Skip to content

Releases: knative/serving

v1.22.1

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 02 Jun 12:06
3bd82a6

What's Changed

  • [release-1.22] Upgrade to latest dependencies by @knative-automation in #16627
    • bumping knative.dev/networking e9578ef...c8de379:

      c8de379 Fix idle connection leak in prober (# 1142)

    • bumping knative.dev/pkg ec45287...52dbd5e:

      52dbd5e Limit the webhook request body size to 3MiB (# 3363)
      2279959 Fix memory leak in expired matchers (# 3360)

Full Changelog: knative-v1.22.0...knative-v1.22.1

v1.21.3

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 02 Jun 12:06
e803750

What's Changed

  • [release-1.21] Fix non-constant format string error by @knative-prow-robot in #16621
  • [release-1.21] Upgrade to latest dependencies by @knative-automation in #16628
    • bumping knative.dev/pkg 18c5d58...011b23b:

      011b23b Limit the webhook request body size to 3MiB (# 3364)
      9b08ba8 fix compilation (# 3361)
      39109c9 Fix memory leak in expired matchers (# 3359)

    • bumping knative.dev/networking a7cdca2...ea8c792:

      ea8c792 Fix idle connection leak in prober (# 1141)

    • bumping knative.dev/hack bf6758c...c985ed3:

      c985ed3 [release-1.21] Add env var to pass extra flag to license check (# 471)
      e37ec67 Bump go-licenses to v2.0.1 release (# 468)

Full Changelog: knative-v1.21.2...knative-v1.21.3

v1.22.0

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 28 Apr 22:48
370ad5a

✨ Features / Enhancements

  • Allow custom ports for the primary container's livenessProbe by @Fedosin - #16572
  • add an annotation to the kingress mapping tags to hostnames by @dprotaso - #16455
  • only update the deployment if desired labels, annotations or spec changes by @dprotaso - #16554

🔐 Security / TLS / Reliability

  • queue-proxy pod statistics security by @sonikaarora - #16366
  • feat: use knative.dev/pkg/tls for reconciler TLS configuration by @Fedosin - #16431
  • feat: use knative.dev/pkg/tls for activator TLS configuration by @Fedosin - #16424
  • feat: use knative.dev/pkg/tls for queue-proxy TLS configuration by @Fedosin - #16425
  • Update TLS import path to knative.dev/pkg/network/tls by @Fedosin - #16458
  • Shutdown Websocket Connections Gracefully in the queue-proxy by @dprotaso - #16362
  • Fix EnsureCleanup to properly skip clean up when requested by @dprotaso - #16372

📊 Metrics / Observability

🌐 Networking / EndpointSlices / Scaling

  • Migrate autoscaler stat forwarder to use EndpointSlices by @dprotaso - #16448
  • Switch e2e testing assertions to use EndpointSlices by @dprotaso - #16454
  • Add endpointslices/restricted permission to ClusterRole by @linkvt - #16465
  • use the /scale subresource to when updating replica count by @dprotaso - #16540

⚙️ Performance / Stability / Testing

🧪 CI / Build / Tooling

🐛 Bug Fixes

📚 Docs / Cleanup

👥 New Contributors

v1.21.2

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 24 Mar 11:28
4d92745

🚨 Breaking or Notable Changes

Secure Pod Defaults (#16042, @nader-ziada)

We've introduce secure-pod-defaults in an earlier release and included a new setting AllowRootBounded in v1.20 that offers a better security posture for your workloads but balances the compatibility with images that require/expect you to run as root.

For 1.21 release the secure-pod-defaults default will remain disabled but in a future release (most likely v1.22) we will switch this default to AllowRootBounded.

If you're unsure whether your workloads will support this new setting you should explicitly set this option to disabled prior to upgrading to v1.22.

For more information see the documentation and reach out if you foresee issues in your testing.

What's Changed

  • [release-1.21] feat: use knative.dev/pkg/network/tls for configurable TLS by @Fedosin in #16482

Full Changelog: knative-v1.21.1...knative-v1.21.2

v1.21.1

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 24 Feb 11:30
69aa052

v1.21.1

🚨 Breaking or Notable Changes

Secure Pod Defaults (#16042, @nader-ziada)

We've introduce secure-pod-defaults in an earlier release and included a new setting AllowRootBounded in v1.20 that offers a better security posture for your workloads but balances the compatibility with images that require/expect you to run as root.

For 1.21 release the secure-pod-defaults default will remain disabled but in a future release (most likely v1.22) we will switch this default to AllowRootBounded.

If you're unsure whether your workloads will support this new setting you should explicitly set this option to disabled prior to upgrading to v1.22.

