Releases: tigera/operator
Releases · tigera/operator
v1.29.0
12 Jan 2023
Included Calico versions
Calico version: v3.25.0
Calico Enterprise version: v3.15.0
Enhancements
- [Calico Enterprise] [RS-647] Adds access to applicationlayer resources #2335 (@mikestephen)
- Add support for Typha graceful shutdown #2303 (@fasaxc)
- Add IPv6 Wireguard and IPv6 VXLAN custom MTU support #2087 (@coutinhop)
Bug fixes
- Fix that operator could not remove a ClusterIP. #2353 (@fasaxc)
- Fixed a bug that caused the Tigera Operator to incorrectly (de-)serialize ports in FelixConfigurations #2339 (@tmjd)
- Use headless services for metrics ports. #2304 (@fasaxc)
- [Calico Enterprise] Configure dnsTrustedServers correctly for RKE2 #2181 (@nelljerram)
Other changes
- Update to Calico v3.25.0 #2395 (@mgleung)
- update crds #2384 (@rene-dekker)
- Run job until it eventually completes #2382 (@rene-dekker)
- Update CRDs - generate filles/versions #2381 (@mazdakn)
- Bump golang version to 1.18 #2380 (@Brian-McM)
- CalicoVersion added to installation status #2376 (@sridhartigera)
- [master] Work around upgrade issue upgrading from versions that don't support TPROXY. #2372 (@fasaxc)
- Automated cherry pick of #2360: Support rolling updates during upgrades by preserving #2361 (@rene-dekker)
- Create node trustedbundle with root certificates. #2352 (@sridhartigera)
- Add permissions for bgpfilters and externalnetworks to the apiserver. #2351 (@sridhartigera)
- Update general dependencies #2348 (@Behnam-Shobiri)
- Update golang to 1.18.9 #2342 (@Behnam-Shobiri)
- Make gen-files make validate-gen-versions, make gen-versions #2338 (@rene-dekker)
- Add calico-typha ClusterRole permissions for newly added bgpfilters a… #2337 (@Josh-Tigera)
- Egress Gateway - operator changes #2336 (@sridhartigera)
- Add system root ca in order to trust external identities providers #2334 (@asincu)
- add support override for csi-node-driver #2331 (@zoezhangmattr)
- Update CRDs to the latest #2330 (@hjiawei)
- Update CRDs #2326 (@freecaykes)
- fix(render/ids): correct claim name in deployment #2325 (@freecaykes)
- upgrade kibana from 7.17.5 to 7.17.7 #2321 (@vara2504)
- Use our own TyphaDeploymentStategy #2319 (@fasaxc)
- Add functionality to include system root certs into the tigera-ca-bundle #2312 (@rene-dekker)
- Node selectors for prometheus resources overridden fix #2309 (@rene-dekker)
- add gen-files and fix #2308 (@rene-dekker)
- Update Elasticsearch version to v7.17.7 #2305 (@hjiawei)
- Add prometheus annotations to kube-controllers metrics service #2302 (@lmm)
- fix(render/ids): render ad api with privilege user if persistent storage is used #2300 (@freecaykes)
- IDS controller use root when syslog forwarding is enabled #2294 (@hjiawei)
- Revert "[EV-2765] Add v1 namespaces get to tigera-manager-role Cluste… #2293 (@dimitri-nicolo)
- [Release 1.28] Update golang.org/x/text [cherry-pick 2291] #2292 (@Behnam-Shobiri)
- Update golang.org/x/text #2291 (@Behnam-Shobiri)
- Fix make manifests #2290 (@sridhartigera)
- Bump compliance benchmarker and reporter liveness period #2286 (@hjiawei)
- Update doc for syslog possible values (EV-2821,EV-2822) #2284 (@vara2504)
- Remove unconditional ServiceAccountName on CSI daemonset #2281 (@Josh-Tigera)
- Update base to UBI 8.7 #2275 (@Behnam-Shobiri)
- Update tigera-ca-bundle path to /etc/pki/tigera #2273 (@vara2504)
- Update golang to 1.18.8 #2265 (@Behnam-Shobiri)
- Fix kibana certificate in esgateway trusted bundle EV-2686 #2262 (@vara2504)
- Modsecurity rule set updated to v3.3.4 (latest stable release). #2260 (@bartolini)
- fix(render/ids): remove privilege from #2258 (@freecaykes)
- [EV-2765] Add v1 namespaces get to tigera-manager-role ClusterRole #2257 (@dimitri-nicolo)
- GlobalAlertTemplates for detectors: multivariable flow and dns tunnel #2250 (@freecaykes)
