Skip to content

v2.8.0
Compare
Choose a tag to compare
@matthchr matthchr released this 25 Jun 16:27
· 183 commits to main since this release
v2.8.0
38446a3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Release notes

Breaking changes

Use "never" rather than "" to prevent syncing for AZURE_SYNC_PERIOD

The documentation always said that an AZURE_SYNC_PERIOD of "" meant to use the default value (15m), but
in actuality in the code "" meant never sync. This corrects the behavior to be as documented. After this release,
the behavior is as follows:

AZURE_SYNC_PERIOD Meaning
omitted/not set Use default value (15m)
"" Use default value (15m)
"never" Do not sync

If you intend to prevent ASO from periodically syncing with Azure, set AZURE_SYNC_PERIOD to "never".
For more information, see #3965.

containerservice.azure.com ManagedCluster property .spec.properties.windowsProfile.adminPassword is now a secret reference rather than a string

The spec.properties.windowsProfile.adminPassword on ManagedCluster has been changed from a string to a
SecretReference.
We try to avoid breaking changes, but in this case, allowing raw passwords in the spec is a security
problem and as such we've decided to make a break to correct this issue.
Action required: If the containerservice.azure.com/ManagedCluster resource is used in your cluster
and the spec.properties.windowsProfile.adminPassword property is set, follow the steps in the
breaking changes document

Upcoming Breaking changes

v20230202preview ManagedCluster will be removed, due to underlying Azure API version deprecation

Other versions will continue to be supported. We recommend you move to use a different CRD version to avoid
seeing errors from Azure due to the 2023-02-02-preview API being deprecated.

New resources

  • Support new API version of DocumentDB resources (#3967)
  • Support Prom Rule groups and Azure Monitor accounts (workspaces) (#4052)
  • Support for RoleDefinition resource (#4067)
  • Support new AKS preview API version 2024-04-02-preview (#4086)

Features

  • Support multiple clouds in asoctl (#4033)
  • Support to specify image pull secrets in ASOv2 helm chart (#4116)
  • Expose default primary PrivateEndpoint PrivateIpAddress (#4107)

Improvements

  • Updated numerous Golang dependencies
  • Update local tests and CI tests to use az login token or managed identity, not service principal (#4003)

Bug fixes

  • Fix bug where AZURE_USER_AGENT_SUFFIX was not getting set (#4011)
  • Fix bug where AZURE_SYNC_PERIOD "" meant "never sync" when it should have meant "use the default sync period" (see also the breaking changes) (#4049)
  • Fix bug where ManagedCluster WindowsProfile password was a string (see also the breaking changes) (#4091)
  • Fix bug where asoctl wasn't case-correcting enums when it should have been (#4109)
  • Fix bug where asoctl would sometimes copy the wrong value between two properties with the same name if they were flattened, such as .type and .properties.type (#4108)

Documentation

  • Improve secret rotation documentation, based on user pattern (#4110)

Full Changelog: v2.7.0...v2.8.0

Assets 11
Loading