Skip to content

Releases: knative/eventing

v1.14.1

07 May 13:02
3ac9df6
Compare
Choose a tag to compare

knative/[email protected]

Changes by Kind

Bug or Regression

  • Reduce the scope for the Config validation webhook to only the knative-eventing namespace. (#7792, @pierDipi)

Uncategorized

  • Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 (#7750, @matzew)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType Autocreate is now a non blocking operation (#7709, @Cali0707)
  • EventTypes are now autocreated on Triggers and Subscriptions when there is a reply event sent to them (#7733, @Cali0707)
  • Feature: Added the ability for users to configure nodeSelector when deploying apiserversource , Users can now configure nodeSelector via config-features by adding key-value pair in the format apiserversources.nodeselector.: (#7584, @sadath-12)
  • Merge keys, which were associated with an older version of YAML (1.1), are no longer officially supported in YAML according to its specifications. YAML version 1.2, the current standard, does not include support for merge keys, rendering them obsolete. (#7662, @converge)
  • StatefulSet scheduling now makes fewer API server requests, reducing APIServer load. (#7651, @Cali0707)
  • Using 2.15.2 of Go-sdk for CloudEvents (#7747, @matzew)

v1.13.4

30 Apr 12:54
1b8b450
Compare
Choose a tag to compare

Changes by Kind

New Features

  • PingSource schedule supports optional seconds field (#7394, @SiBell)
  • Trust-manager integration (#7532, @pierDipi)
  • Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
  • Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
  • Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
  • Introduce EventTypes v1beta3 version (#7304, @matzew)
  • EventType V1Beta2 deprecation (#7454, @matzew)
  • Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
  • Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
  • Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
  • Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

  • PingSource TLS & OIDC test (#7416, @Leo6Leo)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType v1beta1 deprecation (#7453 and #7303, @matzew)
  • Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
  • Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
  • Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
  • InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
  • Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
  • Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
  • When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.14.0

23 Apr 22:57
e23ebab
Compare
Choose a tag to compare

knative/[email protected]

Changes by Kind

Bug or Regression

  • Reduce the scope for the Config validation webhook to only the knative-eventing namespace. (#7792, @pierDipi)

Uncategorized

  • Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 (#7750, @matzew)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType Autocreate is now a non blocking operation (#7709, @Cali0707)
  • EventTypes are now autocreated on Triggers and Subscriptions when there is a reply event sent to them (#7733, @Cali0707)
  • Feature: Added the ability for users to configure nodeSelector when deploying apiserversource , Users can now configure nodeSelector via config-features by adding key-value pair in the format apiserversources.nodeselector.: (#7584, @sadath-12)
  • Merge keys, which were associated with an older version of YAML (1.1), are no longer officially supported in YAML according to its specifications. YAML version 1.2, the current standard, does not include support for merge keys, rendering them obsolete. (#7662, @converge)
  • StatefulSet scheduling now makes fewer API server requests, reducing APIServer load. (#7651, @Cali0707)
  • Using 2.15.2 of Go-sdk for CloudEvents (#7747, @matzew)

v1.12.6

12 Mar 12:24
9f1d327
Compare
Choose a tag to compare

Changes by Kind

New Features

  • The filters field in Triggers is now beta and enabled by default
    • New Event Filters are now only created once, rather than on each event (#7213, @Cali0707)
    • The Any filter now dynamically optimizes the order of nested filters for optimal performance. (#7205, @Cali0707)
    • The all filter now dynamically optimizes its ordering to improve performance (#7300, @Cali0707)
    • The exact filter now uses less memory and is faster! (#7311, @Cali0707)
    • The prefix filter just got a whole lot faster! (#7309, @Cali0707)
    • The suffix filter is now faster! (#7312, @Cali0707)
  • OIDC authentication feature
    • Add Audience field in CRDs (#7244, @xiangpingjiang)
    • Expose OIDC audience of a Broker in its status (#7237, @creydr)
    • Expose OIDC audience of an InMemoryChannel in its status (#7371, @creydr)
    • Expose the APIServerSource OIDC service account name in the APIServerSource .status.auth.serviceAccountName (#7330, @Leo6Leo)
    • Expose the PingSource OIDC service account name in the PingSource .status.auth.serviceAccountName (#7344, @Leo6Leo)
    • Expose the SinkBinding OIDC service account name in the SinkBinding .status.auth.serviceAccountName (#7327, @rahulii)
    • Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName (#7338, @xiangpingjiang)
    • Expose the Triggers OIDC service account name in the Triggers .status.auth.serviceAccountName (#7299, @creydr)
    • Mt-broker-ingress: verify the audience of the received JWT if OIDC authentication is enabled (#7336, @creydr)
    • OIDC tokens are now cached to improve performance. (#7335, @Cali0707)
  • It is now possible to specify a subset of features in config-features without overriding default values (#7379, @pierDipi)
  • PingSource schedule supports optional seconds field

