25.12.0
ESS Community Helm Chart 25.12.0 (2025-12-04)
Removed / Breaking Changes
-
Remove
imagePullSecretsin favour ofimage.pullSecrets.As of 25.10.1
imagePullSecretswas deprecated in favour ofimage.pullSecrets.
It has now been removed and attempting to useimagePullSecretswill trigger a schema
validation error. (#901) -
Remove the ability to set
rtc.{use_external_ip,node_ip}viamatrixRTC.sfu.additionalin favour ofmatrixRTC.sfu.{useStunToDiscoverPublicIP,manualIP}.As of 25.9.1
matrixRTC.sfu.{useStunToDiscoverPublicIP,manualIP}were introduced to provide direct values for these settings. Attempting to set
these viamatrixRTC.sfu.additionalwill result in your values being ignored. (#901)
Changed
-
Upgrade Element Web to v1.12.6.
Highlights:
- Remove mentions from forwarded messages.
- Improve aria attributes on the emoji picker.
- Support using Element Call for voice calls in DMs.
Full Changelogs:
-
Remove hard-coded
podAntiAffinityforDeploymentsthat had setreplicas > 2. (#867) -
Support
topologySpreadConstraintson all workloads, not just select ones. (#867) -
Set a soft, default
topologySpreadConstraintsfor all workloads.The can be removed by setting
topologySpreadConstraintsto[]at the top-level or
overridden on a per-component basis by setting that component'stopologySpreadConstraints. (#867) -
Unify management of
StatefulSet.specalong withDeployment.spec. (#872) -
Upgrade Synapse to v1.143.0.
Highlights:
- Update MSC4140 delayed event support, for separate endpoints.
Full Changelogs:
(#876)
-
Upgrade Matrix Authentication Service to v1.7.0.
Highlights:
- Interactively help users choosing a username.
Full Changelogs:
(#878)
-
Change Element Web and MatrixRTC SFU
Ingressesto targetServiceport names rather than numbers. (#879) -
Harmonise the hook weights and reduce the number of distinct hook weight values.
This should speed up installs and upgrades as now there are only 2 distinct pre-install/pre-upgrade hook weights. (#880)
-
Better handle the only worker-capable delayed-events endpoint. (#889)
-
Remove explicit configuration of HAProxy
maxconnat the global and backend level.This improves the compatibility with microk8s clusters that don't raise
ulimitsby default. (#890) -
Upgrade Element Admin to v0.1.9.
Highlights:
- Integration with the ESS Pro Adminbot
Full Changelogs:
(#900)
-
Listen for HAProxy traffic over IPv6. (#905)
-
Change
ipFamilyPolicytoPreferDualStackfor all services to expose them over dual-stack where possible. (#907) -
Change Matrix Authentication Service deployment
maxSurgeto 0.We have seen migrations race conditions happening during Matrix Authentication Service pods
rollout. This setsmaxSurgeto 0 to try to make sure only 1 pod at a time runs the
migration process. (#910, #914)
Fixed
- Change Postgres
emptyDirsto be memory backed. (#894) - Ensure Postgres is fully setup before marking as available or live. (#897)
- Fix Matrix Authentication Service secrets config generation so private keys coming from an external secret are correctly referenced. (#908)
Internal
- CI: switch from kind to k3d for integration tests. (#871)
- CI: simplify manifest test setup now that we care less about which deployables are in-use for a given values file. (#877)
- CI: add tests covering the weights and phases of Helm hooks. (#880, #884)
- Document why we don't use
passfilefor Synapse & MAS' Postgres configuration. (#881) - CI: Don't add New Vector Ltd copyright to new ci values files. (#882)
- CI: add concurrency limit per branch to prevent too many concurrent jobs. (#883)
- CI: validate that all
emptyDirsare memory backed. (#894) - CI: Make sure
init-secretsjob is not created when no secrets needs to be generated. (#896) - CI: Enhance manifests caching in manifests pytest runs. (#899)
- CI: Make cached manifests immutable to avoid issues where they might be mutated during test runs, causing races. (#899)
- CI: stop flakes in
test_pods_monitored. (#902) - CI: fix image verifications step failing on PRs on forks. (#909)
- CI: adjust expected status codes to retry on the upgrade integration tests. (#913)