, kustomize/v2): Simplified s...
v4.2.0
changes since v4.1.1
⚠️ Important Notice:
The artefacts for ENVTEST from k8s
1.31
are exclusively available at: Controller Tools Releases. Kubebuilder no longer builds and promote the ENVTEST artefacts at the old location https://storage.googleapis.com/kubebuilder-tools which is deprecated and can no longer be ensured by Kubebuilder maintainers. You should ensure that your projects are using the new location. For further information, see: #4082This update is fully transparent for Kubebuilder users assuming that they properly update their scaffolds to use setup-envtest from controller-runtime branch
release-0.19
.# To know the available versions check: # - https://github.com/kubernetes-sigs/controller-tools/blob/main/envtest-releases.yaml ENVTEST_K8S_VERSION = 1.31.0 # Controller-Runtime branch `release-0.19` has the implementation of the setup-envtest's code responsible # for downloading the tarball from the correct location. ENVTEST_VERSION ?= release-0.19 ... .PHONY: envtest envtest: $(ENVTEST) ## Download setup-envtest locally if necessary. $(ENVTEST): $(LOCALBIN) $(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,$(ENVTEST_VERSION))
✨ New Features
- (go/v4, kustomize/v2): Add support to protect project with network policies (#3853)
- (go/v4): Add support to k8s 1.31 (#4080)
- (go/v4): Upgrading controller-runtime from v0.18.4 to v0.19.0 (#4080)
- (go/v4): Upgrading controller-tools from v0.15.0 to v0.16.1 (#4080)
- (go/v4, kustomize/v2): Upgrade kustomize from v5.4.2 to v5.4.3 (#4084)
🐛 Bug Fixes
- (go/v4): Add missing cancel context to controller's suite-test (#4067)
⚠️ (Only relevant for users of Kubebuilder as a library): ImplementWebhooks should only be used by the e2e tests and should be under its package. Therefore, this method is no longer served underpkg/plugin/util
(#4065)
What's Changed (Full Changelog)
- ✨ Add Network Policy by @camilamacedo86 in #3853
- 📖 Fix generation of markers based on controller-tools by @marlapativ in #4045
- 📖 Add crd-scope and operator-scope documentation by @camilamacedo86 in #4035
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.19.0 to 2.19.1 by @dependabot in #4052
- 🌱 Bump github.com/onsi/gomega from 1.33.1 to 1.34.1 by @dependabot in #4053
- 📖 Fix typo in designs template by @gabriele-wolfox in #4056
⚠️ (cleanup/fix): ImplementWebhooks method should only be used by the e2e tests and should be under its package by @camilamacedo86 in #4065- 🌱 (cleanup): cleanup tests for plugin/util functions by @camilamacedo86 in #4066
- 🌱 pkg/plugin/utils: add tests to cover funcs by @camilamacedo86 in #4068
- 🐛 (go/v4): add missing cancel context to controller's suite-test by @camilamacedo86 in #4067
- 📖 Upgrade the muilt-version sample to the latest by @camilamacedo86 in #4069
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.19.1 to 2.20.0 by @dependabot in #4071
- 📖 docs:samples:cronjob: change makefile to generate the CRD without description to allow apply CRDs by @camilamacedo86 in #4075
- 🌱 Cleanup hack generate docs by removing code duplication by @camilamacedo86 in #4076
- ✨ Add support to k8s 1.31 and upgrade dependencies by @camilamacedo86 in #4080
- 📖 : Upgrade controller-gen used to generate the docs from 0.15.0 to 0.16.1 by @camilamacedo86 in #4081
- 📖 (cleanup and enhance) improve and make clear info about setup envtest and its binaries and that old location is deprecated by @camilamacedo86 in #4083
- ✨ upgrade kustomize from v5.4.2 to v5.4.3 by @camilamacedo86 in #4084
New Contributors
- @marlapativ made their first contribution in #4045
- @gabriele-wolfox made their first contribution in #4056
Full Changelog: v4.1.1...v4.2.0
v4.1.1
changes since v4.1.0
✨ New Features
- (go/v4): Upgrade golangci-lint from
v1.57.2
tov1.59.1
(#4030) - (go/v4): makefile: create unversioned symlinks for configurable binaries tools (#4013)
- (kustomize/v2, go/v4): upgrade kustomize version from
v5.4.1
tov5.4.2
(#4029) - (Only relevant for users of Kubebuilder as a library): Add new CLI option and allow access to underlying CLI command (#4011)
🐛 Bug Fixes
- (go/v4): Fix security concerns by only enabling FilterProvider to protect the metrics endpoint with authn/authz when secureMetrics is true (#4022)
- (go/v4): Align Go Version in go.mod Template to 1.22.0 (#4012)
- (go/v4): Small cleanup in the main.go to keep all variables used defined on top of the file (#4036)
- (go/v4): Fix golang documentation of the method LoadImageToKindClusterWithName scaffold in the e2e tests (#4034)
- (go/v4): Fix validation used to ensure Kind versions pattern (#3986)
- (kustomize/v2, go/v4): Add missing labels for config/default/manager_webhook_patch.yaml (#4028)
Note Based on the changes, it seems appropriate to release these updates as version 4.1.1 rather than 4.2.0. The new features are minor improvements which only affect new projects and do not introduce breaking changes or significant new functionality for existing users.
