0.87.1 / 2023-11-01
- fixed a
Controller
issue with reconciliation requests disappearing when usingconcurrency
#1324 - improved
Client
with better exec auth behaviour #1320, timeout control #1314, and socks5 proxy handling #1311 - small changes to an unstable streams feature #1304, and a a derive property that is now illegal with
syn
2 #1307
Big thanks to everyone involved 🎃
- Feature-flagged support for
socks5
proxy inClient
by @Razz4780 in kube-rs#1311 - Add example for raw API Server requests by @mateiidavid in kube-rs#1330
- Document
Controller::reconcile_on
and removeErr
input requirement by @clux in kube-rs#1304 - Bump
base64
to0.21
by @clux in kube-rs#1308 - Upgrade
darling
andsyn
and rename#[kube(struct)]
by @clux in kube-rs#1307
- Fixed
KUBERNETES_EXEC_INFO
environment variable passed to auth plugins by @Razz4780 in kube-rs#1320 - Fix
Controller
: pending messages are stuck in thescheduled
map by @co42 in kube-rs#1324 - Set a default write timeout by @alex-hunt-materialize in kube-rs#1314
Full Changelog: https://github.com/kube-rs/kube/compare/0.86.0...0.87.1 0.86.0 / 2023-09-08
Please note upstream api removals. As usual, upgrade k8s-openapi along with kube to avoid issues.
With last year's upstream changes from rustls (closing all our existing rustls issues - see kube-rs#1192), this is now the better choice for security, features, and ease of building. The previous default openssl stack can still be used with default-features = false
plus the openssl-tls
feature.
A controller Config
has been added to allow tweaking two behaviour parameters (debouncing in #1265 and concurrency limits in #1277) of the Controller
. Huge thanks to @aryan9600 for his work.
The sendInitialEvents
alpha feature is now supported, and is quickly testable in the pod_watcher example when using the feature gate. This will help optimise the memory profile of controllers when the feature becomes generally available. Amazing work by first time contributor @casualjim.
- add
controller::Config
and debounce period to scheduler by @aryan9600 in kube-rs#1265 - adds watch-list implementation without breaking changes by @casualjim in kube-rs#1255
- allow configuring controller's concurrency by @aryan9600 in kube-rs#1277
- Change default TLS stack to
rustls-tls
by @clux in kube-rs#1261 - Bump k8s-openapi to 0.20.0 by @clux in kube-rs#1291
core
: omit invalid resource version parameters when doing paged requests by @goenning in kube-rs#1281
0.85.0 / 2023-08-06
- Add
WatchStreamExt::reflect
to allow chaining on a reflector by @clux in kube-rs#1252 - Implement ephemeral containers subresource by @jmintb in kube-rs#1153
- Swap
dirs-next
dependency to cargo-team maintainedhome
crate by @utkarshgupta137 in kube-rs#1207 - Upgrade
k8s-openapi
to0.19.0
forv1_27
support by @clux in kube-rs#1271
watcher
: returnNoResourceVersion
error if resource version is empty by @aryan9600 in kube-rs#1259- Update the
scheduler
message when preponing by @nightkr in kube-rs#1260
0.84.0 / 2023-07-14
On the runtime
side, the Controller
now delays reconciles until the main Store
is ready (via a new Store
helper from #1243). The stream selection for owned resources is more efficient (#1240), and the underlying watcher
streams now all paginate (#1249). There are also many new WatchStreamExt
helpers ( #1246 + #1228 + #1232) as a continued work towards the more customisable streams-api (#1080).
On the client-side; streaming logs are now easier to deal with as an AsyncBufRead
#1235.
Optional OIDC refreshable token support was introduced in #1229 under kube/oidc
for out-of-cluster Client
configuration. Previously, refresh support was limited to non-OIDC tokens from the GcpOuth
provider (kube/oauth
) or through arbitrary exec
calls / TokenFile
loading.
- Add
Predicate
trait to allow combination + fallbacks by @clux in kube-rs#1228 - Added refreshing OIDC ID token as an optional feature by @Razz4780 in kube-rs#1229
- Add
WatchStreamExt::default_backoff
shorthand by @clux in kube-rs#1232 - Derive
PartialEq
oncore
params structs by @danrspencer in kube-rs#1237 - Track store readiness by @nightkr in kube-rs#1243
- Add
WatchStreamExt::modify()
to modify events by @aryan9600 in kube-rs#1246 - Add default pagination to
watcher
by @clux in kube-rs#1249
- Bump MSRV from 1.63 to 1.64 by @clux in kube-rs#1233
- Change
Api::log_stream
to returnAsyncBufRead
by @aryan9600 in kube-rs#1235
- Make
Controller::owns
usemetadata_watcher
internally by @clux in kube-rs#1240
0.83.0 / 2023-06-05
- Add
Controller::reconcile_on
by @co42 in kube-rs#1163 - Add
predicates::resource_version
by @clux in kube-rs#1221 - add
Duration
tokube-core
by @hawkw in kube-rs#1224
- Introduce
GetParams
support by @mateiidavid in kube-rs#1214
- Swap
validator
forgarde
by @mateiidavid in kube-rs#1212 - fix:
#[kube(crates(serde = "some_crate::serde"))]
was not working by @chubei in kube-rs#1215
0.82.2 / 2023-04-19
Two fixes to allow watcher::Config
to function as intended.
runtime::watcher
: only set rv if semantic is any by @goenning in kube-rs#1204watcher::Config
: DeriveClone
+Debug
+PartialEq
by @clux in kube-rs#1206
Full Changelog: https://github.com/kube-rs/kube/compare/0.82.1...0.82.2 0.82.1 / 2023-04-14
nullable
is re-instated on Option
types from CustomResource
generated schemas, due to unintended errors removing it caused on Api::patch
calls on None
members that were not setting #[serde(skip_serializing_if = "Option::is_none")]
. This only affected 0.81 and 0.82 from last week, and does not require user action regardless of where you are upgrading from.
This release also fixes a metadata_watcher
triggering deserialization error from doing Api::list_metadata
on an empty set.
- Fix
WatchParams
bookmarks forwatch_metadata
by @clux in kube-rs#1193 - Fix
ObjectList
not deserializingitems: null
by @suryapandian in kube-rs#1199 - Revert "kube-derive: Disable
option_nullable
for CRD generation" by @Dav1dde in kube-rs#1201
0.82.0 / 2023-04-08
This release brings in the new k8s-openapi
release.
Be sure to upgrade k8s-openapi
and kube
simultaneously to avoid multiple version errors:
cargo upgrade -p k8s-openapi -p kube -i
- Bump
serde_yaml
to 0.9 by @clux in kube-rs#1188 - Bump
k8s-openapi
to 0.18.0 by @clux in kube-rs#1190
Full Changelog: https://github.com/kube-rs/kube/compare/0.81.0...0.82.0 0.81.0 / 2023-04-07
One big change is the splitting of ListParams
into ListParams
and WatchParams
in #1162 and #1171. If you were using api.list
directly, this should not affect you, but api.watch
calls will need a replace of ListParams
to WatchParams
. Apart from the resulting field splitting, the two structs still have a mostly compatible api.
If you were passing ListParams
to watcher
, you can change this for a new watcher::Config
with a mostly compatible interface:
- let stream = watcher(api, ListParams::default());
+ let stream = watcher(api, watcher::Config::default());
The reason for this change has been to add support for specific version match strategies and has new builders on both ListParams
and watcher::Config
to control the strategy. Using the new VersionMatch::NotOlderThan
can reduce strain on the apiserver for individual api.list
calls. Watchers will benefit the most from this, and should consider using the semantic Any
strategy (= NotOlderThan
with version "0") on all relists by setting watcher::Config::any_semantic()
.
This release closes all our rustls issues as a consequence of the long standing IP address incompatibility (#153) having been resolved upstream. All rustls
specific overrides (such as using the deprecated incluster_dns
strategy for configuration #1184) have been removed as a result.
Multiple new runtime
features have been added to be able to more precisely control the input streams used by Controller
a starting step towards stream sharing (#1080) and as a way to reduce excess input events. Because these interfaces are likely to remain in flux for some time, these are only available under unstable feature flags.