- Add support for topology spread constraints to core components #2246 (@caseydavenport)
- [Cherry-pick #2243 to v1.27] prevent operator lockup when unused apiservices are down #2244 (@ozdanborne)
- prevent operator lockup when unused apiservices are down #2243 (@ozdanborne)
- Support k8s 1.25 for CE 3.15 #2241 (@pasanw)
- Add syslog tls changes - EV-2481 #2240 (@vara2504)
- Update CRDs to the latest #2237 (@hjiawei)
- Update CRDs to the latest #2235 (@hjiawei)
- Bump elasticsearch version to v7.17.6 #2234 (@hjiawei)
- Update CRDs #2230 (@freecaykes)
- Render PSPs for CSI driver pods #2226 (@freecaykes)
- Add PSP for Guardian for RKE2 CIS -Hardened clusters #2220 (@freecaykes)
- Update golang to 1.18.7 #2210 (@Behnam-Shobiri)
- Update dex security context in deploy when PSS is restricted #2205 (@hjiawei)
- Remove ADJ api pod when fips is enabled #2204 (@hjiawei)
- Propagate imagePullSecrets from Installation resource th... #2202 (@Josh-Tigera)
- Update aws sdk go #2197 (@Behnam-Shobiri)
- update ip_pools CRDs #2195 (@freecaykes)
- fix(guardian): minimize PS for deployment #2194 (@freecaykes)
- Modify L7 logging and WAF to use CSI volume instead of flexvolume volume #2186 (@Josh-Tigera)
- Fix apiserver name comment #2184 (@caseydavenport)
- Hide anomaly detection when FIPS is enabled #2182 (@rene-dekker)
- Update crds #2168 (@rene-dekker)
- Update pins #2167 (@rene-dekker)
- Update CRDs to the latest #2164 (@hjiawei)
- Let the pcap server trust dex by mounting the ca-bundle #2162 (@rene-dekker)
- update dependencies #2158 (@Behnam-Shobiri)
- update crds #2157 (@rene-dekker)
- Add BPFDisableLinuxConntrack to Calico Enterprise Api #2156 (@mazdakn)
- update UBI base image from 8.5 to 8.6 #2151 (@Behnam-Shobiri)
- Update GO_BUILD_VERSION #2146 (@rene-dekker)
- Add BPFDisableLinuxConntrack to Calico Api #2145 (@mazdakn)
- Allow IP forwarding during manifest-to-operator migration #2144 (@Josh-Tigera)
- upgrade kibana from 7.16.2 to 7.17.5 #2143 (@vara2504)
- De...
Contributors
lmm, fasaxc, and 23 other contributors
Assets 2
v1.27.17
09 Jan 2023
Included Calico versions
Calico version: v3.23.5
Calico Enterprise version: v3.14.4
Other changes
- Prepare v1.27.7 #2383 (@rene-dekker)
- partial pick from pull #1832 to add missing cert #2379 (@rene-dekker)
- Update numorstring #2370 (@mgleung)
- [v1.27] Work around upgrade bug from versions that don't support TPROXY. #2368 (@fasaxc)
- update tigera/api pin to latest v3.14 #2364 (@rene-dekker)
- Add private flexvol image #2363 (@rene-dekker)
- Update ES & KB for EE v3.14.4 #2362 (@rene-dekker)
- Support rolling updates during upgrades by preserving legacy fields in tls secrets #2357 (@rene-dekker)
- [v1.27] Fix that operator could not remove a ClusterIP. #2354 (@fasaxc)
- [Release-v1.27] Update dependencies #2347 (@Behnam-Shobiri)
- [Release 1.27] Update golang to 1.18.9 (cherry-pick 2342) #2344 (@Behnam-Shobiri)
- [v1.27] Scale-related backports #2333 (@fasaxc)
- Automated cherry pick of #2309: Node selectors for prometheus resources overridden fix #2314 (@rene-dekker)
- [Release 27] Update base image (cherry-pick 2275) #2277 (@Behnam-Shobiri)
- [Release 1.27] Cherry-pick 2265 (update golang to 1.18.8) #2267 (@Behnam-Shobiri)
Contributors
fasaxc, mgleung, and 2 other contributors
Assets 2
v1.28.8
09 Jan 2023
Included Calico versions
Calico version: v3.24.5
Calico Enterprise version: v3.15.0
Bug fixes
- Automated cherry pick of #2377: Fix race condition where trusted bundle is rendered twice #2378 (@rene-dekker)
- [v1.28] Work around upgrade issue upgrading from versions that don't support TPROXY. #2373 (@fasaxc)
- Fixed a bug that caused the Tigera Operator to incorrectly (de-)serialize ports in FelixConfigurations #2371 (@mgleung)
- [v1.28] Fix that operator could not remove a ClusterIP. #2355 (@fasaxc)
- [release-v1.28] fix(render/ids): correct claim name in deployment #2327 (@freecaykes)
