0.13.0

triskaidekaphobia
/ˌtrɪskʌɪdɛkəˈfəʊbɪə/
noun

1. an irrational or disproportionate fear of the number thirteen

What's Changed

🚨 Breaking changes

• This release brings several improvements in the definitions of the statefulset and pod resources backing the app workload. This means that all workload pods will be restarted after an upgrade. Use caution and upgrade in a maintenance window.
• Gateway API v1.1.0 contains a breaking change. According to their guide the existing BackendTLSPolicy resource definition should be deleted before installing the new version. This should not affect Korifi as we are not using BackendTLSPolicy, but might affect other software running on your cluster.

Partial Managed Services Support

• This is an experimental feature. It is disabled by default. To enable it set the experimental.managedServices.enabled flag to true
• Future releases might contain incompatible changes with regards to managed services
• Supported commands so far:
  • cf create-service-broker
  • cf update-service-broker
  • cf service-brokers
  • cf delete-service-broker
  • cf service-access
  • cf enable-service-access
  • cf disable-service-access
  • cf marketplace
  • cf create-service
  • cf services
  • cf delete-service
• Some limitations:
  • Space scoped brokers are not supported
  • Space plan visibility is not supported

Bug Fixes

• Fix BuildWorkload getting stuck in failed status (thanks @pbusko)
• Fix pushing apps with latest cf CLI

Misc

• Documentation improvements (thanks @benjaminguttmann-avtq @FloThinksPi @marsteg)
• Use topology spread constraint instead of pod affinity in workload statefulsets (thanks @modulo11, @c0d1ngm0nk3y)
• Korifi's Gateway ports and infrastructure are now configureable (thanks @pbusko)
• Multi-arch builds for local development are now supported (thanks @pbusko)
• Use the Kubernetes downward API to set CF_INSTANCE_INDEX environment variable (thanks @pbusko)
• Adopt go-functional (thanks @BooleanCat)
• cf restart-app-instance command now works (thanks @marsteg)
• The statefulsetRunnerTemporarySetPodSeccompProfile and jobTaskRunnerTemporarySetPodSeccompProfile flags have been removed and the pod security context is now unconditionally setting the seccomp profile to RuntimeDefault. This allows for better support of Istio CNI.

Full Changelog: v0.12.0...v0.13.0

⚒️ Ready to try it? See the install instructions!

0.12.0

What's Changed

CF API improvements

• More API endpoints supported:
  • GET /v3/info is supported (#2914 - thanks @gogolok)
  • Stub GET /v3/apps/:guid/features/:name (#2357 - thanks @marsteg)
  • Initial support for GET /v3/apps/:guid/processes/:type/stats (#2340 - thanks @gogolok)
• Improved support for services in manifest (#3050), both formats are now supported:

services:
  - my_service
  - name: your_service

• Trailing slashes in the request URLs are accepted (#2749 - thanks @alperdedeoglu)
• Objects for user-provided services credentials are now supported (#2900)
• MEMORY_LIMIT and CF_INSTANCE_PORTS environment variables are now available to applications (#3081 and #3229 - thanks @marsteg)
• CF CLI 8.7.8+ now supported (#3142)
• Application restart is now synchronous (#3036)
• Uppercase characters now allowed in routes (#3210 - thanks @marsteg)
• Lower case memory limit units is now supported in manifests (#3231 - thanks @marsteg)
• Pre-release CF CLI versions is now allowed (#3255 - thanks @gogolok)

Korifi custom resources improvements

• The following Korifi custom resources now have a Ready condition (by setting the Ready condition, Korifi signals that the resource is reconciled and usable; interested parties could wait on that condition to ensure they are not getting an inconsistent state):
  • CFDomain
  • CFRoute
  • CFServiceBinding
  • CFServiceInstance
  • CFApp
  • CFOrg
  • CFSpace
  • CFPackage
  • CFProcess
  • CFTask
  • AppWorkload
• CFRoute's Valid and Invalid status conditions have been removed in favour of the Ready condition

Misc

• Improved Istio support (#3156 - thanks @shanman190)
• Node selectors and tolerations can be configured for Korifi API and controllers deployments (#3308 - thanks @panevpla)
• Kind installer now uses contour dynamic provisioning
• Documentation improvements (thanks @spgreenberg, @beyhan)
• Dependencies bumped to latest

Full Changelog: v0.11.0...v0.12.0

⚒️ Ready to try it? See the install instructions!

0.11.0

What's Changed

• Korifi ingress (both api and workloads) is now leveraging the Gateway API.
  • This means that it is now possible to deploy Korifi against any Gateway API compatible ingress controller.
  • The api.expose and contourRouter.include helm values have become redundant so they are removed from the chart.
• The VCAP_APPLICATION env var attributes now include uris and application_uris. Thanks @szeort

⚠️ Warning

• Enabling the Gateway API in Contour requires a restart of the Contour deployment. This causes a short period of downtime for the Korifi API and workloads. Once Contour is up and running all existing applications will imediately be reachable on the same routes.
• Contour supports the Gateway API since v1.22.0
• Websocket support in Contour's Gateway API mode is available since Contour v1.26. It is possible to use older Contour versions, but websockets won't work.