- Add
predicates
to allow filteringwatcher
streams by @clux in kube-rs#911 - Add
Controller::owns_stream
by @Dav1dde in kube-rs#1173 - Add
Controller::for_stream
+Controller::watches_stream
by @clux in kube-rs#1187
- Split
ListParams
andWatchParams
by @nabokihms in kube-rs#1162 - Make
VersionMatch
follow upstream + configure list semantics inwatcher::Config
by @clux in kube-rs#1171 - kube-derive: Disable
option_nullable
for CRD generation by @Dav1dde in kube-rs#1079
- Run
rustls
CI against IP cluster address by @clux in kube-rs#1183 - Fix: tower buffer's worker closed unexpectedly by @divinerapier in kube-rs#1185
- Avoid special
Config::incluster
behavior forrustls
by @clux in kube-rs#1184
0.80.0 / 2023-03-02
The PartialObjectMeta
struct has been changed to allow static dispatch through a new generic parameter. It comes with a new PartialObjectMetaExt
trait to help construct it.
Early release for the above change to the new metadata api, plus a trigger for our currently broken docs.rs.
- Genericize
PartialObjectMeta
over the underlyingResource
by @clux in kube-rs#1152
- Bypass nightly ICE in docs build by @clux in kube-rs#1155
Full Changelog: https://github.com/kube-rs/kube/compare/0.79.0...0.80.0 0.79.0 / 2023-02-23
A big feature this time around is the added support for the metadata api via #1137. This is a variant api that only returns the ObjectMeta
and TypeMeta
to reduce network load, and has a low-level watch analogue available at Api::watch_metadata
. Most users will generally want an infinite watch stream rather than the low-level method, so kube::runtime::metadata_watcher
has been added as a direct analogue of watcher
via #1145. The dynamic_watcher example shows how to switch between the two to get up and running.
The watcher
also emits warnings now when HTTP 403
s are encountered from Kubernetes, as this usually indicates a non-transient misconfiguration that must be fixed on the administrator side with RBAC.
Finally, there is work in progress on shared streams via WatchStreamExt
from #1131 under an unstable feature.
- Client: expose
default_namespace()
by @jpmcb in kube-rs#1123 - Add support for metadata API by @mateiidavid in kube-rs#1137
- Runtime: Add
WatchStreamExt::subscribe
by @danrspencer in kube-rs#1131 - Introduce support for persistent metadata watches by @mateiidavid in kube-rs#1145
- Bump Rust MSRV to 1.63.0 by @mateiidavid in kube-rs#1146
Config
: make cluster/users/clusters optional by @goenning in kube-rs#1120- Add better logging for watcher errors by @clux in kube-rs#1134
- kubeconfig: deserialize null vectors as default by @goenning in kube-rs#1142
0.78.0 / 2023-01-06
This release brings in the new k8s-openapi
release for 1.26
structs, and sets our MK8SV to 1.21
.
Be sure to upgrade k8s-openapi
and kube
simultaneously to avoid multiple version errors:
cargo upgrade -p k8s-openapi -p kube -i
- reflector: add helper function to the
Store
by @eliad-wiz in kube-rs#1111
- Bump
[email protected]
and MK8SV by @clux in kube-rs#1116
- Remove deprecated
Config::timeout
by @clux in kube-rs#1113
- fix shell exec exiting message loop when terminalSizeReceiver is dropped by @erebe in kube-rs#1112
0.77.0 / 2022-12-15
This release saw numerous improvements across various parts of the codebase with lots of help from external contributors. Look for improvements in error handling, client exec behaviour, dynamic object conversion, certificate handling, and last, but not least; lots of enhancements in the config
module. Huge thanks to everyone who contributed!
Kubeconfigs relying on ExecConfig
for auth should now work with a lot more cases (with improvements to script interactivity, cert passing, env-drop, and windows behaviour). We further aligned our Kubeconfig
parsing with client-go's behaviour, and also exposed Kubeconfig::merge
. Finally, we now pass Config::tls_server_name
through to the Client
, which has let us include a better rustls workaround for the long-standing ip issue (enabled by default).
- Add
DynamicObjects::try_parse
for typed object conversion by @jmintb in kube-rs#1061 - Add
ExecConfig::drop_env
to filter host evars for auth providers by @aviramha in kube-rs#1062 - Add support for terminal size when executing command inside a container by @armandpicard in kube-rs#983
- add cmd-drop-env to AuthProviderConfig by @aviramha in kube-rs#1074
- Check for client cert with exec by @rcanderson23 in kube-rs#1089
- Change
Kubeconfig::merge
fn to public. by @goenning in kube-rs#1100 - Fix interactivity in auth exec by @armandpicard in kube-rs#1083
- [windows] skip window creation on auth exec by @goenning in kube-rs#1095
- Add
Config::tls_server_name
and validate when using rustls by @clux in kube-rs#1104
- Remove deprecated
ResourceExt::name
by @clux in kube-rs#1105
- Bump tracing dependency to 0.1.36 by @teozkr in kube-rs#1070
- Improve error message on azure auth not being supported by @goenning in kube-rs#1082
- exec: ensure certs always end with a new line by @goenning in kube-rs#1096
- fix: align kube-rs with client-go config parsing by @goenning in kube-rs#1077
- Return error from
watcher
when kinds do not support watch by @clux in kube-rs#1101
0.76.0 / 2022-10-28
Expanding on our existing support for storing Rust's struct enums in CRDs, Kube will now try to convert #[serde(untagged)]
enums as well. Note that if the same field is present in multiple untagged variants then they must all have the same shape.
These have been deprecated since 0.72, and are replaced by the equivalent WatchStreamExt
methods.
- Adds example to
Controller::watches
by @Dav1dde in kube-rs#1026 - Discovery: Add
ApiGroup::resources_by_stability
by @imuxin in kube-rs#1022 - Add support for untagged enums in CRDs by @sbernauer in kube-rs#1028
- Derive PartialEq for DynamicObject by @pbzweihander in kube-rs#1048
- Runtime: Remove deprecated util
try_flatten_
helpers by @clux in kube-rs#1019 - Remove
native-tls
feature by @kazk in kube-rs#1044
- add fieldManager querystring to all operations by @goenning in kube-rs#1031
- Add verify_tls1x_signature for NoCertVerification by @rvql in kube-rs#1034
- Fix compatibility with schemars' preserve_order feature by @teozkr in kube-rs#1050
- Hoist enum values from subschemas by @teozkr in kube-rs#1051
0.75.0 / 2022-09-21
The update to [email protected] makes this the first release with tentative Kubernetes 1.25 support. While the new structs and apis now exist, we recommend holding off on using 1.25 until a deserialization bug in the apiserver is resolved upstream. See #997 / #1008 for details.
To upgrade, ensure you bump both kube
and k8s-openapi
:
cargo upgrade kube k8s-openapi
Our previous default of connecting to the Kubernetes apiserver via kubernetes.default.svc
has been reverted back to use the old environment variables after Kubernetes updated their position that the environment variables are not legacy. This does unfortunately regress on rustls
support, so for those users we have included a Config::incluster_dns
to work around the old rustls issue while it is open.
The error_policy
fn now has access to the object
that failed the reconciliation to ease metric creation / failure attribution. The following change is needed on the user side:
-fn error_policy(error: &Error, ctx: Arc<Data>) -> Action {
+fn error_policy(_obj: Arc<YourObject>, error: &Error, ctx: Arc<Data>) -> Action {
There are also a slew of ergonomics improvements, closing of gaps in subresources, adding initial support for ConversionReview
, making Api::namespaced
impossible to use for non-namepaced resources (a common pitfall), as well as many great fixes to the edge cases in portforwarding and finalizers. Many of these changes came from first time contributors. A huge thank you to everyone involved.
- Make
Config::auth_info
public by @danrspencer in kube-rs#959 - Make raw
Client::send
method public by @tiagolobocastro in kube-rs#972 - Make
types
onAdmissionRequest
andAdmissionResponse
public by @clux in kube-rs#977 - Add
#[serde(default)]
to metadata field ofDynamicObject
by @pbzweihander in kube-rs#987 - Add
create_subresource
method toApi
andcreate_token_request
method toApi<ServiceAccount>
by @pbzweihander in kube-rs#989 - Controller: impl Eq and PartialEq for
Action
by @Sherlock-Holo in kube-rs#993 - Add support for CRD
ConversionReview
types by @MikailBag in kube-rs#999
- Constrain Resource trait and Api::namespaced by Scope by @clux in kube-rs#956
- Add connect/read/write timeouts to
Config
by @goenning in kube-rs#971 - Controller: Include the object being reconciled in the
error_policy
by @felipesere in kube-rs#995 Config
: Newincluster
andincluster_dns
constructors by @olix0r in kube-rs#1001- Upgrade
k8s-openapi
to 0.16 by @clux in kube-rs#1008
- Remove
tracing::instrument
fromapply_debug_overrides
by @kazk in kube-rs#958 - fix duplicate finalizers race condition by @alex-hunt-materialize in kube-rs#965
- fix: portforward connection cleanup by @tiagolobocastro in kube-rs#973
0.74.0 / 2022-07-09
This release features smaller improvements/additions/cleanups/fixes, many of which are from new first-time contributors! Thank you everyone! The listed deadlock fix was backported to 0.73.1.