- Automated cherry pick of #2309: Node selectors for prometheus resources overridden fix #2313 (@rene-dekker)
Other changes
- Automated cherry pick of #2357: Support rolling updates during upgrades by preserving #2360 (@rene-dekker)
- Create node trustedbundle with root certificates. (#2352) #2356 (@sridhartigera)
- [Release 1.28] Update general dependencies (cherry-pick 2348) #2349 (@Behnam-Shobiri)
- [Release 1.28] Update golang to 1.18.9 (cherry-pick 2342) #2343 (@Behnam-Shobiri)
- Cherry-pick #2312 upgrade kibana from 7.17.5 to 7.17.7 #2341 (@vara2504)
- [v1.28] Scale-related backports #2332 (@fasaxc)
- Revert "Revert "Update Elasticsearch version to v7.17.7"" #2320 (@hjiawei)
Contributors
fasaxc, mgleung, and 6 other contributors
Assets 2
v1.28.7
30 Nov 2022
Included Calico versions
Calico version: v3.24.5
Calico Enterprise version: v3.15.0
Other changes
- Automated Add functionality to include system root certs into the trusted bundle #2317 (@rene-dekker)
- Fix(render/ids): render ad api with privilege user if persistent storage is used #2311 (@freecaykes)
Contributors
freecaykes and rene-dekker
Assets 2
v1.28.6
22 Nov 2022
Included Calico versions
Calico version: v3.24.5
Calico Enterprise version: v3.15.0
Other changes
- Update enterprise versions #2306 (@pasanw)
- Update pins for v3.15.0 #2299 (@pasanw)
- [release-v1.28] Bump compliance benchmarker and reporter liveness period #2289 (@hjiawei)
- Cherry-pick #2284 Update doc for syslog possible values (EV-2821,EV-2822) #2285 (@vara2504)
- Update versions for CE v3.15 #2283 (@pasanw)
- Remove unconditional ServiceAccountName on CSI daemonset #2282 (@Josh-Tigera)
- [Release 28] Update base image (cherry-pick 2275) #2276 (@Behnam-Shobiri)
- cherry-pick #2273 Update tigera-ca-bundle path to /etc/pki/tigera #2274 (@vara2504)
- (Pick for release-v1.28) Support k8s 1.25 for CE 3.15 #2272 (@pasanw)
- cherry-pick #2240 Add syslog tls changes - EV-2481 #2271 (@vara2504)
Contributors
hjiawei, pasanw, and 3 other contributors
Assets 2
v1.28.5
08 Nov 2022
Included Calico versions
Calico version: v3.24.5
Calico Enterprise version: pre-release v3.15
Other changes
- Updates for v3.24.5 #2270 (@mgleung)
- [Release 1.28] Cherry-pick 2265 (Update golang to 1.18.8) #2266 (@Behnam-Shobiri)
- Cherry pick 2257 into release v1.28 #2264 (@dimitri-nicolo)
- Cherry-pick #2262- Fix manager UI kibana redirect broken EV-2686 #2263 (@vara2504)
- [release-v1.28] Pick #2258 #2259 (@freecaykes)
- Cherry-picks from master to release-v1.28 #2254 (@pasanw)
Contributors
mgleung, freecaykes, and 4 other contributors
Assets 2
v1.27.16
v1.28.4
02 Nov 2022
Included Calico versions
Calico version: v3.24.4
Calico Enterprise version: pre-release v3.15.0
Changes
- Updates for v3.24.4 #2253 (@mgleung)
- [release-v1.28] pick 2250 #2252 (@freecaykes)
- Allow IP forwarding during manifest-to-operator migration #2247 (@Josh-Tigera)
- [Cherry-pick #2243 to v1.28] prevent operator lockup when unused apiservices are down #2245 (@ozdanborne)
- [release-v1.28] Update CRDs to the latest #2238 (@hjiawei)
- [release-v1.28] Bump elasticsearch version to v7.17.6 #2236 (@hjiawei)
- Update felixconfig CRD with egress gateway polling config #2233 (@Josh-Tigera)
- Cherry pick 2143 - update kibana Version - 7.16.2 to 7.17.5 #2223 (@vara2504)
- Propagate imagePullSecrets from Installation resource through to CSI … #2208 (@Josh-Tigera)
- [release-v1.28] cherry-pick 2197 #2198 (@Behnam-Shobiri)
Contributors
mgleung, freecaykes, and 5 other contributors
Assets 2
v1.27.15
v1.28.3
21 Oct 2022
Included Calico versions
Calico version: v3.24.3
Calico Enterprise version: pre-release v3.15
Other changes
- Updates for v3.24.3 #2231 (@mgleung)
- [release-v1.28] pick #2226 #2229 (@freecaykes)
- [release-v1.28] pick #2220 #2222 (@freecaykes)
Contributors
mgleung and freecaykes