Changelog#
1.0.0-beta.2 (2023-10-17)#
Features#
- Added support to configure LDAP with Pulp. #1042
- Added capability to customize annotations of serviceAccount created by operator. #1079
Bugfixes#
- Modified pulpcore containers entrypoints to support
pulp-minimal:3.33
image. #1081 - Fixed a backup issue in pulp-secret-key with special chars. #1098
- Fixed the KubeAPIWarningLogger PodSecurity warning messages. #1102
Improved Documentation#
- Added doc steps to rotate database fields encryption key. #742
- Updated the
reset-admin-password
warning message to also don't reset the
password via/api/v3/users
endpoint. #1078
Misc#
1.0.0-beta.1 (2023-09-05)#
Features#
- Added a job to handle
ALLOWED_CONTENT_CHECKSUMS
modifications. #1060 - Mofified k8s jobs resource names to avoid name colision if multiple Pulp CRs are created in the same namespace. #1074
Bugfixes#
- Fixed a regression where the
s3-region
was defined as a requiredSecret
field. #1057 - Fixed a regression where handling of the
s3-endpoint
option was not possible #1066
Deprecations and Removals#
- Removed unused fields from CRD. #817
- Removed CRD fields from old ansible version of the operator. #1044
1.0.0-alpha.9 (2023-08-21)#
Features#
- Added a check for missing file_storage_storage_class definition whenever file_storage_size or file_storage_access_mode is/are provided. #946
- Moved API container entrypoint migration script to k8s jobs. #991
- Added the OpenTelemetry support as sidecar container for pulp-api pods. #1006
- Added support to define Redis PVC storage size. #1016
- Added new fields to set resources for init-container and metrics sidecar containers. #1019
- Added the
pulp_secret_key
field to set the DjangoSECRET_KEY
. #1040
Bugfixes#
- Fixed an issue in OCP clusters where every ingress would be created with the same configurations (regardless of ingressclass). #917
- Fixed an issue in OCP clusters where the "pulp-redirect" Ingress would not get removed after modifying ingress_class_name. #918
- Fixed an issue in
Ingress.spec.rules.http.paths
from non "nginx" or "openshift-default" ingresses. #923 - Modified the format of backup dir names. #937
- Fixed a bug that caused the CONTENT_ORIGIN scheme to always be https. #1048
Improved Documentation#
- Added a doc section with instructions to install pulp-operator using Helm. #1008
Deprecations and Removals#
- The operator will not get the default ingress domain nor verify the ingressclass anymore to avoid the need of clusterroles. #885
Misc#
1.0.0-alpha.8 (2023-06-23)#
Bugfixes#
- Modified the default readiness probe endpoint when DOMAIN is enabled. #987
1.0.0-alpha.7 (2023-06-22)#
Features#
- Modified the reconciliation for
pulpcore-content
to wait forAPI
pods get into a READY state before updating theDeployment
in case of image version change. #969 - Added a log message when restarting
api
andcontent
pods in case of a secret reconciliation. #973
Bugfixes#
- Added a watcher on some secrets not managed by the operator and added a reconciliation loop in case these secrets get modified. #521
Improved Documentation#
- Added a networking section in configuration doc. #666
- Added more information regarding the usage and limitation of
emptyDir
. #824
1.0.0-alpha.6 (2023-04-27)#
Bugfixes#
- The container_token_secret was not getting its name from Pulp CR. #852
Improved Documentation#
- Add Documentation for custom S3 endpoints #882
Misc#
1.0.0-alpha.5 (2023-01-03)#
Features#
- Added a feature to deploy and sync Galaxy execution environments. #821
- Modified postgres mount point to keep compatibility with ansible-based operator version. #848
Bugfixes#
- Added a check for
ingress_host
being null wheningress_type
defined as "ingress". #675 - Fixed a permission/ownership error during bkp/restore procedure. #808
- Fixed a deadlock on status update. #829
- Fixed an issue on rendering Pulp settings wrongly. #830
- Fixed an issue with container token pub key mount point. #834
- Fixed an issue with default values for TOKEN_SERVER and TOKEN_AUTH_DISABLED in settings.py. #836
Improved Documentation#
- Added steps to configure and run backup/restore procedure. #765
- Added steps to manually configure ingress. #771
- Document how to install multiple instances of Pulp operator. #827
1.0.0-alpha.4 (2022-11-28)#
Features#
- Added a field to set IngressClass name. #674
- Added a field to pass a secret name to configure route custom certificates. #800
Bugfixes#
- Fixed an issue with envtest failing because of an assessment with old value. #807
Improved Documentation#
- Described the Operator unmanaged state. #792
Misc#
1.0.0-alpha.3 (2022-11-17)#
Features#
- Added a configmap to avoid pulprestore controller execution. #550
- Add Ingress TLS secret #676
- Added a field to set affinity for bkp-manager pods. #782
Bugfixes#
- Make web available when ingress isn't nginx #770
1.0.0-alpha.2 (2022-11-09)#
Bugfixes#
- Ensure reconciliation when ingress is modified #672