We have also been trying to clarify and prove a lot more of our external-facing guarantees, and as a result:
- We have codified our Kubernetes versioning policy
- The Rust version policy has extended its support range
- Our CI has been extended
A consequence of all the policy writing and the improved clarity we have decided to deprecate the common ResourceExt::name
helper.
This method could panic and it is unexpected for the users and bad for our consistency. To get the old functionality, you can replace any .name()
call on a Kubernetes resources with .name_unchecked()
; but as the name implies, it can panic (in a local setting, or during admission). We recommend you replace it with the new ResourceExt::name_any
for a general identifier:
-pod.name()
+pod.name_any()
- Add support for passing the
fieldValidation
query parameter on patch by @phroggyy in kube-rs#929 - Add
conditions::is_job_completed
by @clux in kube-rs#935
- Deprecate
ResourceExt::name
in favour of safe name_* alternatives by @clux in kube-rs#945
- Remove
#[kube(apiextensions)]
flag fromkube-derive
by @clux in kube-rs#920
- Document every public derived fn from kube-derive by @clux in kube-rs#919
- fix applier hangs which can happen with many watched objects by @moustafab in kube-rs#925
- Applier: Improve reconciler reschedule context to avoid deadlocking on full channel by @teozkr in kube-rs#932
- Fix deserialization issue in AdmissionResponse by @clux in kube-rs#939
- Admission controller example fixes by @Alibirb in kube-rs#950
0.73.1 / 2022-06-03
This patch release fixes a bug causing applier
and Controller
to deadlock when too many Kubernetes object change events were ingested at once. All users of applier
and Controller
are encouraged to upgrade as quickly as possible. Older versions are also affected, this bug is believed to have existed since the original release of kube_runtime
.
- [0.73 backport] fix applier hangs which can happen with many watched objects (#925) by @moustafab (backported by @teozkr) in kube-rs#927
Full Changelog: https://github.com/kube-rs/kube/compare/0.73.0...0.73.1 0.73.0 / 2022-05-23
Support added for Kubernetes v1_24
support via the new k8s-openapi
version. Please also run cargo upgrade --workspace k8s-openapi
when upgrading kube
.
This also bumps our MSRV to 1.60.0
.
A small ergonomic change in the reconcile
signature has removed the need for the Context
object. This has been replaced by an Arc
. The following change is needed in your controller:
-async fn reconcile(doc: Arc<MyObject>, context: Context<Data>) -> Result<Action, Error>
+async fn reconcile(doc: Arc<MyObject>, context: Arc<Data>) -> Result<Action, Error>
This will simplify the usage of the context
argument. You should no longer need to pass .get_ref()
on its every use.
See the controller-rs upgrade change for details.
- Add Discovery::groups_alphabetical following kubectl sort order by @clux in kube-rs#887
- Replace runtime::controller::Context with Arc by @teozkr in kube-rs#910
- runtime: Return the object from
await_condition
by @olix0r in kube-rs#877 - Bump k8s-openapi to 0.15 for kubernetes v1_24 and bump MSRV to 1.60 by @clux in kube-rs#916
0.72.0 / 2022-05-13
A new runtime::WatchSteamExt
(#899 + #906) allows for simpler setups for streams from watcher
or reflector
.
- let stream = utils::try_flatten_applied(StreamBackoff::new(watcher(api, lp), b));
+ let stream = watcher(api, lp).backoff(b).applied_objects();
The util::try_flatten_*
helpers have been marked as deprecated since they are not used by the stream impls.
A new reflector:store()
fn allows simpler reflector setups #907:
- let store = reflector::store::Writer::<Node>::default();
- let reader = store.as_reader();
+ let (reader, writer) = reflector::store();
Additional conveniences getters/settes to ResourceExt
for manged_fields and creation_timestamp #888 + #898, plus a GroupVersion::with_kind
path to a GVK, and a TryFrom<TypeMeta> for GroupVersionKind
in #896.
Managing multiple version in CustomResourceDefinitions can be pretty complicated, but we now have helpers and docs on how to tackle it.
A new function kube::core::crd::merge_crds
have been added (in #889) to help push crd schemas generated by kube-derived crds with different #[kube(version)]
properties. See the kube-derive#version documentation for details.
A new example showcases how one can manage two or more versions of a crd and what the expected truncation outcomes are when moving between versions.
Examples now have moved to tracing
for its logging, respects RUST_LOG
, and namespace selection via the kubeconfig context. There is also a larger kubectl example showcasing kubectl apply -f yaml
as well as kubectl {edit,delete,get,watch}
via #885 + #897.
- Allow merging multi-version CRDs into a single schema by @clux in kube-rs#889
- Add GroupVersion::with_kind and TypeMeta -> GroupVersionKind converters by @clux in kube-rs#896
- Add managed_fields accessors to ResourceExt by @clux in kube-rs#898
- Add ResourceExt::creation_timestamp by @clux in kube-rs#888
- Support lowercase http_proxy & https_proxy evars by @DevineLiu in kube-rs#892
- Add a WatchStreamExt trait for stream chaining by @clux in kube-rs#899
- Add Event::modify + reflector::store helpers by @clux in kube-rs#907
- Switch to kubernetes cluster dns for incluster url everywhere by @clux in kube-rs#876
- Update tower-http requirement from 0.2.0 to 0.3.2 by @dependabot in kube-rs#893
- Remove deprecated legacy crd v1beta1 by @clux in kube-rs#890
0.71.0 / 2022-04-12
Several quality of life changes and improvement this release for port-forwarding, a new ClientBuilder
, better handling of kube-derive
edge-cases.
We highlight some changes here that you should be especially aware of.
Publishing events via Recorder for cluster scoped resources (supported since 0.70.0
) now publish to kube-system
rather than default
, as all but the newest clusters struggle with publishing events in the default
namespace.
The previous native-tls
default was there because we used to depend on reqwest
, but because we depended on openssl anyway the feature does not make much sense. Changing to openssl-tls
also improves the situation on macOS where the Security Framework struggles with PKCS#12 certs from OpenSSL v3. The native-tls
feature will still be available in this release in case of issues, but the plan is to decommission it shortly. Of course, we all ideally want to move to rustls, but we are still blocked by #153.
- Add
ClientBuilder
that lets users add custom middleware without full stack replacement by @teozkr in kube-rs#855 - Support top-level enums in CRDs by @sbernauer in kube-rs#856
- portforward: Improve API and support background task cancelation by @olix0r in kube-rs#854
- Make remote commands cancellable and remove panics by @kazk in kube-rs#861
- Change the default TLS to OpenSSL by @kazk in kube-rs#863
- change event recorder cluster namespace to kube-system by @clux in kube-rs#871
- Fix schemas containing both properties and additionalProperties by @jcaesar in kube-rs#845
- Make dependency pins between sibling crates stricter by @clux in kube-rs#864
- Fix in-cluster kube_host_port generation for IPv6 by @somnusfish in kube-rs#875
0.70.0 / 2022-03-20
This was one of the big blockers for using rustls
against clusters like k3d
or k3s
While not sufficient to fix using those clusters out of the box, it is now possible to use them with a workarodund
The signature and end the Ok
action in reconcile
fns has been simplified slightly, and requires the following user updates:
-async fn reconcile(obj: Arc<MyObject>, ctx: Context<Data>) -> Result<ReconcilerAction, Error> {
- ...
- Ok(ReconcilerAction {
- requeue_after: Some(Duration::from_secs(300)),
- })
+async fn reconcile(obj: Arc<MyObject>, ctx: Context<Data>) -> Result<Action, Error> {
+ ...
+ Ok(Action::requeue(Duration::from_secs(300)))
The Action
import lives in the same place as the old ReconcilerAction
.
- Add support for EC private keys by @farcaller in kube-rs#804
- Add helper for creating a controller owner_ref on Resource by @clux in kube-rs#850
- Remove
scheduler::Error
by @teozkr in kube-rs#827 - Bump parking_lot to 0.12, but allow dep duplicates by @clux in kube-rs#836
- Update tokio-tungstenite requirement from 0.16.1 to 0.17.1 by @dependabot in kube-rs#841
- Let OccupiedEntry::commit take PostParams by @teozkr in kube-rs#842
- Change ReconcileAction to Action and add associated ctors by @clux in kube-rs#851
- Token reloading with RwLock by @kazk in kube-rs#835
- Fix event publishing for cluster scoped crds by @zhrebicek in kube-rs#847
- Fix invalid CRD when Enum variants have descriptions by @sbernauer in kube-rs#852
0.69.1 / 2022-02-16
This is an emergency patch release fixing a bug in 0.69.0 where a kube::Client
would deadlock after running inside a cluster for about a minute (#829).