🚨 Breaking changes

• A new required networking.gatewayClass helm value has been introduced to the chart as part of enabling the Gateway API

Full Changelog: v0.10.0...v0.11.0

⚒️ Ready to try it? See the install instructions!

0.10.0

What's Changed

• Hassle-free Korifi installer for kind clusters (thanks @beyhan for feedback and testing)
• New systemImagePullSecrets helm value to enable pulling korifi system images from private registries.
• Improve documentation of known differences with CF-for-VMs (thanks @beyhan)

Full Changelog: v0.9.0...v0.10.0

⚒️ Ready to try it? See the install instructions!

0.9.0

What's Changed

• Support pushing docker images: more info in the docs
• The default clusterbuilder stack is updated to Ubuntu Jammy Jellyfish
• Fix: Not all contour resources get turned off causing the deployment to fail (thanks @a2geek)
• Make the helm jobs image configurable (thanks @wanddynosios)

🚨 Breaking changes

• The global section in the helm values has been removed. All values that used to be there are now top-level ones. See README.helm.md
• The helm value api.lifecycle.stagingRequirements has been moved to stagingRequirements
• Removed redundant helm value api.builderName in favour of reconcilers.build

Full Changelog: v0.8.1...v0.9.0

⚒️ Ready to try it? See the install instructions!

0.8.1

What's Changed

• Fix a bug in CFOrg deletion job that was preventing it from waiting for the org to get fully deleted (#2702)
• Fix a bug that would make app deletion block if its referenced domain is already deleted (#2707)
• Improve INSTALL.kind.md (#2710)

Full Changelog: v0.8.0...v0.8.1

⚒️ Ready to try it? See the install instructions!

Korifi 0.8.0

What's Changed

• Leverage Kpack's build caching by using a single kpack.Image per app. This will make most app pushes much faster!
• Allow buildpack selection via cf push -b. Given we still don't support buildpack management, the only selectable buildpacks are the ones already present in your kpack.ClusterStore.
• Support custom labels for User-provided Service Instances. This will make them more useful with frameworks like Spring.
• Support --strategy=rolling for cf push, restart and restage. This will only work for apps pushed to Korifi v0.8 or newer, make sure you run a regular cf restart to enable it on your existing apps.
• Implement the get default domain endpoint for orgs.
• Implement jobs for all delete operations. The CLI will now wait until deletions are complete, instead of always returning immediately.
• Support updating an app name, its lifecycle.data.buildpacks and lifecycle.data.stack.
• More configuration options:
  • kpackImageBuilder.builderReadinessTimeout to configure the grace period for builder readiness;
  • api.lifecycle.stagingRequirements.buildCacheMB to configure the size of the build cache;
  • global.containerRegistrySecretNames now supports multiple secrets.
• Fix INSTALL.kind.md (thanks @beyhan!)

Full Changelog: v0.7.1...v0.8.0

⚒️ Ready to try it? See the install instructions!

Korifi 0.7.1

What's Changed

• This fixes a bug which caused the list of orgs returned by /v3/orgs to be incorrect in some circumstances.
• The /v3/apps/<guid>/packages handler is not supported (#2371). Thanks @saffronjam!

New Contributors

• @saffronjam made their first contribution in #2371

Full Changelog: v0.7.0...v0.7.1

Korifi 0.7.0

What's Changed

• We have improved our logging by making sure that each log message is emitted at the appropriate level (#2244) and making the log level configurable (#2181, #2266).
• Labels and annotations are now supported on all our resources.
• Korifi will now do its best to clean up its unused resources. In particular:
  • the deletion of any package or build/droplet will result in the deletion of the corresponding container image, when possible (#2257, #2284);
  • only a configurable number of packages and builds/droplets will be maintained in the system per app (#2278, #2316, #2331).
• Service accounts can now be used as Korifi users (#2295).
• VCAP_APPLICATION will now be available to apps running on Korifi (#2187), and it's possible to add custom extra values to it (#2198).
• We now support the cf unset-org-role and cf unset-space-role commands (#2106, #2113, #2117).
• Our 404 Not Found errors now comply with the Cloud Foundry error format and will be correctly handled by the CLI (#2346).
• We support multiple apps in manifests (#2118).
• We fixed bugs causing unnecessary app restarts (#2133) and task reruns (#2134).

New Contributors

• @eghobo made their first contribution in #2105
• @kei-yamazaki made their first contribution in #2130
• @spgreenberg made their first contribution in #2165
• @wanddynosios made their first contribution in #2199

Full Changelog: v0.6.0...v0.7.0

⚒️ Ready to try it? See the install instructions!

Korifi 0.6.0

What's Changed

• We now support the use of alternative ingress controllers! See #2046, #2048 and #2073 for details.
• We have reduced our footprint by combining all our controllers into a single container image (see #2052).
• We have introduced the new global.containerRegistryCACertSecret Helm value to improve support for container registries with custom CAs (see #1967).
• We now include memory and disk quotas in process stats.
• We now support any org or space name that is considered valid by traditional Cloud Foundry.
• We have reworked our HTTP layer to get rid of the deprecated gorilla dependency and replace it with chi.

Full Changelog: v0.5.0...v0.6.0

⚒️ Ready to try it? See the install instructions!