- Fixed an issue with .status.conditions[] not getting updated for pulpcore-workers. #735
- Fixed an issue with .status.conditions[] getting updated in a specific order. #736
- Fixed an issue in RequeueAfter reconciliation logic. #747
- Added a "retry" in case controller fails to update operator's status.conditions[]. #751
- Fix ingress type assertion #755
- Set update error message as DEBUG instead of ERROR. #756
Misc#
1.0.0-alpha.1 (2022-11-03)#
Features#
- Added PDB configuration through Pulp CR. #433
- Modified affinity field to allow inter-pod affinity/anti-affinity configuration. #434
- Added option to mount custom CA. #513
- Added probe fields in pulp CR. #516
- Added configuration to change the operator log level. #571
- Added a field to control the restore deployment replicas. By default it will be set to false (restore controller will redeploy only a single replica of each component). #572
- Added more node selector configuration (cache and web pods). Added field to define route labels. #577
- Added default readiness probe for pulp-web pods. #579
- Added configuration to use external Redis instance. #614
- Modified (through processPodSecurityContext) the UID that runs the entrypoint of the container process. #627
- Modified Pulp CRD to collect info to connect to an external database from a Secret. #630
- Added a field to configure the deployment strategy. #635
- Let the operator namespace-scoped. #657
- Use Nginx Ingress as reverse proxy #660
- Added a check for configurations in non-ocp env with ingress_type==route. #669
- Updated CRD field comments. #711
- Utilize the renamed
pulp-minimal
andgalaxy-minimal
images. Also have CI test the new big s6-contining imagespulp
andpulp-galaxy-ng
. #717 - Set nginx fields default values in controller (not in CR). #722
- Improved route paths provisioning loop. #729
Bugfixes#
- Added logic on how to handle different/multiple types of storage in Pulp CR. #526
- Fixed an issue with backup of PVCs manually created. #580
- Fixed an issue with backup controller failing when there was no signing secret. #581
- Fixed .status.condition not reflecting the real state. #600
- Add serviceaccounts permission #601
- Removed default values for Pulp database when configuring external PostgreSQL. #622
- Set ContainerTokenSecret as immutable (the controller will reconcile with the same value if the field is modified). Set AdminPasswordSecret as immutable (the controller will reconcile with the same value if the field is modified). Added ImagePullSecrets reconciliation logic. Fixed TrustedCa volumeMount reconciliation logic. Fixed NodeSelector reconciliation logic. Fixed Tolerations reconciliation logic. Fixed TopologySpreadConstraints reconciliation logic. Fixed ResourceRequirements removal logic. Fixed PDB removal logic. Fixed Strategy removal logic. Set Cache.ExternalCacheSecret as immutable (the controller will reconcile with the same value if the field is modified). Fixed Cache.RedisPort reconciliation logic. Fixed Cache.Resources reconciliation logic. Fixed Cache.NodeSelector reconciliation logic. Fixed Cache.Tolerations reconciliation logic. #646
- Fixed a bug in route reconciliation. #648
- Fixed the backoff loop not incrementing exponentially on error. #650
- Ensure Nginx Ingress Controller is used when multiple controllers are installed #673
- Added ingressclass clusterrole. #709
- Ensure ingress status conditions #714
- Fixed issue with headless services propagating new address to pulp-web pods. #737
Improved Documentation#
- Added steps to configure object storage. #593
- Added troubleshooting section. #596
- Stacktrace enabled only for above "panic" level. #605
- Added steps to configure operator's database. #619
- Fix broken links #681
- Added a section explaining default secrets created by the operator. #683
Misc#
0.14.0 (2022-09-19)#
Features#
- Omitted pulp-web role if ingress_type==route, which brings some benefits like:
- reduce point of failure
- reduce complexity
- reduce resource consumption
- reduce communication hops #436
- Add support for pulp_container signing service #564
Bugfixes#
- Adding NodeSelector/Toleration to Redis Deployment #561
- Allows users to correctly set predefined pvc with backup_pvc. It was hardcoded in the remove ownerReferences task. Now correctly uses the dynamic variable backup_claim. #610
Misc#
0.13.0 (2022-07-04)#
Features#
- Added more information on
.status.conditions
CR field. #435 - Added readiness probe to content and workers #455
Bugfixes#
- Remove ownerReferences from DB fields encryption secret to avoid garbage collection #467
Misc#
0.12.0 (2022-06-15)#
Features#
- Make no_log configurable #443
Bugfixes#
- Improve pulp status health check #447
0.11.1 (2022-06-09)#
Bugfixes#
0.11.0 (2022-06-02)#
Features#
- Upgrade to PostgreSQL 13 and add data migration logic #358
- Made Nginx, Gunicorn, HAproxy timeouts configurable #418
- The Pulp API can now be rerooted using the new
API_ROOT
setting. By default it is set to/pulp/
. Pulp appends the stringapi/v3/