For more information see the documentation and reach out if you foresee issues in your testing.

What's Changed

  • [release-1.21] Rebuilt prior release with v1.25.7 in #16408

Full Changelog: knative-v1.21.0...knative-v1.21.1

v1.20.3

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 24 Feb 11:36
1164869

What's Changed

  • [release-1.20] rebuilt prior release with go v1.25.7 in #16407

Full Changelog: knative-v1.20.2...knative-v1.20.3

v1.19.9

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 28 Jan 16:43
ea05a45

v1.19.9

🚨 Breaking or Notable Changes

We've dropped support for OpenCensus (which has been deprecated for a while) in favour of OpenTelemetry. This is a breaking change and details are documented here in the design document. and the website (https://knative.dev/docs/serving/observability/metrics/collecting-metrics/)

What's Changed

Full Changelog: knative-v1.19.8...knative-v1.19.9

v1.21.0

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 27 Jan 11:40
4004491

🚨 Breaking or Notable Changes

Secure Pod Defaults (#16042, @nader-ziada)

We've introduce secure-pod-defaults in an earlier release and included a new setting AllowRootBounded in v1.20 that offers a better security posture for your workloads but balances the compatibility with images that require/expect you to run as root.

For 1.21 release the secure-pod-defaults default will remain disabled but in a future release (most likely v1.22) we will switch this default to AllowRootBounded.

If you're unsure whether your workloads will support this new setting you should explicitly set this option to disabled prior to upgrading to v1.22.

For more information see the documentation and reach out if you foresee issues in your testing.

💫 New Features & Changes

  • You can now set the new feature pod-is-always-schedulable to true in the config-deployment ConfigMap. As a result, Knative will not mark revisions as Unschedulable when a Pod is not scheduled. This makes sense if you want to omit this transient state in clusters that have cluster-autoscaling set up, and you can guarantee that all Pods will be eventually scheduled. (#16146, @SaschaSchwarze0)
  • Activator probe timeout and frequency are now configurable via PROBE_TIMEOUT and PROBE_FREQUENCY environment variables. (#16250, @bindrad)
  • Add terminationGracePeriodSeconds support for user and sidecar container probes (#16255, @flomedja)
  • Added support for OpenTelemetry W3C Trace Context (traceparent header) in request logging, while maintaining backward compatibility with Zipkin B3 format. (#16168, @SomilJain0112)
  • Allow activator to be out of the request path when system-internal-tls is enabled (#16183, @linkvt)
  • Allow adjusting Revision min/max scale annotations (#16186, @dprotaso)
  • Allow unreachable revisions with initialScale > 1 to scale to 0 (#16327, @aviralgarg05)
  • Include two new activator metrics (kn.activator.stats.conn.reachable, kn.activator.stats.conn.errors) that reflect the stats reporter connection status (#16318, @prashanthjos)

🐞Bug Fixes

  • Preserve deployment and template annotations and labels during reconcile (#16199, @linkvt)
  • Fall back to HTTP1 on failed HTTP2 health probes (e.g. on connection error or non-readiness) (#16205, @linkvt)
  • Fix a rare data race in revision backend manager creating revision watchers during shutdown (#16225, @linkvt)
  • Fix flaky HTTPS e2e tests by waiting for HTTPS endpoint to be Ready. (#16230, @linkvt)
  • Fix metric names to match the original design document kn.queueproxy.app.duration becomes kn.serving.invocation.duration and kn.queueproxy.depth becomes kn.serving.queue.depth (#16290, @dprotaso)
  • Fix request log output corruption when using invalid log templates (#16242, @linkvt)
  • Fixed duplicate ACME challenge paths when Services with traffic tags use HTTP-01 challenges for TLS certificates. (#16259, @linkvt)
  • Services can no longer route traffic to revisions belonging to different services; attempting to do so will result in Ready=False with reason RevisionNotOwned. (#16294, @linkvt)
  • Services with invalid networking.knative.dev/* annotations on the revision template now fail immediately with a clear error instead of getting stuck. (#16296, @linkvt)
  • Switch to async metric instrumentation to avoid unbounded memory growth (#16300, @dprotaso)
  • fix sub-second precision metric reporting (#16358, @dprotaso)

