Release notes for Serving 1.9

tags: Release Notes Serving

Changelog since 1.8

🚨 Breaking or Notable

  • Knative will now warn (but not error) when creating or updating a PodSpec where containers have additional privilege due to unset SecurityContext values. Explicitly setting these values to any setting, including high-privilege ones, will disable this warning.

    These fields are:

    • runAsNonRoot (empty means false)
    • allowPrivilegeEscalation (empty means true)
    • seccompProfile.type (empty string means Unconfined)
    • capabilities.drop (default maintains privileges, use ALL to drop unneeded linux capabilities) (#13399, @evankanderson)

💫 New Features & Changes

  • Net-contour respects the internal-encryption Knative configuration, and encrypts traffic from Contour controlled Envoy to Activator. Requires Contour 1.24.0 or greater (#819, @KauzClay)
  • Adds the secure-pod-defaults feature, which is defaulted to Disabled in this release. When enabled, containers described by users will have best-practice SecurityContext features enabled unless insecure settings are specifically requested. (#13398, @evankanderson)
  • Work around for cert-manager not allowing us to create certs for 64+ bytes name ksvc (#13569, @KauzClay and @dprotaso)
  • Autoscaler now runs a single leader election go routine (#13585, @dprotaso)

Small Improvements

  • Add app label to Service selector for webhook and domainmapping-webhook. (#13265, @a7i)
  • Upgrade tests now stream logs from user and system namespace. The logs are printed on failure. (#13587, @mgencur)
  • net-kourier deployments now have Prometheus scraping annotations (#978, @evankanderson)
  • net-kourier deployments now have resource requests and limits

Bug or Regression

  • Changes to Pod or Revision-level defaults during Knative upgrades will no longer be attempted (and failed) when supplying your own Revision name. (#13565, @evankanderson)
  • net-contour would erroneously redirect cluster-local endpoints to HTTPS URLs when AutoTLS was enabled and default-tls-secret was set. (@jsanin-vmw)
  • Improved truncation of long generated names, which would sometimes produce invalid kubernetes resource names. (#847, @KauzClay)

Dependencies

Added

Nothing has changed.

Changed

Removed

Nothing has changed.

Release notes for Eventing 1.9

tags: Release Notes Eventing

Changelog since 1.8

🚨 Breaking or Notable

💫 New Features & Changes

  • 📄 ApiServerSource can specify a selector to target one or more namespaces. If the selector is missing, it will default to targeting the namespace in which the source resides (#6665, @gab-satchi)

Bug fixes

  • 🐛 Fixes an issue where creating a Trigger before a RabbitMQ Broker could create an invalid Trigger. (#1018, @gab-satchi)

Dependencies

Added

Nothing has changed.

Changed

Removed

Nothing has changed.

Release notes for Functions & Client 1.9

tags: Release Notes Eventing

Changelog Since 1.8

Changelog since 1.8

🚨 Breaking or Notable

💫 New Features & Changes

  • The springboot function templates have been updated to use Spring Boot 3.0 and the new Spring 6.0 AOT support. Note: this requires Java 17 when building locally. (#1509, @trisberg)
  • Node.js and TypeScript functions now support ESM modules (#1468, @lance)
  • quickstart plugin will now create a local registry. (#376, @ehudyonasi)

Small Improvements

  • Updated springboot function templates to use Spring Boot version 2.7.7 (#1502, @trisberg)
  • Updates the quickstart version of Kubernetes to v1.25.3. Also updates the recommended versions of kind and minikube to 0.16 and 1.28, respectively. (#368, @psschwei)
  • quickstart will exit quickly if Knative namespace already exist in cluster. (#379, @ehudyonasi)

Bug or Regression

  • Fix: envvar parsing for pack tekton task when envvar contains the = char (#1512, @matejvasek)
  • Fixes a bug preventing autoscaling options from being applied (#1482, @zroubalik)
  • Fixes a bug where path was sometimes not evaluated. (#1519, @lkingland)

Other (Cleanup or Flake)

  • Fixes an issue for developers where code in the test package would not be fully supported by some IDEs (#1503, @lkingland)
  • Update the error message when neither the registry flag nor the FUNC_REGISTRY environment variable are set (#1510, @lance)

Dependencies

Added

Select a repo