What's Changed (Full Changelog)
- 🌱 Bump golang.org/x/tools from 0.22.0 to 0.23.0 by @dependabot in #4007
- ✨ (Only relevant for users of Kubebuilder as a library) - Add new cli option and allow access to underlying cli command by @beatrausch in #4011
- 🐛 Align Go Version in go.mod Template to 1.22.0 by @camilamacedo86 in #4012
- 📖 Upgrade controller-gen used to generated the docs and remove redirects for artefact images by @camilamacedo86 in #4010
- ✨ Makefile: Create Version-Agnostic Symlinks for Specified Versioned Binaries by @schrej in #4013
- 📖 docs: correct typo in migration guide by @Gearheads in #4015
- 📖 clarify in note that metrics are protected by default via controller-runtime feature by @camilamacedo86 in #4026
- 📖 Update roadmap_2024.md - with the latest changes and by order the tasks adding what was done at the bottom of the page by @camilamacedo86 in #4027
- 🐛 (kustomize/v2,go/v4): add missing labels for config/default/manager_webhook_patch.yaml by @camilamacedo86 in #4028
- ✨ (kustomize/v2,go/v4): upgrade kustomize version from v5.4.1 to v5.4.2 by @camilamacedo86 in #4029
- ✨ Upgrade golangci-lint from v1.57.2 to v1.59.1 by @camilamacedo86 in #4030
- 🌱 Update release.yml - Update goreleaser from 1.11.2 to v2.1.0 by @camilamacedo86 in #4031
- 🌱 Update Makefile - Remove makefile target to test legacy project no longer supported by @camilamacedo86 in #4032
- 📖 Update test examples not to set Status on create by @hsadoyan in #4016
- 🐛 Fix validation used to ensure Kind versions pattern by @Kavinjsir in #3986
- 🐛 Fix golang documentation of the method LoadImageToKindClusterWithName scaffold in the e2e tests by @fengshunli in #4034
- 🐛 Fix security concerns by only enabling FilterProvider to protect the metrics endpoint with authn/authz when secureMetrics is true by @alex-kattathra-johnson in #4022
- 🐛 cleanup/enhancement: keep all variables used defined on top of
main.go
by @fengshunli in #4036 - 🌱 fix error faced during release process by ensuring dist directory is cleaned before running GoReleaser by @camilamacedo86 in #4040
- 🌱 Upgrade goreleaser by @camilamacedo86 in #4041
New Contributors
- @schrej made their first contribution in #4013
- @hsadoyan made their first contribution in #4016
- @fengshunli made their first contribution in #4034
- @alex-kattathra-johnson made their first contribution in #4022
Full Changelog: v4.1.0...v4.1.1
v4.1.0
changes since v4.0.0
✨ New Features
- Re-introduces authn/authz protection for the metrics endpoint using
WithAuthenticationAndAuthorization
provided by controller-runtime. (#4003)
This protection is similar to what was previously done via
kube-rbac-proxy
, which usage was discontinued in the project. Please, ensure that you no longer use the imagegcr.io/kubebuilder/kube-rbac-proxy
.⚠️ Images provided undergcr.io/kubebuilder/
All images previously built and promoted will stop being available sometime in early 2025**.
- Upgrade controller-runtime from v0.18.2 to v0.18.4 (#3957) (#3972)
- Add revive golangci linter with comment-spacings rule (#3960)
- (Only relevant for users of Kubebuilder as a library) Allow usage of custom marker names (#3993)
🐛 Bug Fixes
- Corrected the
generate
command to respect the--namespaced=false
flag for APIs. (#3970)
🎉 Thanks to all our contributors!