All users of 0.69.0 are encouraged to upgrade immediately. 0.68.x and below are not affected.
- [0.69.x] Fix deadlock in token reloading by @clux (backported by @teozkr) in kube-rs#831
0.69.0 / 2022-02-14
Two new methods have been added to the client Api
this release to reduce the amount of boiler-plate needed for common patterns.
Api::entry
via 811 - to aid idempotent crud operation flows (following the style ofMap::Entry
)Api::get_opt
via 809 - to aid dealing with theNotFound
type error via a returnedOption
Following a requirement for Kubernetes clients against versions >= 1.22.0
, our bundled AuthLayer
will reload tokens every minute when deployed in-cluster.
- Add conversion for
ObjectRef<K>
toObjectReference
by @teozkr in kube-rs#815 - Add
Api::get_opt
for better existence handling by @teozkr in kube-rs#809 - Entry API by @teozkr in kube-rs#811
- Reload token file at least once a minute by @kazk in kube-rs#768
- Prefer kubeconfig over in-cluster config by @teozkr in kube-rs#823
- Disable CSR utilities on K8s <1.19 by @teozkr in kube-rs#817
0.68.0 / 2022-02-01
To reduce the amount of allocation done inside the runtime
by reflectors and controllers, the following change via #786 is needed on the signature of your reconcile
functions:
-async fn reconcile(myobj: MyK, ctx: Context<Data>) -> Result<ReconcilerAction>
+async fn reconcile(myobj: Arc<MyK>, ctx: Context<Data>) -> Result<ReconcilerAction>
This also affects the finalizer helper.
As one of the last steps toward gold level client requirements, port-forwarding landed in #446. There are 3 new examples (port_forward*.rs
) that showcases how to use this websocket based functionality.
- Add a VS Code devcontainer configuration by @olix0r in kube-rs#788
- Add support for user impersonation by @teozkr in kube-rs#797
- Add port forward by @kazk in kube-rs#446
- runtime: Store resources in an
Arc
by @olix0r in kube-rs#786 - Propagate Arc through the finalizer reconciler helper by @teozkr in kube-rs#792
- Disable unused default features of chrono crate by @dreamer in kube-rs#801
- Use absolute path to Result in derives by @teozkr in kube-rs#795
- core: add missing reason to Display on Error::Validation in Request by @clux in kube-rs#798
0.67.0 / 2022-01-25
- runtime: Replace
DashMap
with a lockedAHashMap
by @olix0r in kube-rs#785 - update k8s-openapi for kubernetes 1.23 support by @clux in kube-rs#789
0.66.0 / 2022-01-15
Tons of ergonomics improvements, and 3 new contributors. Highlighted first is the 3 most discussed changes:
It is now possible to embed complex enums inside structs that use #[derive(CustomResource)]
.
This has been a highly requested feature since the inception of auto-generated schemas. It does not work for all cases, and has certain ergonomics caveats, but represents a huge step forwards.
Note that if you depend on kube-derive
directly rather than via kube
then you must now add the schema
feature to kube-core
To avoid spamming the apiserver when on certain watch errors cases, it's now possible to stream wrap the watcher
to set backoffs. The new default_backoff
follows existing client-go
conventions of being kind to the apiserver.
Initially, this is default-enabled in Controller
watches (configurable via Controller::trigger_backoff
) and avoids spam errors when crds are not installed.
To aid users picking the most appropriate version of a kind
from api discovery or through a CRD, two new sort orders have been exposed on the new kube_core::Version
Version::priority
implementing kubernetes version priorityVersion::generation
implementing a more traditional; generational sort (highest version)
Merged PRs from github release.
- Add
DeleteParams
constructors for easily settingPropagationPolicy
by @kate-goldenring in kube-rs#757 - Add Serialize to ObjecList and add field-selector and jsonpath example by @ChinYing-Li in kube-rs#760
- Implement cordon/uncordon for Node by @ChinYing-Li in kube-rs#762
- Export Version priority parser with Ord impls in kube_core by @clux in kube-rs#764
- Add Api fns for arbitrary subresources and approval subresource for CertificateSigningRequest by @ChinYing-Li in kube-rs#773
- Add backoff handling for watcher and Controller by @clux in kube-rs#703
- Remove crate private
identity_pem
field fromConfig
by @kazk in kube-rs#771 - Use SecretString in AuthInfo to avoid credential leaking by @ChinYing-Li in kube-rs#766
0.65.0 / 2021-12-10
- BREAKING: Removed
kube::Error::OpenSslError
- #716 - BREAKING: Removed
kube::Error::SslError
- #704 and #716 - BREAKING: Added
kube::Error::NativeTls(kube::client::NativeTlsError)
for errors from Native TLS - #716 - BREAKING: Added
kube::Error::RustlsTls(kube::client::RustlsTlsError)
for errors from Rustls TLS - #704 - Modified
Kubeconfig
parsing - allow empty kubeconfigs as per kubectl - #721 - Added
Kubeconfig::from_yaml
- #718 via #719 - Updated
rustls
to 0.20.1 - #704 - BREAKING: Added
ObjectRef
to the object that failed to be reconciled tokube::runtime::controller::Error::ReconcileFailed
- #733 - BREAKING: Removed
api_version
andkind
fields fromkind
structs generated bykube::CustomResource
- #739 - Updated
tokio-tungstenite
to 0.16 - #750 - Updated
tower-http
to 0.2.0 - #748 - BREAKING:
kube-client
: replaceRefreshTokenLayer
withAsyncFilterLayer
inAuthLayer
- #752
0.64.0 / 2021-11-16
- BREAKING: Replaced feature
kube-derive/schema
with attribute#[kube(schema)]
- #690- If you currently disable default
kube-derive
default features to avoid automatic schema generation, add#[kube(schema = "disabled")]
to your spec struct instead
- If you currently disable default
- BREAKING: Moved
CustomResource
derive crate overrides into subattribute#[kube(crates(...))]
- #690- Replace
#[kube(kube_core = .., k8s_openapi = .., schema = .., serde = .., serde_json = ..)]
with#[kube(crates(kube_core = .., k8s_openapi = .., schema = .., serde = .., serde_json = ..))]
- Replace
- Added
openssl-tls
feature to useopenssl
for TLS on all platforms. Note that, even thoughnative-tls
uses a platform specific TLS,kube
requiresopenssl
on all platforms becausenative-tls
only allows PKCS12 input to load certificates and private key at the moment, and creating PKCS12 requiresopenssl
. - #700 - BREAKING: Changed to fail loading configurations with PEM-encoded certificates containing invalid sections instead of ignoring them. Updated
pem
to 1.0.1. - #702 oauth
: Updatedtame-oauth
to 0.6.0 which supports the same default credentials flow as the Gooauth2
for Google OAuth. In addition to reading the service account information from JSON file specified withGOOGLE_APPLICATION_CREDENTIALS
environment variable, Application Default Credentials fromgcloud
, and obtaining OAuth tokens from local metadata server when running inside GCP are now supported. - #701
We started working on improving error ergonomics. See the tracking issue #688 for more details.
