Releases: knative/serving
Releases · knative/serving
v1.9.4
v1.10.2
v1.10.1
v1.10.0
Changes since v1.9
Note: some container image registries support only TLS v1.2 (quay.io) so we reverted the change min TLS 1.3 change in v1.10.1 and made it configurable
🚨 Breaking or Notable
- Container-freezer has been sunset in Knative v1.10. (#13830, @psschwei)
- Controller uses TLS 1.3 as the minimum version when communicating with image registries for tag to digest resolution (#13886, @izabelacg)
💫 New Features & Changes
- Adds support for downwardAPI sources in projected volumes on Knative Services (#13896, @KauzClay)
- Controllers now have liveness and readiness probes (#13563, @skonto)
- With enabling internal-encryption, activator pods needed to be restarted when certificates are updated. The restart is not necessary anymore. (#13854, @nak3)
- ImagePullSecrets with references to unknown service accounts won't error out anymore but fail silently like Kubernetes. (#13701, @Bisht13)
🐞Bug Fixes
- Fixes issue where certificates would not get renewed when using auto-tls. (#13666, @KauzClay)
- Fix queue proxy not draining connections on shutdown (#13815, @dprotaso)
Dependencies
Added
- cloud.google.com/go/asset: v1.5.0
- cloud.google.com/go/iam: v0.3.0
- cloud.google.com/go/security: v1.5.0
- github.com/Azure/go-ansiterm: d185dfc
- github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.13.6
- github.com/buger/jsonparser: v1.1.1
- github.com/flowstack/go-jsonschema: v0.1.1
- github.com/googleapis/enterprise-certificate-proxy: v0.1.0
- github.com/googleapis/go-type-adapters: v1.0.0
- github.com/moby/term: 9d4ed18
- github.com/morikuni/aec: v1.0.0
Changed
- cloud.google.com/go/compute: v1.5.0 → v1.10.0
- cloud.google.com/go/pubsub: v1.5.0 → v1.3.1
- cloud.google.com/go/storage: v1.18.2 → v1.22.1
- cloud.google.com/go: v0.100.2 → v0.102.1
- github.com/Azure/azure-sdk-for-go: v62.0.0+incompatible → v67.0.0+incompatible
- github.com/Azure/go-autorest/autorest/adal: v0.9.20 → v0.9.21
- github.com/Azure/go-autorest/autorest/azure/cli: v0.4.5 → v0.4.6
- github.com/Azure/go-autorest/autorest: v0.11.27 → v0.11.28
- github.com/BurntSushi/toml: v0.4.1 → v0.3.1
- github.com/Microsoft/go-winio: v0.5.2 → v0.6.0
- github.com/aws/aws-sdk-go-v2/config: v1.14.0 → v1.17.8
- github.com/aws/aws-sdk-go-v2/credentials: v1.9.0 → v1.12.21
- github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.11.0 → v1.12.17
- github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.5 → v1.1.23
- github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.3.0 → v2.4.17
- github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.6 → v1.3.24
- github.com/aws/aws-sdk-go-v2/service/ecr: v1.15.0 → v1.17.18
- github.com/aws/aws-sdk-go-v2/service/ecrpublic: v1.12.0 → v1.13.17
- github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.8.0 → v1.9.17
- github.com/aws/aws-sdk-go-v2/service/sso: v1.10.0 → v1.11.23
- github.com/aws/aws-sdk-go-v2/service/sts: v1.15.0 → v1.16.19
- github.com/aws/aws-sdk-go-v2: v1.14.0 → v1.16.16
- github.com/aws/smithy-go: v1.11.0 → v1.13.3
- github.com/awslabs/amazon-ecr-credential-helper/ecr-login: 396b203 → a250ad2
- github.com/chrismellard/docker-credential-acr-env: fe33c00 → e883f69
- github.com/containerd/stargz-snapshotter/estargz: v0.11.1 → v0.12.1
- github.com/cpuguy83/go-md2man/v2: v2.0.1 → v2.0.2
- github.com/danieljoos/wincred: v1.1.0 → v1.1.2
- github.com/docker/cli: v20.10.12+incompatible → v20.10.20+incompatible
- github.com/docker/distribution: v2.8.0+incompatible → v2.8.1+incompatible
- github.com/docker/docker-credential-helpers: v0.6.4 → v0.7.0
- github.com/docker/docker: v20.10.12+incompatible → v20.10.20+incompatible
- github.com/docker/go-units: v0.4.0 → v0.5.0
