Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add cert-manager-setup chart, make dex + traefik use cert-manager issued certificates #123

Merged
merged 14 commits into from
Sep 19, 2019

Conversation

timaa2k
Copy link

@timaa2k timaa2k commented Sep 12, 2019

No description provided.

@timaa2k timaa2k self-assigned this Sep 12, 2019
@timaa2k timaa2k added the wip label Sep 12, 2019
@timaa2k timaa2k added ready ready and removed wip labels Sep 13, 2019
Copy link
Contributor

@shaneutt shaneutt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor

@s12chung s12chung left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please let us know why we can't subchart the official one.

@timaa2k
Copy link
Author

timaa2k commented Sep 16, 2019

The official chart (stable in Helm) is no longer updated. The jetstack repo now contains the official latest version. This latest version requires to install CRDs manually before deploying with Helm. I've automated this step using the crd-install hook.
https://docs.cert-manager.io/en/release-0.10/getting-started/install/kubernetes.html#steps

Copy link

@hectorj2f hectorj2f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You will need to add - jetstack-charts=https://charts.jetstack.io to test/ct.yaml

Copy link

@hectorj2f hectorj2f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, add home: https://github.com/mesosphere/charts and maintainers list to the Chart.yaml to fix your latest issue in the CI build.

@timaa2k
Copy link
Author

timaa2k commented Sep 16, 2019

Thanks @hectorj2f I figured what was missing and it passes linting now :)

@timaa2k timaa2k removed the ci-issues label Sep 16, 2019
Copy link

@hectorj2f hectorj2f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Last comment for now, please add a README with the description of the properties for values.yaml as for other charts.

@hectorj2f
Copy link

The rest looks good to me despite of the necessity of finding a better solution for the sleep

hectorj2f
hectorj2f previously approved these changes Sep 16, 2019
s12chung
s12chung previously approved these changes Sep 16, 2019
@shaneutt shaneutt self-requested a review September 16, 2019 13:34
shaneutt
shaneutt previously approved these changes Sep 16, 2019
@hectorj2f hectorj2f added do not merge and removed ready ready labels Sep 16, 2019
@hectorj2f
Copy link

We're going to adapt this PR according to the changes agreed in the initial design doc.

@timaa2k timaa2k dismissed stale reviews from shaneutt, s12chung, and hectorj2f via 9e9a66e September 17, 2019 16:38
shaneutt
shaneutt previously approved these changes Sep 19, 2019
@timaa2k timaa2k changed the title Add cert-manager-setup chart Add cert-manager-setup chart, make dex + traefik use cert-manager issued certificates Sep 19, 2019
stable/dex/templates/certificate.yaml Outdated Show resolved Hide resolved
stable/dex/templates/certificate.yaml Outdated Show resolved Hide resolved
annotations:
"helm.sh/hook": pre-install
spec:
secretName: dex

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be configurable too

organization:
- Mesosphere
dnsNames:
- dex-kubeaddons

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be configurable, let's add it to values.yaml

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

staging/cert-manager-setup/templates/issuers.yaml Outdated Show resolved Hide resolved
staging/traefik/templates/certificate.yaml Show resolved Hide resolved
staging/traefik/templates/certificate.yaml Show resolved Hide resolved
@@ -174,7 +174,7 @@ spec:
{{- if and .Values.ssl.enabled (not .Values.ssl.upstream) }}
- name: ssl
secret:
secretName: {{ template "traefik.fullname" . }}-default-cert
secretName: traefik-certificate

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO we should enable to define this secret-name in values.yaml but this one is not a blocker

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hectorj2f hectorj2f merged commit a5ce5ad into dev Sep 19, 2019
@hectorj2f hectorj2f deleted the tweidner/add-cert-manager-setup branch September 19, 2019 15:40
joejulian added a commit that referenced this pull request Mar 9, 2020
Breaking Changes