The following is the summary of changes to kube::Error
included in this release:
- Added
Error::Auth(kube::client::AuthError)
(errors related to client auth, some of them were previously inError::Kubeconfig
) - Added
Error::BuildRequest(kube::core::request::Error)
(errors building request fromkube::core
) - Added
Error::InferConfig(kube::config::InferConfigError)
(forClient::try_default
) - Added
Error::OpensslTls(kube::client::OpensslTlsError)
(newopenssl-tls
feature) - #700 - Added
Error::UpgradeConnection(kube::client::UpgradeConnectinError)
(ws
feature, errors from upgrading a connection) - Removed
Error::Connection
(was unused) - Removed
Error::RequestBuild
(was unused) - Removed
Error::RequestSend
(was unused) - Removed
Error::RequestParse
(was unused) - Removed
Error::InvalidUri
(replaced by variants of errors inkube::config
errors) - Removed
Error::RequestValidation
(replaced by a variant ofError::BuildRequest
) - Removed
Error::Kubeconfig
(replaced byError::InferConfig
, andError::Auth
) - Removed
Error::ProtocolSwitch
(ws
only, replaced byError::UpgradeConnection
) - Removed
Error::MissingUpgradeWebSocketHeader
(ws
only, replaced byError::UpgradeConnection
) - Removed
Error::MissingConnectionUpgradeHeader
(ws
only, replaced byError::UpgradeConnection
) - Removed
Error::SecWebSocketAcceptKeyMismatch
(ws
only, replaced byError::UpgradeConnection
) - Removed
Error::SecWebSocketProtocolMismatch
(ws
only, replaced byError::UpgradeConnection
) - Removed
impl From<T> for Error
Expand for more details
The following breaking changes were made as a part of an effort to refine errors (the list is large, but most of them are lower level, and shouldn't require much change in most cases):
- Removed
impl From<E> for kube::Error
- #686 - Removed unused error variants in
kube::Error
:Connection
,RequestBuild
,RequestSend
,RequestParse
- #689 - Removed unused error variant
kube::error::ConfigError::LoadConfigFile
- #689 - Changed
kube::Error::RequestValidation(String)
tokube::Error::BuildRequest(kube::core::request::Error)
. Includes possible errors from building an HTTP request, and contains some errors fromkube::core
that was previously grouped underkube::Error::SerdeError
andkube::Error::HttpError
.kube::core::request::Error
is described below. - #686 - Removed
kube::core::Error
andkube::core::Result
.kube::core::Error
was replaced by more specific errors. - #686- Replaced
kube::core::Error::InvalidGroupVersion
withkube::core::gvk::ParseGroupVersionError
- Changed the error returned from
kube::core::admission::AdmissionRequest::with_patch
tokube::core::admission::SerializePatchError
(waskube::core::Error::SerdeError
) - Changed the error associated with
TryInto<AdmissionRequest<T>>
tokube::core::admission::ConvertAdmissionReviewError
(waskube::core::Error::RequestValidation
) - Changed the error returned from methods of
kube::core::Request
tokube::core::request::Error
(waskube::core::Error
).kube::core::request::Error
represents possible errors when building an HTTP request. The removedkube::core::Error
hadRequestValidation(String)
,SerdeError(serde_json::Error)
, andHttpError(http::Error)
variants. They are nowValidation(String)
,SerializeBody(serde_json::Error)
, andBuildRequest(http::Error)
respectively inkube::core::request::Error
.
- Replaced
- Changed variants of error enums in
kube::runtime
to tuples. Replacedsnafu
withthiserror
. - #686 - Removed
kube::error::ConfigError
andkube::Error::Kubeconfig(ConfigError)
- #696- Error variants related to client auth were moved to a new error
kube::client::AuthError
as described below - Remaining variants were split into
kube::config::{InferConfigError, InClusterError, KubeconfigError}
as described below
- Error variants related to client auth were moved to a new error
- Added
kube::client::AuthError
by extracting error variants related to client auth fromkube::ConfigError
and adding more variants to preserve context - #696 - Moved
kube::error::OAuthError
tokube::client::OAuthError
- #696 - Changed all errors in
kube::client::auth
tokube::client::AuthError
- #696 - Added
kube::Error::Auth(kube::client::AuthError)
- #696 - Added
kube::config::InferConfigError
which is an error fromConfig::infer()
andkube::Error::InferConfig(kube::config::InferConfigError)
- #696 - Added
kube::config::InClusterError
for errors related to loading in-cluster configuration by splittingkube::ConfigError
and adding more variants to preserve context. - #696 - Added
kube::config::KubeconfigError
for errors related to loading kubeconfig by splittingkube::ConfigError
and adding more variants to preserve context. - #696 - Changed methods of
kube::Config
to return these erorrs instead ofkube::Error
- #696 - Removed
kube::Error::InvalidUri
which was replaced by error variants preserving context, such asKubeconfigError::ParseProxyUrl
- #696 - Moved all errors from upgrading to a WebSocket connection into
kube::Error::UpgradeConnection(kube::client::UpgradeConnectionError)
- #696
0.63.2 / 2021-10-28
kube::runtime::events
: fix build and hide module on kubernetes < 1.19 (events/v1 missing there) - #685
0.63.1 / 2021-10-26
kube::runtime::wait::Condition
added boolean combinators (not
/and
/or
) - #678kube
: fix docs.rs build - #681 via #682
0.63.0 / 2021-10-26
- rust
edition
bumped to2021
- #664, #666, #667 kube::CustomResource
derive can now take arbitrary#[kube(k8s_openapi)]
style-paths fork8s_openapi
,schemars
,serde
, andserde_json
- #675kube
: fixnative-tls
included when onlyrustls-tls
feature is selected - #673 via #674
0.62.0 / 2021-10-22
- no need to keep both
kube
andkube_runtime
inCargo.toml
anymore - fixes issues with dependabot / lock-step upgrading
- change
kube_runtime::X
import paths tokube::runtime::X
when moving to the feature
kube::runtime
addedevents
module with an eventRecorder
- #249 via #653 + #662 + #663kube::runtime::wait::conditions
addedis_crd_established
helper - #659kube::CustomResource
derive can now take an arbitrary#[kube(kube_core)]
path forkube::core
- #658kube::core
consistently re-exported across crates- docs: major overhaul + architecture.md - #416 via #652
0.61.0 / 2021-10-09
kube-core
: BREAKING: extendCustomResourceExt
trait with::shortnames
method (impl inkube-derive
) - #641kube-runtime
: addwait
module toawait_condition
, and addedwatch_object
to watcher - #632 via #633kube
: addRestart
marker trait to allowApi::restart
on core workloads - #630 via #635- bump dependencies:
tokio-tungstenite
,k8s-openapi
,schemars
,tokio
in particular - #643 + #645
0.60.0 / 2021-09-02
kube
: supportk8s-openapi
withv1_22
features - #621 via #622kube
:BREAKING
: support forCustomResourceDefinition
atv1beta1
now requires an opt-indeprecated-crd-v1beta1
feature - #622kube-core
: add content-type header to requests with body - #626 via #627
0.59.0 / 2021-08-09
BREAKING
: bumpedk8s-openapi
to 0.13.0 - #581 via #616kube
connects to kubernetes via cluster dns when usingrustls
- #587 via #597kube
nicer serialization ofKubeconfig
- #613kube-core
added serde traits forApiResource
- #590kube-core
addedCrdExtensions::crd_name
method (implemented bykube-derive
) - #583kube-core
added theHasSpec
andHasStatus
traits - #605kube-derive
added support to automatically implement theHasSpec
andHasStatus
traits - #605kube-runtime
fix tracing span hierarchy from applier - #600
0.58.1 / 2021-07-06
kube-runtime
: fix non-unix builds - #582
0.58.0 / 2021-07-05
kube
:BREAKING
: subresource marker traits renamed conjugation:Log
,Execute
,Attach
,Evict
(previouslyLogging
,Executable
,Attachable
,Evictable
) - #536 via #560kube-derive
added#[kube(category)]
attr to set CRD categories - #559kube-runtime
addedfinalizer
helper #291 via #475kube-runtime
added tracing for why reconciliations happened #457 via #571kube-runtime
addedController::reconcile_all_on
to allow scheduling all objects for reconciliation #551 via #555kube-runtime
addedController::graceful_shutdown_on
for shutting down theController
while waiting for running reconciliations to finish - #552 via #573
- BREAKING:
controller::applier
now starts a graceful shutdown when thequeue
terminates - BREAKING:
scheduler
now shuts down immediately whenrequests
terminates, rather than waiting for the pending reconciliations to drain
kube-runtime
added tracking for reconciliation reason
- Added:
Controller::owns_with
andController::watches_with
to pass adyntype
argument for dynamicApi
s - #575 - BREAKING:
Controller::owns
signature changed to not allowDynamicType
s - BREAKING:
controller::trigger_*
now returns aReconcileRequest
rather thanObjectRef
. TheObjectRef
can be accessed via theobj_ref
field
- Api::replace can fail to unset list values with k8s-openapi 0.12 #581
- BREAKING: custom clients via
Client::new
must passconfig.default_namespace
as 2nd arg
- BREAKING:
kube-derive
users must importkube::CustomResourceExt
(orkube::core::crd::v1beta1::CustomResourceExt
if using legacy#[kube(apiextensions = "v1beta1")]
) to use generated methodsFoo::crd
orFoo::api_resource
- BREAKING:
k8s_openapi
bumped to 0.12.0 - #531- Generated structs simplified +
Resource
trait expanded - Adds support for kubernetes
v1_21
- Contains bugfix for kubernetes#102159
- Generated structs simplified +
- BREAKING:
kube::Resource
trait now requires aplural
implementation
- Api::replace can fail to unset list values with k8s-openapi 0.12 #581
kube
: addedApi::default_namespaced
- #209 via #534kube
: addedconfig
feature - #533 via #535kube
: BREAKING: movedclient::discovery
module tokube::discovery
and rewritten module #538
discovery
: addedoneshot
helpers for quick selection of recommended resources / kinds #538discovery
: movedApiResource
andApiCapabilities
(result of discovery) tokube_core::discovery
- BREAKING: removed internal
ApiResource::from_apiresource
- three new examples added:
custom_client
,custom_client_tls
andcustom_client_trace
- Big feature streamlining, big service and layer restructuring, dependency restructurings
- Changes can hit advanced users, but unlikely to hit base use cases with
Api
andClient
. - In depth changes broken down below:
- Add
kube::client::ConfigExt
extendingConfig
for customClient
. This includes methods to configure TLS connection when building a custom client #539native-tls
:Config::native_tls_https_connector
andConfig::native_tls_connector
rustls-tls
:Config::rustls_https_connector
andConfig::rustls_client_config
- Remove the requirement of having
native-tls
orrustls-tls
enabled whenclient
is enabled. Allow one, both or none.- When both, the default Service will use
native-tls
because of #153.rustls
can be still used with a custom client. Users will have an option to configure TLS at runtime. - When none, HTTP connector is used.