What's Changed (Full Changelog)
- ✨ Upgrade controller-runtime from v0.18.2 to v0.18.3 - k8s version from 1.30.0 to 1.30.1 by @camilamacedo86 in #3957
- 🌱 Cleanup e2e tests for deploy image by @camilamacedo86 in #3959
- ✨ Add revive golangci linter with comment-spacings rule by @mateusoliveira43 in #3960
- 🌱 cleanup: run-test-e2e-for-project-v4-sample workflow by remove unnecessary steps by @camilamacedo86 in #3961
- 🌱 cleanup e2e tests for go/v4 by @camilamacedo86 in #3958
- 📖 Update CONTRIBUTING.md - Add steps about how to debug e2e tests locally by @camilamacedo86 in #3962
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0 by @dependabot in #3963
- 🌱 Bump sigs.k8s.io/kubebuilder/v3 from 3.15.0 to 3.15.1 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @dependabot in #3965
- 📖 fix: documentation links by @mateusoliveira43 in #3967
- 🐛 fix generate command not respecting --namespaced=false of APIs by @antonincms in #3970
- ✨ Upgrade controller-runtime from v0.18.3 to v0.18.4 by @camilamacedo86 in #3972
- 📖 fix error in documentation Watching Externally Managed Resources by @Uburro in #3973
- 🌱 Bump golang.org/x/tools from 0.21.0 to 0.22.0 by @dependabot in #3975
- 🌱 Bump goreleaser/goreleaser-action from 5 to 6 by @dependabot in #3977
- 📖 fix: book v3 link by @mateusoliveira43 in #3978
- 📖 Adding lost v2 vs v3 page. by @Tomlmmrs in #3983
- 🌱 ci: fix testdata due golang module changes by @camilamacedo86 in #3985
- 🌱 Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot in #3987
- 📖 Fix typo in plugins.md by @dudo in #3994
- 📖 Update using_an_external_type.md by @davidxia in #3997
- 📖 Update using_an_external_type.md by @davidxia in #3998
- ✨ (Only valid for those who consume Kubebuilder as a lib) - Allow usage of custom marker names by @beatrausch in #3993
- 📖 docs: clarify English prose in CONTRIBUTING.md by @davidxia in #4002
- 📖 Update quick-start.md by @Hrugved in #4001
- ✨ Add protection to metrics endpoint using authn/authz via controller-runtime feature by @joelanford and @camilamacedo86 in #4003
New Contributors
- @Uburro made their first contribution in #3973
- @Tomlmmrs made their first contribution in #3983
- @dudo made their first contribution in #3994
- @beatrausch made their first contribution in #3993
- @Hrugved made their first contribution in #4001
Full Changelog: v4.0.0...v4.1.0
v4.0.0
v4.0.0
changes since v3.15.1
Overview and Key Guidelines
It is a MAJOR release because all deprecated features were removed from the project. However, for those with projects scaffolded using the go/v4 plugin layout, there should mainly not be impacted by. To know the layout version of your project, check the Project Config, see the PROJECT
file (example).
(General guidance) You might be impact by:
- Bug fix to ensure consistent spacing in marker annotations (#3904). In this case, just find
//+
and replace it with// +
. - Discontinue usage of kube-rbac-proxy in the default scaffolding (#3899), the change is part of the
3.15.0
release since the change is applied only for new projects but you should be aware of and take action. For further information, see: 🚨 Action Required: Ensure that you no longer use gcr.io/kubebuilder images.
(For who are using go/v2
or go/v3
) Upgrading Layouts:
If your project is currently using go/v2
or go/v3
, you must upgrade to go/v4
to be compatible with this release and future updates. To know how to upgrade, check the migration documentation.
💡 Tips
You can add the changes manually, but unless your project is too big or deviated too much from the proposed layout the recommended process to upgrade a project usually involves re-scaffolding and then comparing the new base with your project code changes and re-adding all on top. IDEs usually can help you out in this process since you can re-scaffold all in a branch and easily compare it with your main branch published in the repository of your project to add the code back again.
- Kubebuilder provides and Upgrade Assistance for those who have been using the CLI to do all scaffolds and does not deviated from the layout proposed.
- You can follow the same process to ensure that your scaffold has all changes and bug fixes introduced from MINOR releases.
- You can also always check the project scaffolds under the
testdata
directory as a base and compare them across tag releases to check the changes made: Example: Comparetestdata/project-v4
between tagsv3.14.1
andv3.15.1
.- Avoiding unnecessary deviations from the proposed layout can help you keep your project maintained and aligned with the latest changes with a lower effort. Please, see the info.