New Contributors

Dependencies

Added
  • github.com/CloudyKit/fastprinter: 33d98a0
  • github.com/CloudyKit/jet/v6: v6.2.0
  • github.com/Joker/jade: v1.1.3
  • github.com/RaveNoX/go-jsoncommentstrip: v1.0.0
  • github.com/Shopify/goreferrer: 8cddb4f
  • github.com/andybalholm/brotli: v1.0.5
  • github.com/apapsch/go-jsonmerge/v2: v2.0.0
  • github.com/aymerick/douceur: v0.2.0
  • github.com/bmatcuk/doublestar: v1.1.1
  • github.com/bytedance/sonic: v1.10.0-rc3
  • github.com/chenzhuoyu/base64x: 296ad89
  • github.com/chenzhuoyu/iasm: v0.9.0
  • github.com/fatih/structs: v1.1.0
  • github.com/flosch/pongo2/v4: v4.0.2
  • github.com/gabriel-vasile/mimetype: v1.4.2
  • github.com/gin-contrib/sse: v0.1.0
  • github.com/gin-gonic/gin: v1.9.1
  • github.com/go-playground/locales: v0.14.1
  • github.com/go-playground/universal-translator: v0.18.1
  • github.com/go-playground/validator/v10: v10.14.1
  • github.com/goccy/go-json: v0.10.2
  • github.com/gomarkdown/markdown: 531d2d7
  • github.com/gorilla/css: v1.0.0
  • github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus: v1.0.1
  • github.com/grpc-ecosystem/go-grpc-middleware/v2: v2.3.0
  • github.com/iris-contrib/schema: v0.0.6
  • github.com/juju/gnuflag: 2ce1bb7
  • github.com/kataras/blocks: v0.0.7
  • github.com/kataras/golog: v0.1.9
  • github.com/kataras/iris/v12: v12.2.5
  • github.com/kataras/pio: v0.0.12
  • github.com/kataras/sitemap: v0.0.6
  • github.com/kataras/tunnel: v0.0.4
  • github.com/klauspost/cpuid/v2: v2.2.5
  • github.com/leodido/go-urn: v1.2.4
  • github.com/mailgun/raymond/v2: v2.0.48
  • github.com/microcosm-cc/bluemonday: v1.0.25
  • github.com/oapi-codegen/runtime: v1.0.0
  • github.com/pelletier/go-toml/v2: v2.0.9
  • github.com/schollz/closestmatch: v2.1.0+incompatible
  • github.com/spkg/bom: 59b7046
  • github.com/tdewolff/minify/v2: v2.12.8
  • github.com/tdewolff/parse/v2: v2.6.7
  • github.com/twitchyliquid64/golang-asm: v0.15.1
  • github.com/ugorji/go/codec: v1.2.11
  • github.com/vmihailenco/msgpack/v5: v5.3.5
  • github.com/vmihailenco/tagparser/v2: v2.0.0
  • github.com/yosssi/ace: v0.0.5
  • go.etcd.io/raft/v3: v3.6.0
  • golang.org/x/arch: v0.4.0
  • sigs.k8s.io/structured-merge-diff/v6: v6.3.0
Changed
Read more

v1.20.2

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 27 Jan 11:38
5466148

🚨 Breaking or Notable Changes

Metrics and Tracing

In v1.19 we've dropped support for OpenCensus (which has been deprecated for a while) in favour of OpenTelemetry. This is a breaking change and details are documented here in the design document. and the website (https://knative.dev/docs/serving/observability/metrics/collecting-metrics/)

Secure Pod Defaults (#16042, @nader-ziada)

We've introduce secure-pod-defaults in an earlier release but this release includes a new setting AllowRootBounded that offers a better security posture for your workloads but balances the compatibility with images that require/expect you to run as root.

For v1.20 release the secure-pod-defaults default will remain disabled but in a future release (most likely v1.21) we will switch this default to AllowRootBounded.

If you're unsure whether your workloads will support this new setting you should explicitly set this option to disabled prior to upgrading to v1.21.

What's Changed

Full Changelog: knative-v1.20.1...knative-v1.20.2

v1.20.1

Choose a tag to compare

@knative-prow-releaser-robot knative-prow-releaser-robot released this 25 Dec 05:43
00d08e7

v1.20.1

🚨 Breaking or Notable Changes

Metrics and Tracing

In v1.19 we've dropped support for OpenCensus (which has been deprecated for a while) in favour of OpenTelemetry. This is a breaking change and details are documented here in the design document. and the website (https://knative.dev/docs/serving/observability/metrics/collecting-metrics/)

Secure Pod Defaults (#16042, @nader-ziada)

We've introduce secure-pod-defaults in an earlier release but this release includes a new setting AllowRootBounded that offers a better security posture for your workloads but balances the compatibility with images that require/expect you to run as root.

For v1.20 release the secure-pod-defaults default will remain disabled but in a future release (most likely v1.21) we will switch this default to AllowRootBounded.

If you're unsure whether your workloads will support this new setting you should explicitly set this option to disabled prior to upgrading to v1.21.

What's Changed

Full Changelog: knative-v1.20.0...knative-v1.20.1