- When both, the default Service will use
- Remove TLS features from
kube-runtime
- BREAKING: Features must be removed if specified
- Remove
client
feature fromnative-tls
andrust-tls
featuresconfig
+native-tls
/rustls-tls
can be used independently, e.g., to create a simple HTTP client- BREAKING:
client
feature must be added ifdefault-features = false
ConfigExt::base_uri_layer
(BaseUriLayer
) to set cluster URL (#539)ConfigExt::auth_layer
that returns optional layer to manageAuthorization
header (#539)gzip
: Replaced custom decompression module withDecompressionLayer
fromtower-http
(#539)- Replaced custom
LogRequest
withTraceLayer
fromtower-http
(#539)- Request body is no longer shown
- Basic and Bearer authentication using
AddAuthorizationLayer
(borrowing from tower-rs/tower-http#95 until released) - BREAKING: Remove
headers
fromConfig
. Injecting arbitrary headers is now done with a layer on a custom client.
- Remove
static_assertions
since it's no longer used - Replace
tokio_rustls
withrustls
andwebpki
since we're not usingtokio_rustls
directly - Replace uses of
rustls::internal::pemfile
withrustls-pemfile
- Remove
url
and always usehttp::Uri
- BREAKING:
Config::cluster_url
is nowhttp::Uri
- BREAKING:
Error::InternalUrlError(url::ParseError)
andError::MalformedUrl(url::ParseError)
replaced byError::InvalidUri(http::uri::InvalidUri)
- BREAKING:
kube
:client
feature added (default-enabled) - #528kube
:PatchParams
force now only works withPatch::Apply
#528kube
:api
discovery
module now uses a newApiResource
struct #495 + #482kube
:api
BREAKING:DynamicObject
+Object
now takes anApiResource
rather than aGroupVersionKind
kube
:api
BREAKING:discovery
module'sGroup
renamed toApiGroup
kube
:client
BREAKING:kube::client::Status
moved tokube::core::Status
(accidental, re-adding in 0.56)kube-core
crate factored out ofkube
to reduce dependencies - #516 via #517 + #519 + #522 + #528 + #530kube
:kube::Service
removed to allowkube::Client
to take an abritraryService<http::Request<hyper::Body>>
- #532
- yanked 30 minutes after release due to #525
- changes lifted to 0.55.0
kube
:admission
controller module added under feature - #477 via #484 + fixes in #488 #498 #499 + #507 + #509kube
:config
parsing of pem blobs now resilient against missing newlines - #504 via #505kube
:discovery
module added to simplify dynamic api usage - #491kube
:api
BREAKING:DynamicObject::namespace
renamed to::within
- #502kube
:api
BREAKING: addedResourceExt
trait moving the getters fromResource
trait - #486kube
:api
added a generic interface for subresources viaRequest
- #487kube
:api
fix bug inPatchParams::dry_run
not being serialized correctly - #511
The most likely issue you'll run into is from kube
when using Resource
trait which has been split:
+use kube::api::ResouceExt;
- let name = Resource::name(&foo);
- let ns = Resource::namespace(&foo).expect("foo is namespaced");
+ let name = ResourceExt::name(&foo);
+ let ns = ResourceExt::namespace(&foo).expect("foo is namespaced");
kube-derive
: allow overriding#[kube(plural)]
and#[kube(singular)]
- #458 via #463kube
: added tracing instrumentation for io operations inkube::Api
- #455kube
:DeleteParams
'sPreconditions
is now public - #459 via #460kube
: remove dependency on duplicatederive_accept_key
forws
- #452kube
: Properly verify websocket keys inws
handshake - #447kube
: BREAKING: removed optional, and deprecatedruntime
module - #454kube
: BREAKING:ListParams
bookmarks default enabled - #226 via #445- renames member
::allow_bookmarks
to::bookmarks
::default()
setsbookmark
totrue
to avoid bad bad defaults #219- method
::allow_bookmarks()
replaced by::disable_bookmarks()
- renames member
kube
:DynamicObject
andGroupVersionKind
introduced for full dynamic object supportkube-runtime
: watchers/reflectors/controllers can be used with dynamic objects from api discoverykube
: Pluralisation now only happens fork8s_openapi
objects by default #481- inflector dependency removed #471
- added internal pluralisation helper for
k8s_openapi
objects
kube
: BREAKING: Restructuring of low levelResource
request builder #474Resource
renamed toRequest
and requires only apath_url
to construct
kube
: BREAKING: Mostly internalMeta
trait revamped to support dynamic typeskube-runtime
: BREAKING: lower level interface changes as a result ofkube::api::Meta
trait:
- THESE SHOULD NOT AFFECT YOU UNLESS YOU ARE IMPLEMENTING / CUSTOMISING LOW LEVEL TYPES DIRECTLY
ObjectRef
now generic overkube::Resource
rather thanRuntimeResource
reflector::{Writer, Store}
takes akube::Resource
rather than ak8s_openapi::Resource
kube-derive
: BREAKING: Generated type no longer generatesk8s-openapi
traits
While we had a few breaking changes. Most are to low level internal interfaces and should not change much, but some changes you might need to make:
- if using the old, low-level
kube::api::Resource
, please consider the easierkube::Api
, or look at tests inrequest.rs
ortyped.rs
if you need the low level interface - search replace
kube::api::Meta
withkube::Resource
if used - trait was renamed - if implementing the trait, add
type DynamicType = ();
to the impl - remove calls to
ListParams::allow_bookmarks
(allow default) - handle
WatchEvent::Bookmark
or setListParams::disable_bookmarks()
- look at examples if replacing the long deprecated legacy runtime
The following constants from k8s_openapi::Resource
no longer exist. Please use kube::Resource
and:
- replace
Foo::KIND
withFoo::kind(&())
- replace
Foo::GROUP
withFoo::group(&())
- replace
Foo::VERSION
withFoo::version(&())
- replace
Foo::API_VERSION
withFoo::api_version(&())
kube
Config
now allows arbirary extension objects - #425kube
Config
now allows multiple yaml documents per kubeconfig - #440 via #441kube-derive
now more robust and is usingdarling
- #435- docs improvements to patch + runtime
- feat: added support for stacked kubeconfigs - #132 via #411
- refactor: authentication logic moved out of
kube::config
and into intokube::service
- #409
- BREAKING:
Config::get_auth_header
removed
- refactor: remove
hyper
dependency fromkube::api
- #410 - refactor:
kube::Service
simpler auth and gzip handling - #405 + #408
- dependency on
reqwest
+ removed in favour ofhyper
+tower
#394- refactor:
kube::Client
now useskube::Service
(atower::Service<http::Request<hyper::Body>>
) instead ofreqwest::Client
to handle all requests - refactor:
kube::Client
now uses atokio_util::codec
for internal buffering - refactor:
async-tungstenite
ws feature dependency replaced withtokio-tungstenite
.WebSocketStream
is now created from a connection upgraded withhyper
- refactor:
oauth2
module for GCP OAuth replaced with optionaltame-oauth
dependency - BREAKING: GCP OAuth is now opt-in (
oauth
feature). Note that GCP provider with command based token source is supported by default. - BREAKING: Gzip decompression is now opt-in (
gzip
feature) because Kubernetes does not have compression enabled by default yet and this feature requires extra dependencies. #399 - BREAKING:
Client::new
now takes aService
instead ofConfig
#400. Allows custom service for features not supported out of the box and testing. To create aClient
fromConfig
, useClient::try_from
instead. - BREAKING: Removed
Config::proxy
. Proxy is no longer supported out of the box, but it should be possible by using a custom Service. - fix: Refreshable token from auth provider not refreshing
- fix: Panic when loading config with non-GCP provider #238
- refactor:
- feat: subresource support added for
Evictable
types (marked forPod
) - #393 kube
: subresource marker traits renamed toLoggable
,Executable
,Attachable
(previouslyLoggingObject
,ExecutingObject
,AttachableObject
) - #395examples
showcasingkubectl cp
like behaviour #381 via #392
- bump
k8s-openapi
to0.11.0
- #388 - breaking:
kube
: no longer necessary to serialize patches yourself - #386PatchParams
removesPatchStrategy
Api::patch*
methods now take an enumPatch
type- optional
jsonpatch
feature added forPatch::Json
- chore: upgrade
tokio
to1.0
- #363- BREAKING: This requires the whole application to upgrade to
tokio
1.0 andreqwest
to 0.11.0
- BREAKING: This requires the whole application to upgrade to
- docs: fix broken documentation in
kube
0.46.0 #367 - bug:
kube
: removed panics fromws
features, fixrustls
support + improve docs #369 via #370 + #373 - bug:
AttachParams
now fixes owned method chaining (slightly breaks from 0.46 if using &mut ref before) - #364 - feat:
AttachParams::interactive_tty
convenience method added - #364 - bug: fix
Runner
(and thusController
andapplier
) not waking correctly when starting new tasks - #375
- maintenance release for 0.46 (last supported tokio 0.2 release) from
tokio02
branch - bug backport: fix
Runner
(and thusController
andapplier
) not waking correctly when starting new tasks - #375
- feat:
kube