⚠️ Breaking Changes
- Removal of ComponentConfig since it is no longer supported by controller-runtime release version 0.15.0 and was removed from v0.18.0 (#3764). (More info)
- Removal of the go/v2 which was kept only to ensure backwards compatibility from Kubebuilder release 2x to 3x and is deprecated since Apr 28, 2021. The
go/v2
plugin cannot scaffold projects in which CRDs and/or Webhooks have av1
API version. Be aware that v1beta1 API for CRDs and Webhooks was deprecated on Kubernetes1.16
and were removed in the Kubernetes1.22+
release. Go versions higher than1.13+
are not supported within. (#3763) (#3915) (More info). - Removal of the go/v3 which is deprecated since Mar 11, 2023. Be aware that
go/v3
plugin cannot scaffold projects using kustomize versionsv4x+
and cannot fully support Kubernetes1.25+
and go versions higher than1.19+
. (#3763) (#3915) (More info) - Removal of the kustomize/v1 which is deprecated since Mar 11, 2023. (#3763) (#3915) (More info)
- Removal of the Declarative Plugin. (#3922) (More info)
- (For who consume Kubebuilder as lib): Removal of deprecated APIs. The methods
NewBundle
,GetShortName
,IsLegacyLayout
are no longer available for those that consumes Kubebuilder as lib. (#3929)
✨ New Features
- Add support for go
1.22
(#3910) - Add support for Kubernetes version
1.30
. Upgrade controller-runtime fromv0.17.3
tov0.18.2
(#3912) - Upgrade kustomize from
v5.3.0
tov5.4.1
by (#3911) - Upgrade controller-tools from
v0.14.0
tov0.15.0
(#3913) - Upgrade EnvTest from
1.29.0
to1.30.0
(#3914) - Add new GolangCI linter to check the tests scaffolded with ginkgo (#3894)
- (For who consume Kubebuilder as lib): Add
sigs.k8s.io/kubebuilder/v4
module (#3924)
🐛 Bug Fixes
- Fix typo issue in the flag description (#3954)
- Fix in the makefile target
docker-buildx
to use the project name instead of fix value (#3928) - Fix in the makefile to remove invalid comment (#3816)
- Fix to ensure consistent spacing in marker annotations. Ensure that you replace all markers to add the space by
s/\//+/\// +/
. (#3904)
Thanks to all our contributors!
What's Changed (Full Changelog)
⚠️ remove component config since it is no longer supported by controller-runtime and is deprecated by @camilamacedo86 in #3764⚠️ remove kustomize/v1, go/v2 and go/v3, and configurations for Project Config v2 related to legacy Kubebuilder CLI version < 3 by @camilamacedo86 in #3763- ✨ Add support for go 1.22 by @camilamacedo86 in #3910
- ✨ Upgrade kustomize from v5.3.0 to v5.4.1 by @camilamacedo86 in #3911
- ✨ Upgrade controller-tools from v0.14.0 to v0.15.0 by @camilamacedo86 in #3913
- ✨ Upgrade envtest from 1.29.0 to 1.30.0 by @camilamacedo86 in #3914
⚠️ (Follow UP: 3763) - remove kustomize/v1, go/v2 and go/v3, and configurations for Project Config v2 related to legacy Kubebuilder CLI version < 3 by @camilamacedo86 in #3915⚠️ remove component config by @camilamacedo86 in #3916- 🌱 Began to test getting start sample in the CI by @camilamacedo86 in #3918
- 📖 Add note to clarify that kube-rbac-proxy images are no longer released by @camilamacedo86 in #3919
- ✨ Upgrade controller-runtime from v0.17.3 to v0.18.2 by @camilamacedo86 in #3912
- 🌱 Remove CRD and Webwhook versions options since they are no longer useful by @camilamacedo86 in #3920
- 🐛 makefile: remove invalid comment by @mateusoliveira43 in #3816
- 📖 extending-cli: remove ref of deprecated plugins by @camilamacedo86 in #3923
⚠️ remove declarative plugin by @camilamacedo86 in #3922- 📖 Update RELEASE.md - Make clear the build of artifacts are deprecated by @camilamacedo86 in #3926
- 📖 (plugin deploy-image and envtest): use ref of project-v4 instead of v3 in the examples by @camilamacedo86 in #3927
- 🐛 fix: makefile: target docker-buildx should use the project name instead of fix value by @camilamacedo86 in #3928
⚠️ Remove api deprecations: The methods NewBundle, GetShortName, IsLegacyLayout are no longer available by @camilamacedo86 in #3929- 📖 Update roadmap_2024.md - Latest status - 18 May by @camilamacedo86 in #3925
- 📖 doc/cleanup: remove reference of legacy plugins by @camilamacedo86 in #3930
- 📖 Update CONTRIBUTING.md - Clarify book-v3 docs publish status and blocker faced by @camilamacedo86 in #3932
- 📖 doc: small nits for the migration section by @camilamacedo86 in #3933
⚠️ Kubebuilder CLI Major Bump: Move module from v3 to v4 by @camilamacedo86 in #3924- 🌱 Bump sigs.k8s.io/kubebuilder/v3 from 3.14.2 to 3.15.0 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @dependabot in https://github.com/kubernetes-sigs...
