released this
27 Feb 16:47
3 commits
to release-1.8
since this release
tags: Release Notes
Changes since 1.8.3
Bumped dependencies to address CVEs
- https://pkg.go.dev/vuln/GO-2023-1571
- https://pkg.go.dev/vuln/GO-2023-1495
- https://pkg.go.dev/vuln/GO-2022-1144
Changes since 1.8.2
- Rebuilt with go1.19.4 - see CVE details https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU
Changes since 1.8.1
Changes since 1.8.0
- Upgrade HPA webhook to autoscaling/v2 API version (#13411, @psschwei)
- We reverted #13376 - Setting
on the queue-proxy sidecar. This seems to break older OpenShift versions and GKE workloads running on gVisor. We will make this option configurable in the future.- See gVisor/GKE issue (google/gvisor#8248, https://issuetracker.google.com/issues/260968397) to allow this value
- Scaling to zero now works when target-burst-capacity is zero. (#13503, @dprotaso)
- Fix a nil pointer panic in the queue proxy when draining (knative/pkg#2645, @dprotaso)
Changelog since 1.7
🚨 Breaking or Notable
- Uses the cluster domain suffix
as the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei) - Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
- Services may now set
in SecurityContext to allow users to comply with therestricted
Pod Security Standards best-practice (#13401, @evankanderson) - Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
- Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)
💫 New Features & Changes
- Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
- EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
- Save data from perf tests to create a dashboard. (#13192, @nader-ziada)
Bug or Regression
- Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
- ConfigMap config-defaults property
now defaults torevision-timeout-seconds
. This should unblock upgrades who setrevision-timeout-seconds
lower than the default value of 300 (#13255, @dprotaso) - Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)
- github.com/armon/go-socks5: e753329
- github.com/cyberdelia/templates: ca7fffd
- github.com/deepmap/oapi-codegen: v1.8.2
- github.com/emicklei/go-restful/v3: v3.8.0
- github.com/go-chi/chi/v5: v5.0.0
- github.com/google/gnostic: v0.5.7-v3refs
- github.com/influxdata/influxdb-client-go/v2: v2.9.0
- github.com/influxdata/line-protocol: 2487e72
- github.com/labstack/echo/v4: v4.2.1
- github.com/labstack/gommon: v0.3.0
- github.com/matryer/moq: 6cfb055
- github.com/onsi/ginkgo/v2: v2.1.6
- github.com/valyala/fasttemplate: v1.2.1
- github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
- github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
- github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
- github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
- github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
- github.com/cockroachdb/datadriven: bf6692d → 80d97fb
- github.com/creack/pty: v1.1.11 → v1.1.9
- github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
- github.com/go-logr/logr: v1.2.2 → v1.2.3
- github.com/google/cel-go: v0.9.0 → v0.12.5
- github.com/google/go-cmp: v0.5.7 → v0.5.8
- github.com/onsi/gomega: v1.16.0 → v1.20.1
- github.com/prometheus/client_golang: v1.11.1 → v1.12.1
- github.com/spf13/cobra: v1.3.0 → v1.4.0
- github.com/stretchr/testify: v1.7.0 → v1.8.0
- github.com/yuin/goldmark: v1.4.1 → v1.4.13
- go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
- go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
- golang.org/x/crypto: 8634188 → 3147a52
- golang.org/x/mod: v0.5.1 → 86c51ed
- golang.org/x/net: 27dd868 → a158d28
- golang.org/x/sys: 4e6760a → 8c9f86f
- golang.org/x/tools: v0.1.9 → v0.1.12
- google.golang.org/genproto: 1ac2ace → c8bf987
- google.golang.org/grpc: v1.44.0 → v1.47.0
- google.golang.org/protobuf: v1.27.1 → v1.28.0
- k8s.io/api: v0.23.9 → v0.25.2
- k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
- k8s.io/apimachinery: v0.23.9 → v0.25.2
- k8s.io/apiserver: v0.23.9 → v0.25.2
- k8s.io/client-go: v0.23.9 → v0.25.2
- k8s.io/code-generator: v0.23.9 → v0.25.2
- k8s.io/component-base: v0.23.9 → v0.25.2
- k8s.io/kube-openapi: 4241196 → 67bda5d
- k8s.io/utils: 3a6ce19 → ee6ede2
- knative.dev/caching: 9df7bb7 → ce26e92
- knative.dev/control-protocol: f18dbde → 3e2f878
- knative.dev/hack: 8d1e4cc → 3fdc50b
- knative.dev/networking: e51df7c → 58f3e62
- knative.dev/pkg: 4a03844 → 714b763
- knative.dev/reconciler-test: 177f826 → 090970c
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
- sigs.k8s.io/json: 9f7c6b3 → f223a00
- sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3
- github.com/Azure/go-ansiterm: d185dfc
- github.com/blang/semver: v3.5.1+incompatible
- github.com/certifi/gocertifi: 2c3bb06
- github.com/cockroachdb/errors: v1.2.4
- github.com/cockroachdb/logtags: eb05cc2
- github.com/coreos/go-oidc: v2.1.0+incompatible
- github.com/emicklei/go-restful: v2.9.5+incompatible
- github.com/getsentry/raven-go: v0.2.0
- github.com/go-logr/zapr: v1.2.0
- github.com/google/cel-spec: v0.6.0
- github.com/moby/term: 9d4ed18
- github.com/pquerna/cachecontrol: 0dec1b3
- go.opentelemetry.io/otel/oteltest: v0.20.0
- gopkg.in/square/go-jose.v2: v2.2.2