onto the value ofAPI_ROOT
. #421
Bugfixes#
- Ensure Nginx
client_max_body_size
is correctly set #418 - Ensure content can be signed #426
- Fix restore when
deployment_name
is set #427
Misc#
0.10.1 (2022-05-18)#
Bugfixes#
- Set reconcile period to 0s to resolve issue with reconciliation loop not converging #385
- Patch container-auth secret creation to ensure the reconciliation loop converges #403
Deprecations and Removals#
- Revert #373 to ensure the reconciliation loop converges #403
0.10.0 (2022-05-12)#
Features#
- Add configurable timeout for pulp-api and pulp-content #390
- Add configurable workers for pulp-api and pulp-content #392
Bugfixes#
- Fix a reference to an incorrect variable in pulp-status role #388
- Provide default values for container registry #394
Misc#
0.9.0 (2022-04-27)#
Features#
- Modified image_pull_secret to allow users to provide multiple secrets. #343
- Implement the galaxy collection signing service #362
- Backup & restore the default signing service #366
- Enable backup for ReadWriteOnce access mode #380
Bugfixes#
- Fix backup/restore events #378
Misc#
0.8.0 (2022-03-14)#
Features#
- Add ability to configure extra args for postgres #344
- Add the ability to specify topologySpreadConstraints #345
- Allow service annotations not only for LoadBalancer type #346
- Support nodeSelector and tolerations #348
Bugfixes#
- Ensure the operator works with pre-defined TLS secret #354
0.7.1 (2022-02-22)#
Bugfixes#
- Made Redis optional when installing pulp #323
- Made Operator work with arbitrary namespaces #326
- Made web image and ingress to have the same max_body_size #330
- Fixed pulp-api and pulp-web liveness probes. #332
- Fixes TokenReview authentication #337
0.7.0 (2021-12-21)#
Features#
- Support cert-manager format on container token secret #313
- Enable Execution Environments by default #315
Bugfixes#
- Renamed services to avoid overwriting environment variables https://kubernetes.io/docs/concepts/services-networking/service/#environment-variables #309
0.6.1 (2021-12-09)#
Bugfixes#
- Mount
/var/lib/pulp/tmp
on pulp-content #299 - Raise resource limits for worker container to avoid OOMKill #302
- Raise resource limits for content container to avoid OOMKill #303
0.6.0 (2021-12-06)#
Bugfixes#
0.5.0 (2021-11-05)#
Features#
- Made request size limit configurable #227
- Ensure resource manager is not started for pulpcore >= 3.16 #231
- Set RELATED_IMAGE_ vars to enable disconnected deployments #232
Bugfixes#
- Image pull policy defaults to IfNotPresent #229
0.4.0 (2021-10-15)#
Features#
- Removed tags, registry, and projects so users can add images with custom registries and tags in image override #218
- Create or import a key for pulp-api to use when encrypting sensitive db fields #8730
- Enable new tasking system #9020
- Added support to override PosgreSQL sslmode #9421
Bugfixes#
- Ensure default storage for Postgres #221
Deprecations and Removals#
- Move from cluster-scoped operator model to namespace-scoped model #208
- Dropping OCP 4.6 support #9330
Misc#
0.3.0 (2021-07-14)#
Features#
- Enable container based database migration support #8472
- Enable backup of database and secrets associated with Pulp custom resource #8473
- Enable backup of storage associated with Pulp custom resource #8474
- Enable restore of deployment associated with Pulp custom resource backup #8513
- Add additional backup and restore flexibility to allow for restore from only a PVC #8630
- Allow user to specify the storage class for the Redis PVC #8877
Bugfixes#
- Allow user to specify empty string for PostgreSQL PVC storage class #8733
- Update nodeport templating in API and Content services #8810
- Fix collision on file_storage fact usage after pulp prefix cleanup #8832
- Fix Nodeport flow to create ports in standard range and only on the web service. Also allows node_ip discover based on where the pod is running. #8833
- Resolve Pulp status correctly when deployed in a separate namespace #8880
Improved Documentation#
- Document how to deploy Pulp on OpenShift #8836
Misc#
0.2.0 (2021-03-26)#
Features#
- Add deployment of nginx webserver with pulp snippets #5657
- Container building machinery for the operator #7171
- Enable the creation of Ingress or Route objects based on the specifications within the custom resource #8272
- Deploy postgres database using a secret to store configuration instead of it existing in the custom resource; allows credentials to be kept secret. #8289
- Enable the use of S3 compliant or Azure object storage as storage backend #8361
- Operator will provide information data via custom resource status object #8402
- Enable installation of operator using OLM catalog #8409
- Enable resource requirement specification for deployments and have operator check for running nodes and healthy status #8456
Bugfixes#
- Only build plugins from pulp org #7234
- Fix storage option check so that Azure Blob Storage can be used as a backend #8424
Misc#
Last update:
2023-11-24