v3.15.1
v3.15.1
changes since v3.15.0
🐛 Bug Fixes
- (go/v4,kustomize/v2): - fix to preserve existing flags when applying metrics patch (#3947)
- (go/v4,kustomize/v2): - fix the place where metrics service is scaffolded by moving from config/rbac to config/default (#3948)
🎉 Thanks to all our contributors!
What's Changed (Full Changelog)
- 🐛 (cherry-pick #3937) - fix: preserve existing flags when applying metrics patch by @camilamacedo86 in #3947
- 🐛 (cherry-pick #3945) fix place where metrics service is scaffolded by moving from config/rbac to config/default by @camilamacedo86 in #3948
Full Changelog: v3.15.0...v3.15.1
v3.15.0
v3.15.0
changes since v3.14.2
⚠️ Breaking Changes
- (go/v4, kustomize/v2): Discontinue Kube RBAC Proxy in Default Kubebuilder Scaffolding (#3899). For further information see: 🚨 Action Required: Ensure that you no longer use gcr.io/kubebuilder images
🎉 Thanks to all our contributors!
What's Changed (Full Changelog)
- 📖 Fix link for controller-runtime FAQ by @camilamacedo86 in #3888
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 by @dependabot in #3891
- 🌱 Bump golangci/golangci-lint-action from 4 to 5 by @dependabot in #3892
- 🌱 Bump sigs.k8s.io/kubebuilder/v3 from 3.14.1 to 3.14.2 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @dependabot in #3893
- 🌱 Bump github.com/onsi/gomega from 1.33.0 to 1.33.1 by @dependabot in #3900
- 🌱 Bump golang.org/x/tools from 0.20.0 to 0.21.0 by @dependabot in #3901
- 🌱 move tony to approver by @Kavinjsir in #3843
- 🌱 Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 by @dependabot in #3905
- 🌱 Bump golangci/golangci-lint-action from 5 to 6 by @dependabot in #3906
⚠️ Discontinue Kube RBAC Proxy in Default Kubebuilder Scaffolding by @camilamacedo86 in #3899
Full Changelog: v3.14.2...v3.15.0
v3.14.2
v3.14.2
changes since v3.14.1
✨ New Features
- (go/v4): Upgrade controller-runtime dependency from v0.17.2 to v0.17.3 (#3882)
- (go/v4): Upgrade golangci from 1.54 to 1.57 by (#3846)
- (go/v4): (To address deprecation): Replace
deadline
in favor oftimeout
ingolangci-lint
configuration (#3865) - (kustomize/v2): Add CRD viewer and editor roles in rbac/kustomization.yaml (#3800)
- (go/v4): Upgrade cert-manager version used from v1.5.3 to v1.14.4 in the e2e tests scaffolded (#3839)
- (go/v4): Upgrade Prometheus version used in the tests from v0.68.0 to v0.72.0 in the e2e tests scaffolded (#3840)
- (go/v4): Upgrade gcr.io/kubebuilder/kube-rbac-proxy image from v0.15.0 to v0.16.0 (#3833).
⚠️ IMPORTANT: Please note that kube-rbac-proxy is now deprecated and will be discontinued in a future release.If you want to still using this project, it is recommended that you switch to the images directly provided by the project. For more details, please refer to the project’s image repository.
The Kubebuilder can no longer support the promotion and building of these images. All images previously built and promoted will stop being available sometime in early 2025. This change may impact your production workloads if they rely on these images. (
gcr.io/kubebuilder/kube-rbac-proxy:<all>
)For more information, please review the proposal to Discontinue Kube RBAC Proxy in Default Kubebuilder Scaffolding.