* Changes the API group name for the fake VolumeSnapshot object to "snapshot.storage.k8s.io" to be in-sync with the group name of the real VolumeSnapshot object. As a result, the generated interfaces for clientset and informers of VolumeSnapshot are also changed from "VolumeSnapshot" to "Snapshot". (#123, @xing-yang)

New Features

* Adds Finalizer on the snapshot source PVC to prevent it from being deleted when a snapshot is being created from it. (#47, @xing-yang)

Other Notable Changes

* Add Status subresource for VolumeSnapshot. (#121, @zhucan)
* Cherry picks PR #138: Prebound snapshots will work correctly with CSI drivers that does not support ListSnasphots.(#156, @hakanmemisoglu)
* Cherry picks PR #172: Added extra verification of source PersistentVolumeClaim before creating snapshot.(#173, @xing-yang)
sebbrandt87 pushed a commit that referenced this pull request Mar 18, 2020
Breaking Changes

* Changes the API group name for the fake VolumeSnapshot object to "snapshot.storage.k8s.io" to be in-sync with the group name of the real VolumeSnapshot object. As a result, the generated interfaces for clientset and informers of VolumeSnapshot are also changed from "VolumeSnapshot" to "Snapshot". (#123, @xing-yang)

New Features

* Adds Finalizer on the snapshot source PVC to prevent it from being deleted when a snapshot is being created from it. (#47, @xing-yang)

Other Notable Changes

* Add Status subresource for VolumeSnapshot. (#121, @zhucan)
* Cherry picks PR #138: Prebound snapshots will work correctly with CSI drivers that does not support ListSnasphots.(#156, @hakanmemisoglu)
* Cherry picks PR #172: Added extra verification of source PersistentVolumeClaim before creating snapshot.(#173, @xing-yang)
hectorj2f pushed a commit that referenced this pull request Mar 19, 2020
* chore: update aws-ebs-csi-driver from 0.4.0 to 0.5.0

[Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)

filename  | sha512 hash
--------- | ------------
[v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) | `c53327e090352a7f79ee642dbf8c211733f4a2cb78968ec688a1eade55151e65f1f97cd228d22168317439f1db9f3d2f07dcaa2873f44732ad23aaf632cbef3a`
[v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) | `ec4963d34c601cdf718838d90b8aa6f36b16c9ac127743e73fbe76118a606d41aced116aaaab73370c17bcc536945d5ccd735bc5a4a00f523025c8e41ddedcb8`

* Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu))
* Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan))
* enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov))
* Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan))
* Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan))
* Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke))
* Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))

* Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto))
* Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty))
* Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))

* Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7))
* Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan))
* Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan))
* Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan))
* Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan))
* Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan))
* helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu))
* Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak))
* Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan))
* Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan))
* Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms))
* Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel))
* [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski))
* Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k))
* Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))

* bump chart version

* chore: bump liveness probe from 1.1.0 to 2.0.0

- Introduce V(5) on the health check begin/success log lines to allow filtering of these entries from logs. If you would like to retain these log entries the action required would be to set `-v==5` or higher for the livenessprobe container. ([#57](kubernetes-csi/livenessprobe#57), [@stefansedich](https://github.com/stefansedich))
- Deprecated "--connection-timeout" argument has been removed. ([#59](kubernetes-csi/livenessprobe#59), [@msau42](https://github.com/msau42))

- Fix nil pointer bug when driver responds with not ready ([#58](kubernetes-csi/livenessprobe#58), [@scuzhanglei](https://github.com/scuzhanglei))
- Migrated to Go modules, so the source builds also outside of GOPATH. ([#53](kubernetes-csi/livenessprobe#53), [@pohly](https://github.com/pohly))

* chore: bump csi external-provisioner from 1.3.0 to 1.4.0

All external-provisioner versions < 1.4.0 are deprecated and will stop
functioning in Kubernetes v1.20. See
[#323](kubernetes-csi/external-provisioner#323) and
[k/k#80978](kubernetes/kubernetes#80978) for more
details. Upgrade your external-provisioner to v1.4+ before Kubernetes v1.20.