now has optional websocket support withasync_tungstenite
underws
andws-*-tls
features #360 - feat:
AttachableObject
marker trait added and implemented fork8s_openapi::api::core::v1::Pod
#360 - feat:
AttachParams
added forApi::exec
andApi::attach
forAttachableObject
s #360 - examples:
pod_shell
,pod_attach
,pod_exec
demonstrating the new features #360
- feat:
kube-derive
now has a default enabledschema
feature- allows opting out of
schemars
dependency for handwriting crds - #355
- allows opting out of
- breaking:
kube-derive
attrstruct_name
renamed tostruct
- #359 - docs: improvements on
kube
,kube-runtime
,kube-derive
- feat:
kube-derive
now generates openapi v3 schemas and is thus usable with v1CustomResourceDefinition
- #129 and #264 via #348- BREAKING:
kube-derive
types now requireJsonSchema
derived viaschemars
libray (not breaking if going to 0.45.0)
- BREAKING:
- feat:
kube_runtime::controller
: now reconciles objects in parallel - #346- BREAKING:
kube_runtime::controller::applier
now requires that thereconciler
'sFuture
isUnpin
,Box::pin
it or submit it to a runtime if this is not acceptable - BREAKING:
kube_runtime::controller::Controller
now requires that thereconciler
'sFuture
isSend + 'static
, use the low-levelapplier
interface instead if this is not acceptable
- BREAKING:
- bug:
kube-runtime
: removed accidentally includedk8s-openapi
default features (you have to opt in to them yourself) - feat:
kube
:TypeMeta
now derives additionallyDebug, Eq, PartialEq, Hash
- bump:
k8s-openapi
to0.10.0
- #330 - bump:
serde_yaml
- #349 - bump:
dirs
todirs-next
- #340
- bug:
kube-derive
attr#[kube(shortname)]
now working correctly - bug:
kube-derive
now working with badly cased existing types - #313 - missing:
kube
now correctly exportsconfig::NamedAuthInfo
- #323 - feat:
kube
: exposeConfig::get_auth_header
for istio use cases - #322 - feat:
kube
: local config now tackles gcloud auth exec params - #328 and #84 kube-derive
now actually requires GVK (in particular#[kube(kind = "Foo")]
which we sometimes inferred earlier, despite documenting the contrary)
- bug:
kube-derive
'sDefault
derive now sets typemeta correctly - #315 - feat:
ListParams
now supportscontinue_token
andlimit
- #320
- yanked release. failed publish.
DynamicResource::from_api_resource
added to allow apiserver returned resources - #305 via #301Client::list_api_groups
addedClient::list_ap_group_resources
addedClient::list_core_api_versions
addedClient::list_core_api_resources
addedkube::DynamicResource
exposed at top level- Bug:
PatchParams::default_apply()
now requires a manager and renamed toPatchParams::apply(manager: &str)
for #300 - Bug:
DeleteParams
no longer missing forApi::delete_collection
- #53 - Removed paramter
ListParams::include_uninitialized
deprecated since 1.14 - Added optional
PostParams::field_manager
was missing forApi::create
case
- Bug:
ObjectRef
tweak inkube-runtime
to allow controllers triggering across cluster and namespace scopes - #293 via #294 - Feature:
kube
now has aderive
feature which will re-exportkube::CustomResource
fromkube-derive::CustomResource
. - Examples: revamp examples for
kube-runtime
- #201
- Marked
kube::runtime
module as deprecated - #281 Config::timeout
can now be overridden toNone
(with caveats) #280- Bug: reflector stores could have multiple copies inside datastore - #286
dashmap
backend Store driver downgraded - #286Store::iter
temporarily removed
- Bug: Specialize WatchEvent::Bookmark so they can be deserialized - #285
- Docs: Tons of docs for kube-runtime
- Bump
k8s-openapi
to0.9.0
- All runtime components now require
Sync
objects - reflector/watcher/Controller streams can be shared in threaded environments
- https://gitlab.com/teozkr/kube-rt/ merged in for a new
kube-runtime
crate #258 Controller<K>
added (#148 via #258)Reflector
api redesigned (#102 via #258)- Migration release for
Informer
->watcher
+Reflector
->reflector
kube::api::CustomResource
removed in favour ofkube::api::Resource::dynamic
CrBuilder
removed in favour ofDynamicResource
(with new error handling)- support level bumped to beta
- Fix in-cluster Client when using having multiple certs in the chain - #251
Config::proxy
support added - #246PartialEq
can be derived withkube-derive
- #242- Windows builds no longer clashes with runtime - #240
- Rancher hosts (with path specifiers) now works - #244
- Bump
k8s-openapi
to0.8.0
Config::from_cluster_env
<- renamed fromConfig::new_from_cluster_env
Config::from_kubeconfig
<- renamed fromConfig::new_from_kubeconfig
Config::from_custom_kubeconfig
added - #236- Majorly overhauled error handlind in config module - #237
- add missing tokio
signal
feature as a dependency - upgrade all dependencies, including minor bumps to rustls and base64
- Major
config
+client
module refactor Config
is the newConfiguration
structClient
is now just a configuredreqwest::Client
plus areqwest::Url
- implement
From<Config> for reqwest::ClientBuilder
- implement
TryFrom<Config> for Client
Client::try_default
orClient::new
now recommended constructors- People parsing
~/.kube/config
must use theKubeConfig
struct instead Reflector<K>
now only takes anApi<K>
to construct (.params method)Informer<K>
now only takes anApi<K>
to construct (.params method)Informer::init_from
->Informer::set_version
Reflector
now self-polls #151 + handles signals #152Reflector::poll
made private in favour ofReflector::run
Api::watch
no longer filters out error events (next
->try_next
)Api::watch
returnsResult<WatchEvent>
rather thanWatchEvent
WatchEvent::Bookmark
added to enumListParams::allow_bookmarks
addedPatchParams::default_apply
ctor addedPatchParams
builder mutators:::force
and::dry_run
added
- Expose
config::Configuration
at root level - Add
Configuration::infer
as a recommended constructor - Rename
client::APIClient
toclient::Client
- Expose
client::Client
at root level Client
now implementsFrom<Configuration>
- Added comprehensive documentation on
Api
- Rename
config::KubeConfigLoader
->config::ConfigLoader
- removed
futures-timer
dependency fortokio
(feature=timer)
- Fix
#[kube(printcolumn)]
when#[kube(apiextensions = "v1beta1")]
- Fix
#[kube(status)]
causing serializes of empty optional statuses
Api::log
->Api::logs
(now matchesResource::logs
)Object<FooSpec, FooStatus>
back for ad-hoc ser/de- kube-derive now derives
Debug
(requiresDebug
on spec struct) - kube-derive now allows multiple derives per file
Api::create
now takes dataK
rather than bytesApi::replace
now takes dataK
rather than bytes- (note that
Resource::create
andResource::replace
still takes bytes)
- (note that
#[derive(CustomResource)]
now implements::new
on the generatedKind
- derived
Kind
now properly containsTypeMeta
- #170
RawApi
removed ->Resource
addedResource
implementsk8s_openapi::Resource
- ALL OBJECTS REMOVED -> Depening on light version of
k8s-openapi
now- NB: should generally just mean a few import changes (+casings / unwraps)
openapi
feature removed (light dependency mandatory now)- LIBRARY WORKS WITH ALL
k8s_openapi
KUBERNETES OBJECTS KubeObject
trait removed in favour ofMeta
traitObject<FooSpec, FooStatus>
removed -> types implementingk8s_openapi::Resource
required insteadkube-derive
crate added to derive this trait + other kubebuilder like codegen
Reflector
+Informer
moved fromkube::api
tokube::runtime
Informer
now resets the version to 0 rather than dropping events - #134- Removed
Informer::init
, since it is now a no-op when building theInformer
- Removed
- Downgrade spurious log message when using service account auth
- Fix a large percentage of EOFs from watches #146
- => default timeout down to 290s from 300s
- =>
Reflector
now re-lists a lot less #146 - Fix decoder panic with async-compression (probably) #144
Informer::poll
can now be used withTryStream
- Exposed
Config::read
andConfig::read_from
- #124 - Fix typo on
Api::StatefulSet
- Fix typo on
Api::Endpoints
- Add
Api::v1CustomResourceDefinition
when on k8s >= 1.17 - Renamed
Void
toNotUsed
- initial rustls support #114 (some local kube config issues know #120)
- crate does better version checking against openapi features - #106
- initial
log_stream
support - #109
- Add support for ServiceAccount, Role, ClusterRole, RoleBinding, Endpoint - #113 + #111
- Upgrade k8s-openapi to 0.7 => breaking changes: https://github.com/Arnavion/k8s-openapi/blob/master/CHANGELOG.md#v070-2020-01-23
- Bump tokio and reqwest to 0.2 and 0.10
- Fix bug in
log
fetcher - #107 - Temporarily allow invalid certs when testing on macosx - #105
- Allow sharing Reflectors between threads - #97
- Fix Reflector pararall lock issue (
poll
no longer blocksstate
)
- Improve Reflector reset algorithm (clear history less)
- Default watch timeouts changed to 300s everywhere
- This increases efficiency of Informers and Reflectors by keeping the connection open longer.