Bug Fixes

  • Fix unique name generator for auto-created EventType (#7160, @dsimansk)
  • Correctly handle networking errors when ApiServerSource adapter can't retrieve resources when starts. (#7279, @pierDipi)
  • Event Types are now only created once when using a MTChannelBasedBroker. (#7161, @Cali0707)
  • Set cluster domain suffix in TLS records correctly. (#7145, @creydr)
  • 🐛 Memory leak in the not filter was fixed. (#7310, @Cali0707)
  • 🐛 The filters field now only overrides the filter field on a trigger if there are filters in the filters field. (#7286, @Cali0707)
  • Fixed bug where eventtypes for builtin sources were created and deleted in a loop (#7245, @Cali0707)
  • Fix of the rule aggregation of the knative-eventing-namespaced-edit role to only give view permissions on knative eventing resources. (#7124, @creydr)
  • Update go x/net dependency to help mitigate CVE-2023-44487 (#7348, @Cali0707)

v1.13.3

05 Mar 12:48
b5528fc
Compare
Choose a tag to compare

Changes by Kind

New Features

  • PingSource schedule supports optional seconds field (#7394, @SiBell)
  • Trust-manager integration (#7532, @pierDipi)
  • Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
  • Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
  • Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
  • Introduce EventTypes v1beta3 version (#7304, @matzew)
  • EventType V1Beta2 deprecation (#7454, @matzew)
  • Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
  • Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
  • Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
  • Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

  • PingSource TLS & OIDC test (#7416, @Leo6Leo)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType v1beta1 deprecation (#7453 and #7303, @matzew)
  • Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
  • Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
  • Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
  • InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
  • Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
  • Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
  • When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.13.2

27 Feb 12:55
4063781
Compare
Choose a tag to compare

Changes by Kind

New Features

  • PingSource schedule supports optional seconds field (#7394, @SiBell)
  • Trust-manager integration (#7532, @pierDipi)
  • Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
  • Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
  • Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
  • Introduce EventTypes v1beta3 version (#7304, @matzew)
  • EventType V1Beta2 deprecation (#7454, @matzew)
  • Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
  • Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
  • Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
  • Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

  • PingSource TLS & OIDC test (#7416, @Leo6Leo)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType v1beta1 deprecation (#7453 and #7303, @matzew)
  • Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
  • Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
  • Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
  • InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
  • Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
  • Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
  • When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.12.5

20 Feb 12:23
048d3b1
Compare
Choose a tag to compare

Changes by Kind

New Features

  • The filters field in Triggers is now beta and enabled by default
    • New Event Filters are now only created once, rather than on each event (#7213, @Cali0707)
    • The Any filter now dynamically optimizes the order of nested filters for optimal performance. (#7205, @Cali0707)
    • The all filter now dynamically optimizes its ordering to improve performance (#7300, @Cali0707)
    • The exact filter now uses less memory and is faster! (#7311, @Cali0707)
    • The prefix filter just got a whole lot faster! (#7309, @Cali0707)
    • The suffix filter is now faster! (#7312, @Cali0707)
  • OIDC authentication feature
    • Add Audience field in CRDs (#7244, @xiangpingjiang)
    • Expose OIDC audience of a Broker in its status (#7237, @creydr)
    • Expose OIDC audience of an InMemoryChannel in its status (#7371, @creydr)
    • Expose the APIServerSource OIDC service account name in the APIServerSource .status.auth.serviceAccountName (#7330, @Leo6Leo)
    • Expose the PingSource OIDC service account name in the PingSource .status.auth.serviceAccountName (#7344, @Leo6Leo)
    • Expose the SinkBinding OIDC service account name in the SinkBinding .status.auth.serviceAccountName (#7327, @rahulii)
    • Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName (#7338, @xiangpingjiang)
    • Expose the Triggers OIDC service account name in the Triggers .status.auth.serviceAccountName (#7299, @creydr)
    • Mt-broker-ingress: verify the audience of the received JWT if OIDC authentication is enabled (#7336, @creydr)
    • OIDC tokens are now cached to improve performance. (#7335, @Cali0707)
  • It is now possible to specify a subset of features in config-features without overriding default values (#7379, @pierDipi)
  • PingSource schedule supports optional seconds field

Bug Fixes

  • Fix unique name generator for auto-created EventType (#7160, @dsimansk)
  • Correctly handle networking errors when ApiServerSource adapter can't retrieve resources when starts. (#7279, @pierDipi)
  • Event Types are now only created once when using a MTChannelBasedBroker. (#7161, @Cali0707)
  • Set cluster domain suffix in TLS records correctly. (#7145, @creydr)
  • 🐛 Memory leak in the not filter was fixed. (#7310, @Cali0707)
  • 🐛 The filters field now only overrides the filter field on a trigger if there are filters in the filters field. (#7286, @Cali0707)
  • Fixed bug where eventtypes for builtin sources were created and deleted in a loop (#7245, @Cali0707)
  • Fix of the rule aggregation of the knative-eventing-namespaced-edit role to only give view permissions on knative eventing resources. (#7124, @creydr)
  • Update go x/net dependency to help mitigate CVE-2023-44487 (#7348, @Cali0707)

v1.13.1

30 Jan 12:46
2e6742c
Compare
Choose a tag to compare

Changes by Kind

New Features

  • PingSource schedule supports optional seconds field (#7394, @SiBell)
  • Trust-manager integration (#7532, @pierDipi)
  • Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
  • Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
  • Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
  • Introduce EventTypes v1beta3 version (#7304, @matzew)
  • EventType V1Beta2 deprecation (#7454, @matzew)
  • Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
  • Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
  • Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
  • Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