None

- Fixes migration scenarios for Topology, fstype, and accessmodes for the kubernetes.io/gce-pd in-tree plugin ([#277](kubernetes-csi/external-provisioner#277), [@davidz627](https://github.com/davidz627))
- Checks if volume content source is populated if creating a volume from a snapshot source. ([#283](kubernetes-csi/external-provisioner#283), [@zhucan](https://github.com/zhucan))
- Fixes issue when SelfLink removal is turned on in Kubernetes. ([#323](kubernetes-csi/external-provisioner#323), [@msau42](https://github.com/msau42))
- CSI driver can return `CreateVolumeResponse` with size 0, which means unknown volume size.
In this case, Provisioner will use PVC requested size as PV size rather than 0 bytes ([#271](kubernetes-csi/external-provisioner#271), [@hoyho](https://github.com/hoyho))
- Fixed potential leak of volumes after CSI driver timeouts. ([#312](kubernetes-csi/external-provisioner#312), [@jsafrane](https://github.com/jsafrane))
- Fixes issue where provisioner provisions volumes for in-tree PVC's which have not been migrated ([#341](kubernetes-csi/external-provisioner#341), [@davidz627](https://github.com/davidz627))
- Send the CSI volume_id instead of  PVC Name to the csi-driver in volumeCreate when datasource  is PVC ([#310](kubernetes-csi/external-provisioner#310), [@Madhu-1](https://github.com/Madhu-1))
- Fixes nil pointer derefence in log when migration turned on ([#342](kubernetes-csi/external-provisioner#342), [@davidz627](https://github.com/davidz627))
- Handle deletion of CSI migrated volumes ([#273](kubernetes-csi/external-provisioner#273), [@ddebroy](https://github.com/ddebroy))
- Reduced logging noise of unrelated PVCs. Emit event on successful provisioning. ([#351](kubernetes-csi/external-provisioner#351), [@jsafrane](https://github.com/jsafrane))
- Added extra verification of source Snapshot and PersistentVolumeClaim before provisioning. ([#352](kubernetes-csi/external-provisioner#352), [@jsafrane](https://github.com/jsafrane))

* chore: bump attacher

* Fixed handling of ControllerUnpublish errors. The attacher will retry to ControllerUnpublish a volume after any error except for NotFound. (#168, @jsafrane)

* bump external-snapshotter from 1.1.0 to 1.2.2

Breaking Changes

* Changes the API group name for the fake VolumeSnapshot object to "snapshot.storage.k8s.io" to be in-sync with the group name of the real VolumeSnapshot object. As a result, the generated interfaces for clientset and informers of VolumeSnapshot are also changed from "VolumeSnapshot" to "Snapshot". (#123, @xing-yang)

New Features

* Adds Finalizer on the snapshot source PVC to prevent it from being deleted when a snapshot is being created from it. (#47, @xing-yang)

Other Notable Changes

* Add Status subresource for VolumeSnapshot. (#121, @zhucan)
* Cherry picks PR #138: Prebound snapshots will work correctly with CSI drivers that does not support ListSnasphots.(#156, @hakanmemisoglu)
* Cherry picks PR #172: Added extra verification of source PersistentVolumeClaim before creating snapshot.(#173, @xing-yang)

* bump external-resizer from 0.2.0 to 0.4.0

New Features

* Add prometheus metrics to CSI external-resizer under the /metrics endpoint. This can be enabled via the "--metrics-address" and "--metrics-path" options. (#67, @saad-ali)

Bug Fixes

* Avoid concurrent processing of same PVCs (#6, @mlmhl)
* Exit on CSI gRPC conn loss (#55, @ggriffiths)
* Verify claimref associated with PVs before resizing (#57, @gnufied)

Other Notable Changes

* Migrated to Go modules, so the source builds also outside of GOPATH. (#60, @pohly)