- However, if your Reflector relies on frequent polling you can set
timeout
or hide thepoll()
in a different context so it doesn't block your main work - Internal
RwLock
changed to afutures::Mutex
for soundness / proper non-blocking - #94 - blocking
Reflector::read()
renamed toasync Reflector::state()
- Expose
metadata.creation_timestamp
and.deletion_timestamp
(behind openapi flag) - #93
- ObjectList now implements Iterator - #91
- openapi feature no longer accidentally hardcoded to v1.15 feature - #90
- kube::Error is now a proper error enum and not a Fail impl (thiserror)
- soft-tokio dependency removed for futures-timer
- gzip re-introduced
- Fix unpinned gzip dependency breakage - #87
- api converted to use async/await with 1.39.0 (primitively)
- hyper upgraded to 0.10-alpha
- synchronous sleep replaced with tokio timer
Log
trait removed in favour of internal marker trait
- Add support for oidc providerss with
auth-provider
w/oaccess-token
- #70 - Bump most dependencies to more recent versions
- Expose custom client creation
- Added support for
v1beta1Ingress
- Expose incluster_config::load_default_ns - #74
- Add missing
uid
field onObjectMeta::ownerReferences
- Add
Reflector::get
andReflector::get_within
as cheaper getters - Add support for OpenShift kube configs with multiple CAs - via #64
- Add missing
ObjectMeta::ownerReferences
- Reduced memory consumption during compile with
[email protected]
- #62
- Fix compile issue on
1.37.0
withUtc
serialization - Fix
Void
not havingSerialize
derive
- Added support for
v1Job
resources - via #58 - Added support for
v1Namespace
,v1DaemonSet
,v1ReplicaSet
,v1PersistentVolumeClaim
,v1PersistentVolume
,v1ResourceQuota
,v1HorizontalPodAutoscaler
- via #59 - Added support for
v1beta1CronJob
,v1ReplicationController
,v1VolumeAttachment
,v1NetworkPolicy
- via #60 k8s-openapi
optional dependency bumped to0.5.0
(for kube 1.14 structs)
Reflector::read
now returns aVec<K>`` rather than a
Vec<(name, K)>`: This fixes an unsoundness bug internally - #56 via @gnieto
- Experimental oauth2 support for some providers - via #44 :
- a big cherry-pick from various prs upstream originally for GCP
- EKS works with setup in kube-rs#20 (comment)
- Added support for
Log
subresource - via #50 - Added support for
v1ConfigMap
with example - via #49 - Demoted some spammy info messages from Reflector
- Added
PatchParams
withPatchStrategy
to allow arbitrary patch types - #24 via @ragne Event
renamed tov1Event
to match non-slowflake type namesv1Service
support added- Added
v1Secret
snowflake type and asecret_reflector
example
-
Api<P, U>
is nowApi<K>
for someKubeObject
K:- Big change to allow snowflake objects (#35) - but also slightly nicer
- You want aliases
type Pod = Object<PodSpec, PodStatus>
- This gives you the required
KubeObject
trait impl for free
-
Added
Event
native type to prove snowflakes can be handled - #35 -
ApiStatus
renamed toStatus
to match kube api conventions #36 -
Rename
Metadata
toObjectMeta
#36 -
Added
ListMeta
forObjectList
andStatus
#36 -
Added
TypeMeta
object which is flattened ontoObject
, so:o.types.kind
rather thano.kind
o.types.version
rather thano.version
- Status subresource api commands added to
Api
:patch_status
get_status
replace_status
^ Seecrd_openapi
orcrd_api
examples
- Scale subresource commands added to
Api
:patch_scale
get_scale
replace_scale
^ Seecrd_openapi
example
- Typed
Api
variant calledOpenApi
introduced (see crd_openapi example) - Revert
client.request
return type change (back to response only from pre-0.7.0 #28) delete
now returns `Either<Object<P, U>, ApiStatus> - for bug#32delete_collection
now returns `Either<ObjectList<Object<P, U>>, ApiStatus> - for bug#32Informer::new
renamed toInformer::raw
Reflector::new
renamed toReflector::raw
Reflector::new
+Informer::new
added for "openapi" compile time feature (does not require specifying the generic types)
- Expose list/watch parameters #11
- Many API struct renames:
ResourceMap
->Cache
Resource
->Object
ResourceList
->ObjectList
ApiResource
->Api
ResourceType
has been removed in favour ofApi::v1Pod()
sayObject::status
now wrapped in anOption
(not present everywhere)ObjectList
exposed- Major API overhaul to support generic operations on
Object
- Api can be used to perform generic actions on resources:
create
get
delete
watch
list
patch
replace
get_scale
(when scale subresource exists)patch_scale
(ditto)replace_scale
(ditto)get_status
(when status subresource exists)patch_status
(ditto)replace_status
(ditto)
- crd_api example added to track the action api
- Bunch of generic parameter structs exposed for common operations:
ListParams
exposedDeleteParams
exposedPostParams
exposed
- Errors from
Api
exposed inkube::Error
:Error::api_error -> Option<ApiError>
exposed- Various other error types also in there (but awkward setup atm)
client.request
now returns a tuple(T, StatusCode)
(before onlyT
)
- Expose getter
Informer::version
- Exose ctor
Informer::from_version
- Expose more attributes in
Metadata
Informer::reset
convenience method addedInformer::poll
no longer returns events straight- an
Informer
now cachesWatchEvent
elements into an internal queue Informer::pop
pops a single element from its internal queueReflector::refresh
renamed toReflector::reset
(matchesInformer
)Void
type added so we can useReflector<ActualSpec, Void>
- removes need for Spec/Status structs:
ReflectorSpec
,ReflectorStatus
removedInformerSpec
,InformerStatus
removedResourceSpecMap
,ResourceStatusMap
removed
WatchEvents
removedWatchEvent
exposed, and now wraps `Resource<T, U>``
- added
Informer
struct dedicated to handling events - Reflectors no longer cache
events
- see #6
- ResourceMap now contains the full Resource<T,U> struct rather than a tuple as the value. =>
value.metadata
is available in the cache. - Reflectors now also cache
events
to allow apps to handle them
Named
trait removed (inferring from metadata.name now)- Reflectors now take two type parameters (unless you use
ReflectorSpec
orReflectorStatus
) - see examples for usage - Native kube types supported via
ApiResource
- Some native kube resources have easy converters to
ApiResource