- github.com/emicklei/go-restful/v3: v3.8.0 → v3.9.0
- github.com/fsnotify/fsnotify: v1.5.1 → v1.4.9
- github.com/getkin/kin-openapi: v0.76.0 → v0.61.0
- github.com/go-openapi/jsonreference: v0.19.5 → v0.20.0
- github.com/go-openapi/swag: v0.19.15 → v0.22.3
- github.com/golang-jwt/jwt/v4: v4.3.0 → v4.4.2
- github.com/golangci/lint-1: 297bf36 → d2cdd8c
- github.com/google/gnostic: v0.5.7-v3refs → v0.6.9
- github.com/google/go-cmp: v0.5.8 → v0.5.9
- github.com/google/go-containerregistry/pkg/authn/k8schain: 570ba6c → 3624968
- github.com/google/go-containerregistry/pkg/authn/kubernetes: 892d7a8 → 3624968
- github.com/google/go-containerregistry: 892d7a8 → v0.13.0
- github.com/googleapis/gax-go/v2: v2.1.1 → v2.4.0
- github.com/gregjones/httpcache: 901d907 → 9cad4c3
- github.com/inconshreveable/mousetrap: v1.0.0 → v1.0.1
- github.com/kisielk/errcheck: v1.6.0 → v1.5.0
- github.com/klauspost/compress: v1.14.4 → v1.15.11
- github.com/magiconair/properties: v1.8.5 → v1.8.4
- github.com/mattn/go-colorable: v0.1.11 → v0.1.8
- github.com/mattn/go-isatty: v0.0.14 → v0.0.12
- github.com/mitchellh/mapstructure: v1.4.2 → v1.4.1
- github.com/opencontainers/image-spec: 8b9d41f → v1.1.0-rc2
- github.com/pelletier/go-toml: v1.9.4 → v1.8.1
- github.com/rogpeppe/go-internal: v1.6.2 → v1.3.0
- github.com/sirupsen/logrus: v1.8.1 → v1.9.0
- github.com/spf13/afero: v1.6.0 → v1.4.1
- github.com/spf13/cast: v1.4.1 → v1.3.1
- github.com/spf13/cobra: v1.4.0 → v1.6.0
- github.com/spf13/viper:...
Contributors
dprotaso, nak3, and 5 other contributors
Assets 11
v1.9.3
Contributors
dprotaso
Assets 11
Knative Serving release v1.8.6
Contributors
dprotaso
Assets 8
v1.9.2
Changes since 1.9.1
Rebuilt with go1.19.6 to address CVEs
🚨 Notable
- Min K8s Version is v1.24+ - see our release schedule for EOL dates
v1.8.5
Changes since 1.8.4
Rebuilt with go1.19.6 to address CVEs
v1.9.1
Changes since 1.9.0
Bumped dependencies to address CVEs
- https://pkg.go.dev/vuln/GO-2023-1571
- https://pkg.go.dev/vuln/GO-2023-1495
- https://pkg.go.dev/vuln/GO-2022-1144
🚨 Notable
- Min K8s Version is v1.24+ - see our release schedule for EOL dates
v1.8.4
tags: Release Notes Serving
Changes since 1.8.3
Bumped dependencies to address CVEs
- https://pkg.go.dev/vuln/GO-2023-1571
- https://pkg.go.dev/vuln/GO-2023-1495
- https://pkg.go.dev/vuln/GO-2022-1144
Changes since 1.8.2
- Rebuilt with go1.19.4 - see CVE details https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU
Changes since 1.8.1
Changes since 1.8.0
- Upgrade HPA webhook to autoscaling/v2 API version (#13411, @psschwei)
- We reverted #13376 - Setting
SeccompProfiletoRunTimeDefaulton the queue-proxy sidecar. This seems to break older OpenShift versions and GKE workloads running on gVisor. We will make this option configurable in the future.- See gVisor/GKE issue (google/gvisor#8248, https://issuetracker.google.com/issues/260968397) to allow this value
- Scaling to zero now works when target-burst-capacity is zero. (#13503, @dprotaso)
- Fix a nil pointer panic in the queue proxy when draining (knative/pkg#2645, @dprotaso)
Changelog since 1.7
🚨 Breaking or Notable
- Uses the cluster domain suffix
svc.cluster.localas the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei) - Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
- Services may now set
seccompProfilein SecurityContext to allow users to comply with therestrictedPod Security Standards best-practice (#13401, @evankanderson) - Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
- Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)
💫 New Features & Changes
- Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
- EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
- Save data from perf tests to create a dashboard. (#13192, @nader-ziada)
Bug or Regression
- Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
- ConfigMap config-defaults property
revision-response-start-timeout-secondsnow defaults torevision-timeout-seconds. This should unblock upgrades who setrevision-timeout-secondslower than the default value of 300 (#13255, @dprotaso) - Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)
Dependencies
Added
- github.com/armon/go-socks5: e753329
- github.com/cyberdelia/templates: ca7fffd
- github.com/deepmap/oapi-codegen: v1.8.2
- github.com/emicklei/go-restful/v3: v3.8.0
- github.com/go-chi/chi/v5: v5.0.0
- github.com/google/gnostic: v0.5.7-v3refs
- github.com/influxdata/influxdb-client-go/v2: v2.9.0
- github.com/influxdata/line-protocol: 2487e72
- github.com/labstack/echo/v4: v4.2.1
- github.com/labstack/gommon: v0.3.0
- github.com/matryer/moq: 6cfb055
- github.com/onsi/ginkgo/v2: v2.1.6
- github.com/valyala/fasttemplate: v1.2.1
Changed
- github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
- github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
- github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
- github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
- github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
- github.com/cockroachdb/datadriven: bf6692d → 80d97fb
- github.com/creack/pty: v1.1.11 → v1.1.9
- github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
- github.com/go-logr/logr: v1.2.2 → v1.2.3
- github.com/google/cel-go: v0.9.0 → v0.12.5
- github.com/google/go-cmp: v0.5.7 → v0.5.8
- github.com/onsi/gomega: v1.16.0 → v1.20.1
- github.com/prometheus/client_golang: v1.11.1 → v1.12.1
- github.com/spf13/cobra: v1.3.0 → v1.4.0
- github.com/stretchr/testify: v1.7.0 → v1.8.0
- github.com/yuin/goldmark: v1.4.1 → v1.4.13
- go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
- go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
- go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
- golang.org/x/crypto: 8634188 → 3147a52
- golang.org/x/mod: v0.5.1 → 86c51ed
- golang.org/x/net: 27dd868 → a158d28
- golang.org/x/sys: 4e6760a → 8c9f86f
- golang.org/x/tools: v0.1.9 → v0.1.12
- google.golang.org/genproto: 1ac2ace → c8bf987
- google.golang.org/grpc: v1.44.0 → v1.47.0
- google.golang.org/protobuf: v1.27.1 → v1.28.0
- k8s.io/api: v0.23.9 → v0.25.2
- k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
- k8s.io/apimachinery: v0.23.9 → v0.25.2
- k8s.io/apiserver: v0.23.9 → v0.25.2
- k8s.io/client-go: v0.23.9 → v0.25.2
- k8s.io/code-generator: v0.23.9 → v0.25.2
- k8s.io/component-base: v0.23.9 → v0.25.2
- k8s.io/kube-openapi: 4241196 → 67bda5d
- k8s.io/utils: 3a6ce19 → ee6ede2
- knative.dev/caching: 9df7bb7 → ce26e92
- knative.dev/control-protocol: f18dbde → 3e2f878
- knative.dev/hack: 8d1e4cc → 3fdc50b
- knative.dev/networking: e51df7c → 58f3e62
- knative.dev/pkg: 4a03844 → 714b763
- knative.dev/reconciler-test: 177f826 → 090970c
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
- sigs.k8s.io/json: 9f7c6b3 → f223a00
- sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3
Removed
- github.com/Azure/go-ansiterm: d185dfc
- github.com/blang/semver: v3.5.1+incompatible
- github.com/certifi/gocertifi: 2c3bb06
- github.com/cockroachdb/errors: v1.2.4
- github.com/cockroachdb/logtags: eb05cc2
- github.com/coreos/go-oidc: v2.1.0+incompatible
- github.com/emicklei/go-restful: v2.9.5+incompatible
- github.com/getsentry/raven-go: v0.2.0
- github.com/go-logr/zapr: v1.2.0
- github.com/google/cel-spec: v0.6.0
- github.com/moby/term: 9d4ed18
- github.com/pquerna/cachecontrol: 0dec1b3
- go.opentelemetry.io/otel/oteltest: v0.20.0
- gopkg.in/square/go-jose.v2: v2.2.2
Contributors
dprotaso, mattmoor, and 3 other contributors