* feat(awsebscsiprovisioner): updated awsebscsiprovisioner flags

- updated args as mentioned in comments
- updated container versions as mentioned in the comments

D2IQ-64990 #comment updated awsebscsiprovisioner pod arg

* feat(awsebscsiprovisioner): added podAnnotations

- added statefulSet.podAnnotations feature
- added new roles and snapshotter-controller
- added more values to be setable

D2IQ-64992 #comment updated awsebscsiprovisioner to include statefulSet.podAnnotations

* fix: added replacing system-x-critial replacement

- this was added for being able to run the ct install / upgrade behaviour
so that we also can test with that priorityClassName set pods, that normally get a
system-node critial or system-cluster-critical priorityClassName set.
These only will be allowed to run in namespace kube-system and that for
we need to drop the priorityClassName here to null for our tests.
- separated lint and install, as otherwise lint would fail because of the sed changes
- exclude gcp-csi-driver [D2IQ-65765]

[D2IQ-65765]: https://jira.d2iq.com/browse/D2IQ-65765

Co-authored-by: Sebastian Brandt <793580+sebbrandt87@users.noreply.github.com>
mesosphere-teamcity pushed a commit that referenced this pull request Mar 19, 2020
…bs-csi-driver from 0.4.0 to 0.5.0 [Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)  filename  | sha512 hash --------- | ------------ [v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) |  [v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) |   * Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu)) * Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan)) * enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov)) * Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan)) * Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan)) * Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke)) * Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))  * Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto)) * Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty)) * Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))  * Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7)) * Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan)) * Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan)) * Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan)) * Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan)) * Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan)) * helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu)) * Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak)) * Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan)) * Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan)) * Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms)) * Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel)) * [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski)) * Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k)) * Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))  * bump chart version  * chore: bump liveness probe from 1.1.0 to 2.0.0  - Introduce V(5) on the health check begin/success log lines to allow filtering of these entries from logs. If you would like to retain these log entries the action required would be to set  or higher for the livenessprobe container. ([#57](kubernetes-csi/livenessprobe#57), [@stefansedich](https://github.com/stefansedich)) - Deprecated --connection-timeout argument has been removed. ([#59](kubernetes-csi/livenessprobe#59), [@msau42](https://github.com/msau42))  - Fix nil pointer bug when driver responds with not ready ([#58](kubernetes-csi/livenessprobe#58), [@scuzhanglei](https://github.com/scuzhanglei)) - Migrated to Go modules, so the source builds also outside of GOPATH. ([#53](kubernetes-csi/livenessprobe#53), [@pohly](https://github.com/pohly))  * chore: bump csi external-provisioner from 1.3.0 to 1.4.0  All external-provisioner versions < 1.4.0 are deprecated and will stop functioning in Kubernetes v1.20. See [#323](kubernetes-csi/external-provisioner#323) and [k/k#80978](kubernetes/kubernetes#80978) for more details. Upgrade your external-provisioner to v1.4+ before Kubernetes v1.20.  