  • PingSource TLS & OIDC test (#7416, @Leo6Leo)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType v1beta1 deprecation (#7453 and #7303, @matzew)
  • Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
  • Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
  • Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
  • InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
  • Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
  • Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
  • When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)

v1.11.11

30 Jan 11:49
219ae96
Compare
Choose a tag to compare

Changes

  • Updated mtping TLS cert test to bind to free port (#7036, @Cali0707)
  • Add TLS support for mt-broker-filter (#6940, @creydr)
  • Adding v1beta2 version for EventType and type conversion (#6903, @matzew)
  • ApiServerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6956, @pierDipi)
  • ContainerSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6957, @vishal-chdhry)
  • Even Type auto-create feature:
    • Based on CloudEvents processed in an inmemorychannel corresponding EventType resources are created in the namespace (#7089, @Cali0707)
    • Feature flag to enable: eventtype-auto-create in configmap/config-features
    • Based on CloudEvents processed in a broker corresponding EventType resources are created in the namespace (#7034, @dsimansk)
  • EventType v1b2 on sources duck controller/reconciler used (#6962, @matzew)
  • EventType v1beta2 usage on the reconciler (#6949, @matzew)
  • Do not parse flags in InitializeEventingFlags (#6966, @mgencur)
  • PingSource supports sending events to TLS endpoints, minimum TLS version is v1.2 (#6965, @pierDipi)
  • Source duck compliant source now create EventTypes for KResources, not just brokers (#7032, @matzew)
  • The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6897, @vishal-chdhry)
  • The ApiServerSource controller now sets the K_CA_CERTS environment variable when creating the adapter and the sink has CACerts defined. (#6920, @vishal-chdhry)
  • The BROKER field of the EventType is deprecated, and is replaced by a KRef reference, pointing to the broker. In the future Knative will be able to support other addressables with EventType, instead of just a broker (#6870, @matzew)
  • The EventType CRD can now point to other resources, like channels or sinks (#7023, @matzew)
  • imc-dispatcher supports an https endpoint for receiving events. The channel is deduced from the path. (#6954, @gab-satchi)

Full Changelog: knative-v1.10.0...knative-v1.11.0

v1.13.0

23 Jan 13:58
fd95228
Compare
Choose a tag to compare

Changes by Kind

New Features

  • PingSource schedule supports optional seconds field (#7394, @SiBell)
  • Trust-manager integration (#7532, @pierDipi)
  • Allow configuring whether to allow cross namespaces Brokers configuration using the config-br-defaults ConfigMap. (#7455, @pierDipi)
  • Expose the Sequence OIDC service account name in the Sequence .status.auth.serviceAccountName (#7361, @rahulii)
  • Use RFC-3339 compliant string encodings in filters for attributes of type time. (#7466, @Cali0707)
  • Introduce EventTypes v1beta3 version (#7304, @matzew)
  • EventType V1Beta2 deprecation (#7454, @matzew)
  • Provide OIDC token in SinkBinding under /oidc/token path. (#7444, @creydr)
  • Channel dispatcher authenticates requests with OIDC (#7445, @Cali0707)
  • Authenticate Requests from ApiServerSource (#7452, @Leo6Leo)
  • Use underlying input channels audience as sequence audience (#7387, @md-saif-husain)

Misc

  • PingSource TLS & OIDC test (#7416, @Leo6Leo)
  • Enable storage of EventType v1beta2 instead of v1beta1 (#7594, @dsimansk)
  • EventType v1beta1 deprecation (#7453 and #7303, @matzew)
  • Add Prerequisite for e2e test to check if OIDC authentication is enabled (#7609, @creydr)
  • Fix mt-broker-ingress watch Broker (#7499, @xiangpingjiang)
  • Refactor the AuthStatus Logic (#7417, @xiangpingjiang)
  • InMemoryChannel send a 202 response only after successfully delivering the event to all subscribers (#7415, @Cali0707)
  • Under OIDC mode, all the outgoing event request will be appended with JWT Authorization header (#7452, @Leo6Leo)
  • Use kmeta.ChildName() to generate OIDC service account name (#7521, @xiangpingjiang)
  • When running hack/install.sh, all the related testing environments will be set up as well. (#7418, @Leo6Leo)