🐛 Bug Fixes
- (go/v4): Add comment to clarify that webhooks path in the marker values should not be changed (#3877)
- (go/v4): Fix Invalid leader election ID generated when domain is empty (#3876)
- (kustomize/v2, go/v4): Fix labels according to conventions. Follow-up of PR 3797 (#3857)
- (go/v4,kustomize/v2): Fix roles names for projects with multi-group layout (#3845)
- (go/v4,kustomize/v2): Fix the CRD kustomization path logic to ensure webhook patches are generated exclusively for resources that are configured with webhooks (#3838)
- (go/v4,kustomize/v2): Fix resource path generation for resources without a specified group (#3837)
- (kustomize/v2, go/v4): Fix labels according to conventions. Address change in missing files. It is a follow-up of the PR #3797 (#3857)
🎉 Thanks to all our contributors!
What's Changed (Full Changelog)
- 🌱 Fix makefile target make generate by @camilamacedo86 in #3834
- ✨ (go/v4) - Upgrade Prometheus version used in the tests from v0.68.0 to v0.72.0 by @camilamacedo86 in #3840
- ✨ Upgrade gcr.io/kubebuilder/kube-rbac-proxy image from v0.15.0 to v0.16.0 by @camilamacedo86 in #3833
- ✨ Upgrade cert-manager version used from v1.5.3 to v1.14.4 by @camilamacedo86 in #3839
- 🐛 fix resource path generation for resources without a specified group by @camilamacedo86 in #3837
- 🌱 Bump sigs.k8s.io/kubebuilder/v3 from 3.14.0 to 3.14.1 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @dependabot in #3841
- 🐛 Fix the CRD kustomization path logic to ensure webhook patches are generated exclusively for resources that are configured with webhooks by @camilamacedo86 in #3838
- 🐛 (go/v4,kustomize/v2): fix roles names for projects with multi-group layout by @camilamacedo86 in #3845
- ✨ Upgrade golangci from 1.54 to 1.57 by @camilamacedo86 in #3846
- 📖 Fix Generate Sample for Getting Started Tutorial by @camilamacedo86 in #3848
- 🌱 Upgrade images used in the samples and e2e tests for deployImage plugin by @camilamacedo86 in #3849
- 🌱 Remove plugin flag from generate docs samples by @camilamacedo86 in #3850
- 🌱 Update common kind and envtest for e2e tests by @camilamacedo86 in #3852
- 🌱 Cleanup and fix kind config to run the tests against 1.29 by @camilamacedo86 in #3851
- ✨ (kustomize/v2): Add CRD viewer and editor roles in rbac/kustomization.yaml by @lunarwhite in #3800
- 🌱 Bump golang.org/x/tools from 0.19.0 to 0.20.0 by @dependabot in #3856
- 🐛 (kustomize/v2, go/v4): Fix labels according to conventions. Follow-up of PR 3797 by @camilamacedo86 in #3857
- ✨ : (go/v4): Replace
deadline
in favor oftimeout
ingolangci-lint
configuration by @afritzler in #3865 - 🌱 ci: fix go sample e2e tests by @camilamacedo86 in #3867
- 🌱Evaludate and Apply Latest Lint Rules and Features by @prashantrewar in #3866
- 📖 Add Roadmaps to bring visibility and allow better collaboration by @camilamacedo86 in #3835
- 📖 fix typo in raising-events.md by @whitebear009 in #3870
- 📖 : Proposal : Discontinue Kube RBAC Proxy in Default Kubebuilder Scaffolding by @camilamacedo86 in #3860
- 🌱 Bump github.com/onsi/gomega from 1.32.0 to 1.33.0 by @dependabot in #3869
- 📖 Add note to link Controller-Runtime FAQ page by @camilamacedo86 in #3874
- 📖 Update Multi-Version Tutorial by @camilamacedo86 in #3875
- 🐛 fix Invalid leader election ID generated when domain is empty by @camilamacedo86 in #3876
- 🐛 Add comment to clarify that webhooks path in the marker values should not be changed by @camilamacedo86 in #3877
- 🌱 Just ensure that we have the right permissions to regenerate the getting started sample by @camilamacedo86 in #3881
- ✨ Upgrade controller-runtime dependency from v0.17.2 to v0.17.3 by @camilamacedo86 in #3882
New Contributors
- @lunarwhite made their first contribution in #3800
- @afritzler made their first contribution in #3865
- @prashantrewar made their first contribution in #3866
- @whitebear009 made their first contribution in #3870
Full Changelog: v3.14.1...v3.14.2