None  - Fixes migration scenarios for Topology, fstype, and accessmodes for the kubernetes.io/gce-pd in-tree plugin ([#277](kubernetes-csi/external-provisioner#277), [@davidz627](https://github.com/davidz627)) - Checks if volume content source is populated if creating a volume from a snapshot source. ([#283](kubernetes-csi/external-provisioner#283), [@zhucan](https://github.com/zhucan)) - Fixes issue when SelfLink removal is turned on in Kubernetes. ([#323](kubernetes-csi/external-provisioner#323), [@msau42](https://github.com/msau42)) - CSI driver can return  with size 0, which means unknown volume size. In this case, Provisioner will use PVC requested size as PV size rather than 0 bytes ([#271](kubernetes-csi/external-provisioner#271), [@hoyho](https://github.com/hoyho)) - Fixed potential leak of volumes after CSI driver timeouts. ([#312](kubernetes-csi/external-provisioner#312), [@jsafrane](https://github.com/jsafrane)) - Fixes issue where provisioner provisions volumes for in-tree PVC's which have not been migrated ([#341](kubernetes-csi/external-provisioner#341), [@davidz627](https://github.com/davidz627)) - Send the CSI volume_id instead of  PVC Name to the csi-driver in volumeCreate when datasource  is PVC ([#310](kubernetes-csi/external-provisioner#310), [@Madhu-1](https://github.com/Madhu-1)) - Fixes nil pointer derefence in log when migration turned on ([#342](kubernetes-csi/external-provisioner#342), [@davidz627](https://github.com/davidz627)) - Handle deletion of CSI migrated volumes ([#273](kubernetes-csi/external-provisioner#273), [@ddebroy](https://github.com/ddebroy)) - Reduced logging noise of unrelated PVCs. Emit event on successful provisioning. ([#351](kubernetes-csi/external-provisioner#351), [@jsafrane](https://github.com/jsafrane)) - Added extra verification of source Snapshot and PersistentVolumeClaim before provisioning. ([#352](kubernetes-csi/external-provisioner#352), [@jsafrane](https://github.com/jsafrane))  * chore: bump attacher  * Fixed handling of ControllerUnpublish errors. The attacher will retry to ControllerUnpublish a volume after any error except for NotFound. (#168, @jsafrane)  * bump external-snapshotter from 1.1.0 to 1.2.2  Breaking Changes  * Changes the API group name for the fake VolumeSnapshot object to snapshot.storage.k8s.io to be in-sync with the group name of the real VolumeSnapshot object. As a result, the generated interfaces for clientset and informers of VolumeSnapshot are also changed from VolumeSnapshot to Snapshot. (#123, @xing-yang)  New Features  * Adds Finalizer on the snapshot source PVC to prevent it from being deleted when a snapshot is being created from it. (#47, @xing-yang)  Other Notable Changes  * Add Status subresource for VolumeSnapshot. (#121, @zhucan) * Cherry picks PR #138: Prebound snapshots will work correctly with CSI drivers that does not support ListSnasphots.(#156, @hakanmemisoglu) * Cherry picks PR #172: Added extra verification of source PersistentVolumeClaim before creating snapshot.(#173, @xing-yang)  * bump external-resizer from 0.2.0 to 0.4.0  New Features  * Add prometheus metrics to CSI external-resizer under the /metrics endpoint. This can be enabled via the --metrics-address and --metrics-path options. (#67, @saad-ali)  Bug Fixes  * Avoid concurrent processing of same PVCs (#6, @mlmhl) * Exit on CSI gRPC conn loss (#55, @ggriffiths) * Verify claimref associated with PVs before resizing (#57, @gnufied)  Other Notable Changes  * Migrated to Go modules, so the source builds also outside of GOPATH. (#60, @pohly)  * feat(awsebscsiprovisioner): updated awsebscsiprovisioner flags  - updated args as mentioned in comments - updated container versions as mentioned in the comments  D2IQ-64990 #comment updated awsebscsiprovisioner pod arg  * feat(awsebscsiprovisioner): added podAnnotations  - added statefulSet.podAnnotations feature - added new roles and snapshotter-controller - added more values to be setable  D2IQ-64992 #comment updated awsebscsiprovisioner to include statefulSet.podAnnotations  * fix: added replacing system-x-critial replacement  - this was added for being able to run the ct install / upgrade behaviour so that we also can test with that priorityClassName set pods, that normally get a system-node critial or system-cluster-critical priorityClassName set. These only will be allowed to run in namespace kube-system and that for we need to drop the priorityClassName here to null for our tests. - separated lint and install, as otherwise lint would fail because of the sed changes - exclude gcp-csi-driver [D2IQ-65765]  [D2IQ-65765]: https://jira.d2iq.com/browse/D2IQ-65765  Co-authored-by: Sebastian Brandt <793580+sebbrandt87@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants